rend-acl 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/Changelog.md +27 -0
- data/lib/rend/acl.rb +183 -41
- data/lib/rend/acl/assertion.rb +24 -0
- data/lib/rend/acl/mock_assertion.rb +28 -0
- data/lib/rend/acl/version.rb +1 -1
- data/rend-acl.gemspec +2 -1
- data/test/test_acl.rb +187 -106
- metadata +24 -5
data/Changelog.md
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
# Change Log
|
2
|
+
|
3
|
+
### Version 0.0.4 - June 11th, 2013
|
4
|
+
|
5
|
+
* Assertions
|
6
|
+
* Implemented ported test coverage for this feature.
|
7
|
+
* Implemented "Assertion" feature that exists in the original Zend_Acl library.
|
8
|
+
|
9
|
+
* Added a generic `acl.add!()` method which enables many intuitive ways to add Roles and Resources to the ACL.
|
10
|
+
* See [Documentation In Code](https://github.com/veloper/rend-acl/blob/master/lib/rend/acl.rb#L51-L76) for usage examples.
|
11
|
+
|
12
|
+
* Added ability to me a bit more explicit with the following methods...
|
13
|
+
* `.allow!()`
|
14
|
+
* `.remove_allow!()`
|
15
|
+
* `.deny!()`
|
16
|
+
* `.remove_deny!()`
|
17
|
+
* `.allowed?()`
|
18
|
+
|
19
|
+
... using hash with the options of ...
|
20
|
+
|
21
|
+
* `:role`
|
22
|
+
* `:resource`
|
23
|
+
* `:prilvilege`
|
24
|
+
* `:assertion` -- _Not utilized in `.allowed?()` method._
|
25
|
+
|
26
|
+
### Version <= 0.0.3
|
27
|
+
* Initial Port
|
data/lib/rend/acl.rb
CHANGED
@@ -4,6 +4,7 @@ require 'rend/acl/version'
|
|
4
4
|
require 'rend/acl/exception'
|
5
5
|
require 'rend/acl/role'
|
6
6
|
require 'rend/acl/resource'
|
7
|
+
require 'rend/acl/assertion'
|
7
8
|
|
8
9
|
module Rend
|
9
10
|
class Acl
|
@@ -36,7 +37,8 @@ module Rend
|
|
36
37
|
:all_resources => {
|
37
38
|
:all_roles => {
|
38
39
|
:all_privileges => {
|
39
|
-
:type
|
40
|
+
:type => TYPE_DENY,
|
41
|
+
:assertion => nil
|
40
42
|
},
|
41
43
|
:by_privilege_id => {}
|
42
44
|
},
|
@@ -46,6 +48,62 @@ module Rend
|
|
46
48
|
}
|
47
49
|
end
|
48
50
|
|
51
|
+
# Adds Roles & Resources in various ways.
|
52
|
+
#
|
53
|
+
# - Roles
|
54
|
+
# - Arguments
|
55
|
+
# .add! Rend::Acl::Role.new("editor") # Single Role
|
56
|
+
# .add! Rend::Acl::Role.new("editor"), 'guest' # Single Role w/ Single Inheritance
|
57
|
+
# .add! Rend::Acl::Role.new("editor"), ['guest', 'contributor'] # Single Role w/ Multiple Inheritance
|
58
|
+
# - Hash
|
59
|
+
# .add! :role => 'editor' # Single Role
|
60
|
+
# .add! :role => {'editor' => 'guest'} # Single Role w/ Single Inheritance
|
61
|
+
# .add! :role => {'editor' => ['guest', 'contributor']} # Single Role w/ Multiple Inheritance
|
62
|
+
# .add! :role => ['guest', 'editor'] # Multiple Roles
|
63
|
+
# .add! :role => ['guest', 'contributor', {'editor' => 'guest'}] # Multiple Roles w/ Single Inheritance
|
64
|
+
# .add! :role => ['guest', 'contributor', {'editor' => ['guest', 'contributor']}] # Multiple Roles w/ Multiple Inheritance
|
65
|
+
# - Resources
|
66
|
+
# - Arguments
|
67
|
+
# .add! Rend::Acl::Resource.new("city") # Single Resource
|
68
|
+
# .add! Rend::Acl::Resource.new("building"), 'city' # Single Resource w/ Inheritance
|
69
|
+
# - Hash
|
70
|
+
# .add! :resource => 'city' # Single Resource
|
71
|
+
# .add! :resource => {'building' => 'city'} # Single Resource w/ Inheritance
|
72
|
+
# .add! :resource => ['city', 'building'] # Multiple Resources
|
73
|
+
# .add! :resource => ['city', 'building', {'building' => 'city'}] # Multiple Resources w/ Inheritance
|
74
|
+
# - Combined Roles & Resources
|
75
|
+
# .add! :role => ['guest', {'editor' => 'guest'}], :resource => ['city', {'building' => 'city'}]
|
76
|
+
#
|
77
|
+
def add!(*args)
|
78
|
+
raise ArgumentError, "wrong number of arguments(0 for 1..2)" if args.empty?
|
79
|
+
method_args = {:role => [], :resource => []}
|
80
|
+
case args[0]
|
81
|
+
when Rend::Acl::Role then method_args[:role] << args
|
82
|
+
when Rend::Acl::Resource then method_args[:resource] << args
|
83
|
+
when Hash
|
84
|
+
args[0].each do |key, value|
|
85
|
+
if [:role, :resource].include?(key.to_sym)
|
86
|
+
case value
|
87
|
+
when String then method_args[key] << value
|
88
|
+
when Hash then method_args[key] << value.flatten
|
89
|
+
when Array then value.each {|x| method_args[key] << (x.is_a?(Hash) ? x.flatten : x) }
|
90
|
+
else
|
91
|
+
raise Rend::Acl::Exception, "Invalid value (#{value.inspect}) for key (#{key.to_s}) in options hash."
|
92
|
+
end
|
93
|
+
else
|
94
|
+
raise Rend::Acl::Exception, "Invalid key (#{key.to_s}) in options hash."
|
95
|
+
end
|
96
|
+
end
|
97
|
+
else
|
98
|
+
raise Rend::Acl::Exception, "First argument is not an instance of Rend::Acl::Role, Rend::Acl::Resource, or Hash."
|
99
|
+
end
|
100
|
+
method_args.each do |type, arguments|
|
101
|
+
method = "add_#{type.to_s}!".to_sym
|
102
|
+
arguments.each {|args| send(method, *args)}
|
103
|
+
end
|
104
|
+
self
|
105
|
+
end
|
106
|
+
|
49
107
|
# Adds a Role having an identifier unique to the registry
|
50
108
|
#
|
51
109
|
# The parents parameter may be a reference to, or the string identifier for,
|
@@ -61,7 +119,7 @@ module Rend
|
|
61
119
|
#
|
62
120
|
# @param Rend::Acl::Role|string role
|
63
121
|
# @param Rend::Acl::Role|string|array parents
|
64
|
-
# @uses Rend::Acl::Role::Registry::add
|
122
|
+
# @uses Rend::Acl::Role::Registry::add!()
|
65
123
|
# @return Rend::Acl Provides a fluent interface
|
66
124
|
def add_role!(role, parents = nil)
|
67
125
|
role = Rend::Acl::Role.new(role) if role.is_a?(String)
|
@@ -88,7 +146,7 @@ module Rend
|
|
88
146
|
# @param Rend::Acl::Role|string role
|
89
147
|
# @uses Rend::Acl::Role::Registry::has?()
|
90
148
|
# @return boolean
|
91
|
-
def
|
149
|
+
def role?(role)
|
92
150
|
role_registry.has?(role)
|
93
151
|
end
|
94
152
|
|
@@ -175,7 +233,7 @@ module Rend
|
|
175
233
|
|
176
234
|
resource_id = resource.id
|
177
235
|
|
178
|
-
raise Rend::Acl::Exception, "Resource id 'resource_id' already exists in the ACL" if
|
236
|
+
raise Rend::Acl::Exception, "Resource id 'resource_id' already exists in the ACL" if resource?(resource_id)
|
179
237
|
|
180
238
|
resource_parent = nil
|
181
239
|
|
@@ -203,7 +261,7 @@ module Rend
|
|
203
261
|
|
204
262
|
def resource!(resource)
|
205
263
|
resource_id = (resource.class <= Rend::Acl::Resource) ? resource.id : resource.to_s
|
206
|
-
raise Rend::Acl::Exception, "Resource 'resource_id' not found" unless
|
264
|
+
raise Rend::Acl::Exception, "Resource 'resource_id' not found" unless resource?(resource)
|
207
265
|
@_resources[resource_id][:instance]
|
208
266
|
end
|
209
267
|
|
@@ -213,7 +271,7 @@ module Rend
|
|
213
271
|
#
|
214
272
|
# @param Rend::Acl::Resource|string resource
|
215
273
|
# @return boolean
|
216
|
-
def
|
274
|
+
def resource?(resource)
|
217
275
|
resource_id = (resource.class <= Rend::Acl::Resource) ? resource.id : resource.to_s
|
218
276
|
@_resources.keys.include?(resource_id)
|
219
277
|
end
|
@@ -228,7 +286,7 @@ module Rend
|
|
228
286
|
#
|
229
287
|
# @param Rend::Acl::Resource|string resource
|
230
288
|
# @param Rend::Acl::Resource|string inherit
|
231
|
-
# @param boolean
|
289
|
+
# @param boolean only_parent
|
232
290
|
# @throws Rend_Acl_Resource_Registry_Exception
|
233
291
|
# @return boolean
|
234
292
|
def inherits_resource?(resource, inherit, only_parent = false)
|
@@ -302,22 +360,50 @@ module Rend
|
|
302
360
|
#
|
303
361
|
# @param Rend::Acl::Role|string|array roles
|
304
362
|
# @param Rend::Acl::Resource|string|array resources
|
305
|
-
# @param string|array
|
363
|
+
# @param string|array privileges
|
364
|
+
# @param Rend::Acl::Assertion assertion
|
306
365
|
# @uses Rend::Acl::set_rule!()
|
307
366
|
# @return Rend::Acl Provides a fluent interface
|
308
|
-
def allow!(roles = nil, resources = nil, privileges = nil)
|
309
|
-
|
367
|
+
def allow!(roles = nil, resources = nil, privileges = nil, assertion = nil)
|
368
|
+
if roles.is_a?(Hash)
|
369
|
+
options = roles
|
370
|
+
roles = options.fetch(:role, nil)
|
371
|
+
resources = options.fetch(:resource, nil)
|
372
|
+
privileges = options.fetch(:privilege, nil)
|
373
|
+
assertion = options.fetch(:assertion, nil)
|
374
|
+
end
|
375
|
+
roles = nil if roles == :all
|
376
|
+
resources = nil if resources == :all
|
377
|
+
privileges = nil if privileges == :all
|
378
|
+
|
379
|
+
type_hint! Rend::Acl::Assertion, assertion
|
380
|
+
|
381
|
+
set_rule!(OP_ADD, TYPE_ALLOW, roles, resources, privileges, assertion)
|
310
382
|
end
|
311
383
|
|
312
384
|
# Adds a "deny" rule to the ACL
|
313
385
|
#
|
314
386
|
# @param Rend::Acl::Role|string|array roles
|
315
387
|
# @param Rend::Acl::Resource|string|array resources
|
316
|
-
# @param string|array
|
388
|
+
# @param string|array privileges
|
389
|
+
# @param Rend::Acl::Assertion assertion
|
317
390
|
# @uses Rend::Acl::set_rule!()
|
318
391
|
# @return Rend::Acl Provides a fluent interface
|
319
|
-
def deny!(roles = nil, resources = nil, privileges = nil)
|
320
|
-
|
392
|
+
def deny!(roles = nil, resources = nil, privileges = nil, assertion = nil)
|
393
|
+
if roles.is_a?(Hash)
|
394
|
+
options = roles
|
395
|
+
roles = options.fetch(:role, nil)
|
396
|
+
resources = options.fetch(:resource, nil)
|
397
|
+
privileges = options.fetch(:privilege, nil)
|
398
|
+
assertion = options.fetch(:assertion, nil)
|
399
|
+
end
|
400
|
+
roles = nil if roles == :all
|
401
|
+
resources = nil if resources == :all
|
402
|
+
privileges = nil if privileges == :all
|
403
|
+
|
404
|
+
type_hint! Rend::Acl::Assertion, assertion
|
405
|
+
|
406
|
+
set_rule!(OP_ADD, TYPE_DENY, roles, resources, privileges, assertion)
|
321
407
|
end
|
322
408
|
|
323
409
|
# Removes "allow" permissions from the ACL
|
@@ -327,8 +413,19 @@ module Rend
|
|
327
413
|
# @param string|array privileges
|
328
414
|
# @uses Rend::Acl::set_rule!()
|
329
415
|
# @return Rend::Acl Provides a fluent interface
|
330
|
-
def remove_allow!(roles = nil, resources = nil, privileges = nil)
|
331
|
-
|
416
|
+
def remove_allow!(roles = nil, resources = nil, privileges = nil, assertion = nil)
|
417
|
+
if roles.is_a?(Hash)
|
418
|
+
options = roles
|
419
|
+
roles = options.fetch(:role, nil)
|
420
|
+
resources = options.fetch(:resource, nil)
|
421
|
+
privileges = options.fetch(:privilege, nil)
|
422
|
+
assertion = options.fetch(:assertion, nil)
|
423
|
+
end
|
424
|
+
roles = nil if roles == :all
|
425
|
+
resources = nil if resources == :all
|
426
|
+
privileges = nil if privileges == :all
|
427
|
+
|
428
|
+
set_rule!(OP_REMOVE, TYPE_ALLOW, roles, resources, privileges, assertion)
|
332
429
|
end
|
333
430
|
|
334
431
|
# Removes "deny" restrictions from the ACL
|
@@ -338,8 +435,19 @@ module Rend
|
|
338
435
|
# @param string|array privileges
|
339
436
|
# @uses Rend::Acl::set_rule!()
|
340
437
|
# @return Rend::Acl Provides a fluent interface
|
341
|
-
def remove_deny!(roles = nil, resources = nil, privileges = nil)
|
342
|
-
|
438
|
+
def remove_deny!(roles = nil, resources = nil, privileges = nil, assertion = nil)
|
439
|
+
if roles.is_a?(Hash)
|
440
|
+
options = roles
|
441
|
+
roles = options.fetch(:role, nil)
|
442
|
+
resources = options.fetch(:resource, nil)
|
443
|
+
privileges = options.fetch(:privilege, nil)
|
444
|
+
assertion = options.fetch(:assertion, nil)
|
445
|
+
end
|
446
|
+
roles = nil if roles == :all
|
447
|
+
resources = nil if resources == :all
|
448
|
+
privileges = nil if privileges == :all
|
449
|
+
|
450
|
+
set_rule!(OP_REMOVE, TYPE_DENY, roles, resources, privileges, assertion)
|
343
451
|
end
|
344
452
|
|
345
453
|
# Performs operations on ACL rules
|
@@ -372,20 +480,23 @@ module Rend
|
|
372
480
|
# privilege with a string, and multiple privileges may be specified as an array of strings.
|
373
481
|
#
|
374
482
|
#
|
375
|
-
# @param string
|
376
|
-
# @param string
|
377
|
-
# @param Rend::Acl::Role|string|array
|
378
|
-
# @param Rend::Acl::Resource|string|array
|
379
|
-
# @param string|array
|
483
|
+
# @param string operation
|
484
|
+
# @param string type
|
485
|
+
# @param Rend::Acl::Role|string|array roles
|
486
|
+
# @param Rend::Acl::Resource|string|array resources
|
487
|
+
# @param string|array privileges
|
488
|
+
# @param Rend::Acl::Assert::Interface assertion
|
380
489
|
# @throws Rend::Acl::Exception
|
381
490
|
# @uses Rend::Acl::Role::Registry::get!()
|
382
491
|
# @uses Rend::Acl::get!()
|
383
492
|
# @return Rend::Acl Provides a fluent interface
|
384
|
-
def set_rule!(operation, type, roles = nil, resources = nil, privileges = nil)
|
493
|
+
def set_rule!(operation, type, roles = nil, resources = nil, privileges = nil, assertion = nil)
|
494
|
+
type_hint! Rend::Acl::Assertion, assertion
|
495
|
+
|
385
496
|
# ensure that the rule type is valid normalize input to uppercase
|
386
497
|
type = type.upcase
|
387
498
|
if type != TYPE_ALLOW && type != TYPE_DENY
|
388
|
-
raise
|
499
|
+
raise Rend::Acl::Exception, "Unsupported rule type must be either '#{TYPE_ALLOW}' or '#{TYPE_DENY}'"
|
389
500
|
end
|
390
501
|
|
391
502
|
# ensure that all specified Roles exist normalize input to array of Role objects or nil
|
@@ -429,11 +540,17 @@ module Rend
|
|
429
540
|
roles.each do |role|
|
430
541
|
rules = _rules(resource, role, true)
|
431
542
|
if privileges.empty?
|
432
|
-
rules[:all_privileges]
|
543
|
+
rules[:all_privileges] = {
|
544
|
+
:type => type,
|
545
|
+
:assertion => assertion
|
546
|
+
}
|
433
547
|
rules[:by_privilege_id] = {} unless rules.has_key?(:by_privilege_id)
|
434
548
|
else
|
435
549
|
privileges.each do |privilege|
|
436
|
-
rules[:by_privilege_id][privilege] = {
|
550
|
+
rules[:by_privilege_id][privilege] = {
|
551
|
+
:type => type,
|
552
|
+
:assertion => assertion
|
553
|
+
}
|
437
554
|
end
|
438
555
|
end
|
439
556
|
end
|
@@ -443,10 +560,16 @@ module Rend
|
|
443
560
|
roles.each do |role|
|
444
561
|
rules = _rules(nil, role, true)
|
445
562
|
if privileges.empty?
|
446
|
-
rules[:all_privileges] = {
|
563
|
+
rules[:all_privileges] = {
|
564
|
+
:type => type,
|
565
|
+
:assertion => assertion
|
566
|
+
}
|
447
567
|
else
|
448
568
|
privileges.each do |privilege|
|
449
|
-
rules[:by_privilege_id][privilege] = {
|
569
|
+
rules[:by_privilege_id][privilege] = {
|
570
|
+
:type => type,
|
571
|
+
:assertion => assertion
|
572
|
+
}
|
450
573
|
end
|
451
574
|
end
|
452
575
|
end
|
@@ -463,7 +586,10 @@ module Rend
|
|
463
586
|
if resource.nil? && role.nil?
|
464
587
|
if rules[:all_privileges][:type] == type
|
465
588
|
rules.replace({
|
466
|
-
:all_privileges
|
589
|
+
:all_privileges => {
|
590
|
+
:type => TYPE_DENY,
|
591
|
+
:assertion => nil
|
592
|
+
},
|
467
593
|
:by_privilege_id => {}
|
468
594
|
})
|
469
595
|
end
|
@@ -495,7 +621,10 @@ module Rend
|
|
495
621
|
if role.nil?
|
496
622
|
if rules[:all_privileges][:type] == type
|
497
623
|
rules.replace({
|
498
|
-
:all_privileges
|
624
|
+
:all_privileges => {
|
625
|
+
:type => TYPE_DENY,
|
626
|
+
:assertion => nil
|
627
|
+
},
|
499
628
|
:by_privilege_id => {}
|
500
629
|
})
|
501
630
|
end
|
@@ -554,6 +683,19 @@ module Rend
|
|
554
683
|
@_is_allowed_resource = nil
|
555
684
|
@_is_allowed_privilege = nil
|
556
685
|
|
686
|
+
# Readability
|
687
|
+
if role.is_a?(Hash)
|
688
|
+
options = role
|
689
|
+
role = options.fetch(:role, nil)
|
690
|
+
resource = options.fetch(:resource, nil)
|
691
|
+
privilege = options.fetch(:privilege, nil)
|
692
|
+
end
|
693
|
+
|
694
|
+
# Readability
|
695
|
+
role = nil if role == :all
|
696
|
+
resource = nil if resource == :all
|
697
|
+
privilege = nil if privilege == :all
|
698
|
+
|
557
699
|
if role
|
558
700
|
# keep track of originally called role
|
559
701
|
@_is_allowed_role = role
|
@@ -789,19 +931,19 @@ module Rend
|
|
789
931
|
rule = rules[:by_privilege_id][privilege]
|
790
932
|
end
|
791
933
|
|
792
|
-
#
|
793
|
-
|
794
|
-
if rule[:
|
795
|
-
|
796
|
-
|
797
|
-
|
798
|
-
|
799
|
-
|
800
|
-
|
801
|
-
|
934
|
+
# Check assertion first
|
935
|
+
assertion_passed = nil
|
936
|
+
if rule[:assertion]
|
937
|
+
args = {
|
938
|
+
:acl => self,
|
939
|
+
:role => @_is_allowed_role.is_a?(Rend::Acl::Role) ? @_is_allowed_role : role,
|
940
|
+
:resource => @_is_allowed_resource.is_a?(Rend::Acl::Resource) ? @_is_allowed_resource : resource,
|
941
|
+
:privilege => @_is_allowed_privilege
|
942
|
+
}
|
943
|
+
assertion_passed = rule[:assertion].pass?(args[:acl], args[:role], args[:resource], args[:privilege])
|
802
944
|
end
|
803
945
|
|
804
|
-
if rule[:
|
946
|
+
if rule[:assertion].nil? || assertion_passed == true
|
805
947
|
rule[:type]
|
806
948
|
elsif resource != nil || role != nil || privilege != nil
|
807
949
|
nil
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module Rend
|
2
|
+
class Acl
|
3
|
+
class Assertion
|
4
|
+
# Returns true if and only if the assertion conditions are met
|
5
|
+
#
|
6
|
+
# This method is passed the ACL, Role, Resource, and privilege to which the authorization query applies. If the
|
7
|
+
# $role, $resource, or $privilege parameters are nil, it means that the query applies to all Roles, Resources, or
|
8
|
+
# privileges, respectively.
|
9
|
+
#
|
10
|
+
# @param Zend_Acl $acl
|
11
|
+
# @param Zend_Acl_Role_Interface $role
|
12
|
+
# @param Zend_Acl_Resource_Interface $resource
|
13
|
+
# @param string $privilege
|
14
|
+
# @return boolean
|
15
|
+
def pass?(acl, role = nil, resource = nil, privilege = nil)
|
16
|
+
type_hint! Rend::Acl, acl, :is_required => true
|
17
|
+
type_hint! Rend::Acl::Role, role
|
18
|
+
type_hint! Rend::Acl::Resources, resource
|
19
|
+
type_hint! String, privilege
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# Not a required file -- used for testing
|
2
|
+
module Rend
|
3
|
+
class Acl
|
4
|
+
class MockAssertion < Rend::Acl::Assertion
|
5
|
+
|
6
|
+
attr_reader :last_acl
|
7
|
+
attr_reader :last_role
|
8
|
+
attr_reader :last_resource
|
9
|
+
attr_reader :last_privilege
|
10
|
+
|
11
|
+
attr_accessor :pass
|
12
|
+
|
13
|
+
def initialize(pass = nil, &block)
|
14
|
+
self.pass = block_given? ? block : pass
|
15
|
+
end
|
16
|
+
|
17
|
+
def pass=(value)
|
18
|
+
@pass = value.is_a?(Proc) ? value : lambda {|acl, role, resource, privilege| value}
|
19
|
+
end
|
20
|
+
|
21
|
+
def pass?(acl, role = nil, resource = nil, privilege = nil)
|
22
|
+
@last_acl, @last_role, @last_resource, @last_privilege = acl, role, resource, privilege
|
23
|
+
pass.call(acl, role, resource, privilege)
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
data/lib/rend/acl/version.rb
CHANGED
data/rend-acl.gemspec
CHANGED
@@ -16,11 +16,12 @@ Gem::Specification.new do |spec|
|
|
16
16
|
spec.files = `git ls-files`.split($/)
|
17
17
|
spec.files += ["LICENSE.txt", "ZEND_FRAMEWORK_LICENSE.txt"]
|
18
18
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
19
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features|)/})
|
20
20
|
spec.require_paths = ["lib"]
|
21
21
|
|
22
22
|
spec.add_development_dependency "bundler", "~> 1.3"
|
23
23
|
spec.add_development_dependency "rake"
|
24
|
+
spec.add_development_dependency "turn"
|
24
25
|
|
25
26
|
dependency_gems = ['rend-core']
|
26
27
|
|
data/test/test_acl.rb
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
require 'test/unit'
|
2
2
|
require 'rend/acl'
|
3
|
+
require 'rend/acl/mock_assertion'
|
4
|
+
require 'yaml'
|
5
|
+
begin; require 'turn/autorun'; rescue LoadError; end
|
6
|
+
|
3
7
|
|
4
8
|
class AclTest < Test::Unit::TestCase
|
5
9
|
|
@@ -12,15 +16,129 @@ class AclTest < Test::Unit::TestCase
|
|
12
16
|
end
|
13
17
|
|
14
18
|
def test_storing_acl_data_for_persistence_with_yaml
|
15
|
-
require 'yaml'
|
16
19
|
assert_use_case_1 YAML.load( YAML.dump(use_case_1) )
|
17
20
|
end
|
18
21
|
|
19
|
-
def
|
22
|
+
def test_use_case_1
|
20
23
|
assert_use_case_1(use_case_1)
|
21
24
|
end
|
22
25
|
|
23
|
-
|
26
|
+
def test_add_raises_argument_error_with_no_args
|
27
|
+
assert_raises ArgumentError do
|
28
|
+
@acl.add!
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def test_add_method_raises_exception_on_unknown_hash_keys
|
33
|
+
assert_raises Rend::Acl::Exception do
|
34
|
+
@acl.add! :roles => []
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_add_method_raises_exception_on_unknown_object_type
|
39
|
+
assert_raises Rend::Acl::Exception do
|
40
|
+
@acl.add! Rend::Acl
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def test_add_method_raises_exception_on_invalid_hash_value_type
|
45
|
+
assert_raises Rend::Acl::Exception do
|
46
|
+
@acl.add! :role => 423423
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
|
51
|
+
def test_add_method_returns_self
|
52
|
+
result = @acl.add! Rend::Acl::Role.new("editor")
|
53
|
+
assert_same @acl, result
|
54
|
+
end
|
55
|
+
|
56
|
+
def test_add_method_role_via_arguments
|
57
|
+
assert @acl.add!(Rend::Acl::Role.new("editor")).role?("editor")
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_add_method_role_via_hash
|
61
|
+
assert @acl.add!(:role => "editor").role?("editor")
|
62
|
+
end
|
63
|
+
|
64
|
+
def test_add_method_roles_via_hash
|
65
|
+
@acl.add! :role => ['guest', 'contributor', 'editor']
|
66
|
+
assert @acl.role? "guest"
|
67
|
+
assert @acl.role? "contributor"
|
68
|
+
assert @acl.role? "editor"
|
69
|
+
end
|
70
|
+
|
71
|
+
def test_add_method_role_with_single_inheritance_via_arguments
|
72
|
+
@acl.add! Rend::Acl::Role.new("guest")
|
73
|
+
@acl.add! Rend::Acl::Role.new("editor"), "guest"
|
74
|
+
assert @acl.inherits_role? "editor", "guest"
|
75
|
+
end
|
76
|
+
|
77
|
+
def test_add_method_role_with_single_inheritance_via_hash
|
78
|
+
@acl.add! Rend::Acl::Role.new("guest")
|
79
|
+
@acl.add! :role => {"editor" => "guest"}
|
80
|
+
assert @acl.inherits_role? "editor", "guest"
|
81
|
+
end
|
82
|
+
|
83
|
+
def test_add_method_role_with_multiple_inheritance_via_arguments
|
84
|
+
@acl.add! Rend::Acl::Role.new("guest")
|
85
|
+
@acl.add! Rend::Acl::Role.new("contributor")
|
86
|
+
@acl.add! Rend::Acl::Role.new("editor"), ["guest", "contributor"]
|
87
|
+
assert @acl.inherits_role? "editor", "guest"
|
88
|
+
assert @acl.inherits_role? "editor", "contributor"
|
89
|
+
end
|
90
|
+
|
91
|
+
def test_add_method_role_with_multiple_inheritance_via_hash
|
92
|
+
@acl.add! :role => [ "guest", "contributor", {"editor" => ["guest", "contributor"]}]
|
93
|
+
assert @acl.inherits_role? "editor", "guest"
|
94
|
+
assert @acl.inherits_role? "editor", "contributor"
|
95
|
+
end
|
96
|
+
|
97
|
+
def test_add_method_resource_via_arguments
|
98
|
+
assert @acl.add!(Rend::Acl::Resource.new("building")).resource?("building")
|
99
|
+
end
|
100
|
+
|
101
|
+
def test_add_method_resource_via_hash
|
102
|
+
assert @acl.add!(:resource => "building").resource?("building")
|
103
|
+
end
|
104
|
+
|
105
|
+
def test_add_method_resources_via_hash
|
106
|
+
@acl.add! :resource => ['city', 'building', 'room']
|
107
|
+
assert @acl.resource? "city"
|
108
|
+
assert @acl.resource? "building"
|
109
|
+
assert @acl.resource? "room"
|
110
|
+
end
|
111
|
+
|
112
|
+
def test_add_method_resource_with_single_inheritance_via_arguments
|
113
|
+
@acl.add! Rend::Acl::Resource.new("city")
|
114
|
+
@acl.add! Rend::Acl::Resource.new("building"), "city"
|
115
|
+
assert @acl.inherits_resource? "building", "city"
|
116
|
+
end
|
117
|
+
|
118
|
+
def test_add_method_resource_with_single_inheritance_via_hash
|
119
|
+
@acl.add! :resource => ["city", {"building" => "city"}, {"room" => "building"}]
|
120
|
+
assert @acl.inherits_resource? "building", "city"
|
121
|
+
assert @acl.inherits_resource? "room", "building"
|
122
|
+
end
|
123
|
+
|
124
|
+
def test_add_method_roles_and_resources
|
125
|
+
@acl.add!(
|
126
|
+
:role => ["guest", {"contributor" => "guest"}, {'editor' => "contributor"}],
|
127
|
+
:resource => ["city", {"building" => "city"}, {"room" => "building"}]
|
128
|
+
)
|
129
|
+
assert @acl.role? "guest"
|
130
|
+
assert @acl.role? "contributor"
|
131
|
+
assert @acl.role? "editor"
|
132
|
+
assert @acl.inherits_role? "contributor", "guest"
|
133
|
+
assert @acl.inherits_role? "editor", "contributor"
|
134
|
+
assert @acl.resource? "city"
|
135
|
+
assert @acl.resource? "building"
|
136
|
+
assert @acl.resource? "room"
|
137
|
+
assert @acl.inherits_resource? "building", "city"
|
138
|
+
assert @acl.inherits_resource? "room", "building"
|
139
|
+
end
|
140
|
+
|
141
|
+
# == Orignal Zend_Acl Tests Below ==
|
24
142
|
|
25
143
|
# Ensures that basic addition and retrieval of a single Role works
|
26
144
|
def test_role_registry_add_and_get_one
|
@@ -36,11 +154,11 @@ class AclTest < Test::Unit::TestCase
|
|
36
154
|
assert_equal 'area', role.id
|
37
155
|
end
|
38
156
|
|
39
|
-
#
|
157
|
+
# Ensures that basic removal of a single Role works
|
40
158
|
def test_role_registry_remove_one
|
41
159
|
role_guest = Rend::Acl::Role.new('guest')
|
42
160
|
@acl.add_role!(role_guest).remove_role!(role_guest)
|
43
|
-
assert_equal false, @acl.
|
161
|
+
assert_equal false, @acl.role?(role_guest)
|
44
162
|
end
|
45
163
|
|
46
164
|
# Ensures that an exception is thrown when a non-existent Role is specified for removal
|
@@ -51,11 +169,11 @@ class AclTest < Test::Unit::TestCase
|
|
51
169
|
end
|
52
170
|
end
|
53
171
|
|
54
|
-
#
|
172
|
+
# Ensures that removal of all Roles works
|
55
173
|
def test_role_registry_remove_all
|
56
174
|
role_guest = Rend::Acl::Role.new('guest')
|
57
175
|
@acl.add_role!(role_guest).remove_role_all!
|
58
|
-
assert_equal false, @acl.
|
176
|
+
assert_equal false, @acl.role?(role_guest)
|
59
177
|
end
|
60
178
|
|
61
179
|
# Ensures that an exception is thrown when a non-existent Role is specified as a parent upon Role addition
|
@@ -184,7 +302,7 @@ class AclTest < Test::Unit::TestCase
|
|
184
302
|
def test_resource_remove_one
|
185
303
|
resource_area = Rend::Acl::Resource.new('area')
|
186
304
|
@acl.add_resource!(resource_area).remove_resource!(resource_area)
|
187
|
-
assert_equal false, @acl.
|
305
|
+
assert_equal false, @acl.resource?(resource_area)
|
188
306
|
end
|
189
307
|
|
190
308
|
# Ensures that an exception is thrown when a non-existent Resource is specified for removal
|
@@ -199,7 +317,7 @@ class AclTest < Test::Unit::TestCase
|
|
199
317
|
def test_resource_remove_all
|
200
318
|
resource_area = Rend::Acl::Resource.new('area')
|
201
319
|
@acl.add_resource!(resource_area).remove_resource_all!
|
202
|
-
assert_equal false, @acl.
|
320
|
+
assert_equal false, @acl.resource?(resource_area)
|
203
321
|
end
|
204
322
|
|
205
323
|
# Ensures that an exception is thrown when a non-existent Resource is specified as a parent upon Resource addition
|
@@ -242,7 +360,7 @@ class AclTest < Test::Unit::TestCase
|
|
242
360
|
assert_equal false, @acl.inherits_resource?(resource_city, resource_room)
|
243
361
|
|
244
362
|
@acl.remove_resource!(resource_building)
|
245
|
-
assert_equal false, @acl.
|
363
|
+
assert_equal false, @acl.resource?(resource_room)
|
246
364
|
end
|
247
365
|
|
248
366
|
# Ensures that the same Resource cannot be added more than once
|
@@ -333,14 +451,6 @@ class AclTest < Test::Unit::TestCase
|
|
333
451
|
assert_equal false, @acl.allowed?(nil, nil, 'p3')
|
334
452
|
end
|
335
453
|
|
336
|
-
# # [NOT IMPLEMENTED YET] Ensures that assertions on privileges work properly
|
337
|
-
# def test_privilege_assert
|
338
|
-
# @acl.allow!(nil, nil, 'some_privilege', Rend::Acl::Mock_assertion.new(true))
|
339
|
-
# assert_equal true, @acl.allowed?(nil, nil, 'some_privilege')
|
340
|
-
# @acl.allow!(nil, nil, 'some_privilege', Rend::Acl::Mock_assertion.new(false))
|
341
|
-
# assert_equal false, @acl.allowed?(nil, nil, 'some_privilege')
|
342
|
-
# end
|
343
|
-
|
344
454
|
# Ensures that by default, Zend_Acl denies access to everything for a particular Role
|
345
455
|
def test_role_default_deny
|
346
456
|
role_guest = Rend::Acl::Role.new('guest')
|
@@ -437,7 +547,7 @@ class AclTest < Test::Unit::TestCase
|
|
437
547
|
assert_equal true, @acl.allowed?
|
438
548
|
end
|
439
549
|
|
440
|
-
#
|
550
|
+
# Ensure that basic rule removal works
|
441
551
|
def test_rules_remove
|
442
552
|
@acl.allow!(nil, nil, ['privilege1', 'privilege2'])
|
443
553
|
assert_equal false, @acl.allowed?
|
@@ -665,12 +775,12 @@ class AclTest < Test::Unit::TestCase
|
|
665
775
|
|
666
776
|
end
|
667
777
|
|
668
|
-
#
|
669
|
-
|
670
|
-
|
671
|
-
|
672
|
-
|
673
|
-
|
778
|
+
# Ensures that the default rule obeys its assertion
|
779
|
+
def test_default_assert
|
780
|
+
@acl.deny!(nil, nil, nil, Rend::Acl::MockAssertion.new(false))
|
781
|
+
assert_equal true, @acl.allowed?
|
782
|
+
assert_equal true, @acl.allowed?(nil, nil, 'some_privilege')
|
783
|
+
end
|
674
784
|
|
675
785
|
# Ensures that the only_parents argument to inherits_role? works
|
676
786
|
# @group ZF-2502
|
@@ -682,9 +792,7 @@ class AclTest < Test::Unit::TestCase
|
|
682
792
|
end
|
683
793
|
|
684
794
|
# Returns an array of registered roles
|
685
|
-
# @expected_exception PHPUnit_Framework_Error
|
686
795
|
# @group ZF-5638
|
687
|
-
# Porter Note: Seems like an odd test... investigate more
|
688
796
|
def test_get_registered_roles
|
689
797
|
@acl.add_role!('developer')
|
690
798
|
|
@@ -696,26 +804,26 @@ class AclTest < Test::Unit::TestCase
|
|
696
804
|
# Confirm that deleting a role after allowing access to all roles
|
697
805
|
# raise undefined index error
|
698
806
|
# @group ZF-5700
|
699
|
-
#
|
807
|
+
# TODO: Does this test matter in ruby? -- Daniel Doezema
|
700
808
|
def test_removing_role_after_it_was_allowed_access_to_all_resources_gives_error
|
701
809
|
@acl.add_role!(Rend::Acl::Role.new('test0'))
|
702
810
|
@acl.add_role!(Rend::Acl::Role.new('test1'))
|
703
811
|
@acl.add_role!(Rend::Acl::Role.new('test2'))
|
704
812
|
@acl.add_resource!(Rend::Acl::Resource.new('Test'))
|
705
813
|
|
706
|
-
@acl.allow!(nil,'Test','xxx')
|
814
|
+
@acl.allow!(nil, 'Test','xxx')
|
707
815
|
|
708
816
|
# error test
|
709
817
|
@acl.remove_role!('test0')
|
710
818
|
|
711
819
|
# Check after fix
|
712
|
-
assert_equal false, @acl.
|
820
|
+
assert_equal false, @acl.role?('test0')
|
713
821
|
end
|
714
822
|
|
715
823
|
# @group ZF-8039
|
716
824
|
# Meant to test for the (in)existance of this notice:
|
717
825
|
# "Notice: Undefined index: all_privileges in lib/Zend/Acl.php on line 682"
|
718
|
-
#
|
826
|
+
# TODO: Does this test matter in ruby? -- Daniel Doezema
|
719
827
|
def test_method_remove_allow_does_not_throw_notice
|
720
828
|
acl = Rend::Acl.new
|
721
829
|
acl.add_role!('admin')
|
@@ -848,98 +956,71 @@ class AclTest < Test::Unit::TestCase
|
|
848
956
|
assert_equal false, @acl.allowed?('guest', 'blogpost', 'read')
|
849
957
|
end
|
850
958
|
|
851
|
-
|
852
|
-
|
853
|
-
|
854
|
-
|
855
|
-
# role_guest = Rend::Acl::Role.new('guest')
|
856
|
-
# @acl.add_role!(role_guest)
|
857
|
-
# .allow!(role_guest, nil, 'some_privilege', Rend::Acl::Mock_assertion.new(true))
|
858
|
-
# assert_equal true, @acl.allowed?(role_guest, nil, 'some_privilege')
|
859
|
-
# @acl.allow!(role_guest, nil, 'some_privilege', Rend::Acl::Mock_assertion.new(false))
|
860
|
-
# assert_equal false, @acl.allowed?(role_guest, nil, 'some_privilege')
|
861
|
-
# end
|
862
|
-
|
863
|
-
# # Ensures that removing the default deny rule results in assertion method being removed
|
864
|
-
# def test_remove_default_deny_assert
|
865
|
-
# @acl.deny!(nil, nil, nil, Rend::Acl::Mock_assertion.new(false))
|
866
|
-
# assert_equal true, @acl.allowed?
|
867
|
-
# @acl.remove_deny
|
868
|
-
# assert_equal false, @acl.allowed?
|
869
|
-
# end
|
870
|
-
|
871
|
-
|
872
|
-
# # @group ZF-1721
|
873
|
-
# def test_acl_assertions_get_proper_role_when_inheritence_is_used
|
874
|
-
# acl = this._load_use_case1
|
875
|
-
|
876
|
-
# user = Rend::Acl::Role.new('publisher')
|
877
|
-
# blog_post = Rend::Acl::Resource.new('blog_post')
|
959
|
+
# Ensures that assertions on privileges work properly
|
960
|
+
def test_privilege_assert
|
961
|
+
@acl.allow!(nil, nil, 'some_privilege', Rend::Acl::MockAssertion.new(true))
|
962
|
+
assert_equal true, @acl.allowed?(nil, nil, 'some_privilege')
|
878
963
|
|
879
|
-
|
880
|
-
|
964
|
+
@acl.allow!(nil, nil, 'some_privilege', Rend::Acl::MockAssertion.new(false))
|
965
|
+
assert_equal false, @acl.allowed?(nil, nil, 'some_privilege')
|
966
|
+
end
|
881
967
|
|
882
|
-
#
|
968
|
+
# Ensures that assertions on privileges work properly for a particular Role
|
969
|
+
def test_role_privilege_assert
|
970
|
+
role_guest = Rend::Acl::Role.new('guest')
|
971
|
+
@acl.add_role!(role_guest)
|
883
972
|
|
884
|
-
|
973
|
+
@acl.allow!(role_guest, nil, 'some_privilege', Rend::Acl::MockAssertion.new(true))
|
974
|
+
assert_equal true, @acl.allowed?(role_guest, nil, 'some_privilege')
|
885
975
|
|
886
|
-
|
976
|
+
@acl.allow!(role_guest, nil, 'some_privilege', Rend::Acl::MockAssertion.new(false))
|
977
|
+
assert_equal false, @acl.allowed?(role_guest, nil, 'some_privilege')
|
978
|
+
end
|
887
979
|
|
888
|
-
# #
|
889
|
-
|
890
|
-
|
980
|
+
# # Ensures that removing the default deny rule results in assertion method being removed
|
981
|
+
def test_remove_default_deny_assert
|
982
|
+
@acl.deny!(nil, nil, nil, Rend::Acl::MockAssertion.new(false))
|
983
|
+
assert_equal true, @acl.allowed?
|
984
|
+
@acl.remove_deny!
|
985
|
+
assert_equal false, @acl.allowed?
|
986
|
+
end
|
891
987
|
|
892
|
-
# user = Rend::Acl_Use_case1::User.new
|
893
|
-
# blog_post = Rend::Acl_Use_case1::Blog_post.new
|
894
988
|
|
895
|
-
#
|
989
|
+
# @group ZF-1721
|
990
|
+
def test_acl_assertions_get_proper_role_when_inheritence_is_used
|
991
|
+
assertion = Rend::Acl::MockAssertion.new(true)
|
896
992
|
|
897
|
-
|
898
|
-
# * @var Zend_Acl_Use_case1_User_is_blog_post_owner_assertion
|
899
|
-
# */
|
900
|
-
# assertion = acl.custom_assertion
|
993
|
+
@acl.add! :role => ['guest', {'contributor' => 'guest'}, {'publisher' => 'contributor'}, 'admin'], :resource => 'blog_post'
|
901
994
|
|
902
|
-
|
903
|
-
|
904
|
-
|
905
|
-
|
906
|
-
# assert_equal false, acl.is_allowed(user, blog_post, 'modify'), 'Assertion should return false'
|
995
|
+
@acl.allow!('guest', 'blog_post', 'view')
|
996
|
+
@acl.allow!('contributor', 'blog_post', 'contribute')
|
997
|
+
@acl.allow!('contributor', 'blog_post', 'modify', assertion)
|
998
|
+
@acl.allow!('publisher', 'blog_post', 'publish')
|
907
999
|
|
908
|
-
|
909
|
-
|
910
|
-
|
1000
|
+
assert_equal true, @acl.allowed?("publisher", "blog_post", "modify")
|
1001
|
+
assert_equal 'publisher', assertion.last_role.id
|
1002
|
+
end
|
911
1003
|
|
912
|
-
#
|
1004
|
+
# @group ZF-1722
|
1005
|
+
def test_acl_assertions_get_original_is_allowed_objects
|
1006
|
+
# I'm invalidating this test as role.id and resource.id are both attr_reader properties -- Daniel Doezema
|
1007
|
+
end
|
913
1008
|
|
914
|
-
#
|
915
|
-
|
916
|
-
|
917
|
-
|
1009
|
+
# @group ZF-7973
|
1010
|
+
def test_acl_passes_privilege_to_assert_class
|
1011
|
+
assertion = Rend::Acl::MockAssertion.new do |acl, role, resource, privilege|
|
1012
|
+
privilege == "read"
|
1013
|
+
end
|
918
1014
|
|
919
|
-
|
920
|
-
|
921
|
-
# acl.add_resource!('resource')
|
922
|
-
# acl.allow!('role',nil,nil,assertion)
|
923
|
-
# allowed = acl.is_allowed('role','resource','privilege',assertion)
|
1015
|
+
@acl.add! :role => 'guest', :resource => 'blog_post'
|
1016
|
+
@acl.allow!('guest', nil, nil, assertion)
|
924
1017
|
|
925
|
-
|
926
|
-
|
1018
|
+
assert @acl.allowed?('guest', 'blog_post', 'read')
|
1019
|
+
end
|
927
1020
|
|
928
1021
|
|
929
1022
|
protected
|
930
1023
|
|
931
|
-
# def use_case_2
|
932
|
-
# @acl.add_role!('guest')
|
933
|
-
# @acl.add_role!('contributor', 'guest')
|
934
|
-
# @acl.add_role!('publisher', 'contributor')
|
935
|
-
# @acl.add_role!('admin')
|
936
|
-
# @acl.add_resource!('blogPost')
|
937
|
-
# @acl.allow!('guest', 'blogPost', 'view')
|
938
|
-
# @acl.allow!('contributor', 'blogPost', 'contribute')
|
939
|
-
# @acl.allow!('contributor', 'blogPost', 'modify', @acl.customAssertion)
|
940
|
-
# @acl.allow!('publisher', 'blogPost', 'publish')
|
941
|
-
# end
|
942
|
-
|
943
1024
|
# http:#framework.zend.com/manual/1.12/en/zend.acl.introduction.html#zend.acl.introduction.role_registry
|
944
1025
|
def use_case_1
|
945
1026
|
acl = Rend::Acl.new
|
@@ -997,4 +1078,4 @@ class AclTest < Test::Unit::TestCase
|
|
997
1078
|
assert_equal false, acl.allowed?('editor' , 'announcement' , 'archive') # denied
|
998
1079
|
assert_equal false, acl.allowed?('administrator' , 'announcement' , 'archive') # denied
|
999
1080
|
end
|
1000
|
-
end
|
1081
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rend-acl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-06-
|
12
|
+
date: 2013-06-11 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -43,6 +43,22 @@ dependencies:
|
|
43
43
|
- - ! '>='
|
44
44
|
- !ruby/object:Gem::Version
|
45
45
|
version: '0'
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: turn
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
46
62
|
- !ruby/object:Gem::Dependency
|
47
63
|
name: rend-core
|
48
64
|
requirement: !ruby/object:Gem::Requirement
|
@@ -68,13 +84,16 @@ extensions: []
|
|
68
84
|
extra_rdoc_files: []
|
69
85
|
files:
|
70
86
|
- .gitignore
|
87
|
+
- Changelog.md
|
71
88
|
- Gemfile
|
72
89
|
- LICENSE.txt
|
73
90
|
- README.md
|
74
91
|
- Rakefile
|
75
92
|
- ZEND_FRAMEWORK_LICENSE.txt
|
76
93
|
- lib/rend/acl.rb
|
94
|
+
- lib/rend/acl/assertion.rb
|
77
95
|
- lib/rend/acl/exception.rb
|
96
|
+
- lib/rend/acl/mock_assertion.rb
|
78
97
|
- lib/rend/acl/resource.rb
|
79
98
|
- lib/rend/acl/role.rb
|
80
99
|
- lib/rend/acl/role/registry.rb
|
@@ -97,7 +116,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
97
116
|
version: '0'
|
98
117
|
segments:
|
99
118
|
- 0
|
100
|
-
hash: -
|
119
|
+
hash: -2809420582677817181
|
101
120
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
102
121
|
none: false
|
103
122
|
requirements:
|
@@ -106,12 +125,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
106
125
|
version: '0'
|
107
126
|
segments:
|
108
127
|
- 0
|
109
|
-
hash: -
|
128
|
+
hash: -2809420582677817181
|
110
129
|
requirements: []
|
111
130
|
rubyforge_project:
|
112
131
|
rubygems_version: 1.8.25
|
113
132
|
signing_key:
|
114
133
|
specification_version: 3
|
115
|
-
summary: rend-acl-0.0.
|
134
|
+
summary: rend-acl-0.0.4
|
116
135
|
test_files:
|
117
136
|
- test/test_acl.rb
|