RubyGems - generic_auth - Versions diffs - 0.1.1 - Mend

generic_auth 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

data/lib/generic_auth/auth_error.rb +4 -0
data/lib/generic_auth/engine.rb +139 -0
data/lib/generic_auth/guard.rb +14 -0
data/lib/generic_auth/guest.rb +7 -0
data/lib/generic_auth/rules.rb +43 -0
data/lib/generic_auth/version.rb +3 -0
data/lib/generic_auth.rb +9 -0
metadata +123 -0

data/lib/generic_auth/auth_error.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module GenericAuth
+	class AuthError < Exception
+	end
+end

data/lib/generic_auth/engine.rb ADDED Viewed

@@ -0,0 +1,139 @@
+require 'singleton'
+# roles[:person][:module_class_method] = [context_1, context_2, ...]
+module GenericAuth
+	class Engine
+		include Singleton
+		def initialize
+			@roles = {}
+			@user = Guest.new
+		end
+		def user= user=nil
+			user = GenericAuth::Guest.new if user.nil?
+			raise ArgumentError, 'User must respond_to? roles' unless user.respond_to?(:roles)
+			@user = user
+		end
+		def user
+			@user
+		end
+		def add_role role
+			require_no_role role
+			@roles[role] = {}
+		end
+		def clear_roles
+			@roles = {}
+		end
+		def remove_role role
+			require_role_symbol role
+			@roles.delete(role) if @roles[role]
+		end
+		def roles
+			@roles.keys
+		end
+		def add_activity role, activity, contexts = []
+			require_activity_symbol activity
+			require_defined_role role
+			@roles[role][activity] = contexts
+		end
+		def remove_activity role, activity
+			require_defined_role role
+			require_activity_symbol activity
+			@roles[role].delete(activity) if @roles[role][activity]
+		end
+		def clear_activities role
+			require_defined_role role
+			@roles[role] = {} if @roles[role]
+		end
+		def activities role
+			require_role_symbol role
+			@roles[role].keys
+		end
+		def add_context role, activity, &block
+			require_defined_activity role, activity
+			raise ArgumentError, 'Invalid callback, callback must respond_to? call' unless block.respond_to?(:call)
+			@roles[role][activity] << block
+		end
+		def remove_context role, activity, index
+			require_defined_activity role, activity
+			@roles[role][activity].delete_at(index) if @roles[role][activity]
+		end
+		def clear_contexts role, activity
+			require_role_symbol role
+			require_activity_symbol activity
+			@roles[role][activity] = [] if @roles[role] && @roles[role][activity]
+		end
+		def contexts role, activity
+			require_defined_role role
+			require_activity_symbol activity
+			@roles[role][activity]
+		end
+		def permitted? role, activity, object, *args
+			require_defined_role role
+			return false unless @roles[role][activity]
+			return true if @roles[role][activity].empty?
+			@roles[role][activity].all? do |context|
+				context.call(object, *args)
+			end
+		end
+		def wrap_class(klass)
+			wrapped = klass.to_s.camelize.constantize
+			raise 'Class must respond_to? generic_auth_on with an array of methods(activites) to authorize' unless wrapped.respond_to?(:generic_auth_on)
+			activities = wrapped.send(:generic_auth_on)
+			activities.each do |activity|
+				old = wrapped.instance_method(activity)
+				wrapped.send(:define_method, activity) do |*args|
+					GenericAuth::Guard.authorize activity, self, *args
+					old.bind(self).(*args)
+				end
+			end
+		end
+		private
+		def require_role_symbol role
+			raise ArgumentError, 'Role must be a symbol' unless role.is_a?(Symbol)
+		end
+		def require_activity_symbol activity
+			raise ArgumentError, 'Activity must be a symbol' unless activity.is_a?(Symbol)
+		end
+		def require_no_role role
+			require_role_symbol role
+			raise ArgumentError, 'Role is already defined' unless @roles[role].nil?
+		end
+		def require_defined_role role
+			require_role_symbol role
+			raise ArgumentError, "The #{role} role is not defined" if @roles[role].nil?
+		end
+		def require_defined_activity role, activity
+			require_defined_role role
+			require_activity_symbol activity
+			raise ArgumentError, "Role #{role} has no permission for activity #{activity}" if @roles[role][activity].nil?
+		end
+	end
+end

data/lib/generic_auth/guard.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module GenericAuth
+	class Guard
+		def self.authorize activity, object, *args
+			permitted = false
+			Engine.instance.user.roles.each do |role|
+				if Engine.instance.permitted? role, activity, object, *args
+					permitted = true
+					break
+				end
+			end
+			raise GenericAuth::AuthError, "User not authorized for activity #{activity}" unless permitted
+		end
+	end
+end

data/lib/generic_auth/guest.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module GenericAuth
+	class Guest
+		def roles
+			[:guest]
+		end
+	end
+end

data/lib/generic_auth/rules.rb ADDED Viewed

@@ -0,0 +1,43 @@
+module GenericAuth
+	class Rules
+		@role = nil
+		@wrapped = []
+		def self.define &block
+			instance_eval(&block)
+		end
+		def self.role role, &block
+			Engine.instance.add_role(role)
+			@role = role
+			yield
+		end
+		def self.permitted_to activities, options = {}, &block
+			activities = [activities] unless activities.is_a?(Array)
+			activities.each do |activity|
+				Engine.instance.add_activity(@role, activity)
+				@activity = activity
+				instance_eval(&block) if block_given?
+				unless @wrapped.include?(options[:on])
+					Engine.instance.wrap_class(options[:on])
+					@wrapped << options[:on]
+				end
+			end
+			@activity = nil
+		end
+		def self.context &block
+			raise 'Context must be declared inside an activity' if @activity.nil?
+			Engine.instance.add_context @role, @activity, &block if block_given?
+		end
+		def self.includes role
+			activities = Engine.instance.activities(role)
+			activities.each do |activity|
+				Engine.instance.add_activity(@role, activity)
+			end
+		end
+	end
+end

data/lib/generic_auth/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module GenericAuth
+  VERSION = "0.1.1"
+end

data/lib/generic_auth.rb ADDED Viewed

@@ -0,0 +1,9 @@
+require "active_support/all"
+require 'generic_auth/engine'
+require 'generic_auth/rules'
+require 'generic_auth/guest'
+require 'generic_auth/guard'
+require 'generic_auth/auth_error'
+module GenericAuth
+end

metadata ADDED Viewed

@@ -0,0 +1,123 @@
+--- !ruby/object:Gem::Specification
+name: generic_auth
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+  prerelease:
+platform: ruby
+authors:
+- Chris McLeod
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2012-08-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ! "This gem works on the most basic ruby classes. Its only dependency
+  is activesupport for some\n                     string and inflector functionality.
+  \ GenericAuth is very easy to use, simply create a rules file and your class methods\n
+  \                    are automatically wrapped to invoke authorization methods before
+  they are run.  You must set the user which must\n                     respond to
+  a roles method.  Your authorized classes must also specify which methods should
+  be authorized (generic_auth_on method) \n                     as an array of symbols
+  (see specs).  Other than that, its automatic"
+email:
+- chris12295@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/generic_auth.rb
+- lib/generic_auth/auth_error.rb
+- lib/generic_auth/engine.rb
+- lib/generic_auth/guard.rb
+- lib/generic_auth/guest.rb
+- lib/generic_auth/rules.rb
+- lib/generic_auth/version.rb
+homepage: https://github.com/chrismcleod/generic_auth
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: ! '[none]'
+rubygems_version: 1.8.23
+signing_key:
+specification_version: 3
+summary: Generic authorization for any class and framework
+test_files: []