dead_simple_authorization 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9812fb35a08d8185c0b59b0d0a5f2bf01e14f026
+  data.tar.gz: 7254a679a00df1c9dc5f848a4c7c8be61456034f
+SHA512:
+  metadata.gz: 9861dffc528326f8d3ebcea54599497dfd3cad1f812328031f4488d547bd237ab3f6f8ec252c0a33c2f28a47d1b5f7f10356bb7a64865111e56ff85e57fdc359
+  data.tar.gz: 86f35c2ce743d69cda9a40523c16272a46c5239334ae29cc87190a2427c2b606f84973edb4ae1bf3b7012395a066509bb3418d7e040eccb14b6f451456977dd5

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in a.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Pantelis Vratsalis
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

data/README.md

@@ -0,0 +1,2 @@
+# dead_simple_authorization
+A Very simple authorization gem

data/Rakefile

@@ -0,0 +1,8 @@
+require 'rspec/core/rake_task'
+require 'bundler/gem_tasks'
+
+RSpec::Core::RakeTask.new(:spec) do |task|
+  task.rspec_opts = ['--color', '--format', 'documentation']
+end
+
+task :default => :spec

data/dead_simple_authorization.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'dead_simple_authorization/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "dead_simple_authorization"
+  spec.version       = DeadSimpleAuthorization::VERSION
+  spec.authors       = ["Pantelis Vratsalis"]
+  spec.email         = ["pvratsalis@gmail.com"]
+  spec.summary       = %q{A pretty simple solution for permissions on resources - framework agnostic}
+  spec.description   = %q{a very simple authorization library with two main methods: can? and authorize, checking the permissions of a user to perform an action on a resource}
+  spec.homepage      = "https://github.com/m1lt0n/dead_simple_authorization"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec"
+end

data/lib/dead_simple_authorization.rb

@@ -0,0 +1,3 @@
+require 'dead_simple_authorization/errors'
+require 'dead_simple_authorization/policy'
+require 'dead_simple_authorization/helpers'

data/lib/dead_simple_authorization/errors.rb

@@ -0,0 +1,7 @@
+module DeadSimpleAuthorization
+  module Errors
+    # A Custom error class when authorization fails
+    class NotAuthorized < StandardError
+    end
+  end
+end

data/lib/dead_simple_authorization/helpers.rb

@@ -0,0 +1,32 @@
+module DeadSimpleAuthorization
+  module Helpers
+    private
+    #
+    # Check if a user can perform an action for a specific resource.
+    # If the user shouldn't have access to the resource, a
+    # NotAuthorizedErrror is raised.
+    #
+    # Example: Is Bob allowed to view a Post ?
+    #
+    # Assuming bob = User.new('bob'), post = Post.new('post title', 'post content')
+    #
+    # authorize(bob, :view, post) will check for a PostPolicy by convention and will
+    # trigger the policy's view? method. In the PostPolicy's context, the user and post
+    # are available.
+    #
+    def authorize(user, action, resource)
+      raise ::DeadSimpleAuthorization::Errors::NotAuthorized unless can?(user, action, resource)
+    end
+
+    #
+    # Check if a user can perform an action for a specific resource.
+    # This method is not as strict as authorize in a sense that it does not raise an
+    # error, but returns the boolean outcome of the check
+    #
+    def can?(user, action, resource)
+      policy_class = "#{resource.class}Policy"
+      policy = Object::const_get(policy_class).new(resource, user)
+      policy.send("#{action.to_s}?")
+    end
+  end
+end

data/lib/dead_simple_authorization/policy.rb

@@ -0,0 +1,17 @@
+module DeadSimpleAuthorization
+  module Policy
+    class Base
+      attr_reader :resource
+      attr_reader :user
+
+      #
+      # The resource (e.g. a model) and user objects are available in all Policy objects
+      # that inherit from BasePolicy and can be used by authorize action methods.
+      #
+      def initialize(resource, user)
+        @user = user
+        @resource = resource
+      end
+    end
+  end
+end

data/lib/dead_simple_authorization/version.rb

@@ -0,0 +1,3 @@
+module DeadSimpleAuthorization
+  VERSION = "0.1.0"
+end

data/spec/helpers_spec.rb

@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe DeadSimpleAuthorization::Helpers do
+  include DeadSimpleAuthorization::Helpers
+
+  let(:user) { double }
+  let(:post) { Post.new(user) }
+ 
+  describe 'authorize' do
+    it 'should raise error if user cannot access a resource' do
+      expect { authorize(user, :own, Post.new(double)) }.to raise_error(DeadSimpleAuthorization::Errors::NotAuthorized)
+    end
+
+    it 'should do nothing if user can access a resource' do
+      expect(authorize(user, :own, post)).to be_nil
+    end
+  end
+
+  describe 'can?' do
+    it 'should return false if user cannot access a resource' do
+      expect(can?(user, :own, Post.new(double))).to equal false
+    end
+
+    it 'should return true if user can access a resource' do
+      expect(can?(user, :own, post)).to equal true
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,15 @@
+require 'dead_simple_authorization'
+
+class PostPolicy < DeadSimpleAuthorization::Policy::Base
+  def own?
+    @user == @resource.owner
+  end
+end
+
+class Post
+  attr_reader :owner
+
+  def initialize(owner)
+    @owner = owner
+  end
+end

metadata

@@ -0,0 +1,103 @@
+--- !ruby/object:Gem::Specification
+name: dead_simple_authorization
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Pantelis Vratsalis
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-03-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 'a very simple authorization library with two main methods: can? and
+  authorize, checking the permissions of a user to perform an action on a resource'
+email:
+- pvratsalis@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- dead_simple_authorization.gemspec
+- lib/dead_simple_authorization.rb
+- lib/dead_simple_authorization/errors.rb
+- lib/dead_simple_authorization/helpers.rb
+- lib/dead_simple_authorization/policy.rb
+- lib/dead_simple_authorization/version.rb
+- spec/helpers_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/m1lt0n/dead_simple_authorization
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A pretty simple solution for permissions on resources - framework agnostic
+test_files:
+- spec/helpers_spec.rb
+- spec/spec_helper.rb
+has_rdoc: