has_roles 0.0.2 → 0.3.0

data/README

@@ -1,83 +0,0 @@
-= has_roles
-
-+has_roles+ provides simple role management based on controllers/actions.
-
-== Resources
-
-API
-
-* http://api.pluginaweek.org/has_roles
-
-Wiki
-
-* http://wiki.pluginaweek.org/Has_roles
-
-Announcement
-
-* http://www.pluginaweek.org
-
-Source
-
-* http://svn.pluginaweek.org/trunk/plugins/active_record/has/has_roles
-
-Development
-
-* http://dev.pluginaweek.org/browser/trunk/plugins/active_record/has/has_roles
-
-== Description
-
-One of the easiest and most straightforward techniques for adding role management
-and authorization to specific parts of your application is restricting usage on
-controller/action-basis.  Each role defined in your system is mapped to one or
-more permissions.  Each permission is a combination of a controller and action.
-
-== Usage
-
-=== Checking a user's authorization
-
-Below is an example of checking a user's authorization for a url before display
-information:
-
-app/views/layouts/application.rhtml:
-
-  <% if authorized_for?(:controller => 'admin/users') -%>
-  <p>Read to start administering your website?</p>
-  <% end -%>
-
-=== Global authorization
-
-You can define a global permission that will add access for all controllers by
-defining a controller with the path 'application'.  See the test fixtures for
-more information.
-
-=== Running migrations
-
-To migrate the tables required for this plugin, you can either run the
-migration from the command line like so:
-
-  rake db:migrate:plugins PLUGIN=has_roles
-
-or (more ideally) generate a migration file that will integrate into your main
-application's migration path:
-
-  ruby script/generate plugin_migration has_roles
-
-== Testing
-
-Before you can run any tests, the following gems must be installed:
-* plugin_test_helper[http://wiki.pluginaweek.org/Plugin_test_helper]
-* dry_validity_assertions[http://wiki.pluginaweek.org/Dry_validity_assertions]
-
-== Dependencies
-
-This plugin is a plugin+.  That means that it contains a slice of an
-application, such as models and migrations.  To test or use a plugin+, you
-must have the following plugins/gems installed:
-* plugin_dependencies[http://wiki.pluginaweek.org/Plugin_dependencies]
-* loaded_plugins[http://wiki.pluginaweek.org/Loaded_plugins]
-* appable_plugins[http://wiki.pluginaweek.org/Appable_plugins]
-* plugin_migrations[http://wiki.pluginaweek.org/Plugin_migrations]
-
-Instead of installing each individual plugin+ feature, you can install them all
-at once using the plugins+[http://wiki.pluginaweek.org/Plugins_plus] meta package,
-which contains all additional features.

data/app/models/controller.rb

@@ -1,82 +0,0 @@
-# Represents the name of a controller in the application.  The path of the controller
-# includes its namespace, if any.  For example:
-# 
-#   users       # => UsersController
-#   admin/users # => Admin::UsersController
-class Controller < ActiveRecord::Base
-  has_many  :permissions,
-              :dependent => :destroy
-  
-  validates_presence_of   :path
-  validates_format_of     :path,
-                            :with => /^[a-z]+(\/[a-z]+)*$/i,
-                            :allow_nil => true
-  validates_uniqueness_of :path,
-                            :allow_nil => true
-  
-  class << self
-    # Finds all of the permissioned controllers and maps/orders them by parent
-    def find_all_mapped_by_parent
-      controllers_by_parent = Controller.find(:all).inject(ActiveSupport::OrderedHash.new) do |controllers, controller|
-        controller.klass.parents.each {|parent| controllers[parent] ||= []}
-        controllers[controller.klass.parent] << controller
-        controllers
-      end
-      
-      # Sort all the controllers within each parent alphabetically
-      controllers_by_parent.each do |parent, controllers|
-        controllers.sort! do |c1, c2|
-          c1.name <=> c2.name
-        end
-      end
-      
-      # Sort the parents (first by closest to Object, then alphabetically)
-      controllers_by_parent.sort! do |c1, c2|
-        if c1.first == Object
-          -1
-        elsif c2.first == Object
-          1
-        else
-          c1.first.name <=> c2.first.name
-        end
-      end
-    end
-    
-    # Parses the controller path and action from the given options
-    def recognize_path(options = '')
-      options = ActionController::Routing::Routes.recognize_path(URI.parse(options).path) if options.is_a?(String)
-      controller_path, action = options[:controller], options[:action]
-      controller_path = controller_path.controller_path if controller_path.is_a?(Class)
-      
-      return controller_path, action ? action.to_s : 'index'
-    end
-  end
-  
-  # Returns the class that this controller represents
-  def klass
-    @klass ||= "#{path.camelize}Controller".constantize
-  end
-  
-  # The humanized name of this controller.  This will not include the parent's name.
-  def name
-    @name ||= klass.controller_name.titleize
-  end
-  
-  # Possible paths that can match this controller.  This includes paths from all
-  # superclasses up to ApplicationController.
-  def possible_path_matches
-    klass.ancestors.select {|c| Class === c && c < ActionController::Base}.map(&:controller_path)
-  end
-  
-  # Is this a global controller?  If a user has a permission on the global
-  # controller, then he has permissions on all controllers.  At least one user
-  # in the system should have global access.
-  def global?
-    path == 'application'
-  end
-  
-  # Returns the name of the controller
-  def to_s #:nodoc
-    name
-  end
-end

data/db/migrate/001_create_controllers.rb

@@ -1,13 +0,0 @@
-class CreateControllers < ActiveRecord::Migration
-  def self.up
-    create_table :controllers do |t|
-      t.column :path, :string, :null => false
-      t.column :description, :text
-    end
-    add_index :controllers, :path, :unique => true
-  end
-
-  def self.down
-    drop_table :controllers
-  end
-end

data/db/migrate/004_create_permissions_roles.rb

@@ -1,13 +0,0 @@
-class CreatePermissionsRoles < ActiveRecord::Migration
-  def self.up
-    create_table :permissions_roles, :id => false do |t|
-      t.column :permission_id, :integer, :null => false
-      t.column :role_id, :integer, :null => false
-    end
-    add_index :permissions_roles, [:permission_id, :role_id], :unique => true
-  end
-
-  def self.down
-    drop_table :permissions_roles
-  end
-end

data/test/app_root/app/controllers/payment/pay_pal/transactions_controller.rb

@@ -1,2 +0,0 @@
-class Payment::PayPal::TransactionsController < Payment::TransactionsController
-end

data/test/app_root/app/controllers/payment/transactions_controller.rb

@@ -1,2 +0,0 @@
-class Payment::TransactionsController < ApplicationController
-end

data/test/fixtures/controllers.yml

@@ -1,19 +0,0 @@
-application:
-  id: 1
-  path: application
-  
-users:
-  id: 2
-  path: users
-  
-admin_users:
-  id: 3
-  path: admin/users
-  
-payment_transactions:
-  id: 4
-  path: payment/transactions
-  
-payment_pay_pal_transactions:
-  id: 5
-  path: payment/pay_pal/transactions

data/test/fixtures/permissions.yml

@@ -1,27 +0,0 @@
-crud_application:
-  id: 1
-  controller_id: 1
-  
-read_application:
-  id: 2
-  controller_id: 1
-  action: index
-  
-read_users:
-  id: 3
-  controller_id: 2
-  action: index
-  
-update_users:
-  id: 4
-  controller_id: 2
-  action: update
-  
-crud_admin_users:
-  id: 5
-  controller_id: 3
-  
-create_pay_pal_payment_transactions:
-  id: 6
-  controller_id: 5
-  action: create

data/test/fixtures/permissions_roles.yml

@@ -1,15 +0,0 @@
-administrator_crud_application:
-  role_id: 1
-  permission_id: 1
-  
-moderator_crud_admin_users:
-  role_id: 2
-  permission_id: 5
-  
-guest_read_application:
-  role_id: 3
-  permission_id: 2
-  
-guest_create_pay_pal_payment_transactions:
-  role_id: 3
-  permission_id: 6

data/test/fixtures/role_assignments.yml

@@ -1,17 +0,0 @@
-administrator:
-  id: 1
-  role_id: 1
-  assignee_id: 1
-  assignee_type: User
-  
-moderator:
-  id: 2
-  role_id: 2
-  assignee_id: 2
-  assignee_type: User
-  
-guest:
-  id: 3
-  role_id: 3
-  assignee_id: 3
-  assignee_type: User

data/test/fixtures/roles.yml

@@ -1,11 +0,0 @@
-administrator:
-  id: 1
-  name: Administrator
-  
-moderator:
-  id: 2
-  name: Moderator
-  
-guest:
-  id: 3
-  name: Guest

data/test/fixtures/users.yml

@@ -1,11 +0,0 @@
-administrator:
-  id: 1
-  login: admin
-  
-moderator:
-  id: 2
-  login: moderator
-  
-guest:
-  id: 3
-  login: guest

data/test/unit/authorization_helper_test.rb

@@ -1,40 +0,0 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
-
-class AuthorizationHelperTest < Test::Unit::TestCase
-  include ActionView::Helpers::TagHelper
-  include ActionView::Helpers::UrlHelper
-  include PluginAWeek::Has::Roles::AuthorizationHelper
-  
-  fixtures :controllers, :permissions, :roles, :permissions_roles, :users, :role_assignments
-  
-  def setup
-    @controller = HomeController.new
-    @controller.request = ActionController::TestRequest.new
-    @controller.instance_eval {@_params = request.path_parameters}
-    @controller.send(:initialize_current_url)
-  end
-  
-  def current_user
-    users(:guest)
-  end
-  
-  def test_should_be_authorized_if_user_has_proper_permissions
-    assert authorized_for?('/users/index')
-  end
-  
-  def test_should_not_be_authorized_if_user_doesnt_have_proper_permissions
-    assert !authorized_for?('/admin/users/destroy')
-  end
-  
-  def test_should_link_to_nothing_if_not_authorized_and_not_showing_text
-    assert_equal '', link_to_if_authorized('Destroy User', '/admin/users/destroy', :show_text => false)
-  end
-  
-  def test_should_display_text_if_not_authorized_and_showing_text
-    assert_equal 'Destroy User', link_to_if_authorized('Destroy User', '/admin/users/destroy', :show_text => true)
-  end
-  
-  def test_should_link_to_url_if_authorized
-    assert_equal '<a href="/users">Destroy User</a>', link_to_if_authorized('Destroy User', {:controller => 'users', :action => 'index'}, :show_text => false)
-  end
-end

data/test/unit/controller_test.rb

@@ -1,95 +0,0 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
-
-class ControllerTest < Test::Unit::TestCase
-  fixtures :controllers, :permissions
-  
-  def test_should_be_valid
-    assert_valid controllers(:users)
-  end
-  
-  def test_should_require_path
-    assert_invalid controllers(:users), :path, nil, ''
-  end
-  
-  def test_should_require_specific_format_for_paths
-    assert_invalid controllers(:users), :path, '/users', '//users', 'users/', 'admin//users', '1'
-  end
-  
-  def test_should_require_unique_path
-    assert_invalid controllers(:users).clone, :path
-  end
-  
-  def test_should_have_associated_permissions
-    assert_equal [permissions(:read_users), permissions(:update_users)], controllers(:users).permissions
-  end
-  
-  def test_should_destroy_associated_permissions_when_destroyed
-    controllers(:users).destroy
-    assert_nil Permission.find_by_controller_id(2)
-  end
-  
-  def test_should_use_path_for_klass
-    assert_equal UsersController, controllers(:users).klass
-  end
-  
-  def test_should_use_namespaced_path_for_klass
-    assert_equal Admin::UsersController, controllers(:admin_users).klass
-  end
-  
-  def test_should_use_controller_name_for_name_if_controller_is_not_namespaced
-    assert_equal 'Users', controllers(:users).name
-  end
-  
-  def test_should_use_demodulized_controller_name_for_name_if_controller_is_namespaced
-    assert_equal 'Users', controllers(:admin_users).name
-  end
-  
-  def test_possible_path_matches_should_include_all_superclasses_except_base_controller
-    assert_equal %w(users application), controllers(:users).possible_path_matches
-    assert_equal %w(admin/users application), controllers(:admin_users).possible_path_matches
-    assert_equal %w(payment/pay_pal/transactions payment/transactions application), controllers(:payment_pay_pal_transactions).possible_path_matches
-  end
-  
-  def test_should_be_global_if_path_is_application
-    assert controllers(:application).global?
-  end
-  
-  def test_should_not_be_global_if_path_is_not_application
-    assert !controllers(:users).global?
-    assert !controllers(:admin_users).global?
-  end
-  
-  def test_stringification_should_use_name
-    assert_equal 'Users', controllers(:users).to_s
-  end
-  
-  def test_should_map_parents_for_all_controllers
-    expected = [
-      [Object, [controllers(:application), controllers(:users)]],
-      [Admin, [controllers(:admin_users)]],
-      [Payment, [controllers(:payment_transactions)]],
-      [Payment::PayPal, [controllers(:payment_pay_pal_transactions)]]
-    ]
-    assert_equal expected, Controller.find_all_mapped_by_parent
-  end
-  
-  def test_should_recognize_path_by_string
-    assert_equal ['users', 'index'], Controller.recognize_path('/users')
-  end
-  
-  def test_should_recognize_namespaced_path_by_string
-    assert_equal ['admin/users', 'update'], Controller.recognize_path('/admin/users/update')
-  end
-  
-  def test_should_recognize_path_by_hash
-    assert_equal ['users', 'index'], Controller.recognize_path(:controller => 'users', :action => 'index')
-  end
-  
-  def test_should_recognize_namespaced_path_by_hash
-    assert_equal ['admin/users', 'update'], Controller.recognize_path(:controller => 'admin/users', :action => 'update', :id => 1)
-  end
-  
-  def test_should_recognize_path_if_action_not_specified
-    assert_equal ['users', 'index'], Controller.recognize_path(:controller => 'users')
-  end
-end

data/test/unit/has_roles_test.rb

@@ -1,49 +0,0 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
-
-class HasRolesTest < Test::Unit::TestCase
-  fixtures :controllers, :permissions, :roles, :permissions_roles, :users, :role_assignments
-  
-  def test_should_have_role_assignments_association
-    assert_equal [role_assignments(:administrator)], users(:administrator).role_assignments
-  end
-  
-  def test_should_destroy_role_assignments_when_destroyed
-    users(:administrator).destroy
-    assert_nil RoleAssignment.find_by_assignee_id(1)
-  end
-  
-  def test_should_have_roles_association
-    assert_equal [roles(:administrator)], users(:administrator).roles
-  end
-  
-  def test_should_be_authorized_if_user_has_proper_permissions
-    assert users(:guest).authorized_for?('/users/index')
-  end
-  
-  def test_should_not_be_authorized_if_user_doesnt_have_proper_permissions
-    assert !users(:guest).authorized_for?('/admin/users/destroy')
-  end
-  
-  def test_roles_ids_should_map_all_ids
-    assert_equal [1], users(:administrator).role_ids
-  end
-  
-
-  def test_should_destroy_old_roles_when_replaced
-    user = users(:administrator)
-    user.role_ids = []
-    assert_equal [], user.roles
-  end
-  
-  def test_should_add_new_roles_when_replaced
-    user = users(:administrator)
-    user.role_ids = [1, 2]
-    assert_equal [roles(:administrator), roles(:moderator)], user.roles
-  end
-  
-  def test_should_destroy_old_roles_and_add_new_roles_when_replaced
-    user = users(:administrator)
-    user.role_ids = [2]
-    assert_equal [roles(:moderator)], user.roles
-  end
-end