company_scope 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 76e4908c7c91d390e44c66f6c18891493831d1b3
+  data.tar.gz: bac3b43ef130a3f422b56e6129ec7227dd484f7d
+SHA512:
+  metadata.gz: c28bc166bcdddc387ffb508f0accb04d0151f9bcac62b84d5a700e505f60a9ed6519acfd73cd135bd6ccd415b9538de466dbb09d395feaea75260910add0d51d
+  data.tar.gz: 497ad6e99a12acee86b0858caab13273478142b7e3a260aef664ff4d7f3bc821e1e4b6a75b2ecf435551e888639c274029c8c9faae4ec539de0bcc206be0b0bb

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.ruby-gemset

@@ -0,0 +1 @@
+companyscope

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.1.1

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.1.1
+script: bundle exec rake spec:all

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in company_scope.gemspec
+gemspec

data/README.md

@@ -0,0 +1,44 @@
+# CompanyScope
+
+This is a simple solution to scoping a rails project for multi-tenancy. It is based on the default_scope
+in Active Record. Currently it uses a fixed model called company for the account/scoping.
+
+Since the whole process needs a thread_safe way to store the current company identifier (such as a subdomain) as a class attribute, the gem uses the RequestStore gem to store this value.
+
+Thread.current is the usual way to handle this but this is not entirely compatible with all ruby application servers - especially the Java based ones. RequestStore is the solution that works in all such application servers.
+
+## Travis CI
+
+[![Build Status](https://travis-ci.org/netflakes/company_scope.svg?branch=master)](https://travis-ci.org/netflakes/company_scope)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'company_scope'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install company_scope
+
+## Usage
+
+NB: This gem is currently under development and has not been published officially!
+(use at your own risk..)
+
+## Development
+
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/company_scope/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,13 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+#
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec
+#
+desc 'Run the test suite for active_record models'
+namespace :spec do
+  task :all do
+    Rake::Task["spec"].reenable
+    Rake::Task["spec"].invoke
+  end
+end

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "company_scope"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/company_scope.gemspec

@@ -0,0 +1,44 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'company_scope/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "company_scope"
+  spec.version       = CompanyScope::VERSION
+  spec.authors       = ["Steve Forkin"]
+  spec.email         = ["steve.forkin@gmail.com"]
+
+  spec.summary       = %q{A simple solution for Rails Multi Tenancy.}
+  spec.description   = %q{A simple solution for Rails Multi Tenancy based on Active Record Default Scopes.}
+  spec.homepage      = "http://github.com/netflakes/company_scope"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  #if spec.respond_to?(:metadata)
+    #spec.metadata['allowed_push_host'] = "TODO: Set to 'http://mygemserver.com' to prevent pushes to rubygems.org, or delete to allow pushes to any server."
+  #end
+  #
+  # Development dependencies
+  #
+  # - build related ones
+  spec.add_development_dependency "bundler", "~> 1.8"
+  spec.add_development_dependency "rake", "~> 10.0"
+  #
+  # - gem related ones
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rspec-given'
+  spec.add_development_dependency 'rspec-collection_matchers'
+  spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency 'database_cleaner', '>= 1.3.0'
+  spec.add_development_dependency 'sqlite3'
+  #
+  # Runtime dependencies
+  #
+  spec.add_runtime_dependency 'rails', '>= 4.1.1'
+  spec.add_runtime_dependency 'request_store', '>= 1.1.0'
+  #
+end

data/lib/company_scope.rb

@@ -0,0 +1,25 @@
+require "request_store"
+#
+require File.dirname(__FILE__) + '/company_scope/base'
+require File.dirname(__FILE__) + '/company_scope/guardian'
+require File.dirname(__FILE__) + '/company_scope/control'
+require File.dirname(__FILE__) + '/company_scope/filter'
+require File.dirname(__FILE__) + '/company_scope/railtie'
+
+if defined?(ActiveRecord::Base)
+  ActiveRecord::Base.send(:include, CompanyScope::Base)
+  ActiveRecord::Base.send(:include, CompanyScope::Guardian)
+end
+
+if defined?(ActionController::Base)
+  ActionController::Base.send(:include, CompanyScope::Control)
+  ActionController::Base.send(:include, CompanyScope::Filter)
+end
+# - if this is being used in an API..
+if defined?(ActionController::API)
+  ActionController::API.send(:include, CompanyScope::Control)
+  ActionController::API.send(:include, CompanyScope::Filter)
+end
+
+module CompanyScope
+end

data/lib/company_scope/base.rb

@@ -0,0 +1,39 @@
+#
+module CompanyScope
+  #
+  module Base
+    #
+    def self.included(base)
+      base.extend(CompanyScopeClassMethods)
+    end
+    #
+    module CompanyScopeClassMethods
+      #
+      def acts_as_company
+
+        belongs_to  :company
+
+        validates_presence_of :company_id
+
+        default_scope { where("#{self.table_name}.company_id = ?", Company.current_id) }
+
+        # - on creation we make sure the company_id is set!
+        before_validation(on: :create) do |obj|
+          obj.company_id = Company.current_id
+        end
+
+        before_save do |obj|
+          # catch each time someone attempts to violate the company relationship!
+          raise ::CompanyScope::Control::CompanyAccessViolationError unless obj.company_id == Company.current_id
+          true
+        end
+
+        before_destroy do |obj|
+          # force company to be correct for current_user
+          raise ::CompanyScope::Control::CompanyAccessViolationError unless obj.company_id == Company.current_id
+          true
+        end
+      end
+    end
+  end
+end

data/lib/company_scope/control.rb

@@ -0,0 +1,5 @@
+module CompanyScope
+  module Control
+    class CompanyAccessViolationError < SecurityError; end
+  end
+end

data/lib/company_scope/filter.rb

@@ -0,0 +1,54 @@
+#
+module CompanyScope
+  #
+  module Filter
+    #
+    def self.included(base)
+      base.extend(TopLevelClassMethods)
+      base.extend(FilterClassMethods)
+      base.include(FilterMethods)
+    end
+
+    module FilterMethods
+      
+      def current_company
+        request.env["COMPANY_ID"] # a default that is best overridden in the application controller..
+      end
+        
+      def filter_by_current_company_scope
+        Company.current_id = current_company.id
+        yield
+      ensure
+        Company.current_id = nil
+      end
+    end
+
+    module FilterClassMethods
+      #
+      def company_setup
+        helper_method :current_company
+      end        
+      #
+      def acts_as_company_filter
+        around_filter :filter_by_current_company_scope
+      end
+    end
+    #
+    module TopLevelClassMethods
+      #
+      def rescue_from_company_access_violations
+        # - rescue from errors relating to the wrong company to avoid cross company data leakage
+        rescue_from ::CompanyScope::Control::CompanyAccessViolationError, with: :company_scope_company_not_set
+      end
+
+      def company_scope_company_not_set
+        flash[:error] = t('application.warnings.company_not_set')
+        if wrong_company_path.nil?
+          redirect_to(root_path) and return
+        else
+          redirect_to(wrong_company_path) and return
+        end
+      end
+    end
+  end
+end

data/lib/company_scope/guardian.rb

@@ -0,0 +1,24 @@
+#
+module CompanyScope
+  #
+  module Guardian
+    #
+    def self.included(base)
+      base.extend(GuardianClassMethods)
+    end
+    #
+    module GuardianClassMethods
+      #
+      def acts_as_guardian
+        #
+        def current_id=(id)
+          RequestStore.store[:default_scope_company_id] = id
+        end
+
+        def current_id
+          RequestStore.store[:default_scope_company_id]
+        end
+      end
+    end
+  end
+end

data/lib/company_scope/railtie.rb

@@ -0,0 +1,35 @@
+require 'company_scope'
+require 'rails'
+#
+module CompanyScope
+  class Railtie < Rails::Railtie
+    #
+    initializer :after_initialize do
+      # - the base module injects the default scope into company dependant models
+      ActiveRecord::Base.send(:include, CompanyScope::Base)
+
+      # - the company_entity module injects class methods for acting as the company!
+      ActiveRecord::Base.send(:include, CompanyScope::Guardian)
+
+      if defined?(ActionController::Base)
+        # - the control module has some error handling for the application controller
+        ActionController::Base.send(:include, CompanyScope::Control)
+        # - the controller_filter module injects an around filter to ensure all
+        # - actions in the controller are wrapped
+        ActionController::Base.send(:include, CompanyScope::Filter)
+      end
+      # - if this is being used in an API..
+      if defined?(ActionController::API)
+        # - the control module has some error handling for the application controller
+        ActionController::API.send(:include, CompanyScope::Control)
+        # - the controller_filter module injects an around filter to ensure all
+        # - actions in the controller are wrapped
+        ActionController::API.send(:include, CompanyScope::Filter)
+      end
+
+      #ActionController::Base.send(:include, CompanyScope::Control)
+      #ActionController::Base.send(:include, CompanyScope::Filter)
+    end
+    #
+  end
+end

data/lib/company_scope/version.rb

@@ -0,0 +1,3 @@
+module CompanyScope
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,202 @@
+--- !ruby/object:Gem::Specification
+name: company_scope
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Steve Forkin
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2015-03-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-given
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-collection_matchers
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: database_cleaner
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.1
+- !ruby/object:Gem::Dependency
+  name: request_store
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+description: A simple solution for Rails Multi Tenancy based on Active Record Default
+  Scopes.
+email:
+- steve.forkin@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".ruby-gemset"
+- ".ruby-version"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- company_scope.gemspec
+- lib/company_scope.rb
+- lib/company_scope/base.rb
+- lib/company_scope/control.rb
+- lib/company_scope/filter.rb
+- lib/company_scope/guardian.rb
+- lib/company_scope/railtie.rb
+- lib/company_scope/version.rb
+homepage: http://github.com/netflakes/company_scope
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A simple solution for Rails Multi Tenancy.
+test_files: []