lockdown 2.0.5 → 2.0.6

data/lib/lockdown.rb

@@ -24,7 +24,7 @@ module Lockdown
 
     # @return the version string for the library.
     def version
-      '2.0.5'
+      '2.0.6'
     end
 
     def rails_mixin

data/lib/lockdown/access.rb

@@ -101,7 +101,7 @@ module Lockdown
     def regexes(permissions)
       permissions.collect!{|p| p.to_s}
       perms = Lockdown::Configuration.permissions.select{|p| permissions.include?(p.name)}
-      perms.collect{|p| p.regex_pattern}.join("|")
+      perms.collect{|p| p.regex_pattern}.join(Lockdown::DELIMITER)
     end
 
   end # Access

data/lib/lockdown/configuration.rb

@@ -49,9 +49,6 @@ module Lockdown
       # Which environments Lockdown should not sync with db
       # Default ['test']
       attr_accessor :skip_db_sync_in
-      # Slice size for permission regexes
-      # Default 10
-      attr_accessor :permission_slice_size
       # Set defaults.
       def reset
         @configured                   = false
@@ -73,12 +70,11 @@ module Lockdown
         @user_model                   = "User"
 
         @skip_db_sync_in              = ['test']
-        @permission_slice_size        = 10
       end
 
       # @return [String] concatentation of public_access + "|" + protected_access
       def authenticated_access
-        public_access + "|" + protected_access
+        public_access + Lockdown::DELIMITER + protected_access
       end
 
       # @param [String,Symbol] name permission name
@@ -186,21 +182,17 @@ module Lockdown
           end
         end
 
-        slice_permission_regexes(authenticated_access, access_rights_for_permissions(*permission_names))
-      end
-
-      def slice_permission_regexes(authenticated_access, permissions)
-        result = [authenticated_access]
-        permissions.each_slice(permission_slice_size) do |permission_slice|
-          result << permission_slice.join('|')
+        if permission_names.empty?
+          authenticated_access
+        else
+          authenticated_access + Lockdown::DELIMITER + access_rights_for_permissions(*permission_names)
         end
-        result
       end
 
       # @param [Array(String)] names permission names
       # @return [String] combination of regex_patterns from permissions
       def access_rights_for_permissions(*names)
-        names.collect{|name| "(#{permission(name).regex_pattern})"}
+        names.collect{|name| "(#{permission(name).regex_pattern})"}.join(Lockdown::DELIMITER)
       end
 
       def skip_sync?

data/lib/lockdown/delivery.rb

@@ -10,14 +10,18 @@ module Lockdown
         rescue NameError
         end
 
+        access_rights ||= Lockdown::Configuration.public_access
+
         path += "/" unless path =~ /\/$/
         path = "/" + path unless path =~ /^\//
 
-        access_rights ||= [Lockdown::Configuration.public_access]
-
-        return access_rights.any? do |access_rights_group|
-          (Lockdown.regex(access_rights_group) =~ path) == 0
+        access_rights.split(Lockdown::DELIMITER).each do |ar|
+          if (Lockdown.regex(ar) =~ path) == 0
+            return true
+          end
         end
+
+        return false
       end
     end # class block
   end # Delivery

data/lib/lockdown/helper.rb

@@ -3,6 +3,8 @@
 require 'active_support/core_ext'
 
 module Lockdown
+  DELIMITER = '^+^'
+
   module Helper
     # @return [Regexp] with \A \z boundaries
     def regex(string)

data/lockdown.gemspec

@@ -1,66 +1,64 @@
 # Generated by jeweler
 # DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{lockdown}
-  s.version = "2.0.5"
+  s.version = "2.0.6"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Andrew Stone"]
-  s.date = %q{2010-10-24}
+  s.date = %q{2010-11-20}
   s.description = %q{Restrict access to your controller actions. }
   s.email = %q{andy@stonean.com}
   s.extra_rdoc_files = [
     "README.md"
   ]
   s.files = [
-    ".gitignore",
-     "README.md",
-     "Rakefile",
-     "lib/lockdown.rb",
-     "lib/lockdown/access.rb",
-     "lib/lockdown/configuration.rb",
-     "lib/lockdown/database.rb",
-     "lib/lockdown/delivery.rb",
-     "lib/lockdown/errors.rb",
-     "lib/lockdown/frameworks/rails.rb",
-     "lib/lockdown/frameworks/rails/controller.rb",
-     "lib/lockdown/frameworks/rails/view.rb",
-     "lib/lockdown/helper.rb",
-     "lib/lockdown/orms/active_record.rb",
-     "lib/lockdown/permission.rb",
-     "lib/lockdown/resource.rb",
-     "lib/lockdown/session.rb",
-     "lib/lockdown/user_group.rb",
-     "lockdown.gemspec",
-     "test/helper.rb",
-     "test/lockdown/test_access.rb",
-     "test/lockdown/test_configuration.rb",
-     "test/lockdown/test_delivery.rb",
-     "test/lockdown/test_helper.rb",
-     "test/lockdown/test_permission.rb",
-     "test/lockdown/test_resource.rb",
-     "test/lockdown/test_session.rb",
-     "test/lockdown/test_user_group.rb"
+    "README.md",
+    "Rakefile",
+    "lib/lockdown.rb",
+    "lib/lockdown/access.rb",
+    "lib/lockdown/configuration.rb",
+    "lib/lockdown/database.rb",
+    "lib/lockdown/delivery.rb",
+    "lib/lockdown/errors.rb",
+    "lib/lockdown/frameworks/rails.rb",
+    "lib/lockdown/frameworks/rails/controller.rb",
+    "lib/lockdown/frameworks/rails/view.rb",
+    "lib/lockdown/helper.rb",
+    "lib/lockdown/orms/active_record.rb",
+    "lib/lockdown/permission.rb",
+    "lib/lockdown/resource.rb",
+    "lib/lockdown/session.rb",
+    "lib/lockdown/user_group.rb",
+    "lockdown.gemspec",
+    "test/helper.rb",
+    "test/lockdown/test_access.rb",
+    "test/lockdown/test_configuration.rb",
+    "test/lockdown/test_delivery.rb",
+    "test/lockdown/test_helper.rb",
+    "test/lockdown/test_permission.rb",
+    "test/lockdown/test_resource.rb",
+    "test/lockdown/test_session.rb",
+    "test/lockdown/test_user_group.rb"
   ]
   s.homepage = %q{http://stonean.com/wiki/lockdown}
-  s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
   s.rubyforge_project = %q{lockdown}
   s.rubygems_version = %q{1.3.7}
   s.summary = %q{Authorization system for Rails}
   s.test_files = [
-    "test/lockdown/test_user_group.rb",
-     "test/lockdown/test_delivery.rb",
-     "test/lockdown/test_configuration.rb",
-     "test/lockdown/test_access.rb",
-     "test/lockdown/test_session.rb",
-     "test/lockdown/test_permission.rb",
-     "test/lockdown/test_helper.rb",
-     "test/lockdown/test_resource.rb",
-     "test/helper.rb"
+    "test/helper.rb",
+    "test/lockdown/test_access.rb",
+    "test/lockdown/test_configuration.rb",
+    "test/lockdown/test_delivery.rb",
+    "test/lockdown/test_helper.rb",
+    "test/lockdown/test_permission.rb",
+    "test/lockdown/test_resource.rb",
+    "test/lockdown/test_session.rb",
+    "test/lockdown/test_user_group.rb"
   ]
 
   if s.respond_to? :specification_version then

data/test/lockdown/test_access.rb

@@ -43,7 +43,7 @@ class TestLockdownAccess < MiniTest::Unit::TestCase
     public_access :site, :registration, :view_posts
 
     assert_equal Lockdown::Configuration.public_access, 
-      "(\/site(\/.*)?)|(\/registration(\/.*)?)|(\/view_posts(\/.*)?)"
+      "(\/site(\/.*)?)#{Lockdown::DELIMITER}(\/registration(\/.*)?)#{Lockdown::DELIMITER}(\/view_posts(\/.*)?)"
   end
 
   def test_protected_access
@@ -59,7 +59,7 @@ class TestLockdownAccess < MiniTest::Unit::TestCase
     protected_access :my_account, :edit_posts
 
     assert_equal Lockdown::Configuration.protected_access, 
-      "(\/my_account(\/.*)?)|(\/edit_posts(\/.*)?)"
+      "(\/my_account(\/.*)?)#{Lockdown::DELIMITER}(\/edit_posts(\/.*)?)"
   end
 
   def test_user_group

data/test/lockdown/test_configuration.rb

@@ -44,7 +44,7 @@ class TestLockdownConfiguration < MiniTest::Unit::TestCase
     Authorization.public_access('home', 'faq')
     Authorization.protected_access('users')
 
-    assert_equal "(/home(/.*)?)|(/faq(/.*)?)|(/users(/.*)?)", @config.authenticated_access
+    assert_equal "(/home(/.*)?)#{Lockdown::DELIMITER}(/faq(/.*)?)#{Lockdown::DELIMITER}(/users(/.*)?)", @config.authenticated_access
   end
 
   def test_permission
@@ -184,21 +184,10 @@ class TestLockdownConfiguration < MiniTest::Unit::TestCase
     Authorization.permission('faq')
     Authorization.permission('about')
 
-    assert_equal ["((/home(/.*)?))","((/faq(/.*)?))","((/about(/.*)?))"],
+    assert_equal "((/home(/.*)?))#{Lockdown::DELIMITER}((/faq(/.*)?))#{Lockdown::DELIMITER}((/about(/.*)?))", 
       @config.access_rights_for_permissions('home', 'faq', 'about')
   end
 
-  def test_permission_regex_slicing
-    @config.permission_slice_size = 2
-
-    Authorization.permission('home')
-    Authorization.permission('faq')
-    Authorization.permission('about')
-
-    assert_equal ["x","((/home(/.*)?))|((/faq(/.*)?))","((/about(/.*)?))"],
-      @config.slice_permission_regexes('x', @config.access_rights_for_permissions('home', 'faq', 'about'))
-  end
-
   def test_skip_sync?
     assert_equal true, @config.skip_sync?
   end

data/test/lockdown/test_delivery.rb

@@ -185,8 +185,8 @@ class TestLockdown < MiniTest::Unit::TestCase
 
     assert_equal false, Lockdown::Delivery.allowed?('/users/')
 
-    assert_equal false, Lockdown::Delivery.allowed?('/users/', [Lockdown::Configuration.authenticated_access])
-    assert_equal false, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
+    assert_equal false, Lockdown::Delivery.allowed?('/users/', Lockdown::Configuration.authenticated_access)
+    assert_equal false, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
   end
 
   def test_it_handles_namespaced_routes_correctly
@@ -203,8 +203,8 @@ class TestLockdown < MiniTest::Unit::TestCase
 
     assert_equal false, Lockdown::Delivery.allowed?('/nested/users')
 
-    assert_equal true, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
-    assert_equal true, Lockdown::Delivery.allowed?('/nested/users', [Lockdown::Configuration.authenticated_access])
+    assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
+    assert_equal true, Lockdown::Delivery.allowed?('/nested/users', Lockdown::Configuration.authenticated_access)
   end
 
   def test_it_matches_exact_paths_only
@@ -218,7 +218,25 @@ class TestLockdown < MiniTest::Unit::TestCase
 
     assert_equal false, Lockdown::Delivery.allowed?('/users_that_should_be_protected')
 
-    assert_equal true, Lockdown::Delivery.allowed?('/users', [Lockdown::Configuration.authenticated_access])
-    assert_equal true, Lockdown::Delivery.allowed?('/users_that_should_be_protected', [Lockdown::Configuration.authenticated_access])
+    assert_equal true, Lockdown::Delivery.allowed?('/users', Lockdown::Configuration.authenticated_access)
+    assert_equal true, Lockdown::Delivery.allowed?('/users_that_should_be_protected', Lockdown::Configuration.authenticated_access)
+  end
+
+  # Ruby 1.8.7 will throw a 'RegexpError: regular expression too big error' on 
+  # large regex strings.  This is test it to make sure we don't hit that.
+  def test_a_large_set_of_regexs
+    count = 27
+
+    ('a'..'z').to_a.each do |letter|
+      (1..count).to_a.each do |multiplier|
+        Authorization.permission letter * multiplier
+      end
+    end
+
+    Authorization.public_access *Lockdown::Configuration.permissions.collect{|p| p.name}
+
+    (1..count).to_a.each do |multiplier|
+      assert_equal true, Lockdown::Delivery.allowed?('/' + 'a'*multiplier)
+    end
   end
 end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 2
   - 0
-  - 5
-  version: 2.0.5
+  - 6
+  version: 2.0.6
 platform: ruby
 authors: 
 - Andrew Stone
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-24 00:00:00 -04:00
+date: 2010-11-20 00:00:00 -05:00
 default_executable: 
 dependencies: []
 
@@ -27,7 +27,6 @@ extensions: []
 extra_rdoc_files: 
 - README.md
 files: 
-- .gitignore
 - README.md
 - Rakefile
 - lib/lockdown.rb
@@ -60,8 +59,8 @@ homepage: http://stonean.com/wiki/lockdown
 licenses: []
 
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
+rdoc_options: []
+
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
@@ -88,12 +87,12 @@ signing_key:
 specification_version: 3
 summary: Authorization system for Rails
 test_files: 
-- test/lockdown/test_user_group.rb
-- test/lockdown/test_delivery.rb
-- test/lockdown/test_configuration.rb
+- test/helper.rb
 - test/lockdown/test_access.rb
-- test/lockdown/test_session.rb
-- test/lockdown/test_permission.rb
+- test/lockdown/test_configuration.rb
+- test/lockdown/test_delivery.rb
 - test/lockdown/test_helper.rb
+- test/lockdown/test_permission.rb
 - test/lockdown/test_resource.rb
-- test/helper.rb
+- test/lockdown/test_session.rb
+- test/lockdown/test_user_group.rb

data/.gitignore

@@ -1,7 +0,0 @@
-*.DS_Store
-*.swp
-.yardoc/**
-pkg/**
-doc/**
-email.txt
-coverage/**