monty 0.1.0

data/.gitignore

@@ -0,0 +1,5 @@
+*.swp
+.yardoc
+coverage
+doc
+pkg

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Andrew Stone
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,17 @@
+= monty
+
+Description goes here.
+
+== Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2010 Andrew Stone. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,55 @@
+require 'rubygems'
+require 'rake'
+
+require 'lib/monty.rb'
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "monty"
+    gem.version = Monty.version
+    gem.summary = %Q{Rack based authorization system}
+    gem.description = %Q{Rack based authoriztion system.}
+    gem.email = "andy@stonean.com"
+    gem.homepage = "http://github.com/stonean/monty"
+    gem.authors = ["stonean"]
+    gem.add_development_dependency "mocha", ">= 0.9.8"
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+begin
+  require 'yard'
+  YARD::Rake::YardocTask.new do |t|
+    t.files   = FileList['lib/**/*.rb']
+    t.options = ['-r'] # optional
+  end
+rescue LoadError
+  task :yard do
+    abort "YARD is not available. In order to run yard, you must: sudo gem install yard"
+  end
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |test|
+    test.libs << 'test'
+    test.pattern = 'test/**/test_*.rb'
+    test.verbose = true
+    test.rcov_opts = IO.readlines("test/rcov.opts").map {|l| l.chomp.split " "}.flatten
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install rcov"
+  end
+end
+
+task :default => :test

data/lib/monty.rb

@@ -0,0 +1,19 @@
+# encoding: utf-8
+
+$:.unshift(File.dirname(__FILE__))
+
+module Monty
+  def self.version
+    '0.1.0'
+  end
+
+  def self.authenticated_access
+    Monty::Configuration.public_access + "|" + Monty::Configuration.protected_access
+  end
+end
+
+require 'monty/configuration'
+require 'monty/watch'
+require 'monty/controller'
+require 'monty/permission'
+require 'monty/access'

data/lib/monty/access.rb

@@ -0,0 +1,82 @@
+# encoding: utf-8
+
+module Monty
+  module Access
+    # Define permision that defines how your application is accessed. 
+    #     # All methods on the site controller will be open to users who have
+    #     # this permission.
+    #     permission :public_pages do
+    #       controller :site
+    #     end
+    #
+    #     # Can use multiple controller statements
+    #     permission :public_pages do
+    #       controller :site
+    #       controller :posts
+    #     end
+    #
+    #     # Only methods show, edit and update on the users controller will 
+    #     # be open to users who have this permission.
+    #     permission :my_account_pages do
+    #       controller :users  do
+    #         only :show, :edit, :update
+    #       end
+    #     end
+    #
+    #     # All methods except destroy on the users controller will be 
+    #     # open to users who have this permission.
+    #     permission :manage_users do
+    #       controller :users  do
+    #         except :destroy
+    #       end
+    #     end
+    #
+    # @param [String,Symbol] name permission reference. 
+    # @yield [Monty::Permission.new(name)] new permission object
+    def permission(name, &block)
+      permission =  Monty::Permission.new(name)   
+      if block_given?
+        permission.instance_eval(&block) 
+      else
+        permission.controller(permission.name)
+      end
+
+      unless Monty::Configuration.has_permission?(permission)
+        Monty::Configuration.permissions << permission 
+      end
+
+      permission
+    end
+
+    # Define which permissions are accessible to everyone
+    #   public_access :site, :user_registration
+    #
+    # @param *[String,Symbol] permissions that are accessible to everyone
+    def public_access(*permissions)
+      Monty::Configuration.public_access = regexes(permissions)
+    end
+
+    # Define which permissions are accessible to everyone
+    #   protected_access :my_account, :site_administration
+    #
+    # @param *[String,Symbol] permissions that are accessbile to authenticated users
+    def protected_access(*permissions)
+      Monty::Configuration.protected_access = regexes(permissions)
+    end
+
+
+    # Method called by Monty::Watch to trigger parsing of class methods
+    def configure
+      true
+    end
+
+    private
+
+    def regexes(permissions)
+      permissions.collect!{|p| p.to_s}
+      perms = Monty::Configuration.permissions.select{|p| permissions.include?(p.name)}
+      perms.collect{|p| p.regex_pattern}.join("|")
+    end
+
+  end # Access
+end # Monty

data/lib/monty/configuration.rb

@@ -0,0 +1,34 @@
+# encoding: utf-8
+
+module Monty
+  module Configuration
+    class << self
+      # Path to redirect to if access is denied. 
+      # Default: '/'        
+      attr_accessor :access_denied_path
+      # Regex string of paths that are publicly accessible. 
+      # Default "\/"
+      attr_accessor :public_access
+      # Array of paths that are restricted to an authenticated user.
+      # Default ""
+      attr_accessor :protected_access
+      # Array of permission objects that defines the access to the application.
+      # Default []
+      attr_accessor :permissions
+
+      # Set defaults.
+      def reset
+        @access_denied_path = "/"
+        @public_access      = ""
+        @protected_access   = ""
+        @permissions        = []
+      end
+
+      def has_permission?(permission)
+        permissions.any?{|p| permission.name == p.name}
+      end
+    end
+
+    self.reset
+  end # Configuration
+end # Monty

data/lib/monty/controller.rb

@@ -0,0 +1,35 @@
+# encoding: utf-8
+
+module Monty
+  class Controller
+    # Name of the controller
+    attr_accessor :name
+    # Regular expression pattern
+    attr_accessor :regex_pattern
+    # The only methods restricted on the controller
+    attr_accessor :exceptions
+    # The only methods allowed on the controller
+    attr_accessor :inclusions
+
+
+    # @param [String,Symbol] name controller reference. 
+    def initialize(name)
+      @name = name.to_s
+      @regex_pattern = "\/#{@name}(\/.*)?"
+    end
+
+    # @param *[String,Symbol] only methods restricted on the controller
+    def except(*methods)
+      return if methods.empty?
+      @exceptions = methods.collect{|m| m.to_s}
+      @regex_pattern = "\/#{@name}(?!\/(#{@exceptions.join('|')}))(\/.*)?"
+    end
+
+    # @param *[String,Symbol] only methods allowed on the controller
+    def only(*methods)
+      return if methods.empty?
+      @inclusions = methods.collect{|m| m.to_s}
+      @regex_pattern = "\/#{@name}\/(#{@inclusions.join('|')})"
+    end
+  end # Controller
+end # Monty

data/lib/monty/permission.rb

@@ -0,0 +1,30 @@
+# encoding: utf-8
+
+module Monty
+  class Permission
+    # Name of permission
+    attr_accessor :name
+    # Array of controller objects that define the access rights for this permission
+    attr_accessor :controllers
+
+    # @param [String,Symbol] name permission reference. 
+    def initialize(name)
+      @name = name.to_s
+      @controllers = []
+    end
+
+    # @param [String,Symbol] name controller reference. 
+    # @return new controller 
+    def controller(name, &block)
+      controller =  Monty::Controller.new(name)
+      controller.instance_eval(&block) if block_given?
+      @controllers << controller
+      controller
+    end
+
+    # @return String representing all controllers defining this permission
+    def regex_pattern
+      controllers.collect{|c| "(#{c.regex_pattern})"}.join("|")
+    end
+  end # Permission
+end # Monty

data/lib/monty/watch.rb

@@ -0,0 +1,54 @@
+# encoding: utf-8
+
+module Monty
+  class Watch
+    def initialize(app, &block)
+      @app = app
+
+      instance_eval(&block) if block_given?
+    end
+
+    # Rack required method. For thread safety, dup self and execute _call
+    def call(env)
+      dup._call(env)
+    end
+
+    # Authorize request. Redirect if access is denied.
+    def _call(env)
+
+      unless allowed?(env) 
+        return [302, redirect_headers, []]
+      end
+
+      @app.call(env)
+    end
+
+    private
+
+    # @return [True,False] created from value of rack.session[:access_rights]
+    def allowed?(env)
+      path = env['PATH_INFO']
+
+      return true if path == '/'
+
+      access_rights(env).match(path) 
+    end
+
+    # @return [Regexp] created from value of rack.session[:access_rights]
+    def access_rights(env)
+      begin
+        ::Authorization.configure 
+      rescue NameError
+      end
+      
+      session = env['rack.session'] || {}
+      regex_string = session[:access_rights] || Monty::Configuration.public_access
+      
+      Regexp.new(/\A#{regex_string}\z/)
+    end
+
+    def redirect_headers
+      {'Location' => Monty::Configuration.access_denied_path, 'Content-Type' => 'text/html'}
+    end
+  end # Watch
+end # Monty

data/monty.gemspec

@@ -0,0 +1,68 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{monty}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["stonean"]
+  s.date = %q{2010-05-05}
+  s.description = %q{Rack based authoriztion system.}
+  s.email = %q{andy@stonean.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.md"
+  ]
+  s.files = [
+    ".gitignore",
+     "LICENSE",
+     "README.md",
+     "Rakefile",
+     "lib/monty.rb",
+     "lib/monty/access.rb",
+     "lib/monty/configuration.rb",
+     "lib/monty/controller.rb",
+     "lib/monty/permission.rb",
+     "lib/monty/watch.rb",
+     "monty.gemspec",
+     "test/helper.rb",
+     "test/monty/test_access.rb",
+     "test/monty/test_configuration.rb",
+     "test/monty/test_controller.rb",
+     "test/monty/test_permission.rb",
+     "test/monty/test_watch.rb",
+     "test/rcov.opts",
+     "test/test_monty.rb"
+  ]
+  s.homepage = %q{http://github.com/stonean/monty}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Rack based authorization system}
+  s.test_files = [
+    "test/helper.rb",
+     "test/monty/test_configuration.rb",
+     "test/monty/test_controller.rb",
+     "test/monty/test_access.rb",
+     "test/monty/test_watch.rb",
+     "test/monty/test_permission.rb",
+     "test/test_monty.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<mocha>, [">= 0.9.8"])
+    else
+      s.add_dependency(%q<mocha>, [">= 0.9.8"])
+    end
+  else
+    s.add_dependency(%q<mocha>, [">= 0.9.8"])
+  end
+end
+

data/test/helper.rb

@@ -0,0 +1,20 @@
+require 'rubygems'
+require 'test/unit'
+require 'rack/test'
+require 'mocha'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'monty'
+
+class Test::Unit::TestCase
+  include Rack::Test::Methods
+
+end
+
+def mock_framework
+  framework = mock 'framework'
+  framework.stubs :call => [200, {'Content-Type' => 'text/plain'}, 'OK'] 
+  framework 
+end
+

data/test/monty/test_access.rb

@@ -0,0 +1,67 @@
+require 'helper'
+
+class TestMontyAccess < Test::Unit::TestCase
+  include Monty::Access
+
+  def teardown
+    Monty::Configuration.reset
+  end
+
+  def test_model_responds_to_permission
+    assert_respond_to self, :permission
+  end
+
+  def test_permission_with_single_controller
+    perm = permission(:my_perm) do 
+              controller :my_controller
+           end
+
+    controller = perm.controllers.first
+    assert_equal 'my_controller', controller.name
+    assert_equal "\/my_controller(\/.*)?", controller.regex_pattern
+  end
+
+  def test_permission_without_block
+    perm = permission(:users) 
+
+    controller = perm.controllers.first
+    assert_equal 'users', controller.name
+    assert_equal "\/users(\/.*)?", controller.regex_pattern
+  end
+
+  def test_public_access
+    permission(:site)
+    public_access :site
+
+    assert_equal Monty::Configuration.public_access, "(\/site(\/.*)?)"
+  end
+
+  def test_public_access_with_multiple_permissions
+    permission(:site)
+    permission(:registration)
+    permission(:view_posts)
+    public_access :site, :registration, :view_posts
+
+    assert_equal Monty::Configuration.public_access, 
+      "(\/site(\/.*)?)|(\/registration(\/.*)?)|(\/view_posts(\/.*)?)"
+  end
+
+  def test_protected_access
+    permission(:my_account)
+    protected_access :my_account
+
+    assert_equal Monty::Configuration.protected_access, "(\/my_account(\/.*)?)"
+  end
+
+  def test_protected_access_with_multiple_permissions
+    permission(:my_account)
+    permission(:edit_posts)
+    protected_access :my_account, :edit_posts
+
+    assert_equal Monty::Configuration.protected_access, 
+      "(\/my_account(\/.*)?)|(\/edit_posts(\/.*)?)"
+  end
+
+
+end
+

data/test/monty/test_configuration.rb

@@ -0,0 +1,12 @@
+require 'helper'
+
+class TestMontyConfiguration < Test::Unit::TestCase
+
+  def test_defaults_are_correct
+    assert_equal Monty::Configuration.access_denied_path, '/'
+    assert_equal Monty::Configuration.public_access, ""
+    assert_equal Monty::Configuration.protected_access, ""
+    assert_equal Monty::Configuration.permissions, []
+  end
+end
+

data/test/monty/test_controller.rb

@@ -0,0 +1,47 @@
+require 'helper'
+
+class TestMontyController < Test::Unit::TestCase
+
+  def setup
+    @controller = Monty::Controller.new(:users)
+  end
+
+  def test_initializer_sets_correct_state
+    assert_equal @controller.name, 'users'
+    assert_equal @controller.regex_pattern, "\/users(\/.*)?"
+  end
+
+  def test_except_sets_correct_regex_pattern
+    @controller.except(:destroy)
+    assert_equal @controller.regex_pattern, "\/users(?!\/(destroy))(\/.*)?"
+  end
+
+  def test_except_with_multiple_params_sets_correct_regex_pattern
+    @controller.except(:index, :destroy)
+    assert_equal @controller.regex_pattern, "\/users(?!\/(index|destroy))(\/.*)?"
+  end
+
+  def test_except_with_no_params_preserves_regex_pattern
+    controller = Monty::Controller.new(:users)
+    controller.except()
+    assert_equal controller.regex_pattern, "\/users(\/.*)?"
+  end
+
+  def test_only_sets_correct_regex_pattern
+    @controller.only(:index)
+    assert_equal @controller.regex_pattern, "\/users\/(index)"
+  end
+
+  def test_only_with_multiple_params_sets_correct_regex_pattern
+    @controller.only(:show, :edit)
+    assert_equal @controller.regex_pattern, "\/users\/(show|edit)"
+  end
+
+  def test_only_with_no_params_preserves_regex_pattern
+    controller = Monty::Controller.new(:users)
+    controller.only()
+    assert_equal controller.regex_pattern, "\/users(\/.*)?"
+  end
+
+end
+

data/test/monty/test_permission.rb

@@ -0,0 +1,44 @@
+require 'helper'
+
+class TestMontyPermission < Test::Unit::TestCase
+
+  def setup
+    @permission = Monty::Permission.new(:my_account)
+  end
+
+  def test_initializer_sets_correct_state
+    assert_equal @permission.name, 'my_account'
+    assert_equal @permission.controllers, []
+  end
+
+  def test_controller
+    @permission.controller(:users)
+
+    controller = @permission.controllers.first
+    assert_equal controller.name, 'users'
+  end
+
+  def test_controller_with_block
+    @permission.controller(:users) do
+      except :destroy
+    end
+
+    controller = @permission.controllers.first
+    assert_equal controller.exceptions, ['destroy']
+  end
+
+
+  def test_regex_pattern
+    @permission.controller(:users)
+
+    assert_equal @permission.regex_pattern, "(\/users(\/.*)?)"
+  end
+
+  def test_regex_pattern_with_multiple_controllers
+    @permission.controller(:users)
+    @permission.controller(:posts)
+
+    assert_equal @permission.regex_pattern, "(\/users(\/.*)?)|(\/posts(\/.*)?)"
+  end
+end
+

data/test/monty/test_watch.rb

@@ -0,0 +1,105 @@
+require 'helper'
+
+class Authorization
+  extend Monty::Access
+end
+
+class TestMonty < Test::Unit::TestCase
+
+  def setup
+    Monty::Configuration.reset
+  end
+
+  def app
+    Monty::Watch.new(mock_framework)
+  end
+
+  def test_it_works
+    get '/'
+    assert last_response.ok?
+  end
+
+  def test_it_redirects
+    get '/posts'
+    assert last_response.redirect?
+  end
+
+  def test_it_allows_uri_without_ending_slash
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    get '/posts', {}
+    assert last_response.ok?
+  end
+
+  def test_it_allows_uri_with_ending_slash
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    get '/posts/', {}
+    assert last_response.ok?
+  end
+
+  def test_it_allows_uri_with_action
+    Authorization.permission :posts
+    Authorization.public_access :posts
+
+    get '/posts/new', {}
+    assert last_response.ok?
+
+    get '/posts', {}
+    assert last_response.ok?
+
+    get '/posts/', {}
+    assert last_response.ok?
+  end
+
+  def test_it_allows_uri_access_to_only_show
+    Authorization.permission :posts do
+      controller :posts do
+        only :show
+      end
+    end
+    Authorization.public_access :posts
+
+    get '/posts/show', {}
+    assert last_response.ok?
+
+    get '/postsshow', {}
+    assert last_response.redirect?
+
+    get '/posts', {}
+    assert last_response.redirect?
+
+    get '/posts/', {}
+    assert last_response.redirect?
+
+    get '/posts/edit', {}
+    assert last_response.redirect?
+  end
+
+  def test_it_allows_uri_access_to_all_except_show
+    Authorization.permission :posts do
+      controller :posts do
+        except :show
+      end
+    end
+    Authorization.public_access :posts
+
+    get '/posts/show', {}
+    assert last_response.redirect?
+
+    get '/postsshow', {}
+    assert last_response.redirect?
+
+    get '/posts', {}
+    assert last_response.ok?
+
+    get '/posts/', {}
+    assert last_response.ok?
+
+    get '/posts/edit', {}
+    assert last_response.ok?
+  end
+end
+

data/test/rcov.opts

@@ -0,0 +1,5 @@
+--text-summary
+--exclude
+  json,FakeWeb,rcov,rspec,spec,mocha,rack
+--sort
+  coverage

data/test/test_monty.rb

@@ -0,0 +1,16 @@
+require 'helper'
+
+class TestMonty < Test::Unit::TestCase
+
+  def test_version
+    assert Monty.version, '0.1.0'
+  end
+
+  def test_authenticated_access
+    Monty::Configuration.public_access = "(/static/.*)"
+    Monty::Configuration.protected_access = "(/users/.*)"
+    assert_equal Monty.authenticated_access, "(/static/.*)|(/users/.*)"
+  end
+
+end
+

metadata

@@ -0,0 +1,100 @@
+--- !ruby/object:Gem::Specification 
+name: monty
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- stonean
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-05-05 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: mocha
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 9
+        - 8
+        version: 0.9.8
+  type: :development
+  version_requirements: *id001
+description: Rack based authoriztion system.
+email: andy@stonean.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.md
+files: 
+- .gitignore
+- LICENSE
+- README.md
+- Rakefile
+- lib/monty.rb
+- lib/monty/access.rb
+- lib/monty/configuration.rb
+- lib/monty/controller.rb
+- lib/monty/permission.rb
+- lib/monty/watch.rb
+- monty.gemspec
+- test/helper.rb
+- test/monty/test_access.rb
+- test/monty/test_configuration.rb
+- test/monty/test_controller.rb
+- test/monty/test_permission.rb
+- test/monty/test_watch.rb
+- test/rcov.opts
+- test/test_monty.rb
+has_rdoc: true
+homepage: http://github.com/stonean/monty
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Rack based authorization system
+test_files: 
+- test/helper.rb
+- test/monty/test_configuration.rb
+- test/monty/test_controller.rb
+- test/monty/test_access.rb
+- test/monty/test_watch.rb
+- test/monty/test_permission.rb
+- test/test_monty.rb