RubyGems - ixtlan-guard - Versions diffs - 0.1.0 → 0.4.0 - Mend

ixtlan-guard 0.1.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

data/lib/ixtlan/guard/railtie.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'rails'
+require 'ixtlan/guard'
+require 'logger'
+module Ixtlan
+  module Guard
+    class Railtie < Rails::Railtie
+      config.before_configuration do |app|
+        app.config.guard =
+          Ixtlan::Guard::Guard.new(:guard_dir => File.join(Rails.root, "app", "guards"))
+      end
+      config.after_initialize do |app|
+        logger = app.config.logger || Rails.logger || Logger.new(STDERR)
+        app.config.guard.logger = logger unless defined?(Slf4r)
+        begin
+          app.config.guard.setup
+        rescue Ixtlan::Guard::GuardException => e
+          logger.warn e.message
+        end
+      end
+      config.generators do
+        require 'rails/generators'
+        require 'rails/generators/rails/controller/controller_generator'
+        Rails::Generators::ControllerGenerator.hook_for :guard, :type => :boolean, :default => true do |controller|
+          invoke controller, [ class_name, actions ]
+        end
+      end
+    end
+  end
+end

data/lib/ixtlan/guard/spec/user_management_models_spec.rb ADDED Viewed

@@ -0,0 +1,193 @@
+shared_examples_for 'integration-test' do
+  describe "UserManagementModels" do
+    before :all do
+      @root = Group.find_by_name(Group::ROOT) || Group.create(:name => Group::ROOT)
+      @admin = Group.find_by_name(Group::ADMIN) || Group.create(:name => Group::ADMIN)
+      @translator = Group.find_by_name("translator") || Group.create(:name => "translator")
+      @superuser = User.find_by_id(1)
+      if @superuser.nil? || @superuser.groups == []
+        @superuser = User.create!
+        @superuser.groups << @root
+        @superuser.save!
+      end
+      @main = Domain.find_by_name('main') || Domain.create(:name => 'main')
+      @sub = Domain.find_by_name('sub') || Domain.create(:name => 'sub')
+      DomainsGroupsUser.delete_all
+      @adminuser = User.new('group_ids' => [@admin.id])
+      @adminuser.current_user = @superuser
+      @adminuser.save
+    end
+    describe "root user" do
+      it 'should create user' do
+        @adminuser.id.should_not be_nil
+        @adminuser.groups.should == [@admin]
+        @adminuser.domains_for_group(@admin).should == []
+      end
+      it 'should add domain to user via update' do
+        @adminuser.domains_for_group(@admin).member?(@main).should be_false
+        @adminuser.current_user = @superuser
+        @adminuser.update_attributes(Group::ADMIN => { 'domain_ids' => [@main.id.to_s] }, 'group_ids' => [@admin.id.to_s])
+        @adminuser.domains_for_group(@admin).member?(@main).should be_true
+        @adminuser.current_user.should be_nil
+      end
+      it 'should raise error when adding a domain without current_user set' do
+        @adminuser.current_user = nil
+        lambda { @adminuser.update_attributes(Group::ADMIN => { 'domain_ids' => [@sub.id.to_s] }, 'group_ids' => [@admin.id.to_s]) }.should raise_error
+        @adminuser.current_user.should be_nil
+      end
+      it 'should add new group through update' do
+        @adminuser.groups.member?(@translator).should be_false
+        @adminuser.current_user = @superuser
+        @adminuser.update_attributes('group_ids' => [@translator.id.to_s])
+        @adminuser.groups.member?(@translator).should be_true
+      end
+      it 'should raise error when adding new group' do
+        @adminuser.groups.member?(@root).should be_false
+        @adminuser.current_user = nil
+        lambda{ @adminuser.update_attributes('group_ids' => [@translator.id.to_s])}.should raise_error
+        @adminuser.current_user.should be_nil
+      end
+    end
+    describe "admin user" do
+      before :all do
+        @locales = Group.find_by_name("locales") || Group.create(:name => "locales")
+        @adminuser.current_user = @superuser
+        @adminuser.update_attributes('group_ids' => [@admin.id.to_s, @locales.id.to_s], Group::ADMIN => {"domain_ids" => [@main.id.to_s]})
+        @adminuser.save
+      end
+      it 'should create new users' do
+        user = User.new('group_ids' => [@admin.id.to_s])
+        user.current_user = @adminuser
+        user.save.should be_true
+        user.groups.member?(@admin).should be_true
+        user.groups.size.should == 1
+      end
+      it 'should not add group via update_attributes which admin does not belong to' do
+        user = User.create({:current_user => @adminuser, 'group_ids' => [@root.id.to_s]})
+        user.id.should_not be_nil
+        user.groups.member?(@root).should be_false
+        user.groups.size.should == 0
+      end
+      it 'should not add group via update_attributes which admin does not belong to' do
+        user = User.create(:current_user => @adminuser)
+        user.id.should_not be_nil
+        user.current_user = @adminuser
+        user.update_attributes('group_ids' => [@root.id.to_s]).should be_true
+        user.groups.member?(@root).should be_false
+        user.groups.size.should == 0
+      end
+      it 'should be able to delete only groups belonging to admin, leave others alone' do
+        user = User.create(:current_user => @superuser, 'group_ids' => [@translator.id.to_s])
+        user.groups.member?(@translator).should be_true
+        user.current_user = @adminuser
+        user.update_attributes('group_ids' => []).should be_true
+        user.groups.member?(@translator).should be_true
+        user.groups.size.should == 1
+      end
+      it 'should be able to add and delete groups belonging to admin' do
+        user = User.create(:current_user => @superuser, 'group_ids' => [@translator.id.to_s])
+        user.id.should_not be_nil
+        user.groups.member?(@translator).should be_true
+        user.current_user = @adminuser
+        user.update_attributes('group_ids' => [@admin.id.to_s, @locales.id.to_s]).should be_true
+        user.groups.member?(@translator).should be_true
+        user.groups.size.should == 3
+        user.current_user = @adminuser
+        user.update_attributes('group_ids' => [@locales.id.to_s]).should be_true
+        user.groups.member?(@locales).should be_true
+        user.groups.member?(@translator).should be_true
+        user.groups.size.should == 2
+      end
+      it 'should create new users with domains' do
+        # first create to have an ID
+        user = User.create(:current_user => @adminuser)
+        user.id.should_not be_nil
+        # then add the domain
+        user.update_attributes(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [@main.id.to_s] })
+        user.groups.member?(@admin).should be_true
+        user.groups.size.should == 1
+        user.domains_for_group(@admin).member?(@main).should be_true
+        user.domains_for_group(@admin).size.should == 1
+      end
+      it 'should add only domains which belongs to admin' do
+        # first create to have an ID
+        user = User.create(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s])
+        user.id.should_not be_nil
+        # then add the domain
+        user.update_attributes(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [@main.id.to_s, @sub.id.to_s] })
+        user.groups.member?(@admin).should be_true
+        user.groups.size.should == 1
+        user.domains_for_group(@admin).member?(@main).should be_true
+        user.domains_for_group(@admin).size.should == 1
+      end
+      it 'should add only domains belonging to the admin' do
+        # first create to have an ID
+        user = User.create(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s])
+        user.id.should_not be_nil
+        # then add the domain
+        user.update_attributes(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [@main.id.to_s, @sub.id.to_s] })
+        user.groups.member?(@admin).should be_true
+        user.groups.size.should == 1
+        user.domains_for_group(@admin).member?(@main).should be_true
+        user.domains_for_group(@admin).size.should == 1
+        user.update_attributes(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [] })
+        user.domains_for_group(@admin).size.should == 0
+      end
+      it 'should delete only domains belonging to the admin' do
+        # first create to have an ID
+        user = User.create(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s])
+        user.id.should_not be_nil
+        # then add the domain
+        user.update_attributes(:current_user => @superuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [@main.id.to_s, @sub.id.to_s] })
+        user.groups.member?(@admin).should be_true
+        user.groups.size.should == 1
+        user.domains_for_group(@admin).member?(@main).should be_true
+        user.domains_for_group(@admin).member?(@sub).should be_true
+        user.domains_for_group(@admin).size.should == 2
+        user.update_attributes(:current_user => @adminuser, 'group_ids' => [@admin.id.to_s], "admin" => {"domain_ids" => [] })
+        user.domains_for_group(@admin).member?(@main).should be_false
+        user.domains_for_group(@admin).member?(@sub).should be_true
+        user.domains_for_group(@admin).size.should == 1
+      end
+    end
+  end
+end

data/spec/guard_spec.rb CHANGED Viewed

@@ -4,15 +4,23 @@ require 'ixtlan/guard'
 describe Ixtlan::Guard do
   before :all do
-    @guard = Ixtlan::Guard.new(Logger.new(STDOUT),
-                               :root,
-                               File.join(File.dirname(__FILE__), "guards") )
+    @guard = Ixtlan::Guard::Guard.new(:guard_dir => File.join(File.dirname(__FILE__), "guards") )
     @guard.setup
     @current_user = Object.new
     def @current_user.groups(g = nil)
-      @g = g if g
-      @g || []
+      if g
+        @groups = g.collect do |gg|
+          group = Object.new
+          def group.name(name =nil)
+            @name = name if name
+            @name
+          end
+          group.name(gg)
+          group
+        end
+      end
+      @groups || []
     end
     @controller = Object.new
@@ -24,20 +32,18 @@ describe Ixtlan::Guard do
   end
   it 'should fail with missing guard dir' do
-    lambda {Ixtlan::Guard.new(Logger.new(STDOUT),
-                              :root,
-                              "does_not_exists").setup }.should raise_error(Ixtlan::GuardException)
+    lambda {Ixtlan::Guard::Guard.new(:guard_dir => "does_not_exists").setup }.should raise_error(Ixtlan::Guard::GuardException)
   end
   it 'should initialize' do
     @guard.should_not be_nil
   end
-  it 'should pass check without user' do
+  it 'should fail check without current user' do
     controller = Object.new
     def controller.current_user
     end
-    @guard.check(controller, :none, :something).should be_true
+    @guard.check(controller, :none, :something).should be_false
   end
   it 'should pass check with user being root' do
@@ -65,6 +71,36 @@ describe Ixtlan::Guard do
     @guard.check(@controller, :users, :update).should be_true
   end
+  it 'should not pass check with user when in blocked group' do
+    @current_user.groups([:users])
+    @guard.block_groups([:users])
+    begin
+      @guard.check(@controller, :users, :update).should be_false
+    ensure
+      @guard.block_groups([])
+    end
+  end
+  it 'should pass check with user when not in blocked group' do
+    @current_user.groups([:users])
+    @guard.block_groups([:accounts])
+    begin
+      @guard.check(@controller, :users, :update).should be_true
+    ensure
+      @guard.block_groups([])
+    end
+  end
+  it 'should pass check with root-user when not in blocked group' do
+    @current_user.groups([:root])
+    @guard.block_groups([:root])
+    begin
+      @guard.check(@controller, :users, :update).should be_true
+    ensure
+      @guard.block_groups([])
+    end
+  end
   it 'should not pass check with user' do
     @current_user.groups([:accounts])
     @guard.check(@controller, :users, :update).should be_false
@@ -85,10 +121,10 @@ describe Ixtlan::Guard do
   end
   it 'should raise exception on unknown action' do
-    lambda {@guard.check(@controller, :users, :unknown_action) }.should raise_error(Ixtlan::GuardException)
+    lambda {@guard.check(@controller, :users, :unknown_action) }.should raise_error(Ixtlan::Guard::GuardException)
   end
   it 'should raise exception on unknown resource' do
-    lambda {@guard.check(@controller, :unknown_resource, :update) }.should raise_error(Ixtlan::GuardException)
+    lambda {@guard.check(@controller, :unknown_resource, :update) }.should raise_error(Ixtlan::Guard::GuardException)
   end
 end

data/spec/railtie_spec.rb CHANGED Viewed

@@ -1,2 +1,2 @@
 require 'spec_helper'
-require 'ixtlan/guard_railtie'
+require 'ixtlan/guard/railtie'

metadata CHANGED Viewed

@@ -1,12 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: ixtlan-guard
 version: !ruby/object:Gem::Version
-  prerelease: false
-  segments:
-    - 0
-    - 1
-    - 0
-  version: 0.1.0
+  prerelease:
+  version: 0.4.0
 platform: ruby
 authors:
   - mkristian
@@ -14,65 +10,75 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-10-17 00:00:00 +05:30
+date: 2011-07-23 00:00:00 +05:30
 default_executable:
 dependencies:
   - !ruby/object:Gem::Dependency
-    name: rails
+    name: ixtlan-core
     prerelease: false
     requirement: &id001 !ruby/object:Gem::Requirement
+      none: false
       requirements:
         - - "="
           - !ruby/object:Gem::Version
-            segments:
-              - 3
-              - 0
-              - 0
-            version: 3.0.0
-    type: :development
+            version: 0.4.0
+    type: :runtime
     version_requirements: *id001
   - !ruby/object:Gem::Dependency
-    name: rspec
+    name: rails
     prerelease: false
     requirement: &id002 !ruby/object:Gem::Requirement
+      none: false
       requirements:
         - - "="
           - !ruby/object:Gem::Version
-            segments:
-              - 1
-              - 3
-              - 1
-            version: 1.3.1
+            version: 3.0.9
     type: :development
     version_requirements: *id002
   - !ruby/object:Gem::Dependency
-    name: cucumber
+    name: rspec
     prerelease: false
     requirement: &id003 !ruby/object:Gem::Requirement
+      none: false
       requirements:
         - - "="
           - !ruby/object:Gem::Version
-            segments:
-              - 0
-              - 9
-              - 2
-            version: 0.9.2
+            version: 2.6.0
     type: :development
     version_requirements: *id003
   - !ruby/object:Gem::Dependency
-    name: rake
+    name: cucumber
     prerelease: false
     requirement: &id004 !ruby/object:Gem::Requirement
+      none: false
       requirements:
         - - "="
           - !ruby/object:Gem::Version
-            segments:
-              - 0
-              - 8
-              - 7
-            version: 0.8.7
+            version: 0.9.4
     type: :development
     version_requirements: *id004
+  - !ruby/object:Gem::Dependency
+    name: rake
+    prerelease: false
+    requirement: &id005 !ruby/object:Gem::Requirement
+      none: false
+      requirements:
+        - - "="
+          - !ruby/object:Gem::Version
+            version: 0.8.7
+    type: :development
+    version_requirements: *id005
+  - !ruby/object:Gem::Dependency
+    name: ruby-maven
+    prerelease: false
+    requirement: &id006 !ruby/object:Gem::Requirement
+      none: false
+      requirements:
+        - - "="
+          - !ruby/object:Gem::Version
+            version: 0.8.3.0.3.0.28.3
+    type: :development
+    version_requirements: *id006
 description: simple authorization framework for rails controllers
 email:
   - m.kristian@web.de
@@ -83,28 +89,47 @@ extensions: []
 extra_rdoc_files: []
 files:
+  - MIT-LICENSE
   - lib/ixtlan-guard.rb
-  - lib/generators/scaffold/scaffold/scaffold_generator.rb
-  - lib/generators/ixtlan/controller/USAGE
-  - lib/generators/ixtlan/controller/controller_generator.rb
-  - lib/generators/ixtlan/scaffold/USAGE
-  - lib/generators/ixtlan/scaffold/scaffold_generator.rb
-  - lib/generators/ixtlan/templates/new.html.erb
-  - lib/generators/ixtlan/templates/show.html.erb
-  - lib/generators/ixtlan/templates/guard.rb
-  - lib/generators/ixtlan/templates/edit.html.erb
-  - lib/generators/ixtlan/templates/index.html.erb
-  - lib/ixtlan/guard_railtie.rb
-  - lib/ixtlan/rails_integration.rb
+  - lib/generators/erb/user_management_controller_generator.rb
+  - lib/generators/guard/controller/USAGE
+  - lib/generators/guard/controller/controller_generator.rb
+  - lib/generators/guard/scaffold/USAGE
+  - lib/generators/guard/scaffold/scaffold_generator.rb
+  - lib/generators/guard/scaffold/templates/guard.rb
+  - lib/generators/guard/templates/guard.rb
+  - lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb
+  - lib/generators/ixtlan/user_management_controller/USAGE
+  - lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb
+  - lib/generators/ixtlan/maintenance_scaffold/USAGE
+  - lib/generators/ixtlan/maintenance_scaffold/maintenance_scaffold_generator.rb
+  - lib/generators/ixtlan/permissions_scaffold/USAGE
+  - lib/generators/ixtlan/permissions_scaffold/permissions_scaffold_generator.rb
+  - lib/generators/ixtlan/user_management_models/user_management_models_generator.rb
+  - lib/generators/ixtlan/user_management_models/USAGE
+  - lib/generators/active_record/user_management_models_generator.rb
+  - lib/generators/active_record/templates/user_model.rb
+  - lib/generators/active_record/templates/group_model.rb
+  - lib/generators/active_record/templates/flavor_migration.rb
+  - lib/generators/active_record/templates/group_user_migration.rb
+  - lib/generators/active_record/templates/flavor_model.rb
   - lib/ixtlan/guard.rb
-  - spec/guard_spec.rb
+  - lib/ixtlan/guard/rails_integration.rb
+  - lib/ixtlan/guard/guard.rb
+  - lib/ixtlan/guard/railtie.rb
+  - lib/ixtlan/guard/controllers/maintenance_controller.rb
+  - lib/ixtlan/guard/controllers/permissions_controller.rb
+  - lib/ixtlan/guard/spec/user_management_models_spec.rb
+  - lib/ixtlan/guard/models/maintenance.rb
+  - lib/ixtlan/guard/models/user_update_manager.rb
   - spec/spec_helper.rb
+  - spec/guard_spec.rb
   - spec/railtie_spec.rb
   - spec/guards/users_guard.rb
 has_rdoc: true
 homepage: http://github.com/mkristian/ixtlan-guard
-licenses: []
+licenses:
+  - MIT-LICENSE
 post_install_message:
 rdoc_options:
   - --main
@@ -112,23 +137,21 @@ rdoc_options:
 require_paths:
   - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-          - 0
         version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-          - 0
         version: "0"
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.6
+rubygems_version: 1.5.1
 signing_key:
 specification_version: 3
 summary: guard your controller actions