route_authorizer 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c29f1203fb4a70cdc02d3b08dc2342fcdae937db
+  data.tar.gz: c3e42e5a4604048c46b0fc18edaee4b8552df0fe
+SHA512:
+  metadata.gz: be6bfb7c0c8999d00c3710b7702339eb83eb061e2e3519a65e9bf60c65f7b55a67ba3271cb313aa26981c6c51d813e78785d87d6cd292f78c849e8e84f2f7cce
+  data.tar.gz: 304d3e3f5c65e38bf6dac7458d1af3aeb0538e4bd0ecc86f936ad9ae509fc717623bd7226b99cd07a5179033c4206b4f4a93723afe5a17bc3d8ca222c38bdc05

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1 @@
+--color

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Fábio Rodrigues
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# RouteAuthorizer
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'route_authorizer'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install route_authorizer
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it ( http://github.com/<my-github-username>/route_authorizer/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/lib/route_authorizer/authorizer.rb

@@ -0,0 +1,28 @@
+module RouteAuthorizer::Authorizer
+
+  extend ActiveSupport::Concern
+
+  class AccessDenied < StandardError; end
+
+  included do
+    helper_method :can_redirect_to?, :can_redirect_to_path?
+  end
+
+private
+
+  def can_redirect_to?(_controller_name, _action_name)
+    Permission.new(current_user.role).redirect_to?(_controller_name, _action_name) if current_user
+  end
+
+  def can_redirect_to_path?(path)
+    controller_and_action = Rails.application.routes.recognize_path(path).values[0..1]
+    can_redirect_to?(*controller_and_action)
+  end
+
+  def authorize_user!
+    unless can_redirect_to?(controller_name, action_name)
+      raise AccessDenied.new("Acess denied to '#{controller_name}##{action_name}'") if current_user
+    end
+  end
+
+end

data/lib/route_authorizer/permission.rb

@@ -0,0 +1,32 @@
+module RouteAuthorizer::Permission
+
+  def initialize(role)
+    @role = role
+  end
+
+  def redirect_to?(controller_name, action_name)
+    redirect_to_action? [
+      [:all],
+      [controller_name.to_sym, :all],
+      [controller_name.to_sym, action_name.to_sym],
+    ]
+  end
+
+private
+
+  attr_reader :role
+
+  def redirect_to_action?(role_action)
+    (role_permissions & role_action).any?
+  end
+
+  def role_permissions
+    others_permissions = respond_to?(role, true) ? send(role) : []
+    default + others_permissions
+  end
+
+  def default
+    []
+  end
+
+end

data/lib/route_authorizer/version.rb

@@ -0,0 +1,3 @@
+module RouteAuthorizer
+  VERSION = '0.0.1'
+end

data/lib/route_authorizer.rb

@@ -0,0 +1,7 @@
+module RouteAuthorizer
+  require 'active_support'
+
+  require 'route_authorizer/version'
+  require 'route_authorizer/permission'
+  require 'route_authorizer/authorizer'
+end

data/route_authorizer.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'route_authorizer/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'route_authorizer'
+  spec.version       = RouteAuthorizer::VERSION
+  spec.authors       = ['Fábio Rodrigues']
+  spec.email         = ['fabio.info@gmail.com']
+  spec.summary       = 'Simple routes authorization solution for Rails based on user roles.'
+  spec.homepage      = 'https://github.com/FabioMR/route_authorizer'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'rails', '>= 4.0.0'
+
+  spec.add_development_dependency 'bundler', '~> 1.5'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'pry-meta'
+end

data/spec/authorizer_spec.rb

@@ -0,0 +1,10 @@
+require 'spec_helper'
+
+describe RouteAuthorizer::Authorizer do
+
+  it 'extends active support concern' do
+    included_modules = RouteAuthorizer::Authorizer.singleton_class.included_modules
+    expect(included_modules).to be_include ActiveSupport::Concern
+  end
+
+end

data/spec/permission_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe RouteAuthorizer::Permission do
+
+  let(:permission_class) do
+    klass = Class.new
+    klass.include(RouteAuthorizer::Permission)
+    klass
+  end
+
+  let(:permission) { permission_class.new(:admin) }
+
+  it 'returns no permission by default' do
+    expect(permission.send(:role_permissions)).to eq([])
+  end
+
+  it 'returns default permissions' do
+    allow(permission).to receive(:default).and_return [1]
+    expect(permission.send(:role_permissions)).to eq [1]
+  end
+
+  it 'returns role permissions' do
+    allow(permission).to receive(:admin).and_return [2]
+    expect(permission.send(:role_permissions)).to eq [2]
+  end
+
+  it 'returns default and role permissions' do
+    allow(permission).to receive(:default).and_return [1]
+    allow(permission).to receive(:admin).and_return [2]
+    expect(permission.send(:role_permissions)).to eq [1, 2]
+  end
+
+  it 'permits define permission to all controllers and actions' do
+    allow(permission).to receive(:admin).and_return [[:all]]
+    expect(permission.redirect_to? :any, :any).to be_truthy
+  end
+
+  it 'permits define permission to a specific controller and all actions' do
+    allow(permission).to receive(:admin).and_return [[:some, :all]]
+    expect(permission.redirect_to? :some, :any).to be_truthy
+    expect(permission.redirect_to? :other, :any).to be_falsey
+  end
+
+  it 'permits define permission to a specific controller and action' do
+    allow(permission).to receive(:admin).and_return [[:some, :some]]
+    expect(permission.redirect_to? :some, :some).to be_truthy
+    expect(permission.redirect_to? :some, :any).to be_falsey
+    expect(permission.redirect_to? :any, :any).to be_falsey
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'bundler/setup'
+Bundler.require(:default, :development)

metadata

@@ -0,0 +1,131 @@
+--- !ruby/object:Gem::Specification
+name: route_authorizer
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Fábio Rodrigues
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-meta
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- fabio.info@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/route_authorizer.rb
+- lib/route_authorizer/authorizer.rb
+- lib/route_authorizer/permission.rb
+- lib/route_authorizer/version.rb
+- route_authorizer.gemspec
+- spec/authorizer_spec.rb
+- spec/permission_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/FabioMR/route_authorizer
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Simple routes authorization solution for Rails based on user roles.
+test_files:
+- spec/authorizer_spec.rb
+- spec/permission_spec.rb
+- spec/spec_helper.rb