helioth 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f4201074868331f8ba3a418613dc76decb79e49f
+  data.tar.gz: 688cd395ea12d10737f0e905c5d1b8b5f8c05426
+SHA512:
+  metadata.gz: b8726335d0d69ac6c9174567a2387eefd662468eaa4fe323682dfbff8b4ec10c7377b7dee22838411fb95d8a17e027e70364e8c117c1fd742f78c6e858392619
+  data.tar.gz: dc61a3a26d12f328255be0ef915427b2be1d4ed5ffc1cc07c0558e387db3ccaff7d91cfa01d7e07d4eb1ea50f6a2663f9a4263640ae301c9fd31a448f2e46990

data/MIT-LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Guillaume Montard
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,28 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Helioth'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core/rake_task'
+require 'bundler/gem_tasks'
+
+# Default directory to look in is `/specs`
+# Run with `rake spec`
+RSpec::Core::RakeTask.new(:spec) do |task|
+  task.rspec_opts = ['--color', '--format', 'documentation']
+end
+
+task :default => :spec

data/lib/helioth.rb

@@ -0,0 +1,25 @@
+require "helioth/version"
+require 'helioth/dsl'
+require 'helioth/role'
+require 'helioth/relation'
+require 'helioth/features'
+require 'helioth/feature'
+require 'helioth/action'
+require 'helioth/controller_additions'
+require 'helioth/controller_resource'
+require 'helioth/model_additions'
+
+module Helioth
+
+  def self.dsl(file = nil)
+    Helioth.const_set("DSL", Helioth::Dsl.load(file)) unless const_defined?("DSL")
+  end
+
+  def self.const_missing(name)
+    if name == :DSL
+      Helioth.dsl
+    else
+      super
+    end
+  end
+end

data/lib/helioth/action.rb

@@ -0,0 +1,23 @@
+module Helioth
+  class Action
+
+    attr_accessor :name, :feature
+
+    def initialize(name, &block)
+      @name = name
+      @locales = I18n.available_locales
+      instance_eval(&block)
+    end
+
+    def status(status=nil)
+      @status ||= status
+    end
+
+    def locales(*locales)
+      unless locales.empty?
+        @locales = locales
+      end
+      @locales
+    end
+  end
+end

data/lib/helioth/controller_additions.rb

@@ -0,0 +1,39 @@
+module Helioth
+  module ControllerAdditions
+    def self.included(base)
+      base.extend ClassMethods
+      base.helper_method :access_to?, :locale_access_to?, :user_access_to?, :instance_access_to?
+    end
+
+    module ClassMethods
+      def load_and_authorize_for(*args)
+        ControllerResource.add_before_filter(self, :load_and_authorize_for, *args)
+      end
+    end
+
+    def access_to?(feature, *actions)
+      return false if !locale_access_to?(feature, *actions)
+      return true if DSL.roles.user.present? && user_access_to?(feature, *actions)
+      return true if DSL.roles.instance.present? && instance_access_to?(feature, *actions)
+      return false
+    end
+
+    def locale_access_to?(feature, *actions)
+      DSL.authorized_for_locale?(feature, actions, I18n.locale)
+    end
+
+    def user_access_to?(feature, *actions)
+      DSL.authorized_for_user?(feature, actions, current_user.helioth_role?)
+    end
+
+    def instance_access_to?(feature, *actions)
+      DSL.authorized_for_instance?(feature, actions, current_instance.helioth_role?)
+    end
+  end
+end
+
+if defined? ActionController::Base
+  ActionController::Base.class_eval do
+    include Helioth::ControllerAdditions
+  end
+end

data/lib/helioth/controller_resource.rb

@@ -0,0 +1,34 @@
+module Helioth
+
+  class ControllerResource
+
+    def self.add_before_filter(controller_class, method, *args)
+      feature = args.first
+      options = args.extract_options!
+
+      before_filter_method = options.delete(:prepend) ? :prepend_before_filter : :before_filter
+      controller_class.send(:before_filter, options.slice(:only, :except, :if, :unless)) do |controller|
+        ControllerResource.new(controller, feature, (options.slice(:action, :actions)).values).send(method)
+      end
+    end
+
+    def initialize(controller, feature, *actions)
+      @controller = controller
+      @feature = feature
+      @actions = actions.flatten
+    end
+
+    def load_and_authorize_for
+      unless @controller.access_to?(@feature, @actions)
+        ##TODO change the behavior based on rails env
+        Rails.logger.info("Access to controller forbidden for feature :#{@feature}")
+        @controller.render :text=>"Access forbidden", :status=>403
+      else
+        Rails.logger.debug("Access to controller granted for feature :#{@feature}")
+        Rails.logger.debug("Access to controller granted for actions #{@actions.inspect}") if @actions.present?
+      end
+    end
+
+  end
+
+end

data/lib/helioth/dsl.rb

@@ -0,0 +1,116 @@
+module Helioth
+  class Dsl
+
+    DSL_FILE = Pathname.new(Rails.root || '').join("config", "helioth.rb").to_s unless defined? DSL_FILE
+
+    def initialize
+      Rails.logger.debug("Loading the DSL for the first time")
+    end
+
+    ##Should be loaded only one time using Helioth::DSL.dsl
+    def self.load(file = nil)
+      dsl = new
+      dsl.instance_eval(file.nil? ? File.read(DSL_FILE) : File.read(file))
+      return(dsl)
+    rescue Errno::ENOENT
+      raise "Helioth::DSL DSL file missing"
+    end
+
+    ## In case the DSL is not well used
+    def method_missing(method_name, *args, &block)
+      raise "No such method #{__method__} in #{__FILE__}"
+    end
+
+    ## Configure roles
+    def roles(&block)
+      @roles ||= Role.new(&block)
+    end
+
+    ## Configure relations
+    def relations(&block)
+      @relations ||= Relation.new(&block)
+    end
+
+    ## Configure features
+    def features(&block)
+      if block
+        @features ||= Features.new(&block)
+      else
+        @features.list
+      end
+    end
+
+    ## Get feature
+    def feature(feature_name)
+      @features.list.map{|feature|
+        feature if feature.name == feature_name
+      }.compact.first
+    end
+
+    ## Get feature action
+    def action(feature_name, action_name)
+      feature(feature_name).actions.map{|action|
+        action if action.name == action_name
+      }.compact.first
+    end
+
+    ## Check authorization
+    def authorized_for_locale?(feature_name, *actions_name, locale)
+      authorized_for(feature_name, actions_name.flatten, {locale: locale})
+    end
+
+    def authorized_for_user?(feature_name, *actions_name, role)
+      authorized_for(feature_name, actions_name.flatten, {role: role, type: :user})
+    end
+
+    def authorized_for_instance?(feature_name, *actions_name, role)
+      authorized_for(feature_name, actions_name.flatten, {role: role, type: :instance})
+    end
+
+    private
+    def authorized_for(feature_name, actions_name, options={})
+
+      role = options[:role]
+      type = options[:type]
+      locale = options[:locale]
+
+      feature, actions = process_input(feature_name, actions_name)
+
+      if feature
+
+        ## If a feature doesn"t have relation (ex: disabled feature)
+        return false if role.present? && relations.feature[feature.status].blank?
+
+        access = Array.new
+
+        if actions.any?
+          access += actions.map{|action|
+            if role.present?
+              relations.feature[action.status][type].include?(role)
+            elsif locale.present?
+              action.locales.include?(locale)
+            end
+          }
+        else
+          access << relations.feature[feature.status][type].include?(role) if role.present?
+          access << feature.locales.include?(locale) if locale.present?
+        end
+
+        access.all?
+      else
+        Rails.logger.info("Feature #{feature.try(:name)} not found")
+        false
+      end
+    rescue
+      raise "Error in method #{__method__} of #{__FILE__}"
+    end
+
+    def process_input(feature_name, actions_name)
+      feature = feature(feature_name)
+      actions = actions_name.flatten.map{|action_name|
+        action(feature_name, action_name)
+      }
+      return([feature, actions])
+    end
+  end
+end

data/lib/helioth/feature.rb

@@ -0,0 +1,40 @@
+module Helioth
+  class Feature
+
+    attr_accessor :name
+
+    def initialize(name, &block)
+      @actions = Array.new
+      @name = name
+      @locales = I18n.available_locales
+      instance_eval(&block)
+    end
+
+    def status(status = nil)
+      @status ||= status
+    end
+
+    def actions(*actions, &block)
+      if block.nil?
+        @actions
+      else
+        actions.each{|action|
+          @actions << Action.new(action, &block)
+        }
+      end
+    end
+
+    def action(action_name)
+      @actions.map{|action|
+        action if action.name == action_name
+      }.compact.first
+    end
+
+    def locales(*locales)
+      unless locales.empty?
+        @locales = locales
+      end
+      @locales
+    end
+  end
+end

data/lib/helioth/features.rb

@@ -0,0 +1,15 @@
+module Helioth
+  class Features
+
+    attr_accessor :list
+
+    def initialize(&block)
+      @list = Array.new
+      instance_eval(&block)
+    end
+
+    def feature(name, &block)
+      @list << Feature.new(name, &block)
+    end
+  end
+end

data/lib/helioth/model_additions.rb

@@ -0,0 +1,49 @@
+module Helioth
+  module ModelAdditions
+    def self.included(base)
+      base.extend ClassMethods
+    end
+
+    module ClassMethods
+      def has_helioth_role(*args)
+        options = args.extract_options!
+        @@role_column = options[:column] || :role
+        @@role_instance = args.first
+
+        add_role_validation
+
+        define_method "#{@@role_column}?" do
+          eval("#{@@role_column}.to_sym")
+        end
+
+        define_method "helioth_role?" do
+          eval("#{@@role_column}?")
+        end
+
+        define_method "is_#{@@role_column}?" do |arg|
+          eval("self.#{@@role_column}.to_sym") == arg.to_sym
+        end
+      end
+
+      def add_role_validation
+        self.send(:validates, @@role_column.to_sym, inclusion: { in: available_roles, message: "%{value} is not a valid value" }, allow_blank: true)
+      end
+
+      def available_roles
+        case @@role_instance when :user
+          roles = DSL.roles.user.map(&:to_s)
+        when :instance
+          roles = DSL.roles.instance.map(&:to_s)
+        else
+          raise "Invalid option #{options} for method #{__method__}"
+        end
+      end
+    end
+  end
+end
+
+if defined? ActiveRecord::Base
+  ActiveRecord::Base.class_eval do
+    include Helioth::ModelAdditions
+  end
+end

data/lib/helioth/relation.rb

@@ -0,0 +1,27 @@
+module Helioth
+  class Relation
+
+    def initialize(&block)
+      @feature = Hash.new
+      instance_eval(&block)
+    end
+
+    def feature(status = nil, &block)
+      if block.nil?
+        @feature
+      else
+        @@tmp = Hash.new
+        instance_eval(&block)
+        @feature[status] = @@tmp
+      end
+    end
+
+    def instance(*status)
+      @@tmp.merge!({instance: status})
+    end
+
+    def user(*status)
+      @@tmp.merge!({user: status})
+    end
+  end
+end

data/lib/helioth/role.rb

@@ -0,0 +1,19 @@
+module Helioth
+  class Role
+    def initialize(&block)
+      instance_eval(&block)
+    end
+
+    def user(*user)
+      @user ||= user
+    end
+
+    def instance(*instance)
+      @instance ||= instance
+    end
+
+    def feature(*feature)
+      @feature ||= feature
+    end
+  end
+end