stonewall 0.0.1 → 0.1.0

data/VERSION

@@ -1 +1 @@
-0.0.1
+0.1.0

data/lib/rails/active_record.rb

@@ -0,0 +1,14 @@
+ActiveRecord::Base.class_eval do
+  
+  def method_missing_with_stonewall(symb, *args)
+    method_name = symb.to_s
+    if method_name =~ /^may_(.+?)[\!\?]$/
+      args.first.class.stonewall.actions[$1.to_sym].call(args.first, self)
+    else
+      method_missing_without_stonewall(symb, *args)
+    end
+  end
+  
+  alias_method_chain :method_missing, :stonewall
+  
+end

data/lib/stonewall/access_controller.rb

@@ -7,7 +7,7 @@ module StoneWall
     attr_reader :guarded_class
     attr_reader :variant_field
     attr_accessor :actions
-    attr_accessor :guarded_methods
+    attr_reader :guarded_methods
     attr_accessor :method_groups
 
     # the matrix is the money-shot of the access controller.  You can set it
@@ -42,6 +42,14 @@ module StoneWall
       matrix[r] && matrix[r][v] && matrix[r][v].include?(m)
     end
 
+    # This is similar to, but not the same as, the guard method on the parser.
+    # The parser has to wait until the methods are reified.  Since this is
+    # got adding guards at runtime, we don't have that restruction here.
+    def guard(method)
+      StoneWall::Helpers.guard(@guarded_class, method)
+      StoneWall::Helpers.fix_alias_for(@guarded_class, method)
+    end
+    
     # --------------
     # This is 1/3rd of the magic in this gem.  Every method you guard is
     # checked by this method. It looks at the matrix of permissions you built
@@ -49,10 +57,31 @@ module StoneWall
     # and the method being accessed.   #should we fail secure?
     def allowed?(guarded_object, user, method)
       return true if (guarded_object.nil? || user.nil? || method.nil?)
-      v = variant_field ? guarded_object.send(variant_field).to_sym : :all
+      return true unless @guarded_methods.include?(method)
+      
+      # if they can always view it, no need to check variant.
+      always = user.stonepath_role_info.detect do |r|
+        granted?(r, :all, :all) || granted?(r, :all, method)
+      end
+      return always if always
+      
+      v = guarded_object.send(variant_field) &&
+          guarded_object.send(variant_field).to_sym
       user.stonepath_role_info.detect do |r|
-        granted?(r, v, method)
+        granted?(r, v, :all) || granted?(r, v, method)
       end || false
     end
+    
+    def grants
+      grants = Array.new
+        @matrix.each do |r, vm|
+          vm.each do |v, methods|
+            methods.each do |m|
+              grants << [r, v, m]
+            end
+          end
+        end
+      return grants
+    end
   end
 end

data/lib/stonewall/helpers.rb

@@ -5,6 +5,13 @@ module StoneWall
       [String, Symbol].include?(role.class) ? role.to_sym : role.name.to_sym
     end
 
+
+    def self.fix_aliases_for(guarded_class)
+      guarded_class.stonewall.guarded_methods.each do |m|
+        fix_alias_for(guarded_class, m)
+      end
+    end
+
     # --------------
     # This is 1/3rd of the magic in this gem.  We earlier built a
     # 'schpoo_with_stonepath' method on your class, and now we use
@@ -14,11 +21,30 @@ module StoneWall
     # We have to do this after ActoveRecord synthesizes the attribute methods
     # with a call to 'define_attribute_methods'; you'll see some magic in the
     # base.instance_eval in the other file to make that magic happen.
-    def self.fix_aliases_for(guarded_class)
-      guarded_class.stonewall.guarded_methods.each do |m|
-        guarded_class.send(:alias_method_chain, m, :stonewall) 
+    def self.fix_alias_for(guarded_class, m)
+      guarded_class.send(:alias_method_chain, m, :stonewall)
+    end
+    
+    
+    def self.guard(guarded_class, m)
+      guarded_class.stonewall.guarded_methods << m
+      aliased_target, punctuation = m.to_s.sub(/([?!=])$/, ''), $1
+      checked_method = "#{aliased_target}_with_stonewall#{punctuation}"
+      unchecked_method = "#{aliased_target}_without_stonewall#{punctuation}"    
+      # --------------
+      # This method is defined on the guarded class, so it is callable on
+      # objects of that class.  This is 1/3rd of the magic of this gem-
+      # if you declare 'schpoo' a guarded method, we generate this
+      # 'schpoo_with_stonewall' method. Elsewhere, we use alias_method_chain
+      # to wrap your original 'schpoo' method.
+      guarded_class.send(:define_method, checked_method) do |*args|
+        if stonewall.allowed?(self, User.current, m)
+          self.send(unchecked_method, *args)
+        else
+          raise "Access Violation"
+        end
       end
+      # -------------- end of bizzaro meta-juju
     end
-
   end
 end

data/lib/stonewall/parser.rb

@@ -5,16 +5,28 @@ module StoneWall
       @method_groups = Hash.new
     end
 
-    def allowed_method(method)
-      @parent.stonewall.add_grant(@role, @variant, method)
+    def allowed_method(*methods)
+      methods.flatten.each do |m|
+        @parent.stonewall.add_grant(@role, @variant, m)
+      end
     end
 
-    def allowed_methods(method_names)
-      @parent.stonewall.method_groups[method_names].each do |m|
-        allowed_method m
+    def allowed_methods(*methods)
+      allowed_method(*methods)
+    end
+    
+    def allowed_method_group(*group_names)
+      group_names.flatten.each do |group_name|
+        @parent.stonewall.method_groups[group_name].each do |m|
+          allowed_method m
+        end
       end
     end
 
+    def allowed_method_groups(*group_names)
+      allowed_method_group(group_names)
+    end
+    
     def method_group(name, methods)
       @parent.stonewall.method_groups[name] = methods
     end
@@ -35,25 +47,10 @@ module StoneWall
       yield Parser.new(@parent, @role, variant_name)
     end
 
-    def guard(method)
-      @parent.stonewall.guarded_methods << method
-      aliased_target, punctuation = method.to_s.sub(/([?!=])$/, ''), $1
-      checked_method = "#{aliased_target}_with_stonewall#{punctuation}"
-      unchecked_method = "#{aliased_target}_without_stonewall#{punctuation}"    
-      # --------------
-      # This method is defined on the guarded class, so it is callable on
-      # objects of that class.  This is 1/3rd of the magic of this gem-
-      # if you declare 'schpoo' a guarded method, we generate this
-      # 'schpoo_with_stonewall' method. Elsewhere, we use alias_method_chain
-      # to wrap your original 'schpoo' method.
-      @parent.send(:define_method, checked_method) do |*args|
-        if stonewall.allowed?(self, User.current, method)
-          self.send(unchecked_method, *args)
-        else
-          raise "Access Violation"
-        end
+    def guard(*methods)
+      methods.each do |m|
+        StoneWall::Helpers.guard(@parent, m)
       end
-      # -------------- end of bizzaro meta-juju
     end
 
   end

data/lib/stonewall/user_extensions.rb

@@ -33,16 +33,5 @@ module StoneWall
       object.class.stonewall.allowed?(object, self, method)
     end
 
-    def method_missing_with_stonewall(symb, *args)
-      method_name = symb.to_s
-      if method_name =~ /^may_(.+?)[\!\?]$/
-        args.first.class.stonewall.actions[$1.to_sym].call(args.first, self)
-      else
-        method_missing_without_stonewall(symb, *args)
-      end
-    end
-
-    alias_method_chain :method_missing, :stonewall
-
   end
 end

data/lib/stonewall.rb

@@ -3,4 +3,5 @@ $:.unshift(File.dirname(__FILE__)) unless
   $:.include?(File.expand_path(File.dirname(__FILE__)))
 
 require File.expand_path(File.dirname(__FILE__)) + "/stonewall/stonewall.rb"
-require File.expand_path(File.dirname(__FILE__)) + "/stonewall/user_extensions.rb"
+require File.expand_path(File.dirname(__FILE__)) + "/stonewall/user_extensions.rb"
+require 'rails/active_record'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: stonewall
 version: !ruby/object:Gem::Version 
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors: 
 - bokmann
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-03-20 00:00:00 -04:00
+date: 2010-03-25 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -59,6 +59,7 @@ files:
 - Rakefile
 - VERSION
 - design_notes.txt
+- lib/rails/active_record.rb
 - lib/stonewall.rb
 - lib/stonewall/access_controller.rb
 - lib/stonewall/helpers.rb