objectreload-permissions 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/.gitignore ADDED
@@ -0,0 +1,2 @@
1
+ *.gemspec
2
+ pkg/
data/README ADDED
@@ -0,0 +1,2 @@
1
+ Install gem:
2
+ gem install objectreload-permissions
data/Rakefile ADDED
@@ -0,0 +1,55 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+
4
+ begin
5
+ require 'jeweler'
6
+ Jeweler::Tasks.new do |gem|
7
+ gem.name = "objectreload-permissions"
8
+ gem.summary = "Simple way to add permissions to controllers."
9
+ gem.email = "gems@objectreload.com"
10
+ gem.homepage = "http://github.com/objectreload/permissions"
11
+ gem.authors = ["Mateusz Drozdzynski", "Ewa Limanowka"]
12
+ # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
13
+ end
14
+ Jeweler::GemcutterTasks.new
15
+ rescue LoadError
16
+ puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
17
+ end
18
+
19
+ require 'rake/testtask'
20
+ Rake::TestTask.new(:test) do |test|
21
+ test.libs << 'lib' << 'test'
22
+ test.pattern = 'test/**/*_test.rb'
23
+ test.verbose = true
24
+ end
25
+
26
+ begin
27
+ require 'rcov/rcovtask'
28
+ Rcov::RcovTask.new do |test|
29
+ test.libs << 'test'
30
+ test.pattern = 'test/**/*_test.rb'
31
+ test.verbose = true
32
+ end
33
+ rescue LoadError
34
+ task :rcov do
35
+ abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
36
+ end
37
+ end
38
+
39
+ task :test => :check_dependencies
40
+
41
+ task :default => :test
42
+
43
+ require 'rake/rdoctask'
44
+ Rake::RDocTask.new do |rdoc|
45
+ if File.exist?('VERSION')
46
+ version = File.read('VERSION')
47
+ else
48
+ version = ""
49
+ end
50
+
51
+ rdoc.rdoc_dir = 'rdoc'
52
+ rdoc.title = "permissions_gem #{version}"
53
+ rdoc.rdoc_files.include('README*')
54
+ rdoc.rdoc_files.include('lib/**/*.rb')
55
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.1
data/init.rb ADDED
@@ -0,0 +1,2 @@
1
+ # Include hook code here
2
+ require File.dirname(__FILE__) + '/lib/require_permissions'
data/install.rb ADDED
@@ -0,0 +1 @@
1
+ # Install hook code here
data/lib/exceptions.rb ADDED
@@ -0,0 +1,9 @@
1
+ module Exceptions
2
+ class UnathorizedAccess < StandardError; end
3
+ end
4
+
5
+ ActionController::Base.send(:rescue_from, Exceptions::UnathorizedAccess, :with => :forbidden)
6
+
7
+ def forbidden
8
+ render_optional_error_file 403
9
+ end
@@ -0,0 +1,67 @@
1
+ require 'exceptions'
2
+
3
+ module RequirePermissions
4
+ def self.included(base)
5
+ base.extend ClassMethods
6
+ end
7
+
8
+ module ClassMethods
9
+ def require_permissions(options = {})
10
+ method = options.delete(:method)
11
+ method ||= :editable_by?
12
+
13
+ redirect = options.delete(:redirect)
14
+ redirect ||= nil
15
+
16
+ success = options.delete(:success)
17
+ success ||= lambda {}
18
+
19
+ failure = options.delete(:failure)
20
+ failure ||= lambda {
21
+ if redirect
22
+ flash[:error] = "You were not authorised to see that page".t
23
+ redirect_to case redirect
24
+ when Symbol then self.send(redirect)
25
+ when Proc then instance_eval &redirect
26
+ else redirect
27
+ end
28
+ else
29
+ raise Exceptions::UnathorizedAccess
30
+ end
31
+ }
32
+
33
+ options.each do |model, actions|
34
+ actions = {:only => actions} if actions.kind_of? Array
35
+
36
+ _method = actions.delete(:method) || method
37
+ _method = _method.to_s
38
+
39
+ _success = actions.delete(:success) || success
40
+ _failure = actions.delete(:failure) || failure
41
+
42
+ negative = _method.gsub!(/^\!/, '') ? true : false
43
+ name = :"require_#{model}_permissions_#{rand}"
44
+ define_method(name) do
45
+ target = instance_variable_get("@#{model}")
46
+ return false unless target
47
+ condition = target.send(_method.to_sym, current_user)
48
+ condition = negative ? !condition : condition
49
+ if condition
50
+ instance_eval &_success
51
+ else
52
+ instance_eval &_failure
53
+ end
54
+ return condition
55
+ end
56
+ before_filter name, actions
57
+ end
58
+ end
59
+
60
+ def require_visibility(options = {})
61
+ require_permissions({:method => :visible_to?}.merge(options))
62
+ end
63
+ end
64
+ end
65
+
66
+
67
+ ActionController::Base.send(:include, RequirePermissions)
@@ -0,0 +1,66 @@
1
+ require "test_helper"
2
+
3
+ ActionController::Routing::Routes.draw do |map|
4
+ map.resources :photos, :has_many => :comments
5
+ map.connect ':controller/:action/:id'
6
+ end
7
+
8
+ class RequirePermissionsTest < ActionController::TestCase
9
+
10
+ class PhotosController < ActionController::Base
11
+ def show; render :inline => "ran action show" end
12
+ def edit; render :inline => "ran action edit" end
13
+ end
14
+
15
+ class CommentsController < ActionController::Base
16
+ require_permissions :comment => [:edit, :update, :destroy], :method => :editable_by?
17
+ require_permissions :photo => [:new, :create]
18
+
19
+ def new; render :inline => "ran action new" end
20
+ def create; render :inline => "ran action create" end
21
+ def edit; render :inline => "ran action edit" end
22
+ def update; render :inline => "ran action update" end
23
+ def destroy; render :inline => "ran action destroy" end
24
+ end
25
+
26
+ context "Require permission lib" do
27
+ setup do
28
+ @options = {:photo => [:edit]}
29
+ end
30
+
31
+ should "call require_permission action" do
32
+ PhotosController.expects(:require_permissions).with(@options)
33
+ PhotosController.require_permissions(@options)
34
+ end
35
+
36
+ should "call require_permissions when call require_visibility action" do
37
+ PhotosController.expects(:require_permissions).with(@options.merge!(:method => :visible_to?))
38
+ PhotosController.require_visibility(@options)
39
+ end
40
+
41
+ should "call filter before" do
42
+ PhotosController.expects(:before_filter).once
43
+ PhotosController.require_permissions(@options)
44
+ end
45
+
46
+ should "be available in ActionController" do
47
+ options = {:photo => [:show]}
48
+ options.should == ActionController::Base.require_permissions(options)
49
+ end
50
+
51
+ should "call edit" do
52
+ assert_nothing_raised do
53
+ test_process(CommentsController, "edit")
54
+ @response.body.should == "ran action edit"
55
+ end
56
+ end
57
+ end
58
+
59
+ private
60
+ def test_process(controller, action = "show")
61
+ @controller = controller.is_a?(Class) ? controller.new : controller
62
+ @request = ActionController::TestRequest.new
63
+ @response = ActionController::TestResponse.new
64
+ process(action)
65
+ end
66
+ end
@@ -0,0 +1,7 @@
1
+ require 'rubygems'
2
+ require 'action_controller'
3
+ require 'action_controller/test_process'
4
+ require File.dirname(__FILE__)+'/../lib/require_permissions'
5
+ require 'shoulda'
6
+ require 'mocha'
7
+ require 'matchy'
data/uninstall.rb ADDED
@@ -0,0 +1 @@
1
+ # Uninstall hook code here
metadata ADDED
@@ -0,0 +1,67 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: objectreload-permissions
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.1
5
+ platform: ruby
6
+ authors:
7
+ - Mateusz Drozdzynski
8
+ - Ewa Limanowka
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+
13
+ date: 2009-12-01 00:00:00 +00:00
14
+ default_executable:
15
+ dependencies: []
16
+
17
+ description:
18
+ email: gems@objectreload.com
19
+ executables: []
20
+
21
+ extensions: []
22
+
23
+ extra_rdoc_files:
24
+ - README
25
+ files:
26
+ - .gitignore
27
+ - README
28
+ - Rakefile
29
+ - VERSION
30
+ - init.rb
31
+ - install.rb
32
+ - lib/exceptions.rb
33
+ - lib/require_permissions.rb
34
+ - test/require_permissions_test.rb
35
+ - test/test_helper.rb
36
+ - uninstall.rb
37
+ has_rdoc: true
38
+ homepage: http://github.com/objectreload/permissions
39
+ licenses: []
40
+
41
+ post_install_message:
42
+ rdoc_options:
43
+ - --charset=UTF-8
44
+ require_paths:
45
+ - lib
46
+ required_ruby_version: !ruby/object:Gem::Requirement
47
+ requirements:
48
+ - - ">="
49
+ - !ruby/object:Gem::Version
50
+ version: "0"
51
+ version:
52
+ required_rubygems_version: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ version: "0"
57
+ version:
58
+ requirements: []
59
+
60
+ rubyforge_project:
61
+ rubygems_version: 1.3.5
62
+ signing_key:
63
+ specification_version: 3
64
+ summary: Simple way to add permissions to controllers.
65
+ test_files:
66
+ - test/require_permissions_test.rb
67
+ - test/test_helper.rb