RubyGems - pebblebed - Versions diffs - 0.0.45 → 0.0.46 - Mend

pebblebed 0.0.45 → 0.0.46

Files changed (5) hide show

data/README.md CHANGED Viewed

@@ -48,17 +48,17 @@ This exception has the fields `status` and `message`.
 Other helper methods provided by this extension:
-    part(partspec, params = {})             # Include a part from a kit (See https://github.com/benglerpebbles/kits)
-    parts_script_include_tags               # All script tags required by the kits
-    parts_stylesheet_include_tags           # All stylesheet-tags required by the kits
-    current_session                         # The hash string that identifies the current browser session
-    pebbles                                 # Common entrypoint for the Pebblebed::Connector
-    current_identity                        # Returns the a DeepStruct record with the vital data for the current user
-    require_identity                        # Halts with 403 if there is no current user
-    require_god                             # Halts with 403 if the current user is not a god
-    require_access_to_path(path)            # Halts with 403 if the current user is not a member of a checkpoint access group with privileged access to that path
-    require_action_allowed(action, uid)     # Halts with 403 if the current user is not allowed by checkpoint to perform this action for that uid
-    require_parameters(parameters, *keys)   # Halts with 409 if the at least one of the provided keys is not in the params-hash
+    part(partspec, params = {})                       # Include a part from a kit (See https://github.com/benglerpebbles/kits)
+    parts_script_include_tags                         # All script tags required by the kits
+    parts_stylesheet_include_tags                     # All stylesheet-tags required by the kits
+    current_session                                   # The hash string that identifies the current browser session
+    pebbles                                           # Common entrypoint for the Pebblebed::Connector
+    current_identity                                  # Returns the a DeepStruct record with the vital data for the current user
+    require_identity                                  # Halts with 403 if there is no current user
+    require_god                                       # Halts with 403 if the current user is not a god
+    require_access_to_path(path)                      # Halts with 403 if the current user is not a member of a checkpoint access group with privileged access to that path
+    require_action_allowed(action, uid, options={})   # Halts with 403 if the current user is not allowed by checkpoint to perform this action for that uid. If a response :allowed => "default" (no policy found) is returned from checkpoint, options[:default] => [bool] is evaluated. options[:default] => true will allow the action on 'default'. Bool false will halt by 403. If no options is given, the method will halt 403 on everything but true.
+    require_parameters(parameters, *keys)             # Halts with 409 if the at least one of the provided keys is not in the params-hash
 ### Testing Sinatra APIs

data/lib/pebblebed/sinatra.rb CHANGED Viewed

@@ -93,12 +93,13 @@ module Sinatra
         halt 403, "Access denied."
       end
-      def require_action_allowed(action, uid)
+      def require_action_allowed(action, uid, options={})
         require_identity
         uid = ::Pebblebed::Uid.new(uid) if uid.is_a?(String)
         return if current_identity.god and uid.path.split(".")[0] == current_identity.realm
         res = pebbles.checkpoint.get("/callbacks/allowed/#{action}/#{uid}")
-        return res['allowed'] if res['allowed']
+        return res['allowed'] if res['allowed'] == true or
+          (res['allowed'] == "default" and options[:default])
         halt 403, ":#{action} denied for #{uid} : #{res['reason']}"
       end

data/lib/pebblebed/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Pebblebed
-  VERSION = "0.0.45"
+  VERSION = "0.0.46"
 end

data/spec/sinatra_spec.rb CHANGED Viewed

@@ -39,6 +39,16 @@ class TestApp < Sinatra::Base
     "You are creative"
   end
+  post '/create2/:uid' do |uid|
+    require_action_allowed(:create, uid, :default => false)
+    "You are creative"
+  end
+  post '/create3/:uid' do |uid|
+    require_action_allowed(:create, uid, :default => true)
+    "You are creative"
+  end
   get '/nonexistant' do
     raise Pebblebed::HttpNotFoundError, "Not found /nonexistant"
   end
@@ -199,6 +209,36 @@ describe Sinatra::Pebblebed do
         post '/create/post.foo:testrealm'
         last_response.body.should == "You are creative"
       end
+      context "with options[:default] => false" do
+        specify "is disallowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create2/post.foo:testrealm'
+          last_response.status.should == 403
+        end
+      end
+      context "with no options given and allowed = default" do
+        specify "is disallowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create/post.foo:testrealm'
+          last_response.status.should == 403
+        end
+      end
+      context "with options[:default] => true" do
+        specify "is allowed" do
+          user!
+          checkpoint.should_receive(:get).with("/identities/me").and_return(DeepStruct.wrap(:identity => {:realm => 'testrealm', :id => 1, :god => false}))
+          checkpoint.should_receive(:get).with("/callbacks/allowed/create/post.foo:testrealm").and_return(DeepStruct.wrap(:allowed => "default"))
+          Pebblebed::Connector.any_instance.stub(:checkpoint => checkpoint)
+          post '/create3/post.foo:testrealm'
+          last_response.body.should == "You are creative"
+        end
+      end
     end
   end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pebblebed
 version: !ruby/object:Gem::Version
-  version: 0.0.45
+  version: 0.0.46
   prerelease:
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-02-13 00:00:00.000000000 Z
+date: 2013-02-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -329,7 +329,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 237012637135084967
+      hash: 1194197050294638142
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -338,7 +338,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 237012637135084967
+      hash: 1194197050294638142
 requirements: []
 rubyforge_project: pebblebed
 rubygems_version: 1.8.25