cbac 0.6.8 → 0.6.9
Sign up to get free protection for your applications and to get access to all the features.
- data/cbac.gemspec +1 -1
- data/lib/cbac.rb +3 -1
- data/lib/cbac/cbac_pristine/pristine.rb +2 -2
- data/lib/cbac/cbac_pristine/pristine_permission.rb +1 -1
- data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +7 -4
- data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +9 -6
- data/lib/generators/cbac/copy_files/tasks/cbac.rake +1 -1
- data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +3 -3
- data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +2 -2
- data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +2 -2
- data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +2 -2
- data/tasks/cbac.rake +1 -1
- metadata +1 -1
data/cbac.gemspec
CHANGED
data/lib/cbac.rb
CHANGED
@@ -58,7 +58,9 @@ module Cbac
|
|
58
58
|
}
|
59
59
|
|
60
60
|
# Check the context roles Get the permissions
|
61
|
-
privilege_sets.collect
|
61
|
+
privilege_sets.collect do |privilege_set|
|
62
|
+
Cbac::Permission.where(privilege_set_id: privilege_set.id, generic_role_id: 0)
|
63
|
+
end.flatten.each do |permission|
|
62
64
|
puts "Checking for context_role:#{permission.context_role} on privilege_set:#{permission.privilege_set.name}" if Cbac::Config.verbose
|
63
65
|
eval_string = ContextRole.roles[permission.context_role.to_sym]
|
64
66
|
begin
|
@@ -81,12 +81,12 @@ module Cbac
|
|
81
81
|
end
|
82
82
|
|
83
83
|
def delete_generic_known_permissions
|
84
|
-
known_permissions = Cbac::KnownPermission.
|
84
|
+
known_permissions = Cbac::KnownPermission.where(permission_type: Cbac::KnownPermission.PERMISSION_TYPES[:generic])
|
85
85
|
known_permissions.each { |p| p.destroy }
|
86
86
|
end
|
87
87
|
|
88
88
|
def delete_generic_permissions
|
89
|
-
permissions = Cbac::Permission.find(:
|
89
|
+
permissions = Cbac::Permission.find(context_role: nil)
|
90
90
|
# for backwards compatibility, generic_role name was administrators instead of administrator
|
91
91
|
# SMELL: administrator role *only* identified by name
|
92
92
|
(permissions.select { |perm| perm.generic_role.name != "administrator" and perm.generic_role.name != "administrators" }).each { |p| p.destroy }
|
@@ -39,7 +39,7 @@ module Cbac
|
|
39
39
|
yml << pristine_role.name if pristine_role.role_type == PristineRole.ROLE_TYPES[:context]
|
40
40
|
yml << "\n"
|
41
41
|
yml << " generic_role_id: " << pristine_role.role_id.to_s << "\n"
|
42
|
-
yml << " privilege_set_id: <%= Cbac::PrivilegeSetRecord.
|
42
|
+
yml << " privilege_set_id: <%= Cbac::PrivilegeSetRecord.where(name: '#{privilege_set_name}').first.id %>\n"
|
43
43
|
yml << " created_at: " << Time.now.strftime("%Y-%m-%d %H:%M:%S") << "\n"
|
44
44
|
yml << " updated_at: " << Time.now.strftime("%Y-%m-%d %H:%M:%S") << "\n"
|
45
45
|
yml << "\n"
|
@@ -5,15 +5,18 @@ class Cbac::MembershipsController < ApplicationController
|
|
5
5
|
# GET /index
|
6
6
|
# GET /index.xml
|
7
7
|
def index
|
8
|
-
@generic_roles = Cbac::GenericRole.
|
9
|
-
@users = User.
|
8
|
+
@generic_roles = Cbac::GenericRole.all
|
9
|
+
@users = User.all
|
10
10
|
end
|
11
11
|
|
12
12
|
# POST /update
|
13
13
|
def update
|
14
|
-
Cbac::Membership.
|
14
|
+
Cbac::Membership.where(generic_role_id: params[:generic_role_id], user_id: params[:user_id]).each(&:delete)
|
15
15
|
if params[:member].to_s == "1"
|
16
|
-
Cbac::Membership.create
|
16
|
+
Cbac::Membership.create do |membership|
|
17
|
+
membership.generic_role_id = params[:generic_role_id]
|
18
|
+
membership.user_id = params[:user_id]
|
19
|
+
end
|
17
20
|
end
|
18
21
|
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
22
|
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
@@ -10,11 +10,11 @@ class Cbac::PermissionsController < ApplicationController
|
|
10
10
|
|
11
11
|
params[:role_substr].split('|').each do |role_start|
|
12
12
|
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
-
@generic_roles += Cbac::GenericRole.
|
13
|
+
@generic_roles += Cbac::GenericRole.all.select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
14
|
end
|
15
15
|
else
|
16
16
|
@context_roles = ContextRole.roles
|
17
|
-
@generic_roles = Cbac::GenericRole.all
|
17
|
+
@generic_roles = Cbac::GenericRole.all
|
18
18
|
end
|
19
19
|
|
20
20
|
if params[:priv_substr] && params[:priv_substr] != ""
|
@@ -22,7 +22,7 @@ class Cbac::PermissionsController < ApplicationController
|
|
22
22
|
params[:priv_substr].split('|').each do |priv_start|
|
23
23
|
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
24
|
end
|
25
|
-
else
|
25
|
+
else
|
26
26
|
@sets = PrivilegeSet.sets
|
27
27
|
end
|
28
28
|
end
|
@@ -41,7 +41,7 @@ class Cbac::PermissionsController < ApplicationController
|
|
41
41
|
|
42
42
|
# POST /update
|
43
43
|
def update_context_role
|
44
|
-
Cbac::Permission.
|
44
|
+
Cbac::Permission.where(context_role: params[:context_role], privilege_set_id: params[:privilege_set_id]).each(&:delete)
|
45
45
|
if params[:permission].to_s == "1"
|
46
46
|
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
47
|
end
|
@@ -50,9 +50,12 @@ class Cbac::PermissionsController < ApplicationController
|
|
50
50
|
end
|
51
51
|
|
52
52
|
def update_generic_role
|
53
|
-
Cbac::Permission.
|
53
|
+
Cbac::Permission.where(generic_role_id: = params[:generic_role_id], privilege_set_id: = params[:privilege_set_id]).each(&:delete)
|
54
54
|
if params[:permission].to_s == "1"
|
55
|
-
Cbac::Permission.create
|
55
|
+
Cbac::Permission.create do |permission|
|
56
|
+
permission.generic_role_id = params[:generic_role_id]
|
57
|
+
permission.privilege_set_id = params[:privilege_set_id]
|
58
|
+
end
|
56
59
|
end
|
57
60
|
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
61
|
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
@@ -39,7 +39,7 @@
|
|
39
39
|
def dump_permissions_to_yaml_file(permissions)
|
40
40
|
permissions.each do |cp|
|
41
41
|
privilege_set_name = get_privilege_set(:id => cp['privilege_set_id']).name
|
42
|
-
cp['privilege_set_id'] = "<%= Cbac::PrivilegeSetRecord.
|
42
|
+
cp['privilege_set_id'] = "<%= Cbac::PrivilegeSetRecord.where(name: '#{privilege_set_name}').first.id %>"
|
43
43
|
end
|
44
44
|
dump_objects_to_yaml_file(permissions, "permissions")
|
45
45
|
end
|
@@ -7,7 +7,7 @@
|
|
7
7
|
<th class="small"> </th>
|
8
8
|
</tr>
|
9
9
|
|
10
|
-
<% Cbac::GenericRole.
|
10
|
+
<% Cbac::GenericRole.all.each do |role| %>
|
11
11
|
<tr class="row">
|
12
12
|
<% form_for role do |r| %>
|
13
13
|
<td class="medium"><%= r.text_field :name %></td>
|
@@ -48,7 +48,7 @@
|
|
48
48
|
</tr>
|
49
49
|
<tr>
|
50
50
|
<td class="medium">Select role</td>
|
51
|
-
<td class="medium"><%= select_tag "id", Cbac::GenericRole.
|
51
|
+
<td class="medium"><%= select_tag "id", Cbac::GenericRole.all.collect{|role|"<option value='#{role.id}'>#{role.name}</option>"} %>
|
52
52
|
</td>
|
53
53
|
</tr>
|
54
54
|
<tr>
|
@@ -56,4 +56,4 @@
|
|
56
56
|
</tr>
|
57
57
|
<% end %>
|
58
58
|
</table>
|
59
|
-
</div>
|
59
|
+
</div>
|
@@ -6,7 +6,7 @@
|
|
6
6
|
<%= hidden_field_tag "generic_role_id" + update_name, generic_role.id.to_s, :name => "generic_role_id" %>
|
7
7
|
<%= hidden_field_tag "user_id" + update_name, user_id.to_s, :name => "user_id" %>
|
8
8
|
<%= check_box_tag "member" + update_name, "1",
|
9
|
-
(Cbac::Membership.
|
9
|
+
(Cbac::Membership.where(generic_role_id: generic_role.id, user_id: user_id).count > 0),
|
10
10
|
{:onclick => "this.form.onsubmit();", :name => "member"}%>
|
11
11
|
<% end %>
|
12
|
-
<% unless update_partial %></div><% end %>
|
12
|
+
<% unless update_partial %></div><% end %>
|
@@ -6,7 +6,7 @@
|
|
6
6
|
<%= hidden_field_tag "context_role" + update_name, context_role.to_s, :name => "context_role" %>
|
7
7
|
<%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
|
8
8
|
<%= check_box_tag "permission" + update_name, "1",
|
9
|
-
(Cbac::Permission.
|
9
|
+
(Cbac::Permission.where(context_role: context_role.to_s, privilege_set_id: set_id.to_s).count > 0),
|
10
10
|
{:onclick => "this.form.onsubmit();", :name => "permission"}%>
|
11
11
|
<% end %>
|
12
|
-
<% unless update_partial %></div><% end %>
|
12
|
+
<% unless update_partial %></div><% end %>
|
@@ -6,7 +6,7 @@
|
|
6
6
|
<%= hidden_field_tag "generic_role_id" + update_name, role.id.to_s, :name => "generic_role_id" %>
|
7
7
|
<%= hidden_field_tag "privilege_set_id" + update_name, set_id.to_s, :name => "privilege_set_id" %>
|
8
8
|
<%= check_box_tag "permission" + update_name, "1",
|
9
|
-
(Cbac::Permission.
|
9
|
+
(Cbac::Permission.where(generic_role_id: role.id, privilege_set_id: set_id).count > 0),
|
10
10
|
{:onclick => "this.form.onsubmit();", :name => "permission"}%>
|
11
11
|
<% end %>
|
12
|
-
<% unless update_partial %></div><% end %>
|
12
|
+
<% unless update_partial %></div><% end %>
|
data/tasks/cbac.rake
CHANGED
@@ -39,7 +39,7 @@
|
|
39
39
|
def dump_permissions_to_yaml_file(permissions)
|
40
40
|
permissions.each do |cp|
|
41
41
|
privilege_set_name = get_privilege_set(:id => cp['privilege_set_id']).name
|
42
|
-
cp['privilege_set_id'] = "<%= Cbac::PrivilegeSetRecord.
|
42
|
+
cp['privilege_set_id'] = "<%= Cbac::PrivilegeSetRecord.where(name: '#{privilege_set_name}').first.id %>"
|
43
43
|
end
|
44
44
|
dump_objects_to_yaml_file(permissions, "permissions")
|
45
45
|
end
|