objectreload-permissions 0.1.1

data/.gitignore

@@ -0,0 +1,2 @@
+*.gemspec
+pkg/

data/README

@@ -0,0 +1,2 @@
+Install gem:
+gem install objectreload-permissions

data/Rakefile

@@ -0,0 +1,55 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "objectreload-permissions"
+    gem.summary = "Simple way to add permissions to controllers."
+    gem.email = "gems@objectreload.com"
+    gem.homepage = "http://github.com/objectreload/permissions"
+    gem.authors = ["Mateusz Drozdzynski", "Ewa Limanowka"]
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/*_test.rb'
+  test.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |test|
+    test.libs << 'test'
+    test.pattern = 'test/**/*_test.rb'
+    test.verbose = true
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
+  end
+end
+
+task :test => :check_dependencies
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  if File.exist?('VERSION')
+    version = File.read('VERSION')
+  else
+    version = ""
+  end
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "permissions_gem #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.1

data/init.rb

@@ -0,0 +1,2 @@
+# Include hook code here
+require File.dirname(__FILE__) + '/lib/require_permissions'

data/install.rb

@@ -0,0 +1 @@
+# Install hook code here

data/lib/exceptions.rb

@@ -0,0 +1,9 @@
+module Exceptions
+  class UnathorizedAccess < StandardError; end
+end
+
+ActionController::Base.send(:rescue_from, Exceptions::UnathorizedAccess, :with => :forbidden)
+
+def forbidden
+   render_optional_error_file 403
+end

data/lib/require_permissions.rb

@@ -0,0 +1,67 @@
+require 'exceptions'
+
+module RequirePermissions
+  def self.included(base)
+    base.extend ClassMethods
+  end
+  
+  module ClassMethods
+    def require_permissions(options = {})
+      method = options.delete(:method)
+      method ||= :editable_by?
+      
+      redirect = options.delete(:redirect)
+      redirect ||= nil
+      
+      success = options.delete(:success)
+      success ||= lambda {}
+      
+      failure = options.delete(:failure)
+      failure ||= lambda {
+        if redirect
+          flash[:error] = "You were not authorised to see that page".t
+          redirect_to case redirect
+          when Symbol then self.send(redirect)
+          when Proc then instance_eval &redirect
+          else redirect
+          end
+        else
+          raise Exceptions::UnathorizedAccess
+        end
+      }
+      
+      options.each do |model, actions|
+        actions = {:only => actions} if actions.kind_of? Array
+        
+        _method = actions.delete(:method) || method
+        _method = _method.to_s
+        
+        _success = actions.delete(:success) || success
+        _failure = actions.delete(:failure) || failure
+        
+        negative = _method.gsub!(/^\!/, '') ? true : false
+        name = :"require_#{model}_permissions_#{rand}"
+        define_method(name) do
+          target = instance_variable_get("@#{model}")
+          return false unless target
+          condition = target.send(_method.to_sym, current_user)
+          condition = negative ? !condition : condition
+          if condition
+            instance_eval &_success
+          else
+            instance_eval &_failure
+          end
+          return condition
+        end
+        before_filter name, actions
+      end
+    end
+    
+    def require_visibility(options = {})
+      require_permissions({:method => :visible_to?}.merge(options))
+    end
+  end
+end
+
+
+ActionController::Base.send(:include, RequirePermissions)

data/test/require_permissions_test.rb

@@ -0,0 +1,66 @@
+require "test_helper"
+
+ActionController::Routing::Routes.draw do |map|
+  map.resources :photos, :has_many => :comments
+  map.connect ':controller/:action/:id'
+end
+
+class RequirePermissionsTest < ActionController::TestCase
+
+  class PhotosController < ActionController::Base
+    def show; render :inline => "ran action show" end
+    def edit; render :inline => "ran action edit" end
+  end
+
+  class CommentsController < ActionController::Base
+    require_permissions :comment => [:edit, :update, :destroy], :method => :editable_by?
+    require_permissions :photo => [:new, :create]
+    
+    def new; render :inline => "ran action new" end
+    def create; render :inline => "ran action create" end
+    def edit; render :inline => "ran action edit" end
+    def update; render :inline => "ran action update" end
+    def destroy; render :inline => "ran action destroy" end
+   end
+
+  context "Require permission lib" do
+    setup do
+      @options = {:photo => [:edit]}
+    end
+
+    should "call require_permission action" do
+      PhotosController.expects(:require_permissions).with(@options)
+      PhotosController.require_permissions(@options)
+    end
+
+    should "call require_permissions when call require_visibility action" do
+      PhotosController.expects(:require_permissions).with(@options.merge!(:method => :visible_to?))
+      PhotosController.require_visibility(@options)
+    end
+
+    should "call filter before" do
+      PhotosController.expects(:before_filter).once
+      PhotosController.require_permissions(@options)
+    end
+
+    should "be available in ActionController" do
+      options = {:photo => [:show]}
+      options.should == ActionController::Base.require_permissions(options)
+    end
+
+    should "call edit" do
+      assert_nothing_raised do
+        test_process(CommentsController, "edit")
+        @response.body.should == "ran action edit"
+      end
+    end
+  end
+
+  private
+    def test_process(controller, action = "show")
+      @controller = controller.is_a?(Class) ? controller.new : controller
+      @request = ActionController::TestRequest.new
+      @response = ActionController::TestResponse.new
+      process(action)
+    end
+end

data/test/test_helper.rb

@@ -0,0 +1,7 @@
+require 'rubygems'
+require 'action_controller'
+require 'action_controller/test_process'
+require File.dirname(__FILE__)+'/../lib/require_permissions'
+require 'shoulda'
+require 'mocha'
+require 'matchy'

data/uninstall.rb

@@ -0,0 +1 @@
+# Uninstall hook code here

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification 
+name: objectreload-permissions
+version: !ruby/object:Gem::Version 
+  version: 0.1.1
+platform: ruby
+authors: 
+- Mateusz Drozdzynski
+- Ewa Limanowka
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-12-01 00:00:00 +00:00
+default_executable: 
+dependencies: []
+
+description: 
+email: gems@objectreload.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README
+files: 
+- .gitignore
+- README
+- Rakefile
+- VERSION
+- init.rb
+- install.rb
+- lib/exceptions.rb
+- lib/require_permissions.rb
+- test/require_permissions_test.rb
+- test/test_helper.rb
+- uninstall.rb
+has_rdoc: true
+homepage: http://github.com/objectreload/permissions
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Simple way to add permissions to controllers.
+test_files: 
+- test/require_permissions_test.rb
+- test/test_helper.rb