lockdown 1.6.5 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +1 -0
- data/README.txt +8 -5
- data/Rakefile +43 -26
- data/lib/lockdown/access.rb +108 -0
- data/lib/lockdown/configuration.rb +201 -0
- data/lib/lockdown/database.rb +31 -36
- data/lib/lockdown/delivery.rb +26 -0
- data/lib/lockdown/errors.rb +3 -7
- data/lib/lockdown/frameworks/rails/controller.rb +21 -59
- data/lib/lockdown/frameworks/rails/view.rb +1 -1
- data/lib/lockdown/frameworks/rails.rb +7 -43
- data/lib/lockdown/helper.rb +14 -85
- data/lib/lockdown/orms/active_record.rb +7 -9
- data/lib/lockdown/permission.rb +37 -203
- data/lib/lockdown/resource.rb +54 -0
- data/lib/lockdown/session.rb +16 -25
- data/lib/lockdown/user_group.rb +16 -0
- data/lib/lockdown.rb +15 -60
- data/lockdown.gemspec +29 -69
- data/test/helper.rb +9 -0
- data/test/lockdown/test_access.rb +80 -0
- data/test/lockdown/test_configuration.rb +194 -0
- data/test/lockdown/test_delivery.rb +163 -0
- data/test/lockdown/test_helper.rb +33 -0
- data/test/lockdown/test_permission.rb +73 -0
- data/test/lockdown/test_resource.rb +47 -0
- data/test/lockdown/test_session.rb +31 -0
- data/test/lockdown/test_user_group.rb +17 -0
- data/test/test_lockdown.rb +11 -0
- metadata +41 -78
- data/lib/lockdown/context.rb +0 -41
- data/lib/lockdown/references.rb +0 -19
- data/lib/lockdown/rspec_helper.rb +0 -118
- data/lib/lockdown/rules.rb +0 -372
- data/lib/lockdown/system.rb +0 -58
- data/rails_generators/lockdown/lockdown_generator.rb +0 -274
- data/rails_generators/lockdown/templates/app/controllers/permissions_controller.rb +0 -22
- data/rails_generators/lockdown/templates/app/controllers/sessions_controller.rb +0 -39
- data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb +0 -122
- data/rails_generators/lockdown/templates/app/controllers/users_controller.rb +0 -117
- data/rails_generators/lockdown/templates/app/helpers/permissions_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/helpers/users_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/models/permission.rb +0 -13
- data/rails_generators/lockdown/templates/app/models/profile.rb +0 -10
- data/rails_generators/lockdown/templates/app/models/user.rb +0 -95
- data/rails_generators/lockdown/templates/app/models/user_group.rb +0 -15
- data/rails_generators/lockdown/templates/app/views/permissions/index.html.erb +0 -16
- data/rails_generators/lockdown/templates/app/views/permissions/show.html.erb +0 -26
- data/rails_generators/lockdown/templates/app/views/sessions/new.html.erb +0 -12
- data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb +0 -33
- data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb +0 -20
- data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb +0 -31
- data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb +0 -29
- data/rails_generators/lockdown/templates/app/views/users/edit.html.erb +0 -51
- data/rails_generators/lockdown/templates/app/views/users/index.html.erb +0 -22
- data/rails_generators/lockdown/templates/app/views/users/new.html.erb +0 -50
- data/rails_generators/lockdown/templates/app/views/users/show.html.erb +0 -33
- data/rails_generators/lockdown/templates/config/initializers/lockit.rb +0 -1
- data/rails_generators/lockdown/templates/db/migrate/create_admin_user.rb +0 -17
- data/rails_generators/lockdown/templates/db/migrate/create_permissions.rb +0 -19
- data/rails_generators/lockdown/templates/db/migrate/create_profiles.rb +0 -26
- data/rails_generators/lockdown/templates/db/migrate/create_user_groups.rb +0 -19
- data/rails_generators/lockdown/templates/db/migrate/create_users.rb +0 -17
- data/rails_generators/lockdown/templates/lib/lockdown/README +0 -42
- data/rails_generators/lockdown/templates/lib/lockdown/init.rb +0 -131
- data/spec/lockdown/context_spec.rb +0 -191
- data/spec/lockdown/database_spec.rb +0 -162
- data/spec/lockdown/frameworks/rails/controller_spec.rb +0 -215
- data/spec/lockdown/frameworks/rails/view_spec.rb +0 -96
- data/spec/lockdown/frameworks/rails_spec.rb +0 -163
- data/spec/lockdown/permission_spec.rb +0 -156
- data/spec/lockdown/rspec_helper_spec.rb +0 -40
- data/spec/lockdown/rules_spec.rb +0 -245
- data/spec/lockdown/session_spec.rb +0 -112
- data/spec/lockdown/system_spec.rb +0 -51
- data/spec/lockdown_spec.rb +0 -19
- data/spec/rcov.opts +0 -5
- data/spec/spec.opts +0 -3
- data/spec/spec_helper.rb +0 -8
@@ -0,0 +1,163 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class Authorization
|
4
|
+
extend Lockdown::Access
|
5
|
+
end
|
6
|
+
|
7
|
+
class TestLockdown < MiniTest::Unit::TestCase
|
8
|
+
|
9
|
+
def setup
|
10
|
+
Lockdown::Configuration.reset
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_it_allows_uri_without_beginning_slash
|
14
|
+
Authorization.permission :posts
|
15
|
+
Authorization.public_access :posts
|
16
|
+
|
17
|
+
assert_equal true, Lockdown::Delivery.allowed?('posts')
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_it_allows_uri_without_ending_slash
|
21
|
+
Authorization.permission :posts
|
22
|
+
Authorization.public_access :posts
|
23
|
+
|
24
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts')
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_it_allows_uri_with_ending_slash
|
28
|
+
Authorization.permission :posts
|
29
|
+
Authorization.public_access :posts
|
30
|
+
|
31
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/')
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_it_allows_uri_with_action
|
35
|
+
Authorization.permission :posts
|
36
|
+
Authorization.public_access :posts
|
37
|
+
|
38
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/new')
|
39
|
+
end
|
40
|
+
|
41
|
+
def test_it_allows_uri_access_to_only_show
|
42
|
+
Authorization.permission :posts do
|
43
|
+
resource :posts do
|
44
|
+
only :show
|
45
|
+
end
|
46
|
+
end
|
47
|
+
Authorization.public_access :posts
|
48
|
+
|
49
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
|
50
|
+
|
51
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
|
52
|
+
|
53
|
+
assert_equal false, Lockdown::Delivery.allowed?('/postsshow')
|
54
|
+
|
55
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/')
|
56
|
+
|
57
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/edit')
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_it_allows_uri_access_to_all_except_show
|
61
|
+
Authorization.permission :posts do
|
62
|
+
resource :posts do
|
63
|
+
except :show
|
64
|
+
end
|
65
|
+
end
|
66
|
+
Authorization.public_access :posts
|
67
|
+
|
68
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/show')
|
69
|
+
|
70
|
+
assert_equal false, Lockdown::Delivery.allowed?('/postsshow')
|
71
|
+
|
72
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts')
|
73
|
+
|
74
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/')
|
75
|
+
|
76
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
|
77
|
+
|
78
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/edit/')
|
79
|
+
end
|
80
|
+
|
81
|
+
def test_it_allows_uri_access_to_create_as_post
|
82
|
+
Authorization.permission :posts do
|
83
|
+
resource :posts do
|
84
|
+
only :new, :create
|
85
|
+
end
|
86
|
+
end
|
87
|
+
Authorization.public_access :posts
|
88
|
+
|
89
|
+
|
90
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts')
|
91
|
+
|
92
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/')
|
93
|
+
|
94
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/new')
|
95
|
+
|
96
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/new/')
|
97
|
+
|
98
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/create')
|
99
|
+
|
100
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/create/')
|
101
|
+
|
102
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/show')
|
103
|
+
|
104
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/show/')
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_it_allows_uri_access_to_update_as_put
|
108
|
+
Authorization.permission :posts do
|
109
|
+
resource :posts do
|
110
|
+
only :show, :edit, :update
|
111
|
+
end
|
112
|
+
end
|
113
|
+
Authorization.public_access :posts
|
114
|
+
|
115
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/update')
|
116
|
+
|
117
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/update/')
|
118
|
+
|
119
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
|
120
|
+
|
121
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/edit/')
|
122
|
+
|
123
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
|
124
|
+
|
125
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/show/')
|
126
|
+
|
127
|
+
end
|
128
|
+
|
129
|
+
def test_it_denies_uri_access_to_destroy
|
130
|
+
Authorization.permission :posts do
|
131
|
+
resource :posts do
|
132
|
+
except :destroy
|
133
|
+
end
|
134
|
+
end
|
135
|
+
Authorization.public_access :posts
|
136
|
+
|
137
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/update')
|
138
|
+
|
139
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
|
140
|
+
|
141
|
+
assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
|
142
|
+
|
143
|
+
assert_equal false, Lockdown::Delivery.allowed?('/posts/destroy')
|
144
|
+
end
|
145
|
+
|
146
|
+
def test_it_denies_uri_access_to_new_create_and_destroy
|
147
|
+
Authorization.permission :users do
|
148
|
+
resource :users do
|
149
|
+
except :new, :create, :destroy
|
150
|
+
end
|
151
|
+
end
|
152
|
+
Authorization.public_access :users
|
153
|
+
|
154
|
+
assert_equal true, Lockdown::Delivery.allowed?('/users/show')
|
155
|
+
|
156
|
+
assert_equal false, Lockdown::Delivery.allowed?('/users/new')
|
157
|
+
|
158
|
+
assert_equal false, Lockdown::Delivery.allowed?('/users/create')
|
159
|
+
|
160
|
+
assert_equal false, Lockdown::Delivery.allowed?('/users/destroy')
|
161
|
+
end
|
162
|
+
end
|
163
|
+
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class H
|
4
|
+
include Lockdown::Helper
|
5
|
+
end
|
6
|
+
|
7
|
+
class TestLockdownHelper < MiniTest::Unit::TestCase
|
8
|
+
|
9
|
+
def setup
|
10
|
+
@h = H.new
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_administrator_group_name
|
14
|
+
assert_equal 'Administrators', @h.administrator_group_name
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_user_groups_hbtm_reference
|
18
|
+
assert_equal :user_groups, @h.user_groups_hbtm_reference
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_user_group_id_reference
|
22
|
+
assert_equal 'user_group_id', @h.user_group_id_reference
|
23
|
+
end
|
24
|
+
|
25
|
+
def user_hbtm_reference
|
26
|
+
assert_equal :users, @h.users_hbtm_reference
|
27
|
+
end
|
28
|
+
|
29
|
+
def user_id_reference
|
30
|
+
assert_equal 'user_id', @h.user_id_reference
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class TestLockdownPermission < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@permission = Lockdown::Permission.new(:my_account)
|
7
|
+
end
|
8
|
+
|
9
|
+
def test_initializer_sets_correct_state
|
10
|
+
assert_equal 'my_account', @permission.name
|
11
|
+
assert_equal [], @permission.resources
|
12
|
+
assert_equal false, @permission.public?
|
13
|
+
assert_equal false, @permission.protected?
|
14
|
+
end
|
15
|
+
|
16
|
+
def test_setting_public
|
17
|
+
@permission.is_public
|
18
|
+
assert_equal true, @permission.public?
|
19
|
+
assert_equal false, @permission.protected?
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_setting_protected
|
23
|
+
@permission.is_protected
|
24
|
+
assert_equal true, @permission.protected?
|
25
|
+
assert_equal false, @permission.public?
|
26
|
+
end
|
27
|
+
|
28
|
+
def test_resource
|
29
|
+
@permission.resource(:users)
|
30
|
+
|
31
|
+
resource = @permission.resources.first
|
32
|
+
assert_equal resource.name, 'users'
|
33
|
+
end
|
34
|
+
|
35
|
+
def test_alias_controller
|
36
|
+
@permission.controller(:users)
|
37
|
+
|
38
|
+
controller = @permission.controllers.first
|
39
|
+
assert_equal controller.name, 'users'
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_resource_with_block
|
43
|
+
@permission.resource(:users) do
|
44
|
+
except :destroy
|
45
|
+
end
|
46
|
+
|
47
|
+
resource = @permission.resources.first
|
48
|
+
assert_equal resource.exceptions, ['destroy']
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_alias_controller_with_block
|
52
|
+
@permission.controller(:users) do
|
53
|
+
except :destroy
|
54
|
+
end
|
55
|
+
|
56
|
+
controller = @permission.controllers.first
|
57
|
+
assert_equal controller.exceptions, ['destroy']
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_regex_pattern
|
61
|
+
@permission.resource(:users)
|
62
|
+
|
63
|
+
assert_equal @permission.regex_pattern, "(\/users(\/.*)?)"
|
64
|
+
end
|
65
|
+
|
66
|
+
def test_regex_pattern_with_multiple_resources
|
67
|
+
@permission.resource(:users)
|
68
|
+
@permission.resource(:posts)
|
69
|
+
|
70
|
+
assert_equal @permission.regex_pattern, "(\/users(\/.*)?)|(\/posts(\/.*)?)"
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
@@ -0,0 +1,47 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class TestLockdownResource < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@resource = Lockdown::Resource.new(:users)
|
7
|
+
end
|
8
|
+
|
9
|
+
def test_initializer_sets_correct_state
|
10
|
+
assert_equal @resource.name, 'users'
|
11
|
+
assert_equal @resource.regex_pattern, "\/users(\/.*)?"
|
12
|
+
end
|
13
|
+
|
14
|
+
def test_except_sets_correct_regex_pattern
|
15
|
+
@resource.except(:destroy)
|
16
|
+
assert_equal @resource.regex_pattern, "\/users(?!\/(destroy))(\/.*)?"
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_except_with_multiple_params_sets_correct_regex_pattern
|
20
|
+
@resource.except(:index, :destroy)
|
21
|
+
assert_equal @resource.regex_pattern, "\/users(?!\/(index|destroy))(\/.*)?"
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_except_with_no_params_preserves_regex_pattern
|
25
|
+
resource = Lockdown::Resource.new(:users)
|
26
|
+
resource.except()
|
27
|
+
assert_equal resource.regex_pattern, "\/users(\/.*)?"
|
28
|
+
end
|
29
|
+
|
30
|
+
def test_only_sets_correct_regex_pattern
|
31
|
+
@resource.only(:index)
|
32
|
+
assert_equal @resource.regex_pattern, "\/users\/(index)(\/)?"
|
33
|
+
end
|
34
|
+
|
35
|
+
def test_only_with_multiple_params_sets_correct_regex_pattern
|
36
|
+
@resource.only(:show, :edit)
|
37
|
+
assert_equal @resource.regex_pattern, "\/users\/(show|edit)(\/)?"
|
38
|
+
end
|
39
|
+
|
40
|
+
def test_only_with_no_params_preserves_regex_pattern
|
41
|
+
resource = Lockdown::Resource.new(:users)
|
42
|
+
resource.only()
|
43
|
+
assert_equal resource.regex_pattern, "\/users(\/.*)?"
|
44
|
+
end
|
45
|
+
|
46
|
+
end
|
47
|
+
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class Authorization
|
4
|
+
extend Lockdown::Access
|
5
|
+
end
|
6
|
+
|
7
|
+
class S
|
8
|
+
include Lockdown::Session
|
9
|
+
|
10
|
+
attr_accessor :session_access_rights
|
11
|
+
end
|
12
|
+
|
13
|
+
class TestLockdownSession < MiniTest::Unit::TestCase
|
14
|
+
|
15
|
+
def setup
|
16
|
+
Lockdown::Configuration.reset
|
17
|
+
@s = S.new
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_access_in_perm
|
21
|
+
Authorization.permission :posts
|
22
|
+
Authorization.permission :users
|
23
|
+
Authorization.public_access :posts
|
24
|
+
|
25
|
+
@s.session_access_rights = Lockdown::Configuration.public_access
|
26
|
+
|
27
|
+
assert_equal true , @s.send(:access_in_perm?, 'posts')
|
28
|
+
assert_equal false , @s.send(:access_in_perm?, 'users')
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class TestLockdownUserGroup < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@user_group = Lockdown::UserGroup.new(:managers)
|
7
|
+
@user_group.permissions << Lockdown::Permission.new(:users)
|
8
|
+
@user_group.permissions << Lockdown::Permission.new(:accounts)
|
9
|
+
end
|
10
|
+
|
11
|
+
def test_initializer_sets_correct_state
|
12
|
+
assert_equal 'managers', @user_group.name
|
13
|
+
assert_equal 'accounts', @user_group.permissions.pop.name
|
14
|
+
assert_equal 'users', @user_group.permissions.pop.name
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
metadata
CHANGED
@@ -1,7 +1,12 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lockdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
4
|
+
prerelease: false
|
5
|
+
segments:
|
6
|
+
- 2
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
version: 2.0.0
|
5
10
|
platform: ruby
|
6
11
|
authors:
|
7
12
|
- Andrew Stone
|
@@ -9,19 +14,10 @@ autorequire:
|
|
9
14
|
bindir: bin
|
10
15
|
cert_chain: []
|
11
16
|
|
12
|
-
date: 2010-
|
17
|
+
date: 2010-09-07 00:00:00 -04:00
|
13
18
|
default_executable:
|
14
|
-
dependencies:
|
15
|
-
|
16
|
-
name: rspec
|
17
|
-
type: :development
|
18
|
-
version_requirement:
|
19
|
-
version_requirements: !ruby/object:Gem::Requirement
|
20
|
-
requirements:
|
21
|
-
- - ">="
|
22
|
-
- !ruby/object:Gem::Version
|
23
|
-
version: "0"
|
24
|
-
version:
|
19
|
+
dependencies: []
|
20
|
+
|
25
21
|
description: Restrict access to your controller actions. Supports basic model level restrictions as well
|
26
22
|
email: andy@stonean.com
|
27
23
|
executables: []
|
@@ -35,8 +31,10 @@ files:
|
|
35
31
|
- README.txt
|
36
32
|
- Rakefile
|
37
33
|
- lib/lockdown.rb
|
38
|
-
- lib/lockdown/
|
34
|
+
- lib/lockdown/access.rb
|
35
|
+
- lib/lockdown/configuration.rb
|
39
36
|
- lib/lockdown/database.rb
|
37
|
+
- lib/lockdown/delivery.rb
|
40
38
|
- lib/lockdown/errors.rb
|
41
39
|
- lib/lockdown/frameworks/rails.rb
|
42
40
|
- lib/lockdown/frameworks/rails/controller.rb
|
@@ -44,57 +42,20 @@ files:
|
|
44
42
|
- lib/lockdown/helper.rb
|
45
43
|
- lib/lockdown/orms/active_record.rb
|
46
44
|
- lib/lockdown/permission.rb
|
47
|
-
- lib/lockdown/
|
48
|
-
- lib/lockdown/rspec_helper.rb
|
49
|
-
- lib/lockdown/rules.rb
|
45
|
+
- lib/lockdown/resource.rb
|
50
46
|
- lib/lockdown/session.rb
|
51
|
-
- lib/lockdown/
|
47
|
+
- lib/lockdown/user_group.rb
|
52
48
|
- lockdown.gemspec
|
53
|
-
-
|
54
|
-
-
|
55
|
-
-
|
56
|
-
-
|
57
|
-
-
|
58
|
-
-
|
59
|
-
-
|
60
|
-
-
|
61
|
-
-
|
62
|
-
-
|
63
|
-
- rails_generators/lockdown/templates/app/models/user.rb
|
64
|
-
- rails_generators/lockdown/templates/app/models/user_group.rb
|
65
|
-
- rails_generators/lockdown/templates/app/views/permissions/index.html.erb
|
66
|
-
- rails_generators/lockdown/templates/app/views/permissions/show.html.erb
|
67
|
-
- rails_generators/lockdown/templates/app/views/sessions/new.html.erb
|
68
|
-
- rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb
|
69
|
-
- rails_generators/lockdown/templates/app/views/user_groups/index.html.erb
|
70
|
-
- rails_generators/lockdown/templates/app/views/user_groups/new.html.erb
|
71
|
-
- rails_generators/lockdown/templates/app/views/user_groups/show.html.erb
|
72
|
-
- rails_generators/lockdown/templates/app/views/users/edit.html.erb
|
73
|
-
- rails_generators/lockdown/templates/app/views/users/index.html.erb
|
74
|
-
- rails_generators/lockdown/templates/app/views/users/new.html.erb
|
75
|
-
- rails_generators/lockdown/templates/app/views/users/show.html.erb
|
76
|
-
- rails_generators/lockdown/templates/config/initializers/lockit.rb
|
77
|
-
- rails_generators/lockdown/templates/db/migrate/create_admin_user.rb
|
78
|
-
- rails_generators/lockdown/templates/db/migrate/create_permissions.rb
|
79
|
-
- rails_generators/lockdown/templates/db/migrate/create_profiles.rb
|
80
|
-
- rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
|
81
|
-
- rails_generators/lockdown/templates/db/migrate/create_users.rb
|
82
|
-
- rails_generators/lockdown/templates/lib/lockdown/README
|
83
|
-
- rails_generators/lockdown/templates/lib/lockdown/init.rb
|
84
|
-
- spec/lockdown/context_spec.rb
|
85
|
-
- spec/lockdown/database_spec.rb
|
86
|
-
- spec/lockdown/frameworks/rails/controller_spec.rb
|
87
|
-
- spec/lockdown/frameworks/rails/view_spec.rb
|
88
|
-
- spec/lockdown/frameworks/rails_spec.rb
|
89
|
-
- spec/lockdown/permission_spec.rb
|
90
|
-
- spec/lockdown/rspec_helper_spec.rb
|
91
|
-
- spec/lockdown/rules_spec.rb
|
92
|
-
- spec/lockdown/session_spec.rb
|
93
|
-
- spec/lockdown/system_spec.rb
|
94
|
-
- spec/lockdown_spec.rb
|
95
|
-
- spec/rcov.opts
|
96
|
-
- spec/spec.opts
|
97
|
-
- spec/spec_helper.rb
|
49
|
+
- test/helper.rb
|
50
|
+
- test/lockdown/test_access.rb
|
51
|
+
- test/lockdown/test_configuration.rb
|
52
|
+
- test/lockdown/test_delivery.rb
|
53
|
+
- test/lockdown/test_helper.rb
|
54
|
+
- test/lockdown/test_permission.rb
|
55
|
+
- test/lockdown/test_resource.rb
|
56
|
+
- test/lockdown/test_session.rb
|
57
|
+
- test/lockdown/test_user_group.rb
|
58
|
+
- test/test_lockdown.rb
|
98
59
|
has_rdoc: true
|
99
60
|
homepage: http://stonean.com/wiki/lockdown
|
100
61
|
licenses: []
|
@@ -105,34 +66,36 @@ rdoc_options:
|
|
105
66
|
require_paths:
|
106
67
|
- lib
|
107
68
|
required_ruby_version: !ruby/object:Gem::Requirement
|
69
|
+
none: false
|
108
70
|
requirements:
|
109
71
|
- - ">="
|
110
72
|
- !ruby/object:Gem::Version
|
73
|
+
segments:
|
74
|
+
- 0
|
111
75
|
version: "0"
|
112
|
-
version:
|
113
76
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
77
|
+
none: false
|
114
78
|
requirements:
|
115
79
|
- - ">="
|
116
80
|
- !ruby/object:Gem::Version
|
81
|
+
segments:
|
82
|
+
- 0
|
117
83
|
version: "0"
|
118
|
-
version:
|
119
84
|
requirements: []
|
120
85
|
|
121
86
|
rubyforge_project: lockdown
|
122
|
-
rubygems_version: 1.3.
|
87
|
+
rubygems_version: 1.3.7
|
123
88
|
signing_key:
|
124
89
|
specification_version: 3
|
125
90
|
summary: Authorization system for Rails 2.x
|
126
91
|
test_files:
|
127
|
-
-
|
128
|
-
-
|
129
|
-
-
|
130
|
-
-
|
131
|
-
-
|
132
|
-
-
|
133
|
-
-
|
134
|
-
-
|
135
|
-
-
|
136
|
-
-
|
137
|
-
- spec/lockdown_spec.rb
|
138
|
-
- spec/spec_helper.rb
|
92
|
+
- test/lockdown/test_user_group.rb
|
93
|
+
- test/lockdown/test_delivery.rb
|
94
|
+
- test/lockdown/test_configuration.rb
|
95
|
+
- test/lockdown/test_access.rb
|
96
|
+
- test/lockdown/test_session.rb
|
97
|
+
- test/lockdown/test_permission.rb
|
98
|
+
- test/lockdown/test_helper.rb
|
99
|
+
- test/lockdown/test_resource.rb
|
100
|
+
- test/helper.rb
|
101
|
+
- test/test_lockdown.rb
|
data/lib/lockdown/context.rb
DELETED
@@ -1,41 +0,0 @@
|
|
1
|
-
module Lockdown
|
2
|
-
class Context
|
3
|
-
attr_accessor :name, :allowed_methods
|
4
|
-
|
5
|
-
def to_s
|
6
|
-
self.class.to_s
|
7
|
-
end
|
8
|
-
|
9
|
-
def allows?(method_name)
|
10
|
-
@allowed_methods.include?(method_name)
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
class RootContext < Context
|
15
|
-
def initialize(name)
|
16
|
-
@name = name
|
17
|
-
@allowed_methods = %w(with_controller and_controller to_model)
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
class ControllerContext < Context
|
22
|
-
def initialize(name)
|
23
|
-
@name = name
|
24
|
-
@allowed_methods = %w(with_controller and_controller to_model only_methods except_methods)
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
class ModelContext < Context
|
29
|
-
def initialize(name)
|
30
|
-
@name = name
|
31
|
-
@allowed_methods = %w(where)
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
class ModelWhereContext < Context
|
36
|
-
def initialize(name)
|
37
|
-
@name = name
|
38
|
-
@allowed_methods = %w(is_in includes equals)
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
data/lib/lockdown/references.rb
DELETED