permissable-coughdrop 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 19ade6f481f6b8b941fae5303f9421b74d233138
+  data.tar.gz: ecbc28394f26105e1e2f81e7068eca3ba4195ea2
+SHA512:
+  metadata.gz: 7e6da68d2af0b8b917a97f7e31a114273263bf5b6ab5894b8a6fad1dfd4bc0d76f5c4fc928635c8db894b6403442c34a724133de2dae153caf4272fdd81f781e
+  data.tar.gz: d7adf8bea302e6b82d81157cf22108bee45fe5a272eeca0e1c6acea178cab9e3179437fd2a71da22bcc25165f652db10f303fd36a30bdc111d373ffeedafc36e

data/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 CoughDrop
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the
+Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1 @@
+Permissions helper gem, used by multiple CoughDrop libraries

data/lib/permissable.rb

@@ -0,0 +1,157 @@
+require 'json'
+
+module Permissable
+  ALL_SCOPES = ['full']
+  def self.add_scope(str)
+    ALL_SCOPES.push(str)
+  end
+  
+  def self.set_redis(redis, cache_token)
+    @permissions_redis = redis
+    @cache_token = cache_token
+  end
+  
+  class FakeRedis
+    def setex(*args)
+      puts "REDIS NOT CONFIGURED, required by Permissable"
+      false
+    end
+    
+    def get(*args)
+      puts "REDIS NOT CONFIGURED, required by Permissable"
+      nil
+    end
+    
+    def del(*args)
+      puts "REDIS NOT CONFIGURED, required by Permissable"
+      false
+    end
+  end
+  
+  def self.permissions_redis
+    @permissions_redis ||= FakeRedis.new
+    @permissions_redis
+  end
+  
+  def self.cache_token
+    # used to quickly invalidate the entire cache
+    @cache_token ||= 'permissable_redis_cache_token'
+    @cache_token
+  end
+  
+  module InstanceMethods
+    def cache_key(prefix=nil)
+      id = self.id || 'nil'
+      updated = (self.updated_at || Time.now).to_f
+      key = "#{self.class.to_s}#{id}-#{updated}:#{Permissable.cache_token}"
+      if prefix
+        key = prefix + "/" + key
+      end
+      key
+    end
+    
+    def set_cached(prefix, data, expires=nil)
+      expires ||= 1800 # 30 minutes
+      Permissable.permissions_redis.setex(self.cache_key(prefix), expires, data.to_json)
+    end
+  
+    def get_cached(prefix)
+      cache_string = Permissable.permissions_redis.get(self.cache_key(prefix))
+      cache = nil
+      if cache_string
+        cache = JSON.parse(cache_string) rescue nil
+      end
+      cache
+    end
+  
+    def clear_cached(prefix)
+      Permissable.permissions_redis.del(self.cache_key(prefix))
+    end
+  
+    def allows?(user, action, relevant_scopes=nil)
+      relevant_scopes ||= self.class.default_permission_scopes
+      relevant_scopes += ['*']
+      if self.class.allow_cached_permissions
+        # check for an existing result keyed off the record's id and updated_at
+        permissions = permissions_for(user, relevant_scopes)
+        action.instance_variable_set('@scope_rejected', permissions[action] == false)
+      
+        return permissions[action] == true
+      end
+
+      scope_rejected = false    
+      self.class.permissions_lookup.each do |actions, block, allowed_scopes|
+        next unless actions.include?(action.to_s)
+        next if block.arity == 1 && !user
+        res = instance_exec(user, &block)
+        if res == true
+          if (allowed_scopes & relevant_scopes).length > 0
+            return true
+          else
+            scope_rejected = true
+          end
+        end
+      end
+      action.instance_variable_set('@scope_rejected', !!scope_rejected)
+      return false
+    end
+  
+    def permissions_for(user, relevant_scopes=nil)
+      relevant_scopes ||= self.class.default_permission_scopes
+      relevant_scopes += ['*']
+      if self.class.allow_cached_permissions
+        cache_key = (user && user.cache_key) || "nobody"
+        cache_key += "/scopes_#{relevant_scopes.join(',')}"
+        permissions = get_cached("permissions-for/#{cache_key}")
+        return permissions if permissions
+      end
+
+      granted_permissions = {
+        'user_id' => (user && user.global_id)
+      }
+      granted_permissions.with_indifferent_access if granted_permissions.respond_to?(:with_indifferent_access)
+      
+      self.class.permissions_lookup.each do |actions, block, allowed_scopes|
+        already_granted = granted_permissions.keys
+        next if block.arity == 1 && !user
+        next if actions - already_granted == []
+        if instance_exec(user, &block)
+          actions.each do |action|
+            if (allowed_scopes & relevant_scopes).length > 0
+              granted_permissions[action] = true
+            else
+              granted_permissions[action] ||= false
+            end
+          end
+        end
+      end
+      # cache the result with a 30-minute expiration keyed off the id and updated_at
+      set_cached("permissions-for/#{cache_key}", granted_permissions) if self.class.allow_cached_permissions
+      granted_permissions
+    end
+    
+    def self.included(base)
+      base.define_singleton_method(:included) do |klass|
+        klass.cattr_accessor :permissions_lookup
+        klass.cattr_accessor :allow_cached_permissions
+        klass.cattr_accessor :default_permission_scopes
+        klass.default_permission_scopes = ['full']
+        klass.permissions_lookup = []
+      end
+    end
+  end
+  
+  module ClassMethods
+    def cache_permissions
+      self.allow_cached_permissions = true
+    end
+    
+    def add_permissions(*actions, &block)
+      scopes = ['full']
+      if actions[-1].is_a?(Array)
+        scopes += actions.pop
+      end
+      self.permissions_lookup << [actions.map(&:to_s), block, scopes.sort.uniq]
+    end
+  end
+end

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification
+name: permissable-coughdrop
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Brian Whitmer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-10-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ruby-debug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Permissions helper gem, used by multiple CoughDrop libraries
+email: brian.whitmer@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE
+files:
+- LICENSE
+- README.md
+- lib/permissable.rb
+homepage: http://github.com/CoughDrop/permissable
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2
+signing_key: 
+specification_version: 4
+summary: Permissable
+test_files: []