lockdown 1.6.5 → 2.0.0

data/test/lockdown/test_delivery.rb

@@ -0,0 +1,163 @@
+require 'helper'
+
+class Authorization
+  extend Lockdown::Access
+end
+
+class TestLockdown < MiniTest::Unit::TestCase
+
+  def setup
+    Lockdown::Configuration.reset
+  end
+
+  def test_it_allows_uri_without_beginning_slash
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('posts')
+  end
+
+  def test_it_allows_uri_without_ending_slash
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts')
+  end
+
+  def test_it_allows_uri_with_ending_slash
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/')
+  end
+
+  def test_it_allows_uri_with_action
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/new')
+  end
+
+  def test_it_allows_uri_access_to_only_show
+    Authorization.permission :posts do
+      resource :posts do
+        only :show
+      end
+    end
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/postsshow')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/edit')
+  end
+
+  def test_it_allows_uri_access_to_all_except_show
+    Authorization.permission :posts do
+      resource :posts do
+        except :show
+      end
+    end
+    Authorization.public_access :posts
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/postsshow')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/edit/')
+  end
+
+  def test_it_allows_uri_access_to_create_as_post
+    Authorization.permission :posts do
+      resource :posts do
+        only :new, :create
+      end
+    end
+    Authorization.public_access :posts
+
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/new')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/new/')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/create')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/create/')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/show/')
+  end
+
+  def test_it_allows_uri_access_to_update_as_put
+    Authorization.permission :posts do
+      resource :posts do
+        only :show, :edit, :update
+      end
+    end
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/update')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/update/')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/edit/')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/show/')
+
+  end
+
+  def test_it_denies_uri_access_to_destroy
+    Authorization.permission :posts do
+      resource :posts do
+        except :destroy
+      end
+    end
+    Authorization.public_access :posts
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/update')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/edit')
+
+    assert_equal true, Lockdown::Delivery.allowed?('/posts/show')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/posts/destroy')
+  end
+
+  def test_it_denies_uri_access_to_new_create_and_destroy
+    Authorization.permission :users do
+      resource :users do
+        except :new, :create, :destroy
+      end
+    end
+    Authorization.public_access :users
+
+    assert_equal true, Lockdown::Delivery.allowed?('/users/show')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/users/new')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/users/create')
+
+    assert_equal false, Lockdown::Delivery.allowed?('/users/destroy')
+  end
+end
+

data/test/lockdown/test_helper.rb

@@ -0,0 +1,33 @@
+require 'helper'
+
+class H 
+  include Lockdown::Helper
+end
+
+class TestLockdownHelper < MiniTest::Unit::TestCase
+
+  def setup
+    @h = H.new
+  end
+
+  def test_administrator_group_name
+    assert_equal 'Administrators', @h.administrator_group_name
+  end
+
+  def test_user_groups_hbtm_reference
+    assert_equal :user_groups, @h.user_groups_hbtm_reference
+  end
+
+  def test_user_group_id_reference
+    assert_equal 'user_group_id', @h.user_group_id_reference
+  end
+
+  def user_hbtm_reference
+    assert_equal :users, @h.users_hbtm_reference
+  end
+
+  def user_id_reference
+    assert_equal 'user_id', @h.user_id_reference
+  end
+end
+

data/test/lockdown/test_permission.rb

@@ -0,0 +1,73 @@
+require 'helper'
+
+class TestLockdownPermission < MiniTest::Unit::TestCase
+
+  def setup
+    @permission = Lockdown::Permission.new(:my_account)
+  end
+
+  def test_initializer_sets_correct_state
+    assert_equal 'my_account', @permission.name
+    assert_equal [], @permission.resources
+    assert_equal false, @permission.public?
+    assert_equal false, @permission.protected?
+  end
+
+  def test_setting_public
+    @permission.is_public
+    assert_equal true, @permission.public?
+    assert_equal false, @permission.protected?
+  end
+
+  def test_setting_protected
+    @permission.is_protected
+    assert_equal true, @permission.protected?
+    assert_equal false, @permission.public?
+  end
+
+  def test_resource
+    @permission.resource(:users)
+
+    resource = @permission.resources.first
+    assert_equal resource.name, 'users'
+  end
+
+  def test_alias_controller
+    @permission.controller(:users)
+
+    controller = @permission.controllers.first
+    assert_equal controller.name, 'users'
+  end
+
+  def test_resource_with_block
+    @permission.resource(:users) do
+      except :destroy
+    end
+
+    resource = @permission.resources.first
+    assert_equal resource.exceptions, ['destroy']
+  end
+
+  def test_alias_controller_with_block
+    @permission.controller(:users) do
+      except :destroy
+    end
+
+    controller = @permission.controllers.first
+    assert_equal controller.exceptions, ['destroy']
+  end
+
+  def test_regex_pattern
+    @permission.resource(:users)
+
+    assert_equal @permission.regex_pattern, "(\/users(\/.*)?)"
+  end
+
+  def test_regex_pattern_with_multiple_resources
+    @permission.resource(:users)
+    @permission.resource(:posts)
+
+    assert_equal @permission.regex_pattern, "(\/users(\/.*)?)|(\/posts(\/.*)?)"
+  end
+end
+

data/test/lockdown/test_resource.rb

@@ -0,0 +1,47 @@
+require 'helper'
+
+class TestLockdownResource < MiniTest::Unit::TestCase
+
+  def setup
+    @resource = Lockdown::Resource.new(:users)
+  end
+
+  def test_initializer_sets_correct_state
+    assert_equal @resource.name, 'users'
+    assert_equal @resource.regex_pattern, "\/users(\/.*)?"
+  end
+
+  def test_except_sets_correct_regex_pattern
+    @resource.except(:destroy)
+    assert_equal @resource.regex_pattern, "\/users(?!\/(destroy))(\/.*)?"
+  end
+
+  def test_except_with_multiple_params_sets_correct_regex_pattern
+    @resource.except(:index, :destroy)
+    assert_equal @resource.regex_pattern, "\/users(?!\/(index|destroy))(\/.*)?"
+  end
+
+  def test_except_with_no_params_preserves_regex_pattern
+    resource = Lockdown::Resource.new(:users)
+    resource.except()
+    assert_equal resource.regex_pattern, "\/users(\/.*)?"
+  end
+
+  def test_only_sets_correct_regex_pattern
+    @resource.only(:index)
+    assert_equal @resource.regex_pattern, "\/users\/(index)(\/)?"
+  end
+
+  def test_only_with_multiple_params_sets_correct_regex_pattern
+    @resource.only(:show, :edit)
+    assert_equal @resource.regex_pattern, "\/users\/(show|edit)(\/)?"
+  end
+
+  def test_only_with_no_params_preserves_regex_pattern
+    resource = Lockdown::Resource.new(:users)
+    resource.only()
+    assert_equal resource.regex_pattern, "\/users(\/.*)?"
+  end
+
+end
+

data/test/lockdown/test_session.rb

@@ -0,0 +1,31 @@
+require 'helper'
+
+class Authorization
+  extend Lockdown::Access
+end
+
+class S
+  include Lockdown::Session
+
+  attr_accessor :session_access_rights
+end
+
+class TestLockdownSession < MiniTest::Unit::TestCase
+
+  def setup
+    Lockdown::Configuration.reset
+    @s = S.new
+  end
+
+  def test_access_in_perm
+    Authorization.permission :posts
+    Authorization.permission :users
+    Authorization.public_access :posts
+
+    @s.session_access_rights = Lockdown::Configuration.public_access
+
+    assert_equal true , @s.send(:access_in_perm?, 'posts')
+    assert_equal false , @s.send(:access_in_perm?, 'users')
+  end
+end
+

data/test/lockdown/test_user_group.rb

@@ -0,0 +1,17 @@
+require 'helper'
+
+class TestLockdownUserGroup < MiniTest::Unit::TestCase
+
+  def setup
+    @user_group = Lockdown::UserGroup.new(:managers)
+    @user_group.permissions << Lockdown::Permission.new(:users)
+    @user_group.permissions << Lockdown::Permission.new(:accounts)
+  end
+
+  def test_initializer_sets_correct_state
+    assert_equal 'managers', @user_group.name
+    assert_equal 'accounts', @user_group.permissions.pop.name
+    assert_equal 'users', @user_group.permissions.pop.name
+  end
+end
+

data/test/test_lockdown.rb

@@ -0,0 +1,11 @@
+# encoding: utf-8
+
+require 'helper'
+
+class TestLockdown < MiniTest::Unit::TestCase
+
+  def test_version
+    assert_equal '2.0.0', Lockdown.version
+  end
+
+end

metadata

@@ -1,7 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: lockdown
 version: !ruby/object:Gem::Version 
-  version: 1.6.5
+  prerelease: false
+  segments: 
+  - 2
+  - 0
+  - 0
+  version: 2.0.0
 platform: ruby
 authors: 
 - Andrew Stone
@@ -9,19 +14,10 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-03-01 00:00:00 -05:00
+date: 2010-09-07 00:00:00 -04:00
 default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
-  name: rspec
-  type: :development
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: "0"
-    version: 
+dependencies: []
+
 description: Restrict access to your controller actions.  Supports basic model level restrictions as well
 email: andy@stonean.com
 executables: []
@@ -35,8 +31,10 @@ files:
 - README.txt
 - Rakefile
 - lib/lockdown.rb
-- lib/lockdown/context.rb
+- lib/lockdown/access.rb
+- lib/lockdown/configuration.rb
 - lib/lockdown/database.rb
+- lib/lockdown/delivery.rb
 - lib/lockdown/errors.rb
 - lib/lockdown/frameworks/rails.rb
 - lib/lockdown/frameworks/rails/controller.rb
@@ -44,57 +42,20 @@ files:
 - lib/lockdown/helper.rb
 - lib/lockdown/orms/active_record.rb
 - lib/lockdown/permission.rb
-- lib/lockdown/references.rb
-- lib/lockdown/rspec_helper.rb
-- lib/lockdown/rules.rb
+- lib/lockdown/resource.rb
 - lib/lockdown/session.rb
-- lib/lockdown/system.rb
+- lib/lockdown/user_group.rb
 - lockdown.gemspec
-- rails_generators/lockdown/lockdown_generator.rb
-- rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
-- rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
-- rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
-- rails_generators/lockdown/templates/app/controllers/users_controller.rb
-- rails_generators/lockdown/templates/app/helpers/permissions_helper.rb
-- rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb
-- rails_generators/lockdown/templates/app/helpers/users_helper.rb
-- rails_generators/lockdown/templates/app/models/permission.rb
-- rails_generators/lockdown/templates/app/models/profile.rb
-- rails_generators/lockdown/templates/app/models/user.rb
-- rails_generators/lockdown/templates/app/models/user_group.rb
-- rails_generators/lockdown/templates/app/views/permissions/index.html.erb
-- rails_generators/lockdown/templates/app/views/permissions/show.html.erb
-- rails_generators/lockdown/templates/app/views/sessions/new.html.erb
-- rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb
-- rails_generators/lockdown/templates/app/views/user_groups/index.html.erb
-- rails_generators/lockdown/templates/app/views/user_groups/new.html.erb
-- rails_generators/lockdown/templates/app/views/user_groups/show.html.erb
-- rails_generators/lockdown/templates/app/views/users/edit.html.erb
-- rails_generators/lockdown/templates/app/views/users/index.html.erb
-- rails_generators/lockdown/templates/app/views/users/new.html.erb
-- rails_generators/lockdown/templates/app/views/users/show.html.erb
-- rails_generators/lockdown/templates/config/initializers/lockit.rb
-- rails_generators/lockdown/templates/db/migrate/create_admin_user.rb
-- rails_generators/lockdown/templates/db/migrate/create_permissions.rb
-- rails_generators/lockdown/templates/db/migrate/create_profiles.rb
-- rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
-- rails_generators/lockdown/templates/db/migrate/create_users.rb
-- rails_generators/lockdown/templates/lib/lockdown/README
-- rails_generators/lockdown/templates/lib/lockdown/init.rb
-- spec/lockdown/context_spec.rb
-- spec/lockdown/database_spec.rb
-- spec/lockdown/frameworks/rails/controller_spec.rb
-- spec/lockdown/frameworks/rails/view_spec.rb
-- spec/lockdown/frameworks/rails_spec.rb
-- spec/lockdown/permission_spec.rb
-- spec/lockdown/rspec_helper_spec.rb
-- spec/lockdown/rules_spec.rb
-- spec/lockdown/session_spec.rb
-- spec/lockdown/system_spec.rb
-- spec/lockdown_spec.rb
-- spec/rcov.opts
-- spec/spec.opts
-- spec/spec_helper.rb
+- test/helper.rb
+- test/lockdown/test_access.rb
+- test/lockdown/test_configuration.rb
+- test/lockdown/test_delivery.rb
+- test/lockdown/test_helper.rb
+- test/lockdown/test_permission.rb
+- test/lockdown/test_resource.rb
+- test/lockdown/test_session.rb
+- test/lockdown/test_user_group.rb
+- test/test_lockdown.rb
 has_rdoc: true
 homepage: http://stonean.com/wiki/lockdown
 licenses: []
@@ -105,34 +66,36 @@ rdoc_options:
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 requirements: []
 
 rubyforge_project: lockdown
-rubygems_version: 1.3.5
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Authorization system for Rails 2.x
 test_files: 
-- spec/lockdown/rules_spec.rb
-- spec/lockdown/context_spec.rb
-- spec/lockdown/system_spec.rb
-- spec/lockdown/session_spec.rb
-- spec/lockdown/frameworks/rails_spec.rb
-- spec/lockdown/frameworks/rails/controller_spec.rb
-- spec/lockdown/frameworks/rails/view_spec.rb
-- spec/lockdown/permission_spec.rb
-- spec/lockdown/database_spec.rb
-- spec/lockdown/rspec_helper_spec.rb
-- spec/lockdown_spec.rb
-- spec/spec_helper.rb
+- test/lockdown/test_user_group.rb
+- test/lockdown/test_delivery.rb
+- test/lockdown/test_configuration.rb
+- test/lockdown/test_access.rb
+- test/lockdown/test_session.rb
+- test/lockdown/test_permission.rb
+- test/lockdown/test_helper.rb
+- test/lockdown/test_resource.rb
+- test/helper.rb
+- test/test_lockdown.rb

data/lib/lockdown/context.rb

@@ -1,41 +0,0 @@
-module Lockdown
-  class Context
-    attr_accessor :name, :allowed_methods
-
-    def to_s
-      self.class.to_s
-    end
-
-    def allows?(method_name)
-      @allowed_methods.include?(method_name)
-    end
-  end
-
-  class RootContext < Context
-    def initialize(name)
-      @name = name
-      @allowed_methods = %w(with_controller and_controller to_model)
-    end
-  end
-
-  class ControllerContext < Context
-    def initialize(name)
-      @name = name
-      @allowed_methods = %w(with_controller and_controller to_model only_methods except_methods)
-    end
-  end
-
-  class ModelContext < Context
-    def initialize(name)
-      @name = name
-      @allowed_methods = %w(where)
-    end
-  end
-
-  class ModelWhereContext < Context
-    def initialize(name)
-      @name = name
-      @allowed_methods = %w(is_in includes equals)
-    end
-  end
-end

data/lib/lockdown/references.rb

@@ -1,19 +0,0 @@
-module Lockdown
-  module References
-    def helper
-      Lockdown::Helper
-    end
-
-    def rules
-      Lockdown::Rules
-    end
-
-    def session
-      Lockdown::Session
-    end
-
-    def system
-      Lockdown::System
-    end
-  end
-end