RubyGems - ixtlan-guard - Versions diffs - 0.7.0 → 0.7.2 - Mend

ixtlan-guard 0.7.0 → 0.7.2

Files changed (39) hide show

data/spec/guard_spec.rb CHANGED Viewed

@@ -7,7 +7,7 @@ describe Ixtlan::Guard::GuardNG do
   subject do
     logger = Logger.new(STDOUT)
     def logger.debug(&block)
-      info("\n\t[debug] " + block.call)
+      #info("\n\t[debug] " + block.call)
     end
     Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
   end
@@ -83,19 +83,4 @@ describe Ixtlan::Guard::GuardNG do
     subject.allowed?(:allow_all_defaults, :update, [:users]).should be_true
   end
-  it 'should pass with right group and allowed flavor' do
-    subject.allowed?(:users, :update, [:users], :example){ |g| [:example]}.should be_true
-  end
-  it 'should not pass with wrong group but allowed flavor' do
-    subject.allowed?(:users, :update, [:accounts], :example){ |g| [:example]}.should be_false
-  end
-  it 'should not pass with wrong group but disallowed flavor' do
-    subject.allowed?(:users, :update, [:accounts], :example){ |g| []}.should be_false
-  end
-  it 'should not pass with right group and disallowed flavor' do
-    subject.allowed?(:users, :update, [:users], :example){ |g| []}.should be_false
-  end
 end

data/spec/guard_with_associations_spec.rb ADDED Viewed

@@ -0,0 +1,114 @@
+require 'spec_helper'
+require 'ixtlan/guard/guard_ng'
+require 'logger'
+class Group
+  attr_accessor :name, :domains
+  def initialize(name, *domains)
+    @name = name
+    @domains = domains.flatten
+  end
+end
+describe Ixtlan::Guard::GuardNG do
+  subject do
+    logger = Logger.new(STDOUT)
+    def logger.debug(&block)
+     # info("\n\t[debug] " + block.call)
+    end
+    Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
+  end
+  it 'should pass without association without block' do
+    subject.allowed?(:users, :update, [Group.new(:users)]).should be_true
+  end
+  it 'should deny without association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users)]){}.should be_false
+  end
+  it 'should deny with association without block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager).should be_false
+  end
+  it 'should pass with matching association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager) do |group, association|
+      group.domains.detect {|d| d == association.to_s }
+    end.should be_false
+  end
+  it 'should fail with mismatching association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :nomanager) do |group, association|
+      group.domains.detect {|d| d == association }
+    end.should be_false
+  end
+  it 'should add associations to node' do
+    subject.permissions([Group.new('admin', [:german, :french])]) do |resource, action, groups|
+      if groups && groups.first && groups.first.name == 'admin'
+        { :domains => groups.first.domains }
+      else
+        {}
+      end
+    end.sort { |m,n| m[:resource] <=> n[:resource]}.should ==
+      [{
+         :permission=>{
+           :resource=>"accounts",
+           :actions=>[{:action=>{
+                          :name=>"destroy",
+                          :domains=>[:german, :french]}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"allow_all_defaults",
+           :actions=>[{:action=>{:name=>"index"}}],
+           :deny=>true,
+           :domains=>[:german, :french]}},
+       {
+         :permission=>{
+           :resource=>"defaults",
+           :actions=>[{:action=>{
+                          :name=>"index",
+                          :domains=>[:german, :french]}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"no_defaults",
+           :actions=>[{:action=>{
+                          :name=>"index",
+                          :domains=>[:german, :french]}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"only_defaults",
+           :domains=>[:german, :french],
+           :actions=>[],
+           :deny=>true}},
+       {
+         :permission=>{
+           :resource=>"person",
+           :actions=> [{:action=>{
+                           :name=>"destroy",
+                           :domains=>[:german, :french]}},
+                       {:action=>{
+                           :name=>"index",
+                           :domains=>[:german, :french]}}],
+           :deny=>false}},
+       {
+          :permission=>{
+            :resource=>"regions",
+            :actions=>[
+              {:action=>{:name=>"show", :domains=>[:german, :french]}},
+              {:action=>{:name=>"create", :domains=>[:german, :french]}}
+            ],
+            :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"users",
+           :actions=>[],
+           :deny=>false}}]
+  end
+end

data/spec/guard_with_associations_spec.rb~ ADDED Viewed

@@ -0,0 +1,106 @@
+require 'spec_helper'
+require 'ixtlan/guard/guard_ng'
+require 'logger'
+class Group
+  attr_accessor :name, :domains
+  def initialize(name, *domains)
+    @name = name
+    @domains = domains.flatten
+  end
+end
+describe Ixtlan::Guard::GuardNG do
+  subject do
+    logger = Logger.new(STDOUT)
+    def logger.debug(&block)
+      info("\n\t[debug] " + block.call)
+    end
+    Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
+  end
+  it 'should pass without association without block' do
+    subject.allowed?(:users, :update, [Group.new(:users)]).should be_true
+  end
+  it 'should deny without association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users)]){}.should be_false
+  end
+  it 'should deny with association without block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager).should be_false
+  end
+  it 'should pass with matching association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager) do |group, association|
+      group.domains.detect {|d| d == association.to_s }
+    end.should be_false
+  end
+  it 'should fail with mismatching association with block' do
+    subject.allowed?(:users, :update, [Group.new(:users, :manager)], :nomanager) do |group, association|
+      group.domains.detect {|d| d == association }
+    end.should be_false
+  end
+  it 'should add associations to node' do
+    subject.permissions([Group.new('admin', [:german, :french])]) do |groups|
+      if groups && groups.first && groups.first.name == 'admin'
+        { :domains => groups.first.domains }
+      else
+        {}
+      end
+    end.should ==
+      [{
+         :permission=>{
+           :resource=>"person",
+           :actions=> [{:action=>{
+                           :domains=>[:german, :french],
+                           :name=>"destroy"}},
+                       {:action=>{
+                           :domains=>[:german, :french],
+                           :name=>"index"}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"accounts",
+           :actions=>[{:action=>{
+                          :domains=>[:german, :french],
+                          :name=>"destroy"}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"defaults",
+           :actions=>[{:action=>{
+                          :domains=>[:german, :french],
+                          :name=>"index"}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"no_defaults",
+           :actions=>[{:action=>{
+                          :domains=>[:german, :french],
+                          :name=>"index"}}],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"users",
+           :actions=>[],
+           :deny=>false}},
+       {
+         :permission=>{
+           :resource=>"only_defaults",
+           :domains=>[:german, :french],
+           :actions=>[],
+           :deny=>true}},
+       {
+         :permission=>{
+           :resource=>"allow_all_defaults",
+           :domains=>[:german, :french],
+           :actions=>[{:action=>{:name=>"index"}}],
+           :deny=>true}}]
+  end
+end

data/spec/guards/allow_all_defaults_guard.yml CHANGED Viewed

@@ -1,3 +1,3 @@
 allow_all_defaults:
-  defaults: [*, and_something_else_which_does_matter]
+  defaults: ['*', and_something_else_which_does_matter]
   index: [_admin]

data/spec/guards/defaults_guard.yml CHANGED Viewed

@@ -1,6 +1,6 @@
 defaults:
   defaults: [_master]
   edit: [_admin, _master]
-  index: [*]
+  index: ['*']
   show: [_admin]
   destroy:

data/spec/guards/no_defaults_guard.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 no_defaults:
   edit: [no_admin, no_master]
-  index: [*]
+  index: ['*']
   show: [no_admin]
   destroy:

data/spec/guards/only_defaults_guard.yml CHANGED Viewed

@@ -1,2 +1,2 @@
 only_defaults:
-  defaults: [*, and_something_else_which_does_matter]
+  defaults: ['*', and_something_else_which_does_matter]

data/spec/guards/regions_guard.yml ADDED Viewed

@@ -0,0 +1,8 @@
+regions:
+  show:
+    - admin
+    # not sure if that stays like this
+    - region: [regions]
+  create:
+    - admin
+    - region

data/spec/guards/regions_guard.yml~ ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ users:
2	+ show: [region]

data/spec/guards/users_guard.yml CHANGED Viewed

@@ -1,3 +1,3 @@
 users:
   defaults: [users]
-  index: [*]
+  index: ['*']

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: ixtlan-guard
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.7.0
+  version: 0.7.2
 platform: ruby
 authors:
   - mkristian
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-11-04 00:00:00 +05:30
+date: 2012-02-02 00:00:00 +05:30
 default_executable:
 dependencies:
   - !ruby/object:Gem::Dependency
@@ -76,7 +76,7 @@ dependencies:
       requirements:
         - - "="
           - !ruby/object:Gem::Version
-            version: 0.8.3.0.3.0.28.3
+            version: 3.0.3.0.28.5
     type: :development
     version_requirements: *id006
 description: simple authorization framework for rails controllers
@@ -91,7 +91,6 @@ extra_rdoc_files: []
 files:
   - MIT-LICENSE
   - lib/ixtlan-guard.rb
-  - lib/generators/erb/user_management_controller_generator.rb
   - lib/generators/guard/controller/USAGE
   - lib/generators/guard/controller/controller_generator.rb
   - lib/generators/guard/controller/controller_generator.rb~
@@ -99,21 +98,6 @@ files:
   - lib/generators/guard/scaffold/scaffold_generator.rb
   - lib/generators/guard/templates/guard.yml
   - lib/generators/guard/templates/guard.yml~
-  - lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb
-  - lib/generators/ixtlan/user_management_controller/USAGE
-  - lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb
-  - lib/generators/ixtlan/maintenance_scaffold/USAGE
-  - lib/generators/ixtlan/maintenance_scaffold/maintenance_scaffold_generator.rb
-  - lib/generators/ixtlan/permissions_scaffold/USAGE
-  - lib/generators/ixtlan/permissions_scaffold/permissions_scaffold_generator.rb
-  - lib/generators/ixtlan/user_management_models/user_management_models_generator.rb
-  - lib/generators/ixtlan/user_management_models/USAGE
-  - lib/generators/active_record/user_management_models_generator.rb
-  - lib/generators/active_record/templates/user_model.rb
-  - lib/generators/active_record/templates/group_model.rb
-  - lib/generators/active_record/templates/flavor_migration.rb
-  - lib/generators/active_record/templates/group_user_migration.rb
-  - lib/generators/active_record/templates/flavor_model.rb
   - lib/ixtlan/guard.rb
   - lib/ixtlan/guard/abstract_session.rb
   - lib/ixtlan/guard/abstract_session.rb~
@@ -125,12 +109,9 @@ files:
   - lib/ixtlan/guard/guard_rails.rb
   - lib/ixtlan/guard/guard_config.rb~
   - lib/ixtlan/guard/railtie.rb
-  - lib/ixtlan/guard/controllers/maintenance_controller.rb
-  - lib/ixtlan/guard/controllers/permissions_controller.rb
-  - lib/ixtlan/guard/spec/user_management_models_spec.rb
-  - lib/ixtlan/guard/models/maintenance.rb
-  - lib/ixtlan/guard/models/user_update_manager.rb
   - spec/guard_export_spec.rb~
+  - spec/guard_with_associations_spec.rb
+  - spec/guard_with_associations_spec.rb~
   - spec/guard_export_spec.rb
   - spec/spec_helper.rb
   - spec/guard_cache_spec.rb
@@ -149,11 +130,13 @@ files:
   - spec/guards/users1_guard.yml~
   - spec/guards/tools_guard.yml~
   - spec/guards/no_defaults_guard.yml
+  - spec/guards/regions_guard.yml~
   - spec/guards/defaults_guard.yml
   - spec/guards/users1_guard.yml
   - spec/guards/person_guard.yml
   - spec/guards/accounts_guard.yml
   - spec/guards/no_defaults_guard.yml~
+  - spec/guards/regions_guard.yml
   - spec/guards/allow_all_defaults_guard.yml
   - spec/guards/allow_all_defaults_guard.yml~
   - spec/guards/defaults_guard.yml~
@@ -189,6 +172,7 @@ signing_key:
 specification_version: 3
 summary: guard your controller actions
 test_files:
+  - spec/guard_with_associations_spec.rb
   - spec/guard_export_spec.rb
   - spec/guard_cache_spec.rb
   - spec/guard_spec.rb

data/lib/generators/active_record/templates/flavor_migration.rb DELETED Viewed

@@ -1,13 +0,0 @@
-class Create<%= association_name.camelize %> < ActiveRecord::Migration
-  def self.up
-    create_table :<%= association_name %>, :id => false, :force => true do |t|
-      <% [file_name, group_name, user_name].sort.each do |name| -%>
-      t.integer :<%= name %>_id
-      <% end -%>
-    end
-  end
-  def self.down
-    drop_table :<%= association_name %>
-  end
-end

data/lib/generators/active_record/templates/flavor_model.rb DELETED Viewed

@@ -1,8 +0,0 @@
-class <%= association_class_name(plural_name) %> < <%= parent_class_name.classify %>
-<% attributes.select {|attr| attr.reference? }.each do |attribute| -%>
-  belongs_to :<%= attribute.name %>
-<% end -%>
-<% [name, group_name, user_name].sort.each do |ref_name| -%>
-  belongs_to :<%= ref_name %>
-<% end -%>
-end

data/lib/generators/active_record/templates/group_model.rb DELETED Viewed

@@ -1,43 +0,0 @@
-class <%= group_class_name %> < <%= parent_class_name.classify %>
-<% attributes.select {|attr| attr.reference? }.each do |attribute| -%>
-  belongs_to :<%= attribute.name %>
-<% end -%>
-  has_and_belongs_to_many :<%= plural_user_name %>
-  ROOT = 'root'
-  ADMIN = 'admin'
-  def self.admin_group
-    find_by_<%= attributes.first.name %>(ADMIN)
-  end
-  def self.root_group
-    find_by_<%= attributes.first.name %>(ROOT)
-  end
-  def admin?
-    <%= attributes.first.name %> == ADMIN
-  end
-  def root?
-    <%= attributes.first.name %> == ROOT
-  end
-  def self.get(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
-    case id_or_<%= attributes.first.name %>_or_<%= file_name %>
-    when Fixnum
-      find(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
-    when String
-      find_by_<%= attributes.first.name %>(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
-    when Symbol
-      find_by_<%= attributes.first.name %>(id_or_<%= attributes.first.name %>_or_<%= file_name %>.to_s)
-    else
-      id_or_<%= attributes.first.name %>_or_<%= file_name %>
-    end
-  end
-  def to_name
-    <%= group_field_name %>
-  end
-end