vigilante 1.0.0

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.travis.yml

@@ -0,0 +1,5 @@
+rvm:
+  - 1.8.7
+  - 1.9.2
+  - rbx
+  - ree

data/Gemfile

@@ -0,0 +1,27 @@
+source "http://rubygems.org"
+
+gem "rails", "3.0.3"
+
+group :development, :test do
+  gem "jeweler"
+  gem "rspec-rails", ">= 2.4.0"
+end
+
+
+# test-environment gems
+group :test, :spec, :cucumber do
+  gem 'sqlite3-ruby', :require => 'sqlite3'  # needed for the rails-3-app : not really needed, but not sure how to avoid it
+  gem "rspec",                   ">= 2.4.0"
+  gem "remarkable",              ">=4.0.0.alpha4"
+  gem "remarkable_activemodel",  ">=4.0.0.alpha4"
+  gem "remarkable_activerecord", ">=4.0.0.alpha4"
+#  gem "capybara"
+#  gem "cucumber"
+#  gem "database_cleaner"
+#  gem "cucumber-rails"
+end
+
+
+# To use debugger (ruby-debug for Ruby 1.8.7+, ruby-debug19 for Ruby 1.9.2+)
+# gem 'ruby-debug'
+# gem 'ruby-debug19'

data/Gemfile.lock

@@ -0,0 +1,107 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (3.0.3)
+      actionpack (= 3.0.3)
+      mail (~> 2.2.9)
+    actionpack (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.6)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+    activesupport (3.0.3)
+    arel (2.0.6)
+    builder (2.1.2)
+    diff-lcs (1.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    git (1.2.5)
+    i18n (0.5.0)
+    jeweler (1.5.2)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    mail (2.2.14)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    polyglot (0.3.1)
+    rack (1.2.1)
+    rack-mount (0.6.13)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.3)
+      actionmailer (= 3.0.3)
+      actionpack (= 3.0.3)
+      activerecord (= 3.0.3)
+      activeresource (= 3.0.3)
+      activesupport (= 3.0.3)
+      bundler (~> 1.0)
+      railties (= 3.0.3)
+    railties (3.0.3)
+      actionpack (= 3.0.3)
+      activesupport (= 3.0.3)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
+    rake (0.8.7)
+    remarkable (4.0.0.alpha4)
+      rspec (>= 2.0.0.alpha11)
+    remarkable_activemodel (4.0.0.alpha4)
+      remarkable (~> 4.0.0.alpha4)
+      rspec (>= 2.0.0.alpha11)
+    remarkable_activerecord (4.0.0.alpha4)
+      remarkable (~> 4.0.0.alpha4)
+      remarkable_activemodel (~> 4.0.0.alpha4)
+      rspec (>= 2.0.0.alpha11)
+    rspec (2.4.0)
+      rspec-core (~> 2.4.0)
+      rspec-expectations (~> 2.4.0)
+      rspec-mocks (~> 2.4.0)
+    rspec-core (2.4.0)
+    rspec-expectations (2.4.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.4.0)
+    rspec-rails (2.4.1)
+      actionpack (~> 3.0)
+      activesupport (~> 3.0)
+      railties (~> 3.0)
+      rspec (~> 2.4.0)
+    sqlite3-ruby (1.3.2)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.23)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jeweler
+  rails (= 3.0.3)
+  remarkable (>= 4.0.0.alpha4)
+  remarkable_activemodel (>= 4.0.0.alpha4)
+  remarkable_activerecord (>= 4.0.0.alpha4)
+  rspec (>= 2.4.0)
+  rspec-rails (>= 2.4.0)
+  sqlite3-ruby

data/History.md

@@ -0,0 +1,7 @@
+# Change History / Release Notes
+
+## Version 1.0.0 (17/07/2011)
+
+* first public release of the Vigilante gem. This gem will allow you to dynamically manage the
+  authorisations of our users. Authorisations can even be scoped/limited, e.g. a multi-blog site
+  where authors only are allowed to write/edit on one or more blogs.

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2011 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.markdown

@@ -0,0 +1,109 @@
+# Vigilante
+========
+
+[![Build Status](http://travis-ci.org/nathanvda/vigilante.png)](http://travis-ci.org/nathanvda/vigilante)
+
+Vigilante is a plugin that will offer database stored authorisation, and offers the ability
+that certain permissions have a limited scope/extent.
+
+All permissions can be managed from an admin-interface.
+If permissions are changed, they will be used on the next login.
+
+## Terminology
+
+- context: the current context, the object(s) we want to see/visit
+- scope  : term from activerecord, to allow scoping a query (adding conditions).
+- extent : permissions have an extent; permissions are only valid in a certain context.
+
+## Example
+
+Suppose we have a site like blogger -> multiple blogs, a blog can have multiple author, a blog can have limited access.
+
+So we have something like
+
+    class User
+      has_many :posts
+    end
+
+    class Post
+      belongs_to :author, :class_name => User
+      belongs_to :blog
+    end
+
+    class Comment
+      belongs_to :post
+      belongs_to :commentor, :class_name => User
+    end
+
+    class Blog
+      has_many :posts
+    end
+
+What we want to be able to express is that certain users are
+
+* blog-admins: they can add authors, and can manage the entirety of the blog
+* authors: they can manage their own posts (which they wrote), and they can manage the comments on their own posts
+* commentators: they can read a blog, and create comments. They can only edit the comments they created
+
+This should be expressable in our system ...
+
+Therefore there are two concepts we introduce:
+
+* the extent: which scopes the permission to certain contexts. A context is user-defined, in our case a blog.
+  Permissions are only valid on certain blogs.
+
+## Installation
+
+First, add the `Vigilante` gem to your `Gemfile`:
+
+    gem 'vigilante'
+
+Then, do `bundle install`, and run the generator:
+
+    rails g vigilante:install
+
+This will add a configuration-file (so you edit it) and will add example glue code to the ApplicationController.
+This will also add a number of needed migrations.
+
+
+
+### What needs to be configured
+
+For starters we need some kind of user-model. You can call it User, Operator, ...
+But because the permissions will be specified (in the database), we need only one model (and no models based on
+a role or permissions for the user). A user (operator, ...) just needs to be able to log on. Use Devise, Authlogic, or
+roll your own. The Vigilante needs to know how the user model is called, and it needs to be able to reach the currently
+logged on user.
+
+Inside that class, you have to add a single line:
+
+    authorisations_handled_by_vigilante
+
+This will add extra methods and properties to your User/Operator model.
+
+
+Next up, we need some extra glue code, which is configured inside the `vigilante_config.yml`.
+You will need to set the following values:
+
+- *current_user_method*: the method that needs to be called from within the controller context to retrieve the current user.
+  If you are using Devise, this would be something like `current_<devise-model>`, e.g. `current_user` or `current_operator`.
+- *current_user_class*: the class of the user/operator
+- application_context: what method will give us the current context (e.g. current blog)
+- application_extent_id_from_object : get_context_id_from_context_object
+- application_context_from_nested_resources: find_context_by_context_id
+
+I will give an example later to make this more clear.
+
+
+###
+
+
+### To DO
+
+- improve documentation
+
+
+## Copyright
+
+Based on original code written by Bart Duchesne.
+Copyright &copy; 2011 Nathan Van der Auwera, released under the MIT license

data/Rakefile

@@ -0,0 +1,48 @@
+# encoding: UTF-8
+require 'rubygems'
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rake'
+require 'rake/rdoctask'
+
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Vigilante'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "vigilante"
+    gem.summary = %Q{Context-based, db-backed authorisation for your rails3 apps}
+    gem.description = %Q{Vigilante is a db-backed authorisation, completely configurable and dynamic; where permissions can be limited to extents.}
+    gem.email = "nathan@dixis.com"
+    gem.homepage = "http://github.com/vigilante"
+    gem.authors = ["Nathan Van der Auwera"]
+    gem.add_development_dependency "rails", ">= 3.0.0"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+
+require "rspec/core/rake_task"
+RSpec::Core::RakeTask.new(:spec)
+
+desc  "Run all specs with rcov"
+RSpec::Core::RakeTask.new("test_cov") do |t|
+  t.rcov = true
+  t.rcov_opts = %w{--rails --include views -Ispec --exclude gems\/,spec\/,features\/,seeds\/}
+end
+
+task :default => :spec

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/app/controllers/abilities_controller.rb

@@ -0,0 +1,18 @@
+class AbilitiesController < ApplicationController
+
+  before_filter :check_permissions
+
+  def index
+    @abilities = Ability.order(:name)
+  end
+
+  def show
+    @ability = Ability.find(params[:id])
+  end
+
+
+private
+
+
+
+end

data/app/models/ability.rb

@@ -0,0 +1,6 @@
+class Ability < ActiveRecord::Base
+  has_many :ability_permissions
+  has_many :permissions, :through => :ability_permissions
+
+  scope :that_need_extent, lambda { where('needs_extent=?', true)}
+end

data/app/models/ability_permission.rb

@@ -0,0 +1,4 @@
+class AbilityPermission < ActiveRecord::Base
+  belongs_to :permission
+  belongs_to :ability
+end

data/app/models/authorization.rb

@@ -0,0 +1,34 @@
+class Authorization < ActiveRecord::Base
+  belongs_to :operator, :class_name => ::VIGILANTE_CONFIG['current_user_class'].to_s
+  belongs_to :ability
+
+  has_many :authorization_extents, :dependent => :delete_all
+  accepts_nested_attributes_for :authorization_extents, :reject_if => proc { |x| x[:extent].blank? }, :allow_destroy => true
+
+
+  def match_extent(extent_object)
+    extents_count = authorization_extents.count
+    return true if extents_count == 0 && extent_object.blank?
+
+    return false if ((extents_count == 0 && extent_object.present?) ||
+                     (extents_count > 0  && extent_object.blank?))
+
+    authorization_extents.each do |extent|
+      return true if extent.match_extent(extent_object)
+    end
+    false
+  end
+
+
+  def add_extent(extent_object)
+    unless extent_object.nil? || match_extent(extent_object)
+      new_extent = authorization_extents.build
+      new_extent.set_extent(extent_object)
+      new_extent.save
+    end
+  end
+  
+  def has_extent?
+    authorization_extents.count > 0
+  end
+end

data/app/models/authorization_extent.rb

@@ -0,0 +1,34 @@
+class AuthorizationExtent < ActiveRecord::Base
+  belongs_to :authorization
+
+  def extent
+    if extent_objid
+      default_extent_class.find_by_id(extent_objid)
+    end
+  end
+
+  def extent=(ext_label)
+    # find asp
+    extent_obj = default_extent_class.find_by_id(ext_label)
+    if new_record?
+      self.extent_objid = extent_obj.id
+      self.extent_type = extent_obj.class.name
+    else
+      set_extent(extent_obj)
+    end
+  end
+
+  def match_extent(extent_object)
+    extent_type == extent_object.class.name && extent_objid == extent_object.id
+  end
+
+  def set_extent(extent_object)
+    update_attributes(:extent_objid => extent_object.id, :extent_type => extent_object.class.name)
+  end
+  
+  private
+
+  def default_extent_class
+    @@default_extent_class ||= Kernel.const_get(::VIGILANTE_CONFIG['default_extent_class'])
+  end
+end

data/app/models/permission.rb

@@ -0,0 +1,2 @@
+class Permission < ActiveRecord::Base
+end

data/app/models/permission_hash.rb

@@ -0,0 +1,131 @@
+class PermissionHash < HashWithIndifferentAccess
+
+  DEFAULT_PERMISSIONS = HashWithIndifferentAccess.new({'*' => {
+        :homepage => {:index => 1, :show => 1}
+      }
+    })
+
+  # default initialization
+  def initialize(default_start = DEFAULT_PERMISSIONS)
+    super( default_start )
+  end
+
+  # add extra allowed actions
+  def add(extent, path, allowed_actions)
+    self[extent]       ||= {}
+    self[extent][path] ||= {}
+
+    allowed_actions = [:index, :show] if allowed_actions.nil? || allowed_actions.empty?
+    allowed_actions.push(:update) if allowed_actions.include?(:edit) && !allowed_actions.include?(:update)
+    allowed_actions.push(:create) if allowed_actions.include?(:new) && !allowed_actions.include?(:create)
+
+    allowed_actions.each do |a|
+      self[extent][path][a] = 1
+    end
+    self
+  end
+
+  # get_extent_of calculates the extent of a
+  #     given controller/action for this permissionhash
+  # this returns either
+  #  - []  : no extent, nothing is allowed
+  #  - [extent_objid, ..] : the extent
+  #  Note: if the extent of the permission is global the returned array will include '*'
+  def get_extent_of(controller_name, action)
+    controller_name = to_controller_name(controller_name) unless controller_name.instance_of?(String)
+
+    permission_extent = []
+    self.keys.each do |extent|
+      if is_allowed_by_permissions(controller_name, action, self[extent])
+        permission_extent << extent.to_s
+      end
+    end
+    permission_extent
+  end
+
+
+  # does this permission-hash only has global permissions (without extent)
+  def are_only_global?
+    self.keys.size == 1 && self.keys[0] == '*'
+  end
+
+  # convenience method
+  def is_global?
+    are_only_global?
+  end
+
+  def is_allowed_by_context(controller_name, action_name, extents)
+    controller_name = to_controller_name(controller_name) unless controller_name.instance_of?(String)
+    
+    is_allowed_by_permissions(controller_name, action_name, get_permissions_by_context(extents))
+  end
+
+
+  #####################################################
+  #
+  #          Protected methods
+  #
+  #####################################################
+
+  protected
+
+
+    def model_name
+      controller_name.singularize.camelize
+    end
+
+
+    def to_controller_name(klass)
+      klass_str = klass.is_a?(Class) ? klass.name :
+                  klass.is_a?(String) ? klass :
+                  klass.class.name
+      "#{klass_str.underscore.pluralize}"
+    end
+
+    def get_permissions_by_context(extents)
+      # start from the empty permissions
+      Rails.logger.debug "get_permissions_by_context received #{extents.inspect}"
+      result = {}
+      # add specific extents
+      unless extents.nil? || self.is_global?
+        extents.each do |ctx_id|
+          Rails.logger.debug "get_permissions_by_context add extent #{ctx_id.inspect}"          
+          permissions_for_ctx = self[ctx_id]
+          result.merge!(permissions_for_ctx) unless permissions_for_ctx.nil?
+        end
+      end
+      Rails.logger.debug "get_permissions_by_context after extents built #{result.inspect}"
+
+      # add general extent only if we have nothing specific
+      result = {}.merge(self['*']) if result == {}
+      
+      Rails.logger.debug "get_permissions_by_context built #{result.inspect}"
+
+      result
+    end
+
+    def is_allowed_by_permissions(controller_name, action, extent_permissions)
+      action = action || 'index'
+      action = action.to_sym
+      controller_name = 'homepage' if controller_name == '/'
+      controller_name = controller_name[1..-1] if controller_name.starts_with?('/')
+
+      p = ''
+      path_parts = controller_name.split('/').collect() { |e| p = p+'/' unless p.empty?; p = p + e; p }.sort { |a, b| b.length <=> a.length }
+
+      result     = false
+      [path_parts, '*'].flatten!.each do |path|
+        allowed = extent_permissions[path]
+        unless allowed.nil?
+          result = (allowed[action] != nil) || (allowed[:all] != nil || allowed[:'*'] != nil)
+          break if result
+        end
+      end
+      result
+    end
+
+
+
+  
+  
+end

data/app/views/abilities/index.html.haml

@@ -0,0 +1,15 @@
+
+%table{:class => 'overview'}
+  %thead
+    %tr
+      %th Name
+      %th Description
+      %th
+
+  %tbody#groups
+    - @abilities.each do |ab|
+      %tr
+        %td=h ab.name
+        %td=h ab.description
+        %td
+          = link_to 'Show', ab

data/app/views/abilities/show.html.haml

@@ -0,0 +1,71 @@
+%table.resource_attributes
+  %tr
+    %th Name
+    %td= @ability.name
+  %tr
+    %th Description
+    %td= @ability.description
+
+
+%h2 Allowed actions
+
+
+
+%table{:class => 'overview'}
+  - @ability.permissions.each do |perm|
+    %tr
+      %td= perm.allowed_action
+
+#abilities_explanation.help_text
+  %p
+    Allowed actions are specified as follows:
+
+  %ul
+    %li
+      %pre
+        posts[index, show]
+      %ul
+        %li
+          Only the things that are explicitly specified are allowed.
+          This declares that on the
+          %tt
+            PostsController
+          only
+          %tt
+            index
+          and
+          %tt
+            show
+          are allowed.
+    %li
+      %pre
+        *[index, show, report]
+      %ul
+        %li
+          We also allow wild-cards. Instead of a controller-name, we could write
+          %tt
+            *
+          which would mean the specified actions would apply to all controllers.
+    %li
+      %pre
+        posts[all]
+      %ul
+        %li
+          If we write
+          %tt
+            all
+          instead of a specific action or list of actions, then all actions are allowed for a given controller.
+          In this case a user has the ability to access all actions inside the posts_controller.
+    %li
+      %pre
+        *[all]
+      %ul
+        %li
+          By extension, this means a user has the ability to access all actions from all controllers.
+  %p
+    When abilities are assigned to operators (authorisation), it is possible to specify the extent of the ability.
+    So an
+    %tt
+      asp_admin
+    's permissions could only be valid on a few asps.
+

data/lib/config/vigilante_config.yml

@@ -0,0 +1,19 @@
+development: &common
+  current_user_method: current_operator
+  current_user_class:  Author
+  default_extent_class: Blog
+
+  # delegate extent handling to owner application
+  application_context: current_context
+  application_extent_id_from_object : get_blog_id_from_context_object
+  application_context_from_nested_resources: find_blog_by_blog_id
+  
+
+test:
+  <<: *common   # merges key:value pairs defined in development anchor
+
+cucumber:
+  <<: *common   # merges key:value pairs defined in development anchor
+
+production:
+  <<: *common   # merges key:value pairs defined in development anchor