walruz 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION.yml +1 -1
- data/lib/walruz/actor.rb +41 -18
- data/lib/walruz.rb +17 -0
- data/spec/scenario.rb +2 -2
- data/spec/walruz/actor_spec.rb +31 -11
- data/spec/walruz/utils_spec.rb +2 -2
- metadata +2 -2
data/VERSION.yml
CHANGED
data/lib/walruz/actor.rb
CHANGED
|
@@ -19,30 +19,55 @@ module Walruz
|
|
|
19
19
|
# It returns a boolean indicating that the actor is authorized to
|
|
20
20
|
# access (or not) the subject
|
|
21
21
|
#
|
|
22
|
-
# Notes:
|
|
23
|
-
# Because this method is probably going to be called multiple times on
|
|
24
|
-
# a same action, the result of the first invocation is cached, if you
|
|
25
|
-
# want to uncache just pass true as a third parameter.
|
|
26
|
-
#
|
|
27
|
-
#
|
|
28
22
|
def can?(*args)
|
|
29
23
|
if args.size == 2
|
|
30
|
-
cached_values_for_can[args] ||= can_without_caching
|
|
24
|
+
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
|
25
|
+
elsif args.size == 3
|
|
26
|
+
if args.pop
|
|
27
|
+
(cached_values_for_can[args] = can_without_caching(*args))[0]
|
|
28
|
+
else
|
|
29
|
+
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
|
30
|
+
end
|
|
31
|
+
else
|
|
32
|
+
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
|
|
37
|
+
#
|
|
38
|
+
# Allows an actor to check if he can do some action on a given
|
|
39
|
+
# subject.
|
|
40
|
+
#
|
|
41
|
+
# Params:
|
|
42
|
+
# - label: The label of the action
|
|
43
|
+
# - subject: The subject which the actor wants to interact with
|
|
44
|
+
#
|
|
45
|
+
# Returns:
|
|
46
|
+
# Returns a a Hash with parameters given from the policy.
|
|
47
|
+
#
|
|
48
|
+
def authorize(*args)
|
|
49
|
+
if args.size == 2
|
|
50
|
+
cached_values_for_can[args] ||= can_without_caching(*args)
|
|
51
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
|
31
52
|
elsif args.size == 3
|
|
32
53
|
if args.pop
|
|
33
|
-
cached_values_for_can[args] = can_without_caching
|
|
54
|
+
cached_values_for_can[args] = can_without_caching(*args)[1]
|
|
55
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
|
34
56
|
else
|
|
35
|
-
cached_values_for_can[args] ||= can_without_caching
|
|
57
|
+
cached_values_for_can[args] ||= can_without_caching(*args)[1]
|
|
58
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
|
36
59
|
end
|
|
37
60
|
else
|
|
38
61
|
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
|
39
62
|
end
|
|
40
63
|
end
|
|
41
64
|
|
|
42
|
-
|
|
43
|
-
|
|
65
|
+
# :nodoc:
|
|
66
|
+
def can_without_caching(label, subject)
|
|
67
|
+
subject.can_be?(label, self)
|
|
44
68
|
end
|
|
45
69
|
|
|
70
|
+
# :nodoc:
|
|
46
71
|
def cached_values_for_can
|
|
47
72
|
@_cached_values_for_can ||= {}
|
|
48
73
|
end
|
|
@@ -56,22 +81,20 @@ module Walruz
|
|
|
56
81
|
# - subject: The subject which the actor wants to interact with
|
|
57
82
|
#
|
|
58
83
|
# Returns:
|
|
59
|
-
#
|
|
60
|
-
# When is an Array, the second parameter is a Hash with parameters given from
|
|
61
|
-
# the policy.
|
|
84
|
+
# Returns a a Hash with parameters given from the policy.
|
|
62
85
|
#
|
|
63
86
|
# Raises:
|
|
64
|
-
# Walruz::NotAuthorized error if the actor can't
|
|
87
|
+
# Walruz::NotAuthorized error if the actor can't execute the action on the subject
|
|
65
88
|
#
|
|
66
|
-
def authorize(label, subject)
|
|
89
|
+
def authorize!(label, subject)
|
|
67
90
|
result = subject.can_be?(label, self)
|
|
68
91
|
if result[0]
|
|
69
|
-
cached_values_for_can[[label, subject]] = result
|
|
92
|
+
cached_values_for_can[[label, subject]] = result
|
|
70
93
|
result[1]
|
|
71
94
|
else
|
|
72
95
|
response_params = result[1]
|
|
73
96
|
error_message = response_params[:error_message] || "You are not authorized to access this content"
|
|
74
|
-
raise NotAuthorized.new(error_message)
|
|
97
|
+
raise NotAuthorized.new(self, subject, label, error_message)
|
|
75
98
|
end
|
|
76
99
|
end
|
|
77
100
|
|
data/lib/walruz.rb
CHANGED
|
@@ -1,6 +1,23 @@
|
|
|
1
1
|
module Walruz
|
|
2
2
|
|
|
3
3
|
class NotAuthorized < Exception
|
|
4
|
+
|
|
5
|
+
attr_reader :actor
|
|
6
|
+
attr_reader :subject
|
|
7
|
+
attr_reader :action
|
|
8
|
+
|
|
9
|
+
def initialize(actor, subject, action, error_message = nil)
|
|
10
|
+
@actor = actor
|
|
11
|
+
@subject = subject
|
|
12
|
+
@action = action
|
|
13
|
+
|
|
14
|
+
if error_message.nil?
|
|
15
|
+
super
|
|
16
|
+
else
|
|
17
|
+
super(error_message)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
4
21
|
end
|
|
5
22
|
|
|
6
23
|
class AuthorizationActionsNotDefined < Exception
|
data/spec/scenario.rb
CHANGED
|
@@ -13,7 +13,7 @@ class Beatle
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def sing_the_song(song)
|
|
16
|
-
response = authorize(:sing, song)
|
|
16
|
+
response = authorize!(:sing, song)
|
|
17
17
|
case response[:owner]
|
|
18
18
|
when Colaboration
|
|
19
19
|
authors = response[:owner].authors.dup
|
|
@@ -26,7 +26,7 @@ class Beatle
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
def sing_with_john(song)
|
|
29
|
-
authorize(:sing_with_john, song)
|
|
29
|
+
authorize!(:sing_with_john, song)
|
|
30
30
|
"Ok John, Let's Play '%s'" % song.name
|
|
31
31
|
end
|
|
32
32
|
|
data/spec/walruz/actor_spec.rb
CHANGED
|
@@ -6,6 +6,10 @@ describe 'Walruz::Actor' do
|
|
|
6
6
|
Beatle::JOHN.should respond_to(:authorize)
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
+
it "should add an instance method `authorize!` to included classes" do
|
|
10
|
+
Beatle::JOHN.should respond_to(:authorize!)
|
|
11
|
+
end
|
|
12
|
+
|
|
9
13
|
it "should add an instance method `can?` to included classes" do
|
|
10
14
|
Beatle::JOHN.should respond_to(:can?)
|
|
11
15
|
end
|
|
@@ -17,12 +21,37 @@ describe 'Walruz::Actor' do
|
|
|
17
21
|
|
|
18
22
|
describe "#authorize" do
|
|
19
23
|
|
|
24
|
+
it "should return nil when the actor is not authorized" do
|
|
25
|
+
Beatle::RINGO.authorize(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_nil
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
it "should return the policy parameters when the actor is authorized" do
|
|
29
|
+
result = Beatle::JOHN.authorize(:sing, Song::ALL_YOU_NEED_IS_LOVE)
|
|
30
|
+
result.should_not be_nil
|
|
31
|
+
result.should be_kind_of(Hash)
|
|
32
|
+
result[:owner].should == Beatle::JOHN
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
describe "#authorize!" do
|
|
38
|
+
|
|
20
39
|
it "should raise a Walruz::NotAuthorized error when the actor is not authorized" do
|
|
21
40
|
lambda do
|
|
22
41
|
Beatle::RINGO.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
|
23
42
|
end.should raise_error(Walruz::NotAuthorized)
|
|
24
43
|
end
|
|
25
44
|
|
|
45
|
+
it "should raise a Walruz::NotAuthorized error with the information of actor, subject and action when actor is not authorized" do
|
|
46
|
+
begin
|
|
47
|
+
Beatle::RINGO.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
|
48
|
+
rescue Walruz::NotAuthorized => e
|
|
49
|
+
e.actor.should == Beatle::RINGO
|
|
50
|
+
e.subject.should == Song::ALL_YOU_NEED_IS_LOVE
|
|
51
|
+
e.action == :sing
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
26
55
|
it "should not raise a Walruz::NotAuthorized error when the actor is authorized" do
|
|
27
56
|
lambda do
|
|
28
57
|
Beatle::JOHN.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
|
@@ -44,20 +73,11 @@ describe 'Walruz::Actor' do
|
|
|
44
73
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE)
|
|
45
74
|
end
|
|
46
75
|
|
|
47
|
-
# @deprecated functionality
|
|
48
|
-
# WHY: When you execute `can?` you should probably have already executed `authorize`
|
|
49
|
-
# it "should execute a given block if the condition is true" do
|
|
50
|
-
# proc_called = lambda { raise "Is being called" }
|
|
51
|
-
# lambda do
|
|
52
|
-
# Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, &proc_called)
|
|
53
|
-
# end.should raise_error
|
|
54
|
-
# end
|
|
55
|
-
|
|
56
76
|
it "if a boolean third parameter is received it should not use the cached result" do
|
|
57
|
-
Beatle::JOHN.stub!(:can_without_caching
|
|
77
|
+
Beatle::JOHN.stub!(:can_without_caching).and_return([true, {}])
|
|
58
78
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
|
59
79
|
|
|
60
|
-
Beatle::JOHN.stub!(:can_without_caching
|
|
80
|
+
Beatle::JOHN.stub!(:can_without_caching).and_return([false, {}])
|
|
61
81
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
|
62
82
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, true).should be_false
|
|
63
83
|
end
|
data/spec/walruz/utils_spec.rb
CHANGED
|
@@ -4,13 +4,13 @@ describe Walruz::Utils do
|
|
|
4
4
|
|
|
5
5
|
def check_actor_can_on_subject(label, actor, subject)
|
|
6
6
|
lambda do
|
|
7
|
-
actor.authorize(label, subject)
|
|
7
|
+
actor.authorize!(label, subject)
|
|
8
8
|
end.should_not raise_error(Walruz::NotAuthorized)
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def check_actor_can_not_on_subject(label, actor, subject)
|
|
12
12
|
lambda do
|
|
13
|
-
actor.authorize(label, subject)
|
|
13
|
+
actor.authorize!(label, subject)
|
|
14
14
|
end.should raise_error(Walruz::NotAuthorized)
|
|
15
15
|
end
|
|
16
16
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: walruz
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Roman Gonzalez
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-07-
|
|
12
|
+
date: 2009-07-13 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|