tight-engine 0.0.1 → 0.0.2

data/lib/tight-auth/login/controller.rb

@@ -1,20 +0,0 @@
-module Tight
-  module Login
-    module Controller
-      def self.included(base)
-        base.get :index do
-          render :slim, :"new", :layout => :"layout", :views => File.dirname(__FILE__)
-        end
-        base.post :index do
-          if authenticate
-            restore_location
-          else
-            params.delete 'password'
-            flash.now[:error] = 'Wrong password'
-            render :slim, :"new", :layout => :"layout", :views => File.dirname(__FILE__)
-          end
-        end
-      end
-    end
-  end
-end

data/lib/tight-auth/login/layout.slim

@@ -1,10 +0,0 @@
-doctype html
-html
-  head
-    meta charset="utf-8"
-    meta name="robots" content="noindex"
-    title Padrino::Login
-    link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/2.3.2/css/bootstrap.min.css"
-  body
-    .container.login style='width: 287px'
-      = yield

data/lib/tight-auth/login/new.slim

@@ -1,37 +0,0 @@
-h3
-  | Login
-  br
-  small
-    a href=url('/') = request.env['HTTP_HOST']
-
-form.form-horizontal.well action=''
-  - [:error, :warning, :success, :notice].each do |type|
-    - next  if flash[type].blank?
-    .alert.alert-message class=('alert-' + (type == :notice ? :info : type).to_s) data-alert=true
-      = flash[type]
-
-  legend Social
-  .control-group
-    a href=url('/oauth/google')
-      img src='/images/social/google.png'
-
-  legend Obsolete
-  .control-group
-    .input-prepend
-      span.add-on
-        i.icon-envelope
-      input type=:text name=:email value=params[:email] placeholder='email'
-  .control-group
-    .input-prepend
-      span.add-on
-        i.icon-lock
-      input type=:password name=:password value=params[:password] placeholder='password'
-  .control-group
-    input.btn.btn-primary.pull-right type=:submit Log in
-    - if settings.login_bypass
-      label.checkbox
-        | Bypass
-        input type=:checkbox name=:bypass value='Bypass'
-
-small
-  a href=url('/login/reset_password') Forgot password?

data/lib/tight-auth/permissions.rb

@@ -1,180 +0,0 @@
-module Tight
-  ##
-  # Class to store and check permissions used in Padrino::Access.
-  #
-  class Permissions
-    ##
-    # Initializes new permissions storage.
-    #
-    # @example
-    #   permissions = Permissions.new
-    #
-    def initialize
-      clear!
-    end
-
-    ##
-    # Clears permit records and action cache.
-    #
-    # @example
-    #   permissions.clear!
-    #
-    def clear!
-      @permits = {}
-      @actions = {}
-    end
-
-    ##
-    # Adds a permission record to storage.
-    #
-    # @param [Symbol || Object] subject
-    #   permit subject
-    # @param [Hash] options
-    #   permit attributes
-    # @param [Symbol] options[:allow] || options[:action]
-    #   what action to allow with objects
-    # @param [Symbol] options[:with] || options[:object]
-    #   with what objects allow specified action
-    #
-    # @example
-    #   permissions.add :robots, :allow => :protect, :object => :humans
-    #   permissions.add @bender, :allow => :kill, :object => :humans
-    #
-    def add(*args)
-      @actions = {}
-      options = args.extract_options!
-      action, object = action_and_object(options)
-      object_type = detect_type(object)
-      args.each{ |subject| merge(subject, action, object_type) }
-    end
-
-    ##
-    # Checks if permission record exists. Returns a boolean or yield a block.
-    #
-    # @param [Object] subject
-    #   performer of an action
-    # @param [Hash] options
-    #   attributes to check
-    # @param [Symbol] options[:have]
-    #   check if the subject has a role
-    # @param [Symbol] options[:allow] || options[:action]
-    #   check if the subject is allowed to perform the action
-    # @param [Symbol] options[:with] || options[:object]
-    #   check if the subject is allowed to interact with the subject
-    # @param [Proc]
-    #   optional block to yield if the action is allowed
-    #
-    # @example
-    #   # check if @bender have role :robots
-    #   permissions.check @bender, :have => :robots # => true
-    #   # check if @bender is allowed to kill :humans
-    #   permissions.check @bender, :allow => :kill, :object => :humans # => true
-    #   # check if @bender is allowed to kill :humans and yield a block
-    #   permissions.check @bender, :allow => :kill, :object => :humans do
-    #     @bender.kill_all! :humans
-    #   end
-    #
-    def check(subject, options)
-      case
-      when options[:have]
-        check_role(subject, options[:have])
-      else
-        check_action(subject, *action_and_object(options))
-      end && (block_given? ? yield : true)
-    end
-
-    ##
-    # Populates and returns the list of objects available to the subject.
-    #
-    # @param [Object] subject
-    #   the subject to be checked for actions
-    #
-    def find_objects(subject, target_action=nil)
-      find_actions(subject).inject([]) do |all,(action,objects)|
-        all |= objects if target_action.nil? || action == target_action || action == :*
-        all
-      end
-    end
-
-    private
-
-    # Merges a list of new permits into permissions storage.
-    def merge(subject, actions, object_type)
-      subject_id = detect_id(subject)
-      @permits[subject_id] ||= {}
-      Array(actions).each do |action|
-        @permits[subject_id][action] ||= []
-        @permits[subject_id][action] |= [object_type]
-      end
-    end
-
-    # Checks if the subject has the role.
-    def check_role(subject, roles)
-      if subject.respond_to?(:role)
-        Array(roles).include?(subject.role)
-      else
-        false
-      end
-    end
-
-    # Checks if the subject is allowed to perform the action with the object.
-    def check_action(subject, action, object)
-      actions = find_actions(subject)
-      objects = actions && (Array(actions[action]) | Array(actions[:*]))
-      objects && (objects & [:*, detect_type(object)]).any?
-    end
-
-    # Finds all permits for the subject. Caches the permits in @actions.
-    #   find_actions(@bender) # => { :kill => { :humans }, :drink => { :booze }, :* => { :login } }
-    def find_actions(subject)
-      subject_id = detect_id(subject)
-      return @actions[subject_id] if @actions[subject_id]
-      actions = @permits[subject_id] || {}
-      if subject.respond_to?(:role) && (role_actions = @permits[subject.role.to_sym])
-        actions.merge!(role_actions){ |_,left,right| Array(left)|Array(right) }
-      end
-      if public_actions = @permits[:*]
-        actions.merge!(public_actions){ |_,left,right| Array(left)|Array(right) }
-      end
-      @actions[subject_id] = actions
-    end
-
-    # Returns object type.
-    #   detect_type :humans # => :human
-    #   detect_type 'foobar' # => 'foobar'
-    def detect_type(object)
-      case object
-      when Symbol
-        object.to_s.singularize.to_sym
-      else
-        object
-      end
-    end
-
-    # Returns parametrized subject.
-    #   detect_id :robots               # => :robots
-    #   detect_id sluggable_ar_resource # => 'Sluggable-resource-slug'
-    #   detect_id some_resource_with_id # => '4'
-    #   detect_id generic_object        # => "<Object:0x00001234>"
-    def detect_id(subject)
-      case
-      when Symbol === subject
-        subject
-      when subject.respond_to?(:to_param)
-        subject.to_param
-      when subject.respond_to?(:id)
-        subject.id.to_s
-      else
-        "#{subject}"
-      end
-    end
-
-    # Utility function to extract action and object from options. Defaults to [:*, :*]
-    #   action_and_object(:allow => :kill, :object => :humans)    # => [:kill, :humans]
-    #   action_and_object(:action => :romance, :with => :mutants) # => [:romance, :mutants]
-    #   action_and_object({})                                     # => [:*, :*]
-    def action_and_object(options)
-      [options[:allow] || options[:action] || :*, options[:with] || options[:object] || :*]
-    end
-  end
-end

data/lib/tight/version.rb

@@ -1,3 +0,0 @@
-module Tight
-  VERSION = '0.0.1'
-end

data/test/auth_helper.rb

@@ -1,83 +0,0 @@
-ENV['RACK_ENV'] = 'test'
-
-require 'padrino-core'
-require 'tight-auth'
-require 'minitest/autorun'
-require 'rack/test'
-
-module TightLogger
-  attr_accessor :io
-  def self.io
-    @io ||= StringIO.new
-  end
-end
-
-Padrino::Logger::Config[:test] = { :log_level => :devel, :stream => TightLogger.io }
-
-class Minitest::Spec
-  include Rack::Test::Methods
-
-  def mock_app(base=Padrino::Application, &block)
-    @app = Sinatra.new(base, &block)
-  end
-
-  def app
-    Rack::Lint.new(@app)
-  end
-
-  def set_access(*args)
-    @app.set_access(*args)
-  end
-
-  def allow(subject = nil, path = '/')
-    @app.fake_session[:visitor] = nil
-    get "/login/#{subject.id}" if subject
-    get path
-    assert_equal 200, status, caller.first.to_s
-  end
-
-  def deny(subject = nil, path = '/')
-    @app.fake_session[:visitor] = nil
-    get "/login/#{subject.id}" if subject
-    get path
-    assert_equal 403, status, caller.first.to_s
-  end
-
-  def status
-    response.status
-  end
-
-  def body
-    response.body
-  end
-
-  def response
-    last_response
-  end
-end
-
-module Character
-  extend self
-
-  def authenticate(credentials)
-    case
-    when credentials[:email] && credentials[:password]
-      target = all.find{ |resource| resource.id.to_s == credentials[:email] }
-      target.name.gsub(/[^A-Z]/,'') == credentials[:password] ? target : nil
-    when credentials.has_key?(:id)
-      all.find{ |resource| resource.id == credentials[:id] }
-    else
-      false
-    end
-  end
-
-  def all
-    @all = [
-      OpenStruct.new(:id => :bender,   :name => 'Bender Bending Rodriguez', :role => :robots  ),
-      OpenStruct.new(:id => :leela,    :name => 'Turanga Leela',            :role => :mutants ),
-      OpenStruct.new(:id => :fry,      :name => 'Philip J. Fry',            :role => :humans  ),
-      OpenStruct.new(:id => :ami,      :name => 'Amy Wong',                 :role => :humans  ),
-      OpenStruct.new(:id => :zoidberg, :name => 'Dr. John A. Zoidberg',     :role => :lobsters),
-    ]
-  end
-end

data/test/test_padrino_access.rb

@@ -1,124 +0,0 @@
-require File.expand_path('../auth_helper', __FILE__)
-
-describe "Tight::Access" do
-  before do
-    mock_app do
-      set :credentials_reader, :visitor
-      register Tight::Access
-      set_access :*, :allow => :login
-      set :users, Character.all
-      get(:login, :with => :id) do
-        user = settings.users.find{ |user| user.id.to_s == params[:id] }
-        self.send(:"#{settings.credentials_reader}=", user)
-      end
-      get(:index){ 'foo' }
-      get(:bend){ 'bend' }
-      get(:drink){ 'bend' }
-      get(:subject){ self.send(settings.credentials_reader).inspect }
-      get(:stop_partying){ 'stop partying' }
-      controller :surface do
-        get(:live) { 'live on the surface' }
-      end
-      controller :sewers do
-        get(:live) { 'live in the sewers' }
-        get(:visit) { 'visit the sewers' }
-      end
-      set :fake_session, {}
-      helpers do
-        def visitor
-          settings.fake_session[:visitor]
-        end
-        def visitor=(user)
-          settings.fake_session[:visitor] = user
-        end
-      end
-    end
-    Character.all.each do |user|
-      instance_variable_set :"@#{user.id}", user
-    end
-  end
-
-  it 'should register with authorization module' do
-    assert @app.respond_to? :set_access
-    assert_kind_of Tight::Permissions, @app.permissions
-  end
-
-  it 'should properly detect access subject' do
-    set_access :*
-    get '/login/ami'
-    get '/subject'
-    assert_equal @ami.inspect, body
-  end
-
-  it 'should reset access properly' do
-    set_access :*
-    allow
-    @app.reset_access!
-    deny
-  end
-
-  it 'should set group access' do
-    # only humans should be allowed on TV
-    set_access :humans
-    allow @fry
-    deny @bender
-  end
-
-  it 'should set individual access' do
-    # only Fry should be allowed to romance Leela
-    set_access @fry
-    allow @fry
-    deny @ami
-  end
-
-  it 'should set mixed individual and group access' do
-    # only humans and Leela should be allowed on the surface
-    set_access :humans
-    set_access @leela
-    allow @fry
-    allow @leela
-  end
-
-  it 'should set action-specific access' do
-    # bender should be allowed to bend, and he's denied to stop partying
-    set_access @bender, :allow => :bend
-    set_access @fry, :allow => :stop_partying
-    allow @bender, '/bend'
-    deny @bender, '/stop_partying'
-    allow @fry, '/stop_partying'
-    deny @fry, '/bend'
-  end
-
-  it 'should set multiple action' do
-    # bender should be allowed to bend and drink
-    set_access @bender, :allow => [:drink, :bend]
-    allow @bender, '/drink'
-    allow @bender, '/bend'
-  end
-
-  it 'should set object-specific access' do
-    # only humans and Leela should be allowed to live on the surface
-    # only mutants should be allowed to live in the sewers though humans can visit
-    set_access :humans, :allow => :live, :with => :surface
-    set_access :mutants, :allow => :live, :with => :sewers
-    set_access @leela, :allow => :live, :with => :surface
-    set_access :humans, :allow => :visit, :with => :sewers
-    allow @fry, '/surface/live'
-    deny @fry, '/sewers/live'
-    allow @fry, '/sewers/visit'
-    allow @leela, '/surface/live'
-    allow @leela, '/sewers/live'
-  end
-
-  it 'should detect object when setting access from controller' do
-    # only humans and lobsters should have binocular vision
-    @app.controller :binocular do
-      set_access :humans, :lobsters
-      get(:vision) { 'binocular vision' }
-    end
-    deny @fry, '/'
-    allow @fry, '/binocular/vision'
-    allow @zoidberg, '/binocular/vision'
-    deny @leela, '/binocular/vision'
-  end
-end