graylog2-declarative_authorization 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG +153 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +529 -0
- data/Rakefile +35 -0
- data/app/controllers/authorization_rules_controller.rb +259 -0
- data/app/controllers/authorization_usages_controller.rb +23 -0
- data/app/helpers/authorization_rules_helper.rb +218 -0
- data/app/views/authorization_rules/_change.erb +58 -0
- data/app/views/authorization_rules/_show_graph.erb +44 -0
- data/app/views/authorization_rules/_suggestions.erb +48 -0
- data/app/views/authorization_rules/change.html.erb +169 -0
- data/app/views/authorization_rules/graph.dot.erb +68 -0
- data/app/views/authorization_rules/graph.html.erb +47 -0
- data/app/views/authorization_rules/index.html.erb +17 -0
- data/app/views/authorization_usages/index.html.erb +36 -0
- data/authorization_rules.dist.rb +20 -0
- data/config/routes.rb +20 -0
- data/garlic_example.rb +20 -0
- data/init.rb +5 -0
- data/lib/declarative_authorization.rb +17 -0
- data/lib/declarative_authorization/authorization.rb +705 -0
- data/lib/declarative_authorization/development_support/analyzer.rb +252 -0
- data/lib/declarative_authorization/development_support/change_analyzer.rb +253 -0
- data/lib/declarative_authorization/development_support/change_supporter.rb +620 -0
- data/lib/declarative_authorization/development_support/development_support.rb +243 -0
- data/lib/declarative_authorization/helper.rb +68 -0
- data/lib/declarative_authorization/in_controller.rb +645 -0
- data/lib/declarative_authorization/in_model.rb +162 -0
- data/lib/declarative_authorization/maintenance.rb +212 -0
- data/lib/declarative_authorization/obligation_scope.rb +354 -0
- data/lib/declarative_authorization/rails_legacy.rb +22 -0
- data/lib/declarative_authorization/railsengine.rb +6 -0
- data/lib/declarative_authorization/reader.rb +521 -0
- data/lib/tasks/authorization_tasks.rake +82 -0
- data/test/authorization_test.rb +1104 -0
- data/test/controller_filter_resource_access_test.rb +511 -0
- data/test/controller_test.rb +480 -0
- data/test/dsl_reader_test.rb +178 -0
- data/test/helper_test.rb +247 -0
- data/test/maintenance_test.rb +46 -0
- data/test/model_test.rb +1883 -0
- data/test/schema.sql +55 -0
- data/test/test_helper.rb +152 -0
- metadata +112 -0
data/test/schema.sql
ADDED
@@ -0,0 +1,55 @@
|
|
1
|
+
CREATE TABLE 'test_models' (
|
2
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
3
|
+
'test_attr_through_id' INTEGER,
|
4
|
+
'content' text,
|
5
|
+
'country_id' integer,
|
6
|
+
'created_at' datetime,
|
7
|
+
'updated_at' datetime
|
8
|
+
);
|
9
|
+
|
10
|
+
CREATE TABLE 'test_attrs' (
|
11
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
12
|
+
'test_model_id' integer,
|
13
|
+
'test_another_model_id' integer,
|
14
|
+
'test_a_third_model_id' integer,
|
15
|
+
'branch_id' integer,
|
16
|
+
'company_id' integer,
|
17
|
+
'test_attr_through_id' INTEGER,
|
18
|
+
'n_way_join_item_id' INTEGER,
|
19
|
+
'test_model_security_model_id' integer,
|
20
|
+
'attr' integer default 1
|
21
|
+
);
|
22
|
+
|
23
|
+
CREATE TABLE 'test_attr_throughs' (
|
24
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
25
|
+
'test_attr_id' integer
|
26
|
+
);
|
27
|
+
|
28
|
+
CREATE TABLE 'test_model_security_models' (
|
29
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
30
|
+
'attr' integer default 1,
|
31
|
+
'attr_2' integer default 1,
|
32
|
+
'test_attr_id' integer
|
33
|
+
);
|
34
|
+
|
35
|
+
CREATE TABLE 'n_way_join_items' (
|
36
|
+
'id' INTEGER PRIMARY KEY NOT NULL
|
37
|
+
);
|
38
|
+
|
39
|
+
CREATE TABLE 'branches' (
|
40
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
41
|
+
'company_id' integer,
|
42
|
+
'name' text
|
43
|
+
);
|
44
|
+
|
45
|
+
CREATE TABLE 'companies' (
|
46
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
47
|
+
'country_id' integer,
|
48
|
+
'type' text,
|
49
|
+
'name' text
|
50
|
+
);
|
51
|
+
|
52
|
+
CREATE TABLE 'countries' (
|
53
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
54
|
+
'name' text
|
55
|
+
);
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,152 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'pathname'
|
3
|
+
|
4
|
+
unless defined?(RAILS_ROOT)
|
5
|
+
RAILS_ROOT = ENV['RAILS_ROOT'] ?
|
6
|
+
ENV['RAILS_ROOT'] + "" :
|
7
|
+
File.join(File.dirname(__FILE__), %w{.. .. .. ..})
|
8
|
+
end
|
9
|
+
|
10
|
+
unless defined?(ActiveRecord)
|
11
|
+
if File.directory? RAILS_ROOT + '/config'
|
12
|
+
puts 'Using config/boot.rb'
|
13
|
+
ENV['RAILS_ENV'] = 'test'
|
14
|
+
require File.join(RAILS_ROOT, 'config', 'environment.rb')
|
15
|
+
else
|
16
|
+
# simply use installed gems if available
|
17
|
+
version_requirement = ENV['RAILS_VERSION'] ? "= #{ENV['RAILS_VERSION']}" : "> 2.1.0"
|
18
|
+
puts "Using Rails from RubyGems (#{version_requirement || "default"})"
|
19
|
+
require 'rubygems'
|
20
|
+
%w{actionpack activerecord activesupport rails}.each do |gem_name|
|
21
|
+
gem gem_name, version_requirement
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
unless defined?(Rails) # needs to be explicit in Rails < 3
|
26
|
+
%w(action_pack action_controller active_record active_support initializer).each {|f| require f}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
|
31
|
+
|
32
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
|
33
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
|
34
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
|
35
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
|
36
|
+
|
37
|
+
begin
|
38
|
+
require 'ruby-debug'
|
39
|
+
rescue MissingSourceFile; end
|
40
|
+
|
41
|
+
|
42
|
+
class MockDataObject
|
43
|
+
def initialize (attrs = {})
|
44
|
+
attrs.each do |key, value|
|
45
|
+
instance_variable_set(:"@#{key}", value)
|
46
|
+
self.class.class_eval do
|
47
|
+
attr_reader key
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
def self.descends_from_active_record?
|
53
|
+
true
|
54
|
+
end
|
55
|
+
|
56
|
+
def self.table_name
|
57
|
+
name.tableize
|
58
|
+
end
|
59
|
+
|
60
|
+
def self.name
|
61
|
+
"Mock"
|
62
|
+
end
|
63
|
+
|
64
|
+
def self.find(*args)
|
65
|
+
raise StandardError, "Couldn't find #{self.name} with id #{args[0].inspect}" unless args[0]
|
66
|
+
new :id => args[0]
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
class MockUser < MockDataObject
|
71
|
+
def initialize (*roles)
|
72
|
+
options = roles.last.is_a?(::Hash) ? roles.pop : {}
|
73
|
+
super({:role_symbols => roles, :login => hash}.merge(options))
|
74
|
+
end
|
75
|
+
|
76
|
+
def initialize_copy (other)
|
77
|
+
@role_symbols = @role_symbols.clone
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
class MocksController < ActionController::Base
|
82
|
+
attr_accessor :current_user
|
83
|
+
attr_writer :authorization_engine
|
84
|
+
|
85
|
+
def authorized?
|
86
|
+
!!@authorized
|
87
|
+
end
|
88
|
+
|
89
|
+
def self.define_action_methods (*methods)
|
90
|
+
methods.each do |method|
|
91
|
+
define_method method do
|
92
|
+
@authorized = true
|
93
|
+
render :text => 'nothing'
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
def self.define_resource_actions
|
99
|
+
define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
|
100
|
+
end
|
101
|
+
|
102
|
+
def logger (*args)
|
103
|
+
Class.new do
|
104
|
+
def warn(*args)
|
105
|
+
#p args
|
106
|
+
end
|
107
|
+
alias_method :info, :warn
|
108
|
+
alias_method :debug, :warn
|
109
|
+
def warn?; end
|
110
|
+
alias_method :info?, :warn?
|
111
|
+
alias_method :debug?, :warn?
|
112
|
+
end.new
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
if Rails.version < "3"
|
117
|
+
ActionController::Routing::Routes.draw do |map|
|
118
|
+
map.connect ':controller/:action/:id'
|
119
|
+
end
|
120
|
+
else
|
121
|
+
Rails::Application.routes.draw do
|
122
|
+
match '/name/spaced_things(/:action)' => 'name/spaced_things'
|
123
|
+
match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things'
|
124
|
+
match '/:controller(/:action(/:id))'
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
ActionController::Base.send :include, Authorization::AuthorizationInController
|
129
|
+
if Rails.version < "3"
|
130
|
+
require "action_controller/test_process"
|
131
|
+
end
|
132
|
+
|
133
|
+
class Test::Unit::TestCase
|
134
|
+
include Authorization::TestHelper
|
135
|
+
|
136
|
+
def request! (user, action, reader, params = {})
|
137
|
+
action = action.to_sym if action.is_a?(String)
|
138
|
+
@controller.current_user = user
|
139
|
+
@controller.authorization_engine = Authorization::Engine.new(reader)
|
140
|
+
|
141
|
+
((params.delete(:clear) || []) + [:@authorized]).each do |var|
|
142
|
+
@controller.instance_variable_set(var, nil)
|
143
|
+
end
|
144
|
+
get action, params
|
145
|
+
end
|
146
|
+
|
147
|
+
unless Rails.version < "3"
|
148
|
+
def setup
|
149
|
+
@routes = Rails::Application.routes
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
metadata
ADDED
@@ -0,0 +1,112 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: graylog2-declarative_authorization
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 15
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 5
|
9
|
+
- 2
|
10
|
+
version: 0.5.2
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Steffen Bartsch
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2011-04-11 00:00:00 +02:00
|
19
|
+
default_executable:
|
20
|
+
dependencies: []
|
21
|
+
|
22
|
+
description:
|
23
|
+
email: info@graylog2.org
|
24
|
+
executables: []
|
25
|
+
|
26
|
+
extensions: []
|
27
|
+
|
28
|
+
extra_rdoc_files:
|
29
|
+
- README.rdoc
|
30
|
+
- CHANGELOG
|
31
|
+
files:
|
32
|
+
- CHANGELOG
|
33
|
+
- MIT-LICENSE
|
34
|
+
- README.rdoc
|
35
|
+
- Rakefile
|
36
|
+
- authorization_rules.dist.rb
|
37
|
+
- garlic_example.rb
|
38
|
+
- init.rb
|
39
|
+
- app/controllers/authorization_rules_controller.rb
|
40
|
+
- app/controllers/authorization_usages_controller.rb
|
41
|
+
- app/helpers/authorization_rules_helper.rb
|
42
|
+
- app/views/authorization_rules/_change.erb
|
43
|
+
- app/views/authorization_rules/_show_graph.erb
|
44
|
+
- app/views/authorization_rules/_suggestions.erb
|
45
|
+
- app/views/authorization_rules/change.html.erb
|
46
|
+
- app/views/authorization_rules/graph.dot.erb
|
47
|
+
- app/views/authorization_rules/graph.html.erb
|
48
|
+
- app/views/authorization_rules/index.html.erb
|
49
|
+
- app/views/authorization_usages/index.html.erb
|
50
|
+
- config/routes.rb
|
51
|
+
- lib/declarative_authorization.rb
|
52
|
+
- lib/declarative_authorization/authorization.rb
|
53
|
+
- lib/declarative_authorization/development_support/analyzer.rb
|
54
|
+
- lib/declarative_authorization/development_support/change_analyzer.rb
|
55
|
+
- lib/declarative_authorization/development_support/change_supporter.rb
|
56
|
+
- lib/declarative_authorization/development_support/development_support.rb
|
57
|
+
- lib/declarative_authorization/helper.rb
|
58
|
+
- lib/declarative_authorization/in_controller.rb
|
59
|
+
- lib/declarative_authorization/in_model.rb
|
60
|
+
- lib/declarative_authorization/maintenance.rb
|
61
|
+
- lib/declarative_authorization/obligation_scope.rb
|
62
|
+
- lib/declarative_authorization/rails_legacy.rb
|
63
|
+
- lib/declarative_authorization/railsengine.rb
|
64
|
+
- lib/declarative_authorization/reader.rb
|
65
|
+
- lib/tasks/authorization_tasks.rake
|
66
|
+
- test/authorization_test.rb
|
67
|
+
- test/controller_filter_resource_access_test.rb
|
68
|
+
- test/controller_test.rb
|
69
|
+
- test/dsl_reader_test.rb
|
70
|
+
- test/helper_test.rb
|
71
|
+
- test/maintenance_test.rb
|
72
|
+
- test/model_test.rb
|
73
|
+
- test/schema.sql
|
74
|
+
- test/test_helper.rb
|
75
|
+
has_rdoc: true
|
76
|
+
homepage: http://github.com/cipherpunk/declarative_authorization
|
77
|
+
licenses: []
|
78
|
+
|
79
|
+
post_install_message:
|
80
|
+
rdoc_options: []
|
81
|
+
|
82
|
+
require_paths:
|
83
|
+
- lib
|
84
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
85
|
+
none: false
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
hash: 59
|
90
|
+
segments:
|
91
|
+
- 1
|
92
|
+
- 8
|
93
|
+
- 6
|
94
|
+
version: 1.8.6
|
95
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
96
|
+
none: false
|
97
|
+
requirements:
|
98
|
+
- - ">="
|
99
|
+
- !ruby/object:Gem::Version
|
100
|
+
hash: 3
|
101
|
+
segments:
|
102
|
+
- 0
|
103
|
+
version: "0"
|
104
|
+
requirements: []
|
105
|
+
|
106
|
+
rubyforge_project:
|
107
|
+
rubygems_version: 1.6.0
|
108
|
+
signing_key:
|
109
|
+
specification_version: 3
|
110
|
+
summary: This is the graylog2 fork of the declarative_authorization gem. declarative_authorization is a Rails plugin for maintainable authorization based on readable authorization rules.
|
111
|
+
test_files: []
|
112
|
+
|