graylog2-declarative_authorization 0.5.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +153 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +529 -0
- data/Rakefile +35 -0
- data/app/controllers/authorization_rules_controller.rb +259 -0
- data/app/controllers/authorization_usages_controller.rb +23 -0
- data/app/helpers/authorization_rules_helper.rb +218 -0
- data/app/views/authorization_rules/_change.erb +58 -0
- data/app/views/authorization_rules/_show_graph.erb +44 -0
- data/app/views/authorization_rules/_suggestions.erb +48 -0
- data/app/views/authorization_rules/change.html.erb +169 -0
- data/app/views/authorization_rules/graph.dot.erb +68 -0
- data/app/views/authorization_rules/graph.html.erb +47 -0
- data/app/views/authorization_rules/index.html.erb +17 -0
- data/app/views/authorization_usages/index.html.erb +36 -0
- data/authorization_rules.dist.rb +20 -0
- data/config/routes.rb +20 -0
- data/garlic_example.rb +20 -0
- data/init.rb +5 -0
- data/lib/declarative_authorization.rb +17 -0
- data/lib/declarative_authorization/authorization.rb +705 -0
- data/lib/declarative_authorization/development_support/analyzer.rb +252 -0
- data/lib/declarative_authorization/development_support/change_analyzer.rb +253 -0
- data/lib/declarative_authorization/development_support/change_supporter.rb +620 -0
- data/lib/declarative_authorization/development_support/development_support.rb +243 -0
- data/lib/declarative_authorization/helper.rb +68 -0
- data/lib/declarative_authorization/in_controller.rb +645 -0
- data/lib/declarative_authorization/in_model.rb +162 -0
- data/lib/declarative_authorization/maintenance.rb +212 -0
- data/lib/declarative_authorization/obligation_scope.rb +354 -0
- data/lib/declarative_authorization/rails_legacy.rb +22 -0
- data/lib/declarative_authorization/railsengine.rb +6 -0
- data/lib/declarative_authorization/reader.rb +521 -0
- data/lib/tasks/authorization_tasks.rake +82 -0
- data/test/authorization_test.rb +1104 -0
- data/test/controller_filter_resource_access_test.rb +511 -0
- data/test/controller_test.rb +480 -0
- data/test/dsl_reader_test.rb +178 -0
- data/test/helper_test.rb +247 -0
- data/test/maintenance_test.rb +46 -0
- data/test/model_test.rb +1883 -0
- data/test/schema.sql +55 -0
- data/test/test_helper.rb +152 -0
- metadata +112 -0
data/test/schema.sql
ADDED
@@ -0,0 +1,55 @@
|
|
1
|
+
CREATE TABLE 'test_models' (
|
2
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
3
|
+
'test_attr_through_id' INTEGER,
|
4
|
+
'content' text,
|
5
|
+
'country_id' integer,
|
6
|
+
'created_at' datetime,
|
7
|
+
'updated_at' datetime
|
8
|
+
);
|
9
|
+
|
10
|
+
CREATE TABLE 'test_attrs' (
|
11
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
12
|
+
'test_model_id' integer,
|
13
|
+
'test_another_model_id' integer,
|
14
|
+
'test_a_third_model_id' integer,
|
15
|
+
'branch_id' integer,
|
16
|
+
'company_id' integer,
|
17
|
+
'test_attr_through_id' INTEGER,
|
18
|
+
'n_way_join_item_id' INTEGER,
|
19
|
+
'test_model_security_model_id' integer,
|
20
|
+
'attr' integer default 1
|
21
|
+
);
|
22
|
+
|
23
|
+
CREATE TABLE 'test_attr_throughs' (
|
24
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
25
|
+
'test_attr_id' integer
|
26
|
+
);
|
27
|
+
|
28
|
+
CREATE TABLE 'test_model_security_models' (
|
29
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
30
|
+
'attr' integer default 1,
|
31
|
+
'attr_2' integer default 1,
|
32
|
+
'test_attr_id' integer
|
33
|
+
);
|
34
|
+
|
35
|
+
CREATE TABLE 'n_way_join_items' (
|
36
|
+
'id' INTEGER PRIMARY KEY NOT NULL
|
37
|
+
);
|
38
|
+
|
39
|
+
CREATE TABLE 'branches' (
|
40
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
41
|
+
'company_id' integer,
|
42
|
+
'name' text
|
43
|
+
);
|
44
|
+
|
45
|
+
CREATE TABLE 'companies' (
|
46
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
47
|
+
'country_id' integer,
|
48
|
+
'type' text,
|
49
|
+
'name' text
|
50
|
+
);
|
51
|
+
|
52
|
+
CREATE TABLE 'countries' (
|
53
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
54
|
+
'name' text
|
55
|
+
);
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,152 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'pathname'
|
3
|
+
|
4
|
+
unless defined?(RAILS_ROOT)
|
5
|
+
RAILS_ROOT = ENV['RAILS_ROOT'] ?
|
6
|
+
ENV['RAILS_ROOT'] + "" :
|
7
|
+
File.join(File.dirname(__FILE__), %w{.. .. .. ..})
|
8
|
+
end
|
9
|
+
|
10
|
+
unless defined?(ActiveRecord)
|
11
|
+
if File.directory? RAILS_ROOT + '/config'
|
12
|
+
puts 'Using config/boot.rb'
|
13
|
+
ENV['RAILS_ENV'] = 'test'
|
14
|
+
require File.join(RAILS_ROOT, 'config', 'environment.rb')
|
15
|
+
else
|
16
|
+
# simply use installed gems if available
|
17
|
+
version_requirement = ENV['RAILS_VERSION'] ? "= #{ENV['RAILS_VERSION']}" : "> 2.1.0"
|
18
|
+
puts "Using Rails from RubyGems (#{version_requirement || "default"})"
|
19
|
+
require 'rubygems'
|
20
|
+
%w{actionpack activerecord activesupport rails}.each do |gem_name|
|
21
|
+
gem gem_name, version_requirement
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
unless defined?(Rails) # needs to be explicit in Rails < 3
|
26
|
+
%w(action_pack action_controller active_record active_support initializer).each {|f| require f}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
|
31
|
+
|
32
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
|
33
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
|
34
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
|
35
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
|
36
|
+
|
37
|
+
begin
|
38
|
+
require 'ruby-debug'
|
39
|
+
rescue MissingSourceFile; end
|
40
|
+
|
41
|
+
|
42
|
+
class MockDataObject
|
43
|
+
def initialize (attrs = {})
|
44
|
+
attrs.each do |key, value|
|
45
|
+
instance_variable_set(:"@#{key}", value)
|
46
|
+
self.class.class_eval do
|
47
|
+
attr_reader key
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
def self.descends_from_active_record?
|
53
|
+
true
|
54
|
+
end
|
55
|
+
|
56
|
+
def self.table_name
|
57
|
+
name.tableize
|
58
|
+
end
|
59
|
+
|
60
|
+
def self.name
|
61
|
+
"Mock"
|
62
|
+
end
|
63
|
+
|
64
|
+
def self.find(*args)
|
65
|
+
raise StandardError, "Couldn't find #{self.name} with id #{args[0].inspect}" unless args[0]
|
66
|
+
new :id => args[0]
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
class MockUser < MockDataObject
|
71
|
+
def initialize (*roles)
|
72
|
+
options = roles.last.is_a?(::Hash) ? roles.pop : {}
|
73
|
+
super({:role_symbols => roles, :login => hash}.merge(options))
|
74
|
+
end
|
75
|
+
|
76
|
+
def initialize_copy (other)
|
77
|
+
@role_symbols = @role_symbols.clone
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
class MocksController < ActionController::Base
|
82
|
+
attr_accessor :current_user
|
83
|
+
attr_writer :authorization_engine
|
84
|
+
|
85
|
+
def authorized?
|
86
|
+
!!@authorized
|
87
|
+
end
|
88
|
+
|
89
|
+
def self.define_action_methods (*methods)
|
90
|
+
methods.each do |method|
|
91
|
+
define_method method do
|
92
|
+
@authorized = true
|
93
|
+
render :text => 'nothing'
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
def self.define_resource_actions
|
99
|
+
define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
|
100
|
+
end
|
101
|
+
|
102
|
+
def logger (*args)
|
103
|
+
Class.new do
|
104
|
+
def warn(*args)
|
105
|
+
#p args
|
106
|
+
end
|
107
|
+
alias_method :info, :warn
|
108
|
+
alias_method :debug, :warn
|
109
|
+
def warn?; end
|
110
|
+
alias_method :info?, :warn?
|
111
|
+
alias_method :debug?, :warn?
|
112
|
+
end.new
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
if Rails.version < "3"
|
117
|
+
ActionController::Routing::Routes.draw do |map|
|
118
|
+
map.connect ':controller/:action/:id'
|
119
|
+
end
|
120
|
+
else
|
121
|
+
Rails::Application.routes.draw do
|
122
|
+
match '/name/spaced_things(/:action)' => 'name/spaced_things'
|
123
|
+
match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things'
|
124
|
+
match '/:controller(/:action(/:id))'
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
ActionController::Base.send :include, Authorization::AuthorizationInController
|
129
|
+
if Rails.version < "3"
|
130
|
+
require "action_controller/test_process"
|
131
|
+
end
|
132
|
+
|
133
|
+
class Test::Unit::TestCase
|
134
|
+
include Authorization::TestHelper
|
135
|
+
|
136
|
+
def request! (user, action, reader, params = {})
|
137
|
+
action = action.to_sym if action.is_a?(String)
|
138
|
+
@controller.current_user = user
|
139
|
+
@controller.authorization_engine = Authorization::Engine.new(reader)
|
140
|
+
|
141
|
+
((params.delete(:clear) || []) + [:@authorized]).each do |var|
|
142
|
+
@controller.instance_variable_set(var, nil)
|
143
|
+
end
|
144
|
+
get action, params
|
145
|
+
end
|
146
|
+
|
147
|
+
unless Rails.version < "3"
|
148
|
+
def setup
|
149
|
+
@routes = Rails::Application.routes
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
metadata
ADDED
@@ -0,0 +1,112 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: graylog2-declarative_authorization
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 15
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 5
|
9
|
+
- 2
|
10
|
+
version: 0.5.2
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Steffen Bartsch
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2011-04-11 00:00:00 +02:00
|
19
|
+
default_executable:
|
20
|
+
dependencies: []
|
21
|
+
|
22
|
+
description:
|
23
|
+
email: info@graylog2.org
|
24
|
+
executables: []
|
25
|
+
|
26
|
+
extensions: []
|
27
|
+
|
28
|
+
extra_rdoc_files:
|
29
|
+
- README.rdoc
|
30
|
+
- CHANGELOG
|
31
|
+
files:
|
32
|
+
- CHANGELOG
|
33
|
+
- MIT-LICENSE
|
34
|
+
- README.rdoc
|
35
|
+
- Rakefile
|
36
|
+
- authorization_rules.dist.rb
|
37
|
+
- garlic_example.rb
|
38
|
+
- init.rb
|
39
|
+
- app/controllers/authorization_rules_controller.rb
|
40
|
+
- app/controllers/authorization_usages_controller.rb
|
41
|
+
- app/helpers/authorization_rules_helper.rb
|
42
|
+
- app/views/authorization_rules/_change.erb
|
43
|
+
- app/views/authorization_rules/_show_graph.erb
|
44
|
+
- app/views/authorization_rules/_suggestions.erb
|
45
|
+
- app/views/authorization_rules/change.html.erb
|
46
|
+
- app/views/authorization_rules/graph.dot.erb
|
47
|
+
- app/views/authorization_rules/graph.html.erb
|
48
|
+
- app/views/authorization_rules/index.html.erb
|
49
|
+
- app/views/authorization_usages/index.html.erb
|
50
|
+
- config/routes.rb
|
51
|
+
- lib/declarative_authorization.rb
|
52
|
+
- lib/declarative_authorization/authorization.rb
|
53
|
+
- lib/declarative_authorization/development_support/analyzer.rb
|
54
|
+
- lib/declarative_authorization/development_support/change_analyzer.rb
|
55
|
+
- lib/declarative_authorization/development_support/change_supporter.rb
|
56
|
+
- lib/declarative_authorization/development_support/development_support.rb
|
57
|
+
- lib/declarative_authorization/helper.rb
|
58
|
+
- lib/declarative_authorization/in_controller.rb
|
59
|
+
- lib/declarative_authorization/in_model.rb
|
60
|
+
- lib/declarative_authorization/maintenance.rb
|
61
|
+
- lib/declarative_authorization/obligation_scope.rb
|
62
|
+
- lib/declarative_authorization/rails_legacy.rb
|
63
|
+
- lib/declarative_authorization/railsengine.rb
|
64
|
+
- lib/declarative_authorization/reader.rb
|
65
|
+
- lib/tasks/authorization_tasks.rake
|
66
|
+
- test/authorization_test.rb
|
67
|
+
- test/controller_filter_resource_access_test.rb
|
68
|
+
- test/controller_test.rb
|
69
|
+
- test/dsl_reader_test.rb
|
70
|
+
- test/helper_test.rb
|
71
|
+
- test/maintenance_test.rb
|
72
|
+
- test/model_test.rb
|
73
|
+
- test/schema.sql
|
74
|
+
- test/test_helper.rb
|
75
|
+
has_rdoc: true
|
76
|
+
homepage: http://github.com/cipherpunk/declarative_authorization
|
77
|
+
licenses: []
|
78
|
+
|
79
|
+
post_install_message:
|
80
|
+
rdoc_options: []
|
81
|
+
|
82
|
+
require_paths:
|
83
|
+
- lib
|
84
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
85
|
+
none: false
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
hash: 59
|
90
|
+
segments:
|
91
|
+
- 1
|
92
|
+
- 8
|
93
|
+
- 6
|
94
|
+
version: 1.8.6
|
95
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
96
|
+
none: false
|
97
|
+
requirements:
|
98
|
+
- - ">="
|
99
|
+
- !ruby/object:Gem::Version
|
100
|
+
hash: 3
|
101
|
+
segments:
|
102
|
+
- 0
|
103
|
+
version: "0"
|
104
|
+
requirements: []
|
105
|
+
|
106
|
+
rubyforge_project:
|
107
|
+
rubygems_version: 1.6.0
|
108
|
+
signing_key:
|
109
|
+
specification_version: 3
|
110
|
+
summary: This is the graylog2 fork of the declarative_authorization gem. declarative_authorization is a Rails plugin for maintainable authorization based on readable authorization rules.
|
111
|
+
test_files: []
|
112
|
+
|