hone-lockdown 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +6 -0
- data/History.txt +195 -0
- data/README.txt +36 -0
- data/Rakefile +14 -0
- data/VERSION +1 -0
- data/lib/lockdown.rb +73 -0
- data/lib/lockdown/context.rb +48 -0
- data/lib/lockdown/database.rb +117 -0
- data/lib/lockdown/frameworks/rails.rb +105 -0
- data/lib/lockdown/frameworks/rails/controller.rb +163 -0
- data/lib/lockdown/frameworks/rails/view.rb +50 -0
- data/lib/lockdown/helper.rb +101 -0
- data/lib/lockdown/orms/active_record.rb +68 -0
- data/lib/lockdown/permission.rb +240 -0
- data/lib/lockdown/rules.rb +378 -0
- data/lib/lockdown/session.rb +57 -0
- data/lib/lockdown/system.rb +52 -0
- data/rails_generators/lockdown/lockdown_generator.rb +273 -0
- data/rails_generators/lockdown/templates/app/controllers/permissions_controller.rb +22 -0
- data/rails_generators/lockdown/templates/app/controllers/sessions_controller.rb +39 -0
- data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb +122 -0
- data/rails_generators/lockdown/templates/app/controllers/users_controller.rb +117 -0
- data/rails_generators/lockdown/templates/app/helpers/permissions_helper.rb +2 -0
- data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb +2 -0
- data/rails_generators/lockdown/templates/app/helpers/users_helper.rb +2 -0
- data/rails_generators/lockdown/templates/app/models/permission.rb +13 -0
- data/rails_generators/lockdown/templates/app/models/profile.rb +10 -0
- data/rails_generators/lockdown/templates/app/models/user.rb +95 -0
- data/rails_generators/lockdown/templates/app/models/user_group.rb +15 -0
- data/rails_generators/lockdown/templates/app/views/permissions/index.html.erb +16 -0
- data/rails_generators/lockdown/templates/app/views/permissions/show.html.erb +26 -0
- data/rails_generators/lockdown/templates/app/views/sessions/new.html.erb +12 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb +33 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb +20 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb +31 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb +29 -0
- data/rails_generators/lockdown/templates/app/views/users/edit.html.erb +51 -0
- data/rails_generators/lockdown/templates/app/views/users/index.html.erb +22 -0
- data/rails_generators/lockdown/templates/app/views/users/new.html.erb +50 -0
- data/rails_generators/lockdown/templates/app/views/users/show.html.erb +33 -0
- data/rails_generators/lockdown/templates/config/initializers/lockit.rb +1 -0
- data/rails_generators/lockdown/templates/db/migrate/create_admin_user.rb +17 -0
- data/rails_generators/lockdown/templates/db/migrate/create_permissions.rb +19 -0
- data/rails_generators/lockdown/templates/db/migrate/create_profiles.rb +26 -0
- data/rails_generators/lockdown/templates/db/migrate/create_user_groups.rb +19 -0
- data/rails_generators/lockdown/templates/db/migrate/create_users.rb +17 -0
- data/rails_generators/lockdown/templates/lib/lockdown/README +42 -0
- data/rails_generators/lockdown/templates/lib/lockdown/init.rb +131 -0
- data/spec/lockdown/database_spec.rb +158 -0
- data/spec/lockdown/frameworks/rails/controller_spec.rb +224 -0
- data/spec/lockdown/frameworks/rails/view_spec.rb +87 -0
- data/spec/lockdown/frameworks/rails_spec.rb +175 -0
- data/spec/lockdown/permission_spec.rb +166 -0
- data/spec/lockdown/rules_spec.rb +109 -0
- data/spec/lockdown/session_spec.rb +89 -0
- data/spec/lockdown/system_spec.rb +59 -0
- data/spec/lockdown_spec.rb +19 -0
- data/spec/rcov.opts +5 -0
- data/spec/spec.opts +3 -0
- data/spec/spec_helper.rb +1 -0
- metadata +131 -0
@@ -0,0 +1,89 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
|
3
|
+
class TestAController
|
4
|
+
include Lockdown::Session
|
5
|
+
end
|
6
|
+
|
7
|
+
describe Lockdown::Session do
|
8
|
+
before do
|
9
|
+
@controller = TestAController.new
|
10
|
+
|
11
|
+
@actions = %w(posts/index posts/show posts/new posts/edit posts/create posts/update posts/destroy)
|
12
|
+
|
13
|
+
@session = {:access_rights => @actions}
|
14
|
+
|
15
|
+
@controller.stub!(:session).and_return(@session)
|
16
|
+
end
|
17
|
+
|
18
|
+
describe "#nil_lockdown_values" do
|
19
|
+
it "should nil access_rights" do
|
20
|
+
@controller.send :nil_lockdown_values
|
21
|
+
@session[:access_rights].should == nil
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#current_user_access_in_group?" do
|
26
|
+
it "should return true if current user is admin" do
|
27
|
+
@actions = :all
|
28
|
+
@session = {:access_rights => @actions}
|
29
|
+
@controller.stub!(:session).and_return(@session)
|
30
|
+
|
31
|
+
@controller.send(:current_user_access_in_group?,:group).should == true
|
32
|
+
end
|
33
|
+
|
34
|
+
it "should return true if current_user has access" do
|
35
|
+
user_groups = {:public_group => [:public_access]}
|
36
|
+
hash = {:public_access => ["posts/index", "posts/show"]}
|
37
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
38
|
+
|
39
|
+
Lockdown::System.stub!(:user_groups).and_return(user_groups)
|
40
|
+
@controller.send(:current_user_access_in_group?,:public_group).should be_true
|
41
|
+
end
|
42
|
+
|
43
|
+
it "should return false if current_user has access" do
|
44
|
+
user_groups = {:public_group => [:public_access]}
|
45
|
+
hash = {:public_access => ["books/edit", "books/update"]}
|
46
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
47
|
+
|
48
|
+
Lockdown::System.stub!(:user_groups).and_return(user_groups)
|
49
|
+
@controller.send(:current_user_access_in_group?,:public_group).should be_false
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
describe "#current_user_is_admin?" do
|
54
|
+
it "should return true if access_rights == :all" do
|
55
|
+
@actions = :all
|
56
|
+
@session = {:access_rights => @actions}
|
57
|
+
@controller.stub!(:session).and_return(@session)
|
58
|
+
|
59
|
+
@controller.send(:current_user_is_admin?).should == true
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
describe "#add_lockdown_session_values" do
|
64
|
+
it "should set the access_rights from the user list" do
|
65
|
+
array = ["posts/index", "posts/show"]
|
66
|
+
Lockdown::System.stub!(:access_rights_for_user).and_return(array)
|
67
|
+
@controller.stub!(:current_user).and_return(:user_object)
|
68
|
+
@controller.send(:add_lockdown_session_values)
|
69
|
+
@session[:access_rights].should == array
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
|
74
|
+
describe "#access_in_perm" do
|
75
|
+
it "should return false if permissions nil" do
|
76
|
+
Lockdown::System.stub!(:permissions).and_return({})
|
77
|
+
@controller.send(:access_in_perm?,:dummy).should be_false
|
78
|
+
end
|
79
|
+
|
80
|
+
it "should return true if permission found" do
|
81
|
+
hash = {:public => ["posts/index", "posts/show"]}
|
82
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
83
|
+
@controller.send(:access_in_perm?,:public).should be_true
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
describe "#session_access_rights_include?" do
|
88
|
+
end
|
89
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
require File.join(File.dirname(__FILE__), %w[.. .. lib lockdown rules])
|
3
|
+
|
4
|
+
describe Lockdown::System do
|
5
|
+
it "should fetch the option" do
|
6
|
+
Lockdown::System.options = {}
|
7
|
+
Lockdown::System.options['test'] = "my test"
|
8
|
+
Lockdown::System.fetch('test').should == "my test"
|
9
|
+
end
|
10
|
+
|
11
|
+
it "should fetch the controller class" do
|
12
|
+
klass = mock("User Controller Class")
|
13
|
+
Lockdown.stub!(:controller_class_name).and_return(:users)
|
14
|
+
Lockdown::System.controller_classes = {}
|
15
|
+
Lockdown::System.controller_classes[:users] = klass
|
16
|
+
Lockdown::System.fetch_controller_class(:users).should equal(klass)
|
17
|
+
end
|
18
|
+
|
19
|
+
describe "#configure" do
|
20
|
+
it "should call the methods responsible for defining the rules" do
|
21
|
+
Lockdown::System.stub!(:skip_sync?).and_return(false)
|
22
|
+
|
23
|
+
Lockdown::System.should_receive :set_defaults
|
24
|
+
|
25
|
+
Lockdown::System.should_receive :load_controller_classes
|
26
|
+
|
27
|
+
Lockdown::System.should_receive :instance_eval
|
28
|
+
|
29
|
+
Lockdown::System.should_receive :process_rules
|
30
|
+
|
31
|
+
Lockdown::Database.should_receive :sync_with_db
|
32
|
+
|
33
|
+
Lockdown::System.configure do
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe "#paths_for" do
|
39
|
+
it "should join the str_sym to the methods" do
|
40
|
+
Lockdown::System.paths_for(:users, :show, :edit).
|
41
|
+
should == ["users/show", "users/edit"]
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should add users to the array if access is granted on index" do
|
45
|
+
Lockdown::System.paths_for(:users, :index, :show, :edit).
|
46
|
+
should == ["users/index", "users/show", "users/edit", "users"]
|
47
|
+
end
|
48
|
+
|
49
|
+
it "should build the paths from the controller class if no methods specified" do
|
50
|
+
methods = ["new","edit","create","update"]
|
51
|
+
Lockdown::System.stub!(:fetch_controller_class)
|
52
|
+
Lockdown::System.stub!(:available_actions).
|
53
|
+
and_return(methods)
|
54
|
+
|
55
|
+
Lockdown::System.paths_for(:users).
|
56
|
+
should == ["users/new","users/edit","users/create","users/update"]
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), 'spec_helper')
|
2
|
+
|
3
|
+
describe Lockdown do
|
4
|
+
before do
|
5
|
+
Lockdown.stub!(:version).and_return('1.2.3')
|
6
|
+
end
|
7
|
+
|
8
|
+
it "should return the correct major version" do
|
9
|
+
Lockdown.major_version.should equal(1)
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should return the correct minor version" do
|
13
|
+
Lockdown.minor_version.should equal(2)
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should return the correct patch version" do
|
17
|
+
Lockdown.patch_version.should equal(3)
|
18
|
+
end
|
19
|
+
end
|
data/spec/rcov.opts
ADDED
data/spec/spec.opts
ADDED
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), %w[.. lib lockdown]))
|
metadata
ADDED
@@ -0,0 +1,131 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: hone-lockdown
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.2.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Andrew Stone
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2009-08-06 00:00:00 -07:00
|
13
|
+
default_executable:
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: ruby2ruby
|
17
|
+
type: :runtime
|
18
|
+
version_requirement:
|
19
|
+
version_requirements: !ruby/object:Gem::Requirement
|
20
|
+
requirements:
|
21
|
+
- - ">="
|
22
|
+
- !ruby/object:Gem::Version
|
23
|
+
version: "0"
|
24
|
+
version:
|
25
|
+
description: Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
|
26
|
+
email: andy@stonean.com
|
27
|
+
executables: []
|
28
|
+
|
29
|
+
extensions: []
|
30
|
+
|
31
|
+
extra_rdoc_files:
|
32
|
+
- README.txt
|
33
|
+
files:
|
34
|
+
- .gitignore
|
35
|
+
- History.txt
|
36
|
+
- README.txt
|
37
|
+
- Rakefile
|
38
|
+
- VERSION
|
39
|
+
- lib/lockdown.rb
|
40
|
+
- lib/lockdown/context.rb
|
41
|
+
- lib/lockdown/database.rb
|
42
|
+
- lib/lockdown/frameworks/rails.rb
|
43
|
+
- lib/lockdown/frameworks/rails/controller.rb
|
44
|
+
- lib/lockdown/frameworks/rails/view.rb
|
45
|
+
- lib/lockdown/helper.rb
|
46
|
+
- lib/lockdown/orms/active_record.rb
|
47
|
+
- lib/lockdown/permission.rb
|
48
|
+
- lib/lockdown/rules.rb
|
49
|
+
- lib/lockdown/session.rb
|
50
|
+
- lib/lockdown/system.rb
|
51
|
+
- rails_generators/lockdown/lockdown_generator.rb
|
52
|
+
- rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
|
53
|
+
- rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
|
54
|
+
- rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
|
55
|
+
- rails_generators/lockdown/templates/app/controllers/users_controller.rb
|
56
|
+
- rails_generators/lockdown/templates/app/helpers/permissions_helper.rb
|
57
|
+
- rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb
|
58
|
+
- rails_generators/lockdown/templates/app/helpers/users_helper.rb
|
59
|
+
- rails_generators/lockdown/templates/app/models/permission.rb
|
60
|
+
- rails_generators/lockdown/templates/app/models/profile.rb
|
61
|
+
- rails_generators/lockdown/templates/app/models/user.rb
|
62
|
+
- rails_generators/lockdown/templates/app/models/user_group.rb
|
63
|
+
- rails_generators/lockdown/templates/app/views/permissions/index.html.erb
|
64
|
+
- rails_generators/lockdown/templates/app/views/permissions/show.html.erb
|
65
|
+
- rails_generators/lockdown/templates/app/views/sessions/new.html.erb
|
66
|
+
- rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb
|
67
|
+
- rails_generators/lockdown/templates/app/views/user_groups/index.html.erb
|
68
|
+
- rails_generators/lockdown/templates/app/views/user_groups/new.html.erb
|
69
|
+
- rails_generators/lockdown/templates/app/views/user_groups/show.html.erb
|
70
|
+
- rails_generators/lockdown/templates/app/views/users/edit.html.erb
|
71
|
+
- rails_generators/lockdown/templates/app/views/users/index.html.erb
|
72
|
+
- rails_generators/lockdown/templates/app/views/users/new.html.erb
|
73
|
+
- rails_generators/lockdown/templates/app/views/users/show.html.erb
|
74
|
+
- rails_generators/lockdown/templates/config/initializers/lockit.rb
|
75
|
+
- rails_generators/lockdown/templates/db/migrate/create_admin_user.rb
|
76
|
+
- rails_generators/lockdown/templates/db/migrate/create_permissions.rb
|
77
|
+
- rails_generators/lockdown/templates/db/migrate/create_profiles.rb
|
78
|
+
- rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
|
79
|
+
- rails_generators/lockdown/templates/db/migrate/create_users.rb
|
80
|
+
- rails_generators/lockdown/templates/lib/lockdown/README
|
81
|
+
- rails_generators/lockdown/templates/lib/lockdown/init.rb
|
82
|
+
- spec/lockdown/database_spec.rb
|
83
|
+
- spec/lockdown/frameworks/rails/controller_spec.rb
|
84
|
+
- spec/lockdown/frameworks/rails/view_spec.rb
|
85
|
+
- spec/lockdown/frameworks/rails_spec.rb
|
86
|
+
- spec/lockdown/permission_spec.rb
|
87
|
+
- spec/lockdown/rules_spec.rb
|
88
|
+
- spec/lockdown/session_spec.rb
|
89
|
+
- spec/lockdown/system_spec.rb
|
90
|
+
- spec/lockdown_spec.rb
|
91
|
+
- spec/rcov.opts
|
92
|
+
- spec/spec.opts
|
93
|
+
- spec/spec_helper.rb
|
94
|
+
has_rdoc: true
|
95
|
+
homepage: http://stonean.com/wiki/lockdown
|
96
|
+
licenses:
|
97
|
+
post_install_message:
|
98
|
+
rdoc_options:
|
99
|
+
- --charset=UTF-8
|
100
|
+
require_paths:
|
101
|
+
- lib
|
102
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
103
|
+
requirements:
|
104
|
+
- - ">="
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
version: "0"
|
107
|
+
version:
|
108
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
109
|
+
requirements:
|
110
|
+
- - ">="
|
111
|
+
- !ruby/object:Gem::Version
|
112
|
+
version: "0"
|
113
|
+
version:
|
114
|
+
requirements: []
|
115
|
+
|
116
|
+
rubyforge_project:
|
117
|
+
rubygems_version: 1.3.5
|
118
|
+
signing_key:
|
119
|
+
specification_version: 2
|
120
|
+
summary: Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
|
121
|
+
test_files:
|
122
|
+
- spec/lockdown/database_spec.rb
|
123
|
+
- spec/lockdown/rules_spec.rb
|
124
|
+
- spec/lockdown/session_spec.rb
|
125
|
+
- spec/lockdown/frameworks/rails_spec.rb
|
126
|
+
- spec/lockdown/frameworks/rails/view_spec.rb
|
127
|
+
- spec/lockdown/frameworks/rails/controller_spec.rb
|
128
|
+
- spec/lockdown/permission_spec.rb
|
129
|
+
- spec/lockdown/system_spec.rb
|
130
|
+
- spec/lockdown_spec.rb
|
131
|
+
- spec/spec_helper.rb
|