eaco 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +21 -0
- data/.rspec +2 -0
- data/.travis.yml +18 -0
- data/.yardopts +1 -0
- data/Appraisals +22 -0
- data/Gemfile +4 -0
- data/Guardfile +34 -0
- data/LICENSE.txt +23 -0
- data/README.md +225 -0
- data/Rakefile +26 -0
- data/eaco.gemspec +27 -0
- data/features/active_record.example.yml +8 -0
- data/features/active_record.travis.yml +7 -0
- data/features/rails_integration.feature +10 -0
- data/features/step_definitions/database.rb +7 -0
- data/features/step_definitions/resource_authorization.rb +15 -0
- data/features/support/env.rb +9 -0
- data/gemfiles/rails_3.2.gemfile +9 -0
- data/gemfiles/rails_4.0.gemfile +8 -0
- data/gemfiles/rails_4.1.gemfile +8 -0
- data/gemfiles/rails_4.2.gemfile +8 -0
- data/lib/eaco.rb +93 -0
- data/lib/eaco/acl.rb +206 -0
- data/lib/eaco/actor.rb +86 -0
- data/lib/eaco/adapters.rb +14 -0
- data/lib/eaco/adapters/active_record.rb +70 -0
- data/lib/eaco/adapters/active_record/compatibility.rb +83 -0
- data/lib/eaco/adapters/active_record/compatibility/v32.rb +27 -0
- data/lib/eaco/adapters/active_record/compatibility/v40.rb +59 -0
- data/lib/eaco/adapters/active_record/compatibility/v41.rb +16 -0
- data/lib/eaco/adapters/active_record/compatibility/v42.rb +17 -0
- data/lib/eaco/adapters/active_record/postgres_jsonb.rb +36 -0
- data/lib/eaco/adapters/couchrest_model.rb +37 -0
- data/lib/eaco/adapters/couchrest_model/couchdb_lucene.rb +71 -0
- data/lib/eaco/controller.rb +158 -0
- data/lib/eaco/cucumber.rb +11 -0
- data/lib/eaco/cucumber/active_record.rb +163 -0
- data/lib/eaco/cucumber/active_record/department.rb +19 -0
- data/lib/eaco/cucumber/active_record/document.rb +18 -0
- data/lib/eaco/cucumber/active_record/position.rb +21 -0
- data/lib/eaco/cucumber/active_record/schema.rb +36 -0
- data/lib/eaco/cucumber/active_record/user.rb +24 -0
- data/lib/eaco/cucumber/world.rb +136 -0
- data/lib/eaco/designator.rb +264 -0
- data/lib/eaco/dsl.rb +40 -0
- data/lib/eaco/dsl/acl.rb +163 -0
- data/lib/eaco/dsl/actor.rb +139 -0
- data/lib/eaco/dsl/actor/designators.rb +110 -0
- data/lib/eaco/dsl/base.rb +52 -0
- data/lib/eaco/dsl/resource.rb +129 -0
- data/lib/eaco/dsl/resource/permissions.rb +131 -0
- data/lib/eaco/error.rb +36 -0
- data/lib/eaco/railtie.rb +46 -0
- data/lib/eaco/rake.rb +10 -0
- data/lib/eaco/rake/default_task.rb +164 -0
- data/lib/eaco/resource.rb +234 -0
- data/lib/eaco/version.rb +7 -0
- data/spec/eaco/acl_spec.rb +147 -0
- data/spec/eaco/actor_spec.rb +13 -0
- data/spec/eaco/adapters/active_record/postgres_jsonb_spec.rb +9 -0
- data/spec/eaco/adapters/active_record_spec.rb +13 -0
- data/spec/eaco/adapters/couchrest_model/couchdb_lucene_spec.rb +9 -0
- data/spec/eaco/adapters/couchrest_model_spec.rb +9 -0
- data/spec/eaco/controller_spec.rb +12 -0
- data/spec/eaco/designator_spec.rb +25 -0
- data/spec/eaco/dsl/acl_spec.rb +9 -0
- data/spec/eaco/dsl/actor/designators_spec.rb +7 -0
- data/spec/eaco/dsl/actor_spec.rb +15 -0
- data/spec/eaco/dsl/resource/permissions_spec.rb +7 -0
- data/spec/eaco/dsl/resource_spec.rb +17 -0
- data/spec/eaco/error_spec.rb +9 -0
- data/spec/eaco/resource_spec.rb +31 -0
- data/spec/eaco_spec.rb +49 -0
- data/spec/spec_helper.rb +71 -0
- metadata +296 -0
data/lib/eaco/version.rb
ADDED
@@ -0,0 +1,147 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe Eaco::ACL do
|
6
|
+
|
7
|
+
describe '#initialize' do
|
8
|
+
subject { described_class.new(plain_acl) }
|
9
|
+
|
10
|
+
let(:plain_acl) { Hash['user:42' => 'reader', 'group:fropper' => 'editor'] }
|
11
|
+
|
12
|
+
it { expect(subject).to be_a(described_class) }
|
13
|
+
it { expect(subject).to eq({'user:42' => :reader, 'group:fropper' => :editor}) }
|
14
|
+
end
|
15
|
+
|
16
|
+
describe '#add' do
|
17
|
+
let(:designator) { Eaco::Designator.new 'test' }
|
18
|
+
|
19
|
+
subject { acl.add(:reader, designator) }
|
20
|
+
|
21
|
+
context 'when adding non-existing permissions' do
|
22
|
+
let(:acl) { described_class.new }
|
23
|
+
|
24
|
+
it { expect(subject).to be_a(described_class) }
|
25
|
+
it { expect(subject).to include({designator => :reader}) }
|
26
|
+
end
|
27
|
+
|
28
|
+
context 'when replacing existing permissions' do
|
29
|
+
let(:acl) { described_class.new(designator => :editor) }
|
30
|
+
|
31
|
+
it { expect(subject).to be_a(described_class) }
|
32
|
+
it { expect(subject).to include({designator => :reader}) }
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
describe '#del' do
|
37
|
+
let(:designator) { Eaco::Designator.new 'test' }
|
38
|
+
|
39
|
+
subject { acl.del(designator) }
|
40
|
+
|
41
|
+
context 'when removing non-existing permissions' do
|
42
|
+
let(:acl) { described_class.new }
|
43
|
+
it { expect(subject).to eq({}) }
|
44
|
+
end
|
45
|
+
|
46
|
+
context 'when removing existing permissions' do
|
47
|
+
let(:acl) { described_class.new(designator => :editor) }
|
48
|
+
it { expect(subject).to eq({}) }
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
describe '#find_by_role' do
|
53
|
+
let(:reader1) { Eaco::Designator.new 'Tom.Fropp' }
|
54
|
+
let(:reader2) { Eaco::Designator.new 'Bob.Prutz' }
|
55
|
+
let(:editor) { Eaco::Designator.new 'Jake.Boon' }
|
56
|
+
|
57
|
+
let(:acl) do
|
58
|
+
described_class.new({
|
59
|
+
reader1 => :reader,
|
60
|
+
reader2 => :reader,
|
61
|
+
editor => :editor,
|
62
|
+
})
|
63
|
+
end
|
64
|
+
|
65
|
+
context 'when looking up valid roles' do
|
66
|
+
subject { acl.find_by_role(:reader) }
|
67
|
+
|
68
|
+
it { expect(subject).to eq(Set.new([reader1, reader2])) }
|
69
|
+
end
|
70
|
+
|
71
|
+
context 'when looking up nonexisting roles' do
|
72
|
+
subject { acl.find_by_role(:froober) }
|
73
|
+
|
74
|
+
it { expect(subject).to eq(Set.new) }
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
describe '#all' do
|
79
|
+
let(:reader) { Eaco::Designator.new 'John.Loom' }
|
80
|
+
let(:editor) { Eaco::Designator.new 'Mark.Poof' }
|
81
|
+
|
82
|
+
let(:acl) do
|
83
|
+
described_class.new({
|
84
|
+
reader => :reader,
|
85
|
+
editor => :editor,
|
86
|
+
})
|
87
|
+
end
|
88
|
+
|
89
|
+
subject { acl.all }
|
90
|
+
|
91
|
+
it { expect(subject).to eq(Set.new([reader, editor])) }
|
92
|
+
end
|
93
|
+
|
94
|
+
describe '#designators_map_for_role' do
|
95
|
+
let(:reader) { Eaco::Designator.new 'Pete.Raid' }
|
96
|
+
let(:editor1) { Eaco::Designator.new 'John.Alls' }
|
97
|
+
let(:editor2) { Eaco::Designator.new 'Bob.Prutz' }
|
98
|
+
|
99
|
+
let(:acl) do
|
100
|
+
described_class.new({
|
101
|
+
reader => :reader,
|
102
|
+
editor1 => :editor,
|
103
|
+
editor2 => :editor,
|
104
|
+
})
|
105
|
+
end
|
106
|
+
|
107
|
+
subject { acl.designators_map_for_role(:editor) }
|
108
|
+
|
109
|
+
before do
|
110
|
+
expect(editor1).to receive(:resolve) { ['John Alls'] }
|
111
|
+
expect(editor2).to receive(:resolve) { ['Robert Prutzon'] }
|
112
|
+
end
|
113
|
+
|
114
|
+
example do
|
115
|
+
expect(subject).to eq({
|
116
|
+
editor1 => Set.new(['John Alls']),
|
117
|
+
editor2 => Set.new(['Robert Prutzon'])
|
118
|
+
})
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
describe '#actors_by_role' do
|
123
|
+
let(:reader) { Eaco::Designator.new 'Pete.Raid' }
|
124
|
+
let(:editor1) { Eaco::Designator.new 'John.Alls' }
|
125
|
+
let(:editor2) { Eaco::Designator.new 'Bob.Prutz' }
|
126
|
+
|
127
|
+
let(:acl) do
|
128
|
+
described_class.new({
|
129
|
+
reader => :reader,
|
130
|
+
editor1 => :editor,
|
131
|
+
editor2 => :editor,
|
132
|
+
})
|
133
|
+
end
|
134
|
+
|
135
|
+
subject { acl.actors_by_role(:editor) }
|
136
|
+
|
137
|
+
before do
|
138
|
+
expect(editor1).to receive(:resolve) { ['John Alls'] }
|
139
|
+
expect(editor2).to receive(:resolve) { ['Robert Prutzon'] }
|
140
|
+
end
|
141
|
+
|
142
|
+
example do
|
143
|
+
expect(subject).to eq(['John Alls', 'Robert Prutzon'])
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe Eaco::Designator do
|
6
|
+
|
7
|
+
pending '#make'
|
8
|
+
|
9
|
+
pending '#parse'
|
10
|
+
|
11
|
+
pending '#resolve'
|
12
|
+
|
13
|
+
pending '#configure!'
|
14
|
+
|
15
|
+
pending '#harvest'
|
16
|
+
|
17
|
+
pending '#label'
|
18
|
+
|
19
|
+
pending '#id'
|
20
|
+
|
21
|
+
pending '#search'
|
22
|
+
|
23
|
+
pending '#new'
|
24
|
+
|
25
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe Eaco::Resource do
|
6
|
+
|
7
|
+
pending '.role?'
|
8
|
+
|
9
|
+
pending '.allows?'
|
10
|
+
|
11
|
+
pending '.role_of'
|
12
|
+
|
13
|
+
pending '.permissions'
|
14
|
+
|
15
|
+
pending '.roles'
|
16
|
+
|
17
|
+
pending '.roles_priority'
|
18
|
+
|
19
|
+
pending '.roles_with_labels'
|
20
|
+
|
21
|
+
pending '#allows?'
|
22
|
+
|
23
|
+
pending '#role_of'
|
24
|
+
|
25
|
+
pending '#grant'
|
26
|
+
|
27
|
+
pending '#revoke'
|
28
|
+
|
29
|
+
pending '#batch_grant'
|
30
|
+
|
31
|
+
end
|
data/spec/eaco_spec.rb
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
RSpec.describe Eaco do
|
6
|
+
|
7
|
+
describe '.parse_default_rules_file!' do
|
8
|
+
subject { Eaco.parse_default_rules_file! }
|
9
|
+
|
10
|
+
before { expect(Eaco).to receive(:parse_rules!).with(Eaco::DEFAULT_RULES) }
|
11
|
+
|
12
|
+
it { expect(subject).to be(nil) }
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
describe '.parse_rules!' do
|
17
|
+
subject { Eaco.parse_rules! file }
|
18
|
+
|
19
|
+
context 'when the file does exist' do
|
20
|
+
let(:file) { double() }
|
21
|
+
|
22
|
+
before do
|
23
|
+
expect(file).to receive(:exist?).and_return(true)
|
24
|
+
expect(file).to receive(:read).and_return('')
|
25
|
+
expect(file).to receive(:realpath).and_return('test')
|
26
|
+
end
|
27
|
+
|
28
|
+
it { expect(subject).to be(true) }
|
29
|
+
end
|
30
|
+
|
31
|
+
context 'when the file does not exist' do
|
32
|
+
let(:file) { Pathname('/nonexistant') }
|
33
|
+
|
34
|
+
it { expect { subject }.to raise_error(Eaco::Malformed, /Please create \/nonexistant/) }
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe '.eval!' do
|
39
|
+
let(:source) { '' }
|
40
|
+
let(:path) { '' }
|
41
|
+
|
42
|
+
subject { Eaco.eval! source, path }
|
43
|
+
|
44
|
+
before { expect(Eaco::DSL).to receive(:eval).with(source, nil, path, 1) }
|
45
|
+
|
46
|
+
it { expect(subject).to be(true) }
|
47
|
+
end
|
48
|
+
|
49
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,71 @@
|
|
1
|
+
require 'rspec'
|
2
|
+
require 'eaco'
|
3
|
+
require 'byebug'
|
4
|
+
|
5
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
6
|
+
#
|
7
|
+
RSpec.configure do |config|
|
8
|
+
|
9
|
+
config.expect_with :rspec do |expectations|
|
10
|
+
# This option will default to `true` in RSpec 4. It makes the `description`
|
11
|
+
# and `failure_message` of custom matchers include text for helper methods
|
12
|
+
# defined using `chain`, e.g.:
|
13
|
+
# be_bigger_than(2).and_smaller_than(4).description
|
14
|
+
# # => "be bigger than 2 and smaller than 4"
|
15
|
+
# ...rather than:
|
16
|
+
# # => "be bigger than 2"
|
17
|
+
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
18
|
+
end
|
19
|
+
|
20
|
+
config.mock_with :rspec do |mocks|
|
21
|
+
# Prevents you from mocking or stubbing a method that does not exist on
|
22
|
+
# a real object. This is generally recommended, and will default to
|
23
|
+
# `true` in RSpec 4.
|
24
|
+
mocks.verify_partial_doubles = true
|
25
|
+
end
|
26
|
+
|
27
|
+
# These two settings work together to allow you to limit a spec run
|
28
|
+
# to individual examples or groups you care about by tagging them with
|
29
|
+
# `:focus` metadata. When nothing is tagged with `:focus`, all examples
|
30
|
+
# get run.
|
31
|
+
config.filter_run :focus
|
32
|
+
config.run_all_when_everything_filtered = true
|
33
|
+
|
34
|
+
# Limits the available syntax to the non-monkey patched syntax that is
|
35
|
+
# recommended. For more details, see:
|
36
|
+
# - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
|
37
|
+
# - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
|
38
|
+
# - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
|
39
|
+
config.disable_monkey_patching!
|
40
|
+
|
41
|
+
# This setting enables warnings. It's recommended, but in some cases may
|
42
|
+
# be too noisy due to issues in dependencies.
|
43
|
+
config.warnings = true
|
44
|
+
|
45
|
+
# Many RSpec users commonly either run the entire suite or an individual
|
46
|
+
# file, and it's useful to allow more verbose output when running an
|
47
|
+
# individual spec file.
|
48
|
+
if config.files_to_run.one?
|
49
|
+
# Use the documentation formatter for detailed output,
|
50
|
+
# unless a formatter has already been configured
|
51
|
+
# (e.g. via a command-line flag).
|
52
|
+
config.default_formatter = 'doc'
|
53
|
+
end
|
54
|
+
|
55
|
+
# Print the 5 slowest examples and example groups at the
|
56
|
+
# end of the spec run, to help surface which specs are running
|
57
|
+
# particularly slow.
|
58
|
+
config.profile_examples = 5
|
59
|
+
|
60
|
+
# Run specs in random order to surface order dependencies. If you find an
|
61
|
+
# order dependency and want to debug it, you can fix the order by providing
|
62
|
+
# the seed, which is printed after each run.
|
63
|
+
# --seed 1234
|
64
|
+
config.order = :random
|
65
|
+
|
66
|
+
# Seed global randomization in this process using the `--seed` CLI option.
|
67
|
+
# Setting this allows you to use `--seed` to deterministically reproduce
|
68
|
+
# test failures related to randomization by passing the same `--seed` value
|
69
|
+
# as the one that triggered the failure.
|
70
|
+
Kernel.srand config.seed
|
71
|
+
end
|