objectbouncer 0.0.6 → 0.1.0

data/README.mdown

@@ -5,7 +5,7 @@ methods based upon a series of preconditions.
 
 ## Usage
 
-Let's say we have a President who is protected by the SecretService:
+Let's say we have a President who needs protection:
 
     class President
       def shake_hands
@@ -45,9 +45,9 @@ And the following people:
       end
     end
 
-To protect the President we'd define a SecretService class like so:
+To protect the President we'd add the following to our class definition:
 
-    class SecretService
+    class President
       include ObjectBouncer::Doorman
       door_policy do
         deny :shake_hands,  :if => Proc.new{|person| person.dictator? }
@@ -59,21 +59,38 @@ To protect the President we'd define a SecretService class like so:
       end
     end
 
-And now, to put our security detail in place we run all contact with
-the President through SecretService first:
+And now, to put our security detail in place we need to specify the current
+user that is initiating the interaction:
 
     @obama       = President.new
     @gaddafi     = Nutjob.new
     @joe_biden   = VicePresident.new
     @tommy_chong = Hippie.new
 
-    SecretService.new(@gaddafi, @president).shake_hands # Raises PermissionDenied
-    SecretService.new(@joe_biden, @president).shake_hands # Allowed
-    SecretService.new(@tommy_chong, @president).shake_hands # Allowed
-    SecretService.new(@joe_biden, @president).high_five # Allowed
-    SecretService.new(@tommy_chong, @president).high_five # Raises PermissionDenied
-    SecretService.new(@gaddafi, @president).give(:donation) # Allowed
-    SecretService.new(@gaddafi, @president).give(:suspect_package) # Raises PermissionDenied
+    @obama.current_user = @gaddafi
+    @obama.shake_hands                # Raises PermissionDenied
+    @obama.give(:donation)            # Allowed
+    @obama.give(:suspect_package)     # Raises PermissionDenied
+
+    @obama.current_user = @joe_biden
+    @obama.shake_hands                # Allowed
+    @obama.high_five                  # Allowed
+
+    @obama.current_user = @tommy_chong
+    @obama.shake_hands                # Allowed
+    @obama.high_five                  # Raises PermissionDenied
+
+Alternatively, if you can specify the user when you instantiate the object:
+
+    @gaddafi     = Nutjob.new
+    @obama       = President.as(@gaddafi).new
+
+    @obama.shake_hands                # Raises PermissionDenied
+    @obama.give(:donation)            # Allowed
+    @obama.give(:suspect_package)     # Raises PermissionDenied
+
+Handy in things like application controllers where you want to pass in the
+currently logged in user.
 
 ## Why would I want to use this?
 
@@ -81,7 +98,7 @@ Most of the existing RBAC and other access based permission systems are
 implemented at a controller or action level within the MVC stack. ObjectBouncer
 allows you to provide more granular control my limiting access to discrete
 methods on an instance of an object, while keeping the permissions logic
-external to the Model itself.
+external to the methods themselves.
 
 ## Compatibility
 

data/lib/objectbouncer.rb

@@ -1,4 +1,4 @@
 base_dir = File.join(File.dirname(__FILE__), "objectbouncer")
-["base", "errors"].each do |lib|
+["class_methods", "base", "errors"].each do |lib|
   require File.join(base_dir, lib)
 end

data/lib/objectbouncer/base.rb

@@ -1,110 +1,68 @@
 module ObjectBouncer
-  module Doorman
-
-    def self.included(klass)
-      klass.extend ClassMethods
-    end
+  def self.enforce!
+    @enforce = true
+  end
 
-    module ClassMethods
-      def door_policy(&block)
-        @lockdown = false
-        @policies = {}
-        yield
-      end
+  def self.unenforce!
+    @enforce = false
+  end
 
-      def lockdown
-        @lockdown = true
-      end
+  def self.enforced?
+    @enforce
+  end
 
-      def lockdown?
-        @lockdown
-      end
+  module Doorman
 
-      def allow(method, options = {})
-        @policies[method] ||= blank_policy_template
-        if options.has_key?(:if)
-          @policies[method][:allow][:if] << options[:if]
-        elsif options.has_key?(:unless)
-          @policies[method][:allow][:unless] << options[:unless]
-        else
-          @policies[method][:allow][:if].unshift(Proc.new{ true == true })
-        end
-      end
+    def with(user)
+      self
+    end
 
-      def deny(method, options = {})
-        @policies[method] ||= blank_policy_template
-        if options.has_key?(:if)
-          @policies[method][:deny][:if] << options[:if]
-        elsif options.has_key?(:unless)
-          @policies[method][:deny][:unless] << options[:unless]
-        else
-          @policies[method][:deny][:if].unshift(Proc.new{ true == true })
-        end
-      end
+    def current_user=(user)
+      @current_user = user
+    end
 
-      def policies
-        @policies
-      end
+    def current_user
+      @current_user ||= self.class.current_user
+    end
 
-      def blank_policy_template
-        { :allow => { :if => [], :unless => [] },
-          :deny  => { :if => [], :unless => [] }
-        }
+    def apply_policies
+      policies.keys.each do |method|
+        self.class.protect_method!(method)
       end
-
     end
 
-    def initialize(accessee, object)
-      @accessee = accessee
-      @object = object
-      super()
-      self
+    def policies
+      @policies || self.class.instance_policies
     end
 
-    def method_missing(meth, *args, &block)
-      if respond_to?(meth)
-        raise "TODO!!!" if self.class.policies.nil? or self.class.policies.empty?
-        if call_allowed?(meth, *args)
-          @object.send(meth, *args, &block)
-        elsif call_denied?(meth, *args)
-          raise ObjectBouncer::PermissionDenied.new
-        else
-          @object.send(meth, *args, &block)
+    def self.included(klass)
+      klass.extend ClassMethods
+      klass.overwrite_initialize
+      klass.instance_eval do
+        def method_added(name)
+          overwrite_initialize if name == :initialize
         end
-      else
-        super
       end
     end
 
-    def respond_to?(meth)
-      @object.respond_to?(meth)
-    end
-
     private
-      def call_allowed?(meth, *args)
-        if policies = self.class.policies[meth]
-          return true if !policies[:allow][:unless].empty? && !policies[:allow][:unless].detect{|policy| policy.call(@accessee, @object, *args) rescue nil}
-          return true if policies[:allow][:if].detect{|policy| policy.call(@accessee, @object, *args) rescue nil}
-          return true if policies[:deny][:unless].detect{|policy| policy.call(@accessee, @object, *args) rescue nil}
-        end
-      end
 
       def call_denied?(meth, *args)
-        return true if self.class.lockdown?
-        if policies = self.class.policies[meth]
-          return true if policies[:allow][:unless].detect{|policy| policy.call(@accessee, @object, *args) rescue nil}
-          return true if policies[:deny][:if].detect{|policy| policy.call(@accessee, @object, *args) rescue nil}
-          return true if !policies[:deny][:unless].empty? && !call_allowed?(meth)
+        if enforced? && current_user.nil?
+          raise ObjectBouncer::ArgumentError.new("You need to specify the user to execute the method as. e.g., #{self.class.to_s}.as(@some_user).#{meth.to_s}(....)")
+        end
+        return false if current_user.nil? && !enforced?
+        if meth_policies = policies[meth]
+          if !meth_policies[:unless].empty?
+            return false if meth_policies[:unless].detect{|policy| policy.call(current_user, @object, *args) rescue nil}
+            return true
+          end
+          return true if meth_policies[:if].detect{|policy| policy.call(current_user, @object, *args) rescue nil}
         end
       end
 
-      def accessee=(val)
-        @accessee = val
-      end
-
-      def object=(val)
-        @object = val
+      def enforced?
+        ObjectBouncer.enforced?
       end
-
   end
 end

data/lib/objectbouncer/class_methods.rb

@@ -0,0 +1,101 @@
+module ObjectBouncer
+  module Doorman
+    module ClassMethods
+      def overwrite_initialize
+        class_eval do
+          unless method_defined?(:objectbouncer_initialize)
+            define_method(:objectbouncer_initialize) do |*args, &block|
+              original_initialize(*args, &block)
+              @policies = self.class.policies
+              apply_policies
+              self
+            end
+          end
+
+          if instance_method(:initialize) != instance_method(:objectbouncer_initialize)
+            alias_method :original_initialize, :initialize
+            alias_method :initialize, :objectbouncer_initialize
+          end
+        end
+      end
+
+      def policies=(hash)
+        @policies = hash
+      end
+
+      def policies
+        @policies
+      end
+
+      def blank_policy_template
+        { :if => [], :unless => [] }
+      end
+
+      def enforced?
+        ObjectBouncer.enforced?
+      end
+
+      def current_user=(user)
+        @current_user = user
+      end
+
+      def current_user
+        @current_user
+      end
+
+      def as(accessee)
+        new_klass = self.clone
+        new_klass.table_name = self.table_name if respond_to?(:table_name)
+        if respond_to?(:connection_handler)
+          new_klass.establish_connection self.connection_handler.connection_pools[name].spec.config
+        end
+        new_klass.instance_eval do
+          include ObjectBouncer::Doorman
+        end
+        new_klass.policies = self.policies
+        new_klass.current_user = accessee
+        new_klass.apply_policies
+        new_klass
+      end
+
+      def door_policy(&block)
+        @policies = {}
+        yield
+        apply_policies
+      end
+
+      def deny(method, options = {})
+        policies[method] ||= blank_policy_template
+        if options.has_key?(:if)
+          policies[method][:if] << options[:if]
+        elsif options.has_key?(:unless)
+          policies[method][:unless] << options[:unless]
+        else
+          policies[method][:if].unshift(Proc.new{ true == true })
+        end
+      end
+
+      def apply_policies
+        policies.keys.each do |method|
+          protect_method!(method)
+        end
+      end
+
+      def protect_method!(method)
+        renamed_method = "#{method}_without_objectbouncer".to_sym
+        if method_defined?(method)
+          return if method_defined?(renamed_method)
+          alias_method renamed_method, method
+          define_method method do |*args, &block|
+            if call_denied?(method, *args)
+              raise ObjectBouncer::PermissionDenied.new
+            else
+              send(renamed_method, *args, &block)
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/objectbouncer/errors.rb

@@ -1,5 +1,6 @@
 module ObjectBouncer
   class Error < StandardError; end
   class PermissionDenied < Error; end
+  class ArgumentError < Error; end
 end
 

data/test/objectbouncer/activerecord_test.rb

@@ -0,0 +1,78 @@
+$:.unshift File.expand_path("..", File.dirname(__FILE__))
+require "test_helper"
+require "active_record"
+
+class Book < ActiveRecord::Base
+  establish_connection :adapter =>  "sqlite3",
+                       :database => "objectbouncer_test.db"
+  include ObjectBouncer::Doorman
+  door_policy do
+    deny :save,  :unless => Proc.new{|person| person.is_a?(Author) }
+    deny :save!, :unless => Proc.new{|person| person.is_a?(Author) }
+  end
+end
+
+class Author
+end
+
+class Reader
+end
+
+class ActiveRecordTest < Test::Unit::TestCase
+  context "protecting the library" do
+
+    setup do
+      ObjectBouncer.unenforce!
+      @author = Author.new
+      @reader = Reader.new
+    end
+
+    should "not let a reader create a book" do
+      assert_raise ObjectBouncer::PermissionDenied do
+        Book.as(@reader).create!(:name => "Real Housewives of Orange County - The Musical")
+      end
+    end
+
+    should "let an author create a book" do
+      assert_nothing_raised do
+        Book.as(@author).create!(:name => "Guns, Germs & Steel")
+      end
+    end
+
+    should "default to existing ActiveRecord behaviour" do
+      assert_nothing_raised do
+        Book.create!(:name => "Freakanomics")
+      end
+    end
+
+    should "provide means of enforcing a user" do
+      ObjectBouncer.enforce!
+      assert_raise ObjectBouncer::ArgumentError do
+        Book.create!(:name => "Javascript: The Good Parts")
+      end
+      assert_nothing_raised do
+        Book.as(@author).create!(:name => "Javascript: The Good Parts")
+      end
+    end
+
+    context "with an existing book" do
+
+      setup do
+        @book = Book.create!(:name   => "On Food & Cooking",
+                             :author => "Harold McGee",
+                             :price  => 4900)
+        @book_as_author = Book.as(@author).find(@book.id)
+        @book_as_reader = Book.as(@author).find(@book.id)
+      end
+
+      should "prevent reading of individual attributes" do
+      end
+
+      should "prevent writing of individual attributes" do
+      end
+
+      should "pass user through associations" do
+      end
+    end
+  end
+end

data/test/objectbouncer/base_test.rb

@@ -1,25 +1,15 @@
 $:.unshift File.expand_path("..", File.dirname(__FILE__))
 require "test_helper"
 
-class SecretService
+class President
   include ObjectBouncer::Doorman
   door_policy do
-    deny :shake_hands, :if => Proc.new{|person, president| person != president}
-    allow :shake_hands, :if => Proc.new{|person, president| person.class == MichelleObama}
+    deny :shake_hands, :unless => Proc.new{|person, president| person.is_a?(MichelleObama) }
+    deny :shake_hands, :if => Proc.new{|person, president| person != president }
     deny :high_five, :unless => Proc.new{|person, president| person.who? == "it's me, Joe!"}
     deny :give, :unless => Proc.new{|person, president, *args| args.first == :campaign_donation }
   end
-end
 
-class CoastGuard
-  include ObjectBouncer::Doorman
-  door_policy do
-    lockdown # Overly protective are we?
-    allow :watch_tv_appearance
-  end
-end
-
-class President
   def shake_hands
     "shaking hands"
   end
@@ -35,6 +25,7 @@ class President
   def give(gift)
     "thanks"
   end
+
 end
 
 class MichelleObama
@@ -58,70 +49,58 @@ class ObjectBouncerTest < Test::Unit::TestCase
 
     should "not let the public shake hands" do
       joe_public = JoePublic.new
-      secret_service = SecretService.new(joe_public, @president)
+      @president.current_user = joe_public
       assert_raise ObjectBouncer::PermissionDenied do
-        secret_service.shake_hands
+        @president.shake_hands
       end
     end
 
     should "let the first lady get in close" do
       first_lady = MichelleObama.new
-      secret_service = SecretService.new(first_lady, @president)
-      assert_equal "shaking hands", secret_service.shake_hands
+      @president.current_user = first_lady
+      assert_equal "shaking hands", @president.shake_hands
     end
 
     should "high five Biden" do
       vice_pres = JoeBiden.new
-      secret_service = SecretService.new(vice_pres, @president)
-      assert_equal "high five!", secret_service.high_five
+      @president.current_user = vice_pres
+      assert_equal "high five!", @president.high_five
     end
 
     should "not let the public high five" do
       joe_public = JoePublic.new
-      secret_service = SecretService.new(joe_public, @president)
+      @president.current_user = joe_public
       assert_raise ObjectBouncer::PermissionDenied do
-        secret_service.high_five
+        @president.high_five
       end
     end
 
     should "let the public give a donation" do
       joe_public = JoePublic.new
-      secret_service = SecretService.new(joe_public, @president)
-      assert_equal "thanks", secret_service.give(:campaign_donation)
+      @president.current_user = joe_public
+      assert_equal "thanks", @president.give(:campaign_donation)
     end
 
     should "not let the public give a package" do
       joe_public = JoePublic.new
-      secret_service = SecretService.new(joe_public, @president)
+      @president.current_user = joe_public
       assert_raise ObjectBouncer::PermissionDenied do
-        secret_service.give(:suspect_package)
+        @president.give(:suspect_package)
       end
     end
 
-  end
-
-  context "going into complete lockdown" do
-
-    setup do
-      @president = President.new
-    end
-
-    should "deny everything by default" do
+    should "be able to specify user on creation" do
       joe_public = JoePublic.new
-      coast_guard = CoastGuard.new(joe_public, @president)
+      @president = President.as(joe_public).new
       assert_raise ObjectBouncer::PermissionDenied do
-        coast_guard.high_five
+        @president.shake_hands
       end
-      assert_raise ObjectBouncer::PermissionDenied do
-        coast_guard.shake_hands
-      end
-    end
 
-    should "allow if explictly said it's ok" do
-      joe_public = JoePublic.new
-      coast_guard = CoastGuard.new(joe_public, @president)
-      assert_equal "I'm on your TV!", coast_guard.watch_tv_appearance
+      first_lady = MichelleObama.new
+      @president = President.as(first_lady).new
+      assert_equal "shaking hands", @president.shake_hands
     end
+
   end
 
 end

metadata

@@ -2,7 +2,7 @@
 name: objectbouncer
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.0.6
+  version: 0.1.0
 platform: ruby
 authors: 
 - Glenn Gillen
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-29 00:00:00 +01:00
+date: 2011-04-12 00:00:00 +01:00
 default_executable: 
 dependencies: []
 
@@ -26,8 +26,10 @@ files:
 - README.mdown
 - Rakefile
 - lib/objectbouncer/base.rb
+- lib/objectbouncer/class_methods.rb
 - lib/objectbouncer/errors.rb
 - lib/objectbouncer.rb
+- test/objectbouncer/activerecord_test.rb
 - test/objectbouncer/base_test.rb
 - test/test_helper.rb
 has_rdoc: true
@@ -60,5 +62,6 @@ signing_key:
 specification_version: 2
 summary: A simple object proxy to restrict access to methods and attributes
 test_files: 
+- test/objectbouncer/activerecord_test.rb
 - test/objectbouncer/base_test.rb
 - test/test_helper.rb