ixtlan-guard 0.7.0 → 0.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/features/generators.feature +0 -10
- data/features/step_definitions/simple_steps.rb +1 -82
- data/lib/ixtlan/guard/guard_ng.rb +77 -76
- data/lib/ixtlan/guard/guard_rails.rb +8 -8
- data/lib/ixtlan/guard/railtie.rb +1 -1
- data/spec/guard_cache_spec.rb +1 -1
- data/spec/guard_export_spec.rb +118 -90
- data/spec/guard_spec.rb +1 -16
- data/spec/guard_with_associations_spec.rb +114 -0
- data/spec/guard_with_associations_spec.rb~ +106 -0
- data/spec/guards/allow_all_defaults_guard.yml +1 -1
- data/spec/guards/defaults_guard.yml +1 -1
- data/spec/guards/no_defaults_guard.yml +1 -1
- data/spec/guards/only_defaults_guard.yml +1 -1
- data/spec/guards/regions_guard.yml +8 -0
- data/spec/guards/regions_guard.yml~ +2 -0
- data/spec/guards/users_guard.yml +1 -1
- metadata +8 -24
- data/lib/generators/active_record/templates/flavor_migration.rb +0 -13
- data/lib/generators/active_record/templates/flavor_model.rb +0 -8
- data/lib/generators/active_record/templates/group_model.rb +0 -43
- data/lib/generators/active_record/templates/group_user_migration.rb +0 -13
- data/lib/generators/active_record/templates/user_model.rb +0 -124
- data/lib/generators/active_record/user_management_models_generator.rb +0 -202
- data/lib/generators/erb/user_management_controller_generator.rb +0 -10
- data/lib/generators/ixtlan/maintenance_scaffold/USAGE +0 -8
- data/lib/generators/ixtlan/maintenance_scaffold/maintenance_scaffold_generator.rb +0 -40
- data/lib/generators/ixtlan/permissions_scaffold/USAGE +0 -8
- data/lib/generators/ixtlan/permissions_scaffold/permissions_scaffold_generator.rb +0 -33
- data/lib/generators/ixtlan/user_management_controller/USAGE +0 -8
- data/lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb +0 -23
- data/lib/generators/ixtlan/user_management_models/USAGE +0 -8
- data/lib/generators/ixtlan/user_management_models/user_management_models_generator.rb +0 -19
- data/lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb +0 -13
- data/lib/ixtlan/guard/controllers/maintenance_controller.rb +0 -45
- data/lib/ixtlan/guard/controllers/permissions_controller.rb +0 -41
- data/lib/ixtlan/guard/models/maintenance.rb +0 -55
- data/lib/ixtlan/guard/models/user_update_manager.rb +0 -95
- data/lib/ixtlan/guard/spec/user_management_models_spec.rb +0 -193
data/spec/guard_spec.rb
CHANGED
@@ -7,7 +7,7 @@ describe Ixtlan::Guard::GuardNG do
|
|
7
7
|
subject do
|
8
8
|
logger = Logger.new(STDOUT)
|
9
9
|
def logger.debug(&block)
|
10
|
-
info("\n\t[debug] " + block.call)
|
10
|
+
#info("\n\t[debug] " + block.call)
|
11
11
|
end
|
12
12
|
Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
|
13
13
|
end
|
@@ -83,19 +83,4 @@ describe Ixtlan::Guard::GuardNG do
|
|
83
83
|
subject.allowed?(:allow_all_defaults, :update, [:users]).should be_true
|
84
84
|
end
|
85
85
|
|
86
|
-
it 'should pass with right group and allowed flavor' do
|
87
|
-
subject.allowed?(:users, :update, [:users], :example){ |g| [:example]}.should be_true
|
88
|
-
end
|
89
|
-
|
90
|
-
it 'should not pass with wrong group but allowed flavor' do
|
91
|
-
subject.allowed?(:users, :update, [:accounts], :example){ |g| [:example]}.should be_false
|
92
|
-
end
|
93
|
-
|
94
|
-
it 'should not pass with wrong group but disallowed flavor' do
|
95
|
-
subject.allowed?(:users, :update, [:accounts], :example){ |g| []}.should be_false
|
96
|
-
end
|
97
|
-
|
98
|
-
it 'should not pass with right group and disallowed flavor' do
|
99
|
-
subject.allowed?(:users, :update, [:users], :example){ |g| []}.should be_false
|
100
|
-
end
|
101
86
|
end
|
@@ -0,0 +1,114 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ixtlan/guard/guard_ng'
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
class Group
|
6
|
+
|
7
|
+
attr_accessor :name, :domains
|
8
|
+
|
9
|
+
def initialize(name, *domains)
|
10
|
+
@name = name
|
11
|
+
@domains = domains.flatten
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe Ixtlan::Guard::GuardNG do
|
16
|
+
|
17
|
+
subject do
|
18
|
+
logger = Logger.new(STDOUT)
|
19
|
+
def logger.debug(&block)
|
20
|
+
# info("\n\t[debug] " + block.call)
|
21
|
+
end
|
22
|
+
Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'should pass without association without block' do
|
26
|
+
subject.allowed?(:users, :update, [Group.new(:users)]).should be_true
|
27
|
+
end
|
28
|
+
|
29
|
+
it 'should deny without association with block' do
|
30
|
+
subject.allowed?(:users, :update, [Group.new(:users)]){}.should be_false
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'should deny with association without block' do
|
34
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager).should be_false
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'should pass with matching association with block' do
|
38
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager) do |group, association|
|
39
|
+
group.domains.detect {|d| d == association.to_s }
|
40
|
+
end.should be_false
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'should fail with mismatching association with block' do
|
44
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :nomanager) do |group, association|
|
45
|
+
group.domains.detect {|d| d == association }
|
46
|
+
end.should be_false
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'should add associations to node' do
|
50
|
+
subject.permissions([Group.new('admin', [:german, :french])]) do |resource, action, groups|
|
51
|
+
if groups && groups.first && groups.first.name == 'admin'
|
52
|
+
{ :domains => groups.first.domains }
|
53
|
+
else
|
54
|
+
{}
|
55
|
+
end
|
56
|
+
end.sort { |m,n| m[:resource] <=> n[:resource]}.should ==
|
57
|
+
[{
|
58
|
+
:permission=>{
|
59
|
+
:resource=>"accounts",
|
60
|
+
:actions=>[{:action=>{
|
61
|
+
:name=>"destroy",
|
62
|
+
:domains=>[:german, :french]}}],
|
63
|
+
:deny=>false}},
|
64
|
+
{
|
65
|
+
:permission=>{
|
66
|
+
:resource=>"allow_all_defaults",
|
67
|
+
:actions=>[{:action=>{:name=>"index"}}],
|
68
|
+
:deny=>true,
|
69
|
+
:domains=>[:german, :french]}},
|
70
|
+
{
|
71
|
+
:permission=>{
|
72
|
+
:resource=>"defaults",
|
73
|
+
:actions=>[{:action=>{
|
74
|
+
:name=>"index",
|
75
|
+
:domains=>[:german, :french]}}],
|
76
|
+
:deny=>false}},
|
77
|
+
{
|
78
|
+
:permission=>{
|
79
|
+
:resource=>"no_defaults",
|
80
|
+
:actions=>[{:action=>{
|
81
|
+
:name=>"index",
|
82
|
+
:domains=>[:german, :french]}}],
|
83
|
+
:deny=>false}},
|
84
|
+
{
|
85
|
+
:permission=>{
|
86
|
+
:resource=>"only_defaults",
|
87
|
+
:domains=>[:german, :french],
|
88
|
+
:actions=>[],
|
89
|
+
:deny=>true}},
|
90
|
+
{
|
91
|
+
:permission=>{
|
92
|
+
:resource=>"person",
|
93
|
+
:actions=> [{:action=>{
|
94
|
+
:name=>"destroy",
|
95
|
+
:domains=>[:german, :french]}},
|
96
|
+
{:action=>{
|
97
|
+
:name=>"index",
|
98
|
+
:domains=>[:german, :french]}}],
|
99
|
+
:deny=>false}},
|
100
|
+
{
|
101
|
+
:permission=>{
|
102
|
+
:resource=>"regions",
|
103
|
+
:actions=>[
|
104
|
+
{:action=>{:name=>"show", :domains=>[:german, :french]}},
|
105
|
+
{:action=>{:name=>"create", :domains=>[:german, :french]}}
|
106
|
+
],
|
107
|
+
:deny=>false}},
|
108
|
+
{
|
109
|
+
:permission=>{
|
110
|
+
:resource=>"users",
|
111
|
+
:actions=>[],
|
112
|
+
:deny=>false}}]
|
113
|
+
end
|
114
|
+
end
|
@@ -0,0 +1,106 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'ixtlan/guard/guard_ng'
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
class Group
|
6
|
+
|
7
|
+
attr_accessor :name, :domains
|
8
|
+
|
9
|
+
def initialize(name, *domains)
|
10
|
+
@name = name
|
11
|
+
@domains = domains.flatten
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe Ixtlan::Guard::GuardNG do
|
16
|
+
|
17
|
+
subject do
|
18
|
+
logger = Logger.new(STDOUT)
|
19
|
+
def logger.debug(&block)
|
20
|
+
info("\n\t[debug] " + block.call)
|
21
|
+
end
|
22
|
+
Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'should pass without association without block' do
|
26
|
+
subject.allowed?(:users, :update, [Group.new(:users)]).should be_true
|
27
|
+
end
|
28
|
+
|
29
|
+
it 'should deny without association with block' do
|
30
|
+
subject.allowed?(:users, :update, [Group.new(:users)]){}.should be_false
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'should deny with association without block' do
|
34
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager).should be_false
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'should pass with matching association with block' do
|
38
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :manager) do |group, association|
|
39
|
+
group.domains.detect {|d| d == association.to_s }
|
40
|
+
end.should be_false
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'should fail with mismatching association with block' do
|
44
|
+
subject.allowed?(:users, :update, [Group.new(:users, :manager)], :nomanager) do |group, association|
|
45
|
+
group.domains.detect {|d| d == association }
|
46
|
+
end.should be_false
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'should add associations to node' do
|
50
|
+
subject.permissions([Group.new('admin', [:german, :french])]) do |groups|
|
51
|
+
if groups && groups.first && groups.first.name == 'admin'
|
52
|
+
{ :domains => groups.first.domains }
|
53
|
+
else
|
54
|
+
{}
|
55
|
+
end
|
56
|
+
end.should ==
|
57
|
+
[{
|
58
|
+
:permission=>{
|
59
|
+
:resource=>"person",
|
60
|
+
:actions=> [{:action=>{
|
61
|
+
:domains=>[:german, :french],
|
62
|
+
:name=>"destroy"}},
|
63
|
+
{:action=>{
|
64
|
+
:domains=>[:german, :french],
|
65
|
+
:name=>"index"}}],
|
66
|
+
:deny=>false}},
|
67
|
+
{
|
68
|
+
:permission=>{
|
69
|
+
:resource=>"accounts",
|
70
|
+
:actions=>[{:action=>{
|
71
|
+
:domains=>[:german, :french],
|
72
|
+
:name=>"destroy"}}],
|
73
|
+
:deny=>false}},
|
74
|
+
{
|
75
|
+
:permission=>{
|
76
|
+
:resource=>"defaults",
|
77
|
+
:actions=>[{:action=>{
|
78
|
+
:domains=>[:german, :french],
|
79
|
+
:name=>"index"}}],
|
80
|
+
:deny=>false}},
|
81
|
+
{
|
82
|
+
:permission=>{
|
83
|
+
:resource=>"no_defaults",
|
84
|
+
:actions=>[{:action=>{
|
85
|
+
:domains=>[:german, :french],
|
86
|
+
:name=>"index"}}],
|
87
|
+
:deny=>false}},
|
88
|
+
{
|
89
|
+
:permission=>{
|
90
|
+
:resource=>"users",
|
91
|
+
:actions=>[],
|
92
|
+
:deny=>false}},
|
93
|
+
{
|
94
|
+
:permission=>{
|
95
|
+
:resource=>"only_defaults",
|
96
|
+
:domains=>[:german, :french],
|
97
|
+
:actions=>[],
|
98
|
+
:deny=>true}},
|
99
|
+
{
|
100
|
+
:permission=>{
|
101
|
+
:resource=>"allow_all_defaults",
|
102
|
+
:domains=>[:german, :french],
|
103
|
+
:actions=>[{:action=>{:name=>"index"}}],
|
104
|
+
:deny=>true}}]
|
105
|
+
end
|
106
|
+
end
|
@@ -1,2 +1,2 @@
|
|
1
1
|
only_defaults:
|
2
|
-
defaults: [
|
2
|
+
defaults: ['*', and_something_else_which_does_matter]
|
data/spec/guards/users_guard.yml
CHANGED
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: ixtlan-guard
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.7.
|
5
|
+
version: 0.7.2
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- mkristian
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date:
|
13
|
+
date: 2012-02-02 00:00:00 +05:30
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -76,7 +76,7 @@ dependencies:
|
|
76
76
|
requirements:
|
77
77
|
- - "="
|
78
78
|
- !ruby/object:Gem::Version
|
79
|
-
version:
|
79
|
+
version: 3.0.3.0.28.5
|
80
80
|
type: :development
|
81
81
|
version_requirements: *id006
|
82
82
|
description: simple authorization framework for rails controllers
|
@@ -91,7 +91,6 @@ extra_rdoc_files: []
|
|
91
91
|
files:
|
92
92
|
- MIT-LICENSE
|
93
93
|
- lib/ixtlan-guard.rb
|
94
|
-
- lib/generators/erb/user_management_controller_generator.rb
|
95
94
|
- lib/generators/guard/controller/USAGE
|
96
95
|
- lib/generators/guard/controller/controller_generator.rb
|
97
96
|
- lib/generators/guard/controller/controller_generator.rb~
|
@@ -99,21 +98,6 @@ files:
|
|
99
98
|
- lib/generators/guard/scaffold/scaffold_generator.rb
|
100
99
|
- lib/generators/guard/templates/guard.yml
|
101
100
|
- lib/generators/guard/templates/guard.yml~
|
102
|
-
- lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb
|
103
|
-
- lib/generators/ixtlan/user_management_controller/USAGE
|
104
|
-
- lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb
|
105
|
-
- lib/generators/ixtlan/maintenance_scaffold/USAGE
|
106
|
-
- lib/generators/ixtlan/maintenance_scaffold/maintenance_scaffold_generator.rb
|
107
|
-
- lib/generators/ixtlan/permissions_scaffold/USAGE
|
108
|
-
- lib/generators/ixtlan/permissions_scaffold/permissions_scaffold_generator.rb
|
109
|
-
- lib/generators/ixtlan/user_management_models/user_management_models_generator.rb
|
110
|
-
- lib/generators/ixtlan/user_management_models/USAGE
|
111
|
-
- lib/generators/active_record/user_management_models_generator.rb
|
112
|
-
- lib/generators/active_record/templates/user_model.rb
|
113
|
-
- lib/generators/active_record/templates/group_model.rb
|
114
|
-
- lib/generators/active_record/templates/flavor_migration.rb
|
115
|
-
- lib/generators/active_record/templates/group_user_migration.rb
|
116
|
-
- lib/generators/active_record/templates/flavor_model.rb
|
117
101
|
- lib/ixtlan/guard.rb
|
118
102
|
- lib/ixtlan/guard/abstract_session.rb
|
119
103
|
- lib/ixtlan/guard/abstract_session.rb~
|
@@ -125,12 +109,9 @@ files:
|
|
125
109
|
- lib/ixtlan/guard/guard_rails.rb
|
126
110
|
- lib/ixtlan/guard/guard_config.rb~
|
127
111
|
- lib/ixtlan/guard/railtie.rb
|
128
|
-
- lib/ixtlan/guard/controllers/maintenance_controller.rb
|
129
|
-
- lib/ixtlan/guard/controllers/permissions_controller.rb
|
130
|
-
- lib/ixtlan/guard/spec/user_management_models_spec.rb
|
131
|
-
- lib/ixtlan/guard/models/maintenance.rb
|
132
|
-
- lib/ixtlan/guard/models/user_update_manager.rb
|
133
112
|
- spec/guard_export_spec.rb~
|
113
|
+
- spec/guard_with_associations_spec.rb
|
114
|
+
- spec/guard_with_associations_spec.rb~
|
134
115
|
- spec/guard_export_spec.rb
|
135
116
|
- spec/spec_helper.rb
|
136
117
|
- spec/guard_cache_spec.rb
|
@@ -149,11 +130,13 @@ files:
|
|
149
130
|
- spec/guards/users1_guard.yml~
|
150
131
|
- spec/guards/tools_guard.yml~
|
151
132
|
- spec/guards/no_defaults_guard.yml
|
133
|
+
- spec/guards/regions_guard.yml~
|
152
134
|
- spec/guards/defaults_guard.yml
|
153
135
|
- spec/guards/users1_guard.yml
|
154
136
|
- spec/guards/person_guard.yml
|
155
137
|
- spec/guards/accounts_guard.yml
|
156
138
|
- spec/guards/no_defaults_guard.yml~
|
139
|
+
- spec/guards/regions_guard.yml
|
157
140
|
- spec/guards/allow_all_defaults_guard.yml
|
158
141
|
- spec/guards/allow_all_defaults_guard.yml~
|
159
142
|
- spec/guards/defaults_guard.yml~
|
@@ -189,6 +172,7 @@ signing_key:
|
|
189
172
|
specification_version: 3
|
190
173
|
summary: guard your controller actions
|
191
174
|
test_files:
|
175
|
+
- spec/guard_with_associations_spec.rb
|
192
176
|
- spec/guard_export_spec.rb
|
193
177
|
- spec/guard_cache_spec.rb
|
194
178
|
- spec/guard_spec.rb
|
@@ -1,13 +0,0 @@
|
|
1
|
-
class Create<%= association_name.camelize %> < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :<%= association_name %>, :id => false, :force => true do |t|
|
4
|
-
<% [file_name, group_name, user_name].sort.each do |name| -%>
|
5
|
-
t.integer :<%= name %>_id
|
6
|
-
<% end -%>
|
7
|
-
end
|
8
|
-
end
|
9
|
-
|
10
|
-
def self.down
|
11
|
-
drop_table :<%= association_name %>
|
12
|
-
end
|
13
|
-
end
|
@@ -1,8 +0,0 @@
|
|
1
|
-
class <%= association_class_name(plural_name) %> < <%= parent_class_name.classify %>
|
2
|
-
<% attributes.select {|attr| attr.reference? }.each do |attribute| -%>
|
3
|
-
belongs_to :<%= attribute.name %>
|
4
|
-
<% end -%>
|
5
|
-
<% [name, group_name, user_name].sort.each do |ref_name| -%>
|
6
|
-
belongs_to :<%= ref_name %>
|
7
|
-
<% end -%>
|
8
|
-
end
|
@@ -1,43 +0,0 @@
|
|
1
|
-
class <%= group_class_name %> < <%= parent_class_name.classify %>
|
2
|
-
<% attributes.select {|attr| attr.reference? }.each do |attribute| -%>
|
3
|
-
belongs_to :<%= attribute.name %>
|
4
|
-
<% end -%>
|
5
|
-
|
6
|
-
has_and_belongs_to_many :<%= plural_user_name %>
|
7
|
-
|
8
|
-
ROOT = 'root'
|
9
|
-
ADMIN = 'admin'
|
10
|
-
|
11
|
-
def self.admin_group
|
12
|
-
find_by_<%= attributes.first.name %>(ADMIN)
|
13
|
-
end
|
14
|
-
|
15
|
-
def self.root_group
|
16
|
-
find_by_<%= attributes.first.name %>(ROOT)
|
17
|
-
end
|
18
|
-
|
19
|
-
def admin?
|
20
|
-
<%= attributes.first.name %> == ADMIN
|
21
|
-
end
|
22
|
-
|
23
|
-
def root?
|
24
|
-
<%= attributes.first.name %> == ROOT
|
25
|
-
end
|
26
|
-
|
27
|
-
def self.get(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
|
28
|
-
case id_or_<%= attributes.first.name %>_or_<%= file_name %>
|
29
|
-
when Fixnum
|
30
|
-
find(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
|
31
|
-
when String
|
32
|
-
find_by_<%= attributes.first.name %>(id_or_<%= attributes.first.name %>_or_<%= file_name %>)
|
33
|
-
when Symbol
|
34
|
-
find_by_<%= attributes.first.name %>(id_or_<%= attributes.first.name %>_or_<%= file_name %>.to_s)
|
35
|
-
else
|
36
|
-
id_or_<%= attributes.first.name %>_or_<%= file_name %>
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def to_name
|
41
|
-
<%= group_field_name %>
|
42
|
-
end
|
43
|
-
end
|