johnsbrn-has_permission 0.1.1

data/VERSION.yml

@@ -0,0 +1,4 @@
+--- 
+:patch: 1
+:major: 0
+:minor: 1

data/lib/active_record/has/permission.rb

@@ -0,0 +1,61 @@
+module ActiveRecord
+  module Has
+    module Permission
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+
+      module ClassMethods
+        
+        def has_permission(options = {})
+          class_eval <<-_DEF
+            def self.permission_namespace
+              "#{options[:namespace] || 'Permission'}"
+            end
+          _DEF
+          extend ActiveRecord::Has::Permission::SingletonMethods
+          include ActiveRecord::Has::Permission::InstanceMethods
+        end
+        
+      end
+      
+      module SingletonMethods
+        
+        def with_permission(user)
+          permission_class.new :user => user, :object => self
+        end
+        
+        def permission_class
+          if respond_to?(:base_class)
+            begin
+              [permission_namespace, "#{self.to_s}Permission"].join('::').constantize
+            rescue
+              [permission_namespace ,"#{self.base_class.to_s}Permission"].join('::').constantize
+            end
+          elsif respond_to?(:proxy_reflection)
+            begin
+              [permission_namespace, "#{self.proxy_reflection.class_name}Permsission"].join('::').constantize
+            rescue
+              [permission_namespace, "#{self.proxy_reflection.class_name.constantize.base_class.to_s}Permission"].join('::').constantize
+            end
+          else
+            begin
+              [permission_namespace, "#{self.to_s}Permission"].join('::').constantize
+            rescue
+              [permission_namespace, "#{self.superclass.to_s}Permission"].join('::').constantize
+            end
+          end
+        end
+      end
+      
+      module InstanceMethods
+        
+        def with_permission(user)
+          self.class.permission_class.new :user => user, :object => self
+        end
+        
+      end
+      
+    end
+  end
+end

data/lib/has_permission.rb

@@ -0,0 +1,5 @@
+require 'active_record'
+require 'active_record/has/permission'
+require 'permission/base'
+
+ActiveRecord::Base.send :include, ActiveRecord::Has::Permission

data/lib/permission/base.rb

@@ -0,0 +1,37 @@
+module Permission
+  class Base
+    require 'forwardable'
+    extend Forwardable
+    
+    # delegate important object methods so they don't return the values for the proxy - am I missing any??
+    def_delegators :@object, :==, :=~, :class, :enum_for, :eql?, :new, :freeze, :frozen?, 
+      :hash, :id, :instance_of?, :is_a?, :kind_of?,
+      :method, :methods, :object_id, :respond_to?, :send,
+      :taint, :tainted?, :to_a, :to_enum, :to_s, :to_yaml, :to_yaml_properties, :to_yaml_style,
+      :type, :untaint
+      
+    attr_accessor :user, :object
+  
+    DEFAULT_FINDERS = /^((find|with).*|first|last|all|children|paginate|scoped|count)$/
+    DEFAULT_SEARCHES = /^search_.*/
+    
+    def initialize(params)
+      @user = params[:user]
+      @object = params[:object]
+    end
+  
+    def method_missing(method, *args)
+      object.send(method, *args)
+    end
+  
+    protected
+  
+    def check_roles(user, roles, object)
+      roles.each do |role|
+        return true if user != nil && user.has_role?(user, object)
+      end
+      false
+    end
+  end
+  
+end

data/lib/permission_exception.rb

@@ -0,0 +1,2 @@
+class PermissionException < Exception
+end

data/test/has_permission_test.rb

@@ -0,0 +1,66 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class HasPermissionTest < Test::Unit::TestCase
+  context "model instance" do
+    setup do
+      @model = Model.new
+    end
+    
+    should "not intercept method" do
+      assert_equal "no permission", @model.some_method
+    end
+    
+    should "intercept method" do
+      assert_equal "with permission", @model.with_permission(nil).some_method
+    end
+    
+    should "use model id" do
+      assert_equal @model.id, @model.with_permission(nil).id
+    end
+    
+    should "use model to_param" do
+      assert_equal @model.to_param, @model.with_permission(nil).to_param
+    end
+    
+    should "use model class" do
+      assert_equal @model.class, @model.with_permission(nil).class
+    end
+    
+    should "use model ==" do
+      assert @model.with_permission(nil) == @model
+    end
+    
+    should "use model eql?" do
+      assert @model.with_permission(nil).eql?(@model)
+    end
+    
+  end
+
+  context "model class" do
+    should "not intercept method" do
+      assert_equal ["no permission"], Model.all
+    end
+    
+    should "intercept method" do
+      assert_equal ["with permission"], Model.with_permission(nil).all
+    end
+  end
+  
+  should "use default namespace setting" do
+    assert_equal Permission::ModelPermission, Model.permission_class
+  end
+  
+  should "override default namespace setting" do
+    assert_equal ModelBPermission, ModelB.permission_class
+  end
+  
+  should "use class to_s method" do
+    assert_equal Model.to_s, Model.with_permission(nil).to_s
+  end
+  
+  should "use class class method" do
+    assert_equal Model.class, Model.with_permission(nil).class
+  end
+  
+  # TODO need to test proxy associations somehow
+end

data/test/test_helper.rb

@@ -0,0 +1,53 @@
+require 'rubygems'
+require 'test/unit'
+require 'shoulda'
+require 'mocha'
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'has_permission'
+
+# this doesn't seem like the best way to do this - maybe someone will suggest a better method
+class Model
+
+  include ActiveRecord::Has::Permission
+  
+  has_permission
+  
+  def some_method
+    "no permission"
+  end
+  
+  def self.all
+    ["no permission"]
+  end
+  
+end
+
+class ModelB
+  include ActiveRecord::Has::Permission
+  
+  has_permission :namespace => ''
+end
+
+class ModelBPermission
+end
+
+module Permission
+  class ModelPermission < Permission::Base
+  
+    def some_method
+      "with permission"
+    end
+  
+    def method_missing(method, *args)
+      if method.to_s.match(DEFAULT_FINDERS)
+        ["with permission"]
+      else
+        object.send(method, *args)
+      end
+    end
+  end
+end
+
+class Test::Unit::TestCase
+end

metadata

@@ -0,0 +1,63 @@
+--- !ruby/object:Gem::Specification 
+name: johnsbrn-has_permission
+version: !ruby/object:Gem::Version 
+  version: 0.1.1
+platform: ruby
+authors: 
+- Brian Johnson
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-01-25 00:00:00 -08:00
+default_executable: 
+dependencies: []
+
+description: Fine grained access control based on method interception. This is a proxy that allows you to define permissions on your models without breaking MVC by putting user code in your models.
+email: github@brianjohnson.cc
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- VERSION.yml
+- lib/active_record
+- lib/active_record/has
+- lib/active_record/has/permission.rb
+- lib/has_permission.rb
+- lib/permission
+- lib/permission/base.rb
+- lib/permission_exception.rb
+- test/has_permission_test.rb
+- test/test_helper.rb
+has_rdoc: true
+homepage: http://github.com/johnsbrn/has_permission
+post_install_message: 
+rdoc_options: 
+- --inline-source
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: TODO
+test_files: []
+