three 1.1.0 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c4018a469715b0050959db01c36db56f214d9ccd
4
- data.tar.gz: bd36ca9b6b88aad4869562354fae9d518e88c194
3
+ metadata.gz: 009a9b99cbdffb05a9e283827b05e3fe0e1eb082
4
+ data.tar.gz: 4e4faa7324a05ef27b3ebba6301ca763f9821dd1
5
5
  SHA512:
6
- metadata.gz: e4deed1807609d3bac89dfc02501d5995cc116d66699d763a79e4c1a6674cd397ec9351c42f34c1629981a9b70e34194d21395d9a960443d2db7ff8e2ab3d7f2
7
- data.tar.gz: 4a35b37082a40d2e5209f03875287acd110297cdc4da31dcf256bc138676de5148e0895ca84960b70e129b59c07415df07da59cf961b2e350e6a9cedcdc2f1a6
6
+ metadata.gz: 10c756626332c5b7805ecb2edac547b1723d730a364e067d02a97bda858f981617f3e0071bc987e06b189a477c3a5f365106a2b859dff24b535ffb30eb38db1f
7
+ data.tar.gz: 818711ac6b94bd8b2c7cfdbfe6cec906ee75128eca5847bba58c772f8068e89dc668760ffae78cf3ea024a49275ea6dd96224c8e72d7b7268039e63f7397ea46
data/.gitignore CHANGED
@@ -1,2 +1,2 @@
1
1
  .rvmrc
2
- .Gemfile.lock
2
+ Gemfile.lock
@@ -168,3 +168,21 @@ evaluator.rescue_errors = false
168
168
  evaluator.allowed? nil, :watch_out # POW an error was raised
169
169
 
170
170
  ```
171
+
172
+ ### Tracing
173
+
174
+ Ok, so if your security rights are broken out into many different classes, it might be helpful to which one is allowing or preventing permissions.
175
+
176
+ If you'd like to take a peek behind the curtain, try the following:
177
+
178
+ ```ruby
179
+ Three.when_tracing do |what, details|
180
+ # "what" will be :allowed/:prevented
181
+ # details is a hash with the following:
182
+ # subject # the subject of the rules check
183
+ # target # the target, if one was provided
184
+ # permissions # the permissions either allowed or prevented
185
+ # rule # the rule making the check
186
+ puts [what, details].inspect
187
+ end
188
+ ```
@@ -0,0 +1,5 @@
1
+ v 1.1.0
2
+ - Added ability to "prevent" rules. Works just like "allowed", but allows a rule to block out a permission.
3
+
4
+ v 1.2.0
5
+ - Added tracing. This allows the user to provide a method to trace what rules are providing which permissions.
@@ -6,4 +6,12 @@ module Three
6
6
  Three::Evaluator.new(rules)
7
7
  end
8
8
 
9
+ def self.trace what, details
10
+ @trace_method.call(what, details) if @trace_method
11
+ end
12
+
13
+ def self.when_tracing &block
14
+ @trace_method = block
15
+ end
16
+
9
17
  end
@@ -58,15 +58,17 @@ module Three
58
58
  end
59
59
 
60
60
  def execute_rule rule, method, subject, target
61
- if rescue_errors
62
- begin
63
- rule.send(method, subject, target)
64
- rescue
65
- []
66
- end
67
- else
68
- rule.send(method, subject, target)
69
- end
61
+ permissions = if rescue_errors
62
+ begin
63
+ rule.send(method, subject, target)
64
+ rescue
65
+ []
66
+ end
67
+ else
68
+ rule.send(method, subject, target)
69
+ end
70
+ Three.trace method, { subject: subject, target: target, permissions: permissions, rule: rule }
71
+ permissions
70
72
  end
71
73
 
72
74
  def flatten_permissions permissions
@@ -1,3 +1,3 @@
1
1
  module Three
2
- VERSION = "1.1.0"
2
+ VERSION = "1.2.0"
3
3
  end
@@ -86,4 +86,49 @@ describe Three::Evaluator do
86
86
 
87
87
  end
88
88
 
89
+ describe "noting important things" do
90
+
91
+ let(:the_subject) { Object.new }
92
+ let(:the_target) { Object.new }
93
+ let(:permission) { SecureRandom.uuid.to_sym }
94
+
95
+ let(:permission_to_prevent) { SecureRandom.uuid.to_sym }
96
+
97
+ let(:rule) do
98
+ Object.new.tap do |r|
99
+ r.stubs(:allowed).returns [permission]
100
+ r.stubs(:prevented).returns [permission_to_prevent]
101
+ end
102
+ end
103
+
104
+ let(:evaluator) { Three.evaluator_for rule }
105
+
106
+ before { Three.stubs :trace }
107
+
108
+ it "should trace the allowed permission build-up" do
109
+ Three.expects(:trace).with do |what, stuff|
110
+ what == :allowed &&
111
+ stuff[:rule].object_id == rule.object_id &&
112
+ stuff[:permissions].count == 1 && stuff[:permissions][0] == permission &&
113
+ stuff[:subject].object_id == the_subject.object_id &&
114
+ stuff[:target].object_id == the_target.object_id
115
+ end
116
+
117
+ evaluator.allowed?(the_subject, permission, the_target)
118
+ end
119
+
120
+ it "should trace the prevented permission build-up" do
121
+ Three.expects(:trace).with do |what, stuff|
122
+ what == :prevented &&
123
+ stuff[:rule].object_id == rule.object_id &&
124
+ stuff[:permissions].count == 1 && stuff[:permissions][0] == permission_to_prevent &&
125
+ stuff[:subject].object_id == the_subject.object_id &&
126
+ stuff[:target].object_id == the_target.object_id
127
+ end
128
+
129
+ evaluator.allowed?(the_subject, permission, the_target)
130
+ end
131
+
132
+ end
133
+
89
134
  end
@@ -234,4 +234,25 @@ describe Three do
234
234
 
235
235
  end
236
236
 
237
+ describe "tracing" do
238
+
239
+ before { Three.instance_eval { @trace_method = nil } }
240
+ after { Three.instance_eval { @trace_method = nil } }
241
+
242
+ it "should do nothing by default" do
243
+ Three.trace nil, nil
244
+ end
245
+
246
+ it "should allow me to register a new way to handle nothing" do
247
+ one, two, thing = Object.new, Object.new, Object.new
248
+ Three.when_tracing { |a, b| [a, b, thing] }
249
+
250
+ result = Three.trace one, two
251
+ result[0].must_be_same_as one
252
+ result[1].must_be_same_as two
253
+ result[2].must_be_same_as thing
254
+ end
255
+
256
+ end
257
+
237
258
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: three
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Darren Cauthon
@@ -52,6 +52,7 @@ files:
52
52
  - ORIGINAL_LICENSE
53
53
  - README.markdown
54
54
  - Rakefile
55
+ - changelog.txt
55
56
  - lib/three.rb
56
57
  - lib/three/evaluator.rb
57
58
  - lib/three/version.rb
@@ -78,7 +79,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
78
79
  version: '0'
79
80
  requirements: []
80
81
  rubyforge_project:
81
- rubygems_version: 2.2.2
82
+ rubygems_version: 2.4.5
82
83
  signing_key:
83
84
  specification_version: 4
84
85
  summary: three