lockdown 0.3.6 → 0.3.7

data/app_generators/lockdown/templates/init.rb

@@ -3,81 +3,81 @@ require File.join(File.dirname(__FILE__), "session")
 
 Lockdown::System.configure do
 
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	# Configuration Options
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	# Options with defaults:
-	#
-	# Set timeout to 1 hour:
-	#		options[:session_timeout] = (60 * 60)
-	#
-	# Set system to logout if unauthorized access is attempted:
-	#		options[:logout_on_access_violation] = false
-	#
-	# Set redirect to path on unauthorized access attempt:
-	#		options[:access_denied_path] = "/"
-	#
-	# Set redirect to path on successful login:
-	#		options[:successful_login_path] = "/"
-	#
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	# Define permissions
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	#
-	#		set_permission(:product_management, all_methods(:products))
-	#
-	#			:product_management is the name of the permission which is later
-	#					referenced by the user_group method
-	# 
-	#			:all_methods(:products) will return an array of all controller actions
-	#			for the products controller
-  #			
-	#				if products is your standard RESTful resource you'll get:
-	#				["products/index , "products/show",
-  #					"products/new", "products/edit",
-  #         "products/create", "products/update",
-  #         "products/destroy"]
-	#
-	#	You can pass multiple parameters to concat permissions such as:
-	#		
-	#		set_permission(:security_management,all_methods(:users),
-	#																				all_methods(:user_groups),
-	#																			  all_methods(:permissions) )
-	#
-	# In addition to all_methods(:controller) there are:
-	#
-	#		only_methods(:controller, :only_method_1, :only_method_2)
-	#
-	#		all_except_methods(:controller, :except_method_1, :except_method_2)
-	#
-	#	Some other sample permissions:
-  #	
-  #		set_permission(:sessions, all_methods(:sessions))
-  #		set_permission(:my_account, only_methods(:users, :edit, :update, :show))
-	# 
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	# Built-in user groups
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	#	You can assign the above permission to one of the built-in user groups
-  #	by using the following:
-  #	
-	#		To allow public access on the permissions :sessions and :home:
-  #		set_public_access :sessions, :home
-  #		
-	#		
-	#		Restrict :my_account access to only authenticated users:
-  #		set_protected_access :my_account
-  #		
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	# Define user groups
-	#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-	#
-	#		set_user_group(:catalog_management, :category_management, 
-  #																			  :product_management) 
-	# 
-	#			:catalog_management is the name of the user group
-	#			:category_management and :product_management refer to permission names
-	#
-	
-	# Add your configuration below:
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Configuration Options
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Options with defaults:
+  #
+  # Set timeout to 1 hour:
+  #       options[:session_timeout] = (60 * 60)
+  #
+  # Set system to logout if unauthorized access is attempted:
+  #       options[:logout_on_access_violation] = false
+  #
+  # Set redirect to path on unauthorized access attempt:
+  #       options[:access_denied_path] = "/"
+  #
+  # Set redirect to path on successful login:
+  #       options[:successful_login_path] = "/"
+  #
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Define permissions
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #
+  # set_permission(:product_management, all_methods(:products))
+  #
+  # :product_management is the name of the permission which is later
+  # referenced by the set_user_group method
+  #
+  # :all_methods(:products) will return an array of all controller actions
+  # for the products controller
+  #
+  # if products is your standard RESTful resource you'll get:
+  #   ["products/index , "products/show",
+  #    "products/new", "products/edit",
+  #    "products/create", "products/update",
+  #    "products/destroy"]
+  #
+  # You can pass multiple parameters to concat permissions such as:
+  #      
+  #	  set_permission(:security_management,all_methods(:users),
+  #                                       all_methods(:user_groups),
+  #                                       all_methods(:permissions) )
+  #
+  # In addition to all_methods(:controller) there are:
+  #
+  #       only_methods(:controller, :only_method_1, :only_method_2)
+  #
+  #       all_except_methods(:controller, :except_method_1, :except_method_2)
+  #
+  # Some other sample permissions:
+  # 
+  #  set_permission(:sessions, all_methods(:sessions))
+  #  set_permission(:my_account, only_methods(:users, :edit, :update, :show))
+  # 
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Built-in user groups
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #  You can assign the above permission to one of the built-in user groups
+  #  by using the following:
+  # 
+  #  To allow public access on the permissions :sessions and :home:
+  #    set_public_access :sessions, :home
+  #     
+  #  Restrict :my_account access to only authenticated users:
+  #    set_protected_access :my_account
+  #
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Define user groups
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #
+  #  set_user_group(:catalog_management, :category_management, 
+  #                                      :product_management) 
+  #
+  #  :catalog_management is the name of the user group
+  #  :category_management and :product_management refer to permission names
+  #
+
+  # Add your configuration below:
+
 end 

data/lib/lockdown/system.rb

@@ -125,6 +125,10 @@ module Lockdown
 				rights
 			end
 
+			def access_rights_for_perm(perm)
+        (perms = @permissions[symbol_name(perm.name)]) == nil ? [] : perms 
+      end
+
 			#
 			# Use this for the management screen to restrict user group list to the
 			# user.  This will prevent a user from creating a user with more power than

data/lib/lockdown/version.rb

@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 3
-    TINY  = 6
+    TINY  = 7
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/rails_generators/lockdown_all/templates/app/helpers/permissions_helper.rb

@@ -4,7 +4,7 @@ module PermissionsHelper
   end
 
   def permission_access_rights_value
-		@permission.access_rights.collect{|r| r}.join("<br/>") if @permission.access_rights
+    Lockdown::System.access_rights_for_perm(@permission).collect{|r| r}.join("<br/>") 
   end
 
 	def permission_users_value

data/website/index.txt

@@ -136,24 +136,6 @@ Lockdown::System.configure do
 end 
 </pre>
 
-
-
-h2. Some History
-
-Lockdown was initially designed as a authentication/authorization system to be configured by system administrators. This means it was database driven and had an interface to manage the access rights.  I didn't like the static methodology of using code scattered amongst the controllers to define my access rights for the system.  I also didn't like the fact that everything was accessible unless you restricted access.  So, I designed Lockdown to restrict access to all resources unless rights have been granted. 
-
-The system was nice and worked well until I had a project that required RSpec tests.  I don't have anything against testing frameworks (now that I've see the light) but what bothered me most what the fact that I would have to duplicate the information I already defined in my migrations as mock data.  I simply refused to do that extra work.  So, a serious refactoring of Lockdown was required.
-
-
-After the RSpec project was completed, the refactoring continued.  This time the focus was on releasing the code to the masses.  I like this system a lot and think both the system itself and the community could benefit from releasing this as an open source project.  
-
-In the middle of my refactoring for a public release, I made the decision to use Merb (when the choice was mine). This meant I needed to modify Lockdown for use with Merb.  So this is what I have done.
-
-There is code in place for using Lockdown with Rails, after all, that's where Lockdown was born.  However, I have not yet tested the Rails functionality after this last refactor.  In addition, the deployment mechanism for Rails has to be tested.
-
-Writing code for public release is difficult and much different from architecting/coding for a closed source project.  A lot of things you could get by with in a proprietary application won't be well received by the general public.  In addition, if you don't make things easy, the adoption rate will probably be non-existent.
-
-
 h2. Forum
 
 If you are having a problem understanding how to use Lockdown, please post your question on the lockdown group.  If it's documentation related, I will keep this page updated to help everyone. 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: lockdown
 version: !ruby/object:Gem::Version 
-  version: 0.3.6
+  version: 0.3.7
 platform: ruby
 authors: 
 - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2008-04-30 00:00:00 -04:00
+date: 2008-05-01 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency