lawkeeper 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+*.rvmrc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in lawkeeper.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Brendon Murphy
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,178 @@
+# Lawkeeper
+
+Lawkeeper - Simple authorization policies for Rack apps
+
+Lawkeeper was heavily inspired by the Pundit authorization gem.  Lawkeeper
+follows a very similar pattern, but is more agnostic and geared towards use
+in smaller Rack applications.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'lawkeeper'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install lawkeeper
+
+## Usage
+
+Lawkeeper makes a couple basic assumptions
+
+* You have a `current_user` helper
+* You create policy files like `PostPolicy` for a `Post` model
+* You have a headers method with a settable hash for response headers
+
+After setting up your model policies, include `Lawkeeper::Helpers`
+into your app.  Let's assume Sinatra as our example:
+
+```ruby
+helpers do
+  include Lawkeeper::Helpers
+end
+```
+
+This provides a few useful helpers:
+
+* `can?` - for checking if the current_user is permitted an action on the
+  record
+* `authorize` - checks if the user can perform the action, otherwise raise
+  `Lawkeeper::NotAuthorized`
+* `skip_authorization` - used to flag an action as not needing authorization
+
+### Declaring policy classes
+
+By default, Lawkeeper follows a convention of mapping policy classes like
+`PostPolicy` for a `Post` class, `CommentPolicy` for `Comment`, etc.
+
+The simplest way to declare a post policy is inherit `Lawkeeper::Policy`
+and declare predicates for policy checks:
+
+```ruby
+class PostPolicy < Lawkeeper::Policy
+  def read?
+    true
+  end
+
+  def update?
+    record.owned_by?(user)
+  end
+end
+```
+
+Lawkeeper makes no assumptions about the name of your policy queries.  You can
+call them `show?` or `read?`, `delete?` or `destroy?`, whichever you prefer.  The
+only requirement is that they end with '?'.
+
+Policy classes are instantiated with the current user and a record for checking.
+
+If you wish to use an unconventially named Policy class for a model, add the
+`#policy_class` instance method to your model.  For example:
+
+```ruby
+class Post
+  def policy_class
+    OwnershipPolicy
+  end
+end
+```
+
+Lawkeeper helper methods will prefer the `#policy_class` specified if it exists.
+
+### Authorizing in actions
+
+To authorize in a controller action is simple:
+
+```ruby
+get "/post/:id" do
+  @post = Post.find(id)
+  authorize @post, :read
+  erb :post_show
+end
+```
+
+If authorize is permitted (which it usually should be) the action will continue
+as normal.  If it fails, Lawkeeper::NotAuthorized will be raised.
+
+### Checking in views
+
+Lawkeeper provides a `can?` helper to use in your views:
+
+```ruby
+<% if can? :edit, @post %>
+  <a href="/posts/<%= @post.id %>/edit">Edit Post</a>
+<% end %>
+```
+
+The `can?` method is a check, it will not raise authorization exceptions.
+
+### Specifying policy classes
+
+If you wish to specify a policy class at runtime for a call to `can?` or `authorize`,
+you can pass a policy class as an option third argument.
+
+```ruby
+authorize @post, :read, OwnershipPolicy
+```
+
+## Ensuring authorization with middlewares
+
+Lawkeeper provides `EnsureWare` for checking that authorization was performed
+for all actions.  When the `authorize` or `skip_authorization` methods are
+employed in actions, response headers are set.  The middleware then checks
+and deletes the headers.  If the header was not present, a 403 forbidden status
+will be returned.
+
+This is useful to ensure you do not forget to authorize the resource in any
+given action.
+
+If you do not wish to enforce such a check, you should employ the `ScrubWare`
+middleware instead.  This is simply responsible for stripping Lawkeeper headers
+before sending the response on its way.
+
+If you'd prefer to not use middleware at all, it's advised you set Lawkeeper to
+simply skip the setting of headers:
+
+```ruby
+Lawkeeper.skip_set_headers = true
+```
+
+This will not prevent how Lawkeeper does its primary job of authorizing policy
+actions.
+
+## Outstanding Problems
+
+Lawkeeper as yet has no mechanism for scoping finds for collection 'index' like
+methods.  Pundit (which Lawkeeper is influenced by) has some similiar problems
+in this area as well (though it does provide a scope object).
+
+The primary challenges are:
+
+* A collection action is very different than an instance authorization, because
+  you don't authorize instances but rather find them via policy
+* As compared to instance authorization, scoped finding is very coupled to an
+  ORM, model, or storage pattern in a given application.
+
+My immediate thinking for Lawkeeper is to call `skip_authorization` in actions
+where you have performed a scoped find.  This will likely keep development in check
+since adding the call is a mental note for "hey this should be permitted records only"
+
+To build upon this, I believe either:
+
+* The scoping should be up to you, or
+* The scope permission handling should delegate to third party ORM specific plugins.
+
+I am still rolling around this in my head, with the goal of keeping it simple
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,11 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rake/testtask'
+
+Rake::TestTask.new(:spec) do |t|
+  t.libs.push "lib"
+  t.libs.push "spec"
+  t.test_files = FileList['spec/*_spec.rb']
+  t.verbose = true
+end
+

data/lawkeeper.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/lawkeeper/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Brendon Murphy"]
+  gem.email         = ["xternal1+github@gmail.com"]
+  gem.summary       = %q{Lawkeeper - Simple authorization policies for Rack apps}
+  gem.description   = gem.summary
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "lawkeeper"
+  gem.require_paths = ["lib"]
+  gem.version       = Lawkeeper::VERSION
+
+  gem.add_development_dependency "minitest"
+end

data/lib/lawkeeper/version.rb

@@ -0,0 +1,3 @@
+module Lawkeeper
+  VERSION = "0.0.1"
+end

data/lib/lawkeeper.rb

@@ -0,0 +1,102 @@
+require "lawkeeper/version"
+
+module Lawkeeper
+  AUTHORIZED_HEADER = 'Lawkeeper-Authorized'.freeze
+  SKIPPED_HEADER    = 'Lawkeeper-Skipped'.freeze
+
+  class NotAuthorized < StandardError; end
+  class NotDefined < StandardError; end
+
+  class << self
+    attr_accessor :skip_set_headers
+  end
+
+  class Policy
+    attr_reader :user, :record
+
+    def initialize(user, record)
+      @user   = user
+      @record = record
+    end
+  end
+
+  class PolicyLookup
+    def self.[](model)
+      if model.respond_to?(:policy_class)
+        model.policy_class
+      else
+        begin
+          Object.const_get("#{model.class}Policy")
+        rescue NameError
+          raise NotDefined
+        end
+      end
+    end
+  end
+
+  module Helpers
+    def can?(action, model, policy_class = nil)
+      policy_class ||= Lawkeeper::PolicyLookup[model]
+      policy_method = "#{action}?"
+      policy_class.new(current_user, model).public_send(policy_method)
+    end
+
+    def authorize(model, action, policy_class = nil)
+      if can?(action, model, policy_class)
+        set_lawkeeper_header(AUTHORIZED_HEADER)
+      else
+        raise NotAuthorized
+      end
+    end
+
+    def skip_authorization
+      set_lawkeeper_header(SKIPPED_HEADER)
+    end
+
+    def set_lawkeeper_header(header)
+      headers[header] = 'true' unless Lawkeeper.skip_set_headers
+    end
+  end
+
+  class EnsureWare
+    def initialize(app, options = {})
+      @app     = app
+      @options = options
+    end
+
+    def call(env)
+      dup._call(env)
+    end
+
+    def _call(env)
+      status, headers, body = @app.call(env)
+
+      if headers.delete(AUTHORIZED_HEADER) || headers.delete(SKIPPED_HEADER)
+        [status, headers, body]
+      else
+        [status_code, {"Content-Type" => "text/plain"}, ['forbidden, authorization required']]
+      end
+    end
+
+    def status_code
+      @options.fetch(:status_code, 403)
+    end
+  end
+
+  class ScrubWare
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      dup._call(env)
+    end
+
+    def _call(env)
+      status, headers, body = @app.call(env)
+      headers.delete(AUTHORIZED_HEADER)
+      headers.delete(SKIPPED_HEADER)
+      [status, headers, body]
+    end
+  end
+end

data/spec/helpers_spec.rb

@@ -0,0 +1,102 @@
+require 'spec_helper'
+
+class User
+  attr_accessor :permit
+end
+
+class Comment
+  attr_accessor :permit
+end
+
+class CommentPolicy < Lawkeeper::Policy
+  def read?
+    user.permit && record.permit
+  end
+end
+
+describe Lawkeeper::Helpers do
+  let(:comment) { Comment.new }
+  let(:controller) {
+    c = Object.new.tap { |c| c.extend(Lawkeeper::Helpers) }
+    def c.current_user
+      @current_user ||= User.new
+    end
+
+    def c.headers
+      @headers ||= {}
+    end
+
+    c
+  }
+
+  def permit_action
+    controller.current_user.permit = true
+    comment.permit = true
+  end
+
+  describe '#can?' do
+    it "returns false for a user denied action" do
+      controller.current_user.permit = true
+      comment.permit = false
+      controller.can?(:read, comment).must_equal false
+
+      controller.current_user.permit = false
+      comment.permit = true
+      controller.can?(:read, comment).must_equal false
+    end
+
+    it "returns true for a user permitted action" do
+      permit_action
+      controller.can?(:read, comment).must_equal true
+    end
+
+    it "can receive a specified policy class" do
+      klass = Class.new(Lawkeeper::Policy) do
+        def read?
+          true
+        end
+      end
+      controller.can?(:read, comment, klass).must_equal true
+    end
+  end
+
+  describe '#authorize' do
+    it "sets the authorized header to 'true' if the user can run the action" do
+      permit_action
+      controller.authorize(comment, :read)
+      controller.headers['Lawkeeper-Authorized'].must_equal 'true'
+    end
+
+    it "skips setting the header if Lawkeeper.skip_set_headers is true" do
+      Lawkeeper.skip_set_headers = true
+
+      permit_action
+      controller.authorize(comment, :read)
+      controller.headers['Lawkeeper-Authorized'].must_be_nil 'true'
+
+      Lawkeeper.skip_set_headers = nil
+    end
+
+    it "raises NotAuthorized if the user is not permitted the action" do
+      lambda {
+        controller.authorize(comment, :read)
+      }.must_raise(Lawkeeper::NotAuthorized)
+    end
+
+    it "can receive a specified policy class" do
+      klass = Class.new(Lawkeeper::Policy) do
+        def read?
+          true
+        end
+      end
+      controller.authorize(comment, :read, klass)
+    end
+  end
+
+  describe '#skip_authorization' do
+    it "sets the authorized header to 'true'" do
+      controller.skip_authorization
+      controller.headers['Lawkeeper-Skipped'].must_equal 'true'
+    end
+  end
+end

data/spec/middleware_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe Lawkeeper, 'middlewares' do
+  describe Lawkeeper::EnsureWare do
+    it "returns the result of calling the app if Lawkeeper-Authorized is 'true'"
+    it "returns the result of calling the app if Lawkeeper-Skipped is 'true'"
+    it "returns the result of calling the app if no Lawkeeper header is set"
+    it "deletes the lawkeeper headers"
+  end
+
+  describe Lawkeeper::ScrubWare do
+    it "deletes the lawkeeper headers"
+  end
+end

data/spec/policy_lookup_spec.rb

@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+class Post; end
+class PostPolicy; end
+class SpecifiedPolicy; end
+
+describe Lawkeeper::PolicyLookup do
+  it "returns PostPolicy for a Post instance" do
+    Lawkeeper::PolicyLookup[Post.new].must_equal PostPolicy
+  end
+
+  it "prefers the instance#policy_class if available" do
+    post = Post.new
+    def post.policy_class
+      SpecifiedPolicy
+    end
+    Lawkeeper::PolicyLookup[post].must_equal SpecifiedPolicy
+  end
+
+  it "raises NotDefined if the policy can not be found" do
+    lambda {
+      Lawkeeper::PolicyLookup[Object.new]
+    }.must_raise(Lawkeeper::NotDefined)
+  end
+end

data/spec/policy_spec.rb

@@ -0,0 +1,9 @@
+require "spec_helper"
+
+describe Lawkeeper::Policy do
+  it "is initialized with a user and record" do
+    policy = Lawkeeper::Policy.new(:user, :record)
+    policy.user.must_equal :user
+    policy.record.must_equal :record
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require "minitest/autorun"
+require "lawkeeper"

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: lawkeeper
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Brendon Murphy
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-06-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: &2152801400 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2152801400
+description: Lawkeeper - Simple authorization policies for Rack apps
+email:
+- xternal1+github@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lawkeeper.gemspec
+- lib/lawkeeper.rb
+- lib/lawkeeper/version.rb
+- spec/helpers_spec.rb
+- spec/middleware_spec.rb
+- spec/policy_lookup_spec.rb
+- spec/policy_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.15
+signing_key: 
+specification_version: 3
+summary: Lawkeeper - Simple authorization policies for Rack apps
+test_files:
+- spec/helpers_spec.rb
+- spec/middleware_spec.rb
+- spec/policy_lookup_spec.rb
+- spec/policy_spec.rb
+- spec/spec_helper.rb