tuersteher 0.3.3 → 0.3.4
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/tuersteher.rb +3 -3
- data/spec/access_rules_spec.rb +24 -1
- data/spec/model_access_rule_spec.rb +16 -0
- data/tuersteher.gemspec +1 -1
- metadata +3 -3
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3.
|
|
1
|
+
0.3.4
|
data/lib/tuersteher.rb
CHANGED
|
@@ -148,7 +148,7 @@ module Tuersteher
|
|
|
148
148
|
else
|
|
149
149
|
s = "granted with #{rule}"
|
|
150
150
|
end
|
|
151
|
-
usr_id = user.respond_to?(:id) ? user.id : user.object_id
|
|
151
|
+
usr_id = user && user.respond_to?(:id) ? user.id : user.object_id
|
|
152
152
|
Tuersteher::TLogger.logger.debug("Tuersteher: path_access?(user.id=#{usr_id}, path=#{path}, method=#{method}) => #{s}")
|
|
153
153
|
end
|
|
154
154
|
!(rule.nil? || rule.deny?)
|
|
@@ -171,7 +171,7 @@ module Tuersteher
|
|
|
171
171
|
end
|
|
172
172
|
access = rule && !rule.deny?
|
|
173
173
|
if Tuersteher::TLogger.logger.debug?
|
|
174
|
-
usr_id = user.respond_to?(:id) ? user.id : user.object_id
|
|
174
|
+
usr_id = user && user.respond_to?(:id) ? user.id : user.object_id
|
|
175
175
|
if model.instance_of?(Class)
|
|
176
176
|
Tuersteher::TLogger.logger.debug(
|
|
177
177
|
"Tuersteher: model_access?(user.id=#{usr_id}, model=#{model}, permission=#{permission}) => #{access || 'denied'} #{rule}")
|
|
@@ -267,7 +267,7 @@ module Tuersteher
|
|
|
267
267
|
req_method = request.method.downcase.to_sym
|
|
268
268
|
url_path = request.send(@@url_path_method)
|
|
269
269
|
unless path_access?(url_path, req_method)
|
|
270
|
-
usr_id = current_user.respond_to?(:id) ? current_user.id : current_user.object_id
|
|
270
|
+
usr_id = current_user && current_user.respond_to?(:id) ? current_user.id : current_user.object_id
|
|
271
271
|
msg = "Tuersteher#check_access: access denied for #{request.request_uri} :#{req_method} user.id=#{usr_id}"
|
|
272
272
|
Tuersteher::TLogger.logger.warn msg
|
|
273
273
|
logger.warn msg # log message also for Rails-Default logger
|
data/spec/access_rules_spec.rb
CHANGED
|
@@ -70,6 +70,18 @@ module Tuersteher
|
|
|
70
70
|
AccessRules.path_access?(@user, '/admin', :post).should_not be_true
|
|
71
71
|
end
|
|
72
72
|
end
|
|
73
|
+
|
|
74
|
+
|
|
75
|
+
context "without user" do
|
|
76
|
+
it "should be true for this paths" do
|
|
77
|
+
AccessRules.path_access?(nil, '/', :get).should be_true
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
it "should not be true for this paths" do
|
|
81
|
+
AccessRules.path_access?(nil, '/xyz', :get).should_not be_true
|
|
82
|
+
AccessRules.path_access?(nil, '/admin', :post).should_not be_true
|
|
83
|
+
end
|
|
84
|
+
end
|
|
73
85
|
end
|
|
74
86
|
|
|
75
87
|
|
|
@@ -129,7 +141,18 @@ module Tuersteher
|
|
|
129
141
|
AccessRules.model_access?(@user, @model2, :create).should_not be_true
|
|
130
142
|
end
|
|
131
143
|
end
|
|
132
|
-
|
|
144
|
+
|
|
145
|
+
context "without user" do
|
|
146
|
+
it "should be true for this paths" do
|
|
147
|
+
AccessRules.model_access?(nil, @model1, :xyz).should be_true
|
|
148
|
+
AccessRules.model_access?(nil, @model2, :read).should be_true
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
it "should not be true for this paths" do
|
|
152
|
+
AccessRules.model_access?(nil, @model2, :update).should_not be_true
|
|
153
|
+
end
|
|
154
|
+
end
|
|
155
|
+
end # of context 'model_access?'
|
|
133
156
|
|
|
134
157
|
|
|
135
158
|
|
|
@@ -4,6 +4,22 @@ module Tuersteher
|
|
|
4
4
|
|
|
5
5
|
describe ModelAccessRule do
|
|
6
6
|
|
|
7
|
+
context "grant without user" do
|
|
8
|
+
before do
|
|
9
|
+
@rule = ModelAccessRule.new(String).grant.permission(:all)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
it "should fired without user" do
|
|
13
|
+
@rule.fired?("test", :read, nil).should be_true
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it "should fired with user" do
|
|
17
|
+
@user = stub('user')
|
|
18
|
+
@rule.fired?("test", :read, @user).should be_true
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
|
|
7
23
|
context "grant with roles" do
|
|
8
24
|
|
|
9
25
|
before(:all) do
|
data/tuersteher.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tuersteher
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 27
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 3
|
|
9
|
-
-
|
|
10
|
-
version: 0.3.
|
|
9
|
+
- 4
|
|
10
|
+
version: 0.3.4
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Bernd Ledig
|