RubyGems - joshuaclayton-sentinel - Versions diffs - 0.1.4 → 0.1.5 - Mend

joshuaclayton-sentinel 0.1.4 → 0.1.5

Files changed (11) hide show

data/README.textile +10 -7
data/Rakefile +2 -2
data/lib/sentinel/controller.rb +18 -15
data/lib/sentinel/sentinel.rb +11 -7
data/sentinel.gemspec +2 -2
data/shoulda_macros/sentinel.rb +30 -28
data/test/functional/sentinel_controller_test.rb +20 -15
data/test/partial_rails/controllers/forums_controller.rb +21 -18
data/test/partial_rails/forum_sentinel.rb +12 -10
data/test/unit/sentinel_test.rb +8 -8
metadata +4 -3

data/README.textile CHANGED

@@ -19,11 +19,13 @@ class ForumSentinel < Sentinel::Sentinel
   end
   def viewable?
-    self.forum.public? || (current_user? && self.forum.members.include?(self.current_user)) || current_user_admin?
+    return true if self.forum.public? || current_user_admin?
+    (current_user? && self.forum.members.include?(self.current_user))
   end
   def editable?
-    (current_user? && self.forum.owner == self.current_user) || current_user_admin?
+    return true if current_user_admin?
+    (current_user? && self.forum.owner == self.current_user)
   end
   def destroyable?
@@ -198,13 +200,14 @@ class SentinelControllerTest < ActionController::TestCase
   end
   sentinel_context({:creatable? => false}) do
-    should_deny_access_to "get :new", :with => :redirect_to_index
-    should_deny_access_to "post :create, :forum => {:name => 'My New Forum'}", :with => :redirect_to_index
+    should_deny_access_to "get :new",
+                          "post :create, :forum => {:name => 'My New Forum'}",
+                          :with => :redirect_to_index
   end
   sentinel_context({:creatable? => true}) do
-    should_grant_access_to "get :new"
-    should_grant_access_to "post :create, :forum => {:name => 'My New Forum'}"
+    should_grant_access_to "get :new",
+                           "post :create, :forum => {:name => 'My New Forum'}"
   end
 end
 </code></pre>
@@ -221,4 +224,4 @@ h2. Questions or Comments?
 If you like this plugin but have ideas, tweaks, fixes, or issues, shoot me a message on Github or fork/send a pull request.  This is alpha software, so I'm pretty open to change.
-Copyright (c) 2009 Joshua Clayton, released under the MIT license
+Copyright (c) 2009 Joshua Clayton, released under the MIT license

data/Rakefile CHANGED

@@ -3,7 +3,7 @@ require 'rake'
 require 'echoe'
 require 'rake/rdoctask'
-Echoe.new("sentinel", "0.1.4") do |p|
+Echoe.new("sentinel", "0.1.5") do |p|
   p.description = "Simple authorization for Rails"
   p.url = "http://github.com/joshuaclayton/sentinel"
   p.author = "Joshua Clayton"
@@ -19,4 +19,4 @@ Rake::RDocTask.new(:rdoc) do |rdoc|
   rdoc.options << '--line-numbers' << '--inline-source'
   rdoc.rdoc_files.include('README')
   rdoc.rdoc_files.include('lib/**/*.rb')
-end
+end

data/lib/sentinel/controller.rb CHANGED

@@ -1,60 +1,63 @@
 module Sentinel
   module Controller
     def self.included(base)
       base.class_inheritable_writer :sentinel, :instance_writer => false
       base.class_inheritable_accessor :access_denied, :access_granted
       base.send :include, InstanceMethods
       base.extend ClassMethods
       base.class_eval do
         helper_method :sentinel
       end
       base.on_denied_with do
         respond_to do |format|
-          format.html { render :text => "You do not have the proper privileges to access this page.", :status => :unauthorized }
+          format.html do
+            render  :text => "You do not have the proper privileges to access this page.",
+                    :status => :unauthorized
+          end
           format.any  { head :unauthorized }
         end
       end
       base.with_access do
         true
       end
     end
     module InstanceMethods
       def sentinel
         self.instance_eval(&self.class.sentinel)
       end
     end
     module ClassMethods
       def controls_access_with(&block)
         self.sentinel = block
       end
       def sentinel
         read_inheritable_attribute(:sentinel)
       end
       def on_denied_with(name = :default, &block)
         self.access_denied ||= {}
         self.access_denied[name] = block
       end
       def with_access(&block)
         self.access_granted = block
       end
       def grants_access_to(*args, &block)
         options = args.extract_options!
         block = args.shift if args.first.respond_to?(:call)
         sentinel_method = args.first
         denied_handler = options.delete(:denies_with) || :default
         before_filter(options) do |controller|
           if block
             if (block.arity == 1 ? controller.sentinel : controller).instance_eval(&block)
@@ -71,4 +74,4 @@ module Sentinel
       end
     end
   end
-end
+end

data/lib/sentinel/sentinel.rb CHANGED

@@ -7,23 +7,27 @@ module Sentinel
         self.send("#{key}=", attributes[key]) if self.respond_to?("#{key}=")
       end
     end
     def [](temporary_overrides)
       temporary_overrides.keys.each do |key|
         create_accessor_for_attribute(key)
       end
       returning self.clone do |duplicate|
         temporary_overrides.keys.each do |key|
-          duplicate.send("#{key}=", temporary_overrides[key]) if self.respond_to?("#{key}=")
+          if self.respond_to?("#{key}=")
+            duplicate.send("#{key}=", temporary_overrides[key])
+          end
         end
       end
     end
     private
     def create_accessor_for_attribute(attribute)
-      self.class_eval { attr_accessor attribute } unless self.respond_to?(attribute) || self.respond_to?("#{attribute}=")
+      unless self.respond_to?(attribute) || self.respond_to?("#{attribute}=")
+        self.class_eval { attr_accessor attribute }
+      end
     end
   end
-end
+end

data/sentinel.gemspec CHANGED

@@ -2,11 +2,11 @@
 Gem::Specification.new do |s|
   s.name = %q{sentinel}
-  s.version = "0.1.4"
+  s.version = "0.1.5"
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Joshua Clayton"]
-  s.date = %q{2009-05-05}
+  s.date = %q{2009-07-27}
   s.description = %q{Simple authorization for Rails}
   s.email = %q{joshua.clayton@gmail.com}
   s.extra_rdoc_files = ["lib/sentinel/controller.rb", "lib/sentinel/sentinel.rb", "lib/sentinel.rb", "README.textile"]

data/shoulda_macros/sentinel.rb CHANGED

@@ -1,6 +1,6 @@
 module Sentinel
   module Shoulda
     def sentinel_context(options = {}, &block)
       context "When sentinel is set up to #{options.inspect}" do
         setup do
@@ -11,64 +11,66 @@ module Sentinel
             assert_equal options[key], @controller.sentinel.send(key)
           end
         end
         merge_block(&block)
       end
     end
     def denied_with(denied_name, &block)
       context "denied_with #{denied_name}" do
-        without_before_filters do # this strips out any other preconditions so we can properly test the handler
+        without_before_filters do # this strips out any other preconditions so we can properly test the handler
           setup do
             action = "action_#{Digest::MD5.hexdigest(Time.now.to_s.split(//).sort_by {rand}.join)}"
             @controller.class.grants_access_to lambda { false }, :only => [action.to_sym], :denies_with => denied_name
             get action.to_sym
           end
           merge_block(&block)
         end
       end
     end
     def without_before_filters(&block)
       context "" do
         setup do
           @filter_chain = @controller.class.filter_chain
           @controller.class.write_inheritable_attribute("filter_chain", ActionController::Filters::FilterChain.new)
         end
         teardown do
           @controller.class.write_inheritable_attribute("filter_chain", @filter_chain)
         end
         merge_block(&block)
       end
     end
-    def should_grant_access_to(command)
-      context "performing `#{command}`" do
-        should "allow access" do
-          granted = @controller.class.read_inheritable_attribute(:access_granted)
-          @controller.class.expects(:access_granted).at_least(1).returns(granted)
-          eval command
+    def should_grant_access_to(*args)
+      args.each do |command|
+        context "performing `#{command}`" do
+          should "allow access" do
+            granted = @controller.class.read_inheritable_attribute(:access_granted)
+            @controller.class.expects(:access_granted).at_least(1).returns(granted)
+            eval command
+          end
         end
       end
     end
     def should_deny_access_to(*args)
       options = args.extract_options!
-      command = args.shift
-      context "performing `#{command}`" do
-        should "call the proper denied handler" do
-          denied_with = options[:with] || :default
-          handler = @controller.class.read_inheritable_attribute(:access_denied)[denied_with]
-          @controller.class.access_denied.expects(:[]).with(denied_with).returns(handler)
-          eval command
+      args.each do |command|
+        context "performing `#{command}`" do
+          should "call the proper denied handler" do
+            denied_with = options[:with] || :default
+            handler = @controller.class.read_inheritable_attribute(:access_denied)[denied_with]
+            @controller.class.access_denied.expects(:[]).with(denied_with).returns(handler)
+            eval command
+          end
         end
       end
     end
     def should_not_guard(command)
       context "performing `#{command}`" do
         setup do
@@ -78,14 +80,14 @@ module Sentinel
             def rescue_action(e) raise e end; # force the controller to reraise the exception error
           end
         end
         should "not use guard with a sentinel" do
           eval command
         end
       end
     end
   end
 end
-Test::Unit::TestCase.extend(Sentinel::Shoulda)
+Test::Unit::TestCase.extend(Sentinel::Shoulda)

data/test/functional/sentinel_controller_test.rb CHANGED

@@ -3,50 +3,55 @@ require 'test_helper'
 class SentinelControllerTest < ActionController::TestCase
   include ActionView::Helpers::UrlHelper
   include ActionView::Helpers::TagHelper
   def setup
     @controller = ForumsController.new
   end
   sentinel_context do
     without_before_filters do
       should_not_guard "get :index"
     end
   end
   sentinel_context({:viewable? => true}) do
     should_grant_access_to "get :show"
   end
   sentinel_context({:creatable? => false}) do
-    should_deny_access_to "get :new", :with => :redirect_to_index
-    should_deny_access_to "post :create, :forum => {:name => 'My New Forum'}", :with => :redirect_to_index
+    should_deny_access_to "get :new",
+                          "post :create, :forum => {:name => 'My New Forum'}",
+                          :with => :redirect_to_index
   end
   sentinel_context({:creatable? => true}) do
-    should_grant_access_to "get :new"
-    should_grant_access_to "post :create, :forum => {:name => 'My New Forum'}"
+    should_grant_access_to  "get :new",
+                            "post :create, :forum => {:name => 'My New Forum'}"
   end
   sentinel_context({:viewable? => false}) do
     should_deny_access_to "get :show", :with => :sentinel_unauthorized
   end
   context "A controller-global grants_access_to that denies access" do
-    # this ensures that, even with a failing grants_access_to, we can properly test all denied_with handlers
+    # this ensures that, even with a failing grants_access_to,
+    # we can properly test all denied_with handlers
     setup do
       @controller.stubs(:stubbed_method).returns(false)
     end
     denied_with :redirect_to_index do
-      should_redirect_to("forums root") { url_for(:controller => "forums", :action => "secondary_index")}
+      should_redirect_to("forums root") do
+        url_for(:controller => "forums", :action => "secondary_index")
+      end
     end
     denied_with :sentinel_unauthorized do
       should_respond_with :forbidden
       should "render text as response" do
-        assert_equal "This is an even more unique default restricted warning", @response.body
+        assert_equal  "This is an even more unique default restricted warning",
+                      @response.body
       end
     end
   end

data/test/partial_rails/controllers/forums_controller.rb CHANGED

@@ -2,68 +2,71 @@ class ForumsController < ApplicationController
   controls_access_with do
     ForumSentinel.new :current_user => current_user, :forum => @forum
   end
   grants_access_to lambda { stubbed_method }, :denies_with => :redirect_to_index
   grants_access_to :denies_with => :sentinel_unauthorized do
     stubbed_method_two
   end
   grants_access_to :reorderable?, :only => [:reorder]
   grants_access_to :creatable?, :only => [:new, :create], :denies_with => :redirect_to_index
   grants_access_to :viewable?, :only => [:show], :denies_with => :sentinel_unauthorized
   grants_access_to :destroyable?, :only => [:destroy]
   on_denied_with :redirect_to_index do
     redirect_to url_for(:controller => "forums", :action => "secondary_index")
   end
   on_denied_with :sentinel_unauthorized do
     respond_to do |wants|
-      wants.html { render :text => "This is an even more unique default restricted warning", :status => :forbidden }
+      wants.html do
+        render  :text => "This is an even more unique default restricted warning",
+                :status => :forbidden
+      end
       wants.any { head :forbidden }
     end
   end
   def index
     handle_successfully
   end
   def secondary_index
     handle_successfully
   end
   def new
     handle_successfully
   end
   def show
     handle_successfully
   end
   def edit
     handle_successfully
   end
   def update
     handle_successfully
   end
   def delete
     handle_successfully
   end
   private
   def handle_successfully
     render :text => "forums"
   end
   def stubbed_method
     true
   end
   def stubbed_method_two
     true
   end
-end
+end

data/test/partial_rails/forum_sentinel.rb CHANGED

@@ -2,30 +2,32 @@ class ForumSentinel < Sentinel::Sentinel
   def creatable?
     current_user_admin?
   end
   def reorderable?
     current_user_admin?
   end
   def viewable?
-    self.forum.public? || (current_user? && self.forum.members.include?(self.current_user)) || current_user_admin?
+    return true if self.forum.public? || current_user_admin?
+    (current_user? && self.forum.members.include?(self.current_user))
   end
   def editable?
-    (current_user? && self.forum.owner == self.current_user) || current_user_admin?
+    return true if current_user_admin?
+    (current_user? && self.forum.owner == self.current_user)
   end
   def destroyable?
     editable?
   end
   private
   def current_user?
     !self.current_user.nil?
   end
   def current_user_admin?
     current_user? && self.current_user.admin?
   end
-end
+end

data/test/unit/sentinel_test.rb CHANGED

@@ -5,36 +5,36 @@ class SentinelTest < ActiveSupport::TestCase
     setup do
       @sentinel = Sentinel::Sentinel
     end
     should "create attr_accessor's for each valid key" do
       sentinel = @sentinel.new(:user => {:name => "John", :active => true}, :forum => {:name => "My Forum"})
       assert_equal({:name => "John", :active => true}, sentinel.user)
       assert_equal({:name => "My Forum"}, sentinel.forum)
       sentinel.user = sentinel.forum = nil
       assert_nil sentinel.user
       assert_nil sentinel.forum
     end
     should "not create attr_accessors for methods that already exist" do
       sentinel = @sentinel.new(:class => "fake", :to_s => "one", :user => "real")
       assert_equal sentinel.user, "real"
       assert_equal sentinel.class, Sentinel::Sentinel
       assert_not_equal sentinel.to_s, "one"
     end
     should "reassign predefined attribute values if set" do
       @sentinel.attr_accessor_with_default :message, "simple message"
       assert_equal "simple message", @sentinel.new.message
       assert_equal "complex message", @sentinel.new(:message => "complex message").message
     end
   end
   context "When overriding attributes" do
     setup do
       @sentinel = Sentinel::Sentinel
     end
     should "only override for that specific instance" do
       sentinel = @sentinel.new(:user => "assigned", :forum => nil)
       assert_equal "assigned", sentinel.user
@@ -42,13 +42,13 @@ class SentinelTest < ActiveSupport::TestCase
       assert_nil sentinel[:user => nil].user
       assert_equal "forum", sentinel[:forum => "forum"].forum
     end
     should "define an attr_accessor if the attribute doesn't exist" do
       sentinel = @sentinel.new
       assert_raise NoMethodError do
         sentinel.name
       end
       assert_equal "taken", sentinel[:name => "taken"].name
       assert_nil sentinel.name
     end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: joshuaclayton-sentinel
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Joshua Clayton
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-05-05 00:00:00 -07:00
+date: 2009-07-27 00:00:00 -07:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -68,6 +68,7 @@ files:
 - test/unit/sentinel_test.rb
 has_rdoc: true
 homepage: http://github.com/joshuaclayton/sentinel
+licenses:
 post_install_message:
 rdoc_options:
 - --line-numbers
@@ -93,7 +94,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 rubyforge_project: sentinel
-rubygems_version: 1.2.0
+rubygems_version: 1.3.5
 signing_key:
 specification_version: 3
 summary: Simple authorization for Rails