objectreload-permissions 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +2 -0
- data/README +2 -0
- data/Rakefile +55 -0
- data/VERSION +1 -0
- data/init.rb +2 -0
- data/install.rb +1 -0
- data/lib/exceptions.rb +9 -0
- data/lib/require_permissions.rb +67 -0
- data/test/require_permissions_test.rb +66 -0
- data/test/test_helper.rb +7 -0
- data/uninstall.rb +1 -0
- metadata +67 -0
data/.gitignore
ADDED
data/README
ADDED
data/Rakefile
ADDED
@@ -0,0 +1,55 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'jeweler'
|
6
|
+
Jeweler::Tasks.new do |gem|
|
7
|
+
gem.name = "objectreload-permissions"
|
8
|
+
gem.summary = "Simple way to add permissions to controllers."
|
9
|
+
gem.email = "gems@objectreload.com"
|
10
|
+
gem.homepage = "http://github.com/objectreload/permissions"
|
11
|
+
gem.authors = ["Mateusz Drozdzynski", "Ewa Limanowka"]
|
12
|
+
# gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
|
13
|
+
end
|
14
|
+
Jeweler::GemcutterTasks.new
|
15
|
+
rescue LoadError
|
16
|
+
puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
|
17
|
+
end
|
18
|
+
|
19
|
+
require 'rake/testtask'
|
20
|
+
Rake::TestTask.new(:test) do |test|
|
21
|
+
test.libs << 'lib' << 'test'
|
22
|
+
test.pattern = 'test/**/*_test.rb'
|
23
|
+
test.verbose = true
|
24
|
+
end
|
25
|
+
|
26
|
+
begin
|
27
|
+
require 'rcov/rcovtask'
|
28
|
+
Rcov::RcovTask.new do |test|
|
29
|
+
test.libs << 'test'
|
30
|
+
test.pattern = 'test/**/*_test.rb'
|
31
|
+
test.verbose = true
|
32
|
+
end
|
33
|
+
rescue LoadError
|
34
|
+
task :rcov do
|
35
|
+
abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
task :test => :check_dependencies
|
40
|
+
|
41
|
+
task :default => :test
|
42
|
+
|
43
|
+
require 'rake/rdoctask'
|
44
|
+
Rake::RDocTask.new do |rdoc|
|
45
|
+
if File.exist?('VERSION')
|
46
|
+
version = File.read('VERSION')
|
47
|
+
else
|
48
|
+
version = ""
|
49
|
+
end
|
50
|
+
|
51
|
+
rdoc.rdoc_dir = 'rdoc'
|
52
|
+
rdoc.title = "permissions_gem #{version}"
|
53
|
+
rdoc.rdoc_files.include('README*')
|
54
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
55
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.1.1
|
data/init.rb
ADDED
data/install.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
# Install hook code here
|
data/lib/exceptions.rb
ADDED
@@ -0,0 +1,67 @@
|
|
1
|
+
require 'exceptions'
|
2
|
+
|
3
|
+
module RequirePermissions
|
4
|
+
def self.included(base)
|
5
|
+
base.extend ClassMethods
|
6
|
+
end
|
7
|
+
|
8
|
+
module ClassMethods
|
9
|
+
def require_permissions(options = {})
|
10
|
+
method = options.delete(:method)
|
11
|
+
method ||= :editable_by?
|
12
|
+
|
13
|
+
redirect = options.delete(:redirect)
|
14
|
+
redirect ||= nil
|
15
|
+
|
16
|
+
success = options.delete(:success)
|
17
|
+
success ||= lambda {}
|
18
|
+
|
19
|
+
failure = options.delete(:failure)
|
20
|
+
failure ||= lambda {
|
21
|
+
if redirect
|
22
|
+
flash[:error] = "You were not authorised to see that page".t
|
23
|
+
redirect_to case redirect
|
24
|
+
when Symbol then self.send(redirect)
|
25
|
+
when Proc then instance_eval &redirect
|
26
|
+
else redirect
|
27
|
+
end
|
28
|
+
else
|
29
|
+
raise Exceptions::UnathorizedAccess
|
30
|
+
end
|
31
|
+
}
|
32
|
+
|
33
|
+
options.each do |model, actions|
|
34
|
+
actions = {:only => actions} if actions.kind_of? Array
|
35
|
+
|
36
|
+
_method = actions.delete(:method) || method
|
37
|
+
_method = _method.to_s
|
38
|
+
|
39
|
+
_success = actions.delete(:success) || success
|
40
|
+
_failure = actions.delete(:failure) || failure
|
41
|
+
|
42
|
+
negative = _method.gsub!(/^\!/, '') ? true : false
|
43
|
+
name = :"require_#{model}_permissions_#{rand}"
|
44
|
+
define_method(name) do
|
45
|
+
target = instance_variable_get("@#{model}")
|
46
|
+
return false unless target
|
47
|
+
condition = target.send(_method.to_sym, current_user)
|
48
|
+
condition = negative ? !condition : condition
|
49
|
+
if condition
|
50
|
+
instance_eval &_success
|
51
|
+
else
|
52
|
+
instance_eval &_failure
|
53
|
+
end
|
54
|
+
return condition
|
55
|
+
end
|
56
|
+
before_filter name, actions
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def require_visibility(options = {})
|
61
|
+
require_permissions({:method => :visible_to?}.merge(options))
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
|
67
|
+
ActionController::Base.send(:include, RequirePermissions)
|
@@ -0,0 +1,66 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
ActionController::Routing::Routes.draw do |map|
|
4
|
+
map.resources :photos, :has_many => :comments
|
5
|
+
map.connect ':controller/:action/:id'
|
6
|
+
end
|
7
|
+
|
8
|
+
class RequirePermissionsTest < ActionController::TestCase
|
9
|
+
|
10
|
+
class PhotosController < ActionController::Base
|
11
|
+
def show; render :inline => "ran action show" end
|
12
|
+
def edit; render :inline => "ran action edit" end
|
13
|
+
end
|
14
|
+
|
15
|
+
class CommentsController < ActionController::Base
|
16
|
+
require_permissions :comment => [:edit, :update, :destroy], :method => :editable_by?
|
17
|
+
require_permissions :photo => [:new, :create]
|
18
|
+
|
19
|
+
def new; render :inline => "ran action new" end
|
20
|
+
def create; render :inline => "ran action create" end
|
21
|
+
def edit; render :inline => "ran action edit" end
|
22
|
+
def update; render :inline => "ran action update" end
|
23
|
+
def destroy; render :inline => "ran action destroy" end
|
24
|
+
end
|
25
|
+
|
26
|
+
context "Require permission lib" do
|
27
|
+
setup do
|
28
|
+
@options = {:photo => [:edit]}
|
29
|
+
end
|
30
|
+
|
31
|
+
should "call require_permission action" do
|
32
|
+
PhotosController.expects(:require_permissions).with(@options)
|
33
|
+
PhotosController.require_permissions(@options)
|
34
|
+
end
|
35
|
+
|
36
|
+
should "call require_permissions when call require_visibility action" do
|
37
|
+
PhotosController.expects(:require_permissions).with(@options.merge!(:method => :visible_to?))
|
38
|
+
PhotosController.require_visibility(@options)
|
39
|
+
end
|
40
|
+
|
41
|
+
should "call filter before" do
|
42
|
+
PhotosController.expects(:before_filter).once
|
43
|
+
PhotosController.require_permissions(@options)
|
44
|
+
end
|
45
|
+
|
46
|
+
should "be available in ActionController" do
|
47
|
+
options = {:photo => [:show]}
|
48
|
+
options.should == ActionController::Base.require_permissions(options)
|
49
|
+
end
|
50
|
+
|
51
|
+
should "call edit" do
|
52
|
+
assert_nothing_raised do
|
53
|
+
test_process(CommentsController, "edit")
|
54
|
+
@response.body.should == "ran action edit"
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
private
|
60
|
+
def test_process(controller, action = "show")
|
61
|
+
@controller = controller.is_a?(Class) ? controller.new : controller
|
62
|
+
@request = ActionController::TestRequest.new
|
63
|
+
@response = ActionController::TestResponse.new
|
64
|
+
process(action)
|
65
|
+
end
|
66
|
+
end
|
data/test/test_helper.rb
ADDED
data/uninstall.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
# Uninstall hook code here
|
metadata
ADDED
@@ -0,0 +1,67 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: objectreload-permissions
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Mateusz Drozdzynski
|
8
|
+
- Ewa Limanowka
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
|
13
|
+
date: 2009-12-01 00:00:00 +00:00
|
14
|
+
default_executable:
|
15
|
+
dependencies: []
|
16
|
+
|
17
|
+
description:
|
18
|
+
email: gems@objectreload.com
|
19
|
+
executables: []
|
20
|
+
|
21
|
+
extensions: []
|
22
|
+
|
23
|
+
extra_rdoc_files:
|
24
|
+
- README
|
25
|
+
files:
|
26
|
+
- .gitignore
|
27
|
+
- README
|
28
|
+
- Rakefile
|
29
|
+
- VERSION
|
30
|
+
- init.rb
|
31
|
+
- install.rb
|
32
|
+
- lib/exceptions.rb
|
33
|
+
- lib/require_permissions.rb
|
34
|
+
- test/require_permissions_test.rb
|
35
|
+
- test/test_helper.rb
|
36
|
+
- uninstall.rb
|
37
|
+
has_rdoc: true
|
38
|
+
homepage: http://github.com/objectreload/permissions
|
39
|
+
licenses: []
|
40
|
+
|
41
|
+
post_install_message:
|
42
|
+
rdoc_options:
|
43
|
+
- --charset=UTF-8
|
44
|
+
require_paths:
|
45
|
+
- lib
|
46
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
47
|
+
requirements:
|
48
|
+
- - ">="
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: "0"
|
51
|
+
version:
|
52
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
53
|
+
requirements:
|
54
|
+
- - ">="
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: "0"
|
57
|
+
version:
|
58
|
+
requirements: []
|
59
|
+
|
60
|
+
rubyforge_project:
|
61
|
+
rubygems_version: 1.3.5
|
62
|
+
signing_key:
|
63
|
+
specification_version: 3
|
64
|
+
summary: Simple way to add permissions to controllers.
|
65
|
+
test_files:
|
66
|
+
- test/require_permissions_test.rb
|
67
|
+
- test/test_helper.rb
|