trust 0.6.3 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +26 -2
- data/lib/trust/active_model.rb +76 -0
- data/lib/trust/{active_record.rb → actor.rb} +25 -35
- data/lib/trust/authorization.rb +38 -13
- data/lib/trust/controller/properties.rb +19 -12
- data/lib/trust/controller/resource.rb +38 -18
- data/lib/trust/controller.rb +26 -14
- data/lib/trust/inheritable_attribute.rb +7 -5
- data/lib/trust/permissions.rb +104 -92
- data/lib/trust/version.rb +1 -1
- data/lib/trust.rb +5 -4
- data/test/dummy/log/development.log +3 -0
- data/test/dummy/log/test.log +12750 -0
- data/test/unit/trust/active_model_test.rb +80 -0
- data/test/unit/trust/{active_record_test.rb → actor_test.rb} +14 -22
- data/test/unit/trust/authorization_test.rb +23 -5
- metadata +12 -7
@@ -0,0 +1,80 @@
|
|
1
|
+
# Copyright (c) 2012 Bingo Entreprenøren AS
|
2
|
+
# Copyright (c) 2012 Teknobingo Scandinavia AS
|
3
|
+
# Copyright (c) 2012 Knut I. Stenmark
|
4
|
+
# Copyright (c) 2012 Patrick Hanevold
|
5
|
+
#
|
6
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
7
|
+
# a copy of this software and associated documentation files (the
|
8
|
+
# "Software"), to deal in the Software without restriction, including
|
9
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
10
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
11
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
12
|
+
# the following conditions:
|
13
|
+
#
|
14
|
+
# The above copyright notice and this permission notice shall be
|
15
|
+
# included in all copies or substantial portions of the Software.
|
16
|
+
#
|
17
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
18
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
19
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
20
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
21
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
22
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
23
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
24
|
+
|
25
|
+
require 'test_helper'
|
26
|
+
|
27
|
+
class Trust::ActiveModelTest < ActiveSupport::TestCase
|
28
|
+
context 'permits?' do
|
29
|
+
setup do
|
30
|
+
@user = User.new
|
31
|
+
@account = Account.new
|
32
|
+
end
|
33
|
+
should 'support calls to authorized? on class level' do
|
34
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo)
|
35
|
+
Account.permits? :manage, :foo
|
36
|
+
end
|
37
|
+
should 'support calls to authorized? on instance' do
|
38
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo)
|
39
|
+
@account.permits? :manage, :foo
|
40
|
+
end
|
41
|
+
should 'support calls to authorized? with actor specified' do
|
42
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo, :by => :actor)
|
43
|
+
Account.permits? :manage, :foo, :by => :actor
|
44
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo, :by => :actor)
|
45
|
+
@account.permits? :manage, :foo, :by => :actor
|
46
|
+
end
|
47
|
+
should 'support calls to authorized? with actor specified and no parent' do
|
48
|
+
Trust::Authorization.expects(:authorized?).with(:manage,Account, :by => :actor)
|
49
|
+
Account.permits? :manage, :by => :actor
|
50
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => :actor)
|
51
|
+
@account.permits? :manage, :by => :actor
|
52
|
+
end
|
53
|
+
end
|
54
|
+
context 'ensure_permitted!' do
|
55
|
+
setup do
|
56
|
+
@user = User.new
|
57
|
+
@account = Account.new
|
58
|
+
end
|
59
|
+
should 'support calls to athorized! on class level' do
|
60
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account,:foo)
|
61
|
+
Account.ensure_permitted! :manage, :foo
|
62
|
+
end
|
63
|
+
should 'support calls to athorized! on instance' do
|
64
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account,:foo)
|
65
|
+
@account.ensure_permitted! :manage, :foo
|
66
|
+
end
|
67
|
+
should 'support calls to authorized! with actor specified' do
|
68
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account,:foo, :by => :actor)
|
69
|
+
Account.ensure_permitted! :manage, :foo, :by => :actor
|
70
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account,:foo, :by => :actor)
|
71
|
+
@account.ensure_permitted! :manage, :foo, :by => :actor
|
72
|
+
end
|
73
|
+
should 'support calls to authorized! with actor specified and no parent' do
|
74
|
+
Trust::Authorization.expects(:authorize!).with(:manage,Account, :by => :actor)
|
75
|
+
Account.ensure_permitted! :manage, :by => :actor
|
76
|
+
Trust::Authorization.expects(:authorize!).with(:manage,@account, :by => :actor)
|
77
|
+
@account.ensure_permitted! :manage, :by => :actor
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
@@ -24,33 +24,25 @@
|
|
24
24
|
|
25
25
|
require 'test_helper'
|
26
26
|
|
27
|
-
class Trust::
|
28
|
-
|
29
|
-
|
30
|
-
@user = User.new
|
31
|
-
@account = Account.new
|
32
|
-
end
|
33
|
-
should 'support calls to athorized? on class level' do
|
34
|
-
Trust::Authorization.expects(:authorized?).with(:manage,Account,:foo)
|
35
|
-
Account.permits? :manage, :foo
|
36
|
-
end
|
37
|
-
should 'support calls to athorized? on instance' do
|
38
|
-
Trust::Authorization.expects(:authorized?).with(:manage,@account,:foo)
|
39
|
-
@account.permits? :manage, :foo
|
40
|
-
end
|
27
|
+
class Trust::ActorTest < ActiveSupport::TestCase
|
28
|
+
class User
|
29
|
+
include ::Trust::Actor
|
41
30
|
end
|
42
|
-
|
31
|
+
|
32
|
+
context 'can?' do
|
43
33
|
setup do
|
44
34
|
@user = User.new
|
45
35
|
@account = Account.new
|
46
36
|
end
|
47
|
-
should 'support calls to
|
48
|
-
Trust::Authorization.expects(:
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
Trust::Authorization.expects(:
|
53
|
-
@
|
37
|
+
should 'support calls to authorized? on instance' do
|
38
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => nil)
|
39
|
+
@user.can? :manage, @account
|
40
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
41
|
+
@user.can? :manage, @account, :foo
|
42
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
43
|
+
@user.can? :manage, @account, :parent => :foo
|
44
|
+
Trust::Authorization.expects(:authorized?).with(:manage,@account, :by => @user, :parent => :foo)
|
45
|
+
@user.can? :manage, @account, :for => :foo
|
54
46
|
end
|
55
47
|
end
|
56
48
|
end
|
@@ -65,34 +65,52 @@ class Trust::AuthorizationTest < ActiveSupport::TestCase
|
|
65
65
|
setup do
|
66
66
|
class Validator
|
67
67
|
end
|
68
|
-
class TestAuthorizing
|
68
|
+
class TestAuthorizing # overrides authorizing_class
|
69
69
|
def initialize(user, action, klass, object, parent)
|
70
70
|
Validator.values user, action, klass, object, parent
|
71
71
|
end
|
72
72
|
end
|
73
|
-
|
74
|
-
TestAuthorizing.any_instance.expects(:authorized?).returns(true)
|
73
|
+
TestAuthorizing.any_instance.stubs(:authorized?).returns(true)
|
75
74
|
Trust::Authorization.expects(:authorizing_class).with(String).returns(TestAuthorizing)
|
76
75
|
end
|
77
76
|
should 'instanciate authorizing class and set correct parameters for object' do
|
77
|
+
Trust::Authorization.expects(:user).returns(:user)
|
78
78
|
Validator.expects(:values).with(:user, :action, String, 'object_or_class', :parent)
|
79
79
|
assert Trust::Authorization.authorized?('action', 'object_or_class', :parent)
|
80
80
|
end
|
81
81
|
should 'instanciate authorizing class and set correct parameters for class' do
|
82
|
+
Trust::Authorization.expects(:user).returns(:user)
|
82
83
|
Validator.expects(:values).with(:user, :action, String, nil, :parent)
|
83
84
|
assert Trust::Authorization.authorized?('action', String, :parent)
|
84
85
|
end
|
86
|
+
should 'allow actor to override user with actor' do
|
87
|
+
Validator.expects(:values).with('TheActor', :action, String, nil, :parent)
|
88
|
+
assert Trust::Authorization.authorized?('action', String, :parent, :by => 'TheActor')
|
89
|
+
Trust::Authorization.expects(:authorizing_class).with(String).returns(TestAuthorizing)
|
90
|
+
Validator.expects(:values).with('TheActor', :action, String, nil, nil)
|
91
|
+
assert Trust::Authorization.authorized?('action', String, :by => 'TheActor')
|
92
|
+
end
|
93
|
+
should 'support option for :parent' do
|
94
|
+
Trust::Authorization.expects(:user).returns(:user)
|
95
|
+
Validator.expects(:values).with(:user, :action, String, nil, 'parent')
|
96
|
+
assert Trust::Authorization.authorized?('action', String, :parent => 'parent')
|
97
|
+
end
|
98
|
+
should 'support option alias for :parent, namely :for' do
|
99
|
+
Trust::Authorization.expects(:user).returns(:user)
|
100
|
+
Validator.expects(:values).with(:user, :action, String, nil, 'parent')
|
101
|
+
assert Trust::Authorization.authorized?('action', String, :for => 'parent')
|
102
|
+
end
|
85
103
|
end
|
86
104
|
|
87
105
|
context 'authorize!' do
|
88
106
|
should 'call access_denied! unless authorized?' do
|
89
107
|
Trust::Authorization.expects(:access_denied!).once
|
90
|
-
Trust::Authorization.expects(:authorized?).with(1, 2, 3).returns(false)
|
108
|
+
Trust::Authorization.expects(:authorized?).with(1, 2, 3, {}).returns(false)
|
91
109
|
Trust::Authorization.authorize!(1,2,3)
|
92
110
|
end
|
93
111
|
should 'call access_denied! if authorized?' do
|
94
112
|
Trust::Authorization.expects(:access_denied!).never
|
95
|
-
Trust::Authorization.expects(:authorized?).with(1, 2, 3).returns(true)
|
113
|
+
Trust::Authorization.expects(:authorized?).with(1, 2, 3, {}).returns(true)
|
96
114
|
Trust::Authorization.authorize!(1,2,3)
|
97
115
|
end
|
98
116
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trust
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-09-
|
13
|
+
date: 2012-09-23 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rails
|
@@ -59,7 +59,8 @@ extensions: []
|
|
59
59
|
extra_rdoc_files: []
|
60
60
|
files:
|
61
61
|
- lib/tasks/trust_tasks.rake
|
62
|
-
- lib/trust/
|
62
|
+
- lib/trust/active_model.rb
|
63
|
+
- lib/trust/actor.rb
|
63
64
|
- lib/trust/authorization.rb
|
64
65
|
- lib/trust/controller/properties.rb
|
65
66
|
- lib/trust/controller/resource.rb
|
@@ -151,6 +152,7 @@ files:
|
|
151
152
|
- test/dummy/db/migrate/20120523144144_create_clients.rb
|
152
153
|
- test/dummy/db/schema.rb
|
153
154
|
- test/dummy/db/test.sqlite3
|
155
|
+
- test/dummy/log/development.log
|
154
156
|
- test/dummy/log/test.log
|
155
157
|
- test/dummy/public/404.html
|
156
158
|
- test/dummy/public/422.html
|
@@ -176,7 +178,8 @@ files:
|
|
176
178
|
- test/dummy/test/unit/user_test.rb
|
177
179
|
- test/test_helper.rb
|
178
180
|
- test/trust_test.rb
|
179
|
-
- test/unit/trust/
|
181
|
+
- test/unit/trust/active_model_test.rb
|
182
|
+
- test/unit/trust/actor_test.rb
|
180
183
|
- test/unit/trust/authorization_test.rb
|
181
184
|
- test/unit/trust/controller/properties_test.rb
|
182
185
|
- test/unit/trust/controller/resource_test.rb
|
@@ -197,7 +200,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
197
200
|
version: '0'
|
198
201
|
segments:
|
199
202
|
- 0
|
200
|
-
hash: -
|
203
|
+
hash: -3498159881798664050
|
201
204
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
202
205
|
none: false
|
203
206
|
requirements:
|
@@ -206,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
206
209
|
version: '0'
|
207
210
|
segments:
|
208
211
|
- 0
|
209
|
-
hash: -
|
212
|
+
hash: -3498159881798664050
|
210
213
|
requirements: []
|
211
214
|
rubyforge_project:
|
212
215
|
rubygems_version: 1.8.24
|
@@ -292,6 +295,7 @@ test_files:
|
|
292
295
|
- test/dummy/db/migrate/20120523144144_create_clients.rb
|
293
296
|
- test/dummy/db/schema.rb
|
294
297
|
- test/dummy/db/test.sqlite3
|
298
|
+
- test/dummy/log/development.log
|
295
299
|
- test/dummy/log/test.log
|
296
300
|
- test/dummy/public/404.html
|
297
301
|
- test/dummy/public/422.html
|
@@ -317,7 +321,8 @@ test_files:
|
|
317
321
|
- test/dummy/test/unit/user_test.rb
|
318
322
|
- test/test_helper.rb
|
319
323
|
- test/trust_test.rb
|
320
|
-
- test/unit/trust/
|
324
|
+
- test/unit/trust/active_model_test.rb
|
325
|
+
- test/unit/trust/actor_test.rb
|
321
326
|
- test/unit/trust/authorization_test.rb
|
322
327
|
- test/unit/trust/controller/properties_test.rb
|
323
328
|
- test/unit/trust/controller/resource_test.rb
|