extreme_aas 0.0.1 → 0.0.2

data/Gemfile.lock

@@ -1,8 +1,7 @@
 PATH
   remote: .
   specs:
-    extreme_aas (0.0.1)
-      capybara (>= 0.4.0)
+    extreme_aas (0.0.2)
       rails (~> 3.2.2)
 
 GEM
@@ -46,6 +45,14 @@ GEM
       xpath (~> 0.1.4)
     childprocess (0.3.1)
       ffi (~> 1.0.6)
+    columnize (0.3.6)
+    debugger (1.1.1)
+      columnize (>= 0.3.1)
+      debugger-linecache (~> 1.1)
+      debugger-ruby_core_source (~> 1.1)
+    debugger-linecache (1.1.1)
+      debugger-ruby_core_source (>= 1.1.1)
+    debugger-ruby_core_source (1.1.1)
     diff-lcs (1.1.3)
     erubis (2.7.0)
     factory_girl (3.0.0)
@@ -128,6 +135,8 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  capybara (>= 0.4.0)
+  debugger
   extreme_aas!
   factory_girl_rails
   mysql2

data/README.rdoc

@@ -1,3 +1,63 @@
 = ExtremeAas
 
-This project rocks and uses MIT-LICENSE.
+Gem for implementing Authentication Authorization System.
+
+This gem allows you to specify permissions at controller action or helper methods levels.
+
+Please read the following description carefully.
+
+== Action
+An action is something that user can do in the system. An action can be a simple action (SimpleAction) or a group of actions (ActionGroup).
+
+This concept was implemented using the composite design pattern.
+
+== SimpleAction
+SimpleAction is the simplest thing an user has acccess to. It can be a helper method, or a controller action.
+
+Simple actions are generated by reading the code of the application. For that you have to run the rake task extreme_aas:sync_simple_actions.
+
+== ActionGroup
+ActionGroup is a set of simple actions or other groups of actions. It is defined in the file ”./config/extreme_aas_groups.yml”.
+
+Structure:
+  <group_name>:
+  - action_name: <action_name>
+    controller_name: <controller_name>
+  <another_group_name>:
+  - method_name: <method_name>
+    helper_name: <helper_name>
+  - group: <child_group_name>
+
+Example:
+
+  group_child:
+  - action_name: index
+    controller_name: UsersController
+  group_parent:
+  - group: group_child
+  - method_name: show
+    helper_name: UsersHelper
+In order to read this file and export it to the database, you have call the rake task extreme_aas:export_group_actions.
+
+Note: You can also use the task extreme_aas:update_actions which will both update simple actions and action groups.
+
+== Profile
+A profile is the entity that is related to your application's User model, and through grants stores all the permissions that user has in the application.
+
+== Grant
+A Grant is the entity that says if a profile has access to a certain action. They can be specified or generated.
+
+They are generated when a profile doesn't have a grant for a certain simple action, but this simple action is part of a group that is granted to the profile. Confused? Read it again, sorry :/
+
+In this case volatile grants will be generated for the simple actions. These volatile grants have to be updated manually by calling the rake task , Profile#update_grants or GroupAction#update_grants. NOT_IMPLEMENTED
+
+TODO kinds of grants (readonly hidden visible….)
+
+== How to Install it
+
+To install you have to:
+  $ rails generate extreme_aas
+  $ rake db:migrate
+
+This will create the tables extreme_profiles, extreme_actions, extreme_simple_actions, extreme_action_groups, extreme_action_edges, extreme_grants.
+Now, only granted actions will be permited in your application.

data/app/models/extreme_aas/application_controller.rb

@@ -13,9 +13,9 @@ module ExtremeAas
     end
 
     def extreme_aas_profile
-      @extreme_aas_profile ||= ExtremeProfile.last #FIXME
-
-      #@extreme_aas_profile ||= ExtremeProfile.find(session[:extreme_aas_profile_id]) if session[:extreme_aas_profile_id]
+      @extreme_aas_profile ||= ExtremeProfile.find(session[:extreme_aas_profile_id]) if session[:extreme_aas_profile_id]
+      @extreme_aas_profile ||= ExtremeProfile.find 1
+      raise "ExtremeAas Error: There should be a default profile with id 1!" if @extreme_aas_profile.nil?
     end
   end
 end

data/app/models/extreme_aas/extreme_action_group.rb

@@ -10,8 +10,15 @@ module ExtremeAas
     def self.export path = "#{Rails.root}/config/extreme_aas_groups.yml"
       yaml = YAML::load_file(path)
       if yaml
+        processed_groups_ids = []
         yaml.each do |group_name, actions|
-          group = ExtremeActionGroup.find_or_create_by_name group_name
+          group = ExtremeActionGroup.find_by_name group_name
+          if group.nil?
+            group = ExtremeActionGroup.create :name => group_name, :volatile => true
+          else 
+            group.actions = []            
+          end
+          processed_groups_ids << group.id
           actions.each do |action_yml_params|
             action_params = {}
             action_yml_params.each do |key, value|
@@ -25,9 +32,18 @@ module ExtremeAas
             end
           end
         end
+        ExtremeActionGroup.destroy_all(['id NOT IN (?) AND volatile = ?', processed_groups_ids, true])
       else
         puts "Warning: couldn't load file in #{path}"
       end
     end
+
+    after_initialize :default_values
+
+    def default_values
+      self.volatile ||= false
+    end
+
+
   end
 end

data/extreme_aas.gemspec

@@ -14,9 +14,10 @@ Gem::Specification.new do |s|
   #Dependencies
   s.required_rubygems_version = "> 1.3.6"
   s.add_dependency "rails" , "~> 3.2.2"
-  s.add_dependency "capybara" , ">= 0.4.0"
+  s.add_development_dependency "capybara" , ">= 0.4.0"
   s.add_development_dependency "rspec-rails", "~> 2.5"
   s.add_development_dependency "factory_girl_rails"
+  s.add_development_dependency "debugger"
   s.add_development_dependency 'mysql2'
   
   #files
@@ -26,4 +27,4 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
 
 
-end
+end

data/lib/extreme_aas/version.rb

@@ -1,3 +1,3 @@
 module ExtremeAas
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/lib/generators/extreme_aas/extreme_aas_generator.rb

@@ -18,4 +18,8 @@ class ExtremeAasGenerator < Rails::Generators::Base
   def create_migration_file
     migration_template 'migration.rb', 'db/migrate/create_extreme_aas_tables.rb'
   end
+  
+  def create_extreme_aas_groups_yml_file
+    copy_file "extreme_aas_groups.yml", "config/extreme_aas_groups.yml"
+  end
 end

data/lib/generators/extreme_aas/templates/extreme_aas_groups.yml

@@ -0,0 +1,2 @@
+default:
+#add here the groups and simple actions for the default group

data/lib/generators/extreme_aas/templates/migration.rb

@@ -3,12 +3,18 @@ class CreateExtremeAasTables < ActiveRecord::Migration
     create_table :extreme_profiles do |t|
       t.timestamps
     end
+    
     create_table :extreme_grants do |t|
       t.references :extreme_profile
       t.references :extreme_action
       t.boolean :volatile
       t.timestamps      
     end
+
+    create_table :extreme_actions do |t|
+      t.references :actionable, :polymorphic => true
+      t.timestamps
+    end
     create_table :extreme_simple_actions do |t|
       #--------
       t.string :controller_name
@@ -21,10 +27,7 @@ class CreateExtremeAasTables < ActiveRecord::Migration
     end
     create_table :extreme_action_groups do |t|
       t.string :name
-      t.timestamps
-    end
-    create_table :extreme_actions do |t|
-      t.references :actionable, :polymorphic => true
+      t.boolean :volatile
       t.timestamps
     end
     create_table :extreme_action_edges do |t|
@@ -32,5 +35,13 @@ class CreateExtremeAasTables < ActiveRecord::Migration
       t.integer :parent_action_id
       t.timestamps
     end
+    
+    ############## DEFAULT PROFILE ##############
+    # default profile will have always id = 1
+    profile = ExtremeAas::ExtremeProfile.create :id => 1
+    grant = ExtremeAas::ExtremeActionGroup.create :name => 'default'
+    profile.give_permission grant.super_action
+    #############################################
+    
   end
 end

data/spec/dummy/config/extreme_aas_groups.yml

@@ -0,0 +1,2 @@
+default:
+#add here the groups and simple actions for the default group

data/spec/dummy/db/migrate/{20120413132357_create_extreme_aas_tables.rb → 20120419100824_create_extreme_aas_tables.rb}

@@ -3,12 +3,18 @@ class CreateExtremeAasTables < ActiveRecord::Migration
     create_table :extreme_profiles do |t|
       t.timestamps
     end
+    
     create_table :extreme_grants do |t|
       t.references :extreme_profile
       t.references :extreme_action
       t.boolean :volatile
       t.timestamps      
     end
+
+    create_table :extreme_actions do |t|
+      t.references :actionable, :polymorphic => true
+      t.timestamps
+    end
     create_table :extreme_simple_actions do |t|
       #--------
       t.string :controller_name
@@ -21,10 +27,7 @@ class CreateExtremeAasTables < ActiveRecord::Migration
     end
     create_table :extreme_action_groups do |t|
       t.string :name
-      t.timestamps
-    end
-    create_table :extreme_actions do |t|
-      t.references :actionable, :polymorphic => true
+      t.boolean :volatile
       t.timestamps
     end
     create_table :extreme_action_edges do |t|
@@ -32,5 +35,13 @@ class CreateExtremeAasTables < ActiveRecord::Migration
       t.integer :parent_action_id
       t.timestamps
     end
+    
+    ############## DEFAULT PROFILE ##############
+    # default profile will have always id = 1
+    profile = ExtremeAas::ExtremeProfile.create :id => 1
+    grant = ExtremeAas::ExtremeActionGroup.create :name => 'default'
+    profile.give_permission grant.super_action
+    #############################################
+    
   end
 end

data/spec/dummy/db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20120413132357) do
+ActiveRecord::Schema.define(:version => 20120419100824) do
 
   create_table "extreme_action_edges", :force => true do |t|
     t.integer  "child_action_id"
@@ -22,6 +22,7 @@ ActiveRecord::Schema.define(:version => 20120413132357) do
 
   create_table "extreme_action_groups", :force => true do |t|
     t.string   "name"
+    t.boolean  "volatile"
     t.datetime "created_at", :null => false
     t.datetime "updated_at", :null => false
   end

data/spec/integration/controller_actions_spec.rb

@@ -4,9 +4,8 @@ describe "ControllerAction" do
 
   it "should grant permission" do
     action = FactoryGirl.create(:extreme_simple_action, :controller_name => 'users', :action_name => 'index').super_action
-    grant = FactoryGirl.create(:extreme_grant_for_simple_action, :extreme_action_id => action.id)
-    profile = grant.profile #deleteme
-
+    grant = FactoryGirl.create(:extreme_grant_for_simple_action, :extreme_action_id => action.id) 
+    session[:extreme_aas_profile_id] = grant.profile.id
     get 'users'
     response.should be_success
   end
@@ -15,6 +14,7 @@ describe "ControllerAction" do
     action = FactoryGirl.create(:extreme_simple_action, :controller_name => 'users', :action_name => 'index').super_action
     profile = FactoryGirl.create :extreme_profile
     profile.give_permission action
+    session[:extreme_aas_profile_id] = profile.id 
     get 'users'
     response.should be_success
   end
@@ -22,6 +22,7 @@ describe "ControllerAction" do
   it "should deny permission" do
     action = FactoryGirl.create(:extreme_simple_action, :controller_name => 'users', :action_name => 'index').super_action
     profile = FactoryGirl.create :extreme_profile
+    session[:extreme_aas_profile_id] = profile.id 
     get 'users'
     response.response_code.should == 401
   end

data/spec/spec_helper.rb

@@ -6,6 +6,8 @@ require File.expand_path("../dummy/config/environment.rb",  __FILE__)
 require "rails/test_help"
 require "rspec/rails"
 
+require 'debugger'
+
 ENGINE_RAILS_ROOT=File.join(File.dirname(__FILE__), '../')
 
 ActionMailer::Base.delivery_method = :test

data/spec/unit/action_group_spec.rb

@@ -60,6 +60,30 @@ describe "Action Group" do
     group_child = ExtremeActionGroup.find_by_name "group_child"
     group_parent.actions.include?(group_child.super_action).should be_true
     group_parent.actions.include?(simple_action_two.super_action).should be_true
-    p group_parent.actions
+  end
+  
+  it "should export: read groups and sync with existing, without deleting non-volatile groups" do
+    simple_action_one = FactoryGirl.create(:extreme_simple_action, :controller_name => 'UsersController', :action_name => 'index')
+    simple_action_two = FactoryGirl.create(:extreme_simple_action_helper, :helper_name => 'UsersHelper', :method_name => 'show')
+    hash = {"group_child" => [{"action_name" => "index", "controller_name" => 'UsersController'}], "group_parent"=>[{"group"=>"group_child"},{"method_name" => "show", "helper_name" => 'UsersHelper'}]}
+    File.open("#{ENGINE_RAILS_ROOT}/spec/support/extreme_aas_groups.yml", "w") do |out|
+      YAML.dump hash, out
+    end 
+    
+    ExtremeActionGroup.export "#{ENGINE_RAILS_ROOT}/spec/support/extreme_aas_groups.yml"
+    ExtremeActionGroup.find_by_name("default").should_not be_nil
+  end
+  
+  it "should export: read groups and sync with existing, with deleting volatile groups" do
+    group = FactoryGirl.create(:extreme_action_group, :volatile => true)
+    simple_action_one = FactoryGirl.create(:extreme_simple_action, :controller_name => 'UsersController', :action_name => 'index')
+    simple_action_two = FactoryGirl.create(:extreme_simple_action_helper, :helper_name => 'UsersHelper', :method_name => 'show')
+    hash = {"group_child" => [{"action_name" => "index", "controller_name" => 'UsersController'}], "group_parent"=>[{"group"=>"group_child"},{"method_name" => "show", "helper_name" => 'UsersHelper'}]}
+    File.open("#{ENGINE_RAILS_ROOT}/spec/support/extreme_aas_groups.yml", "w") do |out|
+      YAML.dump hash, out
+    end 
+    
+    ExtremeActionGroup.export "#{ENGINE_RAILS_ROOT}/spec/support/extreme_aas_groups.yml"
+    ExtremeActionGroup.find_by_name(group.name).should be_nil
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: extreme_aas
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-04-18 00:00:00.000000000 Z
+date: 2012-04-19 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2152734380 !ruby/object:Gem::Requirement
+  requirement: &2152188960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -22,21 +22,21 @@ dependencies:
         version: 3.2.2
   type: :runtime
   prerelease: false
-  version_requirements: *2152734380
+  version_requirements: *2152188960
 - !ruby/object:Gem::Dependency
   name: capybara
-  requirement: &2152733640 !ruby/object:Gem::Requirement
+  requirement: &2152187740 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 0.4.0
-  type: :runtime
+  type: :development
   prerelease: false
-  version_requirements: *2152733640
+  version_requirements: *2152187740
 - !ruby/object:Gem::Dependency
   name: rspec-rails
-  requirement: &2152732940 !ruby/object:Gem::Requirement
+  requirement: &2152186900 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -44,10 +44,21 @@ dependencies:
         version: '2.5'
   type: :development
   prerelease: false
-  version_requirements: *2152732940
+  version_requirements: *2152186900
 - !ruby/object:Gem::Dependency
   name: factory_girl_rails
-  requirement: &2152732400 !ruby/object:Gem::Requirement
+  requirement: &2152108060 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2152108060
+- !ruby/object:Gem::Dependency
+  name: debugger
+  requirement: &2152106760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -55,10 +66,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152732400
+  version_requirements: *2152106760
 - !ruby/object:Gem::Dependency
   name: mysql2
-  requirement: &2152731200 !ruby/object:Gem::Requirement
+  requirement: &2152105580 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -66,7 +77,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152731200
+  version_requirements: *2152105580
 description: This gem allows you to specify permissions at controller action or helper
   methods levels.
 email: 
@@ -89,11 +100,13 @@ files:
 - app/models/extreme_aas/extreme_grant.rb
 - app/models/extreme_aas/extreme_profile.rb
 - app/models/extreme_aas/extreme_simple_action.rb
+- extreme_aas-0.0.1.gem
 - extreme_aas.gemspec
 - lib/extreme_aas.rb
 - lib/extreme_aas/engine.rb
 - lib/extreme_aas/version.rb
 - lib/generators/extreme_aas/extreme_aas_generator.rb
+- lib/generators/extreme_aas/templates/extreme_aas_groups.yml
 - lib/generators/extreme_aas/templates/migration.rb
 - lib/tasks/sync.rake
 - spec/dummy/Gemfile.lock
@@ -130,7 +143,7 @@ files:
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
 - spec/dummy/db/migrate/20120404105554_create_users.rb
-- spec/dummy/db/migrate/20120413132357_create_extreme_aas_tables.rb
+- spec/dummy/db/migrate/20120419100824_create_extreme_aas_tables.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/401.html
 - spec/dummy/public/404.html
@@ -172,7 +185,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.6
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.11
+rubygems_version: 1.8.10
 signing_key: 
 specification_version: 3
 summary: Gem for implementing Authentication Authorization System.
@@ -211,7 +224,7 @@ test_files:
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
 - spec/dummy/db/migrate/20120404105554_create_users.rb
-- spec/dummy/db/migrate/20120413132357_create_extreme_aas_tables.rb
+- spec/dummy/db/migrate/20120419100824_create_extreme_aas_tables.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/401.html
 - spec/dummy/public/404.html