eaco 0.8.0 → 0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +6 -1
- data/README.md +21 -16
- data/eaco.gemspec +13 -8
- data/lib/eaco/adapters/active_record/compatibility/v40.rb +2 -0
- data/lib/eaco/version.rb +1 -1
- data/spec/eaco/actor_spec.rb +3 -3
- data/spec/eaco/controller_spec.rb +2 -2
- data/spec/eaco/designator_spec.rb +9 -9
- data/spec/eaco/dsl/acl_spec.rb +1 -1
- data/spec/eaco/dsl/actor_spec.rb +4 -4
- data/spec/eaco/dsl/resource_spec.rb +5 -5
- data/spec/eaco/error_spec.rb +1 -1
- data/spec/eaco/resource_spec.rb +12 -12
- metadata +5 -12
- data/spec/eaco/adapters/active_record/postgres_jsonb_spec.rb +0 -9
- data/spec/eaco/adapters/active_record_spec.rb +0 -13
- data/spec/eaco/adapters/couchrest_model/couchdb_lucene_spec.rb +0 -9
- data/spec/eaco/adapters/couchrest_model_spec.rb +0 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 536f9a37ebe0f8c16425d643a8cb91c119d5f61c
|
|
4
|
+
data.tar.gz: 0e9c61eeddaca078398925b397e39795f7b8247b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9780bf31341fde6cce7a5046c83d667e2ec09b6595b3806a4ed3d42ca3d67264eaa13d44d61d6e0d65e3acf4911f899088986bf72cf01f5640e1b8d4d5e4c8d3
|
|
7
|
+
data.tar.gz: ee7f5cf26bce90db25812ae255409b0b938119678ff3a1f08b278eda2b53b5457c383835c4700f6e5a84d402b64368af01043ebff87515a70f946e52d002eacd
|
data/.yardopts
CHANGED
data/README.md
CHANGED
|
@@ -11,10 +11,12 @@ framework for Ruby.
|
|
|
11
11
|
|
|
12
12
|
![Eaco e Telamone][eaco-e-telamone]
|
|
13
13
|
|
|
14
|
+
*"Aeacus telemon by user Ravenous at en.wikipedia.org - Public domain through Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Aeacus_telemon.jpg"*
|
|
15
|
+
|
|
14
16
|
## Design
|
|
15
17
|
|
|
16
|
-
Eaco provides your
|
|
17
|
-
Access to the Resource is determined
|
|
18
|
+
Eaco provides your application's Resources discretionary access.
|
|
19
|
+
Access to the Resource is determined matching an ACL against an Actor.
|
|
18
20
|
|
|
19
21
|
Different Actors can have different levels of access to the same Resource,
|
|
20
22
|
depending on their role as determined by the ACL.
|
|
@@ -22,24 +24,23 @@ depending on their role as determined by the ACL.
|
|
|
22
24
|
To each role are granted a set of possible abilities, and access is verified
|
|
23
25
|
by checking whether a given actor can perform a specific ability.
|
|
24
26
|
|
|
25
|
-
Actors are described by their Designators, a pluggable mechanism
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
belonging to a group or occupying a position in a department.
|
|
27
|
+
Actors are described by their Designators, a pluggable mechanism whose details
|
|
28
|
+
are up to your application. For instance, an Actor can have many designators
|
|
29
|
+
that describe either its identity or its belonging to a group or occupying a
|
|
30
|
+
position in a department.
|
|
30
31
|
|
|
31
32
|
Designators are Ruby classes that can embed any sort of custom behaviour that
|
|
32
33
|
your application requires.
|
|
33
34
|
|
|
34
35
|
ACLs are hashes with designators as keys and roles as values. Extracting
|
|
35
36
|
authorized collections requires only an hash key lookup mechanism in your
|
|
36
|
-
database. Adapters are provided for PG's jsonb and for CouchDB-Lucene.
|
|
37
|
+
database. Adapters are provided for PG's +jsonb+ and for CouchDB-Lucene.
|
|
37
38
|
|
|
38
39
|
## Installation
|
|
39
40
|
|
|
40
41
|
Add this line to your application's Gemfile:
|
|
41
42
|
|
|
42
|
-
gem 'eaco'
|
|
43
|
+
gem 'eaco'
|
|
43
44
|
|
|
44
45
|
And then execute:
|
|
45
46
|
|
|
@@ -89,6 +90,7 @@ with an ACL [(rdoc)](http://www.rubydoc.info/github/ifad/eaco/master/Eaco/ACL):
|
|
|
89
90
|
# An example ACL
|
|
90
91
|
>> document = Document.first
|
|
91
92
|
=> #<Document id:42 name:"President's report for loans.docx" [...]>
|
|
93
|
+
|
|
92
94
|
>> document.acl
|
|
93
95
|
=> #<Document::ACL {"user:10" => :owner, "group:reviewers" => :reader}>
|
|
94
96
|
```
|
|
@@ -99,6 +101,7 @@ and an Actor [(rdoc)](http://www.rubydoc.info/github/ifad/eaco/master/Eaco/Actor
|
|
|
99
101
|
# An example Actor
|
|
100
102
|
>> user = User.find(10)
|
|
101
103
|
=> #<User id:10 name:"Bob Fropp" group_ids:['employees'], tags:['english']>
|
|
104
|
+
|
|
102
105
|
>> user.designators
|
|
103
106
|
=> #<Set{ #<Designator(User) value:10>, #<Designator(Group) value:"employees">, #<Designator(Tag) value:"english"> }
|
|
104
107
|
```
|
|
@@ -164,25 +167,27 @@ Grant reader access to a group:
|
|
|
164
167
|
=> true
|
|
165
168
|
```
|
|
166
169
|
|
|
167
|
-
Obtain a collection of Resources accessible by a given Actor
|
|
170
|
+
Obtain a collection of Resources accessible by a given Actor
|
|
171
|
+
[(rdoc)](http://www.rubydoc.info/github/ifad/eaco/master/Eaco/Adapters):
|
|
168
172
|
|
|
169
173
|
```ruby
|
|
170
174
|
>> Document.accessible_by(user)
|
|
171
175
|
```
|
|
172
176
|
|
|
173
177
|
Check whether a controller action can be accessed by an user. Your
|
|
174
|
-
|
|
178
|
+
Controller must respond to `current_user` for this to work.
|
|
175
179
|
[(rdoc)](http://www.rubydoc.info/github/ifad/eaco/master/Eaco/Controller)
|
|
176
180
|
|
|
177
181
|
```ruby
|
|
178
182
|
class DocumentsController < ApplicationController
|
|
179
183
|
before_filter :find_document
|
|
180
184
|
|
|
181
|
-
authorize :
|
|
185
|
+
authorize :show, [:document, :read]
|
|
186
|
+
authorize :edit, [:document, :edit]
|
|
182
187
|
|
|
183
188
|
private
|
|
184
189
|
def find_document
|
|
185
|
-
@document = Document.find(:id)
|
|
190
|
+
@document = Document.find(params[:id])
|
|
186
191
|
end
|
|
187
192
|
end
|
|
188
193
|
```
|
|
@@ -208,9 +213,9 @@ see `features/active_record.example.yml` for an example.
|
|
|
208
213
|
|
|
209
214
|
Run `bundle` once. This will install the base bundle.
|
|
210
215
|
|
|
211
|
-
Run `appraisal` once. This will install the supported Rails versions and pg
|
|
216
|
+
Run `appraisal` once. This will install the supported Rails versions and +pg+.
|
|
212
217
|
|
|
213
|
-
Run `rake`. This will run the specs and cucumber features.
|
|
218
|
+
Run `rake`. This will run the specs and cucumber features and report coverage.
|
|
214
219
|
|
|
215
220
|
Specs are run against the supported rails versions in turn. If you want to
|
|
216
221
|
focus on a single release, use `appraisal rails-X.Y rake`, where `X.Y` can be
|
|
@@ -228,4 +233,4 @@ focus on a single release, use `appraisal rails-X.Y rake`, where `X.Y` can be
|
|
|
228
233
|
|
|
229
234
|
This software is Made in Italy :it: :smile:.
|
|
230
235
|
|
|
231
|
-
[eaco-e-telamone]: http://upload.wikimedia.org/wikipedia/commons/7/70/Aeacus_telemon.jpg
|
|
236
|
+
[eaco-e-telamone]: http://upload.wikimedia.org/wikipedia/commons/7/70/Aeacus_telemon.jpg
|
data/eaco.gemspec
CHANGED
|
@@ -17,12 +17,17 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
18
18
|
spec.require_paths = ["lib"]
|
|
19
19
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
20
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
|
21
|
+
spec.add_development_dependency "rake"
|
|
22
|
+
spec.add_development_dependency "byebug"
|
|
23
|
+
spec.add_development_dependency "guard"
|
|
24
|
+
spec.add_development_dependency "yard"
|
|
25
|
+
spec.add_development_dependency "appraisal"
|
|
26
|
+
spec.add_development_dependency "rspec"
|
|
27
|
+
spec.add_development_dependency "guard-rspec"
|
|
28
|
+
spec.add_development_dependency "cucumber"
|
|
29
|
+
spec.add_development_dependency "guard-cucumber"
|
|
30
|
+
spec.add_development_dependency "yard-cucumber"
|
|
31
|
+
spec.add_development_dependency "coveralls"
|
|
32
|
+
spec.add_development_dependency "guard-shell"
|
|
28
33
|
end
|
data/lib/eaco/version.rb
CHANGED
data/spec/eaco/actor_spec.rb
CHANGED
|
@@ -4,22 +4,22 @@ require 'spec_helper'
|
|
|
4
4
|
|
|
5
5
|
RSpec.describe Eaco::Designator do
|
|
6
6
|
|
|
7
|
-
pending '#make'
|
|
7
|
+
#pending '#make'
|
|
8
8
|
|
|
9
|
-
pending '#parse'
|
|
9
|
+
#pending '#parse'
|
|
10
10
|
|
|
11
|
-
pending '#resolve'
|
|
11
|
+
#pending '#resolve'
|
|
12
12
|
|
|
13
|
-
pending '#configure!'
|
|
13
|
+
#pending '#configure!'
|
|
14
14
|
|
|
15
|
-
pending '#harvest'
|
|
15
|
+
#pending '#harvest'
|
|
16
16
|
|
|
17
|
-
pending '#label'
|
|
17
|
+
#pending '#label'
|
|
18
18
|
|
|
19
|
-
pending '#id'
|
|
19
|
+
#pending '#id'
|
|
20
20
|
|
|
21
|
-
pending '#search'
|
|
21
|
+
#pending '#search'
|
|
22
22
|
|
|
23
|
-
pending '#new'
|
|
23
|
+
#pending '#new'
|
|
24
24
|
|
|
25
25
|
end
|
data/spec/eaco/dsl/acl_spec.rb
CHANGED
data/spec/eaco/dsl/actor_spec.rb
CHANGED
|
@@ -4,12 +4,12 @@ require 'spec_helper'
|
|
|
4
4
|
|
|
5
5
|
RSpec.describe Eaco::DSL::Actor do
|
|
6
6
|
|
|
7
|
-
pending '#new'
|
|
7
|
+
#pending '#new'
|
|
8
8
|
|
|
9
|
-
pending '#designators'
|
|
9
|
+
#pending '#designators'
|
|
10
10
|
|
|
11
|
-
pending '#admin_logic'
|
|
11
|
+
#pending '#admin_logic'
|
|
12
12
|
|
|
13
|
-
pending '.find_designator'
|
|
13
|
+
#pending '.find_designator'
|
|
14
14
|
|
|
15
15
|
end
|
|
@@ -4,14 +4,14 @@ require 'spec_helper'
|
|
|
4
4
|
|
|
5
5
|
RSpec.describe Eaco::DSL::Resource do
|
|
6
6
|
|
|
7
|
-
pending '#new'
|
|
7
|
+
#pending '#new'
|
|
8
8
|
|
|
9
|
-
pending '#permissions'
|
|
9
|
+
#pending '#permissions'
|
|
10
10
|
|
|
11
|
-
pending '#roles'
|
|
11
|
+
#pending '#roles'
|
|
12
12
|
|
|
13
|
-
pending '#roles_priority'
|
|
13
|
+
#pending '#roles_priority'
|
|
14
14
|
|
|
15
|
-
pending '#roles_with_labels'
|
|
15
|
+
#pending '#roles_with_labels'
|
|
16
16
|
|
|
17
17
|
end
|
data/spec/eaco/error_spec.rb
CHANGED
data/spec/eaco/resource_spec.rb
CHANGED
|
@@ -4,28 +4,28 @@ require 'spec_helper'
|
|
|
4
4
|
|
|
5
5
|
RSpec.describe Eaco::Resource do
|
|
6
6
|
|
|
7
|
-
pending '.role?'
|
|
7
|
+
#pending '.role?'
|
|
8
8
|
|
|
9
|
-
pending '.allows?'
|
|
9
|
+
#pending '.allows?'
|
|
10
10
|
|
|
11
|
-
pending '.role_of'
|
|
11
|
+
#pending '.role_of'
|
|
12
12
|
|
|
13
|
-
pending '.permissions'
|
|
13
|
+
#pending '.permissions'
|
|
14
14
|
|
|
15
|
-
pending '.roles'
|
|
15
|
+
#pending '.roles'
|
|
16
16
|
|
|
17
|
-
pending '.roles_priority'
|
|
17
|
+
#pending '.roles_priority'
|
|
18
18
|
|
|
19
|
-
pending '.roles_with_labels'
|
|
19
|
+
#pending '.roles_with_labels'
|
|
20
20
|
|
|
21
|
-
pending '#allows?'
|
|
21
|
+
#pending '#allows?'
|
|
22
22
|
|
|
23
|
-
pending '#role_of'
|
|
23
|
+
#pending '#role_of'
|
|
24
24
|
|
|
25
|
-
pending '#grant'
|
|
25
|
+
#pending '#grant'
|
|
26
26
|
|
|
27
|
-
pending '#revoke'
|
|
27
|
+
#pending '#revoke'
|
|
28
28
|
|
|
29
|
-
pending '#batch_grant'
|
|
29
|
+
#pending '#batch_grant'
|
|
30
30
|
|
|
31
31
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: eaco
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marcello Barnaba
|
|
@@ -123,7 +123,7 @@ dependencies:
|
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: '0'
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
|
-
name:
|
|
126
|
+
name: cucumber
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - ">="
|
|
@@ -137,7 +137,7 @@ dependencies:
|
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: '0'
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
|
-
name: cucumber
|
|
140
|
+
name: guard-cucumber
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
142
142
|
requirements:
|
|
143
143
|
- - ">="
|
|
@@ -151,7 +151,7 @@ dependencies:
|
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
152
|
version: '0'
|
|
153
153
|
- !ruby/object:Gem::Dependency
|
|
154
|
-
name:
|
|
154
|
+
name: yard-cucumber
|
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
|
156
156
|
requirements:
|
|
157
157
|
- - ">="
|
|
@@ -199,6 +199,7 @@ executables: []
|
|
|
199
199
|
extensions: []
|
|
200
200
|
extra_rdoc_files: []
|
|
201
201
|
files:
|
|
202
|
+
- ".config/cucumber.yml"
|
|
202
203
|
- ".gitignore"
|
|
203
204
|
- ".rspec"
|
|
204
205
|
- ".travis.yml"
|
|
@@ -273,10 +274,6 @@ files:
|
|
|
273
274
|
- lib/eaco/version.rb
|
|
274
275
|
- spec/eaco/acl_spec.rb
|
|
275
276
|
- spec/eaco/actor_spec.rb
|
|
276
|
-
- spec/eaco/adapters/active_record/postgres_jsonb_spec.rb
|
|
277
|
-
- spec/eaco/adapters/active_record_spec.rb
|
|
278
|
-
- spec/eaco/adapters/couchrest_model/couchdb_lucene_spec.rb
|
|
279
|
-
- spec/eaco/adapters/couchrest_model_spec.rb
|
|
280
277
|
- spec/eaco/controller_spec.rb
|
|
281
278
|
- spec/eaco/designator_spec.rb
|
|
282
279
|
- spec/eaco/dsl/acl_spec.rb
|
|
@@ -328,10 +325,6 @@ test_files:
|
|
|
328
325
|
- features/support/env.rb
|
|
329
326
|
- spec/eaco/acl_spec.rb
|
|
330
327
|
- spec/eaco/actor_spec.rb
|
|
331
|
-
- spec/eaco/adapters/active_record/postgres_jsonb_spec.rb
|
|
332
|
-
- spec/eaco/adapters/active_record_spec.rb
|
|
333
|
-
- spec/eaco/adapters/couchrest_model/couchdb_lucene_spec.rb
|
|
334
|
-
- spec/eaco/adapters/couchrest_model_spec.rb
|
|
335
328
|
- spec/eaco/controller_spec.rb
|
|
336
329
|
- spec/eaco/designator_spec.rb
|
|
337
330
|
- spec/eaco/dsl/acl_spec.rb
|