eaco 0.8.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +3 -3
  3. data/README.md +19 -11
  4. data/eaco.gemspec +5 -1
  5. data/lib/eaco/acl.rb +1 -2
  6. data/lib/eaco/version.rb +1 -1
  7. data/spec/eaco/acl_spec.rb +3 -3
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 91f235834d2378f29b46f54e433898e4d8e7b34f
4
- data.tar.gz: 094515fb0e0c0da6354262e3a0c0f8b50cfce099
3
+ metadata.gz: 342302faeb4d72f36078ceb1566c2701481e2005
4
+ data.tar.gz: b6986e43c743934700e081dfe5a497e5a49a5632
5
5
  SHA512:
6
- metadata.gz: 84abe5ac3ef02b6433d2d2dfbd399c032250a480d8fafecdbb38fd662f49c7a48c591bd7baf755feac9eac2e7b649d25aface3e7dbf5f2e5a5f5470908b296d4
7
- data.tar.gz: bba9437ebbda22bc5e04752b1a4af8d6898ac3def1d1bb326dbd65dba8e062cd40af967a27630a55d60155b7c543ad87bbd95952bd8851fb24ba8adf91e21c91
6
+ metadata.gz: 7aae3bdd2fe862f8c5185b7cd774d1a0e55d2c7592d687d5b40aef388cc14d468c6eea4fbff0648b3ef8ca73bd2a487d05bf50afa3d252380a1074762be5c8a8
7
+ data.tar.gz: 0306f78ebe3b7197dda0afcb44250a56c93e5471af163c6d9d262196c798cb6f0e5e5a42ba52f7bd092cfbc0c50205ef828c7d616b4c4290b3e16d31867d8b9c
data/.travis.yml CHANGED
@@ -1,7 +1,7 @@
1
1
  rvm:
2
- - 2.0.0
3
- - 2.1.5
4
- - 2.2.0
2
+ - 2.1
3
+ - 2.2
4
+ - 2.3.1
5
5
 
6
6
  gemfile:
7
7
  - gemfiles/rails_3.2.gemfile
data/README.md CHANGED
@@ -6,7 +6,7 @@
6
6
  [![Inline docs](http://inch-ci.org/github/ifad/eaco.svg?branch=master)](http://inch-ci.org/github/ifad/eaco)
7
7
  [![Gem Version](https://badge.fury.io/rb/eaco.svg)](http://badge.fury.io/rb/eaco)
8
8
 
9
- Eacus, the holder of the keys of Hades, is an ACL-based authorization
9
+ Eacus, the holder of the keys of Hades, is an Attribute-Based Access Control ([ABAC](https://en.wikipedia.org/wiki/Attribute-based_access_control)) authorization
10
10
  framework for Ruby.
11
11
 
12
12
  ![Eaco e Telamone][eaco-e-telamone]
@@ -15,23 +15,31 @@ framework for Ruby.
15
15
 
16
16
  ## Design
17
17
 
18
- Eaco provides your application's Resources discretionary access.
19
- Access to the Resource is determined matching an ACL against an Actor.
18
+ Eaco provides your application's Resources discretionary access based on attributes.
19
+ Access to a Resource by an Actor is determined by checking whether the Actor owns
20
+ the security attributes (Designators) required by the Resource.
20
21
 
21
- Different Actors can have different levels of access to the same Resource,
22
- depending on their role as determined by the ACL.
22
+ Each Resource protected by Eaco has an ACL attached. ACLs define which security
23
+ attribute grant access to the Resource, and at which level. The level of access
24
+ is expressed in terms of roles. Roles are scoped per Resource types.
23
25
 
24
- To each role are granted a set of possible abilities, and access is verified
25
- by checking whether a given actor can perform a specific ability.
26
+ Each Role then describes a set of abilities that it can perform. In your code,
27
+ you check directly whether an Actor has a specific ability on a Resource, and
28
+ all the indirection is then evaluated by Eaco.
26
29
 
27
- Actors are described by their Designators, a pluggable mechanism whose details
28
- are up to your application. For instance, an Actor can have many designators
29
- that describe either its identity or its belonging to a group or occupying a
30
- position in a department.
30
+ ## Designators
31
+
32
+ Security attributes are extracted out of Actors through the Designators framework,
33
+ a pluggable mechanism whose details are up to your application.
34
+
35
+ An Actor can have many designators, that describe its identity or its belonging
36
+ to a group or occupying a position in a department.
31
37
 
32
38
  Designators are Ruby classes that can embed any sort of custom behaviour that
33
39
  your application requires.
34
40
 
41
+ ## ACLS
42
+
35
43
  ACLs are hashes with designators as keys and roles as values. Extracting
36
44
  authorized collections requires only an hash key lookup mechanism in your
37
45
  database. Adapters are provided for PG's +jsonb+ and for CouchDB-Lucene.
data/eaco.gemspec CHANGED
@@ -20,7 +20,11 @@ Gem::Specification.new do |spec|
20
20
  spec.add_development_dependency "bundler", "~> 1.6"
21
21
  spec.add_development_dependency "rake"
22
22
  spec.add_development_dependency "byebug"
23
- spec.add_development_dependency "guard"
23
+ # Starting from version 2.12.7, guard includes listen >= 2.7, and
24
+ # starting from version 3.1.2, listen includes ruby_dep, that
25
+ # works only from Ruby 2.2.3 onwards. However eaco supports 2.0
26
+ # and up.
27
+ spec.add_development_dependency "guard", "< 2.12.7"
24
28
  spec.add_development_dependency "yard"
25
29
  spec.add_development_dependency "appraisal"
26
30
  spec.add_development_dependency "rspec"
data/lib/eaco/acl.rb CHANGED
@@ -57,9 +57,8 @@ module Eaco
57
57
  #
58
58
  def del(*designator)
59
59
  identify(*designator).each do |key|
60
- self.delete(key)
60
+ self.delete(key.to_s)
61
61
  end
62
-
63
62
  self
64
63
  end
65
64
 
data/lib/eaco/version.rb CHANGED
@@ -2,6 +2,6 @@ module Eaco
2
2
 
3
3
  # Current version
4
4
  #
5
- VERSION = '0.8.2'
5
+ VERSION = '1.0.0'
6
6
 
7
7
  end
data/spec/eaco/acl_spec.rb CHANGED
@@ -54,16 +54,16 @@ RSpec.describe Eaco::ACL do
54
54
  describe '#del' do
55
55
  let(:designator) { Eaco::Designator.new 'test' }
56
56
 
57
- subject { acl.del(designator) }
57
+ before { acl.del(designator) }
58
58
 
59
59
  context 'when removing non-existing permissions' do
60
60
  let(:acl) { described_class.new }
61
- it { expect(subject).to eq({}) }
61
+ it { expect(acl).to eq({}) }
62
62
  end
63
63
 
64
64
  context 'when removing existing permissions' do
65
65
  let(:acl) { described_class.new(designator => :editor) }
66
- it { expect(subject).to eq({}) }
66
+ it { expect(acl).to eq({}) }
67
67
  end
68
68
  end
69
69
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: eaco
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.2
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marcello Barnaba
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-16 00:00:00.000000000 Z
11
+ date: 2016-05-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -56,16 +56,16 @@ dependencies:
56
56
  name: guard
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ">="
59
+ - - "<"
60
60
  - !ruby/object:Gem::Version
61
- version: '0'
61
+ version: 2.12.7
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - ">="
66
+ - - "<"
67
67
  - !ruby/object:Gem::Version
68
- version: '0'
68
+ version: 2.12.7
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: yard
71
71
  requirement: !ruby/object:Gem::Requirement