simple_permissions 0.1.0

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/Gemfile

@@ -0,0 +1,15 @@
+source "http://rubygems.org"
+# Add dependencies required to use your gem here.
+# Example:
+# gem "activesupport", ">= 3.0.3"
+
+gem "rails", "~> 3.0.0"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "shoulda", ">= 0"
+  gem "bundler", "~> 1.0.0"
+  gem "jeweler", "~> 1.5.1"
+  gem "rcov", ">= 0"
+end

data/Gemfile.lock

@@ -0,0 +1,82 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (3.0.3)
+      actionpack (= 3.0.3)
+      mail (~> 2.2.9)
+    actionpack (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.6)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+    activesupport (3.0.3)
+    arel (2.0.4)
+    builder (2.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    git (1.2.5)
+    i18n (0.4.2)
+    jeweler (1.5.1)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    mail (2.2.10)
+      activesupport (>= 2.3.6)
+      i18n (~> 0.4.1)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    polyglot (0.3.1)
+    rack (1.2.1)
+    rack-mount (0.6.13)
+      rack (>= 1.0.0)
+    rack-test (0.5.6)
+      rack (>= 1.0)
+    rails (3.0.3)
+      actionmailer (= 3.0.3)
+      actionpack (= 3.0.3)
+      activerecord (= 3.0.3)
+      activeresource (= 3.0.3)
+      activesupport (= 3.0.3)
+      bundler (~> 1.0)
+      railties (= 3.0.3)
+    railties (3.0.3)
+      actionpack (= 3.0.3)
+      activesupport (= 3.0.3)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
+    rake (0.8.7)
+    rcov (0.9.9)
+    shoulda (2.11.3)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.23)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.0.0)
+  jeweler (~> 1.5.1)
+  rails (~> 3.0.0)
+  rcov
+  shoulda

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Thiago Nuic Vidigal
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,123 @@
+= Simple permissions
+
+Simple permissions aims to make available a simple way to check for roles in Rails. This gem has been tested on Rails 3 only. If you use `:lib => false` and include the modules correctly it should work fine on rails 2.3.
+
+== Configuration
+
+To configure you just need to change the config constants below:
+
+<dl>
+  <dt>SimplePermissions::Config.current_user_method = :current_user</dt>
+  <dd>This sets the method which will be used inside simple permissions to get the logged user and check for roles.</dd>
+  
+  <dt>SimplePermissions::Config.permissions_method = :permissions</dt>
+  <dd>This sets the name of the method from the user model which will be called to get the permissions.</dd>
+  
+  <dt>SimplePermissions::Config.permission_type = :role</dt>
+  <dd>This sets the type of permission which will be used to check the user roles. Allowed types are `:role` and `:read_write`. Both types will be described below.</dd>
+</dl>
+
+== Setup
+
+Include in your Gemfile:
+
+  gem 'simple_permissions'
+
+Run:
+
+  bundle install
+
+In the user model include methods for authorization like the code bellow:
+
+  class User < ActiveRecord::Base
+    include SimplePermissions::UserModelMethods
+  end
+
+== How it works
+
+=== Model methods
+
+The model methods included by the gem to check the user authorization expect the user model to respond to a `permissions` method that will return the user permissions according to the permission type defined.
+
+=== Permission types
+
+==== :role
+
+Using this permission type, the `permissions` method from the user model should return an array of strings containing the code of the permissions, like the example below:
+
+  ['CRUD_USER', 'CRUD_PROFILE']
+
+The suggested models for this approach are the following:
+
+<pre>
+
+   ______          _________         _____________          ____________________
+  | User |________| Profile |_______| Permission  |________| PermissionCategory |
+  |______| N    1 |_________| N   M |_____________| N    1 |____________________|
+                                    | code        |
+                                    | description |
+                                    |_____________|
+
+</pre>
+
+==== :read_write
+
+Using this permission type, the `permissions` method from the user model should return an hash having the permission code as key and the literal string `r` or `w` as value, like the example below:
+
+  {'CRUD_USER' => 'w', 'CRUD_PROFILE' => 'r'}
+
+The suggested models for this approach are the following:
+
+   ______          _________         ___________________          _____________          ____________________
+  | User |________| Profile |_______| ProfilePermission |________| Permission  |________| PermissionCategory |
+  |______| N    1 |_________| 1   N |___________________| N    1 |_____________| N    1 |____________________|
+                                    | read_write        |        | code        |
+                                    |___________________|        | description |
+                                                                 |_____________|
+
+=== Controllers
+
+After installing the gem there will be two methods available for authorization: `has_permission` and `has_permission!`. Both receiving an array of permission codes or a hash depending on the permission type configured.
+
+At controllers it is recommended to put a `has_permission!` call as the first line of each action to validate the user credentials.
+
+  class SampleController < ApplicationController
+    def index
+      has_permission!('CRUD_COMPANY')
+      ...
+    end
+  end
+
+This credential check will raise an `SimplePermissions::AccessDeniedException` exception, so in order to capture nonauthorized actions it is recommended to include the following code in the application_controller.rb
+
+  class ApplicationController < ActionController::Base
+    rescue_from SimplePermissions::AccessDeniedException do |exception|
+      flash[:alert] = 'Access denied.'
+      redirect_to :root
+    end
+  end
+
+=== Helpers
+
+Both methods available for controllers are also available for the helpers, so you can use `has_permission` to show/hide stuff on views.
+
+== TODO
+
+* Generators for models, migrations for both permission types
+* Somehow authenticate routes
+
+== Contributing to simple_permissions
+ 
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+== Copyright
+
+Copyright (c) 2010 Thiago Nuic Vidigal. See LICENSE.txt for
+further details.
+

data/Rakefile

@@ -0,0 +1,53 @@
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "simple_permissions"
+  gem.homepage = "http://github.com/thiagonuic/simple_permissions"
+  gem.license = "MIT"
+  gem.summary = %Q{Easy and simple access control.}
+  gem.description = %Q{Easy and simple access control.}
+  gem.email = "tvidigal@gmail.com"
+  gem.authors = ["thiagonuic"]
+  # Include your dependencies below. Runtime dependencies are required when using your gem,
+  # and development dependencies are only needed for development (ie running rake tasks, tests, etc)
+  #  gem.add_runtime_dependency 'jabber4r', '> 0.1'
+  #  gem.add_development_dependency 'rspec', '> 1.2.3'
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+require 'rcov/rcovtask'
+Rcov::RcovTask.new do |test|
+  test.libs << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "simple_permissions #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/lib/configs.rb

@@ -0,0 +1,31 @@
+module SimplePermissions
+  module Config
+    @@current_user_method = :current_user
+    @@permissions_method = :permissions
+    @@permission_type = :role
+    
+    def self.permission_type
+      @@permission_type
+    end
+    
+    def self.permission_type=(value)
+      @@permission_type = value
+    end
+    
+    def self.current_user_method
+      @@current_user_method
+    end
+    
+    def self.current_user_method=(value)
+      @@current_user_method = value
+    end
+    
+    def self.permissions_method
+      @@permissions_method
+    end
+    
+    def self.permissions_method=(value)
+      @@permissions_method = value
+    end
+  end
+end

data/lib/controllers.rb

@@ -0,0 +1,8 @@
+module SimplePermissions
+  module ControllerMethods
+    include SimplePermissionsHelper
+  end
+end
+
+
+ActionController::Base.send :include, SimplePermissions::ControllerMethods

data/lib/exceptions.rb

@@ -0,0 +1,3 @@
+module SimplePermissions
+  class AccessDeniedException < StandardError; end
+end

data/lib/helpers.rb

@@ -0,0 +1,36 @@
+module SimplePermissionsHelper
+  
+  def has_permission!(permissions)
+    raise SimplePermissions::AccessDeniedException if !self.has_permission(permissions)
+  end
+  
+  def has_permission(p_permissions)
+    logged_user = self.send SimplePermissions::Config.current_user_method
+		has_access = false
+		
+		if (p_permissions.class == String)
+		  permissions = [p_permissions]
+	  else
+	    permissions = p_permissions
+    end
+		
+		if SimplePermissions::Config.permission_type == :read_write
+      permissions.each do |permission, read_write|
+        if logged_user.has_permission_read_write(permission, read_write)
+          has_access = true
+        end
+      end
+    elsif SimplePermissions::Config.permission_type == :role
+      permissions.each do |permission|
+        if logged_user.has_permission_role(permission)
+          has_access = true
+        end
+      end
+    end
+    
+		return has_access
+  end
+  
+end
+
+ActionView::Base.send :include, SimplePermissionsHelper

data/lib/simple_permissions.rb

@@ -0,0 +1,5 @@
+require 'configs'
+require 'exceptions'
+require 'user_model'
+require 'helpers'
+require 'controllers'

data/lib/user_model.rb

@@ -0,0 +1,41 @@
+module SimplePermissions
+  module UserModelMethods
+    
+    def has_permission_role!(permission_code)
+      raise SimplePermissions::AccessDeniedException if !self.has_permission_role(permission_code)
+    end
+    
+    def has_permission_role(permission_code)
+      profile_permissions = self.send SimplePermissions::Config.permissions_method
+      
+      profile_permissions.each do |per_code|
+        if permission_code.to_s == per_code.to_s
+          return true
+        end
+      end
+      return false
+    end
+    
+    def has_permission_read_write!(permission_code, read_write)
+      raise SimplePermissions::AccessDeniedException if !self.has_permission_read_write(permission_code, read_write)
+    end
+    
+    def has_permission_read_write(permission_code, read_write)
+      profile_permissions = self.send SimplePermissions::Config.permissions_method
+
+      profile_permissions.each do |per_code, per_read_write|
+        if permission_code.to_s == per_code.to_s
+          if read_write.to_s == 'w'
+            if per_read_write.to_s == 'w'
+              return true
+            end
+          else
+            return true
+          end
+        end
+      end
+      return false
+    end
+    
+  end
+end

data/test/helper.rb

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'test/unit'
+require 'shoulda'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'simple_permissions'
+
+class Test::Unit::TestCase
+end

data/test/test_simple_permissions.rb

@@ -0,0 +1,7 @@
+require 'helper'
+
+class TestSimplePermissions < Test::Unit::TestCase
+  should "default values" do
+    assert SimplePermissions::Config.permission_type == :role
+  end
+end

metadata

@@ -0,0 +1,158 @@
+--- !ruby/object:Gem::Specification 
+name: simple_permissions
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- thiagonuic
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-12-21 00:00:00 -02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 3
+        - 0
+        - 0
+        version: 3.0.0
+  type: :runtime
+  name: rails
+  prerelease: false
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  name: shoulda
+  prerelease: false
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 1
+        - 0
+        - 0
+        version: 1.0.0
+  type: :development
+  name: bundler
+  prerelease: false
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 1
+        segments: 
+        - 1
+        - 5
+        - 1
+        version: 1.5.1
+  type: :development
+  name: jeweler
+  prerelease: false
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  name: rcov
+  prerelease: false
+  version_requirements: *id005
+description: Easy and simple access control.
+email: tvidigal@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE.txt
+- README.rdoc
+files: 
+- .document
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/configs.rb
+- lib/controllers.rb
+- lib/exceptions.rb
+- lib/helpers.rb
+- lib/simple_permissions.rb
+- lib/user_model.rb
+- test/helper.rb
+- test/test_simple_permissions.rb
+has_rdoc: true
+homepage: http://github.com/thiagonuic/simple_permissions
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Easy and simple access control.
+test_files: 
+- test/helper.rb
+- test/test_simple_permissions.rb