RubyGems - pebblebed - Versions diffs - 0.0.42 → 0.0.43 - Mend

pebblebed 0.0.42 → 0.0.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/README.md CHANGED

@@ -49,13 +49,14 @@ This exception has the fields `status` and `message`.
 Other helper methods provided by this extension:
     part(partspec, params = {})             # Include a part from a kit (See https://github.com/benglerpebbles/kits)
-    parts_script_include_tags               # All script tags required by the kits
+    parts_script_include_tags               # All script tags required by the kits
     parts_stylesheet_include_tags           # All stylesheet-tags required by the kits
     current_session                         # The hash string that identifies the current browser session
     pebbles                                 # Common entrypoint for the Pebblebed::Connector
     current_identity                        # Returns the a DeepStruct record with the vital data for the current user
     require_identity                        # Halts with 403 if there is no current user
     require_god                             # Halts with 403 if the current user is not a god
+    require_access_to_path(path)            # Halts with 403 if the current user is not a member of a checkpoint access group with privileged access to that path
     require_parameters(parameters, *keys)   # Halts with 409 if the at least one of the provided keys is not in the params-hash
 ### Testing Sinatra APIs

data/lib/pebblebed/sinatra.rb CHANGED

@@ -85,6 +85,14 @@ module Sinatra
         halt 409, "missing parameters: #{missing.join(', ')}" unless missing.empty?
       end
+      def require_access_to_path(path)
+        require_identity
+        return if current_identity.god and path.split(".")[0] == current_identity.realm
+        res = pebbles.checkpoint.get("/identities/#{current_identity.id}/access_to/#{path}")
+        return if res['access'] and res['access']['granted'] == true
+        halt 403, "Access denied."
+      end
       def limit_offset_collection(collection, options)
         limit = (options[:limit] || 20).to_i
         offset = (options[:offset] || 0).to_i

data/lib/pebblebed/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Pebblebed
-  VERSION = "0.0.42"
+  VERSION = "0.0.43"
 end

data/spec/sinatra_spec.rb CHANGED

@@ -24,6 +24,11 @@ class TestApp < Sinatra::Base
     "You are logged in"
   end
+  get '/group' do
+    require_access_to_path("testrealm.specialgroup.123")
+    "You are granted access to this content"
+  end
   get '/root' do
     require_god
     "You are most powerful"
@@ -107,6 +112,48 @@ describe Sinatra::Pebblebed do
     end
   end
+  describe "with access groups control" do
+    let(:checkpoint) {
+      checkpoint = stub
+      checkpoint.stub!(:service_url => 'http://example.com')
+      checkpoint
+    }
+    context "as a guest" do
+      specify "not allowed" do
+        guest!
+        get '/group'
+        last_response.status.should == 403
+      end
+    end
+    context "as a god" do
+      specify "allowed without policy check" do
+        god!(:session => random_session)
+        get '/group'
+        last_response.body.should == "You are granted access to this content"
+      end
+    end
+    context "as user without grants" do
+      specify "is disallowed" do
+        user!
+        checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+        checkpoint.should_receive(:get).with("/identities/1/access_to/testrealm.specialgroup.123").and_return(DeepStruct.wrap(:access => {:granted => false}))
+        Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+        get '/group'
+        last_response.status.should == 403
+      end
+    end
+    context "as user with grants" do
+      specify "is allowed" do
+        user!
+        checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+        checkpoint.should_receive(:get).with("/identities/1/access_to/testrealm.specialgroup.123").and_return(DeepStruct.wrap(:access => {:granted => true}))
+        Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+        get '/group'
+        last_response.body.should == "You are granted access to this content"
+      end
+    end
+  end
   describe "error handling" do
     before(:each) { guest! }

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pebblebed
 version: !ruby/object:Gem::Version
-  version: 0.0.42
+  version: 0.0.43
   prerelease:
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-01-25 00:00:00.000000000 Z
+date: 2013-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70269360765760 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +22,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360765760
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70269360765140 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -33,10 +38,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360765140
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: simplecov
-  requirement: &70269360764520 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -44,10 +54,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360764520
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sinatra
-  requirement: &70269360763860 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -55,10 +70,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360763860
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack-test
-  requirement: &70269360763420 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -66,10 +86,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360763420
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: memcache_mock
-  requirement: &70269360762920 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -77,10 +102,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70269360762920
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: deepstruct
-  requirement: &70269360778520 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -88,10 +118,15 @@ dependencies:
         version: 0.0.4
   type: :runtime
   prerelease: false
-  version_requirements: *70269360778520
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.0.4
 - !ruby/object:Gem::Dependency
   name: curb
-  requirement: &70269360777860 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -99,10 +134,15 @@ dependencies:
         version: 0.7.14
   type: :runtime
   prerelease: false
-  version_requirements: *70269360777860
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.7.14
 - !ruby/object:Gem::Dependency
   name: yajl-ruby
-  requirement: &70269360777480 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -110,10 +150,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360777480
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: queryparams
-  requirement: &70269360777020 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -121,10 +166,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360777020
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: futurevalue
-  requirement: &70269360776580 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -132,10 +182,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360776580
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pathbuilder
-  requirement: &70269360776120 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -143,10 +198,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360776120
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: nokogiri
-  requirement: &70269360775660 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -154,10 +214,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360775660
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: i18n
-  requirement: &70269360775220 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -165,10 +230,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360775220
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activesupport
-  requirement: &70269360774760 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -176,10 +246,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360774760
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bunny
-  requirement: &70269360774320 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -187,7 +262,12 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70269360774320
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Development tools for working with Pebblebed
 email:
 - katrina@bengler.no
@@ -247,15 +327,21 @@ required_ruby_version: !ruby/object:Gem::Requirement
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
+      segments:
+      - 0
+      hash: -4488871030272884545
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
+      segments:
+      - 0
+      hash: -4488871030272884545
 requirements: []
 rubyforge_project: pebblebed
-rubygems_version: 1.8.15
+rubygems_version: 1.8.25
 signing_key:
 specification_version: 3
 summary: Development tools for working with Pebblebed
@@ -274,4 +360,3 @@ test_files:
 - spec/sinatra_spec.rb
 - spec/spec_helper.rb
 - spec/uid_spec.rb
-has_rdoc: