objectreload-permissions 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,2 @@
1
+ *.gemspec
2
+ pkg/
data/README ADDED
@@ -0,0 +1,2 @@
1
+ Install gem:
2
+ gem install objectreload-permissions
data/Rakefile ADDED
@@ -0,0 +1,55 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+
4
+ begin
5
+ require 'jeweler'
6
+ Jeweler::Tasks.new do |gem|
7
+ gem.name = "objectreload-permissions"
8
+ gem.summary = "Simple way to add permissions to controllers."
9
+ gem.email = "gems@objectreload.com"
10
+ gem.homepage = "http://github.com/objectreload/permissions"
11
+ gem.authors = ["Mateusz Drozdzynski", "Ewa Limanowka"]
12
+ # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
13
+ end
14
+ Jeweler::GemcutterTasks.new
15
+ rescue LoadError
16
+ puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
17
+ end
18
+
19
+ require 'rake/testtask'
20
+ Rake::TestTask.new(:test) do |test|
21
+ test.libs << 'lib' << 'test'
22
+ test.pattern = 'test/**/*_test.rb'
23
+ test.verbose = true
24
+ end
25
+
26
+ begin
27
+ require 'rcov/rcovtask'
28
+ Rcov::RcovTask.new do |test|
29
+ test.libs << 'test'
30
+ test.pattern = 'test/**/*_test.rb'
31
+ test.verbose = true
32
+ end
33
+ rescue LoadError
34
+ task :rcov do
35
+ abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
36
+ end
37
+ end
38
+
39
+ task :test => :check_dependencies
40
+
41
+ task :default => :test
42
+
43
+ require 'rake/rdoctask'
44
+ Rake::RDocTask.new do |rdoc|
45
+ if File.exist?('VERSION')
46
+ version = File.read('VERSION')
47
+ else
48
+ version = ""
49
+ end
50
+
51
+ rdoc.rdoc_dir = 'rdoc'
52
+ rdoc.title = "permissions_gem #{version}"
53
+ rdoc.rdoc_files.include('README*')
54
+ rdoc.rdoc_files.include('lib/**/*.rb')
55
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.1
data/init.rb ADDED
@@ -0,0 +1,2 @@
1
+ # Include hook code here
2
+ require File.dirname(__FILE__) + '/lib/require_permissions'
data/install.rb ADDED
@@ -0,0 +1 @@
1
+ # Install hook code here
data/lib/exceptions.rb ADDED
@@ -0,0 +1,9 @@
1
+ module Exceptions
2
+ class UnathorizedAccess < StandardError; end
3
+ end
4
+
5
+ ActionController::Base.send(:rescue_from, Exceptions::UnathorizedAccess, :with => :forbidden)
6
+
7
+ def forbidden
8
+ render_optional_error_file 403
9
+ end
@@ -0,0 +1,67 @@
1
+ require 'exceptions'
2
+
3
+ module RequirePermissions
4
+ def self.included(base)
5
+ base.extend ClassMethods
6
+ end
7
+
8
+ module ClassMethods
9
+ def require_permissions(options = {})
10
+ method = options.delete(:method)
11
+ method ||= :editable_by?
12
+
13
+ redirect = options.delete(:redirect)
14
+ redirect ||= nil
15
+
16
+ success = options.delete(:success)
17
+ success ||= lambda {}
18
+
19
+ failure = options.delete(:failure)
20
+ failure ||= lambda {
21
+ if redirect
22
+ flash[:error] = "You were not authorised to see that page".t
23
+ redirect_to case redirect
24
+ when Symbol then self.send(redirect)
25
+ when Proc then instance_eval &redirect
26
+ else redirect
27
+ end
28
+ else
29
+ raise Exceptions::UnathorizedAccess
30
+ end
31
+ }
32
+
33
+ options.each do |model, actions|
34
+ actions = {:only => actions} if actions.kind_of? Array
35
+
36
+ _method = actions.delete(:method) || method
37
+ _method = _method.to_s
38
+
39
+ _success = actions.delete(:success) || success
40
+ _failure = actions.delete(:failure) || failure
41
+
42
+ negative = _method.gsub!(/^\!/, '') ? true : false
43
+ name = :"require_#{model}_permissions_#{rand}"
44
+ define_method(name) do
45
+ target = instance_variable_get("@#{model}")
46
+ return false unless target
47
+ condition = target.send(_method.to_sym, current_user)
48
+ condition = negative ? !condition : condition
49
+ if condition
50
+ instance_eval &_success
51
+ else
52
+ instance_eval &_failure
53
+ end
54
+ return condition
55
+ end
56
+ before_filter name, actions
57
+ end
58
+ end
59
+
60
+ def require_visibility(options = {})
61
+ require_permissions({:method => :visible_to?}.merge(options))
62
+ end
63
+ end
64
+ end
65
+
66
+
67
+ ActionController::Base.send(:include, RequirePermissions)
@@ -0,0 +1,66 @@
1
+ require "test_helper"
2
+
3
+ ActionController::Routing::Routes.draw do |map|
4
+ map.resources :photos, :has_many => :comments
5
+ map.connect ':controller/:action/:id'
6
+ end
7
+
8
+ class RequirePermissionsTest < ActionController::TestCase
9
+
10
+ class PhotosController < ActionController::Base
11
+ def show; render :inline => "ran action show" end
12
+ def edit; render :inline => "ran action edit" end
13
+ end
14
+
15
+ class CommentsController < ActionController::Base
16
+ require_permissions :comment => [:edit, :update, :destroy], :method => :editable_by?
17
+ require_permissions :photo => [:new, :create]
18
+
19
+ def new; render :inline => "ran action new" end
20
+ def create; render :inline => "ran action create" end
21
+ def edit; render :inline => "ran action edit" end
22
+ def update; render :inline => "ran action update" end
23
+ def destroy; render :inline => "ran action destroy" end
24
+ end
25
+
26
+ context "Require permission lib" do
27
+ setup do
28
+ @options = {:photo => [:edit]}
29
+ end
30
+
31
+ should "call require_permission action" do
32
+ PhotosController.expects(:require_permissions).with(@options)
33
+ PhotosController.require_permissions(@options)
34
+ end
35
+
36
+ should "call require_permissions when call require_visibility action" do
37
+ PhotosController.expects(:require_permissions).with(@options.merge!(:method => :visible_to?))
38
+ PhotosController.require_visibility(@options)
39
+ end
40
+
41
+ should "call filter before" do
42
+ PhotosController.expects(:before_filter).once
43
+ PhotosController.require_permissions(@options)
44
+ end
45
+
46
+ should "be available in ActionController" do
47
+ options = {:photo => [:show]}
48
+ options.should == ActionController::Base.require_permissions(options)
49
+ end
50
+
51
+ should "call edit" do
52
+ assert_nothing_raised do
53
+ test_process(CommentsController, "edit")
54
+ @response.body.should == "ran action edit"
55
+ end
56
+ end
57
+ end
58
+
59
+ private
60
+ def test_process(controller, action = "show")
61
+ @controller = controller.is_a?(Class) ? controller.new : controller
62
+ @request = ActionController::TestRequest.new
63
+ @response = ActionController::TestResponse.new
64
+ process(action)
65
+ end
66
+ end
@@ -0,0 +1,7 @@
1
+ require 'rubygems'
2
+ require 'action_controller'
3
+ require 'action_controller/test_process'
4
+ require File.dirname(__FILE__)+'/../lib/require_permissions'
5
+ require 'shoulda'
6
+ require 'mocha'
7
+ require 'matchy'
data/uninstall.rb ADDED
@@ -0,0 +1 @@
1
+ # Uninstall hook code here
metadata ADDED
@@ -0,0 +1,67 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: objectreload-permissions
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.1
5
+ platform: ruby
6
+ authors:
7
+ - Mateusz Drozdzynski
8
+ - Ewa Limanowka
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+
13
+ date: 2009-12-01 00:00:00 +00:00
14
+ default_executable:
15
+ dependencies: []
16
+
17
+ description:
18
+ email: gems@objectreload.com
19
+ executables: []
20
+
21
+ extensions: []
22
+
23
+ extra_rdoc_files:
24
+ - README
25
+ files:
26
+ - .gitignore
27
+ - README
28
+ - Rakefile
29
+ - VERSION
30
+ - init.rb
31
+ - install.rb
32
+ - lib/exceptions.rb
33
+ - lib/require_permissions.rb
34
+ - test/require_permissions_test.rb
35
+ - test/test_helper.rb
36
+ - uninstall.rb
37
+ has_rdoc: true
38
+ homepage: http://github.com/objectreload/permissions
39
+ licenses: []
40
+
41
+ post_install_message:
42
+ rdoc_options:
43
+ - --charset=UTF-8
44
+ require_paths:
45
+ - lib
46
+ required_ruby_version: !ruby/object:Gem::Requirement
47
+ requirements:
48
+ - - ">="
49
+ - !ruby/object:Gem::Version
50
+ version: "0"
51
+ version:
52
+ required_rubygems_version: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ version: "0"
57
+ version:
58
+ requirements: []
59
+
60
+ rubyforge_project:
61
+ rubygems_version: 1.3.5
62
+ signing_key:
63
+ specification_version: 3
64
+ summary: Simple way to add permissions to controllers.
65
+ test_files:
66
+ - test/require_permissions_test.rb
67
+ - test/test_helper.rb