kindergarten 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/Gemfile +1 -1
- data/README.md +72 -38
- data/kindergarten.gemspec +1 -1
- data/lib/kindergarten.rb +4 -1
- data/lib/kindergarten/version.rb +1 -1
- metadata +77 -51
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: f11bca12bbb8759030c18099817047ed865fc155
|
4
|
+
data.tar.gz: 56828ce9731aa90462eb5ee37be4cb9f9607b049
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 0ef89b539774565243e33c77a768acad748782c73b5b3529ab9451f009be1dec29d59840db383f08412361c5633f47eb1cf61879ef9d2b14356a6a9b08a2887d
|
7
|
+
data.tar.gz: 819940c76e100bee350203282d4b8c0d08c2830ae8d31c7f590b730c0abc1b191dc7e0a65b42e3c241626f8a4f6b60a084ea5cc66424b0cec90af611295577a6
|
data/.ruby-gemset
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
kita
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2.1.0
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -6,6 +6,28 @@
|
|
6
6
|
|
7
7
|
A way to achieve modularity and modular security with a sandbox on steroids.
|
8
8
|
|
9
|
+
## Introduction
|
10
|
+
|
11
|
+
### Modules
|
12
|
+
A Kindergarten could be seen as collection of service objects, each
|
13
|
+
representing a 'play area' (think: doll area, lego table, etc. etc.).
|
14
|
+
|
15
|
+
Within the realm of kindergarten, the service objects are refered to as
|
16
|
+
modules.
|
17
|
+
|
18
|
+
### Sandboxing
|
19
|
+
The modules are plugged into the kindergarten and can be governed, both per
|
20
|
+
module and kindergarten wide. There are governesses looking for, and preventing
|
21
|
+
trouble.
|
22
|
+
|
23
|
+
Each module is not just exposed as-is; it is sandboxed. Which means that they
|
24
|
+
must specify which methods are to be played with.
|
25
|
+
|
26
|
+
### Child
|
27
|
+
What good would a kindergarten with a sandbox full of toys be without a child?
|
28
|
+
In a Rails context; the most logical choise for a child would be
|
29
|
+
the ```current_user```.
|
30
|
+
|
9
31
|
## Installation
|
10
32
|
|
11
33
|
Add this line to your application's Gemfile:
|
@@ -23,55 +45,67 @@ Or install it yourself as:
|
|
23
45
|
## Usage
|
24
46
|
|
25
47
|
```ruby
|
26
|
-
# define a child
|
27
|
-
child = User.find(2)
|
28
|
-
|
29
|
-
# define a module (perimeter) for the child to play in
|
30
|
-
class MyPlayModule < Kindergarten::Perimeter
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
can
|
37
|
-
|
48
|
+
# define a child
|
49
|
+
child = User.find(2)
|
50
|
+
|
51
|
+
# define a module (perimeter) for the child to play in
|
52
|
+
class MyPlayModule < Kindergarten::Perimeter
|
53
|
+
# every module must have a purpose.
|
54
|
+
# The purpose also serves as a namespace
|
55
|
+
#
|
56
|
+
purpose :playing
|
57
|
+
|
58
|
+
# use can-can rules to govern the perimeter
|
59
|
+
govern do
|
60
|
+
can :watch, Television
|
61
|
+
cannot :watch, CableTV
|
62
|
+
|
63
|
+
can :eat, Candy do |candy|
|
64
|
+
child.quotum.allows(candy)
|
65
|
+
end
|
38
66
|
end
|
39
|
-
end
|
40
67
|
|
41
|
-
|
42
|
-
|
68
|
+
# define exposed methods
|
69
|
+
expose :watch_tv, :eat
|
43
70
|
|
44
|
-
|
45
|
-
|
46
|
-
|
71
|
+
def watch_tv(tv)
|
72
|
+
guard(:watch, tv)
|
73
|
+
child.watch(tv)
|
47
74
|
|
48
|
-
|
49
|
-
|
75
|
+
sleep(:four)
|
76
|
+
end
|
50
77
|
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
78
|
+
def eat(candy)
|
79
|
+
guard(:eat, candy)
|
80
|
+
child.eat(candy)
|
81
|
+
end
|
82
|
+
|
83
|
+
def sleep(len) # not_accessible_from_outside
|
84
|
+
child.sleep(len)
|
85
|
+
end
|
86
|
+
|
87
|
+
# or expose methods in an 'annotation like way'
|
55
88
|
|
56
|
-
|
57
|
-
|
89
|
+
expose :method
|
90
|
+
# method that does nothing at all
|
91
|
+
def method
|
92
|
+
end
|
58
93
|
end
|
59
|
-
end
|
60
94
|
|
61
|
-
# load the child and the module into a sandbox
|
62
|
-
sandbox = Kindergarten.sandbox(child)
|
63
|
-
sandbox.load_module(MyPlayPerimeter)
|
95
|
+
# load the child (any object) and the module into a sandbox
|
96
|
+
sandbox = Kindergarten.sandbox(child)
|
97
|
+
sandbox.load_module(MyPlayPerimeter)
|
64
98
|
|
65
|
-
# you can now call the sandboxed methods on the sandbox
|
66
|
-
sandbox.watch_tv(CableTV.new)
|
67
|
-
30.times do
|
68
|
-
|
69
|
-
end
|
99
|
+
# you can now call the sandboxed methods on the sandbox
|
100
|
+
sandbox.playing.watch_tv(CableTV.new) # fails with Kindergarten::AccessDenied
|
101
|
+
30.times do
|
102
|
+
sandbox.playing.eat(Liquorice.new) # fails after a while
|
103
|
+
end
|
70
104
|
|
71
|
-
sandbox.sleep(:long)
|
105
|
+
sandbox.playing.sleep(:long) # fails with NoMethodError
|
72
106
|
|
73
|
-
sandbox.
|
74
|
-
# => true
|
107
|
+
sandbox.allows?(:watch, Television)
|
108
|
+
# => true
|
75
109
|
```
|
76
110
|
|
77
111
|
You are not restricted to only one perimeter/module - that would be most
|
data/kindergarten.gemspec
CHANGED
@@ -15,7 +15,7 @@ Gem::Specification.new do |gem|
|
|
15
15
|
gem.require_paths = ["lib"]
|
16
16
|
gem.version = Kindergarten::VERSION
|
17
17
|
|
18
|
-
gem.add_dependency('
|
18
|
+
gem.add_dependency('cancancan', ['~> 1.7'])
|
19
19
|
gem.add_dependency('activesupport', ['> 3'])
|
20
20
|
gem.add_dependency('rufus-json')
|
21
21
|
|
data/lib/kindergarten.rb
CHANGED
data/lib/kindergarten/version.rb
CHANGED
metadata
CHANGED
@@ -1,115 +1,141 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kindergarten
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.2.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Hartog C. de Mik
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2014-03-17 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
|
-
name:
|
16
|
-
requirement:
|
17
|
-
none: false
|
14
|
+
name: cancancan
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
18
16
|
requirements:
|
19
|
-
- - ~>
|
17
|
+
- - "~>"
|
20
18
|
- !ruby/object:Gem::Version
|
21
|
-
version: 1.
|
19
|
+
version: '1.7'
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
|
-
version_requirements:
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
25
27
|
- !ruby/object:Gem::Dependency
|
26
28
|
name: activesupport
|
27
|
-
requirement:
|
28
|
-
none: false
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
29
30
|
requirements:
|
30
|
-
- -
|
31
|
+
- - ">"
|
31
32
|
- !ruby/object:Gem::Version
|
32
33
|
version: '3'
|
33
34
|
type: :runtime
|
34
35
|
prerelease: false
|
35
|
-
version_requirements:
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '3'
|
36
41
|
- !ruby/object:Gem::Dependency
|
37
42
|
name: rufus-json
|
38
|
-
requirement:
|
39
|
-
none: false
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
40
44
|
requirements:
|
41
|
-
- -
|
45
|
+
- - ">="
|
42
46
|
- !ruby/object:Gem::Version
|
43
47
|
version: '0'
|
44
48
|
type: :runtime
|
45
49
|
prerelease: false
|
46
|
-
version_requirements:
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
47
55
|
- !ruby/object:Gem::Dependency
|
48
56
|
name: rake
|
49
|
-
requirement:
|
50
|
-
none: false
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
51
58
|
requirements:
|
52
|
-
- -
|
59
|
+
- - ">="
|
53
60
|
- !ruby/object:Gem::Version
|
54
61
|
version: '0'
|
55
62
|
type: :development
|
56
63
|
prerelease: false
|
57
|
-
version_requirements:
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
58
69
|
- !ruby/object:Gem::Dependency
|
59
70
|
name: rspec
|
60
|
-
requirement:
|
61
|
-
none: false
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
62
72
|
requirements:
|
63
|
-
- - ~>
|
73
|
+
- - "~>"
|
64
74
|
- !ruby/object:Gem::Version
|
65
75
|
version: '2.11'
|
66
76
|
type: :development
|
67
77
|
prerelease: false
|
68
|
-
version_requirements:
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '2.11'
|
69
83
|
- !ruby/object:Gem::Dependency
|
70
84
|
name: mocha
|
71
|
-
requirement:
|
72
|
-
none: false
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
73
86
|
requirements:
|
74
|
-
- -
|
87
|
+
- - ">="
|
75
88
|
- !ruby/object:Gem::Version
|
76
89
|
version: '0'
|
77
90
|
type: :development
|
78
91
|
prerelease: false
|
79
|
-
version_requirements:
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
80
97
|
- !ruby/object:Gem::Dependency
|
81
98
|
name: activerecord
|
82
|
-
requirement:
|
83
|
-
none: false
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
84
100
|
requirements:
|
85
|
-
- -
|
101
|
+
- - ">"
|
86
102
|
- !ruby/object:Gem::Version
|
87
103
|
version: '3'
|
88
104
|
type: :development
|
89
105
|
prerelease: false
|
90
|
-
version_requirements:
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '3'
|
91
111
|
- !ruby/object:Gem::Dependency
|
92
112
|
name: mysql2
|
93
|
-
requirement:
|
94
|
-
none: false
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
95
114
|
requirements:
|
96
|
-
- -
|
115
|
+
- - ">="
|
97
116
|
- !ruby/object:Gem::Version
|
98
117
|
version: '0'
|
99
118
|
type: :development
|
100
119
|
prerelease: false
|
101
|
-
version_requirements:
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
102
125
|
- !ruby/object:Gem::Dependency
|
103
126
|
name: jdbc-mysql
|
104
|
-
requirement:
|
105
|
-
none: false
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
106
128
|
requirements:
|
107
|
-
- -
|
129
|
+
- - ">="
|
108
130
|
- !ruby/object:Gem::Version
|
109
131
|
version: '0'
|
110
132
|
type: :development
|
111
133
|
prerelease: false
|
112
|
-
version_requirements:
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
113
139
|
description: A kindergarten with a perimeter, a governess and a sandbox
|
114
140
|
email:
|
115
141
|
- hartog@organisedminds.com
|
@@ -117,9 +143,11 @@ executables: []
|
|
117
143
|
extensions: []
|
118
144
|
extra_rdoc_files: []
|
119
145
|
files:
|
120
|
-
- .gitignore
|
121
|
-
- .rspec
|
122
|
-
- .
|
146
|
+
- ".gitignore"
|
147
|
+
- ".rspec"
|
148
|
+
- ".ruby-gemset"
|
149
|
+
- ".ruby-version"
|
150
|
+
- ".travis.yml"
|
123
151
|
- Gemfile
|
124
152
|
- LICENSE
|
125
153
|
- README.md
|
@@ -159,27 +187,25 @@ files:
|
|
159
187
|
- spec/support/spec_perimeter.rb
|
160
188
|
homepage: ''
|
161
189
|
licenses: []
|
190
|
+
metadata: {}
|
162
191
|
post_install_message:
|
163
192
|
rdoc_options: []
|
164
193
|
require_paths:
|
165
194
|
- lib
|
166
195
|
required_ruby_version: !ruby/object:Gem::Requirement
|
167
|
-
none: false
|
168
196
|
requirements:
|
169
|
-
- -
|
197
|
+
- - ">="
|
170
198
|
- !ruby/object:Gem::Version
|
171
199
|
version: '0'
|
172
200
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
173
|
-
none: false
|
174
201
|
requirements:
|
175
|
-
- -
|
202
|
+
- - ">="
|
176
203
|
- !ruby/object:Gem::Version
|
177
204
|
version: '0'
|
178
205
|
requirements: []
|
179
206
|
rubyforge_project:
|
180
|
-
rubygems_version:
|
207
|
+
rubygems_version: 2.2.2
|
181
208
|
signing_key:
|
182
|
-
specification_version:
|
209
|
+
specification_version: 4
|
183
210
|
summary: Provide a kindergarten for your code to play in
|
184
211
|
test_files: []
|
185
|
-
has_rdoc:
|