heimdallr 1.0.4 → 1.0.6

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 60739f5bc64b932c0cdbb42c355f488b709db6ab
+  data.tar.gz: 0b1860b9f5e4a8ea2ae77eab998233c716dae5c3
+SHA512:
+  metadata.gz: 007c9d06814467c24dc70f42c0e11cea5d7b3a97edfacd324bfd1248b233da066e940f83a1ec23b696cc0a3ff8f2d7aa290da6f344ae81257a0782f94a1acc86
+  data.tar.gz: 9b3a7cff45a26e31e0d8426f909aa1ea811a9d33dc4ec1065c79db4d5d2d4ba15888a6aa2cb02330027e64889e20f973bf77233fb3c32f7cbcc153aa175751e4

data/.gitignore

@@ -1,4 +1,5 @@
 *.gem
+.rbx
 .bundle
 .yardoc
 Gemfile.lock

data/.travis.yml

@@ -0,0 +1,5 @@
+rvm:
+  - 1.9.3
+  - jruby-19mode
+  - rbx-19mode
+  - 2.0.0

data/Gemfile

@@ -1,4 +1,11 @@
 source "http://rubygems.org"
 
+gem "rspec"
+gem "activerecord"
+gem "mongoid"
+gem 'sqlite3', :platform => :ruby
+gem 'activerecord-jdbcsqlite3-adapter', :platform => :jruby
+gem "pry"
+
 # Specify your gem's dependencies in heimdallr.gemspec
 gemspec

data/README.md

@@ -5,6 +5,8 @@ Heimdallr is a gem for managing security restrictions for ActiveRecord objects o
 of it as a supercharged [CanCan](https://github.com/ryanb/cancan). Heimdallr favors whitelisting over blacklisting,
 convention over configuration and is duck-type compatible with most of existing code.
 
+![Travis CI](https://secure.travis-ci.org/roundlake/heimdallr.png)
+
 ``` ruby
 # Define a typical set of models.
 class User < ActiveRecord::Base
@@ -78,8 +80,8 @@ view_passed.secrecy_level
 # => nil
 
 # If only a single value is possible, it is inferred automatically:
-secure.create! content: "My second article"
-# => Article(id: 4, owner: johndoe, content: "My second article", security_level: 0)
+secure.create! content: "My second article", secrecy_level: 0
+# => Article(id: 4, owner: johndoe, content: "My second article", secrecy_level: 0)
 
 # ... and cannot be changed:
 secure.create! owner: admin, content: "I'm a haxx0r"
@@ -116,9 +118,26 @@ in [Heimdallr](http://rubydoc.info/gems/heimdallr/master/Heimdallr).
 Rails notes
 -----------
 
-As of Rails 3.2.3 attr_accessible is in whitelist mode by default. That makes no sense when using Heimdallr. To 
+As of Rails 3.2.3 attr_accessible is in whitelist mode by default. That makes no sense when using Heimdallr. To
 turn it off set the `config.active_record.whitelist_attributes` value to false at yours `application.rb`.
 
+Also you can not use restricted record with form helpers, but you can call `.insecure` method to get original model,
+like this: `form_for(@user.insecure) do |f|`. Form helpers don't assign values anyway.
+
+Mongoid notes
+-------------
+
+Heimdallr now has support for Mongoid. But please note that MongoDB doesn't support transactions,
+so please be sure that all your assignments
+are [atomic](http://docs.mongodb.org/manual/faq/developers/#how-do-i-do-transactions-and-locking-in-mongodb)
+to prevent unexpected behaviour.
+
+Depending on the way you include the Mongoid gem you might sometimes meet the following error: `undefined method 'to_adapter'`. It happens when you don't require Mongoid from your bundler but do it manually on the latter stages. In such cases you need to explicitly require the following file after Mongoid was included:
+
+```ruby
+require 'orm_adapter/adapters/mongoid'
+```
+
 Typical cases
 -------------
 
@@ -132,15 +151,21 @@ Compatibility
 
 Ruby 1.8 and ActiveRecord versions prior to 3.0 are not supported.
 
+I have a nice shiny pull request...
+-----------------------------------
+
+... and it involves delegating `is_a?`, `class`, `respond_to?` or a similar core method? Congratulations, you just broke one of the core assumptions others have of Ruby object. Heimdallr proxies are _duck-type_ compatible with the records; this does not, in any way, make them of the same Ruby type.
+
+Consider the pull request already rejected.
+
 Credits
 -------
 
-<img src="http://roundlake.ru/assets/logo.png" align="right" />
-
-* Peter Zotov ([@whitequark](http://twitter.com/#!/whitequark))
-* Boris Staal ([@_inossidabile](http://twitter.com/#!/_inossidabile))
+* Peter Zotov ([@whitequark](http://twitter.com/whitequark))
+* Boris Staal ([@_inossidabile](http://twitter.com/_inossidabile))
+* Alexander Pavlenko ([@alerticus](https://twitter.com/alerticus))
 
 LICENSE
 -------
 
-It is free software, and may be redistributed under the terms of MIT license.
+It is free software, and may be redistributed under the terms of MIT license.

data/heimdallr.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "heimdallr"
-  s.version     = "1.0.4"
+  s.version     = "1.0.6"
   s.authors     = ["Peter Zotov", "Boris Staal"]
   s.email       = ["whitequark@whitequark.org", "boris@roundlake.ru"]
   s.homepage    = "http://github.com/roundlake/heimdallr"
@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency "activesupport", '>= 3.0.0'
   s.add_runtime_dependency "activemodel", '>= 3.0.0'
+  s.add_runtime_dependency "orm_adapter", '~> 0.4.0'
 
-  s.add_development_dependency "rspec"
-  s.add_development_dependency "activerecord"
+  s.add_development_dependency "rake"
 end

data/lib/heimdallr.rb

@@ -1,6 +1,7 @@
 require "active_support"
 require "active_support/core_ext/module/delegation"
 require "active_model"
+require "orm_adapter"
 
 # See {file:README.yard}.
 module Heimdallr
@@ -61,4 +62,4 @@ require "heimdallr/proxy/record"
 require "heimdallr/validator"
 require "heimdallr/evaluator"
 require "heimdallr/model"
-require "heimdallr/legacy_resource"
+require "heimdallr/legacy_resource"

data/lib/heimdallr/evaluator.rb

@@ -78,7 +78,7 @@ module Heimdallr
     #
     # @param [Symbol, Array<Symbol>] actions one or more action names
     # @param [Hash<Hash, Object>] fields field restrictions
-    def can(actions, fields=@model_class.attribute_names)
+    def can(actions, fields=@model_class.to_adapter.column_names)
       Array(actions).map(&:to_sym).each do |action|
         case fields
         when Hash # a list of validations
@@ -233,4 +233,4 @@ module Heimdallr
       end
     end
   end
-end
+end

data/lib/heimdallr/model.rb

@@ -17,8 +17,13 @@ module Heimdallr
   module Model
     extend ActiveSupport::Concern
 
+    included do
+      class_attribute :heimdallr_restrictions, :instance_writer => false
+    end
+
     # Class methods for {Heimdallr::Model}. See also +ActiveSupport::Concern+.
     module ClassMethods
+
       # @overload restrict
       #   Define restrictions for a model with a DSL. See {Model} overview
       #   for DSL documentation.
@@ -33,7 +38,7 @@ module Heimdallr
       #   @return [Proxy::Collection]
       def restrict(context=nil, options={}, &block)
         if block
-          @restrictions = Evaluator.new(self, block)
+          self.heimdallr_restrictions = Evaluator.new(self, block)
         else
           Proxy::Collection.new(context, restrictions(context).request_scope(:fetch, self), options)
         end
@@ -43,7 +48,7 @@ module Heimdallr
       #
       # @return [Evaluator]
       def restrictions(context, record=nil)
-        @restrictions.evaluate(context, record)
+        heimdallr_restrictions.evaluate(context, record)
       end
 
       # @api private
@@ -72,13 +77,28 @@ module Heimdallr
         self.heimdallr_relations ||= []
         self.heimdallr_relations  += methods.map(&:to_sym)
       end
+
+      # Builds the Proxy class that should be used to wrap this model
+      def heimdallr_proxy_class
+        unless @heimdallr_proxy_class
+          record = self
+
+          @heimdallr_proxy_class = Class.new(Proxy::Record) do
+            define_singleton_method :model_name do
+              record.model_name
+            end
+          end
+        end
+
+        @heimdallr_proxy_class
+      end
     end
 
     # Return a secure proxy object for this record.
     #
     # @return [Record::Proxy]
     def restrict(context, options={})
-      Proxy::Record.new(context, self, options)
+      self.class.heimdallr_proxy_class.new(context, self, options)
     end
 
     # @api private

data/lib/heimdallr/proxy/collection.rb

@@ -51,10 +51,13 @@ module Heimdallr
     # @private
     # @macro [attach] delegate_as_scope
     #   A proxy for +$1+ method which returns a restricted scope.
-    def self.delegate_as_scope(name)
+    def self.delegate_as_scope(name, conversion=false)
+      conversion = conversion ? "set = set.send(:#{conversion})" : ''
+
       class_eval(<<-EOM, __FILE__, __LINE__)
       def #{name}(*args)
-        Proxy::Collection.new(@context, @scope.#{name}(*args), options_with_escape)
+        set = @scope.#{name}(*args); #{conversion}
+        Proxy::Collection.new(@context, set, options_with_escape)
       end
       EOM
     end
@@ -84,10 +87,14 @@ module Heimdallr
     # @private
     # @macro [attach] delegate_as_records
     #   A proxy for +$1+ method which returns an array of restricted records.
-    def self.delegate_as_records(name)
+    def self.delegate_as_records(name, conversion=false)
+      conversion = conversion ? "set = set.send(:#{conversion})" : ''
+
       class_eval(<<-EOM, __FILE__, __LINE__)
       def #{name}(*args)
-        @scope.#{name}(*args).map do |element|
+        set = @scope.#{name}(*args); #{conversion}
+
+        set.map do |element|
           element.restrict(@context, options_with_eager_load)
         end
       end
@@ -122,6 +129,8 @@ module Heimdallr
     delegate_as_scope :reverse_order
     delegate_as_scope :extending
 
+    delegate_as_value :klass
+    delegate_as_value :model_name
     delegate_as_value :empty?
     delegate_as_value :any?
     delegate_as_value :many?
@@ -253,6 +262,21 @@ module Heimdallr
       @scope
     end
 
+    # Insecurely taps method saving restricted context for the result
+    # Method (or block) is supposed to return proper relation
+    #
+    # @return [Proxy::Collection]
+    def insecurely(*args, &block)
+      if block_given?
+        result = yield @scope
+      else
+        method = args.shift
+        result = @scope.send method, *args
+      end
+
+      Proxy::Collection.new(@context, result, options_with_escape)
+    end
+
     # Describes the proxy and proxified scope.
     #
     # @return [String]

data/lib/heimdallr/proxy/record.rb

@@ -41,10 +41,6 @@ module Heimdallr
     # and thus is not considered as a potential security threat.
     delegate :touch, :to => :@record
 
-    # @method model_name
-    # @macro delegate
-    delegate :model_name, :to => :@record
-
     # @method to_key
     # @macro delegate
     delegate :to_key, :to => :@record
@@ -53,6 +49,14 @@ module Heimdallr
     # @macro delegate
     delegate :to_param, :to => :@record
 
+    # @method to_partial_path
+    # @macro delegate
+    delegate :to_partial_path, :to => :@record
+
+    # @method persisted?
+    # @macro delegate
+    delegate :persisted?, :to => :@record
+
     # A proxy for +attributes+ method which removes all attributes
     # without +:view+ permission.
     def attributes
@@ -70,7 +74,7 @@ module Heimdallr
     #
     # @raise [Heimdallr::PermissionError]
     def update_attributes(attributes, options={})
-      @record.with_transaction_returning_status do
+      try_transaction do
         @record.assign_attributes(attributes, options)
         save
       end
@@ -81,7 +85,7 @@ module Heimdallr
     #
     # @raise [Heimdallr::PermissionError]
     def update_attributes!(attributes, options={})
-      @record.with_transaction_returning_status do
+      try_transaction do
         @record.assign_attributes(attributes, options)
         save!
       end
@@ -118,7 +122,7 @@ module Heimdallr
       class_eval(<<-EOM, __FILE__, __LINE__)
       def #{method}
         scope = @restrictions.request_scope(:delete)
-        if scope.where({ @record.class.primary_key => @record.to_key }).any?
+        if record_in_scope? scope
           @record.#{method}
         else
           raise PermissionError, "Deletion is forbidden"
@@ -189,10 +193,17 @@ module Heimdallr
         suffix = nil
       end
 
-      if (@record.is_a?(ActiveRecord::Reflection) &&
-          association = @record.class.reflect_on_association(method)) ||
-         (!@record.class.heimdallr_relations.nil? &&
-          @record.class.heimdallr_relations.include?(normalized_method))
+      builder_method = method.to_s.gsub(/\Abuild_/, '').to_sym
+      association = if @record.class.respond_to?(:reflect_on_association)
+        @record.class.reflect_on_association(method) ||
+          @record.class.reflect_on_association(builder_method)
+      end
+      pass = unless association
+        @record.class.heimdallr_relations.respond_to?(:include?) &&
+          @record.class.heimdallr_relations.include?(normalized_method)
+      end
+
+      if association || pass
         referenced = @record.send(method, *args)
 
         if referenced.nil?
@@ -204,7 +215,7 @@ module Heimdallr
             options = @options
           end
 
-          if association.collection? && @eager_loaded.include?(method)
+          if association && association.collection? && @eager_loaded.include?(method)
             # Don't re-restrict eagerly loaded collections to not
             # discard preloaded data.
             Proxy::Collection.new(@context, referenced, options)
@@ -290,7 +301,7 @@ module Heimdallr
 
     def visible?
       scope = @restrictions.request_scope(:fetch)
-      scope.where({ @record.class.primary_key => @record.to_key }).any?
+      record_in_scope? scope
     end
 
     def creatable?
@@ -303,7 +314,7 @@ module Heimdallr
 
     def destroyable?
       scope = @restrictions.request_scope(:delete)
-      scope.where({ @record.class.primary_key => @record.to_key }).any?
+      record_in_scope? scope
     end
 
     protected
@@ -328,7 +339,9 @@ module Heimdallr
       @record.changed.map(&:to_sym).each do |attribute|
         value = @record.send attribute
 
-        if fixtures.has_key? attribute
+        if action == :create and attribute == :_id and @record.is_a?(Mongoid::Document)
+          # Everything is ok, continue (Mongoid sets _id before saving as opposed to ActiveRecord)
+        elsif fixtures.has_key? attribute
           if fixtures[attribute] != value
             raise Heimdallr::PermissionError,
                 "Attribute #{attribute} value (#{value}) is not equal to a fixture (#{fixtures[attribute]})"
@@ -366,5 +379,27 @@ module Heimdallr
         end
       end
     end
+
+    def record_in_scope?(scope)
+      scope.where(primary_key => wrap_key(@record.to_key)).any?
+    end
+
+    def primary_key
+      @record.class.respond_to?(:primary_key) && @record.class.primary_key || :id
+    end
+
+    def wrap_key(key)
+      key.is_a?(Enumerable) ? key.first : key
+    end
+
+    def try_transaction
+      if @record.respond_to?(:with_transaction_returning_status)
+        @record.with_transaction_returning_status do
+          yield
+        end
+      else
+        yield
+      end
+    end
   end
-end
+end

data/spec/active_record/models.rb

@@ -0,0 +1,82 @@
+ActiveRecord::Base.logger = Logger.new('tmp/debug.log')
+ActiveRecord::Base.configurations = YAML::load(IO.read('tmp/database.yml'))
+ActiveRecord::Base.establish_connection('test')
+
+ActiveRecord::Base.connection.create_table(:users) do |t|
+  t.boolean     :admin
+  t.boolean     :banned
+  t.belongs_to  :dude
+end
+
+ActiveRecord::Base.connection.create_table(:dont_saves) do |t|
+  t.string      :name
+end
+
+ActiveRecord::Base.connection.create_table(:articles) do |t|
+  t.belongs_to  :owner
+  t.text        :content
+  t.integer     :secrecy_level
+  t.timestamps
+end
+
+class ActiveRecord::User < ActiveRecord::Base
+  include Heimdallr::Model
+  has_one :buddy, :class_name => self.name, :foreign_key => :dude_id
+  belongs_to :dude, :class_name => self.name
+  restrict do |user|
+    scope :fetch
+  end
+end
+
+class ActiveRecord::DontSave < ActiveRecord::Base; end
+
+class ActiveRecord::Article < ActiveRecord::Base
+  include Heimdallr::Model
+
+  def self.by_id(id)
+    where(:id => id)
+  end
+
+  belongs_to :owner, :class_name => 'ActiveRecord::User'
+
+  def dont_save=(name)
+    ActiveRecord::DontSave.create :name => name
+  end
+
+  restrict do |user, record|
+    if user.banned?
+      # banned users cannot do anything
+      scope :fetch, -> { where('1=0') }
+    elsif user.admin?
+      # Administrator or owner can do everything
+      scope :fetch
+      scope :delete
+      can [:view, :create, :update]
+    else
+      # Other users can view only their own or non-classified articles...
+      scope :fetch,  -> { where('owner_id = ? or secrecy_level < ?', user.id, 5) }
+      scope :delete, -> { where('owner_id = ?', user.id) }
+
+      # ... and see all fields except the actual security level
+      # (through owners can see everything)...
+      if record.try(:owner) == user
+        can :view
+        can :update, {
+          secrecy_level: { inclusion: { in: 0..4 } }
+        }
+      else
+        can    :view
+        cannot :view, [:secrecy_level]
+      end
+
+      # ... and can create them with certain restrictions.
+      can :create, %w(content)
+      can :create, {
+        owner_id:      user.id,
+        secrecy_level: { inclusion: { in: 0..4 } }
+      }
+    end
+  end
+end
+
+class ActiveRecord::SubArticle < ActiveRecord::Article; end

data/spec/active_record/proxy_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+require 'active_record/models'
+
+require 'proxy_examples'
+
+describe Heimdallr::Proxy do
+  context 'with ActiveRecord' do
+    run_specs(ActiveRecord::User, ActiveRecord::Article, ActiveRecord::DontSave)
+
+    context 'with subclass' do
+      run_specs(ActiveRecord::User, ActiveRecord::SubArticle, ActiveRecord::DontSave)
+    end
+  end
+end

data/spec/mongoid/models.rb

@@ -0,0 +1,81 @@
+require 'mongoid'
+require 'orm_adapter/adapters/mongoid'
+
+ENV['RACK_ENV'] ||= 'test'
+Mongoid.load!('tmp/mongoid.yml')
+
+class Mongoid::User
+  include Mongoid::Document
+  field :admin, type: Boolean
+  field :banned, type: Boolean
+  field :dude_id, type: String
+  include Heimdallr::Model
+  has_one :buddy, :class_name => self.name, :foreign_key => :dude_id
+  belongs_to :dude, :class_name => self.name
+  restrict do |user|
+    scope :fetch
+  end
+end
+
+class Mongoid::DontSave
+  include Mongoid::Document
+  field :name
+end
+
+class Mongoid::Article
+  include Mongoid::Document
+  include Mongoid::Timestamps
+
+  field :content
+  field :secrecy_level, type: Fixnum
+
+  belongs_to :owner, class_name: 'Mongoid::User'
+
+  include Heimdallr::Model
+
+  def self.by_id(id)
+    where(:id => id)
+  end
+
+  def dont_save=(name)
+    # Just don't do this in Mongo!
+    # Mongoid::DontSave.create(:name => name)
+  end
+
+  restrict do |user, record|
+    if user.banned?
+      # banned users cannot do anything
+      scope :fetch, proc { where('1' => 0) }
+    elsif user.admin?
+      # Administrator or owner can do everything
+      scope :fetch
+      scope :delete
+      can [:view, :create, :update]
+    else
+      # Other users can view only their own or non-classified articles...
+      scope :fetch,  -> { scoped.or({owner_id: user.id}, {:secrecy_level.lt => 5}) }
+      scope :delete, -> { where(owner_id: user.id) }
+
+      # ... and see all fields except the actual security level
+      # (through owners can see everything)...
+      if record.try(:owner) == user
+        can :view
+        can :update, {
+          secrecy_level: { inclusion: { in: 0..4 } }
+        }
+      else
+        can    :view
+        cannot :view, [:secrecy_level]
+      end
+
+      # ... and can create them with certain restrictions.
+      can :create, %w(content _type)
+      can :create, {
+        owner_id:      user.id,
+        secrecy_level: { inclusion: { in: 0..4 } }
+      }
+    end
+  end
+end
+
+class Mongoid::SubArticle < Mongoid::Article; end

data/spec/mongoid/proxy_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+require 'mongoid/models'
+
+require 'proxy_examples'
+
+if ENV['ENABLE_MONGO']
+  describe Heimdallr::Proxy do
+    context 'with Mongoid' do
+      run_specs(Mongoid::User, Mongoid::Article, Mongoid::DontSave)
+
+      context 'with subclass' do
+        run_specs(Mongoid::User, Mongoid::SubArticle, Mongoid::DontSave)
+      end
+    end
+  end
+end

data/spec/proxy_examples.rb

@@ -0,0 +1,147 @@
+def run_specs(user_model, article_model, dont_save_model)
+  before(:all) do
+    user_model.destroy_all
+    article_model.destroy_all
+    dont_save_model.destroy_all
+
+    @john   = user_model.create! :admin => false
+    @banned = user_model.create! :banned => true
+    @models = []
+
+    @models << article_model.create!(:owner_id => @john.id, :content => 'test', :secrecy_level => 10)
+    @models << article_model.create!(:owner_id => @john.id, :content => 'test', :secrecy_level => 3)
+  end
+
+  before(:each) do
+    @admin  = user_model.new :admin => true
+    @looser = user_model.new :admin => false
+  end
+
+  it "proxies model_name for records" do
+    article_model.restrict(@admin).first.class.model_name.should ==
+            article_model.model_name
+  end
+
+  it "proxies model_name for collections" do
+    article_model.restrict(@admin).model_name.should ==
+            article_model.model_name
+  end
+
+  it "applies restrictions" do
+    proxy = article_model.restrict(@admin)
+    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
+
+    proxy = article_model.restrict(@looser)
+    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
+  end
+
+  it "taps insecurely" do
+    proxy = article_model.restrict(@admin).insecurely(:by_id, @models.first.id)
+    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
+    proxy.count.should == 1
+
+    proxy = article_model.restrict(@looser).insecurely{|x| x.by_id(@models.first.id)}
+    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
+    proxy.count.should == 0
+  end
+
+  it "handles fetch scope" do
+    article_model.restrict(@admin).count.should == 2
+    article_model.restrict(@looser).count.should == 1
+    article_model.restrict(@john).count.should == 2
+  end
+
+  it "handles destroy scope" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
+    expect { article.restrict(@looser).destroy }.to raise_error
+    expect { article.restrict(@john).destroy }.to_not raise_error
+
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
+    expect { article.restrict(@admin).destroy }.to_not raise_error
+  end
+
+  it "handles list of fields to view" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
+    expect { article.restrict(@looser).secrecy_level }.to raise_error
+    expect { article.restrict(@admin).secrecy_level }.to_not raise_error
+    expect { article.restrict(@john).secrecy_level }.to_not raise_error
+    article.restrict(@looser).id.should == article.id
+    article.restrict(@looser).content.should == 'test'
+  end
+
+  it "handles entities creation" do
+    expect { article_model.restrict(@looser).create! :content => 'test', :secrecy_level => 10 }.to raise_error
+
+    article = article_model.restrict(@john).create! :content => 'test', :secrecy_level => 3
+    article.owner_id.should == @john.id
+  end
+
+  it "handles entities building" do
+    [:build_buddy, :build_dude].map{|m| @john.restrict(@john).send(m) }.each do |obj|
+      obj.should be_a(Heimdallr::Proxy::Record)
+      obj.reflect_on_security[:context].should === @john
+    end
+  end
+
+  it "handles entities update" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 10
+    expect {
+      article.restrict(@john).update_attributes! :secrecy_level => 8
+    }.to raise_error
+    expect {
+      article.restrict(@looser).update_attributes! :secrecy_level => 3
+    }.to raise_error
+    expect {
+      article.restrict(@admin).update_attributes! :secrecy_level => 10
+    }.to_not raise_error
+  end
+
+  it "handles implicit strategy" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
+    expect { article.restrict(@looser).secrecy_level }.to raise_error
+    article.restrict(@looser).implicit.secrecy_level.should == nil
+  end
+
+  it "answers if object is creatable" do
+    article_model.restrict(@john).should be_creatable
+    article_model.restrict(@admin).should be_creatable
+    article_model.restrict(@looser).should be_creatable
+  end
+
+  it "answers if object is modifiable" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
+    article.restrict(@john).should be_modifiable
+    article.restrict(@admin).should be_modifiable
+    article.restrict(@looser).should_not be_modifiable
+  end
+
+  it "answers if object is destroyable" do
+    article = article_model.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
+    article.restrict(@john).should be_destroyable
+    article.restrict(@admin).should be_destroyable
+    article.restrict(@looser).should_not be_destroyable
+  end
+
+  it "does not create anything else if it did not saved" do
+    expect {
+      article_model.restrict(@looser).create! :content => 'test', :secrecy_level => 10, :dont_save => 'ok' rescue nil
+    }.not_to change(dont_save_model, :count)
+  end
+
+  context "when user has no rights to view" do
+    it "is not be visible" do
+      article = article_model.create! :content => 'test', :owner => @john, :secrecy_level => 0
+      article.restrict(@banned).should_not be_visible
+    end
+  end
+
+  context "when user has no rights to create" do
+    it "is not be creatable" do
+      article_model.restrict(@banned).should_not be_creatable
+      expect {
+        article_model.restrict(@banned).create! :content => 'test', :secrecy_level => 0
+      }.to raise_error
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -1,22 +1,10 @@
-require "heimdallr"
 require "active_record"
-require "sqlite3"
 require "logger"
 require "uri"
+require "pry"
 
-ROOT = File.join(File.dirname(__FILE__), '..')
-
-ActiveRecord::Base.logger = Logger.new('tmp/debug.log')
-ActiveRecord::Base.configurations = YAML::load(IO.read('tmp/database.yml'))
-ActiveRecord::Base.establish_connection('test')
+require RUBY_PLATFORM =~ /java/ ? "activerecord-jdbc-adapter" : "sqlite3"
 
-ActiveRecord::Base.connection.create_table(:users) do |t|
-  t.boolean     :admin
-end
+require "heimdallr" # need to require heimdallr after ORMs for orm_adapter to work
 
-ActiveRecord::Base.connection.create_table(:articles) do |t|
-  t.belongs_to  :owner
-  t.text        :content
-  t.integer     :secrecy_level
-  t.timestamps
-end
+ROOT = File.join(File.dirname(__FILE__), '..')

data/tmp/mongoid.yml

@@ -0,0 +1,7 @@
+test:
+  sessions:
+    default:
+      database: heimdallr_test
+      hosts:
+        - localhost:27017
+  database: heimdallr_test

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: heimdallr
 version: !ruby/object:Gem::Version
-  version: 1.0.4
-  prerelease: 
+  version: 1.0.6
 platform: ruby
 authors:
 - Peter Zotov
@@ -10,55 +9,68 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-06-01 00:00:00.000000000 Z
+date: 2013-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
-  requirement: &70300668429320 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *70300668429320
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
 - !ruby/object:Gem::Dependency
   name: activemodel
-  requirement: &70300668428840 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *70300668428840
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
 - !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: &70300668428460 !ruby/object:Gem::Requirement
-    none: false
+  name: orm_adapter
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+        version: 0.4.0
+  type: :runtime
   prerelease: false
-  version_requirements: *70300668428460
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: &70300668428000 !ruby/object:Gem::Requirement
-    none: false
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70300668428000
-description: ! "Heimdallr aims to provide an easy to configure and efficient object-
-  and field-level access\n control solution, reusing proven patterns from gems like
-  CanCan and allowing one to manage permissions in a very\n fine-grained manner."
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  Heimdallr aims to provide an easy to configure and efficient object- and field-level access
+   control solution, reusing proven patterns from gems like CanCan and allowing one to manage permissions in a very
+   fine-grained manner.
 email:
 - whitequark@whitequark.org
 - boris@roundlake.ru
@@ -68,6 +80,7 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .rspec
+- .travis.yml
 - .yardopts
 - CHANGELOG.md
 - Gemfile
@@ -82,35 +95,43 @@ files:
 - lib/heimdallr/proxy/collection.rb
 - lib/heimdallr/proxy/record.rb
 - lib/heimdallr/validator.rb
-- spec/proxy_spec.rb
+- spec/active_record/models.rb
+- spec/active_record/proxy_spec.rb
+- spec/mongoid/models.rb
+- spec/mongoid/proxy_spec.rb
+- spec/proxy_examples.rb
 - spec/spec_helper.rb
 - tmp/.gitkeep
 - tmp/database.yml
+- tmp/mongoid.yml
 homepage: http://github.com/roundlake/heimdallr
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.15
+rubygems_version: 2.0.0
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Heimdallr is an ActiveModel extension which provides object- and field-level
   access control.
 test_files:
-- spec/proxy_spec.rb
+- spec/active_record/models.rb
+- spec/active_record/proxy_spec.rb
+- spec/mongoid/models.rb
+- spec/mongoid/proxy_spec.rb
+- spec/proxy_examples.rb
 - spec/spec_helper.rb

data/spec/proxy_spec.rb

@@ -1,131 +0,0 @@
-require 'spec_helper'
-
-class User < ActiveRecord::Base; end
-
-class Article < ActiveRecord::Base
-  include Heimdallr::Model
-
-  belongs_to :owner, :class_name => 'User'
-
-  restrict do |user, record|
-    if user.admin?
-      # Administrator or owner can do everything
-      scope :fetch
-      scope :delete
-      can [:view, :create, :update]
-    else
-      # Other users can view only their own or non-classified articles...
-      scope :fetch,  -> { where('owner_id = ? or secrecy_level < ?', user.id, 5) }
-      scope :delete, -> { where('owner_id = ?', user.id) }
-
-      # ... and see all fields except the actual security level
-      # (through owners can see everything)...
-      if record.try(:owner) == user
-        can :view
-        can :update, {
-          secrecy_level: { inclusion: { in: 0..4 } }
-        }
-      else
-        can    :view
-        cannot :view, [:secrecy_level]
-      end
-
-      # ... and can create them with certain restrictions.
-      can :create, %w(content)
-      can :create, {
-        owner_id:      user.id,
-        secrecy_level: { inclusion: { in: 0..4 } }
-      }
-    end
-  end
-end
-
-describe Heimdallr::Proxy do
-  before(:all) do
-    @john = User.create! :admin => false
-    Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 10
-    Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 3
-  end
-
-  before(:each) do
-    @admin  = User.new :admin => true
-    @looser = User.new :admin => false
-  end
-
-  it "should apply restrictions" do
-    proxy = Article.restrict(@admin)
-    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
-
-    proxy = Article.restrict(@looser)
-    proxy.should be_a_kind_of Heimdallr::Proxy::Collection
-  end
-
-  it "should handle fetch scope" do
-    Article.restrict(@admin).all.count.should == 2
-    Article.restrict(@looser).all.count.should == 1
-    Article.restrict(@john).all.count.should == 2
-  end
-
-  it "should handle destroy scope" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
-    expect { article.restrict(@looser).destroy }.should raise_error
-    expect { article.restrict(@john).destroy }.should_not raise_error
-
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
-    expect { article.restrict(@admin).destroy }.should_not raise_error
-  end
-
-  it "should handle list of fields to view" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 0
-    expect { article.restrict(@looser).secrecy_level }.should raise_error
-    expect { article.restrict(@admin).secrecy_level }.should_not raise_error
-    expect { article.restrict(@john).secrecy_level }.should_not raise_error
-    article.restrict(@looser).content.should == 'test'
-  end
-
-  it "should handle entities creation" do
-    expect { Article.restrict(@looser).create! :content => 'test', :secrecy_level => 10 }.should raise_error
-
-    article = Article.restrict(@john).create! :content => 'test', :secrecy_level => 3
-    article.owner_id.should == @john.id
-  end
-
-  it "should handle entities update" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 10
-    expect {
-      article.restrict(@john).update_attributes! :secrecy_level => 8
-    }.should raise_error
-    expect {
-      article.restrict(@looser).update_attributes! :secrecy_level => 3
-    }.should raise_error
-    expect {
-      article.restrict(@admin).update_attributes! :secrecy_level => 10
-    }.should_not raise_error
-  end
-
-  it "should handle implicit strategy" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
-    expect { article.restrict(@looser).secrecy_level }.should raise_error
-    article.restrict(@looser).implicit.secrecy_level.should == nil
-  end
-
-  it "should answer if object is creatable" do
-    Article.restrict(@john).creatable?.should == true
-    Article.restrict(@admin).creatable?.should == true
-    Article.restrict(@looser).creatable?.should == true
-  end
-
-  it "should answer if object is modifiable" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
-    article.restrict(@john).modifiable?.should == true
-    article.restrict(@admin).modifiable?.should == true
-    article.restrict(@looser).modifiable?.should == false
-  end
-
-  it "should answer if object is destroyable" do
-    article = Article.create! :owner_id => @john.id, :content => 'test', :secrecy_level => 4
-    article.restrict(@john).destroyable?.should == true
-    article.restrict(@admin).destroyable?.should == true
-    article.restrict(@looser).destroyable?.should == false
-  end
-end