RubyGems - secure_link - Versions diffs - 0.0.1 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

checksums.yaml +7 -0
data/.gitignore +14 -0
data/Gemfile +4 -0
data/LICENSE.txt +22 -0
data/README.md +68 -0
data/Rakefile +2 -0
data/lib/generators/secure_link/permission_generator.rb +11 -0
data/lib/generators/secure_link/templates/permission.rb +23 -0
data/lib/secure_link/authorize.rb +25 -0
data/lib/secure_link/button.rb +18 -0
data/lib/secure_link/link.rb +18 -0
data/lib/secure_link/version.rb +3 -0
data/lib/secure_link.rb +17 -0
data/secure_link.gemspec +24 -0
data/spec/secure_link/authorize_spec.rb +9 -0
data/spec/secure_link/button_spec.rb +0 -0
data/spec/secure_link/link_spec.rb +0 -0
metadata +107 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9ccb11332e893ef9744aa978aa652b6f1df2f075
+  data.tar.gz: c332ff6e31dad982d50eada5d6dadaa729829556
+SHA512:
+  metadata.gz: 9cb440713564127462e200c1c264db8d4c2f416950f9136de7284676878563d8e299ecf2f6a6991bad1d3d93ed52cd61308dd690a8a2cdbb7141d6bec93522e7
+  data.tar.gz: de10c098d0e6a158a396f1f650807579594f30c75de72792bf1405caa055c3c6bb4bee495bd0d273ae86d644a28ed14f19041dc416e1bab452b135b2d13cbe44

data/.gitignore ADDED Viewed

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in secure_link.gemspec
+gemspec

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Nikita Singh
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,68 @@
+# SecureLink
+This gem will help in securing your links by not showing them in the web page if user is not authorized for it.
+## Installation
+Add this line to your application's Gemfile:
+```ruby
+gem 'secure_link'
+```
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install secure_link
+## Usage
+SecureLink expects a +current_user+ method to exist in the controller. First, set up some authentication (such as Authlogic[https://github.com/binarylogic/authlogic] or Devise[https://github.com/plataformatec/devise]).
+Also Add a migration to add +role+ column in your +users+ table
+## 1. Define Permissions
+Permissions are defined in an +Permission+ class. The gem includes a generator for creating this class.
+    rails g secure_link:permission
+## 2. Adding Permissions
+Once the permission file is created, add permissions in the following format -
+    [
+      ['__URL__','__ROLE__']
+    ]
+Example -
+    [
+      ['/admin', 'admin'],
+      ['/users/new', 'super admin']
+    ]
+## 3. Using Links
+Like a normal link -
+    <%= link_to "Admin Section", admin_index_path %>
+## Contributing
+1. Fork it ( https://github.com/[my-github-username]/secure_link/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request
+## Next steps:-
+1. Adding before filter to check the permission.
+2. Use of path and url helpers for URL generation in permission.rb file.
+3. Ability to have different column name instead of role.

data/Rakefile ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ require "bundler/gem_tasks"
2	+

data/lib/generators/secure_link/permission_generator.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module SecureLink
+  module Generators
+    class PermissionGenerator < Rails::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+      def generate_permission
+        copy_file "permission.rb", "app/controllers/permission.rb"
+      end
+    end
+  end
+end

data/lib/generators/secure_link/templates/permission.rb ADDED Viewed

@@ -0,0 +1,23 @@
+class Permission
+  #You will need to add the permission based on following format -
+  # [
+  #    ['__URL__','__ROLE__']
+  #  ]
+  # Example -
+  # [
+  #  ['/login', 'normal'],
+  #  ['/users/new', 'admin']
+  # ]
+  # TODO:-
+  #     * Allowing multiple user to be added for single url
+  #     * Use of paths or url instead of exact URL
+  #
+  def self.get_permissions
+    [
+      ['','']
+    ]
+  end
+end

data/lib/secure_link/authorize.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module SecureLink extend ActiveSupport::Concern
+  def authorized?(url, method = nil)
+    return false unless url
+    # Mailto link
+    return true if url =~ /^mailto:/
+    method ||= (params[:method] || request.method)
+    url_parts = URI::split(url.strip)
+    path = url_parts[5]
+    return true if current_user && is_authorized?(path)
+    begin
+      hash = Rails.application.routes.recognize_path(path, :method => method)
+      return is_authorized?(path_from_hash(hash)) if hash
+    rescue Exception => e
+    end
+  end
+  def is_authorized?(resource)
+    all_permissions = Permission.get_permissions
+    all_permissions.include?([resource, current_user.role])
+  end
+end

data/lib/secure_link/button.rb ADDED Viewed

@@ -0,0 +1,18 @@
+module SecureLink
+  def button_to_secured(name, options = {}, html_options = nil)
+    url = url_for(options)
+    check_url = url
+    unless ENV["RAILS_RELATIVE_URL_ROOT"].blank?
+      check_url = check_url.gsub(ENV["RAILS_RELATIVE_URL_ROOT"], "")
+    end
+    method = html_options ? html_options[:method] : nil
+    if authorized?(check_url, method)
+      return button_to_open(name, url, html_options)
+    end
+    return ""
+  end
+end

data/lib/secure_link/link.rb ADDED Viewed

@@ -0,0 +1,18 @@
+module SecureLink
+  def link_to_secured(name, options = {}, html_options = nil)
+    url = url_for(options)
+    check_url = url
+    unless ENV["RAILS_RELATIVE_URL_ROOT"].blank?
+      check_url = check_url.gsub(ENV["RAILS_RELATIVE_URL_ROOT"], "")
+    end
+    method = html_options ? html_options[:method] : nil
+    if authorized?(check_url, method)
+      return link_to_open(name, url, html_options)
+    end
+    return ""
+  end
+end

data/lib/secure_link/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module SecureLink
+  VERSION = "0.0.1"
+end

data/lib/secure_link.rb ADDED Viewed

@@ -0,0 +1,17 @@
+require "secure_link/version"
+require "secure_link/link"
+require "secure_link/button"
+require "secure_link/authorize"
+module SecureLink
+end
+ActionView::Base.class_eval {
+  include SecureLink
+  alias_method :link_to, :link_to_secured
+  alias_method :button_to, :button_to_secured
+}

data/secure_link.gemspec ADDED Viewed

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'secure_link/version'
+Gem::Specification.new do |spec|
+  spec.name          = "secure_link"
+  spec.version       = SecureLink::VERSION
+  spec.authors       = ["Nikita Singh"]
+  spec.email         = ["nikitaa_singh@yahoo.co.in"]
+  spec.summary       = "This gem helps you authorize your Rails link with the help of cancan and devise"
+  spec.description   = "This gem helps you authorize your Rails link with the help of cancan and devise"
+  spec.homepage      = ""
+  spec.license       = "MIT"
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency 'rspec-rails'
+end

data/spec/secure_link/authorize_spec.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# require 'rails_helper'
+describe Authorize do
+  describe "authorized?" do
+    it "should return false" do
+      expect(authorized?).to be_falsey
+    end
+  end
+end

data/spec/secure_link/button_spec.rb ADDED Viewed

File without changes

data/spec/secure_link/link_spec.rb ADDED Viewed

File without changes

metadata ADDED Viewed

@@ -0,0 +1,107 @@
+--- !ruby/object:Gem::Specification
+name: secure_link
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Nikita Singh
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-07-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This gem helps you authorize your Rails link with the help of cancan
+  and devise
+email:
+- nikitaa_singh@yahoo.co.in
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/generators/secure_link/permission_generator.rb
+- lib/generators/secure_link/templates/permission.rb
+- lib/secure_link.rb
+- lib/secure_link/authorize.rb
+- lib/secure_link/button.rb
+- lib/secure_link/link.rb
+- lib/secure_link/version.rb
+- secure_link.gemspec
+- spec/secure_link/authorize_spec.rb
+- spec/secure_link/button_spec.rb
+- spec/secure_link/link_spec.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.0.14
+signing_key:
+specification_version: 4
+summary: This gem helps you authorize your Rails link with the help of cancan and
+  devise
+test_files:
+- spec/secure_link/authorize_spec.rb
+- spec/secure_link/button_spec.rb
+- spec/secure_link/link_spec.rb

secure_link 0.0.1