trust 0.6.3 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +26 -2
- data/lib/trust/active_model.rb +76 -0
- data/lib/trust/{active_record.rb → actor.rb} +25 -35
- data/lib/trust/authorization.rb +38 -13
- data/lib/trust/controller/properties.rb +19 -12
- data/lib/trust/controller/resource.rb +38 -18
- data/lib/trust/controller.rb +26 -14
- data/lib/trust/inheritable_attribute.rb +7 -5
- data/lib/trust/permissions.rb +104 -92
- data/lib/trust/version.rb +1 -1
- data/lib/trust.rb +5 -4
- data/test/dummy/log/development.log +3 -0
- data/test/dummy/log/test.log +12750 -0
- data/test/unit/trust/active_model_test.rb +80 -0
- data/test/unit/trust/{active_record_test.rb → actor_test.rb} +14 -22
- data/test/unit/trust/authorization_test.rb +23 -5
- metadata +12 -7
@@ -0,0 +1,80 @@
|
|
1
|
+
# Copyright (c) 2012 Bingo Entreprenøren AS
|
2
|
+
# Copyright (c) 2012 Teknobingo Scandinavia AS
|
3
|
+
# Copyright (c) 2012 Knut I. Stenmark
|
4
|
+
# Copyright (c) 2012 Patrick Hanevold
|
5
|
+
#
|
6
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
7
|
+
# a copy of this software and associated documentation files (the
|
8
|
+
# "Software"), to deal in the Software without restriction, including
|
9
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
10
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
11
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
12
|
+
# the following conditions:
|
13
|
+
#
|
14
|
+
# The above copyright notice and this permission notice shall be
|
15
|
+
# included in all copies or substantial portions of the Software.
|
16
|
+
#
|
17
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
18
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
19
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
20
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
21
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
22
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
23
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
24
|
+
|
25
|
+
require 'test_helper'
|
26
|
+
|
27
|
+
class Trust::ActiveModelTest < ActiveSupport::TestCase
|
28
|
+
context 'permits?' do
|
29
|
+
setup do
|
30
|
+
@user = User.new
|
31
|
+
@account = Account.new
|
32
|
+
end
|
33
|
+
should 'support calls to authorized? on class level' do
|
34
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo)
|
35
|
+
Account.permits? :manage, :foo
|
36
|
+
end
|
37
|
+
should 'support calls to authorized? on instance' do
|
38
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo)
|
39
|
+
@account.permits? :manage, :foo
|
40
|
+
end
|
41
|
+
should 'support calls to authorized? with actor specified' do
|
42
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo, :by => :actor)
|
43
|
+
Account.permits? :manage, :foo, :by => :actor
|
44
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo, :by => :actor)
|
45
|
+
@account.permits? :manage, :foo, :by => :actor
|
46
|
+
end
|
47
|
+
should 'support calls to authorized? with actor specified and no parent' do
|
48
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account, :by => :actor)
|
49
|
+
Account.permits? :manage, :by => :actor
|
50
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => :actor)
|
51
|
+
@account.permits? :manage, :by => :actor
|
52
|
+
end
|
53
|
+
end
|
54
|
+
context 'ensure_permitted!' do
|
55
|
+
setup do
|
56
|
+
@user = User.new
|
57
|
+
@account = Account.new
|
58
|
+
end
|
59
|
+
should 'support calls to athorized! on class level' do
|
60
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account,:foo)
|
61
|
+
Account.ensure_permitted! :manage, :foo
|
62
|
+
end
|
63
|
+
should 'support calls to athorized! on instance' do
|
64
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account,:foo)
|
65
|
+
@account.ensure_permitted! :manage, :foo
|
66
|
+
end
|
67
|
+
should 'support calls to authorized! with actor specified' do
|
68
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account,:foo, :by => :actor)
|
69
|
+
Account.ensure_permitted! :manage, :foo, :by => :actor
|
70
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account,:foo, :by => :actor)
|
71
|
+
@account.ensure_permitted! :manage, :foo, :by => :actor
|
72
|
+
end
|
73
|
+
should 'support calls to authorized! with actor specified and no parent' do
|
74
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account, :by => :actor)
|
75
|
+
Account.ensure_permitted! :manage, :by => :actor
|
76
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account, :by => :actor)
|
77
|
+
@account.ensure_permitted! :manage, :by => :actor
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
@@ -24,33 +24,25 @@
|
|
24
24
|
|
25
25
|
require 'test_helper'
|
26
26
|
|
27
|
-
class Trust::
|
28
|
-
|
29
|
-
|
30
|
-
@user = User.new
|
31
|
-
@account = Account.new
|
32
|
-
end
|
33
|
-
should 'support calls to athorized? on class level' do
|
34
|
-
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo)
|
35
|
-
Account.permits? :manage, :foo
|
36
|
-
end
|
37
|
-
should 'support calls to athorized? on instance' do
|
38
|
-
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo)
|
39
|
-
@account.permits? :manage, :foo
|
40
|
-
end
|
27
|
+
class Trust::ActorTest < ActiveSupport::TestCase
|
28
|
+
class User
|
29
|
+
include ::Trust::Actor
|
41
30
|
end
|
42
|
-
|
31
|
+
|
32
|
+
context 'can?' do
|
43
33
|
setup do
|
44
34
|
@user = User.new
|
45
35
|
@account = Account.new
|
46
36
|
end
|
47
|
-
should 'support calls to
|
48
|
-
Trust::Authorization.expects(:
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
Trust::Authorization.expects(:
|
53
|
-
@
|
37
|
+
should 'support calls to authorized? on instance' do
|
38
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => nil)
|
39
|
+
@user.can? :manage, @account
|
40
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
41
|
+
@user.can? :manage, @account, :foo
|
42
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
43
|
+
@user.can? :manage, @account, :parent => :foo
|
44
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
45
|
+
@user.can? :manage, @account, :for => :foo
|
54
46
|
end
|
55
47
|
end
|
56
48
|
end
|
@@ -65,34 +65,52 @@ class Trust::AuthorizationTest < ActiveSupport::TestCase
|
|
65
65
|
setup do
|
66
66
|
class Validator
|
67
67
|
end
|
68
|
-
class TestAuthorizing
|
68
|
+
class TestAuthorizing # overrides authorizing_class
|
69
69
|
def initialize(user, action, klass, object, parent)
|
70
70
|
Validator.values user, action, klass, object, parent
|
71
71
|
end
|
72
72
|
end
|
73
|
-
|
74
|
-
TestAuthorizing.any_instance.expects(:authorized?).returns(true)
|
73
|
+
TestAuthorizing.any_instance.stubs(:authorized?).returns(true)
|
75
74
|
Trust::Authorization.expects(:authorizing_class).with(String).returns(TestAuthorizing)
|
76
75
|
end
|
77
76
|
should 'instanciate authorizing class and set correct parameters for object' do
|
77
|
+
Trust::Authorization.expects(:user).returns(:user)
|
78
78
|
Validator.expects(:values).with(:user, :action, String, 'object_or_class', :parent)
|
79
79
|
assert Trust::Authorization.authorized?('action', 'object_or_class', :parent)
|
80
80
|
end
|
81
81
|
should 'instanciate authorizing class and set correct parameters for class' do
|
82
|
+
Trust::Authorization.expects(:user).returns(:user)
|
82
83
|
Validator.expects(:values).with(:user, :action, String, nil, :parent)
|
83
84
|
assert Trust::Authorization.authorized?('action', String, :parent)
|
84
85
|
end
|
86
|
+
should 'allow actor to override user with actor' do
|
87
|
+
Validator.expects(:values).with('TheActor', :action, String, nil, :parent)
|
88
|
+
assert Trust::Authorization.authorized?('action', String, :parent, :by => 'TheActor')
|
89
|
+
Trust::Authorization.expects(:authorizing_class).with(String).returns(TestAuthorizing)
|
90
|
+
Validator.expects(:values).with('TheActor', :action, String, nil, nil)
|
91
|
+
assert Trust::Authorization.authorized?('action', String, :by => 'TheActor')
|
92
|
+
end
|
93
|
+
should 'support option for :parent' do
|
94
|
+
Trust::Authorization.expects(:user).returns(:user)
|
95
|
+
Validator.expects(:values).with(:user, :action, String, nil, 'parent')
|
96
|
+
assert Trust::Authorization.authorized?('action', String, :parent => 'parent')
|
97
|
+
end
|
98
|
+
should 'support option alias for :parent, namely :for' do
|
99
|
+
Trust::Authorization.expects(:user).returns(:user)
|
100
|
+
Validator.expects(:values).with(:user, :action, String, nil, 'parent')
|
101
|
+
assert Trust::Authorization.authorized?('action', String, :for => 'parent')
|
102
|
+
end
|
85
103
|
end
|
86
104
|
|
87
105
|
context 'authorize!' do
|
88
106
|
should 'call access_denied! unless authorized?' do
|
89
107
|
Trust::Authorization.expects(:access_denied!).once
|
90
|
-
Trust::Authorization.expects(:authorized?).with(1, 2, 3).returns(false)
|
108
|
+
Trust::Authorization.expects(:authorized?).with(1, 2, 3, {}).returns(false)
|
91
109
|
Trust::Authorization.authorize!(1,2,3)
|
92
110
|
end
|
93
111
|
should 'call access_denied! if authorized?' do
|
94
112
|
Trust::Authorization.expects(:access_denied!).never
|
95
|
-
Trust::Authorization.expects(:authorized?).with(1, 2, 3).returns(true)
|
113
|
+
Trust::Authorization.expects(:authorized?).with(1, 2, 3, {}).returns(true)
|
96
114
|
Trust::Authorization.authorize!(1,2,3)
|
97
115
|
end
|
98
116
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trust
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-09-
|
13
|
+
date: 2012-09-23 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rails
|
@@ -59,7 +59,8 @@ extensions: []
|
|
59
59
|
extra_rdoc_files: []
|
60
60
|
files:
|
61
61
|
- lib/tasks/trust_tasks.rake
|
62
|
-
- lib/trust/
|
62
|
+
- lib/trust/active_model.rb
|
63
|
+
- lib/trust/actor.rb
|
63
64
|
- lib/trust/authorization.rb
|
64
65
|
- lib/trust/controller/properties.rb
|
65
66
|
- lib/trust/controller/resource.rb
|
@@ -151,6 +152,7 @@ files:
|
|
151
152
|
- test/dummy/db/migrate/20120523144144_create_clients.rb
|
152
153
|
- test/dummy/db/schema.rb
|
153
154
|
- test/dummy/db/test.sqlite3
|
155
|
+
- test/dummy/log/development.log
|
154
156
|
- test/dummy/log/test.log
|
155
157
|
- test/dummy/public/404.html
|
156
158
|
- test/dummy/public/422.html
|
@@ -176,7 +178,8 @@ files:
|
|
176
178
|
- test/dummy/test/unit/user_test.rb
|
177
179
|
- test/test_helper.rb
|
178
180
|
- test/trust_test.rb
|
179
|
-
- test/unit/trust/
|
181
|
+
- test/unit/trust/active_model_test.rb
|
182
|
+
- test/unit/trust/actor_test.rb
|
180
183
|
- test/unit/trust/authorization_test.rb
|
181
184
|
- test/unit/trust/controller/properties_test.rb
|
182
185
|
- test/unit/trust/controller/resource_test.rb
|
@@ -197,7 +200,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
197
200
|
version: '0'
|
198
201
|
segments:
|
199
202
|
- 0
|
200
|
-
hash: -
|
203
|
+
hash: -3498159881798664050
|
201
204
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
202
205
|
none: false
|
203
206
|
requirements:
|
@@ -206,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
206
209
|
version: '0'
|
207
210
|
segments:
|
208
211
|
- 0
|
209
|
-
hash: -
|
212
|
+
hash: -3498159881798664050
|
210
213
|
requirements: []
|
211
214
|
rubyforge_project:
|
212
215
|
rubygems_version: 1.8.24
|
@@ -292,6 +295,7 @@ test_files:
|
|
292
295
|
- test/dummy/db/migrate/20120523144144_create_clients.rb
|
293
296
|
- test/dummy/db/schema.rb
|
294
297
|
- test/dummy/db/test.sqlite3
|
298
|
+
- test/dummy/log/development.log
|
295
299
|
- test/dummy/log/test.log
|
296
300
|
- test/dummy/public/404.html
|
297
301
|
- test/dummy/public/422.html
|
@@ -317,7 +321,8 @@ test_files:
|
|
317
321
|
- test/dummy/test/unit/user_test.rb
|
318
322
|
- test/test_helper.rb
|
319
323
|
- test/trust_test.rb
|
320
|
-
- test/unit/trust/
|
324
|
+
- test/unit/trust/active_model_test.rb
|
325
|
+
- test/unit/trust/actor_test.rb
|
321
326
|
- test/unit/trust/authorization_test.rb
|
322
327
|
- test/unit/trust/controller/properties_test.rb
|
323
328
|
- test/unit/trust/controller/resource_test.rb
|