lockdown 0.5.1 → 0.5.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/History.txt +3 -0
  2. data/lib/lockdown/helper.rb +21 -13
  3. data/lib/lockdown/system.rb +22 -17
  4. data/lib/lockdown/version.rb +1 -1
  5. data/website/generator.html +1 -1
  6. data/website/index.html +1 -1
  7. metadata +2 -2
data/History.txt CHANGED
@@ -1,3 +1,6 @@
1
+ == 0.5.2 2008-05-26
2
+ * Fixed: make call to Dependencies.clear after inspecting controllers. Using Dependencies.require_or_load is not sufficient it seems.
3
+
1
4
  == 0.5.1 2008-05-25
2
5
  * Fixed: bug with namespaced access having identical standard access. e.g. /users and /admin/users
3
6
 
data/lib/lockdown/helper.rb CHANGED
@@ -14,13 +14,13 @@ module Lockdown
14
14
  end
15
15
  end
16
16
 
17
- def string_name(str_sym)
18
- str_sym.is_a?(Symbol) ? convert_reference_name(str_sym) : str_sym
19
- end
20
-
21
- def symbol_name(str_sym)
22
- str_sym.is_a?(String) ? convert_reference_name(str_sym) : str_sym
23
- end
17
+ def lockdown_string(value)
18
+ if value.respond_to?(:name)
19
+ string_name(value.name)
20
+ else
21
+ string_name(value)
22
+ end
23
+ end
24
24
 
25
25
  def lockdown_symbol(value)
26
26
  if value.respond_to?(:name)
@@ -41,16 +41,24 @@ module Lockdown
41
41
  Array.new(len){||chars[rand(chars.size)]}.join
42
42
  end
43
43
 
44
- def administrator_group_string
45
- string_name(:administrators)
44
+ def administrator_group_string
45
+ string_name(:administrators)
46
46
  end
47
47
 
48
- def administrator_group_symbol
49
- :administrators
48
+ def administrator_group_symbol
49
+ :administrators
50
50
  end
51
51
 
52
52
  private
53
53
 
54
+ def string_name(str_sym)
55
+ str_sym.is_a?(Symbol) ? convert_reference_name(str_sym) : str_sym
56
+ end
57
+
58
+ def symbol_name(str_sym)
59
+ str_sym.is_a?(String) ? convert_reference_name(str_sym) : str_sym
60
+ end
61
+
54
62
  def titleize(str)
55
63
  humanize(underscore(str)).gsub(/\b([a-z])/) { $1.capitalize }
56
64
  end
@@ -67,11 +75,11 @@ module Lockdown
67
75
  end
68
76
 
69
77
  if Lockdown.rails_app?
70
- def kontroller_class_name(str)
78
+ def controller_class_name(str)
71
79
  "#{str}Controller"
72
80
  end
73
81
  else
74
- def kontroller_class_name(str)
82
+ def controller_class_name(str)
75
83
  str
76
84
  end
77
85
  end
data/lib/lockdown/system.rb CHANGED
@@ -15,13 +15,15 @@ module Lockdown
15
15
 
16
16
  # Future functionality:
17
17
  # :private_access will restrict access to model data to their creators.
18
- # attr_accessor :private_access #:nodoc:
18
+ # attr_accessor :private_access
19
19
 
20
20
  attr_accessor :controller_classes #:nodoc:
21
21
 
22
22
  def configure(&block)
23
23
  set_defaults
24
+
24
25
  instance_eval(&block)
26
+
25
27
  if options[:use_db_models] && options[:sync_init_rb_with_db]
26
28
  sync_with_db
27
29
  end
@@ -71,7 +73,7 @@ module Lockdown
71
73
  elsif ug.responds_to?(:name)
72
74
  # This user group was defined in the database
73
75
  ug.permissions.each do |perm|
74
- perm_sym = symbol_name(perm.name)
76
+ perm_sym = lockdown_symbol(perm.name)
75
77
  unless permission_exists?(perm_sym)
76
78
  raise SecurityError, "Permission associated to User Group is invalid: #{perm_sym}"
77
79
  end
@@ -132,7 +134,7 @@ module Lockdown
132
134
  # Delete a user group record from the database
133
135
  #
134
136
  def delete_user_group(str_sym)
135
- ug = UserGroup.find(:first, :conditions => ["name = ?",string_name(str_sym)])
137
+ ug = UserGroup.find(:first, :conditions => ["name = ?",lockdown_string(str_sym)])
136
138
  ug.destroy unless ug.nil?
137
139
  end
138
140
 
@@ -181,7 +183,7 @@ module Lockdown
181
183
  def permissions_assignable_for_user(usr)
182
184
  return [] if usr.nil?
183
185
  if administrator?(usr)
184
- @permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
186
+ @permissions.keys.collect{|k| Permission.find_by_name(lockdown_string(k)) }.compact
185
187
  else
186
188
  groups = user_groups_assignable_for_user(usr)
187
189
  groups.collect{|g| g.permissions}.flatten.compact
@@ -205,14 +207,14 @@ module Lockdown
205
207
  end
206
208
 
207
209
  def fetch_controller_class(str)
208
- @controller_classes[controller_class_name(str)]
210
+ @controller_classes[lockdown_class_name(str)]
209
211
  end
210
212
 
211
213
  protected
212
214
 
213
215
  def set_defaults
214
216
  load_controller_classes
215
-
217
+
216
218
  @permissions = {}
217
219
  @user_groups = {}
218
220
 
@@ -246,7 +248,7 @@ module Lockdown
246
248
 
247
249
  def load_controller_classes
248
250
  @controller_classes = {}
249
-
251
+
250
252
  maybe_load_framework_controller_parent
251
253
 
252
254
  Dir.chdir("#{Lockdown.project_root}/app/controllers") do
@@ -255,17 +257,21 @@ module Lockdown
255
257
  lockdown_load(c)
256
258
  end
257
259
  end
260
+
261
+ if Lockdown.rails_app?
262
+ Dependencies.clear
263
+ end
258
264
  end
259
265
 
260
- def controller_class_name_from_file(str)
266
+ def lockdown_class_name_from_file(str)
261
267
  str.split(".")[0].split("/").collect{|s| camelize(s) }.join("::")
262
268
  end
263
269
 
264
- def controller_class_name(str)
270
+ def lockdown_class_name(str)
265
271
  if str.include?("__")
266
- kontroller_class_name(str.split("__").collect{|p| camelize(p)}.join("::"))
272
+ controller_class_name(str.split("__").collect{|p| camelize(p)}.join("::"))
267
273
  else
268
- kontroller_class_name(camelize(str))
274
+ controller_class_name(camelize(str))
269
275
  end
270
276
  end
271
277
 
@@ -273,13 +279,12 @@ module Lockdown
273
279
  if Lockdown.rails_app?
274
280
  Dependencies.require_or_load("application.rb")
275
281
  else
276
- #just default to Merb for now as the only alternative
277
282
  load("application.rb") unless const_defined?("Application")
278
283
  end
279
284
  end
280
285
 
281
286
  def lockdown_load(file)
282
- klass = controller_class_name_from_file(file)
287
+ klass = lockdown_class_name_from_file(file)
283
288
  if Lockdown.rails_app?
284
289
  Dependencies.require_or_load(file)
285
290
  else
@@ -316,7 +321,7 @@ module Lockdown
316
321
  # Create permissions not found in the database
317
322
  get_permissions.each do |key|
318
323
  next if permission_assigned_automatically?(key)
319
- str = string_name(key)
324
+ str = lockdown_string(key)
320
325
  p = Permission.find(:first, :conditions => ["name = ?", str])
321
326
  unless p
322
327
  puts ">> Lockdown: Permission not found in db: #{str}, creating."
@@ -330,7 +335,7 @@ module Lockdown
330
335
  db_perms = Permission.find(:all).dup
331
336
  perm_keys = get_permissions
332
337
  db_perms.each do |dbp|
333
- unless perm_keys.include?(symbol_name(dbp.name))
338
+ unless perm_keys.include?(lockdown_symbol(dbp.name))
334
339
  puts ">> Lockdown: Permission no longer in init.rb: #{dbp.name}, deleting."
335
340
  Lockdown.database_execute("delete from permissions_user_groups where permission_id = #{dbp.id}")
336
341
  dbp.destroy
@@ -339,14 +344,14 @@ module Lockdown
339
344
 
340
345
  # Create user groups not found in the database
341
346
  get_user_groups.each do |key|
342
- str = string_name(key)
347
+ str = lockdown_string(key)
343
348
  ug = UserGroup.find(:first, :conditions => ["name = ?", str])
344
349
  unless ug
345
350
  puts ">> Lockdown: UserGroup not in the db: #{str}, creating."
346
351
  ug = UserGroup.create(:name => str)
347
352
  #Inefficient, definitely, but shouldn't have any issues across orms.
348
353
  permissions_for_user_group(key) do |perm|
349
- p = Permission.find(:first, :conditions => ["name = ?", string_name(perm)])
354
+ p = Permission.find(:first, :conditions => ["name = ?", lockdown_string(perm)])
350
355
  Lockdown.database_execute <<-SQL
351
356
  insert into permissions_user_groups(permission_id, user_group_id)
352
357
  values(#{p.id}, #{ug.id})
data/lib/lockdown/version.rb CHANGED
@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 0
4
4
  MINOR = 5
5
- TINY = 1
5
+ TINY = 2
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
8
8
  end
data/website/generator.html CHANGED
@@ -33,7 +33,7 @@
33
33
  <h1>Lockdown</h1>
34
34
  <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/lockdown"; return false'>
35
35
  <p>Get Version</p>
36
- <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.1</a>
36
+ <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.2</a>
37
37
  </div>
38
38
  <h2>What</h2>
39
39
 
data/website/index.html CHANGED
@@ -33,7 +33,7 @@
33
33
  <h1>Lockdown</h1>
34
34
  <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/lockdown"; return false'>
35
35
  <p>Get Version</p>
36
- <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.1</a>
36
+ <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.5.2</a>
37
37
  </div>
38
38
  <h2>What</h2>
39
39
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.1
4
+ version: 0.5.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-25 00:00:00 -04:00
12
+ date: 2008-05-26 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency