route_authorizer 0.0.5 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4e3a0f2ada77c7eb4c8e74711f6ea639ada66ca8
-  data.tar.gz: 843853d3e80d386fe0838116d1615d358c3940c5
+  metadata.gz: ee4e003200b9e3f952427983a096e42ae56337a3
+  data.tar.gz: 4c2e08ef064e8565f44dedc540b99a5606b2df77
 SHA512:
-  metadata.gz: ccb85cbe5d2ce0cf939cb08220eadc6189b8e1f9f920bc81b242f8dd5f543e5ac59a5282f375688982a24dc7a215d0643f7067cf7724331347fc4bed3795f8c2
-  data.tar.gz: 0e1f6d4bf1b393b932f609a1594d88e3fb56a4efd68f052ca371bbcea26bf122c40311868860498004edcbd0df28bfb7e5fa35639ec06373f77ede0b0dfc80f4
+  metadata.gz: 5ef1bcd4349b97877ce9c00fac2d9697b196d59cee610f5099b8c27aa17841ca8e7ad4d14a6084d2398fc4b482c492ed1a216d0a4ded91fc06c32d53ace1be3a
+  data.tar.gz: 8295aded4b8761a0c80ba9b08669891f0176440a7fdcd487638e706dca4654133a41fc2001df08a773393a1a6228983d90524c8e49a3cac3efd3ed23361bb484

data/lib/generators/route_authorizer/install/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Explain the generator
+
+Example:
+    rails generate install Thing
+
+    This will create:
+        what/will/it/create

data/lib/generators/route_authorizer/install/install_generator.rb

@@ -0,0 +1,7 @@
+class RouteAuthorizer::InstallGenerator < Rails::Generators::Base
+  source_root File.expand_path('../templates', __FILE__)
+
+  def generate_permission
+    copy_file "permission.rb", "app/models/permission.rb"
+  end
+end

data/lib/generators/route_authorizer/install/templates/permission.rb

@@ -0,0 +1,24 @@
+class Permission < RouteAuthorizer::Permission
+
+  # Users can access all actions of HomeController
+  # all_roles do
+  #   permit :home
+  # end
+
+  # Admin can access all controllers and actions
+  # role :admin do
+  #   permit_all
+  # end
+
+  # Staff can access all actions of ProductsController
+  # role :staff do
+  #   permit :products
+  # end
+
+  # Customer can access all actions of OrdersController and just actions Index and Show of ProductsController
+  # role :customer do
+  #   permit :orders
+  #   permit :products, only: [:index, :show]
+  # end
+
+end

data/lib/route_authorizer/authorizer.rb

@@ -14,8 +14,8 @@ private
     @permission ||= ::Permission.new(current_user.try(:role))
   end
 
-  def permit?(_controller_name, _action_name)
-    permission.permit?(_controller_name, _action_name)
+  def permit?(_controller_path, _action_name)
+    permission.permit?(_controller_path, _action_name)
   end
 
   def permit_path?(path)
@@ -24,8 +24,8 @@ private
   end
 
   def authorize_user!
-    unless permit?(controller_name, action_name)
-      raise AccessDenied.new("Acess denied to '#{controller_name}##{action_name}'")
+    unless permit?(controller_path.to_s.gsub(/\//, "_"), action_name)
+      raise AccessDenied.new("Acess denied to '#{controller_path}##{action_name}'")
     end
   end
 

data/lib/route_authorizer/permission.rb

@@ -6,11 +6,11 @@ class RouteAuthorizer::Permission
     @role = role.to_s
   end
 
-  def permit?(controller_name, action_name)
+  def permit?(controller_path, action_name)
     permit_action? [
       [:all],
-      [controller_name.to_sym, :all],
-      [controller_name.to_sym, action_name.to_sym],
+      [controller_path.to_sym, :all],
+      [controller_path.to_sym, action_name.to_sym],
     ]
   end
 

data/lib/route_authorizer/version.rb

@@ -1,3 +1,3 @@
 module RouteAuthorizer
-  VERSION = '0.0.5'
+  VERSION = '1.0.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: route_authorizer
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 1.0.0
 platform: ruby
 authors:
 - Fábio Rodrigues
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-23 00:00:00.000000000 Z
+date: 2015-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -87,22 +87,14 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".rspec"
-- Gemfile
-- LICENSE.txt
-- README.md
-- Rakefile
+- lib/generators/route_authorizer/install/USAGE
+- lib/generators/route_authorizer/install/install_generator.rb
+- lib/generators/route_authorizer/install/templates/permission.rb
 - lib/route_authorizer.rb
 - lib/route_authorizer/authorizer.rb
 - lib/route_authorizer/permission.rb
 - lib/route_authorizer/permission_dsl.rb
 - lib/route_authorizer/version.rb
-- route_authorizer.gemspec
-- spec/authorizer_spec.rb
-- spec/permission_dsl_spec.rb
-- spec/permission_spec.rb
-- spec/spec_helper.rb
 homepage: https://github.com/FabioMR/route_authorizer
 licenses:
 - MIT
@@ -127,8 +119,4 @@ rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: Simple routes authorization solution for Rails based on user roles.
-test_files:
-- spec/authorizer_spec.rb
-- spec/permission_dsl_spec.rb
-- spec/permission_spec.rb
-- spec/spec_helper.rb
+test_files: []

data/.gitignore

@@ -1,17 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

data/.rspec

@@ -1 +0,0 @@
---color

data/Gemfile

@@ -1,3 +0,0 @@
-source 'https://rubygems.org'
-
-gemspec

data/LICENSE.txt

@@ -1,22 +0,0 @@
-Copyright (c) 2015 Fábio Rodrigues
-
-MIT License
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -1,29 +0,0 @@
-# RouteAuthorizer
-
-TODO: Write a gem description
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-    gem 'route_authorizer'
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install route_authorizer
-
-## Usage
-
-TODO: Write usage instructions here
-
-## Contributing
-
-1. Fork it ( http://github.com/<my-github-username>/route_authorizer/fork )
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request

data/Rakefile

@@ -1 +0,0 @@
-require 'bundler/gem_tasks'

data/route_authorizer.gemspec

@@ -1,26 +0,0 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'route_authorizer/version'
-
-Gem::Specification.new do |spec|
-  spec.name          = 'route_authorizer'
-  spec.version       = RouteAuthorizer::VERSION
-  spec.authors       = ['Fábio Rodrigues']
-  spec.email         = ['fabio.info@gmail.com']
-  spec.summary       = 'Simple routes authorization solution for Rails based on user roles.'
-  spec.homepage      = 'https://github.com/FabioMR/route_authorizer'
-  spec.license       = 'MIT'
-
-  spec.files         = `git ls-files -z`.split("\x0")
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ['lib']
-
-  spec.add_dependency 'rails', '>= 4.0.0'
-
-  spec.add_development_dependency 'bundler', '~> 1.5'
-  spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'rspec'
-  spec.add_development_dependency 'byebug'
-end

data/spec/authorizer_spec.rb

@@ -1,70 +0,0 @@
-require 'spec_helper'
-
-describe RouteAuthorizer::Authorizer do
-
-  let(:role) { :admin }
-  let(:current_user) { double('User', role: role) }
-  let(:permission) { double('permission', permit?: true) }
-  let(:controller) { ActionController::Base.new }
-
-  before do
-    allow(Permission).to receive(:new) { permission }
-
-    allow(controller).to receive(:controller_name) { :controller }
-    allow(controller).to receive(:action_name) { :action }
-    allow(controller).to receive(:current_user) { current_user }
-  end
-
-  context 'when has a current user' do
-    before do
-      expect(Permission).to receive(:new).with(role)
-    end
-
-    it 'returns current user role' do
-      controller.send(:permission)
-    end
-  end
-
-  context 'when does not have a current user' do
-    before do
-      allow(controller).to receive(:current_user) { nil }
-    end
-
-    it 'returns no role' do
-      expect(Permission).to receive(:new).with(nil)
-      controller.send(:permission)
-    end
-  end
-
-  context 'when user has permission' do
-    before do
-      expect(permission).to receive(:permit?).with(:controller, :action) { true }
-    end
-
-    it 'raises no exception' do
-      expect {controller.send(:authorize_user!)}.not_to raise_error
-    end
-  end
-
-  context 'when user does not have permission' do
-    before do
-      expect(permission).to receive(:permit?).with(:controller, :action) { false }
-    end
-
-    it 'raises AccessDenied exception' do
-      expect {controller.send(:authorize_user!)}.to raise_error(RouteAuthorizer::Authorizer::AccessDenied)
-    end
-  end
-
-  it '#permit?' do
-    expect(permission).to receive(:permit?).with(:other_controller, :other_action)
-    controller.send(:permit?, :other_controller, :other_action)
-  end
-
-  it '#permit_path?' do
-    expect(Rails).to receive_message_chain(:application, :routes, :recognize_path).with('path') { {a: 1, b: 2, c: 3} }
-    expect(permission).to receive(:permit?).with(1, 2)
-    controller.send(:permit_path?, 'path')
-  end
-
-end

data/spec/permission_dsl_spec.rb

@@ -1,59 +0,0 @@
-require 'spec_helper'
-
-describe RouteAuthorizer::PermissionDSL do
-
-  let(:permission_class) { Class.new }
-  let(:permission) { permission_class.new }
-
-  before do
-    permission_class.include(RouteAuthorizer::PermissionDSL)
-  end
-
-  it '.all_roles' do
-    expect(permission_class).to receive(:role).with(:default).and_yield
-
-    permission_class.send(:all_roles) { :anything }
-  end
-
-  context '.role' do
-    it 'with no permission' do
-      permission_class.send(:role, :admin) {}
-
-      expect(permission.send(:admin)).to eq([])
-    end
-
-    it 'with all permission' do
-      permission_class.send(:role, :admin) do
-        permit_all
-      end
-
-      expect(permission.send(:admin)).to eq([[:all]])
-    end
-
-    it 'with controller permission' do
-      permission_class.send(:role, :admin) do
-        permit :controller1
-        permit :controller2
-      end
-
-      expect(permission.send(:admin)).to eq([
-        [:controller1, :all],
-        [:controller2, :all],
-      ])
-    end
-
-    it 'with controller and action permissions' do
-      permission_class.send(:role, :admin) do
-        permit :controller1, only: [:action1]
-        permit :controller2, only: [:action1, :action2]
-      end
-
-      expect(permission.send(:admin)).to eq([
-        [:controller1, :action1],
-        [:controller2, :action1],
-        [:controller2, :action2],
-      ])
-    end
-  end
-
-end

data/spec/permission_spec.rb

@@ -1,59 +0,0 @@
-require 'spec_helper'
-
-describe RouteAuthorizer::Permission do
-
-  let(:permission_class) { Class.new(RouteAuthorizer::Permission) }
-  let(:permission) { permission_class.new(@role) }
-
-  before do
-    @role = :admin
-  end
-
-  it 'includes DSL' do
-    expect(permission_class).to include RouteAuthorizer::PermissionDSL
-  end
-
-  it 'returns no permission for no role' do
-    @role = nil
-    expect(permission.send(:role_permissions)).to eq([])
-  end
-
-  it 'returns no permission by default' do
-    expect(permission.send(:role_permissions)).to eq([])
-  end
-
-  it 'returns default permissions' do
-    allow(permission).to receive(:default).and_return [1]
-    expect(permission.send(:role_permissions)).to eq [1]
-  end
-
-  it 'returns role permissions' do
-    allow(permission).to receive(:admin).and_return [2]
-    expect(permission.send(:role_permissions)).to eq [2]
-  end
-
-  it 'returns default and role permissions' do
-    allow(permission).to receive(:default).and_return [1]
-    allow(permission).to receive(:admin).and_return [2]
-    expect(permission.send(:role_permissions)).to eq [1, 2]
-  end
-
-  it 'permits define permission to all controllers and actions' do
-    allow(permission).to receive(:admin).and_return [[:all]]
-    expect(permission.permit? :any, :any).to be_truthy
-  end
-
-  it 'permits define permission to a specific controller and all actions' do
-    allow(permission).to receive(:admin).and_return [[:some, :all]]
-    expect(permission.permit? :some, :any).to be_truthy
-    expect(permission.permit? :other, :any).to be_falsey
-  end
-
-  it 'permits define permission to a specific controller and action' do
-    allow(permission).to receive(:admin).and_return [[:some, :some]]
-    expect(permission.permit? :some, :some).to be_truthy
-    expect(permission.permit? :some, :any).to be_falsey
-    expect(permission.permit? :any, :any).to be_falsey
-  end
-
-end

data/spec/spec_helper.rb

@@ -1,4 +0,0 @@
-require 'bundler/setup'
-Bundler.require(:default, :development)
-
-Permission = Class.new(RouteAuthorizer::Permission)