platanus 0.0.30 → 0.0.31

Sign up to get free protection for your applications and to get access to all the features.
@@ -94,19 +94,78 @@ module Platanus
94
94
  # TODO: example
95
95
  class Profile
96
96
 
97
- attr_reader :rules
98
- attr_reader :def_matcher
99
- attr_reader :def_resource
97
+ def is_avaliable()
98
+ return @shared.all? do |rule|
99
+ rule_ctx = RuleContext.new _ctx, _tests, @def_matcher, @def_resource
100
+ rule_ctx.instance_eval(&rule)
101
+ rule_ctx.passed?
102
+ end
103
+ end
104
+
105
+ def is_forbidden()
106
+ # TODO: local forbids
107
+ end
108
+
109
+ def is_allowed()
110
+ end
111
+
112
+ def
113
+
114
+ def allowance_for(_ctx, _action, _tests)
115
+
116
+ # all shared rules must pass
117
+ return :not_applicable unless @shared.all? do |rule|
118
+ rule_ctx = RuleContext.new _ctx, _tests, @def_matcher, @def_resource
119
+ rule_ctx.instance_eval(&rule)
120
+ rule_ctx.passed?
121
+ end
122
+
123
+ # TODO: local forbids
124
+
125
+ # process base profile
126
+ unless @base.nil?
127
+ result = @base.process _ctx, _action, _tests
128
+ return result if result == :not_applicable or result == :forbidden
129
+ matches << resu
130
+ end
131
+
132
+ # process subprofiles
133
+ if @isolated.each do |profile|
134
+ result = profile.process _ctx, _action, _tests
135
+ return :forbidden if result == :forbidden
136
+ result = :allowed if result == :allowed
137
+ end
138
+
139
+ # see if any of the registered rules pass
140
+ return :allowed if @rules[_action].any? do |rule|
141
+ rule_ctx = RuleContext.new _ctx, _tests, @def_matcher, @def_resource
142
+ rule_ctx.instance_eval(&rule)
143
+ rule_ctx.passed?
144
+ end
145
+
146
+ return :not_allowed
147
+ end
100
148
 
101
149
  # The initializer takes another profile as rules base.
102
- def initialize(_base, _def_matcher, _def_resource)
150
+ def initialize(_def_matcher, _def_resource, _base=nil)
151
+ @base = _base
103
152
  @rules = Hash.new { |h, k| h[k] = [] }
104
- _base.rules.each { |k, tests| @rules[k] = tests.clone } unless _base.nil?
153
+ @isolated = []
154
+ @shared = []
155
+
105
156
  raise Error.new 'Must provide a default test' if _def_matcher.nil?
106
157
  @def_matcher = _def_matcher
107
158
  @def_resource = _def_resource
108
159
  end
109
160
 
161
+ def always(_upon=nil, &_block)
162
+ @shared << (_upon || _block)
163
+ end
164
+
165
+ def isolate(_options={}, &_block)
166
+ @isolated << Profile.new _options.fetch(, @def_matcher), _options.fetch(, @def_resource)
167
+ end
168
+
110
169
  ## Adds an "allowance" rule
111
170
  def allow(_action, _upon=nil, &_block)
112
171
  @rules[_action] << (_upon || _block)
@@ -117,11 +176,6 @@ module Platanus
117
176
  # TODO
118
177
  end
119
178
 
120
- ## Clear all rules related to an action
121
- def clear(_action)
122
- @rules[_action] = []
123
- end
124
-
125
179
  ## SHORT HAND METHODS
126
180
 
127
181
  def upon(_expr=nil, &_block)
@@ -195,6 +249,16 @@ module Platanus
195
249
  @def_matcher = _def_matcher
196
250
  end
197
251
 
252
+ ## Test whether the current action matches a list of actions
253
+ def action_is(*_actions)
254
+ _actions.any? { |a| a.to_s == @ctx.action_name }
255
+ end
256
+
257
+ ## Test whether the current action is no in list of actions
258
+ def action_is_not(*_actions)
259
+ !_actions.any? { |a| a.to_s == @ctx.action_name }
260
+ end
261
+
198
262
  ## Tests for a match between one of the request's parameters and a resource expression.
199
263
  #
200
264
  # **IMPORTANT** if no resource is provided the current controller instance is used instead.
@@ -5,7 +5,7 @@
5
5
  class JSONSym
6
6
 
7
7
  def self.load(_str)
8
- return nil if _str.nil?
8
+ return nil if _str.nil? or str == "null"
9
9
  MultiJson.load(_str, symbolize_keys: true)
10
10
  end
11
11
 
@@ -1,3 +1,3 @@
1
1
  module Platanus
2
- VERSION = "0.0.30" # 0.1 will come with tests!
2
+ VERSION = "0.0.31" # 0.1 will come with tests!
3
3
  end
data/spec/canned2_spec.rb CHANGED
@@ -17,10 +17,12 @@ describe Platanus::Canned2 do
17
17
  class DummyCtx
18
18
 
19
19
  attr_reader :params
20
+ attr_reader :action_name
20
21
  attr_reader :current_user
21
22
 
22
- def initialize(_user, _params={})
23
+ def initialize(_user, _action_name=nil, _params={})
23
24
  @current_user = _user
25
+ @action_name = _action_name
24
26
  @params = _params
25
27
  end
26
28
  end
@@ -40,6 +42,7 @@ describe Platanus::Canned2 do
40
42
  allow 'rute1#action3', upon { same(:char1, key: "current_user.char1") }
41
43
  allow 'rute1#action4', upon(:current_user) { same(:param2, key: "char2") and checks(:test1) }
42
44
  allow 'rute1#action5', upon(:current_user) { passes { current_user.char2 == params[:param2] } }
45
+ allow 'rute2', upon(:current_user) { same(:char1) and action_is_not(:create) }
43
46
 
44
47
  # Complex routes
45
48
  allow 'rute1#action5' do
@@ -49,8 +52,8 @@ describe Platanus::Canned2 do
49
52
  end
50
53
  end
51
54
 
52
- let(:good_ctx) { DummyCtx.new(DummyUsr.new(10, "200"), char1: '10', param2: '200') }
53
- let(:bad_ctx) { DummyCtx.new(DummyUsr.new(10, 30), char1: '10', param2: '200') }
55
+ let(:good_ctx) { DummyCtx.new(DummyUsr.new(10, "200"), 'create', char1: '10', param2: '200') }
56
+ let(:bad_ctx) { DummyCtx.new(DummyUsr.new(10, 30), 'create', char1: '10', param2: '200') }
54
57
 
55
58
  describe "._run" do
56
59
  context 'when using single context rules' do
@@ -73,6 +76,9 @@ describe Platanus::Canned2 do
73
76
  it "does authorize on rute with context and inline test" do
74
77
  Roles.can?(good_ctx, :user, 'rute1#action5').should be_true
75
78
  end
79
+ it "does not authorize on rute with context, match and action_is_not" do
80
+ Roles.can?(good_ctx, :user, 'rute2').should be_false
81
+ end
76
82
  end
77
83
 
78
84
  context 'when using multiple context rules' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: platanus
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.30
4
+ version: 0.0.31
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-10-30 00:00:00.000000000 Z
12
+ date: 2012-11-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multi_json