RubyGems - stasi - Versions diffs - 0.0.1.alpha - Mend

stasi 0.0.1.alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

data/CHANGELOG.md +3 -0
data/Gemfile +3 -0
data/Gemfile.lock +38 -0
data/LICENSE.txt +22 -0
data/README.md +46 -0
data/Rakefile +7 -0
data/init.rb +1 -0
data/lib/stasi/authorization/law.rb +53 -0
data/lib/stasi/authorization/status.rb +46 -0
data/lib/stasi/authorization/watch.rb +11 -0
data/lib/stasi.rb +7 -0
data/test/law_test.rb +82 -0
data/test/status_test.rb +60 -0
data/test/test_helper.rb +9 -0
data/test/watch_test.rb +21 -0
metadata +161 -0

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,3 @@
+## v0.0.1.alpha
+* initial commit

data/Gemfile ADDED Viewed

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+gemspec

data/Gemfile.lock ADDED Viewed

@@ -0,0 +1,38 @@
+PATH
+  remote: .
+  specs:
+    stasi (0.0.1.alpha)
+      activesupport (>= 4.0.0)
+      dsl_eval (>= 0.0.2)
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (4.0.0)
+      i18n (~> 0.6, >= 0.6.4)
+      minitest (~> 4.2)
+      multi_json (~> 1.3)
+      thread_safe (~> 0.1)
+      tzinfo (~> 0.3.37)
+    ansi (1.4.3)
+    atomic (1.1.14-java)
+    dsl_eval (0.0.2)
+    i18n (0.6.5)
+    minitest (4.7.5)
+    multi_json (1.8.2)
+    rake (10.1.0)
+    thread_safe (0.1.3-java)
+      atomic
+    turn (0.9.6)
+      ansi
+    tzinfo (0.3.38)
+PLATFORMS
+  java
+DEPENDENCIES
+  bundler (~> 1.3)
+  minitest (~> 4.2)
+  rake
+  stasi!
+  turn

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Paul Vonderscher
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,46 @@
+# Stasi
+A small authorization library inspired by CanCan
+## Usage
+```ruby
+gem 'stasi'
+```
+In the model you wish to check permissions on, e.g. User :
+```ruby
+include Robotnik::Authorization::Watch
+```
+Then you can check permissions this way :
+```ruby
+user.can? :read, :posts
+```
+You define permissions in an initializer :
+```ruby
+Robotnik::Authorization::Law.define do
+  status :admin do
+    can read, :posts
+    can :destroy, :posts
+  end
+  status :guest do
+    can :read, :post
+  end
+end
+```
+Undefined permissions default to `false`.
+`:admin` and `:guest`, in this example, must be methods on the `user` object.
+## Milestones
+* pass directly object, and not a symbol
+* load specific permissions from db

data/Rakefile ADDED Viewed

@@ -0,0 +1,7 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.pattern = "test/*_test.rb"
+end

data/init.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ require 'stasi'

data/lib/stasi/authorization/law.rb ADDED Viewed

@@ -0,0 +1,53 @@
+module Robotnik
+  module Authorization
+    class Law
+      #--- Class methods ---#
+          include Robotnik::DslEval
+          cattr_reader :law
+          def self.define &block
+            @@law = self.new.evaluate(&block)
+          end
+          def self.reset!
+            @@law = nil
+          end
+      #--- Instance methods ---#
+          def status method, &block
+            init_role_for(method).evaluate &block
+          end
+          def statuses
+            rules.keys
+          end
+          def can? *args
+            subject, args = args.shift, args
+            verdict = false
+            statuses.each do |status|
+              if subject.send status
+                verdict = rules[status].can? *args
+                break
+              end
+            end
+            verdict
+          end
+      private
+          def rules
+            @rules ||= {}.with_indifferent_access
+          end
+          def init_role_for method
+            rules[method] ||= Robotnik::Authorization::Status.new
+          end
+    end
+  end
+end

data/lib/stasi/authorization/status.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module Robotnik
+  module Authorization
+    class Status
+      include Robotnik::DslEval
+        def can action, resource, conditions=nil, &block
+          init_rule_for resource
+          rules[resource][action] = conditions || block || true
+        end
+        def cannot action, resource
+          init_rule_for resource
+          rules[resource][action] = false
+        end
+        def can? action, resource, subject
+          begin
+            condition = rules[resource][action]
+            case condition
+              when true, false then condition
+              else
+                return condition.call(subject) if condition.respond_to?(:call)
+                deliberation = true
+                deliberation = deliberation && condition[:if].call(subject) if condition.has_key?(:if)
+                deliberation = deliberation && (! condition[:unless].call(subject)) if deliberation && condition.has_key?(:unless)
+                deliberation
+            end
+          rescue NoMethodError
+            false
+          end
+        end
+      private
+        def rules
+          @rules ||= {}.with_indifferent_access
+        end
+        def init_rule_for resource
+          rules[resource] ||= {}.with_indifferent_access
+        end
+    end
+  end
+end

data/lib/stasi/authorization/watch.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module Robotnik
+  module Authorization
+    module Watch
+      def can? *args
+        Robotnik::Authorization::Law.law.can? *(args.unshift(self))
+      end
+    end
+  end
+end

data/lib/stasi.rb ADDED Viewed

@@ -0,0 +1,7 @@
+require 'dsl_eval'
+require 'active_support/core_ext/hash'
+require 'active_support/core_ext/class/attribute_accessors'
+require 'stasi/authorization/law'
+require 'stasi/authorization/status'
+require 'stasi/authorization/watch'

data/test/law_test.rb ADDED Viewed

@@ -0,0 +1,82 @@
+require 'test_helper'
+class LawTest < ActiveSupport::TestCase
+  def setup
+    @law = Robotnik::Authorization::Law.new
+  end
+  test "it has rules" do
+    rules = @law.send :rules
+    assert_instance_of ActiveSupport::HashWithIndifferentAccess, rules
+  end
+  test "it initiates rules for role" do
+    @law.send :init_role_for, :role
+    rules = @law.instance_variable_get('@rules')
+    assert rules.has_key? :role
+    assert_instance_of Robotnik::Authorization::Status, rules[:role]
+  end
+  test "it yields status for authorization definition" do
+    @law.status :admin do
+      can :read, :book
+    end
+    assert @law.instance_variable_get('@rules')[:admin].can? :read, :book, nil
+  end
+  test "it has statuses" do
+    @law.status :admin do
+    end
+    assert_equal ['admin'], @law.statuses
+  end
+  test "it tests status on given object" do
+    object = Object.new
+    class << object
+      def admin
+        true
+      end
+      def not_admin
+        false
+      end
+    end
+    @law.status :admin do
+      can :read, :book
+    end
+    @law.status :not_admin do
+      cannot :read, :book
+    end
+    assert @law.can? object, :read, :book, nil
+    class << object
+      def admin
+        false
+      end
+      def not_admin
+        true
+      end
+    end
+    refute @law.can? object, :read, :book, nil
+  end
+  test "it returns false if no status returns true" do
+    object = Object.new
+    class << object
+      def admin
+        false
+      end
+    end
+    @law.status :admin do
+    end
+    refute @law.can? object, :do, :something, nil
+  end
+  test "it defines a new law at class level" do
+    Robotnik::Authorization::Law.define do
+      status :admin do
+      end
+    end
+    assert_equal ['admin'], Robotnik::Authorization::Law.law.statuses
+  end
+end

data/test/status_test.rb ADDED Viewed

@@ -0,0 +1,60 @@
+require 'test_helper'
+class StatusTest < ActiveSupport::TestCase
+  def setup
+    @status = Robotnik::Authorization::Status.new
+  end
+  test "it has rules" do
+    rules = @status.send :rules
+    assert_instance_of ActiveSupport::HashWithIndifferentAccess, rules
+  end
+  test "it initiates rules for resource" do
+    @status.send :init_rule_for, :resource
+    rules = @status.instance_variable_get('@rules')
+    assert rules.has_key? :resource
+    assert_instance_of ActiveSupport::HashWithIndifferentAccess, rules[:resource]
+  end
+  test "it defines prohibition" do
+    @status.cannot :read, :book
+    refute @status.can? :read, :book, nil
+  end
+  test "it defines strict authorization" do
+    @status.can :read, :book
+    assert @status.can? :read, :book, nil
+  end
+  test "it defines authorization with if and unless options" do
+    assertions = [true, false, false, true, false, true, false, false]
+    [[true, nil], [nil, true], [false, nil], [nil, false], [true, true], [true, false], [false, true], [false, false]].each_with_index do |conditions, i|
+      conditions_hash = {}
+      [:if, :unless].each_with_index do |operator, j|
+        unless conditions[j].nil?
+          if conditions[j]
+            conditions_hash[operator] = Proc.new{ |num| num == 1 }
+          else
+            conditions_hash[operator] = Proc.new{ |num| num != 1 }
+          end
+        end
+      end
+      @status.can :read, :book, conditions_hash
+      assert_equal assertions[i], @status.can?(:read, :book, 1)
+    end
+  end
+  test "it defines authorizations with a block" do
+    @status.can :read, :book do |num|
+      num * 2
+    end
+    assert_equal 6, @status.can?(:read, :book, 3)
+  end
+  test "it defaults to forbidden if permission is not defined" do
+    refute @status.can? :be, :free, :nil
+  end
+end

data/test/test_helper.rb ADDED Viewed

@@ -0,0 +1,9 @@
+gem 'minitest'
+require 'stasi'
+require 'minitest/unit'
+require 'active_support/test_case'
+require 'minitest/autorun'
+require 'turn'
+require 'turn/colorize'
+require 'turn/autorun'

data/test/watch_test.rb ADDED Viewed

@@ -0,0 +1,21 @@
+require 'test_helper'
+class WatchTest < ActiveSupport::TestCase
+  test "calls the law class can? with self as first arg" do
+    object = Object.new
+    object.extend Robotnik::Authorization::Watch
+    class << object
+      def admin
+        true
+      end
+    end
+    Robotnik::Authorization::Law.define do
+      status :admin do
+        can :do, :something
+      end
+    end
+    assert object.can?(:do, :something, :stupid)
+  end
+end

metadata ADDED Viewed

@@ -0,0 +1,161 @@
+--- !ruby/object:Gem::Specification
+name: stasi
+version: !ruby/object:Gem::Version
+  prerelease: 6
+  version: 0.0.1.alpha
+platform: ruby
+authors:
+- Paul Vonderscher
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2013-10-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+    none: false
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: rake
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: minitest
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    none: false
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: turn
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: dsl_eval
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+    none: false
+  prerelease: false
+  type: :runtime
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+    none: false
+  prerelease: false
+  type: :runtime
+description: a small authorization library
+email:
+- paul.vonderscher@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/stasi.rb
+- lib/stasi/authorization/law.rb
+- lib/stasi/authorization/status.rb
+- lib/stasi/authorization/watch.rb
+- test/law_test.rb
+- test/status_test.rb
+- test/test_helper.rb
+- test/watch_test.rb
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- Rakefile
+- README.md
+- init.rb
+homepage: ''
+licenses:
+- MIT
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>'
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+  none: false
+requirements: []
+rubyforge_project:
+rubygems_version: 1.8.24
+signing_key:
+specification_version: 3
+summary: Schild und Schwert der Partei
+test_files:
+- test/law_test.rb
+- test/status_test.rb
+- test/test_helper.rb
+- test/watch_test.rb