requirement_authorization 0.0.0

data/.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+pkg/*.gem

data/README.markdown

@@ -0,0 +1,64 @@
+# Requirement Authorization
+
+Requirement authorization is a lightweight DSL designed to separate the concerns of resource access from gathering information required to access the resource.
+
+WARNING: This puppy isn't tested yet, but its the very next thing I plan on doing. I wanted to get this up on github first so that we could gemify this into our own project and build out tests.
+
+## Installation
+
+In your rails config/environment.rb file, just add
+
+    config.gem 'requirement_authorization', :source => 'http://gemcutter.org'
+
+## Examples
+
+A more interesting example may be to protect a paid feature from being accessed by users who did not pay for that feature:
+
+    requirement :feature do |r|
+      r.guard_unless  { |feature| current_user.account.send("#{feature}_enabled?") }
+      r.resolution    { |feature| redirect_to upgrade_path(feature) }
+    end
+
+In the controller just add
+
+    class AwesomeSauceController < ActionController::Base
+      feature_required :awesome_sauce
+    end
+
+A more trivial example for SSL
+
+    requirement :ssl do |r|
+      r.guard_unless  { request.ssl? }
+      r.resolution    { redirect_to "https://" + request.host + request.request_uri }
+    end
+  
+Then in the controller:
+
+    class PaymentMethodsController << ActionController::Base
+      ssl_required
+    end
+  
+## License
+
+Copyright (c) 2009 Brad Gessler
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,38 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+require 'rake'
+require 'spec/rake/spectask'
+
+desc "Run all examples"
+Spec::Rake::SpecTask.new('spec') do |t|
+  t.spec_files = FileList['spec/*.rb']
+  t.fail_on_error = false
+end
+
+desc 'Generate documentation for the has_default plugin.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'HasDefault'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "requirement_authorization"
+    gemspec.summary = "A lightweight authorization framework that separates the concern of resource access from gathering information necessary to fulfill a request, like singing in with a username and password."
+    gemspec.description = ""
+    gemspec.email = "brad@conden.se"
+    gemspec.homepage = "http://github.com/bradgessler/requirement_authorization"
+    gemspec.authors = ["Brad Gessler"]
+  end
+rescue LoadError
+  puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.0

data/lib/requirement_authorization.rb

@@ -0,0 +1,102 @@
+# TODO release this as a plugin as it matures
+module RequirementAuthorization
+  METHOD_SUFIX = '_required'
+  
+  def self.included(base)
+    base.send :extend, ClassMethods
+  end
+  
+  class Requirement
+    CONTROLLER_OPTIONS = [:only, :except, :if, :unless]
+
+    def initialize(opts={},&block)
+      yield self if block_given?
+    end
+    
+    # A proc or method that must return a true for the requirement to be satisified
+    def guard(proc=nil, &block)
+      @guard = controller_filter_proc(proc, &block)
+    end
+    alias :guard_if :guard
+
+    def guard_unless(proc=nil, &block)
+      # Lazily invert the return of the controller proc.
+      @guard = Proc.new{|c, args| not controller_filter_proc(proc, &block).call(c, *args)}
+    end
+    
+    # This is the method that we'll call if the guard fails. The resolution should take the user
+    # through a flow where they can satisify the requirements for the requirement and pass on through.
+    def resolution(proc=nil, &block)
+      @resolution = controller_filter_proc(proc, &block)
+    end
+    
+    # Sets up the filter for the controller by wrapping this requirement up in a proc.
+    def filter(controller, *args)
+      args, controller_options = extract_filter_args!(args)
+      controller.before_filter Proc.new{|c| self.call(c, *args)}, controller_options
+    end
+    
+    # The gaurd, resolution process. This is where the magic happens.
+    def call(controller_instance, *args)
+      @resolution.call(controller_instance, *args) if @guard.call(controller_instance, *args)
+    end
+    
+  protected
+    # Packages up a proc or a block into something that a controller can deal with
+    def controller_filter_proc(proc=nil, &block)
+      if block_given? # Instance eval the block in the context of the controller
+        Proc.new{|c, args| c.instance_eval(&block)}
+      elsif proc.respond_to?(:call) # Just run the proc, easy!
+        Proc.new{|c, args| proc.call(*args)}
+      else # This could be a symbol or string, which we'll send to the controller to see if it exists
+        # TODO make this arity dyanmic...
+        # The arity check lets us call a method in a controller with or without arguments
+        Proc.new{|c, args| c.method(proc).arity == 0 ? c.send(proc) : c.send(proc, *args)}
+      end
+    end
+
+    def extract_filter_args!(args)
+      # Gives us the last hash in an array of args (e.g. before_filter :act1, :act2, :only => [:fun])
+      # would return {:only => [:fun]}
+      options = args.last.is_a?(Hash) ? args.pop : {}
+      # Collect all of the controller options and delete them out of the options hash
+      controller_options = options.inject({}) do |memo, (option, value)|
+        memo[option] = options.delete(option) if CONTROLLER_OPTIONS.include?(option)
+        memo
+      end
+      # The remaining pairs in the options hash should be put back into the args array
+      # unless the hash is empty. If we pushed an empty hash theres a chance we'd screw
+      # up the arity of calling functions within the controllers.
+      args.push options unless options.empty?
+      [ args, controller_options ]
+    end
+  end
+  
+  module ClassMethods
+    # Setups a hash table of requirements that may be used by class methods from
+    # other sub-classed controllers
+    def requirement(requirement, opts={}, &block)
+      self.requirements.merge! requirement.to_s => Requirement.new(opts, &block)
+      
+      # Build out the class method for this requirement. This is primarly used towards the
+      # top of a controller.
+      self.class.class_eval %{
+        def #{requirement}#{METHOD_SUFIX}(*args)
+          requirements['#{requirement}'].filter(self, *args)
+        end}
+      
+      # Build out the instance method so that this requirement can be called from other
+      # instance methods. This proves to be insanely useful for composing requirements 
+      # together or reusing them from other methods.
+      self.class_eval %{
+        def #{requirement}#{METHOD_SUFIX}(*args)
+          self.class.send(:requirements)['#{requirement}'].call(self, *args)
+        end}
+    end
+        
+  protected
+    def requirements
+      @@requirements ||= {}
+    end
+  end
+end

data/rails/init.rb

@@ -0,0 +1,3 @@
+require File.dirname(__FILE__) + '/../lib/requirement_authorization.rb'
+
+ActionController::Base.send(:include, RequirementAuthorization)

data/spec/requirement_authorization_spec.rb

@@ -0,0 +1,5 @@
+require File.dirname(__FILE__) + '/../lib/requirement_authorization'
+
+describe RequirementAuthorization do
+  it "should have tests"
+end

metadata

@@ -0,0 +1,61 @@
+--- !ruby/object:Gem::Specification 
+name: requirement_authorization
+version: !ruby/object:Gem::Version 
+  version: 0.0.0
+platform: ruby
+authors: 
+- Brad Gessler
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-10-20 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: ""
+email: brad@conden.se
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.markdown
+files: 
+- .gitignore
+- README.markdown
+- Rakefile
+- VERSION
+- lib/requirement_authorization.rb
+- rails/init.rb
+- spec/requirement_authorization_spec.rb
+has_rdoc: true
+homepage: http://github.com/bradgessler/requirement_authorization
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: A lightweight authorization framework that separates the concern of resource access from gathering information necessary to fulfill a request, like singing in with a username and password.
+test_files: 
+- spec/requirement_authorization_spec.rb