RubyGems - pebblebed - Versions diffs - 0.0.45 → 0.0.46 - Mend

pebblebed 0.0.45 → 0.0.46

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/README.md CHANGED Viewed

@@ -48,17 +48,17 @@ This exception has the fields `status` and `message`.
 Other helper methods provided by this extension:
-    part(partspec, params = {})             # Include a part from a kit (See https://github.com/benglerpebbles/kits)
-    parts_script_include_tags               # All script tags required by the kits
-    parts_stylesheet_include_tags           # All stylesheet-tags required by the kits
-    current_session                         # The hash string that identifies the current browser session
-    pebbles                                 # Common entrypoint for the Pebblebed::Connector
-    current_identity                        # Returns the a DeepStruct record with the vital data for the current user
-    require_identity                        # Halts with 403 if there is no current user
-    require_god                             # Halts with 403 if the current user is not a god
-    require_access_to_path(path)            # Halts with 403 if the current user is not a member of a checkpoint access group with privileged access to that path
-    require_action_allowed(action, uid)     # Halts with 403 if the current user is not allowed by checkpoint to perform this action for that uid
-    require_parameters(parameters, *keys)   # Halts with 409 if the at least one of the provided keys is not in the params-hash
+    part(partspec, params = {})                       # Include a part from a kit (See https://github.com/benglerpebbles/kits)
+    parts_script_include_tags                         # All script tags required by the kits
+    parts_stylesheet_include_tags                     # All stylesheet-tags required by the kits
+    current_session                                   # The hash string that identifies the current browser session
+    pebbles                                           # Common entrypoint for the Pebblebed::Connector
+    current_identity                                  # Returns the a DeepStruct record with the vital data for the current user
+    require_identity                                  # Halts with 403 if there is no current user
+    require_god                                       # Halts with 403 if the current user is not a god
+    require_access_to_path(path)                      # Halts with 403 if the current user is not a member of a checkpoint access group with privileged access to that path
+    require_action_allowed(action, uid, options={})   # Halts with 403 if the current user is not allowed by checkpoint to perform this action for that uid. If a response :allowed => "default" (no policy found) is returned from checkpoint, options[:default] => [bool] is evaluated. options[:default] => true will allow the action on 'default'. Bool false will halt by 403. If no options is given, the method will halt 403 on everything but true.
+    require_parameters(parameters, *keys)             # Halts with 409 if the at least one of the provided keys is not in the params-hash
 ### Testing Sinatra APIs

data/lib/pebblebed/sinatra.rb CHANGED Viewed

@@ -93,12 +93,13 @@ module Sinatra
         halt 403, "Access denied."
       end
-      def require_action_allowed(action, uid)
+      def require_action_allowed(action, uid, options={})
         require_identity
         uid = ::Pebblebed::Uid.new(uid) if uid.is_a?(String)
         return if current_identity.god and uid.path.split(".")[0] == current_identity.realm
         res = pebbles.checkpoint.get("/callbacks/allowed/#{action}/#{uid}")
-        return res['allowed'] if res['allowed']
+        return res['allowed'] if res['allowed'] == true or
+          (res['allowed'] == "default" and options[:default])
         halt 403, ":#{action} denied for #{uid} : #{res['reason']}"
       end

data/lib/pebblebed/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Pebblebed
-  VERSION = "0.0.45"
+  VERSION = "0.0.46"
 end

data/spec/sinatra_spec.rb CHANGED Viewed

@@ -39,6 +39,16 @@ class TestApp < Sinatra::Base
     "You are creative"
   end
+  post '/create2/:uid' do |uid|
+    require_action_allowed(:create, uid, :default => false)
+    "You are creative"
+  end
+  post '/create3/:uid' do |uid|
+    require_action_allowed(:create, uid, :default => true)
+    "You are creative"
+  end
   get '/nonexistant' do
     raise Pebblebed::HttpNotFoundError, "Not found /nonexistant"
   end
@@ -199,6 +209,36 @@ describe Sinatra::Pebblebed do
         post '/create/post.foo:testrealm'
         last_response.body.should == "You are creative"
       end
+      context "with options[:default] => false" do
+        specify "is disallowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create2/post.foo:testrealm'
+          last_response.status.should == 403
+        end
+      end
+      context "with no options given and allowed = default" do
+        specify "is disallowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create/post.foo:testrealm'
+          last_response.status.should == 403
+        end
+      end
+      context "with options[:default] => true" do
+        specify "is allowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create3/post.foo:testrealm'
+          last_response.body.should == "You are creative"
+        end
+      end
     end
   end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pebblebed
 version: !ruby/object:Gem::Version
-  version: 0.0.45
+  version: 0.0.46
   prerelease:
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-02-13 00:00:00.000000000 Z
+date: 2013-02-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -329,7 +329,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 237012637135084967
+      hash: 1194197050294638142
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -338,7 +338,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 237012637135084967
+      hash: 1194197050294638142
 requirements: []
 rubyforge_project: pebblebed
 rubygems_version: 1.8.25