tuersteher 0.6.4 → 0.6.5
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/tuersteher.rb +30 -23
- data/tuersteher.gemspec +21 -32
- metadata +10 -16
- data/.gitignore +0 -5
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.6.
|
|
1
|
+
0.6.5
|
data/lib/tuersteher.rb
CHANGED
|
@@ -36,6 +36,8 @@ module Tuersteher
|
|
|
36
36
|
include Singleton
|
|
37
37
|
|
|
38
38
|
attr_writer :rules_config_file # to set own access_rules-path
|
|
39
|
+
attr_accessor :check_intervall # check intervall in seconds to check config file
|
|
40
|
+
attr_accessor :path_prefix # prefix for path-rules
|
|
39
41
|
|
|
40
42
|
DEFAULT_RULES_CONFIG_FILE = 'access_rules.rb' # in config-dir
|
|
41
43
|
|
|
@@ -43,6 +45,11 @@ module Tuersteher
|
|
|
43
45
|
def initialize
|
|
44
46
|
@path_rules = []
|
|
45
47
|
@model_rules = []
|
|
48
|
+
@check_intervall = 300 # set default check interval to 5 minutes
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def ready?
|
|
52
|
+
@was_read
|
|
46
53
|
end
|
|
47
54
|
|
|
48
55
|
# get all path_rules as array of PathAccessRule-Instances
|
|
@@ -57,15 +64,17 @@ module Tuersteher
|
|
|
57
64
|
@model_rules
|
|
58
65
|
end
|
|
59
66
|
|
|
60
|
-
|
|
67
|
+
|
|
61
68
|
def read_rules_if_needed
|
|
62
69
|
if @was_read
|
|
63
|
-
#
|
|
70
|
+
# im check_intervall pruefen ob AccessRules-File sich geändert hat
|
|
64
71
|
t = Time.now.to_i
|
|
65
|
-
|
|
72
|
+
@last_read_check ||= t
|
|
73
|
+
if (t - @last_read_check) > @check_intervall
|
|
66
74
|
@last_read_check = t
|
|
67
75
|
cur_mtime = File.mtime(self.rules_config_file)
|
|
68
|
-
|
|
76
|
+
@last_mtime ||= cur_mtime
|
|
77
|
+
if cur_mtime > @last_mtime
|
|
69
78
|
@last_mtime = cur_mtime
|
|
70
79
|
read_rules
|
|
71
80
|
end
|
|
@@ -85,9 +94,9 @@ module Tuersteher
|
|
|
85
94
|
@path_rules = []
|
|
86
95
|
@model_rules = []
|
|
87
96
|
eval rules_definitions, binding, (@rules_config_file||'no file')
|
|
88
|
-
extend_path_rules_with_prefix @prefix
|
|
89
97
|
@was_read = true
|
|
90
|
-
Tuersteher::TLogger.logger.info "Tuersteher::AccessRulesStorage: #{@path_rules.size} path-rules and #{@model_rules.size} model-rules"
|
|
98
|
+
Tuersteher::TLogger.logger.info "Tuersteher::AccessRulesStorage: #{@path_rules.size} path-rules and #{@model_rules.size} model-rules loaded"
|
|
99
|
+
extend_path_rules_with_prefix
|
|
91
100
|
end
|
|
92
101
|
|
|
93
102
|
# Load AccesRules from file
|
|
@@ -155,25 +164,21 @@ module Tuersteher
|
|
|
155
164
|
end
|
|
156
165
|
|
|
157
166
|
|
|
158
|
-
|
|
159
|
-
!@path_prefix.nil?
|
|
160
|
-
end
|
|
161
|
-
|
|
167
|
+
private
|
|
162
168
|
|
|
163
169
|
# Erweitern des Path um einen Prefix
|
|
164
170
|
# Ist notwenig wenn z.B. die Rails-Anwendung nicht als root-Anwendung läuft
|
|
165
171
|
# also root_path != '/' ist.'
|
|
166
|
-
def extend_path_rules_with_prefix
|
|
167
|
-
@path_prefix
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
Tuersteher::TLogger.logger.info "extend_path_rules_with_prefix: #{prefix}"
|
|
171
|
-
path_rules.each do |rule|
|
|
172
|
+
def extend_path_rules_with_prefix
|
|
173
|
+
return if @path_prefix.nil? || @path_rules.nil?
|
|
174
|
+
prefix = @path_prefix.chomp('/') # das abschliessende / entfernen
|
|
175
|
+
@path_rules.each do |rule|
|
|
172
176
|
path_spec = rule.path_spezification
|
|
173
177
|
if path_spec
|
|
174
178
|
path_spec.path = "#{prefix}#{path_spec.path}"
|
|
175
179
|
end
|
|
176
180
|
end
|
|
181
|
+
Tuersteher::TLogger.logger.info "extend_path_rules_with_prefix: #{prefix}"
|
|
177
182
|
end
|
|
178
183
|
|
|
179
184
|
|
|
@@ -270,11 +275,6 @@ module Tuersteher
|
|
|
270
275
|
# method http-Methode (:get, :put, :delete, :post), default ist :get
|
|
271
276
|
#
|
|
272
277
|
def path_access?(path, method = :get)
|
|
273
|
-
ar_storage = AccessRulesStorage.instance
|
|
274
|
-
unless ar_storage.path_prefix_processed?
|
|
275
|
-
prefix = respond_to?(:root_path) && root_path
|
|
276
|
-
ar_storage.extend_path_rules_with_prefix(prefix)
|
|
277
|
-
end
|
|
278
278
|
AccessRules.path_access? current_user, path, method
|
|
279
279
|
end
|
|
280
280
|
|
|
@@ -310,8 +310,15 @@ module Tuersteher
|
|
|
310
310
|
# fuer aktullen Request erlaubt ist
|
|
311
311
|
def check_access
|
|
312
312
|
|
|
313
|
-
|
|
314
|
-
|
|
313
|
+
ar_storage = AccessRulesStorage.instance
|
|
314
|
+
unless ar_storage.ready?
|
|
315
|
+
# bei nicht production-env, dann check-intervall auf 5 sek setzen
|
|
316
|
+
ar_storage.check_intervall = 5 if Rails.env!='production'
|
|
317
|
+
# set root-path as prefix for all path rules
|
|
318
|
+
prefix = respond_to?(:root_path) && root_path
|
|
319
|
+
ar_storage.path_prefix = prefix if prefix && prefix.size > 1
|
|
320
|
+
ar_storage.read_rules
|
|
321
|
+
end
|
|
315
322
|
|
|
316
323
|
# Rails3 hat andere url-path-methode
|
|
317
324
|
@@url_path_method ||= Rails.version[0..1]=='3.' ? :fullpath : :request_uri
|
data/tuersteher.gemspec
CHANGED
|
@@ -1,56 +1,45 @@
|
|
|
1
1
|
# Generated by jeweler
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
|
-
# Instead, edit Jeweler::Tasks in Rakefile, and run
|
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{tuersteher}
|
|
8
|
-
s.version = "0.6.
|
|
8
|
+
s.version = "0.6.5"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Bernd Ledig"]
|
|
12
|
-
s.date = %q{2011-09-
|
|
12
|
+
s.date = %q{2011-09-08}
|
|
13
13
|
s.description = %q{Security-Layer for Rails-Application acts like a firewall.}
|
|
14
14
|
s.email = %q{bernd@ledig.info}
|
|
15
15
|
s.extra_rdoc_files = [
|
|
16
16
|
"README.rdoc"
|
|
17
17
|
]
|
|
18
18
|
s.files = [
|
|
19
|
-
"
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
"tuersteher.gemspec"
|
|
19
|
+
"Manifest",
|
|
20
|
+
"README.rdoc",
|
|
21
|
+
"Rakefile",
|
|
22
|
+
"VERSION",
|
|
23
|
+
"init.rb",
|
|
24
|
+
"lib/tuersteher.rb",
|
|
25
|
+
"license.txt",
|
|
26
|
+
"samples/access_rules.rb",
|
|
27
|
+
"samples/application_controller.rb",
|
|
28
|
+
"spec/acces_rules_storage_spec.rb",
|
|
29
|
+
"spec/access_rules_spec.rb",
|
|
30
|
+
"spec/model_access_rule_spec.rb",
|
|
31
|
+
"spec/model_extensions_spec.rb",
|
|
32
|
+
"spec/path_access_rule_spec.rb",
|
|
33
|
+
"spec/spec.opts",
|
|
34
|
+
"spec/spec_helper.rb",
|
|
35
|
+
"tuersteher.gemspec"
|
|
37
36
|
]
|
|
38
37
|
s.homepage = %q{http://github.com/bledig/tuersteher}
|
|
39
|
-
s.rdoc_options = ["--charset=UTF-8"]
|
|
40
38
|
s.require_paths = ["lib"]
|
|
41
|
-
s.rubygems_version = %q{1.
|
|
39
|
+
s.rubygems_version = %q{1.6.2}
|
|
42
40
|
s.summary = %q{Security-Layer for Rails-Application}
|
|
43
|
-
s.test_files = [
|
|
44
|
-
"spec/model_extensions_spec.rb",
|
|
45
|
-
"spec/acces_rules_storage_spec.rb",
|
|
46
|
-
"spec/spec_helper.rb",
|
|
47
|
-
"spec/model_access_rule_spec.rb",
|
|
48
|
-
"spec/access_rules_spec.rb",
|
|
49
|
-
"spec/path_access_rule_spec.rb"
|
|
50
|
-
]
|
|
51
41
|
|
|
52
42
|
if s.respond_to? :specification_version then
|
|
53
|
-
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
|
54
43
|
s.specification_version = 3
|
|
55
44
|
|
|
56
45
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tuersteher
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
5
|
-
prerelease:
|
|
4
|
+
hash: 13
|
|
5
|
+
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 6
|
|
9
|
-
-
|
|
10
|
-
version: 0.6.
|
|
9
|
+
- 5
|
|
10
|
+
version: 0.6.5
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Bernd Ledig
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-09-
|
|
18
|
+
date: 2011-09-08 00:00:00 +02:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies: []
|
|
21
21
|
|
|
@@ -28,7 +28,6 @@ extensions: []
|
|
|
28
28
|
extra_rdoc_files:
|
|
29
29
|
- README.rdoc
|
|
30
30
|
files:
|
|
31
|
-
- .gitignore
|
|
32
31
|
- Manifest
|
|
33
32
|
- README.rdoc
|
|
34
33
|
- Rakefile
|
|
@@ -51,8 +50,8 @@ homepage: http://github.com/bledig/tuersteher
|
|
|
51
50
|
licenses: []
|
|
52
51
|
|
|
53
52
|
post_install_message:
|
|
54
|
-
rdoc_options:
|
|
55
|
-
|
|
53
|
+
rdoc_options: []
|
|
54
|
+
|
|
56
55
|
require_paths:
|
|
57
56
|
- lib
|
|
58
57
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
@@ -76,14 +75,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
76
75
|
requirements: []
|
|
77
76
|
|
|
78
77
|
rubyforge_project:
|
|
79
|
-
rubygems_version: 1.
|
|
78
|
+
rubygems_version: 1.6.2
|
|
80
79
|
signing_key:
|
|
81
80
|
specification_version: 3
|
|
82
81
|
summary: Security-Layer for Rails-Application
|
|
83
|
-
test_files:
|
|
84
|
-
|
|
85
|
-
- spec/acces_rules_storage_spec.rb
|
|
86
|
-
- spec/spec_helper.rb
|
|
87
|
-
- spec/model_access_rule_spec.rb
|
|
88
|
-
- spec/access_rules_spec.rb
|
|
89
|
-
- spec/path_access_rule_spec.rb
|
|
82
|
+
test_files: []
|
|
83
|
+
|