declarative_authorization 0.5 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/CHANGELOG +1 -0
  2. data/app/views/authorization_rules/_show_graph.erb +7 -0
  3. data/app/views/authorization_rules/graph.html.erb +7 -0
  4. data/lib/declarative_authorization/authorization.rb +1 -1
  5. data/lib/declarative_authorization/maintenance.rb +19 -5
  6. metadata +5 -17
data/CHANGELOG CHANGED
@@ -1,3 +1,4 @@
1
+ ** RELEASE 0.5.1 (Sep 12, 2010) **
1
2
 
2
3
  ** RELEASE 0.5 (July 21, 2010) **
3
4
 
data/app/views/authorization_rules/_show_graph.erb CHANGED
@@ -1,4 +1,11 @@
1
1
  <% javascript_tag do %>
2
+ if (typeof Prototype != 'object') {
3
+ //load up prototype... it's needed here
4
+ var s = document.createElement('script');
5
+ s.setAttribute('src','http://ajax.googleapis.com/ajax/libs/prototype/1.6.0.3/prototype.js');
6
+ document.getElementsByTagName('body')[0].appendChild(s);
7
+ }
8
+
2
9
  function show_graph (privilege, context, user_ids) {
3
10
  var params = {
4
11
  privilege_hierarchy: 1,
data/app/views/authorization_rules/graph.html.erb CHANGED
@@ -3,6 +3,13 @@
3
3
  <p><%= navigation %></p>
4
4
 
5
5
  <% javascript_tag do %>
6
+ if (typeof Prototype != 'object') {
7
+ //load up prototype... it's needed here
8
+ var s = document.createElement('script');
9
+ s.setAttribute('src','http://ajax.googleapis.com/ajax/libs/prototype/1.6.0.3/prototype.js');
10
+ document.getElementsByTagName('body')[0].appendChild(s);
11
+ }
12
+
6
13
  function update_graph (form) {
7
14
  base_url = "<%= url_for :format => 'svg' %>";
8
15
  $('graph').data = base_url + '?' + form.serialize();
data/lib/declarative_authorization/authorization.rb CHANGED
@@ -20,7 +20,7 @@ module Authorization
20
20
  # The exception is raised to ensure that the entire rule is invalidated.
21
21
  class NilAttributeValueError < AuthorizationError; end
22
22
 
23
- AUTH_DSL_FILES = [(Rails.root || Pathname.new('')).join("config", "authorization_rules.rb").to_s] unless defined? AUTH_DSL_FILES
23
+ AUTH_DSL_FILES = [Pathname.new(Rails.root || '').join("config", "authorization_rules.rb").to_s] unless defined? AUTH_DSL_FILES
24
24
 
25
25
  # Controller-independent method for retrieving the current user.
26
26
  # Needed for model security where the current controller is not available.
data/lib/declarative_authorization/maintenance.rb CHANGED
@@ -148,24 +148,38 @@ module Authorization
148
148
  end
149
149
  end
150
150
 
151
- # Test helper to test authorization rules. E.g.
151
+ # Test helper to test authorization rules.
152
152
  # with_user a_normal_user do
153
153
  # should_not_be_allowed_to :update, :conferences
154
154
  # should_not_be_allowed_to :read, an_unpublished_conference
155
155
  # should_be_allowed_to :read, a_published_conference
156
156
  # end
157
- def should_be_allowed_to (privilege, object_or_context)
157
+ #
158
+ # If the objects class name does not match the controller name, you can set the object and context manually
159
+ # should_be_allowed_to :create, :object => car, :context => :vehicles
160
+ #
161
+ # If you use specify the object and context manually, you can also specify the user manually, skipping the with_user block:
162
+ # should_be_allowed_to :create, :object => car, :context => :vehicles, :user => a_normal_user
163
+ def should_be_allowed_to (privilege, *args)
158
164
  options = {}
159
- options[object_or_context.is_a?(Symbol) ? :context : :object] = object_or_context
165
+ if(args.first.class == Hash)
166
+ options = args.extract_options!
167
+ else
168
+ options[args[0].is_a?(Symbol) ? :context : :object] = args[0]
169
+ end
160
170
  assert_nothing_raised do
161
171
  Authorization::Engine.instance.permit!(privilege, options)
162
172
  end
163
173
  end
164
174
 
165
175
  # See should_be_allowed_to
166
- def should_not_be_allowed_to (privilege, object_or_context)
176
+ def should_not_be_allowed_to (privilege, *args)
167
177
  options = {}
168
- options[object_or_context.is_a?(Symbol) ? :context : :object] = object_or_context
178
+ if(args.first.class == Hash)
179
+ options = args.extract_options!
180
+ else
181
+ options[args[0].is_a?(Symbol) ? :context : :object] = args[0]
182
+ end
169
183
  assert !Authorization::Engine.instance.permit?(privilege, options)
170
184
  end
171
185
 
metadata CHANGED
@@ -5,7 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 5
8
- version: "0.5"
8
+ - 1
9
+ version: 0.5.1
9
10
  platform: ruby
10
11
  authors:
11
12
  - Steffen Bartsch
@@ -13,23 +14,10 @@ autorequire:
13
14
  bindir: bin
14
15
  cert_chain: []
15
16
 
16
- date: 2010-07-21 00:00:00 +02:00
17
+ date: 2010-09-12 00:00:00 +02:00
17
18
  default_executable:
18
- dependencies:
19
- - !ruby/object:Gem::Dependency
20
- name: rails
21
- prerelease: false
22
- requirement: &id001 !ruby/object:Gem::Requirement
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- segments:
27
- - 2
28
- - 1
29
- - 0
30
- version: 2.1.0
31
- type: :runtime
32
- version_requirements: *id001
19
+ dependencies: []
20
+
33
21
  description:
34
22
  email: sbartsch@tzi.org
35
23
  executables: []