id_please 0.3.1 → 0.3.3
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +18 -0
- data/README.rdoc +33 -1
- data/VERSION +1 -1
- data/id_please.gemspec +3 -2
- data/test/debug.log +8076 -0
- data/test/roles_test.rb +0 -2
- data/test/test_helper.rb +2 -0
- metadata +3 -2
data/MIT-LICENSE
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
2
|
+
a copy of this software and associated documentation files (the
|
3
|
+
"Software"), to deal in the Software without restriction, including
|
4
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
5
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
6
|
+
permit persons to whom the Software is furnished to do so, subject to
|
7
|
+
the following conditions:
|
8
|
+
|
9
|
+
The above copyright notice and this permission notice shall be
|
10
|
+
included in all copies or substantial portions of the Software.
|
11
|
+
|
12
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
13
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
14
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
15
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
16
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
17
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
18
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
CHANGED
@@ -1,6 +1,38 @@
|
|
1
1
|
= id_please
|
2
2
|
|
3
|
-
|
3
|
+
ID Please is an authorization system for any system using ActiveRecord. It is a role-based solution, but is meant to be fairly robust, support assigning roles to users and groups, with unlimited levels of nesting of users and groups. While documentation is scant, all methods should be tested as of now.
|
4
|
+
|
5
|
+
== Implementation
|
6
|
+
|
7
|
+
The current set of models, and the method to include:
|
8
|
+
|
9
|
+
User and Groups can be the subject of a role by assigning them.. Each role has a name, and can refer to an object, or be global.
|
10
|
+
|
11
|
+
One specified name for roles is privileged (by default "Member"). If a subject is assigned to be a "Member" of another group, then when the subject is checked for whether it has a role, it checks both itself and all parent groups for whether it passes.
|
12
|
+
|
13
|
+
User: acts_as_authorization_subject
|
14
|
+
Group: acts_as_authorization_group
|
15
|
+
Assignment: acts_as_authorization_assignment
|
16
|
+
Role: acts_as_authorization_role
|
17
|
+
Object (can have roles): acts_as_authorization_object
|
18
|
+
|
19
|
+
|
20
|
+
By default, users can belong to groups, and those groups can have groups as well. This makes the checking db-query intensive (n+1 queries, where n is the number of level of parent groups for the current user). While these queries are quick, you can disable groups (and group nesting), to cut down on this. (currently not fully tested, use at own risk.)
|
21
|
+
|
22
|
+
|
23
|
+
== Areas for improvement
|
24
|
+
|
25
|
+
* Better documentation
|
26
|
+
* Fast query of infinite level groups via optional cache table
|
27
|
+
* Testing to see whether or not non-standard names work.
|
28
|
+
* Using memoization to lower number of queries.
|
29
|
+
* Using a config file to enable easier setup of all models
|
30
|
+
* Building in permissions support
|
31
|
+
|
32
|
+
== Thanks to
|
33
|
+
|
34
|
+
A great deal of thanks must be given to acl9, and oleg dashevskii, which provided a lot of the initial inspiration for this and some of the code.
|
35
|
+
|
4
36
|
|
5
37
|
== Note on Patches/Pull Requests
|
6
38
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.3.
|
1
|
+
0.3.3
|
data/id_please.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{id_please}
|
8
|
-
s.version = "0.3.
|
8
|
+
s.version = "0.3.3"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["James Stuart"]
|
12
|
-
s.date = %q{2010-
|
12
|
+
s.date = %q{2010-02-17}
|
13
13
|
s.description = %q{Access control gem}
|
14
14
|
s.email = %q{tastyhat@jamesstuart.org}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
|
|
20
20
|
".document",
|
21
21
|
".gitignore",
|
22
22
|
"LICENSE",
|
23
|
+
"MIT-LICENSE",
|
23
24
|
"README.rdoc",
|
24
25
|
"Rakefile",
|
25
26
|
"VERSION",
|