tuersteher 0.4.1 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.1
1
+ 0.5.0
data/lib/tuersteher.rb CHANGED
@@ -136,11 +136,24 @@ module Tuersteher
136
136
  rule.deny
137
137
  end
138
138
 
139
+ # Erweitern des Path um einen Prefix
140
+ # Ist notwenig wenn z.B. die Rails-Anwendung nicht als root-Anwendung läuft
141
+ # also root_path != '/' ist.'
142
+ def extend_path_rules_with_prefix prefix
143
+ Tuersteher::TLogger.logger.info "extend_path_rules_with_prefix: #{prefix}"
144
+ @path_prefix = prefix
145
+ path_rules.each do |rule|
146
+ rule.path = "#{prefix}#{rule.path}" unless rule.path == :all
147
+ end
148
+ end
149
+
150
+
139
151
  end # of AccessRulesStorage
140
152
 
141
153
 
142
154
  class AccessRules
143
155
  class << self
156
+
144
157
  # Pruefen Zugriff fuer eine Web-action
145
158
  # user User, für den der Zugriff geprüft werden soll (muss Methode has_role? haben)
146
159
  # path Pfad der Webresource (String)
@@ -223,6 +236,7 @@ module Tuersteher
223
236
  module ControllerExtensions
224
237
 
225
238
  @@url_path_method = nil
239
+ @@prefix_checked = nil
226
240
 
227
241
  # Pruefen Zugriff fuer eine Web-action
228
242
  #
@@ -230,6 +244,14 @@ module Tuersteher
230
244
  # method http-Methode (:get, :put, :delete, :post), default ist :get
231
245
  #
232
246
  def path_access?(path, method = :get)
247
+ unless @@prefix_checked
248
+ @@prefix_checked = true
249
+ prefix = respond_to?(:root_path) && root_path
250
+ if prefix.size > 1
251
+ AccessRulesStorage.instance.extend_path_rules_with_prefix(prefix)
252
+ Rails.logger.info "Tuersteher::ControllerExtensions: set path-prefix to: #{prefix}"
253
+ end
254
+ end
233
255
  AccessRules.path_access? current_user, path, method
234
256
  end
235
257
 
@@ -421,6 +443,7 @@ module Tuersteher
421
443
  class PathAccessRule < BaseAccessRule
422
444
 
423
445
  METHOD_NAMES = [:get, :edit, :put, :delete, :post, :all].freeze
446
+ attr_reader :path
424
447
 
425
448
  # Zugriffsregel
426
449
  #
@@ -429,15 +452,19 @@ module Tuersteher
429
452
  def initialize(path)
430
453
  raise "wrong path '#{path}'! Must be a String or :all ." unless path==:all or path.is_a?(String)
431
454
  super()
432
- @path = path
433
- if path != :all
455
+ self.path = path
456
+ end
457
+
458
+ def path= url_path
459
+ @path = url_path
460
+ if url_path != :all
434
461
  # path in regex ^#{path} wandeln ausser bei "/",
435
462
  # dies darf keine Regex mit ^/ werden,
436
463
  # da diese ja immer matchen wuerde
437
- if path == "/"
438
- @path = /^\/$/
464
+ if url_path == "/"
465
+ @path_regex = /^\/$/
439
466
  else
440
- @path = /^#{path}/
467
+ @path_regex = /^#{url_path}/
441
468
  end
442
469
  end
443
470
  end
@@ -462,7 +489,7 @@ module Tuersteher
462
489
  def fired?(path, method, user)
463
490
  user = nil if user==:false # manche Authenticate-System setzen den user auf :false
464
491
 
465
- if @path!=:all && !(@path =~ path)
492
+ if @path!=:all && !(@path_regex =~ path)
466
493
  return false
467
494
  end
468
495
 
@@ -44,5 +44,25 @@ end
44
44
 
45
45
  end # of context "eval_rules"
46
46
 
47
+
48
+
49
+ context "extend path with prefix" do
50
+ context "eval_rules" do
51
+ before(:all) do
52
+ rule_defs = <<-EOR
53
+ path(:all).grant.role(:ADMIN)
54
+ path('/special').grant.role(:SPECIAL)
55
+ EOR
56
+ AccessRulesStorage.instance.eval_rules rule_defs
57
+ AccessRulesStorage.instance.extend_path_rules_with_prefix('/test')
58
+ @path_rules = AccessRulesStorage.instance.path_rules
59
+ end
60
+
61
+ specify{ @path_rules.first.path.should == :all }
62
+ specify{ @path_rules.last.path.should == '/test/special' }
63
+
64
+ end
65
+ end
66
+
47
67
  end # of describe AccessRulesStorage
48
68
  end
@@ -83,13 +83,17 @@ module Tuersteher
83
83
 
84
84
  context "Rule with no role spezifed => now role needed" do
85
85
  before(:all) do
86
- @rule = PathAccessRule.new('/admin').method(:get)
86
+ @rule = PathAccessRule.new('/public').method(:get)
87
87
  @user = stub('user')
88
88
  @user.stub(:has_role?).and_return(false)
89
89
  end
90
90
 
91
91
  it "should fired for user with no roles" do
92
- @rule.fired?("/admin/xyz", :get, @user).should be_true
92
+ @rule.fired?("/public/xyz", :get, @user).should be_true
93
+ end
94
+
95
+ it "should fired for non user" do
96
+ @rule.fired?("/public/xyz", :get, nil).should be_true
93
97
  end
94
98
 
95
99
  it "should not be fired with other path" do
data/tuersteher.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{tuersteher}
8
- s.version = "0.4.1"
8
+ s.version = "0.5.0"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Bernd Ledig"]
12
- s.date = %q{2010-09-19}
12
+ s.date = %q{2010-10-29}
13
13
  s.description = %q{Security-Layer for Rails-Application acts like a firewall.}
14
14
  s.email = %q{bernd@ledig.info}
15
15
  s.extra_rdoc_files = [
@@ -41,12 +41,12 @@ Gem::Specification.new do |s|
41
41
  s.rubygems_version = %q{1.3.7}
42
42
  s.summary = %q{Security-Layer for Rails-Application}
43
43
  s.test_files = [
44
- "spec/spec_helper.rb",
44
+ "spec/acces_rules_storage_spec.rb",
45
45
  "spec/model_extensions_spec.rb",
46
- "spec/access_rules_spec.rb",
47
46
  "spec/path_access_rule_spec.rb",
48
47
  "spec/model_access_rule_spec.rb",
49
- "spec/acces_rules_storage_spec.rb"
48
+ "spec/access_rules_spec.rb",
49
+ "spec/spec_helper.rb"
50
50
  ]
51
51
 
52
52
  if s.respond_to? :specification_version then
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tuersteher
3
3
  version: !ruby/object:Gem::Version
4
- hash: 13
4
+ hash: 11
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
- - 4
9
- - 1
10
- version: 0.4.1
8
+ - 5
9
+ - 0
10
+ version: 0.5.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Bernd Ledig
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-09-19 00:00:00 +02:00
18
+ date: 2010-10-29 00:00:00 +02:00
19
19
  default_executable:
20
20
  dependencies: []
21
21
 
@@ -81,9 +81,9 @@ signing_key:
81
81
  specification_version: 3
82
82
  summary: Security-Layer for Rails-Application
83
83
  test_files:
84
- - spec/spec_helper.rb
84
+ - spec/acces_rules_storage_spec.rb
85
85
  - spec/model_extensions_spec.rb
86
- - spec/access_rules_spec.rb
87
86
  - spec/path_access_rule_spec.rb
88
87
  - spec/model_access_rule_spec.rb
89
- - spec/acces_rules_storage_spec.rb
88
+ - spec/access_rules_spec.rb
89
+ - spec/spec_helper.rb