RubyGems - heimdallr - Versions diffs - 0.0.1 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

data/.gitignore ADDED Viewed

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/.rspec ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ --color
2	+ --format progress

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+# Specify your gem's dependencies in heimdallr.gemspec
+gemspec

data/Rakefile ADDED Viewed

	@@ -0,0 +1 @@
1	+ require "bundler/gem_tasks"

data/heimdallr.gemspec ADDED Viewed

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "heimdallr/version"
+Gem::Specification.new do |s|
+  s.name        = "heimdallr"
+  s.version     = Heimdallr::VERSION
+  s.authors     = ["Peter Zotov"]
+  s.email       = ["whitequark@whitequark.org"]
+  s.homepage    = "http://github.com/roundlake/heimdallr"
+  s.summary     = %q{Heimdallr is an ActiveModel extension which provides object- and field-level access control.}
+  s.description = %q{Heimdallr aims to provide an easy to configure and efficient object- and field-level access
+ control solution, reusing proven patterns from gems like CanCan and allowing one to control permissions in a very
+ fine-grained manner.}
+  s.rubyforge_project = "heimdallr"
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  s.add_runtime_dependency "activesupport", '>= 3.0.0'
+  s.add_runtime_dependency "activemodel", '>= 3.0.0'
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "activerecord"
+end

data/lib/heimdallr.rb ADDED Viewed

@@ -0,0 +1,9 @@
+require "active_support"
+require "active_model"
+require "heimdallr/version"
+require "heimdallr/evaluator"
+require "heimdallr/proxy"
+require "heimdallr/model"
+require "heimdallr/resource"

data/lib/heimdallr/evaluator.rb ADDED Viewed

@@ -0,0 +1,94 @@
+module Heimdallr
+  class Evaluator
+    attr_reader :whitelist, :validations
+    def initialize(model_class, &block)
+      @model_class, @block = model_class, block
+      @whitelist = @validations = nil
+      @last_context = nil
+    end
+    def evaluate(context)
+      if context != @last_context
+        @whitelist   = Hash.new { [] }
+        @validations = Hash.new { [] }
+        instance_exec context, &block
+        @whitelist.freeze
+        @validations.freeze
+        @last_context = context
+      end
+      self
+    end
+    def validate(action, record)
+      @validations[action].each do |validator|
+        validator.validate(record)
+      end
+    end
+    def can(actions, fields=@model_class.attribute_names)
+      actions = Array(actions)
+      case fields
+      when Hash # a list of validations
+        actions.each do |action|
+          @whitelist[action]   += fields.keys
+          @validations[action] += make_validators(fields)
+        end
+      else # an array or a field name
+        actions.each do |action|
+          @whitelist[action] += Array(fields)
+        end
+      end
+    end
+    def cannot(actions, fields)
+      actions = Array(actions)
+      actions.each do |action|
+        @whitelist[action] -= fields
+      end
+    end
+    protected
+    def make_validators(fields)
+      validators = []
+      fields.each do |attribute, validations|
+        validations.each do |key, options|
+          key = "#{key.to_s.camelize}Validator"
+          begin
+            validator = key.include?('::') ? key.constantize : ActiveModel::Validations.const_get(key)
+          rescue NameError
+            raise ArgumentError, "Unknown validator: '#{key}'"
+          end
+          validators << validator.new(_parse_validates_options(options).merge(:attributes => [ attribute ]))
+        end
+      end
+      validators
+    end
+    def _parse_validates_options(options) #:nodoc:
+      case options
+      when TrueClass
+        {}
+      when Hash
+        options
+      when Range, Array
+        { :in => options }
+      else
+        { :with => options }
+      end
+    end
+  end
+end

data/lib/heimdallr/model.rb ADDED Viewed

@@ -0,0 +1,35 @@
+module Heimdallr
+  module Model
+    extend ActiveSupport::Concern
+    module ClassMethods
+      def restrict(&block)
+        @restrictions = Evaluator.new(self, &block)
+      end
+      def restricted?
+        !@restrictions.nil?
+      end
+      def restrictions(context)
+        @restrictions.evaluate(context)
+      end
+    end
+    module InstanceMethods
+      def to_proxy(context, action)
+        if self.class.restricted?
+          Proxy.new(context, action, self)
+        else
+          self
+        end
+      end
+      def validate_action(context, action)
+        if self.class.restricted?
+          self.class.restrictions(context).validate(action, self)
+        end
+      end
+    end
+  end
+end

data/lib/heimdallr/proxy.rb ADDED Viewed

@@ -0,0 +1,61 @@
+module Heimdallr
+  class Proxy
+    def initialize(context, action, object)
+      @context, @action, @object = context, action, object
+      @whitelist = @object.class.restrictions(context).whitelist[@action]
+    end
+    def self.filter_attributes(attributes, whitelist)
+      attributes.delete_if do |key, value|
+        !whitelist.include?(key)
+      end
+      attributes
+    end
+    def attributes
+      self.class.filter_attributes(@object.attributes, @whitelist)
+    end
+    def update_attributes(attributes)
+      @object.update_attributes(self.class.filter_attributes(attributes, @whitelist))
+    end
+    def update_attributes!(attributes)
+      @object.update_attributes!(self.class.filter_attributes(attributes, @whitelist))
+    end
+    def method_missing(method, *args)
+      if method.to_s.ends_with?("?") || method.to_s.ends_with?("=")
+        normalized_method = method[0..-2].to_sym
+      else
+        normalized_method = method
+      end
+      if defined?(ActiveRecord) && @object.is_a?(ActiveRecord::Base) &&
+          association = @object.class.reflect_on_association(method)
+        if association.collection?
+          raise "not implemented"
+        else
+          referenced = @object.send(method, *args)
+          if referenced.respond_to? :to_proxy
+            referenced.to_proxy(@context, @action)
+          else
+            referenced
+          end
+        end
+      elsif @whitelist.include? normalized_method
+        @object.send method, *args
+      elsif @object.respond_to? method
+        nil
+      else
+        super
+      end
+    end
+    def inspect
+      "#<Heimdallr::Proxy(#{@whitelist.join ", "}): #{@object.inspect}>"
+    end
+  end
+end

data/lib/heimdallr/resource.rb ADDED Viewed

@@ -0,0 +1,111 @@
+module Heimdallr
+  module Resource
+    extend ActiveSupport::Concern
+    module ClassMethods
+      attr_reader :model
+      def resource_for(model, options={})
+        @model = model.to_s.capitalize.constantize
+        before_filter :load_all_resources,          only: [ :index ].concat(options[:all] || [])
+        before_filter :load_one_resource,           only: [ :show  ].concat(options[:member] || [])
+        before_filter :load_referenced_resources,   only: [ :update, :destroy ].concat(options[:collection] || [])
+      end
+    end
+    module InstanceMethods
+      def index
+      end
+      def show
+      end
+      def new
+        render :json => {
+          :fields => model.restrictions(security_context).whitelist[:create]
+        }
+      end
+      def create
+        model.transaction do
+          if params.has_key? model.name.underscore
+            scoped_model.new.to_proxy(security_context, :create).
+              update_attributes!(params[model.name.underscore])
+          else
+            @resources.each_with_index do |resource, index|
+              scoped_model.new.to_proxy(security_context, :create).
+                update_attributes!(params[model.name.underscore.pluralize][index])
+            end
+          end
+        end
+        if block_given?
+          yield
+        else
+          render_modified_resources
+        end
+      end
+      def edit
+        render :json => {
+          :fields => model.restrictions(security_context).whitelist[:update]
+        }
+      end
+      def update
+        model.transaction do
+          if params.has_key? model.name.underscore
+            @resources.first.to_proxy(security_context, :update).
+              update_attributes!(params[model.name.underscore])
+          else
+            @resources.each_with_index do |resource, index|
+              resource.to_proxy(security_context, :update).
+              update_attributes!(params[model.name.underscore.pluralize][index])
+            end
+          end
+        end
+        if block_given?
+          yield
+        else
+          render_modified_resources
+        end
+      end
+      def destroy
+        model.transaction do
+          @resources.each &:destroy
+        end
+        render :json => {}, :status => :ok
+      end
+      protected
+      def model
+        self.class.model
+      end
+      def scoped_model
+        self.model.scoped
+      end
+      def load_one_resource
+        @resource  = scoped_model.find(params[:id])
+      end
+      def load_all_resources
+        @resources = scoped_model.scoped
+      end
+      def load_referenced_resources
+        @resources = scoped_model.find(params[:id].split(','))
+      end
+      def render_modified_resources
+        render :action => :index
+      end
+    end
+  end
+end

data/lib/heimdallr/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module Heimdallr
+  VERSION = "0.0.1"
+end

data/spec/proxy_spec.rb ADDED Viewed

@@ -0,0 +1,5 @@
+require 'spec_helper'
+describe Heimdallr::Proxy do
+  pending "write it"
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,5 @@
+require "heimdallr"
+RSpec.configure do |config|
+  # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+end

metadata ADDED Viewed

@@ -0,0 +1,105 @@
+--- !ruby/object:Gem::Specification
+name: heimdallr
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease:
+platform: ruby
+authors:
+- Peter Zotov
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2012-02-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: &80513130 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *80513130
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: &80522090 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *80522090
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &80518720 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *80518720
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: &79906240 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *79906240
+description: ! "Heimdallr aims to provide an easy to configure and efficient object-
+  and field-level access\n control solution, reusing proven patterns from gems like
+  CanCan and allowing one to control permissions in a very\n fine-grained manner."
+email:
+- whitequark@whitequark.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- Rakefile
+- heimdallr.gemspec
+- lib/heimdallr.rb
+- lib/heimdallr/evaluator.rb
+- lib/heimdallr/model.rb
+- lib/heimdallr/proxy.rb
+- lib/heimdallr/resource.rb
+- lib/heimdallr/version.rb
+- spec/proxy_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/roundlake/heimdallr
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: heimdallr
+rubygems_version: 1.8.10
+signing_key:
+specification_version: 3
+summary: Heimdallr is an ActiveModel extension which provides object- and field-level
+  access control.
+test_files: []

heimdallr 0.0.1