groot 1.0.0.beta → 2.0.0.beta

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6d417b0a6033a346014fa1da80643f88d33782e5
-  data.tar.gz: 416dfd442d194ac7c3413b716b1cf6cf34dbe7ec
+  metadata.gz: 02fd39bf89c0e097f26e5ad9af0af3eaa93ab424
+  data.tar.gz: 0b320981aaedaef263ecfa00e40ddf3d9a4bd731
 SHA512:
-  metadata.gz: c01092415acfe65c21a32192b0cf463d425db972d77ab27acd098ca66cf0e7fddefcb6c4f972576368f41a28e62fe083d711b6eb827bfef39f5c9ec6887dd386
-  data.tar.gz: f8c04a188fcb95c80bd9d1c8cf6ae16e7e4b4676948caa8e6363961be5f986942b07ece7afe887990e5968284bc184a6d47710277379d46c58d26e72c6abecc5
+  metadata.gz: 016c1be65ab0421e09d9caca10db02ffdbb4267808e8b65fd7de0f6cc528bc0bbc21a9c6712aaf01c8b92b822fba7bda6e16682e0a20532bb26ad15f376e35c9
+  data.tar.gz: 08e34a1fe263e1c0f78b4cbfe02d738abefa1665dcaf77749a615206268840b895e626bdcae8a7ebf74b1b88919b96d694e2b6e3c681dcb8e03e54e4df5f66ac

data/.gitignore

@@ -1,16 +1,15 @@
 .bundle/
 log/*.log
 pkg/
-/Gemfile.lock
 spec/dummy/db/*.sqlite3
 spec/dummy/db/*.sqlite3-journal
 spec/dummy/log/*.log
 spec/dummy/tmp/
 *.gem
 
-
+### Vagrant ###
+.vagrant/
 
 
 .DS_Store
 dump.rdb
-

data/Gemfile.lock

@@ -0,0 +1,122 @@
+PATH
+  remote: .
+  specs:
+    groot (2.0.0.beta)
+      bcrypt (~> 3.1, >= 3.1.7)
+      jwt (~> 1.5, >= 1.5.6)
+      rails (~> 5.0, >= 5.0.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.0.1)
+      actionpack (= 5.0.1)
+      nio4r (~> 1.2)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.0.1)
+      actionpack (= 5.0.1)
+      actionview (= 5.0.1)
+      activejob (= 5.0.1)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.0.1)
+      actionview (= 5.0.1)
+      activesupport (= 5.0.1)
+      rack (~> 2.0)
+      rack-test (~> 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.0.1)
+      activesupport (= 5.0.1)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    activejob (5.0.1)
+      activesupport (= 5.0.1)
+      globalid (>= 0.3.6)
+    activemodel (5.0.1)
+      activesupport (= 5.0.1)
+    activerecord (5.0.1)
+      activemodel (= 5.0.1)
+      activesupport (= 5.0.1)
+      arel (~> 7.0)
+    activesupport (5.0.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    arel (7.1.4)
+    bcrypt (3.1.11)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    erubis (2.7.0)
+    globalid (0.3.7)
+      activesupport (>= 4.1.0)
+    i18n (0.8.1)
+    jwt (1.5.6)
+    loofah (2.0.3)
+      nokogiri (>= 1.5.9)
+    mail (2.6.4)
+      mime-types (>= 1.16, < 4)
+    method_source (0.8.2)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_portile2 (2.1.0)
+    minitest (5.10.1)
+    nio4r (1.2.1)
+    nokogiri (1.7.0.1)
+      mini_portile2 (~> 2.1.0)
+    rack (2.0.1)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (5.0.1)
+      actioncable (= 5.0.1)
+      actionmailer (= 5.0.1)
+      actionpack (= 5.0.1)
+      actionview (= 5.0.1)
+      activejob (= 5.0.1)
+      activemodel (= 5.0.1)
+      activerecord (= 5.0.1)
+      activesupport (= 5.0.1)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 5.0.1)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.2)
+      activesupport (>= 4.2.0, < 6.0)
+      nokogiri (~> 1.6)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (5.0.1)
+      actionpack (= 5.0.1)
+      activesupport (= 5.0.1)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.0.0)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.0)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.13)
+    thor (0.19.4)
+    thread_safe (0.3.6)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+    websocket-driver (0.6.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  groot!
+  sqlite3 (~> 1.3)
+
+BUNDLED WITH
+   1.14.5

data/app/controllers/groot/{auth_controller.rb → sessions_controller.rb}

@@ -1,7 +1,5 @@
 module Groot
-  class AuthController < ApplicationController
-
-    # TODO Do something to get the real model 
+  class SessionsController < ApplicationController
     def create
       user = resource_class.find_by(email: params[:email])
       if(user && user.authenticate(params[:password]))
@@ -11,11 +9,6 @@ module Groot
       end
     end
 
-    def destroy
-      raise NotImplementedError
-    end
-
-
     private
       def resource_class
         mapping.clazz
@@ -25,4 +18,4 @@ module Groot
         @mapping ||= request.env['groot.mapping']
       end
   end
-end
+end

data/groot.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   spec.license     = "MIT"
 
   # spec.files = Dir["{app,config,db,lib}/**/*", "MIT-LICENSE", "Rakefile", "README.md"]
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+  spec.files       = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
   spec.add_dependency "rails", "~> 5.0", ">= 5.0.0"

data/lib/generators/groot/authority_generator.rb

@@ -0,0 +1,16 @@
+module Groot
+  module Generators
+    class AuthorityGenerator < Rails::Generators::Base
+      source_root File.expand_path("../templates", __FILE__)
+      argument :authority_name, type: :string, default: "application"
+
+      def copy_initializer_file
+        if authority_name != "application"
+          template "authority_template.rb", "app/authorities/#{authority_name.downcase}_authority.rb"
+        else
+          copy_file "authority.rb", "app/authorities/application_authority.rb"
+        end
+      end
+    end
+  end
+end

data/lib/generators/groot/templates/authority.rb

@@ -0,0 +1,8 @@
+class ApplicationAuthority
+  attr_reader :user, :model
+
+  def initialize(user, model)
+    @user = user
+    @model = model
+  end
+end

data/lib/generators/groot/templates/authority_template.rb

@@ -0,0 +1,2 @@
+class <%= authority_name %>Authority < ApplicationAuthority
+end

data/lib/generators/groot/templates/config.rb

@@ -1,3 +1,9 @@
 Groot.setup do |config|
   config.hmac_secret = "<%= SecureRandom.hex(64) %>"
-end
+
+  # Defines which algorithm will be used to encode the token
+  # config.algorithm   = "HS256"
+
+  # Set true if you want security Authority
+  # config.include_access_authority = false
+end

data/lib/groot.rb

@@ -3,25 +3,38 @@ require "groot/engine"
 module Groot
   extend ActiveSupport::Autoload
 
+  autoload :Exceptions
   autoload :Mapping
+  autoload :AuthorityLookup
+  autoload :Authority
 
   module Controllers
     autoload :Helpers, 'groot/controllers/helpers'
   end
 
+  module Models
+    autoload :Helpers, 'groot/models/helpers'
+  end
 
-
+  mattr_accessor :include_access_authority
+  @@include_access_authority = false
 
   mattr_accessor :hmac_secret
   @@hmac_secret = nil
 
+  mattr_accessor :algorithm
+  @@algorithm = "HS256"
+
+  mattr_reader :mapping
+  @@mapping = nil
+
   def self.setup
     yield self
   end
 
-  def self.mapping(resource)
-    mapping = Mapping.new(resource)
-    Controllers::Helpers.define_method(mapping)
+  def self.mapping_to(resource)
+    @@mapping ||= Mapping.new(resource)
+    Controllers::Helpers.define_helpers(mapping)
     mapping
   end
 end

data/lib/groot/authority.rb

@@ -0,0 +1,12 @@
+module Groot
+	module Authority
+    extend ActiveSupport::Concern
+
+    def authorize(model, action = nil)
+			action ||= params[:action]
+      authority_class = AuthorityLookup.resolve(model)
+			authority = authority_class.new(model, current_resource)
+			raise AccessDeniedError unless authority.send(action)
+    end
+	end
+end

data/lib/groot/authority_lookup.rb

@@ -0,0 +1,19 @@
+  module Groot
+    module AuthorityLookup
+      class << self
+        def resolve(model)
+          resolve_class(model)
+        rescue NameError
+          ApplicationAuthority
+        end
+
+        private
+        def resolve_class(model)
+          return nil unless model
+          return model.authority_class if model.respond_to? :authority_class
+          return model.class.authority_class if model.class.respond_to? :authority_class
+          return "#{model.class}Authority".constantize
+        end
+      end
+  end
+end

data/lib/groot/controllers/helpers.rb

@@ -3,19 +3,21 @@ require 'jwt'
 module Groot
   module Controllers
     module Helpers
-      def self.define_method(mapping)
+      def self.define_helpers(mapping)
         name = mapping.name
         class_eval <<-METHODS, __FILE__, __LINE__ + 1
           def authenticate_#{name}!
             decode(http_token)
           end
           def #{name}_signed_in?
-            !!current_user
+            !!current_#{name}
           end
           def current_#{name}
             payload = decode(http_token)
-            @current_user ||= #{mapping.clazz}.find(payload["id"])
+            @current_#{name} ||= #{mapping.clazz}.find(payload["sub"])
           end
+
+          alias_method :current_resource, :current_#{name}
         METHODS
 
         ActiveSupport.on_load(:action_controller) do
@@ -28,31 +30,43 @@ module Groot
       private
 
       def http_token
-        @http_token ||= request.headers['Authorization'].split(' ').last if request.headers['Authorization'].present?
-      end 
+        token, options = ActionController::HttpAuthentication::Token.token_and_options(request)
+        token
+      end
 
       def encode(resource)
         payload = {
-          id: resource.id,
+          sub: resource.id,
           exp: (Time.now + 24.hours).to_i
         }
-        JWT.encode(payload, Groot.hmac_secret, 'HS256')
+        JWT.encode(payload, hmac_secret, algorithm)
       end
 
       def decode(token)
         begin
-          options = { 
-            algorithm: 'HS256'
-          }
-          JWT.decode(token, Groot.hmac_secret, true, options).first
+          JWT.decode(token, hmac_secret, true, options).first
         rescue JWT::ExpiredSignature
-          render json: { message: 'The token has expired.' }, status: :forbidden
+          render json: { message: 'The token has expired.' }, status: :unauthorized
         rescue JWT::VerificationError
-          render json: { message: 'Invalid access token.' }, status: :forbidden
+          render json: { message: 'Invalid access token.' }, status: :unauthorized
         rescue JWT::DecodeError
-          render json: { message: 'Invalid access token.' }, status: :forbidden
+          render json: { message: 'Invalid access token.' }, status: :unauthorized
         end
       end
+
+      def options
+        {
+          algorithm: algorithm
+        }
+      end
+
+      def hmac_secret
+        Groot.hmac_secret
+      end
+
+      def algorithm
+        Groot.algorithm
+      end
     end
   end
-end
+end

data/lib/groot/engine.rb

@@ -3,9 +3,16 @@ module Groot
   class Engine < ::Rails::Engine
     isolate_namespace Groot
 
-    initializer "groot.add_helpers" do
+    initializer "groot.add_controllers_helpers" do
       ActiveSupport.on_load(:action_controller) do
         include Controllers::Helpers
+        include Authority if Groot.include_access_authority
+      end
+    end
+
+    initializer "groot.add_models_helpers" do
+      ActiveSupport.on_load(:active_record) do
+        include Models::Helpers if Groot.include_access_authority
       end
     end
   end

data/lib/groot/exceptions.rb

@@ -0,0 +1,5 @@
+module Groot
+  module Exceptions
+    class AccessDeniedError < RuntimeError; end;
+	end
+end

data/lib/groot/models/helpers.rb

@@ -0,0 +1,17 @@
+module Groot
+  module Models
+    module Helpers
+      extend ActiveSupport::Concern
+
+      module ClassMethods
+        def authority_class
+          "#{self}Authority".constantize
+        end
+      end
+
+      def authority_class
+        self.class.authority_class
+      end
+    end
+  end
+end

data/lib/groot/rails/routes.rb

@@ -1,9 +1,9 @@
 module ActionDispatch::Routing
   class Mapper
     def auth_for(resource)
-      mapping = Groot.mapping(resource)
-      constraint = lambda do |request| 
-        request.env['groot.mapping'] = mapping 
+      mapping = Groot.mapping_to(resource)
+      constraint = lambda do |request|
+        request.env['groot.mapping'] = mapping
         true
       end
       constraints(constraint) do
@@ -11,12 +11,12 @@ module ActionDispatch::Routing
       end
     end
 
-    private 
+    private
       def auth_routes(mapping) #:nodoc:
-        resource mapping.resource, only: [], controller: 'groot/auth' do 
-          post   :create,  path: mapping.path_names[:login]
-          delete :destroy, path: mapping.path_names[:logout]
+        resource mapping.resource, only: [], controller: 'groot/sessions' do
+          post   :create,  path: mapping.path_names[:sign_in]
+          delete :destroy, path: mapping.path_names[:sign_out]
         end
       end
   end
-end
+end

data/lib/groot/version.rb

@@ -1,3 +1,3 @@
 module Groot
-  VERSION = '1.0.0.beta'
+  VERSION = '2.0.0.beta'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: groot
 version: !ruby/object:Gem::Version
-  version: 1.0.0.beta
+  version: 2.0.0.beta
 platform: ruby
 authors:
 - Alisson Bruno
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-13 00:00:00.000000000 Z
+date: 2017-04-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -94,10 +94,11 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - Gemfile
+- Gemfile.lock
 - MIT-LICENSE
 - README.md
 - Rakefile
-- app/controllers/groot/auth_controller.rb
+- app/controllers/groot/sessions_controller.rb
 - app/helpers/groot/application_helper.rb
 - app/jobs/groot/application_job.rb
 - app/mailers/groot/application_mailer.rb
@@ -107,16 +108,23 @@ files:
 - groot.gemspec
 - lib/generators/.DS_Store
 - lib/generators/groot/auth_generator.rb
+- lib/generators/groot/authority_generator.rb
 - lib/generators/groot/install_generator.rb
 - lib/generators/groot/templates/.DS_Store
+- lib/generators/groot/templates/authority.rb
+- lib/generators/groot/templates/authority_template.rb
 - lib/generators/groot/templates/config.rb
 - lib/generators/groot/templates/migration/create_migration.rb
 - lib/generators/groot/templates/migration/migration_existing.rb
 - lib/generators/groot/templates/model.rb
 - lib/groot.rb
+- lib/groot/authority.rb
+- lib/groot/authority_lookup.rb
 - lib/groot/controllers/helpers.rb
 - lib/groot/engine.rb
+- lib/groot/exceptions.rb
 - lib/groot/mapping.rb
+- lib/groot/models/helpers.rb
 - lib/groot/rails/routes.rb
 - lib/groot/version.rb
 - lib/tasks/groot_tasks.rake
@@ -140,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.8
 signing_key: 
 specification_version: 4
 summary: Simple token authentication and authorization