grant 2.1.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/README.rdoc +5 -1
- data/grant.gemspec +3 -4
- data/lib/grant.rb +0 -5
- data/lib/grant/status.rb +71 -5
- data/lib/grant/version.rb +1 -1
- data/run_test.sh +16 -0
- data/spec/grantable_spec.rb +1 -1
- data/spec/status_spec.rb +48 -0
- metadata +61 -102
- data/lib/grant/integration.rb +0 -5
- data/lib/grant/model_security.rb +0 -7
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 6a9b86c1e0b9860495eefdb5fc8596b14bb4ceca
|
4
|
+
data.tar.gz: 2645c84a2d13f358efc4d47dbc9060a5ea7ddec1
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: e2fa6522ad720325ea322b58de103aa818ccfbee3375b4f241bf8d0c95237f9280ec8491e0e7870ce96189bab92be4ddb107d2780486773184239960b8c13a1a
|
7
|
+
data.tar.gz: 49a613c5752e38303ce1f08cef27092916d8c23822f0c5b040c27df7a36d73f7480287985fc4a12aceb6000829b9266f86482a3949d6c2374c731a2d2101b409
|
data/.ruby-gemset
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
grant
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby-2.2.3
|
data/README.rdoc
CHANGED
@@ -107,4 +107,8 @@ you can include the Grant::Status module for help.
|
|
107
107
|
end
|
108
108
|
end
|
109
109
|
|
110
|
-
|
110
|
+
= License
|
111
|
+
|
112
|
+
Grant is released under the MIT license.
|
113
|
+
|
114
|
+
Copyright (c) 2011 Near Infinity. http://www.nearinfinity.com
|
data/grant.gemspec
CHANGED
@@ -7,7 +7,7 @@ Gem::Specification.new do |s|
|
|
7
7
|
s.version = Grant::VERSION
|
8
8
|
s.platform = Gem::Platform::RUBY
|
9
9
|
s.authors = ["Jeff Kunkle", "Matt Wizeman"]
|
10
|
-
s.homepage = "http://github.com/
|
10
|
+
s.homepage = "http://github.com/AnalyticsMediaGroup/grant"
|
11
11
|
s.summary = "Conscious security constraints for your ActiveRecord model objects"
|
12
12
|
s.description = "Grant is a Ruby gem and Rails plugin that forces you to make explicit security decisions about the operations performed on your ActiveRecord models."
|
13
13
|
s.license = "MIT"
|
@@ -17,9 +17,8 @@ Gem::Specification.new do |s|
|
|
17
17
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
18
18
|
s.require_paths = ["lib"]
|
19
19
|
|
20
|
-
s.add_dependency('activerecord', '
|
20
|
+
s.add_dependency('activerecord', '>= 4.0.0')
|
21
21
|
|
22
22
|
s.add_development_dependency('rspec', '2.5.0')
|
23
|
-
s.add_development_dependency('sqlite3
|
24
|
-
s.add_development_dependency('activerecord', '> 3.0.0')
|
23
|
+
s.add_development_dependency('sqlite3', '1.3.9')
|
25
24
|
end
|
data/lib/grant.rb
CHANGED
@@ -2,11 +2,6 @@ require 'active_record'
|
|
2
2
|
require 'grant/grantable'
|
3
3
|
require 'grant/error'
|
4
4
|
|
5
|
-
# TODO: Remove these two requires when backwards compatibility with grant 2.0.0
|
6
|
-
# is no longer necessary
|
7
|
-
require 'grant/integration'
|
8
|
-
require 'grant/model_security'
|
9
|
-
|
10
5
|
ActiveRecord::Base.send :include, Grant::Grantable
|
11
6
|
|
12
7
|
if defined?(ActionController) and defined?(ActionController::Base)
|
data/lib/grant/status.rb
CHANGED
@@ -1,20 +1,84 @@
|
|
1
1
|
module Grant
|
2
2
|
module Status
|
3
|
+
#
|
4
|
+
# Thread dependant status
|
5
|
+
#
|
6
|
+
module MonoThread
|
7
|
+
module InstanceMethods
|
8
|
+
#
|
9
|
+
# 1 status per thread
|
10
|
+
#
|
11
|
+
def is_grant_disabled
|
12
|
+
Thread.current[:grant_disabled]
|
13
|
+
end
|
3
14
|
|
15
|
+
def is_grant_disabled= value
|
16
|
+
Thread.current[:grant_disabled] = value
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.included receiver
|
21
|
+
receiver.send :include, InstanceMethods
|
22
|
+
receiver.module_eval do
|
23
|
+
module_function :is_grant_disabled, :is_grant_disabled=
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
#
|
29
|
+
# Multi thread status
|
30
|
+
#
|
31
|
+
module MultiThread
|
32
|
+
module InstanceMethods
|
33
|
+
def is_grant_disabled
|
34
|
+
@@grant_disabled ||= false
|
35
|
+
end
|
36
|
+
|
37
|
+
def is_grant_disabled= value
|
38
|
+
@@grant_disabled = value
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.included receiver
|
43
|
+
receiver.send :include, InstanceMethods
|
44
|
+
receiver.module_eval do
|
45
|
+
module_function :is_grant_disabled, :is_grant_disabled=
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
include MonoThread
|
51
|
+
|
52
|
+
#
|
53
|
+
# Change to global status (use ONLY in test env)
|
54
|
+
#
|
55
|
+
def switch_to_multithread
|
56
|
+
Grant::Status.send :include, MultiThread
|
57
|
+
end
|
58
|
+
def switch_to_monothread
|
59
|
+
Grant::Status.send :include, MonoThread
|
60
|
+
end
|
61
|
+
|
62
|
+
#
|
63
|
+
# Status
|
64
|
+
#
|
4
65
|
def grant_disabled?
|
5
|
-
|
66
|
+
is_grant_disabled == true
|
6
67
|
end
|
7
68
|
|
8
69
|
def grant_enabled?
|
9
|
-
|
70
|
+
! grant_disabled?
|
10
71
|
end
|
11
72
|
|
73
|
+
#
|
74
|
+
# Getters/Setters
|
75
|
+
#
|
12
76
|
def disable_grant
|
13
|
-
|
77
|
+
self.is_grant_disabled = true
|
14
78
|
end
|
15
79
|
|
16
80
|
def enable_grant
|
17
|
-
|
81
|
+
self.is_grant_disabled = false
|
18
82
|
end
|
19
83
|
|
20
84
|
def without_grant
|
@@ -56,6 +120,8 @@ module Grant
|
|
56
120
|
result
|
57
121
|
end
|
58
122
|
|
59
|
-
module_function :grant_enabled?, :grant_disabled?, :disable_grant, :enable_grant,
|
123
|
+
module_function :grant_enabled?, :grant_disabled?, :disable_grant, :enable_grant,
|
124
|
+
:without_grant, :with_grant, :do_as, :switch_to_multithread,
|
125
|
+
:switch_to_monothread
|
60
126
|
end
|
61
127
|
end
|
data/lib/grant/version.rb
CHANGED
data/run_test.sh
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
|
3
|
+
set -e
|
4
|
+
|
5
|
+
rubies=("ruby-1.9.3" "ruby-2.0.0" "ruby-2.1.3" "ruby-2.2.3")
|
6
|
+
for i in "${rubies[@]}"
|
7
|
+
do
|
8
|
+
echo "====================================================="
|
9
|
+
echo "$i: Start Test"
|
10
|
+
echo "====================================================="
|
11
|
+
rvm $i exec bundle
|
12
|
+
rvm $i exec bundle exec rspec spec
|
13
|
+
echo "====================================================="
|
14
|
+
echo "$i: End Test"
|
15
|
+
echo "====================================================="
|
16
|
+
done
|
data/spec/grantable_spec.rb
CHANGED
data/spec/status_spec.rb
CHANGED
@@ -2,6 +2,10 @@ require File.dirname(__FILE__) + '/spec_helper'
|
|
2
2
|
require 'grant/status'
|
3
3
|
|
4
4
|
describe Grant::Status do
|
5
|
+
it "should be enabled by default" do
|
6
|
+
Grant::Status.grant_enabled?.should be_true
|
7
|
+
end
|
8
|
+
|
5
9
|
it "should be enabled if set to enabled" do
|
6
10
|
obj = Class.new do
|
7
11
|
include Grant::Status
|
@@ -23,4 +27,48 @@ describe Grant::Status do
|
|
23
27
|
Grant::Status.grant_enabled?.should be_false
|
24
28
|
Grant::Status.grant_disabled?.should be_true
|
25
29
|
end
|
30
|
+
|
31
|
+
describe "threads" do
|
32
|
+
context "when mono thread" do
|
33
|
+
before { Grant::Status.disable_grant }
|
34
|
+
after { Grant::Status.enable_grant }
|
35
|
+
|
36
|
+
it "should be disabled in current thread" do
|
37
|
+
Grant::Status.grant_enabled?.should be_false
|
38
|
+
end
|
39
|
+
|
40
|
+
it "should still be enable in another thread" do |variable|
|
41
|
+
t = Thread.new do
|
42
|
+
Grant::Status.grant_enabled?.should be_true
|
43
|
+
end
|
44
|
+
t.join
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
context "when multithread" do
|
49
|
+
before do
|
50
|
+
Grant::Status.switch_to_multithread
|
51
|
+
Grant::Status.disable_grant
|
52
|
+
end
|
53
|
+
after do
|
54
|
+
Grant::Status.enable_grant
|
55
|
+
Grant::Status.switch_to_monothread
|
56
|
+
end
|
57
|
+
|
58
|
+
it "should have set class variable" do
|
59
|
+
Grant::Status.class_variable_get(:@@grant_disabled).should be_true
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should be disabled in current thread" do
|
63
|
+
Grant::Status.grant_enabled?.should be_false
|
64
|
+
end
|
65
|
+
|
66
|
+
it "should also be disabled in another thread" do |variable|
|
67
|
+
t = Thread.new do
|
68
|
+
Grant::Status.grant_enabled?.should be_false
|
69
|
+
end
|
70
|
+
t.join
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
26
74
|
end
|
metadata
CHANGED
@@ -1,97 +1,67 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: grant
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
prerelease:
|
6
|
-
segments:
|
7
|
-
- 2
|
8
|
-
- 1
|
9
|
-
- 0
|
10
|
-
version: 2.1.0
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 3.0.0
|
11
5
|
platform: ruby
|
12
|
-
authors:
|
6
|
+
authors:
|
13
7
|
- Jeff Kunkle
|
14
8
|
- Matt Wizeman
|
15
9
|
autorequire:
|
16
10
|
bindir: bin
|
17
11
|
cert_chain: []
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
dependencies:
|
22
|
-
- !ruby/object:Gem::Dependency
|
12
|
+
date: 2016-01-19 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
23
15
|
name: activerecord
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
- !ruby/object:Gem::Version
|
30
|
-
hash: 7
|
31
|
-
segments:
|
32
|
-
- 3
|
33
|
-
- 0
|
34
|
-
- 0
|
35
|
-
version: 3.0.0
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - ">="
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: 4.0.0
|
36
21
|
type: :runtime
|
37
|
-
version_requirements: *id001
|
38
|
-
- !ruby/object:Gem::Dependency
|
39
|
-
name: rspec
|
40
22
|
prerelease: false
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - ">="
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: 4.0.0
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: rspec
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - '='
|
33
|
+
- !ruby/object:Gem::Version
|
51
34
|
version: 2.5.0
|
52
35
|
type: :development
|
53
|
-
version_requirements: *id002
|
54
|
-
- !ruby/object:Gem::Dependency
|
55
|
-
name: sqlite3-ruby
|
56
36
|
prerelease: false
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - '='
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: 2.5.0
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: sqlite3
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - '='
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: 1.3.9
|
68
49
|
type: :development
|
69
|
-
version_requirements: *id003
|
70
|
-
- !ruby/object:Gem::Dependency
|
71
|
-
name: activerecord
|
72
50
|
prerelease: false
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
- 3
|
81
|
-
- 0
|
82
|
-
- 0
|
83
|
-
version: 3.0.0
|
84
|
-
type: :development
|
85
|
-
version_requirements: *id004
|
86
|
-
description: Grant is a Ruby gem and Rails plugin that forces you to make explicit security decisions about the operations performed on your ActiveRecord models.
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - '='
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: 1.3.9
|
56
|
+
description: Grant is a Ruby gem and Rails plugin that forces you to make explicit
|
57
|
+
security decisions about the operations performed on your ActiveRecord models.
|
87
58
|
email:
|
88
59
|
executables: []
|
89
|
-
|
90
60
|
extensions: []
|
91
|
-
|
92
61
|
extra_rdoc_files: []
|
93
|
-
|
94
|
-
|
62
|
+
files:
|
63
|
+
- ".ruby-gemset"
|
64
|
+
- ".ruby-version"
|
95
65
|
- CHANGELOG.md
|
96
66
|
- LICENSE
|
97
67
|
- README.rdoc
|
@@ -102,12 +72,11 @@ files:
|
|
102
72
|
- lib/grant/error.rb
|
103
73
|
- lib/grant/grantable.rb
|
104
74
|
- lib/grant/grantor.rb
|
105
|
-
- lib/grant/integration.rb
|
106
|
-
- lib/grant/model_security.rb
|
107
75
|
- lib/grant/spec_helpers.rb
|
108
76
|
- lib/grant/status.rb
|
109
77
|
- lib/grant/user.rb
|
110
78
|
- lib/grant/version.rb
|
79
|
+
- run_test.sh
|
111
80
|
- spec/config_spec.rb
|
112
81
|
- spec/error_spec.rb
|
113
82
|
- spec/grantable_spec.rb
|
@@ -117,41 +86,31 @@ files:
|
|
117
86
|
- spec/support/db_setup.rb
|
118
87
|
- spec/support/transactional_specs.rb
|
119
88
|
- spec/user_spec.rb
|
120
|
-
|
121
|
-
|
122
|
-
licenses:
|
89
|
+
homepage: http://github.com/AnalyticsMediaGroup/grant
|
90
|
+
licenses:
|
123
91
|
- MIT
|
92
|
+
metadata: {}
|
124
93
|
post_install_message:
|
125
94
|
rdoc_options: []
|
126
|
-
|
127
|
-
require_paths:
|
95
|
+
require_paths:
|
128
96
|
- lib
|
129
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
130
|
-
|
131
|
-
requirements:
|
97
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
98
|
+
requirements:
|
132
99
|
- - ">="
|
133
|
-
- !ruby/object:Gem::Version
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
version: "0"
|
138
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
139
|
-
none: false
|
140
|
-
requirements:
|
100
|
+
- !ruby/object:Gem::Version
|
101
|
+
version: '0'
|
102
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
103
|
+
requirements:
|
141
104
|
- - ">="
|
142
|
-
- !ruby/object:Gem::Version
|
143
|
-
|
144
|
-
segments:
|
145
|
-
- 0
|
146
|
-
version: "0"
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
version: '0'
|
147
107
|
requirements: []
|
148
|
-
|
149
108
|
rubyforge_project:
|
150
|
-
rubygems_version:
|
109
|
+
rubygems_version: 2.4.5.1
|
151
110
|
signing_key:
|
152
|
-
specification_version:
|
111
|
+
specification_version: 4
|
153
112
|
summary: Conscious security constraints for your ActiveRecord model objects
|
154
|
-
test_files:
|
113
|
+
test_files:
|
155
114
|
- spec/config_spec.rb
|
156
115
|
- spec/error_spec.rb
|
157
116
|
- spec/grantable_spec.rb
|
data/lib/grant/integration.rb
DELETED