lockdown 0.7.1 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.DS_Store +0 -0
- data/History.txt +3 -0
- data/README.txt +1 -1
- data/Rakefile +16 -1
- data/lib/lockdown/context.rb +41 -0
- data/lib/lockdown/database.rb +11 -14
- data/lib/lockdown/frameworks/rails/controller.rb +57 -4
- data/lib/lockdown/frameworks/rails/view.rb +1 -1
- data/lib/lockdown/frameworks/rails.rb +21 -10
- data/lib/lockdown/helper.rb +1 -1
- data/lib/lockdown/permission.rb +204 -0
- data/lib/lockdown/rules.rb +287 -0
- data/lib/lockdown/session.rb +8 -6
- data/lib/lockdown/system.rb +35 -88
- data/lib/lockdown.rb +52 -49
- data/rails_generators/.DS_Store +0 -0
- data/rails_generators/lockdown/.DS_Store +0 -0
- data/rails_generators/lockdown/lockdown_generator.rb +5 -5
- data/rails_generators/lockdown/templates/.DS_Store +0 -0
- data/rails_generators/lockdown/templates/lib/.DS_Store +0 -0
- data/rails_generators/lockdown/templates/lib/lockdown/init.rb +27 -19
- data/rails_generators/lockdown/templates/lib/lockdown/session.rb +1 -3
- data/spec/lockdown/database_spec.rb +158 -0
- data/spec/lockdown/frameworks/rails/controller_spec.rb +220 -0
- data/spec/lockdown/frameworks/rails/view_spec.rb +87 -0
- data/spec/lockdown/frameworks/rails_spec.rb +170 -0
- data/spec/lockdown/permission_spec.rb +156 -0
- data/spec/lockdown/rules_spec.rb +109 -0
- data/spec/lockdown/session_spec.rb +88 -0
- data/spec/lockdown/system_spec.rb +59 -0
- data/spec/lockdown_spec.rb +19 -0
- data/spec/rcov.opts +5 -0
- data/spec/spec.opts +3 -0
- data/spec/spec_helper.rb +1 -0
- data/tasks/post_load.rake +2 -7
- data/tasks/setup.rb +24 -3
- metadata +23 -12
- data/.gitignore +0 -5
- data/Manifest.txt +0 -51
- data/lib/lockdown/controller.rb +0 -64
- data/lib/lockdown/frameworks/merb/controller.rb +0 -63
- data/lib/lockdown/frameworks/merb/view.rb +0 -32
- data/lib/lockdown/frameworks/merb.rb +0 -84
- data/lib/lockdown/orms/data_mapper.rb +0 -70
- data/lib/lockdown/rights.rb +0 -208
- data/tasks/manifest.rake +0 -48
@@ -0,0 +1,170 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. .. spec_helper])
|
2
|
+
|
3
|
+
describe Lockdown::Frameworks::Rails do
|
4
|
+
before do
|
5
|
+
@rails = Lockdown::Frameworks::Rails
|
6
|
+
@rails.stub!(:use_me?).and_return(true)
|
7
|
+
|
8
|
+
@lockdown = mock("lockdown")
|
9
|
+
end
|
10
|
+
|
11
|
+
|
12
|
+
describe "#included" do
|
13
|
+
it "should extend lockdown with rails environment" do
|
14
|
+
@lockdown.should_receive(:extend).
|
15
|
+
with(Lockdown::Frameworks::Rails::Environment)
|
16
|
+
|
17
|
+
@rails.should_receive(:mixin)
|
18
|
+
|
19
|
+
@rails.included(@lockdown)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
describe "#mixin" do
|
24
|
+
it "should perform class_eval on controller view and system to inject itself" do
|
25
|
+
module ActionController; class Base; end end
|
26
|
+
module ActionView; class Base; end end
|
27
|
+
|
28
|
+
Lockdown.stub!(:controller_parent).and_return(ActionController::Base)
|
29
|
+
Lockdown.stub!(:view_helper).and_return(ActionView::Base)
|
30
|
+
|
31
|
+
ActionView::Base.should_receive(:class_eval)
|
32
|
+
|
33
|
+
ActionController::Base.should_receive(:class_eval)
|
34
|
+
|
35
|
+
Lockdown::System.should_receive(:class_eval)
|
36
|
+
|
37
|
+
|
38
|
+
@rails.mixin
|
39
|
+
end
|
40
|
+
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
describe Lockdown::Frameworks::Rails::Environment do
|
45
|
+
|
46
|
+
RAILS_ROOT = "/shibby/dibby/do"
|
47
|
+
before do
|
48
|
+
@env = class Test; extend Lockdown::Frameworks::Rails::Environment; end
|
49
|
+
end
|
50
|
+
|
51
|
+
describe "#project_root" do
|
52
|
+
it "should return rails root" do
|
53
|
+
@env.project_root.should == "/shibby/dibby/do"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
describe "#init_file" do
|
58
|
+
it "should return path to init_file" do
|
59
|
+
@env.stub!(:project_root).and_return("/shibby/dibby/do")
|
60
|
+
@env.init_file.should == "/shibby/dibby/do/lib/lockdown/init.rb"
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
describe "#controller_class_name" do
|
65
|
+
it "should add Controller to name" do
|
66
|
+
@env.controller_class_name("user").should == "UserController"
|
67
|
+
end
|
68
|
+
|
69
|
+
it "should convert two underscores to a namespaced controller" do
|
70
|
+
@env.controller_class_name("admin__user").should == "Admin::UserController"
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
describe "#controller_parent" do
|
75
|
+
it "should return ActionController::Base" do
|
76
|
+
module ActionController; class Base; end end
|
77
|
+
|
78
|
+
@env.controller_parent.should == ActionController::Base
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
describe "#view_helper" do
|
83
|
+
it "should return ActionView::Base" do
|
84
|
+
module ActionView; class Base; end end
|
85
|
+
|
86
|
+
@env.view_helper.should == ActionView::Base
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
describe Lockdown::Frameworks::Rails::System do
|
92
|
+
class Test
|
93
|
+
extend Lockdown::Frameworks::Rails::System
|
94
|
+
class << self
|
95
|
+
attr_accessor :controller_classes
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
module Rails
|
100
|
+
module VERSION
|
101
|
+
MAJOR = 2
|
102
|
+
MINOR = 2
|
103
|
+
TINY = 2
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
before do
|
108
|
+
@env = Test
|
109
|
+
@env.controller_classes = {}
|
110
|
+
end
|
111
|
+
|
112
|
+
describe "#skip_sync?" do
|
113
|
+
end
|
114
|
+
|
115
|
+
describe "#load_controller_classes" do
|
116
|
+
end
|
117
|
+
|
118
|
+
describe "#maybe_load_framework_controller_parent" do
|
119
|
+
it "should call require_or_load with application.rb < 2.3" do
|
120
|
+
@env.should_receive(:require_or_load).with("application.rb")
|
121
|
+
|
122
|
+
@env.maybe_load_framework_controller_parent
|
123
|
+
end
|
124
|
+
|
125
|
+
it "should call require_or_load with application_controller.rb >= 2.3" do
|
126
|
+
module Rails
|
127
|
+
module VERSION
|
128
|
+
MINOR = 3
|
129
|
+
TINY = 0
|
130
|
+
end
|
131
|
+
end
|
132
|
+
|
133
|
+
@env.should_receive(:require_or_load).with("application_controller.rb")
|
134
|
+
|
135
|
+
@env.maybe_load_framework_controller_parent
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
139
|
+
describe "#lockdown_load" do
|
140
|
+
it "should add class to controller classes" do
|
141
|
+
@env.stub!(:class_name_from_file).and_return("controller_class")
|
142
|
+
Lockdown.stub!(:qualified_const_get).and_return(:controller_class)
|
143
|
+
@env.stub!(:require_or_load)
|
144
|
+
|
145
|
+
@env.lockdown_load("controller_file")
|
146
|
+
|
147
|
+
@env.controller_classes["ControllerFile"].should == :controller_class
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
describe "#require_or_load" do
|
152
|
+
it "should use Dependencies if not defined in ActiveSupport" do
|
153
|
+
module ActiveSupport; end
|
154
|
+
Dependencies = mock("dependencies") unless defined?(Dependencies)
|
155
|
+
|
156
|
+
Dependencies.should_receive(:require_or_load).with("controller_file")
|
157
|
+
|
158
|
+
@env.require_or_load("controller_file")
|
159
|
+
end
|
160
|
+
|
161
|
+
it "should use ActiveSupport::Dependencies if defined" do
|
162
|
+
module ActiveSupport; class Dependencies; end end
|
163
|
+
|
164
|
+
ActiveSupport::Dependencies.should_receive(:require_or_load).
|
165
|
+
with("controller_file")
|
166
|
+
|
167
|
+
@env.require_or_load("controller_file")
|
168
|
+
end
|
169
|
+
end
|
170
|
+
end
|
@@ -0,0 +1,156 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
|
3
|
+
describe Lockdown::Permission do
|
4
|
+
before do
|
5
|
+
|
6
|
+
@permission = Lockdown::Permission.new(:user_management)
|
7
|
+
@permission.stub!(:paths_for).and_return([])
|
8
|
+
end
|
9
|
+
|
10
|
+
describe "#with_controller" do
|
11
|
+
before do
|
12
|
+
@permission.with_controller(:users)
|
13
|
+
end
|
14
|
+
|
15
|
+
it "should set current_context to ControllerContext" do
|
16
|
+
@permission.current_context.class.should equal(Lockdown::ControllerContext)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
describe "#only_methods" do
|
21
|
+
before do
|
22
|
+
@permission.with_controller(:users).only_methods(:show, :edit)
|
23
|
+
end
|
24
|
+
|
25
|
+
it "should set current_context to RootContext" do
|
26
|
+
@permission.current_context.class.should equal(Lockdown::RootContext)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
describe "#except_methods" do
|
31
|
+
before do
|
32
|
+
@permission.with_controller(:users).except_methods(:destroy)
|
33
|
+
end
|
34
|
+
|
35
|
+
it "should set current_context to RootContext" do
|
36
|
+
@permission.current_context.class.should equal(Lockdown::RootContext)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe "#to_model" do
|
41
|
+
before do
|
42
|
+
@permission.to_model(:user)
|
43
|
+
end
|
44
|
+
|
45
|
+
it "should set current_context to ModelContext" do
|
46
|
+
@permission.current_context.class.should equal(Lockdown::ModelContext)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
describe "#where" do
|
51
|
+
before do
|
52
|
+
@permission.to_model(:user).where(:current_user_id)
|
53
|
+
end
|
54
|
+
|
55
|
+
it "should set current_context to ModelWhereContext" do
|
56
|
+
@permission.current_context.class.should equal(Lockdown::ModelWhereContext)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
describe "#equals" do
|
61
|
+
before do
|
62
|
+
@permission.to_model(:user).where(:current_user_id).equals(:id)
|
63
|
+
end
|
64
|
+
|
65
|
+
it "should set current_context to RootContext" do
|
66
|
+
@permission.current_context.class.should equal(Lockdown::RootContext)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
describe "#is_in" do
|
71
|
+
before do
|
72
|
+
@permission.to_model(:user).where(:current_user_id).is_in(:manager_ids)
|
73
|
+
end
|
74
|
+
|
75
|
+
it "should set current_context to RootContext" do
|
76
|
+
@permission.current_context.class.should equal(Lockdown::RootContext)
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
describe "#set_as_public_access" do
|
81
|
+
it "should raise an PermissionScopeCollision if already protected" do
|
82
|
+
@permission.set_as_protected_access
|
83
|
+
lambda{@permission.set_as_public_access}.
|
84
|
+
should raise_error(Lockdown::PermissionScopeCollision)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
|
89
|
+
describe "#set_as_protected_access" do
|
90
|
+
it "should raise an PermissionScopeCollision if already public" do
|
91
|
+
@permission.set_as_public_access
|
92
|
+
lambda{@permission.set_as_protected_access}.
|
93
|
+
should raise_error(Lockdown::PermissionScopeCollision)
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
describe "while in RootContext" do
|
98
|
+
before do
|
99
|
+
@permission.with_controller(:users).only_methods(:show, :edit)
|
100
|
+
end
|
101
|
+
|
102
|
+
it "should raise InvalidRuleContext trying to access methods out of context" do
|
103
|
+
methods = [:only_methods, :except_methods, :where, :equals, :is_in, :includes]
|
104
|
+
|
105
|
+
methods.each do |method|
|
106
|
+
lambda{@permission.send(method, :sample_param)}.
|
107
|
+
should raise_error(Lockdown::InvalidRuleContext)
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
describe "while in ControllerContext" do
|
113
|
+
before do
|
114
|
+
@permission.with_controller(:users)
|
115
|
+
end
|
116
|
+
|
117
|
+
it "should raise InvalidRuleContext trying to access methods out of context" do
|
118
|
+
methods = [:where, :equals, :is_in, :includes]
|
119
|
+
|
120
|
+
methods.each do |method|
|
121
|
+
lambda{@permission.send(method, :sample_param)}.
|
122
|
+
should raise_error(Lockdown::InvalidRuleContext)
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
127
|
+
describe "while in ModelContext" do
|
128
|
+
before do
|
129
|
+
@permission.to_model(:user)
|
130
|
+
end
|
131
|
+
|
132
|
+
it "should raise InvalidRuleContext trying to access methods out of context" do
|
133
|
+
methods = [:with_controller, :and_controller, :only_methods, :except_methods, :to_model, :equals, :is_in, :includes]
|
134
|
+
|
135
|
+
methods.each do |method|
|
136
|
+
lambda{@permission.send(method, :sample_param)}.
|
137
|
+
should raise_error(Lockdown::InvalidRuleContext)
|
138
|
+
end
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
describe "while in ModelWhereContext" do
|
143
|
+
before do
|
144
|
+
@permission.to_model(:user).where(:current_user_id)
|
145
|
+
end
|
146
|
+
|
147
|
+
it "should raise InvalidRuleContext trying to access methods out of context" do
|
148
|
+
methods = [:with_controller, :and_controller, :only_methods, :except_methods, :to_model, :where]
|
149
|
+
|
150
|
+
methods.each do |method|
|
151
|
+
lambda{@permission.send(method, :sample_param)}.
|
152
|
+
should raise_error(Lockdown::InvalidRuleContext)
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
156
|
+
end
|
@@ -0,0 +1,109 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
|
3
|
+
class TestSystem; extend Lockdown::Rules; end
|
4
|
+
|
5
|
+
describe Lockdown::Rules do
|
6
|
+
before do
|
7
|
+
@rules = TestSystem
|
8
|
+
@rules.set_defaults
|
9
|
+
end
|
10
|
+
|
11
|
+
describe "#set_permission" do
|
12
|
+
it "should create and return a Permission object" do
|
13
|
+
@rules.set_permission(:user_management).
|
14
|
+
should == Lockdown::Permission.new(:user_management)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe "#set_public_access" do
|
19
|
+
it "should define the permission as public" do
|
20
|
+
@rules.set_permission(:user_management)
|
21
|
+
@rules.set_public_access(:user_management)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#set_public_access" do
|
26
|
+
it "should define the permission as public" do
|
27
|
+
@rules.set_permission(:home_page)
|
28
|
+
@rules.set_public_access(:home_page)
|
29
|
+
perm = @rules.permission_objects.find{|name, object| name == :home_page}
|
30
|
+
perm[1].public_access?.should be_true
|
31
|
+
end
|
32
|
+
|
33
|
+
it "should raise and InvalidRuleAssignment if permission does not exist" do
|
34
|
+
msg = "Permission not found: user_management"
|
35
|
+
lambda{@rules.set_public_access(:user_management)}.should
|
36
|
+
raise_error(Lockdown::InvalidRuleAssignment, msg)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe "#set_protected_access" do
|
41
|
+
it "should define the permission as protected" do
|
42
|
+
@rules.set_permission(:user_management)
|
43
|
+
@rules.set_protected_access(:user_management)
|
44
|
+
perm = @rules.permission_objects.find{|name, object| name == :user_management}
|
45
|
+
perm[1].protected_access?.should be_true
|
46
|
+
end
|
47
|
+
|
48
|
+
it "should raise and InvalidRuleAssignment if permission does not exist" do
|
49
|
+
msg = "Permission not found: user_management"
|
50
|
+
lambda{@rules.set_protected_access(:user_management)}.should
|
51
|
+
raise_error(Lockdown::InvalidRuleAssignment, msg)
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
describe "#get_permissions" do
|
56
|
+
it "should return array of permission names as symbols" do
|
57
|
+
@rules.set_permission(:home_page)
|
58
|
+
@rules.set_permission(:user_management)
|
59
|
+
@rules.process_rules
|
60
|
+
@rules.get_permissions.should include(:home_page)
|
61
|
+
@rules.get_permissions.should include(:user_management)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
describe "#permission_exists?" do
|
66
|
+
it "should return true if permission exists" do
|
67
|
+
@rules.set_permission(:home_page)
|
68
|
+
@rules.process_rules
|
69
|
+
@rules.permission_exists?(:home_page).should be_true
|
70
|
+
end
|
71
|
+
|
72
|
+
it "should return false if permission does not exist" do
|
73
|
+
@rules.permission_exists?(:home_page).should be_false
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
describe "#get_user_groups" do
|
78
|
+
it "should return array of user group names as symbols" do
|
79
|
+
@rules.set_permission(:user_management)
|
80
|
+
@rules.set_user_group(:security_management, :user_management)
|
81
|
+
@rules.get_user_groups.should == [:security_management]
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
describe "#user_group_exists?" do
|
86
|
+
it "should return true if user_group exists" do
|
87
|
+
@rules.set_user_group(:user_management, :some_perm)
|
88
|
+
@rules.user_group_exists?(:user_management).should be_true
|
89
|
+
end
|
90
|
+
|
91
|
+
it "should return false if user_group does not exist" do
|
92
|
+
@rules.user_group_exists?(:user_management).should be_false
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
|
97
|
+
describe "#make_user_administrator" do
|
98
|
+
end
|
99
|
+
|
100
|
+
describe "#process_rules" do
|
101
|
+
it "should validate user_group permissions" do
|
102
|
+
@rules.set_user_group(:test_group, :a_perm)
|
103
|
+
error = "User Group: test_group, permission not found: a_perm"
|
104
|
+
|
105
|
+
lambda{@rules.process_rules}.
|
106
|
+
should raise_error(Lockdown::InvalidRuleAssignment, error)
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
@@ -0,0 +1,88 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
|
3
|
+
class TestAController
|
4
|
+
include Lockdown::Session
|
5
|
+
end
|
6
|
+
|
7
|
+
describe Lockdown::Session do
|
8
|
+
before do
|
9
|
+
@controller = TestAController.new
|
10
|
+
|
11
|
+
@actions = %w(posts/index posts/show posts/new posts/edit posts/create posts/update posts/destroy)
|
12
|
+
|
13
|
+
@session = {:access_rights => @actions}
|
14
|
+
|
15
|
+
@controller.stub!(:session).and_return(@session)
|
16
|
+
end
|
17
|
+
|
18
|
+
describe "#nil_lockdown_values" do
|
19
|
+
it "should nil access_rights" do
|
20
|
+
@controller.send :nil_lockdown_values
|
21
|
+
@session[:access_rights].should == nil
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#current_user_access_in_group?" do
|
26
|
+
it "should return true if current user is admin" do
|
27
|
+
@actions = :all
|
28
|
+
@session = {:access_rights => @actions}
|
29
|
+
@controller.stub!(:session).and_return(@session)
|
30
|
+
|
31
|
+
@controller.send(:current_user_access_in_group?,:group).should == true
|
32
|
+
end
|
33
|
+
|
34
|
+
it "should return true if current_user has access" do
|
35
|
+
user_groups = {:public_group => [:public_access]}
|
36
|
+
hash = {:public_access => ["posts/index", "posts/show"]}
|
37
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
38
|
+
|
39
|
+
Lockdown::System.stub!(:user_groups).and_return(user_groups)
|
40
|
+
@controller.send(:current_user_access_in_group?,:public_group).should be_true
|
41
|
+
end
|
42
|
+
|
43
|
+
it "should return false if current_user has access" do
|
44
|
+
user_groups = {:public_group => [:public_access]}
|
45
|
+
hash = {:public_access => ["books/edit", "books/update"]}
|
46
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
47
|
+
|
48
|
+
Lockdown::System.stub!(:user_groups).and_return(user_groups)
|
49
|
+
@controller.send(:current_user_access_in_group?,:public_group).should be_false
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
describe "#current_user_is_admin?" do
|
54
|
+
it "should return true if access_rights == :all" do
|
55
|
+
@actions = :all
|
56
|
+
@session = {:access_rights => @actions}
|
57
|
+
@controller.stub!(:session).and_return(@session)
|
58
|
+
|
59
|
+
@controller.send(:current_user_is_admin?).should == true
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
describe "#add_lockdown_session_values" do
|
64
|
+
it "should set the access_rights from the user list" do
|
65
|
+
array = ["posts/index", "posts/show"]
|
66
|
+
Lockdown::System.stub!(:access_rights_for_user).and_return(array)
|
67
|
+
@controller.send(:add_lockdown_session_values,:user_object).
|
68
|
+
should == array
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
|
73
|
+
describe "#access_in_perm" do
|
74
|
+
it "should return false if permissions nil" do
|
75
|
+
Lockdown::System.stub!(:permissions).and_return({})
|
76
|
+
@controller.send(:access_in_perm?,:dummy).should be_false
|
77
|
+
end
|
78
|
+
|
79
|
+
it "should return true if permission found" do
|
80
|
+
hash = {:public => ["posts/index", "posts/show"]}
|
81
|
+
Lockdown::System.stub!(:permissions).and_return(hash)
|
82
|
+
@controller.send(:access_in_perm?,:public).should be_true
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
describe "#session_access_rights_include?" do
|
87
|
+
end
|
88
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), %w[.. spec_helper])
|
2
|
+
require File.join(File.dirname(__FILE__), %w[.. .. lib lockdown rules])
|
3
|
+
|
4
|
+
describe Lockdown::System do
|
5
|
+
it "should fetch the option" do
|
6
|
+
Lockdown::System.options = {}
|
7
|
+
Lockdown::System.options['test'] = "my test"
|
8
|
+
Lockdown::System.fetch('test').should == "my test"
|
9
|
+
end
|
10
|
+
|
11
|
+
it "should fetch the controller class" do
|
12
|
+
klass = mock("User Controller Class")
|
13
|
+
Lockdown.stub!(:controller_class_name).and_return(:users)
|
14
|
+
Lockdown::System.controller_classes = {}
|
15
|
+
Lockdown::System.controller_classes[:users] = klass
|
16
|
+
Lockdown::System.fetch_controller_class(:users).should equal(klass)
|
17
|
+
end
|
18
|
+
|
19
|
+
describe "#configure" do
|
20
|
+
it "should call the methods responsible for defining the rules" do
|
21
|
+
Lockdown::System.stub!(:skip_sync?).and_return(false)
|
22
|
+
|
23
|
+
Lockdown::System.should_receive :set_defaults
|
24
|
+
|
25
|
+
Lockdown::System.should_receive :load_controller_classes
|
26
|
+
|
27
|
+
Lockdown::System.should_receive :instance_eval
|
28
|
+
|
29
|
+
Lockdown::System.should_receive :process_rules
|
30
|
+
|
31
|
+
Lockdown::Database.should_receive :sync_with_db
|
32
|
+
|
33
|
+
Lockdown::System.configure do
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe "#paths_for" do
|
39
|
+
it "should join the str_sym to the methods" do
|
40
|
+
Lockdown::System.paths_for(:users, :show, :edit).
|
41
|
+
should == ["users/show", "users/edit"]
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should add users to the array if access is granted on index" do
|
45
|
+
Lockdown::System.paths_for(:users, :index, :show, :edit).
|
46
|
+
should == ["users/index", "users/show", "users/edit", "users"]
|
47
|
+
end
|
48
|
+
|
49
|
+
it "should build the paths from the controller class if no methods specified" do
|
50
|
+
methods = ["new","edit","create","update"]
|
51
|
+
Lockdown::System.stub!(:fetch_controller_class)
|
52
|
+
Lockdown::System.stub!(:available_actions).
|
53
|
+
and_return(methods)
|
54
|
+
|
55
|
+
Lockdown::System.paths_for(:users).
|
56
|
+
should == ["users/new","users/edit","users/create","users/update"]
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), 'spec_helper')
|
2
|
+
|
3
|
+
describe Lockdown do
|
4
|
+
before do
|
5
|
+
Lockdown.stub!(:version).and_return('1.2.3')
|
6
|
+
end
|
7
|
+
|
8
|
+
it "should return the correct major version" do
|
9
|
+
Lockdown.major_version.should equal(1)
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should return the correct minor version" do
|
13
|
+
Lockdown.minor_version.should equal(2)
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should return the correct patch version" do
|
17
|
+
Lockdown.patch_version.should equal(3)
|
18
|
+
end
|
19
|
+
end
|
data/spec/rcov.opts
ADDED
data/spec/spec.opts
ADDED
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), %w[.. lib lockdown]))
|
data/tasks/post_load.rake
CHANGED
@@ -2,8 +2,8 @@
|
|
2
2
|
# This file does not define any rake tasks. It is used to load some project
|
3
3
|
# settings if they are not defined by the user.
|
4
4
|
|
5
|
-
PROJ.rdoc.exclude << "^#{Regexp.escape(PROJ.manifest_file)}$"
|
6
5
|
PROJ.exclude << ["^#{Regexp.escape(PROJ.ann.file)}$",
|
6
|
+
"^#{Regexp.escape(PROJ.ignore_file)}$",
|
7
7
|
"^#{Regexp.escape(PROJ.rdoc.dir)}/",
|
8
8
|
"^#{Regexp.escape(PROJ.rcov.dir)}/"]
|
9
9
|
|
@@ -25,12 +25,7 @@ PROJ.description ||= paragraphs_of(PROJ.readme_file, 'description').join("\n\n")
|
|
25
25
|
|
26
26
|
PROJ.summary ||= PROJ.description.split('.').first
|
27
27
|
|
28
|
-
PROJ.gem.files ||=
|
29
|
-
if test(?f, PROJ.manifest_file)
|
30
|
-
files = File.readlines(PROJ.manifest_file).map {|fn| fn.chomp.strip}
|
31
|
-
files.delete ''
|
32
|
-
files
|
33
|
-
else [] end
|
28
|
+
PROJ.gem.files ||= manifest
|
34
29
|
|
35
30
|
PROJ.gem.executables ||= PROJ.gem.files.find_all {|fn| fn =~ %r/^bin/}
|
36
31
|
|
data/tasks/setup.rb
CHANGED
@@ -4,6 +4,7 @@ require 'rake'
|
|
4
4
|
require 'rake/clean'
|
5
5
|
require 'fileutils'
|
6
6
|
require 'ostruct'
|
7
|
+
require 'find'
|
7
8
|
|
8
9
|
class OpenStruct; undef :gem; end
|
9
10
|
|
@@ -27,8 +28,8 @@ PROJ = OpenStruct.new(
|
|
27
28
|
:ruby_opts => %w(-w),
|
28
29
|
:libs => [],
|
29
30
|
:history_file => 'History.txt',
|
30
|
-
:manifest_file => 'Manifest.txt',
|
31
31
|
:readme_file => 'README.txt',
|
32
|
+
:ignore_file => '.bnsignore',
|
32
33
|
|
33
34
|
# Announce
|
34
35
|
:ann => OpenStruct.new(
|
@@ -254,9 +255,29 @@ end
|
|
254
255
|
# Scans the current working directory and creates a list of files that are
|
255
256
|
# candidates to be in the manifest.
|
256
257
|
#
|
257
|
-
def
|
258
|
+
def manifest
|
258
259
|
files = []
|
259
|
-
exclude =
|
260
|
+
exclude = PROJ.exclude.dup
|
261
|
+
comment = %r/^\s*#/
|
262
|
+
|
263
|
+
# process the ignore file and add the items there to the exclude list
|
264
|
+
if test(?f, PROJ.ignore_file)
|
265
|
+
ary = []
|
266
|
+
File.readlines(PROJ.ignore_file).each do |line|
|
267
|
+
next if line =~ comment
|
268
|
+
line.chomp!
|
269
|
+
line.strip!
|
270
|
+
next if line.nil? or line.empty?
|
271
|
+
|
272
|
+
glob = line =~ %r/\*\./ ? File.join('**', line) : line
|
273
|
+
Dir.glob(glob).each {|fn| ary << "^#{Regexp.escape(fn)}"}
|
274
|
+
end
|
275
|
+
exclude.concat ary
|
276
|
+
end
|
277
|
+
|
278
|
+
# generate a regular expression from the exclude list
|
279
|
+
exclude = Regexp.new(exclude.join('|'))
|
280
|
+
|
260
281
|
Find.find '.' do |path|
|
261
282
|
path.sub! %r/^(\.\/|\/)/o, ''
|
262
283
|
next unless test ?f, path
|