kojac 0.9.1 → 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +6 -14
- data/.gitignore +4 -0
- data/Gemfile +1 -1
- data/app/assets/javascripts/kojac.js +393 -125
- data/app/assets/javascripts/kojac_canjs.js +34 -34
- data/app/assets/javascripts/kojac_ember.js +110 -152
- data/app/controllers/{kojac_controller.rb → kojac_base_controller.rb} +18 -11
- data/app/policies/kojac_base_policy.rb +114 -0
- data/app/serializers/kojac_base_serializer.rb +35 -0
- data/kojac.gemspec +12 -10
- data/lib/kojac/app_serialize.rb +31 -29
- data/lib/kojac/concentric.rb +152 -0
- data/lib/kojac/kojac_policy.rb +70 -0
- data/lib/kojac/kojac_rails.rb +200 -49
- data/lib/kojac/version.rb +1 -1
- data/spec/can_cache_spec.js +19 -19
- data/spec/demo/.gitignore +16 -0
- data/spec/demo/.ruby-gemset +1 -0
- data/spec/demo/.ruby-version +1 -0
- data/spec/demo/Gemfile +59 -0
- data/spec/demo/Gemfile.lock +153 -0
- data/spec/demo/README.rdoc +15 -248
- data/spec/demo/Rakefile +25 -1
- data/spec/demo/app/{mailers/.gitkeep → assets/images/.keep} +0 -0
- data/spec/demo/app/assets/javascripts/application.js +3 -3
- data/spec/demo/app/controllers/application_controller.rb +6 -1
- data/spec/demo/app/{models/.gitkeep → controllers/concerns/.keep} +0 -0
- data/spec/demo/app/controllers/users_controller.rb +5 -0
- data/spec/demo/{lib/assets/.gitkeep → app/mailers/.keep} +0 -0
- data/spec/demo/{log/.gitkeep → app/models/.keep} +0 -0
- data/spec/demo/app/models/concerns/.keep +0 -0
- data/spec/demo/app/models/user.rb +36 -0
- data/spec/demo/app/policies/user_policy.rb +42 -0
- data/spec/demo/bin/bundle +3 -0
- data/spec/demo/bin/rails +4 -0
- data/spec/demo/bin/rake +4 -0
- data/spec/demo/config.ru +1 -1
- data/spec/demo/config/application.rb +14 -46
- data/spec/demo/config/application.yml +4 -0
- data/spec/demo/config/boot.rb +3 -9
- data/spec/demo/config/database.yml +6 -6
- data/spec/demo/config/environment.rb +4 -2
- data/spec/demo/config/environments/development.rb +11 -19
- data/spec/demo/config/environments/production.rb +40 -27
- data/spec/demo/config/environments/test.rb +13 -14
- data/spec/demo/config/initializers/concentric_config.rb +9 -0
- data/spec/demo/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/demo/config/initializers/inflections.rb +6 -5
- data/spec/demo/config/initializers/initialize_kojac.rb +16 -0
- data/spec/demo/config/initializers/secret_token.rb +7 -2
- data/spec/demo/config/initializers/session_store.rb +0 -5
- data/spec/demo/config/initializers/wrap_parameters.rb +6 -6
- data/spec/demo/config/locales/en.yml +20 -2
- data/spec/demo/config/routes.rb +24 -24
- data/spec/demo/db/migrate/20131212034312_add_user.rb +14 -0
- data/spec/demo/db/migrate/20140107085351_add_owner_id.rb +5 -0
- data/spec/demo/db/schema.rb +28 -0
- data/spec/demo/db/seeds.rb +7 -0
- data/spec/demo/lib/assets/.keep +0 -0
- data/spec/demo/lib/tasks/.keep +0 -0
- data/spec/demo/log/.keep +0 -0
- data/spec/demo/public/404.html +43 -11
- data/spec/demo/public/422.html +43 -11
- data/spec/demo/public/500.html +43 -11
- data/spec/demo/public/robots.txt +5 -0
- data/spec/demo/spec/controllers/allowed_fields_spec.rb +171 -0
- data/spec/demo/spec/factories/users.rb +9 -0
- data/spec/demo/spec/features/concentric_spec.rb +63 -0
- data/spec/demo/spec/features/serialization_spec.rb +86 -0
- data/spec/demo/spec/spec_helper.rb +133 -0
- data/spec/demo/spec/spec_utils.rb +42 -0
- data/spec/demo/vendor/assets/javascripts/.keep +0 -0
- data/spec/demo/vendor/assets/stylesheets/.keep +0 -0
- data/spec/ember_factory_spec.js +1 -1
- data/spec/ember_model_spec.js +13 -3
- data/spec/ember_tojsono_spec.js +105 -0
- data/spec/error_handling_spec.js +90 -0
- data/spec/external/underscore_plus.js +318 -9
- data/spec/kojac_caching_spec.js +3 -1
- data/spec/kojac_ember_cache_spec.js +9 -0
- data/spec/kojac_mock_spec.js +4 -4
- data/spec/kojac_operations_spec.js +4 -4
- data/spec/local_provider_spec.js +184 -0
- data/spec/model_ring_spec.rb +2 -2
- data/spec/operation_include_spec.js +2 -2
- data/spec/run.html +34 -24
- data/spec/type_conversion_spec.js +38 -0
- data/vendor/assets/javascripts/jstorage.js +950 -0
- metadata +115 -129
- data/Gemfile.lock +0 -157
- data/app/serializers/default_kojac_serializer.rb +0 -10
- data/lib/kojac/ring_strong_parameters.rb +0 -195
- data/spec/.DS_Store +0 -0
- data/spec/demo/script/rails +0 -6
- data/spec/external/.DS_Store +0 -0
@@ -1,195 +0,0 @@
|
|
1
|
-
#ring_strong_parameters
|
2
|
-
#
|
3
|
-
#Assists implementation of ring level security (http://en.wikipedia.org/wiki/Ring_(computer_security)) with Rails 4 (or Rails 3 with gem) Strong Parameters.
|
4
|
-
#
|
5
|
-
#Ring Level Security is a simpler alternative to Role Based Security. Rings are arranged in a concentric hierarchy from most-privileged innermost Ring 0 to the least privileged highest ring number. Users have their own ring level which gives them access to that ring and below.
|
6
|
-
#
|
7
|
-
#For example, a sysadmin could have Ring 0, a website manager ring 1, a customer ring 2, and anonymous users ring 3. A customer would have all the capabilities of anonymous users, and more. Likewise, a website manager has all the capabilities of a customer, and more etc.
|
8
|
-
#
|
9
|
-
#This inheritance of capabilities of outer rings, and the simple assigning of users to rings, makes security rules less repetitive and easier to write and maintain, minimising dangerous mistakes.
|
10
|
-
#
|
11
|
-
#This gem does not affect or replace or prevent the standard strong parameters methods from being used in parallel, it merely generates arguments for the standard strong parameters methods.
|
12
|
-
#
|
13
|
-
#
|
14
|
-
#
|
15
|
-
#BASIC_FIELDS = [:name, :address]
|
16
|
-
#
|
17
|
-
#class Deal
|
18
|
-
# ring 1, :write, BASIC_FIELDS
|
19
|
-
# ring 1, :write, :phone
|
20
|
-
# ring 1, :delete
|
21
|
-
# ring 2, :read, BASIC_FIELDS
|
22
|
-
#end
|
23
|
-
#
|
24
|
-
#
|
25
|
-
#class DealsController
|
26
|
-
#
|
27
|
-
# def update
|
28
|
-
# ring_fields(:write,model)
|
29
|
-
# if ring_can(:write,model,:name)
|
30
|
-
# if ring_can(:delete,model)
|
31
|
-
# model.update(params.permit( ring_fields(:write,model) ))
|
32
|
-
# end
|
33
|
-
#
|
34
|
-
#end
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
class RingStrongParameters
|
39
|
-
|
40
|
-
cattr_accessor :config
|
41
|
-
|
42
|
-
def self.lookup_ring(aRingName)
|
43
|
-
return nil if !aRingName
|
44
|
-
return aRingName if aRingName.is_a?(Fixnum)
|
45
|
-
if ring_names = RingStrongParameters.config[:ring_names]
|
46
|
-
return ring_names[aRingName.to_sym]
|
47
|
-
else
|
48
|
-
return nil
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
end
|
53
|
-
|
54
|
-
|
55
|
-
# see http://yehudakatz.com/2009/11/12/better-ruby-idioms/ re class and instance methods and modules
|
56
|
-
|
57
|
-
module RingStrongParameters::Model
|
58
|
-
|
59
|
-
def self.included(aClass)
|
60
|
-
aClass.cattr_accessor :rings_fields
|
61
|
-
aClass.rings_fields = [] # [1] => {read: [:name,:address], delete: true}
|
62
|
-
aClass.cattr_accessor :rings_abilities
|
63
|
-
aClass.rings_abilities = [] # [1] => {read: [:name,:address], delete: true}
|
64
|
-
aClass.send :extend, ClassMethods
|
65
|
-
end
|
66
|
-
|
67
|
-
def sanitized_hash(aRing)
|
68
|
-
p_fields = self.class.permitted_fields(:read, aRing)
|
69
|
-
self.attributes.filter_include(p_fields)
|
70
|
-
end
|
71
|
-
|
72
|
-
module ClassMethods
|
73
|
-
|
74
|
-
# supports different formats :
|
75
|
-
# ring :sales, :write => [:name,:address] ie. sales can write the name and address fields
|
76
|
-
# ring :sales, :read ie. sales can read this model
|
77
|
-
# ring :sales, [:read, :create, :destroy] ie. sales can read, create and destroy this model
|
78
|
-
def ring(aRing,aAbilities)
|
79
|
-
aRing = RingStrongParameters.lookup_ring(aRing)
|
80
|
-
raise "aRing must be a number or a symbol defined in RingStrongParameters.config.ring_names" if !aRing.is_a?(Fixnum)
|
81
|
-
|
82
|
-
if aAbilities.is_a? Hash # eg. fields like :write => [:name,:address]
|
83
|
-
ring_rec = self.rings_fields[aRing] || {}
|
84
|
-
aAbilities.each do |abilities,fields|
|
85
|
-
abilities = [abilities] unless abilities.is_a?(Array)
|
86
|
-
fields = [fields] unless fields.is_a?(Array)
|
87
|
-
abilities.each do |a|
|
88
|
-
a = a.to_sym
|
89
|
-
ring_fields = ring_rec[a] || []
|
90
|
-
ring_fields = ring_fields + fields.map(&:to_sym)
|
91
|
-
ring_fields.uniq!
|
92
|
-
ring_fields.sort!
|
93
|
-
ring_rec[a] = ring_fields
|
94
|
-
end
|
95
|
-
end
|
96
|
-
self.rings_fields[aRing] = ring_rec
|
97
|
-
elsif aAbilities.is_a?(Array) || aAbilities.is_a?(Symbol) # eg. abilities like :sales, [:read, :create, :destroy]
|
98
|
-
aAbilities = [aAbilities] unless aAbilities.is_a?(Array)
|
99
|
-
ring_ab = self.rings_abilities[aRing] || []
|
100
|
-
aAbilities.each do |ability|
|
101
|
-
ring_ab << ability.to_sym
|
102
|
-
end
|
103
|
-
ring_ab.uniq!
|
104
|
-
ring_ab.sort!
|
105
|
-
self.rings_abilities[aRing] = ring_ab
|
106
|
-
end
|
107
|
-
end
|
108
|
-
|
109
|
-
def permitted(aAbility,aRing)
|
110
|
-
aRing = RingStrongParameters.lookup_ring(aRing)
|
111
|
-
return [] unless aRing and rings_fields = self.respond_to?(:rings_fields).to_nil && self.rings_fields
|
112
|
-
|
113
|
-
fields = []
|
114
|
-
aRing.upto(rings_fields.length-1) do |i|
|
115
|
-
next unless ring_rec = rings_fields[i]
|
116
|
-
if af = ring_rec[aAbility.to_sym]
|
117
|
-
fields += af if af.is_a?(Array)
|
118
|
-
end
|
119
|
-
end
|
120
|
-
fields.uniq!
|
121
|
-
fields.sort!
|
122
|
-
fields
|
123
|
-
end
|
124
|
-
|
125
|
-
def permitted_fields(aAbility, aRing)
|
126
|
-
result = self.permitted(aAbility, aRing)
|
127
|
-
result.delete_if { |f| self.reflections.has_key? f }
|
128
|
-
result
|
129
|
-
end
|
130
|
-
|
131
|
-
def permitted_associations(aAbility, aRing)
|
132
|
-
aRing = RingStrongParameters.lookup_ring(aRing)
|
133
|
-
return [] unless aRing and rings_fields = self.respond_to?(:rings_fields).to_nil && self.rings_fields
|
134
|
-
|
135
|
-
associations = self.reflections.keys
|
136
|
-
|
137
|
-
fields = []
|
138
|
-
aRing.upto(rings_fields.length-1) do |i|
|
139
|
-
next unless ring_rec = rings_fields[i]
|
140
|
-
if af = ring_rec[aAbility.to_sym]
|
141
|
-
fields += associations & af
|
142
|
-
end
|
143
|
-
end
|
144
|
-
fields.uniq!
|
145
|
-
fields.sort!
|
146
|
-
fields
|
147
|
-
end
|
148
|
-
|
149
|
-
def ring_can?(aAbility, aRing)
|
150
|
-
aRing = RingStrongParameters.lookup_ring(aRing)
|
151
|
-
return [] unless aRing and rings_abilities = self.respond_to?(:rings_abilities).to_nil && self.rings_abilities
|
152
|
-
|
153
|
-
fields = []
|
154
|
-
aRing.upto(rings_abilities.length-1) do |i|
|
155
|
-
next unless ring_ab = rings_abilities[i]
|
156
|
-
return true if ring_ab.include?(aAbility)
|
157
|
-
end
|
158
|
-
return false
|
159
|
-
end
|
160
|
-
|
161
|
-
end
|
162
|
-
|
163
|
-
end
|
164
|
-
|
165
|
-
#module RingStrongParameters::Controller
|
166
|
-
#
|
167
|
-
# #def permitted(aAbility,aModel)
|
168
|
-
# # # lookup aModel.rings_fields and return fields that current_user can access with given ability
|
169
|
-
# # aModel = aModel.class if aModel.is_a? ActiveRecord::Base
|
170
|
-
# # ring = current_user.try(:ring)
|
171
|
-
# # aModel.permitted(aAbility,ring)
|
172
|
-
# #end
|
173
|
-
#
|
174
|
-
# #def permitted_fields(aAbility,aModel)
|
175
|
-
# # aModel = aModel.class if aModel.is_a? ActiveRecord::Base
|
176
|
-
# # ring = current_user.try(:ring)
|
177
|
-
# # aModel.permitted_fields(aAbility,ring)
|
178
|
-
# #end
|
179
|
-
#
|
180
|
-
# #def permitted_associations(aAbility,aModel)
|
181
|
-
# # aUser = current_user
|
182
|
-
# # aRing = aUser.try(:ring)
|
183
|
-
# # aModel = aModel.class if aModel.is_a? ActiveRecord::Base
|
184
|
-
# # aModel.permitted_associations(aAbility, aRing)
|
185
|
-
# #end
|
186
|
-
#
|
187
|
-
# #def ring_can?(aAbility,aModel)
|
188
|
-
# # aModel = aModel.class if aModel.is_a? ActiveRecord::Base
|
189
|
-
# # aAbility = aAbility.to_sym
|
190
|
-
# # ring = current_user.try(:ring)
|
191
|
-
# # aModel.ring_can?(aAbility, ring)
|
192
|
-
# #end
|
193
|
-
#
|
194
|
-
#end
|
195
|
-
|
data/spec/.DS_Store
DELETED
Binary file
|
data/spec/demo/script/rails
DELETED
@@ -1,6 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
|
3
|
-
|
4
|
-
APP_PATH = File.expand_path('../../config/application', __FILE__)
|
5
|
-
require File.expand_path('../../config/boot', __FILE__)
|
6
|
-
require 'rails/commands'
|
data/spec/external/.DS_Store
DELETED
Binary file
|