checkpoint 0.2.2 → 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6a1c461fe8389571e1850b62a87c9d0db9ade53e
+  data.tar.gz: 2854266ee72cf25d1e789aed12eb63e27e7436a5
+SHA512:
+  metadata.gz: cea376e3ab91a65d63e86b64b7eddd54ea4edbf5a403763e099a334ca1546454b3e4d86a666cafa56e4b1db7c663a8d89ed4f52a890b358975e3f8f071851ae2
+  data.tar.gz: ae1c1b1bdb8bfe5705ede2d5d4478a8888884200307008206e80680b49f75785ed8d02d02a13856c9a137b559a204807fc46910a27a2b7dde054c61e97d0e4a3

data/.envrc

@@ -0,0 +1 @@
+PATH_add bin

data/.gitignore

@@ -1,10 +1,19 @@
-*.gem
-.bundle
+/.bundle/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+/db/checkpoint.log
+/db/checkpoint.yml
+/db/*.sqlite3
 Gemfile.lock
-pkg/*
-*.swp
-*.swo
-*.swn
-*.~
-*swp
-*~
+
+# rspec failure tracking
+.rspec_status
+
+# Docs generated by YARD and Sphinx
+/.yardoc/
+/docs/_build/
+/docs/_yard/

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,30 @@
+Rails:
+  Enabled: true
+
+Rails/Delegate:
+  Enabled: false
+
+# inherit_gem:
+#   rubocop-rails:
+#     - config/rails.yml
+
+AllCops:
+  DisplayCopNames: true
+  TargetRubyVersion: 2.4
+  Exclude:
+    - 'bin/**/*'
+    - 'vendor/**/*'
+
+Layout/MultilineMethodDefinitionBraceLayout:
+  EnforcedStyle: same_line
+
+Metrics/LineLength:
+  Max: 110
+
+Metrics/BlockLength:
+  Exclude:
+    - '*.gemspec'
+  ExcludedMethods: ['describe', 'context', 'xdescribe', 'xcontext']
+
+Style/StringLiterals:
+  Enabled: false

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.4.2
+before_install: gem install bundler -v 1.16.0

data/.yardopts

@@ -0,0 +1 @@
+--output-dir ./docs/_yard

data/Gemfile

@@ -1,4 +1,8 @@
-source "http://rubygems.org"
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 
 # Specify your gem's dependencies in checkpoint.gemspec
 gemspec

data/LICENSE.md

@@ -0,0 +1,27 @@
+Copyright (c) 2018, The Regents of the University of Michigan.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+* Redistributions of source code must retain the above copyright
+  notice, this list of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in the
+  documentation and/or other materials provided with the distribution.
+* Neither the name of the The University of Michigan nor the
+  names of its contributors may be used to endorse or promote products
+  derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE REGENTS OF THE UNIVERSITY OF MICHIGAN AND
+CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT
+NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OF THE
+UNIVERSITY OF MICHIGAN BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO,PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,23 @@
+[![Build Status](https://travis-ci.org/mlibrary/checkpoint.svg?branch=master)](https://travis-ci.org/mlibrary/checkpoint?branch=master)
+[![Coverage Status](https://coveralls.io/repos/github/mlibrary/checkpoint/badge.svg?branch=master)](https://coveralls.io/github/mlibrary/checkpoint?branch=master)
+
+# Checkpoint
+
+Checkpoint provides a model and infrastructure for policy-based authorization,
+especially in Rails applications.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'checkpoint'
+```
+
+And then execute:
+
+    $ bundle
+
+## License
+
+Checkpoint is licensed under the BSD-3-Clause license. See [LICENSE.md](LICENSE.md).

data/Rakefile

@@ -1 +1,15 @@
+# frozen_string_literal: true
+
 require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+load 'lib/tasks/migrate.rake'
+
+task default: :spec
+
+task :docs do
+  sh %( bin/yard )
+  sh %( cd docs && make html )
+end

data/bin/console

@@ -0,0 +1,18 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "checkpoint"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+def init!
+  Checkpoint::DB.initialize!
+  Object.const_set(:DB, Checkpoint::DB.db)
+end
+
+require "pry"
+Pry.start
+
+# require "irb"
+# IRB.start(__FILE__)

data/bin/rake

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+load(bundle_binstub) if File.file?(bundle_binstub)
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/bin/rspec

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+load(bundle_binstub) if File.file?(bundle_binstub)
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/bin/sequel

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'sequel' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+load(bundle_binstub) if File.file?(bundle_binstub)
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("sequel", "sequel")

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/bin/yard

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'yard' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+load(bundle_binstub) if File.file?(bundle_binstub)
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("yard", "yard")

data/bin/yardoc

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'yardoc' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+load(bundle_binstub) if File.file?(bundle_binstub)
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("yard", "yardoc")

data/checkpoint.gemspec

@@ -1,25 +1,43 @@
-# -*- encoding: utf-8 -*-
-$:.push File.expand_path("../lib", __FILE__)
+# frozen_string_literal: true
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "checkpoint/version"
 
-Gem::Specification.new do |s|
-  s.name        = "checkpoint"
-  s.version     = Checkpoint::VERSION
-  s.authors     = ["Leanbid LTD"]
-  s.email       = ["it@leanbid.com"]
-  s.homepage    = "https://github.com/digitalfrost/checkpoint"
-  s.summary     = "Simple rails authorisation"
-  #s.description = %q{TODO: Write a gem description}
-  s.license = "MIT"
+Gem::Specification.new do |spec|
+  spec.name    = "checkpoint"
+  spec.version = Checkpoint::VERSION
+  spec.authors = ["Noah Botimer"]
+  spec.email   = ["botimer@umich.edu"]
+  spec.license = "BSD-3-Clause"
+
+  spec.summary = <<~SUMMARY
+    Checkpoint provides a model and infrastructure for policy-based authorization,
+    especially in Rails applications.
+  SUMMARY
+
+  spec.homepage = "https://github.com/mlibrary/checkpoint"
 
-  s.rubyforge_project = "checkpoint"
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
 
-  s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
-  s.require_paths = ["lib"]
+  spec.add_dependency "ettin", "~> 1.1"
+  spec.add_dependency "mysql2", "~> 0.4.10"
+  spec.add_dependency "sequel", "~> 5.6"
 
-  # specify any dependencies here; for example:
-  # s.add_development_dependency "rspec"
-  # s.add_runtime_dependency "rest-client"
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "coveralls", "~> 0.8"
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "pry-byebug"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "rubocop", "~> 0.52"
+  spec.add_development_dependency "rubocop-rails", "~> 1.1"
+  spec.add_development_dependency "rubocop-rspec", "~> 1.16"
+  spec.add_development_dependency "sqlite3", "~> 1.3"
+  spec.add_development_dependency "yard", "~> 0.9"
 end

data/db/migrations/1_create_permits.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+Sequel.migration do
+  change do
+    create_table :permits do
+      primary_key :id
+      column :agent_type,       String, size: 100, null: false
+      column :agent_id,         String, size: 100, null: false
+      column :agent_token,      String, size: 201, null: false
+      column :credential_type,  String, size: 100, null: false
+      column :credential_id,    String, size: 100, null: false
+      column :credential_token, String, size: 201, null: false
+      column :resource_type,    String, size: 100, null: false
+      column :resource_id,      String, size: 100, null: false
+      column :resource_token,   String, size: 201, null: false
+      column :zone_id,          String, size: 100, null: false
+    end
+  end
+end

data/docs/Makefile

@@ -0,0 +1,24 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = sphinx-build
+SPHINXPROJ    = Checkpoint
+AUTOBUILD     = sphinx-autobuild
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+auto:
+	@$(AUTOBUILD) ${@:2} "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: auto help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

data/docs/authentication.rst

@@ -0,0 +1,18 @@
+Identity and Authentication
+===========================
+
+Users can be identified in any number of ways and carry with them various
+attributes that determine the entirety of "who they are". Our typical needs
+include identifying a person by username or email address, and building a
+profile of attributes such as geographical region (as determined by IP address),
+or University status (student, staff, etc.). The identifiers and attributes are
+intrinsic to the user and do not, by themselves, grant any permissions within
+an application. Likewise, these attributes cannot be granted within an
+application, only inspected.
+
+A&E will continue to provide the identity and attributes of users. The
+specifics of whether this will be implemented with environment variables,
+HTTP headers, SAML, or other means is to be determined. An application is
+not expected to implement its own login process except to the degree that
+it can recognize the required authentication information provided to it.
+

data/docs/conf.py

@@ -0,0 +1,46 @@
+# -*- coding: utf-8 -*-
+
+import guzzle_sphinx_theme
+from recommonmark.parser import CommonMarkParser
+
+# -- General configuration ------------------------------------------------
+project = u'Checkpoint'
+copyright = u'2017, Regents of the University of Michigan'
+author = u'Noah Botimer'
+version = u'0.1.0'
+release = u'0.1.0'
+
+
+extensions = ['guzzle_sphinx_theme']
+templates_path = ['_templates']
+master_doc = 'index'
+
+source_parsers = {
+    '.md': CommonMarkParser,
+}
+source_suffix = ['.rst', '.md']
+
+language = None
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+pygments_style = 'sphinx'
+todo_include_todos = False
+
+
+# -- Options for HTML output ----------------------------------------------
+html_theme_path = guzzle_sphinx_theme.html_theme_path()
+html_theme = 'guzzle_sphinx_theme'
+html_static_path = ['_static']
+
+# Guzzle theme options (see theme.conf for more information)
+html_theme_options = {
+    "project_nav_name": "Checkpoint",
+}
+
+html_sidebars = {
+    '**': [
+        'logo-text.html',
+        'globaltoc.html',
+        'searchbox.html',
+    ]
+}
+