simple-authorisation 0.0.4 → 0.0.5

data/lib/simple-authorisation/authorisation.rb

@@ -39,9 +39,12 @@ module Simple
 
       anonymous_user_class = options.fetch(:anonymous_user_class, NilClass)
 
-      return true if allow.index('?')
-      return false if deny.index('?') and user.is_a? anonymous_user_class
-      return true if allow.index('*') and not user.is_a? anonymous_user_class
+      return true   if allow.index('?')
+      return false  if deny.index('?')  and     user.is_a? anonymous_user_class
+      return true   if allow.index('*') and not user.is_a? anonymous_user_class
+      allow.each do | allowed |
+        return true if user.actions.include?(allowed)
+      end if user.respond_to? :actions
 
       false
     end

data/lib/simple-authorisation/sinatra.rb

@@ -10,7 +10,11 @@ module Sinatra
       app.before do
         route_name = request.path
         user = send(options.authorisation_current_user)
-        unless Simple::Authorisation.is_allowed?(route_name, :user => user, :anonymous_user_class => options.authorisation_anonymous_user_class, :method => request.request_method.downcase.to_sym)
+        unless Simple::Authorisation.is_allowed?(
+            route_name,
+            :user => user,
+            :anonymous_user_class => options.authorisation_anonymous_user_class,
+            :method => request.request_method.downcase.to_sym)
           session[:return_to] = request.fullpath unless request.fullpath.include?('favicon.ico')
           redirect options.authorisation_login
           return false

data/simple-authorisation.gemspec

@@ -3,7 +3,7 @@ $LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = 'simple-authorisation'
-  s.version     = '0.0.4'
+  s.version     = '0.0.5'
   s.authors     = ["Derek Ekins"]
   s.description = 'Handles authorisation only'
   s.summary     = "simple-authorisation-#{s.version}"

data/spec/simple-authorisation/authorisation_spec.rb

@@ -54,5 +54,28 @@ module Simple
     it "should raise an exception when checking is_allowed for a route with no rules" do
       lambda {Simple::Authorisation.is_allowed?('/test', :method => :get, :user => nil)}.should raise_error(Simple::Authorisation::NoSettingsForRoute)
     end
+
+    it "should be pass if we ask the user object if the user is allowed to perform the action when they are" do
+      user = Object.new
+      user.stub!(:actions).and_return(['test-action'])
+
+      Simple::Authorisation.route '/test', :allow => ['test-action']
+      Simple::Authorisation.is_allowed?('/test', :method => :get, :user => user).should be_true
+    end
+
+    it "should be fail if we ask the user object if the user is allowed to perform the action and they are not" do
+      user = Object.new
+      user.stub!(:actions).and_return(['wrong-action'])
+
+      Simple::Authorisation.route '/test', :allow => ['test-action']
+      Simple::Authorisation.is_allowed?('/test', :method => :get, :user => user).should be_false
+    end
+
+    it "should not call the actions method if it does not exist" do
+      user = Object.new
+
+      Simple::Authorisation.route '/test', :allow => ['test-action']
+      lambda{ Simple::Authorisation.is_allowed?('/test', :method => :get, :user => user)}.should_not raise_error
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: simple-authorisation
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-07-28 00:00:00.000000000Z
+date: 2011-08-03 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
-  requirement: &15242400 !ruby/object:Gem::Requirement
+  requirement: &11355540 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: 1.2.6
   type: :runtime
   prerelease: false
-  version_requirements: *15242400
+  version_requirements: *11355540
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &15241800 !ruby/object:Gem::Requirement
+  requirement: &11355060 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: 0.9.2
   type: :development
   prerelease: false
-  version_requirements: *15241800
+  version_requirements: *11355060
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &15241240 !ruby/object:Gem::Requirement
+  requirement: &11354600 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 2.6.0
   type: :development
   prerelease: false
-  version_requirements: *15241240
+  version_requirements: *11354600
 - !ruby/object:Gem::Dependency
   name: sinatra
-  requirement: &15240680 !ruby/object:Gem::Requirement
+  requirement: &11354140 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: 1.2.6
   type: :development
   prerelease: false
-  version_requirements: *15240680
+  version_requirements: *11354140
 - !ruby/object:Gem::Dependency
   name: rack-test
-  requirement: &15240120 !ruby/object:Gem::Requirement
+  requirement: &11353680 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,7 +65,7 @@ dependencies:
         version: 0.6.0
   type: :development
   prerelease: false
-  version_requirements: *15240120
+  version_requirements: *11353680
 description: Handles authorisation only
 email: derek@spathi.com
 executables: []
@@ -117,7 +117,7 @@ rubyforge_project:
 rubygems_version: 1.8.6
 signing_key: 
 specification_version: 3
-summary: simple-authorisation-0.0.4
+summary: simple-authorisation-0.0.5
 test_files:
 - spec/simple-authorisation/authorisation_spec.rb
 - spec/simple-authorisation/sinatra_integration_spec.rb