tarsolya-declarative_authorization 0.4.1 → 0.4.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/app/controllers/authorization_rules_controller.rb +1 -1
- data/lib/declarative_authorization/authorization.rb +4 -2
- data/lib/declarative_authorization/maintenance.rb +2 -2
- data/lib/declarative_authorization/obligation_scope.rb +14 -2
- data/lib/declarative_authorization/reader.rb +6 -1
- data/test/helper_test.rb +1 -0
- data/test/test_helper.rb +24 -9
- metadata +19 -18
@@ -18,7 +18,7 @@ class AuthorizationRulesController < ApplicationController
|
|
18
18
|
def index
|
19
19
|
respond_to do |format|
|
20
20
|
format.html do
|
21
|
-
@auth_rules_script = File.read("#{
|
21
|
+
@auth_rules_script = File.read("#{Rails.root}/config/authorization_rules.rb")
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# Authorization
|
2
|
+
require File.dirname(__FILE__) + '/railsengine' if defined?(::Rails::Engine)
|
2
3
|
require File.dirname(__FILE__) + '/reader.rb'
|
3
4
|
require "set"
|
4
5
|
|
@@ -25,7 +26,7 @@ module Authorization
|
|
25
26
|
end
|
26
27
|
end
|
27
28
|
|
28
|
-
AUTH_DSL_FILES = ["
|
29
|
+
AUTH_DSL_FILES = ["config/authorization_rules.rb"] unless defined? AUTH_DSL_FILES
|
29
30
|
|
30
31
|
# Controller-independent method for retrieving the current user.
|
31
32
|
# Needed for model security where the current controller is not available.
|
@@ -159,7 +160,8 @@ module Authorization
|
|
159
160
|
|
160
161
|
user, roles, privileges = user_roles_privleges_from_options(privilege, options)
|
161
162
|
|
162
|
-
return true
|
163
|
+
return true if roles.is_a?(Array) and not (roles & @omnipotent_roles).empty?
|
164
|
+
|
163
165
|
# find a authorization rule that matches for at least one of the roles and
|
164
166
|
# at least one of the given privileges
|
165
167
|
attr_validator = AttributeValidator.new(self, user, options[:object], privilege, options[:context])
|
@@ -55,9 +55,9 @@ module Authorization
|
|
55
55
|
def self.usages_by_controller
|
56
56
|
# load each application controller
|
57
57
|
begin
|
58
|
-
Dir.foreach(File.join(
|
58
|
+
Dir.foreach(File.join(Rails.root, %w{app controllers})) do |entry|
|
59
59
|
if entry =~ /^\w+_controller\.rb$/
|
60
|
-
require File.join(
|
60
|
+
require File.join(Rails.root, %w{app controllers}, entry)
|
61
61
|
end
|
62
62
|
end
|
63
63
|
rescue Errno::ENOENT
|
@@ -42,10 +42,22 @@ module Authorization
|
|
42
42
|
# +@proxy_options[:joins] = { :bar => { :baz => :foo } }
|
43
43
|
# @proxy_options[:conditions] = [ 'foos_bazzes.attr = :foos_bazzes__id_0', { :foos_bazzes__id_0 => 1 } ]+
|
44
44
|
#
|
45
|
-
|
45
|
+
if defined?(::ActiveRecord::Relation)
|
46
|
+
class ObligationScope < ActiveRecord::Relation
|
47
|
+
end
|
48
|
+
else
|
49
|
+
class ObligationScope < ActiveRecord::NamedScope::Scope
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
class ObligationScope
|
46
54
|
def initialize (model, options)
|
47
55
|
@finder_options = {}
|
48
|
-
|
56
|
+
if Rails.version < "3"
|
57
|
+
super(model, options)
|
58
|
+
else
|
59
|
+
super(model, model.table_name)
|
60
|
+
end
|
49
61
|
end
|
50
62
|
|
51
63
|
def scope
|
@@ -89,7 +89,12 @@ module Authorization
|
|
89
89
|
begin
|
90
90
|
reader.parse(File.read(file), file)
|
91
91
|
rescue SystemCallError
|
92
|
-
|
92
|
+
# Try finding the file in the rails root
|
93
|
+
begin
|
94
|
+
reader.parse(File.read(File.join(Rails.root, file)), file)
|
95
|
+
rescue SystemCallError
|
96
|
+
raise ::Authorization::Reader::DSLFileNotFoundError, "Error reading authorization rules file with path '#{file}'! Please ensure it exists and that it is accessible."
|
97
|
+
end
|
93
98
|
end
|
94
99
|
end
|
95
100
|
reader
|
data/test/helper_test.rb
CHANGED
data/test/test_helper.rb
CHANGED
@@ -7,13 +7,6 @@ unless defined?(RAILS_ROOT)
|
|
7
7
|
File.join(File.dirname(__FILE__), %w{.. .. .. ..})
|
8
8
|
end
|
9
9
|
|
10
|
-
DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
|
11
|
-
|
12
|
-
require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
|
13
|
-
require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
|
14
|
-
require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
|
15
|
-
require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
|
16
|
-
|
17
10
|
unless defined?(ActiveRecord)
|
18
11
|
if File.directory? RAILS_ROOT + '/config'
|
19
12
|
puts 'Using config/boot.rb'
|
@@ -34,6 +27,13 @@ unless defined?(ActiveRecord)
|
|
34
27
|
end
|
35
28
|
end
|
36
29
|
|
30
|
+
DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
|
31
|
+
|
32
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
|
33
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
|
34
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
|
35
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
|
36
|
+
|
37
37
|
begin
|
38
38
|
require 'ruby-debug'
|
39
39
|
rescue MissingSourceFile; end
|
@@ -113,9 +113,18 @@ class MocksController < ActionController::Base
|
|
113
113
|
end
|
114
114
|
end
|
115
115
|
|
116
|
-
|
117
|
-
|
116
|
+
if Rails.version < "3"
|
117
|
+
ActionController::Routing::Routes.draw do |map|
|
118
|
+
map.connect ':controller/:action/:id'
|
119
|
+
end
|
120
|
+
else
|
121
|
+
Rails::Application.routes.draw do
|
122
|
+
match '/name/spaced_things(/:action)' => 'name/spaced_things'
|
123
|
+
match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things'
|
124
|
+
match '/:controller(/:action(/:id))'
|
125
|
+
end
|
118
126
|
end
|
127
|
+
|
119
128
|
ActionController::Base.send :include, Authorization::AuthorizationInController
|
120
129
|
if Rails.version < "3"
|
121
130
|
require "action_controller/test_process"
|
@@ -134,4 +143,10 @@ class Test::Unit::TestCase
|
|
134
143
|
end
|
135
144
|
get action, params
|
136
145
|
end
|
146
|
+
|
147
|
+
unless Rails.version < "3"
|
148
|
+
def setup
|
149
|
+
@routes = Rails::Application.routes
|
150
|
+
end
|
151
|
+
end
|
137
152
|
end
|
metadata
CHANGED
@@ -6,7 +6,8 @@ version: !ruby/object:Gem::Version
|
|
6
6
|
- 0
|
7
7
|
- 4
|
8
8
|
- 1
|
9
|
-
|
9
|
+
- 2
|
10
|
+
version: 0.4.1.2
|
10
11
|
platform: ruby
|
11
12
|
authors:
|
12
13
|
- Steffen Bartsch
|
@@ -14,7 +15,7 @@ autorequire:
|
|
14
15
|
bindir: bin
|
15
16
|
cert_chain: []
|
16
17
|
|
17
|
-
date: 2010-04-
|
18
|
+
date: 2010-04-20 00:00:00 +02:00
|
18
19
|
default_executable:
|
19
20
|
dependencies:
|
20
21
|
- !ruby/object:Gem::Dependency
|
@@ -51,36 +52,36 @@ files:
|
|
51
52
|
- app/controllers/authorization_rules_controller.rb
|
52
53
|
- app/controllers/authorization_usages_controller.rb
|
53
54
|
- app/helpers/authorization_rules_helper.rb
|
54
|
-
- app/views/
|
55
|
+
- app/views/authorization_usages/index.html.erb
|
56
|
+
- app/views/authorization_rules/index.html.erb
|
55
57
|
- app/views/authorization_rules/_show_graph.erb
|
58
|
+
- app/views/authorization_rules/_change.erb
|
56
59
|
- app/views/authorization_rules/_suggestions.erb
|
57
|
-
- app/views/authorization_rules/change.html.erb
|
58
60
|
- app/views/authorization_rules/graph.dot.erb
|
61
|
+
- app/views/authorization_rules/change.html.erb
|
59
62
|
- app/views/authorization_rules/graph.html.erb
|
60
|
-
- app/views/authorization_rules/index.html.erb
|
61
|
-
- app/views/authorization_usages/index.html.erb
|
62
63
|
- config/routes.rb
|
63
64
|
- lib/declarative_authorization.rb
|
64
|
-
- lib/declarative_authorization/
|
65
|
+
- lib/declarative_authorization/in_controller.rb
|
66
|
+
- lib/declarative_authorization/reader.rb
|
67
|
+
- lib/declarative_authorization/rails_legacy.rb
|
68
|
+
- lib/declarative_authorization/obligation_scope.rb
|
69
|
+
- lib/declarative_authorization/in_model.rb
|
70
|
+
- lib/declarative_authorization/helper.rb
|
65
71
|
- lib/declarative_authorization/development_support/analyzer.rb
|
66
72
|
- lib/declarative_authorization/development_support/change_analyzer.rb
|
67
73
|
- lib/declarative_authorization/development_support/change_supporter.rb
|
68
74
|
- lib/declarative_authorization/development_support/development_support.rb
|
69
|
-
- lib/declarative_authorization/
|
70
|
-
- lib/declarative_authorization/in_controller.rb
|
71
|
-
- lib/declarative_authorization/in_model.rb
|
75
|
+
- lib/declarative_authorization/authorization.rb
|
72
76
|
- lib/declarative_authorization/maintenance.rb
|
73
|
-
- lib/declarative_authorization/obligation_scope.rb
|
74
|
-
- lib/declarative_authorization/rails_legacy.rb
|
75
|
-
- lib/declarative_authorization/reader.rb
|
76
77
|
- test/authorization_test.rb
|
77
|
-
- test/
|
78
|
-
- test/controller_test.rb
|
79
|
-
- test/dsl_reader_test.rb
|
80
|
-
- test/helper_test.rb
|
78
|
+
- test/schema.sql
|
81
79
|
- test/maintenance_test.rb
|
82
80
|
- test/model_test.rb
|
83
|
-
- test/
|
81
|
+
- test/controller_test.rb
|
82
|
+
- test/helper_test.rb
|
83
|
+
- test/dsl_reader_test.rb
|
84
|
+
- test/controller_filter_resource_access_test.rb
|
84
85
|
- test/test_helper.rb
|
85
86
|
has_rdoc: true
|
86
87
|
homepage: http://github.com/stffn/declarative_authorization
|