kibali 0.1.0

data/lib/kibali/subject_extensions.rb

@@ -0,0 +1,91 @@
+module Kibali
+  module SubjectExtensions
+
+# #############################################################################
+# #############################################################################
+
+# ------------------------------------------------------------------------------
+# has_role? -- returns true if subject has the given role
+# ------------------------------------------------------------------------------
+    def has_role?(role_name)
+      !get_role( role_name ).nil?
+    end
+ 
+# ------------------------------------------------------------------------------
+# has_role! -- forces subject to have the given role
+# ------------------------------------------------------------------------------
+      def has_role!(role_name)
+        role = _auth_role_class.where( :name => role_name.to_s ).   # acts as the find part
+               first_or_create( :name => role_name.to_s )           # acts as the create part
+        role_objects << role unless self.role_objects.member?(role)
+        role
+      end
+
+# ------------------------------------------------------------------------------
+# remove_role! -- foreces subject to NOT have the given role
+# ------------------------------------------------------------------------------
+      def remove_role!(role_name)
+        role_objects.delete( get_role( role_name ) )
+      end
+
+# ------------------------------------------------------------------------------
+# get_role -- returns a role obj for subject; else nil
+# EXCEPTION: EmptyRolesException if role_objects collection is empty
+# ------------------------------------------------------------------------------
+      def get_role( role_name=nil )
+
+        raise Kibali::EmptyRoles  if role_objects.empty?
+
+        if role_name.nil?
+           role_objects.first
+        else
+           role_objects.where( :name => role_name.to_s ).first
+        end
+
+      end
+
+
+# #############################################################################
+    private
+# #############################################################################
+
+
+# #############################################################################
+      protected
+# #############################################################################
+
+# ------------------------------------------------------------------------------
+# _auth_role_class -- retuns the Klass for the Role model
+# ------------------------------------------------------------------------------
+      def _auth_role_class
+        self.class._auth_role_class_name.constantize
+      end
+
+# ------------------------------------------------------------------------------
+# _auth_role_assoc -- returns the habtm symbol for the array of subject.roles
+# ------------------------------------------------------------------------------
+      def _auth_role_assoc
+        self.class._auth_role_assoc_name
+      end
+
+# ------------------------------------------------------------------------------
+# role_objects -- returns the habtm array of roles for the subject
+# ------------------------------------------------------------------------------
+      def role_objects
+        send(self._auth_role_assoc)
+      end
+#
+# ------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
+    
+# ------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
+  
+# ------------------------------------------------------------------------------
+# ------------------------------------------------------------------------------
+
+# #############################################################################
+# #############################################################################
+
+  end
+end

data/lib/kibali.rb

@@ -0,0 +1,28 @@
+
+require File.dirname(__FILE__) + '/kibali/base'
+require File.dirname(__FILE__) + '/kibali/control'
+require File.dirname(__FILE__) + '/kibali/subject_extensions'
+require File.dirname(__FILE__) + '/kibali/access_control'
+
+require File.dirname(__FILE__) + '/kibali/railtie' if defined?(Rails::Railtie)
+
+module Kibali
+  @@config = {
+    :default_role_class_name        => 'Role',
+    :default_subject_class_name     => 'User',
+    :default_subject_method         => :current_user,
+    :default_roles_collection_name  => :roles,
+    :default_users_collection_name  => :users,
+    :default_join_table_name        => "roles_users"
+  }
+
+  mattr_reader :config
+
+    class AccessDenied < SecurityError; end
+    class EmptyRoles   < RuntimeError; end
+    class SyntaxError  < ArgumentError; end
+
+
+end
+
+

data/markdown.rb

@@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+
+  require 'rubygems'
+  require 'redcarpet'
+
+class ShowMd
+
+  TEMPFILE = "/tmp/markdown.html"
+
+  def initialize( file )
+    @body = IO.read( file )
+  end
+
+  def markdown
+    options = [ :autolink, :no_intraemphasis, :fenced_code, :gh_blockcode]
+
+    File.open( TEMPFILE, "w" ) do |file|
+      file.write( RedcarpetCompat.new( @body, *options).to_html )
+    end  # do file
+  end
+
+  def show
+    system("google-chrome  #{TEMPFILE} &")
+  end
+
+
+end # class
+
+md = ShowMd.new( ARGV[0] )
+md.markdown
+md.show
+
+# puts RedcarpetCompat.new(ARGF.read,
+#         :fenced_code,
+#         :hard_wrap,
+#         :filter_html,
+#         :smart).to_html
+

data/test/app/controllers/application_controller.rb

@@ -0,0 +1,21 @@
+class ApplicationController < ActionController::Base
+  attr_accessor :my_current_user
+
+#   rescue_from Kibali::AccessDenied do |e|
+#     render :text => 'AccessDenied'
+#   end
+
+  #protected
+
+  def set_current_user
+    if params[:user]
+      self.my_current_user = User.find params[:user]
+    end
+  end
+
+  def current_user
+    self.my_current_user
+  end
+
+
+end   # class

data/test/app/controllers/empty_controller.rb

@@ -0,0 +1,34 @@
+class EmptyController < ApplicationController
+  before_filter :set_current_user
+#  before_filter :trace_setup
+
+   control_hash = {
+       :admin1   => { } ,
+       :admin2   => { :allow => [] },
+       :manager1 => { :allow => [ :index, :edit ] },
+       :denier1  => { :deny  => [ ] },
+       :denier2  => { :deny  => [ :index, :edit ] },
+       :error1   => { :wild  => [ :index ] },
+       :error2   => { 'allow'  => [ :index ] },
+       :error3   => { :allow  => [ :index, 'show' ] }
+       
+   }
+
+   access_control control_hash
+
+
+  [:index, :show, :new, :edit, :update, :delete, :destroy].each do |act|
+    define_method(act) { render :text => 'OK' }
+  end
+
+protected
+
+  def trace_setup
+      puts ">>>>>> trace/self: #{self.class.name} <<<<<<"
+      puts ">>>>>> trace/current_user: #{self.respond_to?(:current_user).to_s} <<<<<<"
+      puts ">>>>>> trace/method_defined: #{EmptyController.method_defined?(:current_user).to_s} <<<<<<"
+      puts ">>>>>> trace/user is: #{current_user.name.to_s} <<<<<<"
+  end
+
+end
+

data/test/config/routes.rb

@@ -0,0 +1,6 @@
+TestKibali::Application.routes.draw do
+
+  root :to => "empty#index"
+  
+  match ':controller(/:action(/:id(.:format)))'
+end  # draw

data/test/ctlr_helper.rb

@@ -0,0 +1,77 @@
+ENV["RAILS_ENV"] = "test"
+
+require 'rubygems'
+require 'bundler'
+
+begin
+  Bundler.setup(:default, :development, :test)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'test/unit'
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+# require "rails_app/config/environment"
+# require "rails/test_help"
+
+require 'rails'
+require 'active_support'
+require 'active_record'
+require 'action_controller'
+require 'rails/test_help'
+require 'shoulda'
+require 'factory_girl'
+
+require "action_controller/railtie"
+require "rails/test_unit/railtie"
+
+require 'kibali'
+
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => 'test.sqlite3')
+ActiveRecord::Base.send(:include, Kibali::Base)
+
+require 'support/models'
+load 'support/schema.rb'
+
+#Logger = ActiveRecord::Base.logger
+
+class Test::Unit::TestCase
+ 
+   FactoryGirl.find_definitions
+   include FactoryGirl::Syntax::Methods
+   include ActiveSupport::Testing::Assertions
+   
+end
+
+root = File.expand_path(File.dirname(__FILE__))
+ 
+# Define the application and configuration
+module TestKibali
+  class Application < ::Rails::Application
+    # configuration here if needed
+    config.active_support.deprecation = :stderr
+  end
+end
+
+# Initialize the application
+TestKibali::Application.initialize!
+
+# ActionController::Routing::Routes.draw do |map|
+#   map.connect ":controller/:action/:id"
+# end
+
+ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
+ActionController::Base.logger = ActiveRecord::Base.logger
+ActiveRecord::Base.silence { ActiveRecord::Migration.verbose = false }
+
+class ActiveSupport::TestCase
+
+  # Add more helper methods to be used by all tests here...
+
+end
+

data/test/factories/units_factory.rb

@@ -0,0 +1,39 @@
+require 'factory_girl'
+
+FactoryGirl.define do |binding|
+  
+  
+# #############################################################################
+# ************* HELPER METHODS FOR THIS FACTORY *******************************
+# #############################################################################
+  class << binding
+    
+     USERNAMES = %w(demarcus deshaun jemell jermaine jabari kwashaun musa nigel kissamu yona brenden terell treven tyrese adonys)
+
+    # pick_name -- construct a unique user name based on sequence & world
+    def pick_name(n,w)
+      return USERNAMES[ (n % USERNAMES.size) ] + n.to_s + "_w#{w.to_s}"
+    end
+    
+  end  # anon class extensions
+# #############################################################################
+# #############################################################################
+
+
+   factory :user do |f|
+     f.sequence( :email ) { |n| "#{binding.pick_name(n,w)}@example.com" }
+     f.sequence( :name  ) { |n| "#{binding.pick_name(n,w)}@example.com" }
+   end  # user
+   
+   factory :role do 
+     name     "lime_sublime"
+   end   # 
+   
+#   
+#   factory :team_asset do |f|
+#     f.association :team
+#     f.association :author
+#   end
+#   
+
+end  # FactoryGirl.define

data/test/helper.rb

@@ -0,0 +1,61 @@
+ENV["RAILS_ENV"] = "test"
+
+require 'rubygems'
+require 'bundler'
+
+begin
+  Bundler.setup(:default, :development, :test)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'test/unit'
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+# require "rails_app/config/environment"
+# require "rails/test_help"
+
+require 'rails'
+require 'active_support'
+require 'active_record'
+require 'action_controller'
+require 'rails/test_help'
+require 'shoulda'
+require 'factory_girl'
+require 'kibali'
+
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => 'test.sqlite3')
+ActiveRecord::Base.send(:include, Kibali::Base)
+
+ require 'support/models'
+
+#Logger = ActiveRecord::Base.logger
+load 'support/schema.rb'
+
+class Test::Unit::TestCase
+ 
+   FactoryGirl.find_definitions
+   include FactoryGirl::Syntax::Methods
+   include ActiveSupport::Testing::Assertions
+   
+end
+
+
+# ActionController::Routing::Routes.draw do |map|
+#   map.connect ":controller/:action/:id"
+# end
+
+ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
+ActionController::Base.logger = ActiveRecord::Base.logger
+ActiveRecord::Base.silence { ActiveRecord::Migration.verbose = false }
+
+class ActiveSupport::TestCase
+
+  # Add more helper methods to be used by all tests here...
+
+end
+

data/test/support/models.rb

@@ -0,0 +1,8 @@
+class Role < ActiveRecord::Base
+  acts_as_authorization_role
+end
+
+class User < ActiveRecord::Base
+  acts_as_authorization_subject
+end
+

data/test/support/schema.rb

@@ -0,0 +1,25 @@
+ActiveRecord::Schema.define(:version => 0) do
+
+  create_table "roles", :force => true do |t|
+    t.string   "name",              :limit => 40
+    t.string   "authorizable_type", :limit => 40
+    t.string  "authorizable_id"
+    t.boolean "system", :default=>false
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+  
+  create_table "users", :force => true do |t| 
+    t.string   "name",     :limit => 40
+    t.string   "email",     :limit => 40
+  end
+
+  create_table "roles_users", :id => false, :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "role_id"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end
+

data/test/test_access.rb

@@ -0,0 +1,142 @@
+require 'ctlr_helper'
+
+require 'empty_controller'
+
+class EmptyControllerTest < ActionController::TestCase
+
+context "ctlr" do
+
+    setup do
+      @demarcus = FactoryGirl.create( :user )
+      @deshaun =  FactoryGirl.create( :user )
+    end
+
+    teardown do
+       User.destroy_all
+       Role.destroy_all
+    end
+
+
+   should 'be true' do
+      assert true
+   end  # should do
+
+   should 'permit admin1 access _ implicit all' do 
+     @demarcus.has_role!( :admin1 )
+
+     get :index, :user => @demarcus.id.to_s
+     assert_response :success
+
+     get :show, :user => @demarcus.id.to_s
+     assert_response :success
+
+   end  # should do
+
+   should 'permit admin2 access _ implicit all 2' do 
+     @demarcus.has_role!( :admin2 )
+
+     get :index, :user => @demarcus.id.to_s
+     assert_response :success
+
+     get :show, :user => @demarcus.id.to_s
+     assert_response :success
+
+   end  # should do
+
+
+   should 'permit manager1 only access to index, edit' do 
+     @deshaun.has_role!( :manager1 )
+
+     get :index, :user => @deshaun.id.to_s
+     assert_response :success
+     get :edit, :user => @deshaun.id.to_s
+     assert_response :success
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :show, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+   should 'deny denier1 access to everything' do 
+     @deshaun.has_role!( :denier1 )
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :show, :user => @deshaun.id.to_s
+     end  #  block
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :index, :user => @deshaun.id.to_s
+     end  #  block
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :edit, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+   should 'deny denier2 access to index edit' do 
+     @deshaun.has_role!( :denier2 )
+
+     get :show, :user => @deshaun.id.to_s
+     assert_response :success
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :index, :user => @deshaun.id.to_s
+     end  #  block
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :edit, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+
+   should 'deny others all access ' do 
+     @deshaun.has_role!( :wildblue )
+
+     assert_raise( Kibali::AccessDenied ) do
+        get :index, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+   should 'error unknown limit type ' do 
+     @deshaun.has_role!( :error1 )
+
+     assert_raise( Kibali::SyntaxError ) do
+        get :index, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+   should 'error unknown limit type non symbol' do 
+     @deshaun.has_role!( :error2 )
+
+     assert_raise( Kibali::SyntaxError ) do
+        get :index, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+   should 'error unknown action ' do 
+     @deshaun.has_role!( :error3 )
+
+     assert_raise( Kibali::SyntaxError ) do
+        get :show, :user => @deshaun.id.to_s
+     end  #  block
+
+   end  # should do
+
+
+
+ 
+end # context
+
+end # class test