lockdown 2.0.4 → 2.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/lockdown/configuration.rb +13 -5
- data/lib/lockdown/delivery.rb +4 -8
- data/lib/lockdown.rb +1 -1
- data/lockdown.gemspec +2 -2
- data/test/lockdown/test_configuration.rb +12 -1
- data/test/lockdown/test_delivery.rb +6 -6
- metadata +3 -3
|
@@ -49,6 +49,9 @@ module Lockdown
|
|
|
49
49
|
# Which environments Lockdown should not sync with db
|
|
50
50
|
# Default ['test']
|
|
51
51
|
attr_accessor :skip_db_sync_in
|
|
52
|
+
# Slice size for permission regexes
|
|
53
|
+
# Default 10
|
|
54
|
+
attr_accessor :permission_slice_size
|
|
52
55
|
# Set defaults.
|
|
53
56
|
def reset
|
|
54
57
|
@configured = false
|
|
@@ -70,6 +73,7 @@ module Lockdown
|
|
|
70
73
|
@user_model = "User"
|
|
71
74
|
|
|
72
75
|
@skip_db_sync_in = ['test']
|
|
76
|
+
@permission_slice_size = 10
|
|
73
77
|
end
|
|
74
78
|
|
|
75
79
|
# @return [String] concatentation of public_access + "|" + protected_access
|
|
@@ -182,17 +186,21 @@ module Lockdown
|
|
|
182
186
|
end
|
|
183
187
|
end
|
|
184
188
|
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
+
slice_permission_regexes(authenticated_access, access_rights_for_permissions(*permission_names))
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
def slice_permission_regexes(authenticated_access, permissions)
|
|
193
|
+
result = [authenticated_access]
|
|
194
|
+
permissions.each_slice(permission_slice_size) do |permission_slice|
|
|
195
|
+
result << permission_slice.join('|')
|
|
189
196
|
end
|
|
197
|
+
result
|
|
190
198
|
end
|
|
191
199
|
|
|
192
200
|
# @param [Array(String)] names permission names
|
|
193
201
|
# @return [String] combination of regex_patterns from permissions
|
|
194
202
|
def access_rights_for_permissions(*names)
|
|
195
|
-
names.collect{|name| "(#{permission(name).regex_pattern})"}
|
|
203
|
+
names.collect{|name| "(#{permission(name).regex_pattern})"}
|
|
196
204
|
end
|
|
197
205
|
|
|
198
206
|
def skip_sync?
|
data/lib/lockdown/delivery.rb
CHANGED
|
@@ -10,18 +10,14 @@ module Lockdown
|
|
|
10
10
|
rescue NameError
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
access_rights ||= Lockdown::Configuration.public_access
|
|
14
|
-
|
|
15
|
-
access_rights_regex = Lockdown.regex(access_rights)
|
|
16
|
-
|
|
17
13
|
path += "/" unless path =~ /\/$/
|
|
18
14
|
path = "/" + path unless path =~ /^\//
|
|
19
15
|
|
|
20
|
-
|
|
21
|
-
return true
|
|
22
|
-
end
|
|
16
|
+
access_rights ||= [Lockdown::Configuration.public_access]
|
|
23
17
|
|
|
24
|
-
return
|
|
18
|
+
return access_rights.any? do |access_rights_group|
|
|
19
|
+
(Lockdown.regex(access_rights_group) =~ path) == 0
|
|
20
|
+
end
|
|
25
21
|
end
|
|
26
22
|
end # class block
|
|
27
23
|
end # Delivery
|
data/lib/lockdown.rb
CHANGED
data/lockdown.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{lockdown}
|
|
8
|
-
s.version = "2.0.
|
|
8
|
+
s.version = "2.0.5"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Andrew Stone"]
|
|
12
|
-
s.date = %q{2010-10-
|
|
12
|
+
s.date = %q{2010-10-24}
|
|
13
13
|
s.description = %q{Restrict access to your controller actions. }
|
|
14
14
|
s.email = %q{andy@stonean.com}
|
|
15
15
|
s.extra_rdoc_files = [
|
|
@@ -184,10 +184,21 @@ class TestLockdownConfiguration < MiniTest::Unit::TestCase
|
|
|
184
184
|
Authorization.permission('faq')
|
|
185
185
|
Authorization.permission('about')
|
|
186
186
|
|
|
187
|
-
assert_equal "((/home(/.*)?))
|
|
187
|
+
assert_equal ["((/home(/.*)?))","((/faq(/.*)?))","((/about(/.*)?))"],
|
|
188
188
|
@config.access_rights_for_permissions('home', 'faq', 'about')
|
|
189
189
|
end
|
|
190
190
|
|
|
191
|
+
def test_permission_regex_slicing
|
|
192
|
+
@config.permission_slice_size = 2
|
|
193
|
+
|
|
194
|
+
Authorization.permission('home')
|
|
195
|
+
Authorization.permission('faq')
|
|
196
|
+
Authorization.permission('about')
|
|
197
|
+
|
|
198
|
+
assert_equal ["x","((/home(/.*)?))|((/faq(/.*)?))","((/about(/.*)?))"],
|
|
199
|
+
@config.slice_permission_regexes('x', @config.access_rights_for_permissions('home', 'faq', 'about'))
|
|
200
|
+
end
|
|
201
|
+
|
|
191
202
|
def test_skip_sync?
|
|
192
203
|
assert_equal true, @config.skip_sync?
|
|
193
204
|
end
|
|
@@ -185,8 +185,8 @@ class TestLockdown < MiniTest::Unit::TestCase
|
|
|
185
185
|
|
|
186
186
|
assert_equal false, Lockdown::Delivery.allowed?('/users/')
|
|
187
187
|
|
|
188
|
-
assert_equal false, Lockdown::Delivery.allowed?('/users/', Lockdown::Configuration.authenticated_access)
|
|
189
|
-
assert_equal false, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
|
|
188
|
+
assert_equal false, Lockdown::Delivery.allowed?('/users/', [Lockdown::Configuration.authenticated_access])
|
|
189
|
+
assert_equal false, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
|
|
190
190
|
end
|
|
191
191
|
|
|
192
192
|
def test_it_handles_namespaced_routes_correctly
|
|
@@ -203,8 +203,8 @@ class TestLockdown < MiniTest::Unit::TestCase
|
|
|
203
203
|
|
|
204
204
|
assert_equal false, Lockdown::Delivery.allowed?('/nested/users')
|
|
205
205
|
|
|
206
|
-
assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
|
|
207
|
-
assert_equal true, Lockdown::Delivery.allowed?('/nested/users', Lockdown::Configuration.authenticated_access)
|
|
206
|
+
assert_equal true, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
|
|
207
|
+
assert_equal true, Lockdown::Delivery.allowed?('/nested/users', [Lockdown::Configuration.authenticated_access])
|
|
208
208
|
end
|
|
209
209
|
|
|
210
210
|
def test_it_matches_exact_paths_only
|
|
@@ -218,7 +218,7 @@ class TestLockdown < MiniTest::Unit::TestCase
|
|
|
218
218
|
|
|
219
219
|
assert_equal false, Lockdown::Delivery.allowed?('/users_that_should_be_protected')
|
|
220
220
|
|
|
221
|
-
assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
|
|
222
|
-
assert_equal true, Lockdown::Delivery.allowed?('/users_that_should_be_protected', Lockdown::Configuration.authenticated_access)
|
|
221
|
+
assert_equal true, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
|
|
222
|
+
assert_equal true, Lockdown::Delivery.allowed?('/users_that_should_be_protected', [Lockdown::Configuration.authenticated_access])
|
|
223
223
|
end
|
|
224
224
|
end
|
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 2
|
|
7
7
|
- 0
|
|
8
|
-
-
|
|
9
|
-
version: 2.0.
|
|
8
|
+
- 5
|
|
9
|
+
version: 2.0.5
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Andrew Stone
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2010-10-
|
|
17
|
+
date: 2010-10-24 00:00:00 -04:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies: []
|
|
20
20
|
|