permissions 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9bfba6131fb8f4d043ee8d5583def68e610231d8
+  data.tar.gz: 5eb1358ab58b09ee5517b437d5c8d1904bafd4b2
+SHA512:
+  metadata.gz: 36d2667cd3358117d81dea70dd07c7815d7bc7f4f26f70eb34fd0c9cbea75ac6d21000903362fa4f1870daa82a207414a34795e4b926179ea870e0a9765c0f45
+  data.tar.gz: 945e45848d83d5fdb589d23227dfb3bd99f3f0baaad31129bc55df45aeebe3c8edc119c0ebdfbd8e8b8803aee2d2ecd14d79ea9001264635b5b6b22a50e4d9f7

data/.gitignore

@@ -0,0 +1 @@
+.gs/

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,21 @@
+PATH
+  remote: .
+  specs:
+    permissions (0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    clap (1.0.0)
+    cutest (1.2.3)
+      clap
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  cutest
+  permissions!
+
+BUNDLED WITH
+   1.15.1

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Steven Weiss
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,70 @@
+# Permissions
+
+A small library for adding permissions to an application for authorization.
+
+## Installation
+
+`gem install permissions`
+
+## Usage
+
+### API
+
+`for(*keys, &block)`: Creates a permission with the given block for each key.
+
+`authorize?(key, *args)`: Runs permission block for key with args.
+
+`deep_dup`: Copies permissions to a new object.
+
+#### Authorizable
+
+`permissions`: Must be implemented by your application.
+
+`authorize_for?(key, *args)` Based off the implemented permissions, calls block with args for the given key.
+
+### Example
+
+```ruby
+require 'permissions'
+
+class User
+  include Permissions::Authorizable
+
+  def initialize(permissions)
+    @permissions = permissions
+  end
+
+  # Authorizables must provide their own implementation of "permissions".
+  # An attr_reader would do.
+  def permissions
+    @permissions
+  end
+end
+
+class Command
+  attr_reader :user
+
+  def initialize(user)
+    @user = user
+  end
+
+  # Not provided by the library. An advanced example
+  # on how to authorize things like: "Does an object
+  # belong to a particular user?"
+  def authorize?(other)
+    other.authorize_for?(self.class, self)
+  end
+end
+
+permissions = Permissions.new
+
+permissions.for(Command) { |user, command| user == command.user }
+
+user = User.new(permissions)
+
+command = Command.new(user)
+
+command.authorize?(user) # true
+```
+
+More examples can be found by in the tests.

data/Rakefile

@@ -0,0 +1,9 @@
+task :install do
+  sh 'mkdir -p .gs & gs bundle install --system'
+end
+
+task :test, :file_name do |t, args|
+  file_name = args[:file_name] || '*'
+
+  sh "gs cutest -r ./test/#{file_name}_test.rb"
+end

data/lib/permissions.rb

@@ -0,0 +1,37 @@
+class Permissions
+  VERSION = '0.1.0'
+
+  module Authorizable
+    def permissions
+      raise NotImplementedError
+    end
+
+    def authorize_for?(key, *args)
+      permissions.authorize?(key, self, *args)
+    end
+  end
+
+  attr_reader :permissions, :default
+
+  def initialize(permissions = {}, &default)
+    @permissions = permissions
+
+    if block_given?
+      @default = default
+    else
+      @default = lambda { false }
+    end
+  end
+
+  def for(*keys, &block)
+    keys.each { |key| permissions[key] = block }
+  end
+
+  def authorize?(key, *args)
+    permissions.fetch(key, default).call(*args)
+  end
+
+  def deep_dup
+    Permissions.new({}.merge(permissions)) { default }
+  end
+end

data/permissions.gemspec

@@ -0,0 +1,14 @@
+require_relative "./lib/permissions"
+
+Gem::Specification.new do |s|
+  s.name     = "permissions"
+  s.summary  = "Permissions"
+  s.version  = Permissions::VERSION
+  s.authors  = ["Steve Weiss"]
+  s.email    = ["weissst@mail.gvsu.edu"]
+  s.homepage = "https://github.com/sirscriptalot/permissions"
+  s.license  = "MIT"
+  s.files    = `git ls-files`.split("\n")
+
+  s.add_development_dependency "cutest"
+end

data/test/permissions_test.rb

@@ -0,0 +1,131 @@
+require_relative '../lib/permissions'
+
+class User
+  include Permissions::Authorizable
+
+  def initialize(permissions)
+    @permissions = permissions
+  end
+
+  # Authorizables must provide their own implementation of "permissions".
+  # An attr_reader would do.
+  def permissions
+    @permissions
+  end
+end
+
+class Command
+  attr_reader :user
+
+  def initialize(user)
+    @user = user
+  end
+
+  # Not provided by the library. An advanced example
+  # on how to authorize things like: "Does an object
+  # belong to a particular user?"
+  def authorize?(other)
+    other.authorize_for?(self.class, self)
+  end
+end
+
+class Create < Command
+  def execute
+    'Create something...'
+  end
+end
+
+class Update < Command
+  def execute
+    'Update something...'
+  end
+end
+
+class Delete < Command
+  def execute
+    'Delete something...'
+  end
+end
+
+def assert_authorize_for(user, subject)
+  assert user.authorize_for?(subject), "#{user} is not authorized for #{subject}, it should be"
+end
+
+def refute_authorize_for(user, subject)
+  assert !user.authorize_for?(subject), "#{user} is authorized for #{subject}, it should not be"
+end
+
+def assert_authorize(subject, user)
+  assert subject.authorize?(user), "#{subject} does not authorize #{user}, it should"
+end
+
+def refute_authorize(subject, user)
+  assert !subject.authorize?(user), "#{subject} does authorize #{user}, it should not"
+end
+
+# Create a Permissions object.
+guest_permissions = Permissions.new
+
+# Create permissions, guests are allowed to execute Create.
+guest_permissions.for(Create) { true }
+
+# Guests cannot Update or Delete, this is also the default permission.
+guest_permissions.for(Update, Delete) { false }
+
+# As a convenience, deep_dup lets you copy existing permissions.
+member_permissions = guest_permissions.deep_dup
+
+# Users are allowed to update if they "own" the subject.
+member_permissions.for(Update, Delete) { |user, command| user == command.user }
+
+# Specify a custom default permissions to allow admins to do everything.
+admin_permissions = Permissions.new { true }
+
+guest = User.new(guest_permissions)
+
+member = User.new(member_permissions)
+
+admin = User.new(admin_permissions)
+
+member_update = Update.new(member) # Commands with "ownership".
+
+member_delete = Delete.new(member)
+
+admin_update = Update.new(admin)
+
+admin_delete = Delete.new(admin)
+
+test '#authorize_for?' do
+  # Guest
+  assert_authorize_for guest, Create
+  refute_authorize_for guest, Update
+  refute_authorize_for guest, Delete
+
+  # Member
+  assert_authorize_for member, Create
+  assert_authorize_for admin, Create
+
+  # Admin
+  assert_authorize_for admin, Update
+  assert_authorize_for admin, Delete
+end
+
+test '#authorize?' do
+  # Guest
+  refute_authorize member_update, guest
+  refute_authorize member_delete, guest
+  refute_authorize admin_update, guest
+  refute_authorize admin_delete, guest
+
+  # Member
+  assert_authorize member_update, member
+  assert_authorize member_delete, member
+  refute_authorize admin_update, member
+  refute_authorize admin_delete, member
+
+  # Admin
+  assert_authorize member_update, admin
+  assert_authorize member_delete, admin
+  assert_authorize admin_update, admin
+  assert_authorize admin_delete, admin
+end

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification
+name: permissions
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Steve Weiss
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-08-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: cutest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- weissst@mail.gvsu.edu
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- lib/permissions.rb
+- permissions.gemspec
+- test/permissions_test.rb
+homepage: https://github.com/sirscriptalot/permissions
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.11
+signing_key: 
+specification_version: 4
+summary: Permissions
+test_files: []