walruz 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION.yml +1 -1
- data/lib/walruz/actor.rb +41 -18
- data/lib/walruz.rb +17 -0
- data/spec/scenario.rb +2 -2
- data/spec/walruz/actor_spec.rb +31 -11
- data/spec/walruz/utils_spec.rb +2 -2
- metadata +2 -2
data/VERSION.yml
CHANGED
data/lib/walruz/actor.rb
CHANGED
@@ -19,30 +19,55 @@ module Walruz
|
|
19
19
|
# It returns a boolean indicating that the actor is authorized to
|
20
20
|
# access (or not) the subject
|
21
21
|
#
|
22
|
-
# Notes:
|
23
|
-
# Because this method is probably going to be called multiple times on
|
24
|
-
# a same action, the result of the first invocation is cached, if you
|
25
|
-
# want to uncache just pass true as a third parameter.
|
26
|
-
#
|
27
|
-
#
|
28
22
|
def can?(*args)
|
29
23
|
if args.size == 2
|
30
|
-
cached_values_for_can[args] ||= can_without_caching
|
24
|
+
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
25
|
+
elsif args.size == 3
|
26
|
+
if args.pop
|
27
|
+
(cached_values_for_can[args] = can_without_caching(*args))[0]
|
28
|
+
else
|
29
|
+
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
30
|
+
end
|
31
|
+
else
|
32
|
+
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
|
37
|
+
#
|
38
|
+
# Allows an actor to check if he can do some action on a given
|
39
|
+
# subject.
|
40
|
+
#
|
41
|
+
# Params:
|
42
|
+
# - label: The label of the action
|
43
|
+
# - subject: The subject which the actor wants to interact with
|
44
|
+
#
|
45
|
+
# Returns:
|
46
|
+
# Returns a a Hash with parameters given from the policy.
|
47
|
+
#
|
48
|
+
def authorize(*args)
|
49
|
+
if args.size == 2
|
50
|
+
cached_values_for_can[args] ||= can_without_caching(*args)
|
51
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
31
52
|
elsif args.size == 3
|
32
53
|
if args.pop
|
33
|
-
cached_values_for_can[args] = can_without_caching
|
54
|
+
cached_values_for_can[args] = can_without_caching(*args)[1]
|
55
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
34
56
|
else
|
35
|
-
cached_values_for_can[args] ||= can_without_caching
|
57
|
+
cached_values_for_can[args] ||= can_without_caching(*args)[1]
|
58
|
+
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
36
59
|
end
|
37
60
|
else
|
38
61
|
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
39
62
|
end
|
40
63
|
end
|
41
64
|
|
42
|
-
|
43
|
-
|
65
|
+
# :nodoc:
|
66
|
+
def can_without_caching(label, subject)
|
67
|
+
subject.can_be?(label, self)
|
44
68
|
end
|
45
69
|
|
70
|
+
# :nodoc:
|
46
71
|
def cached_values_for_can
|
47
72
|
@_cached_values_for_can ||= {}
|
48
73
|
end
|
@@ -56,22 +81,20 @@ module Walruz
|
|
56
81
|
# - subject: The subject which the actor wants to interact with
|
57
82
|
#
|
58
83
|
# Returns:
|
59
|
-
#
|
60
|
-
# When is an Array, the second parameter is a Hash with parameters given from
|
61
|
-
# the policy.
|
84
|
+
# Returns a a Hash with parameters given from the policy.
|
62
85
|
#
|
63
86
|
# Raises:
|
64
|
-
# Walruz::NotAuthorized error if the actor can't
|
87
|
+
# Walruz::NotAuthorized error if the actor can't execute the action on the subject
|
65
88
|
#
|
66
|
-
def authorize(label, subject)
|
89
|
+
def authorize!(label, subject)
|
67
90
|
result = subject.can_be?(label, self)
|
68
91
|
if result[0]
|
69
|
-
cached_values_for_can[[label, subject]] = result
|
92
|
+
cached_values_for_can[[label, subject]] = result
|
70
93
|
result[1]
|
71
94
|
else
|
72
95
|
response_params = result[1]
|
73
96
|
error_message = response_params[:error_message] || "You are not authorized to access this content"
|
74
|
-
raise NotAuthorized.new(error_message)
|
97
|
+
raise NotAuthorized.new(self, subject, label, error_message)
|
75
98
|
end
|
76
99
|
end
|
77
100
|
|
data/lib/walruz.rb
CHANGED
@@ -1,6 +1,23 @@
|
|
1
1
|
module Walruz
|
2
2
|
|
3
3
|
class NotAuthorized < Exception
|
4
|
+
|
5
|
+
attr_reader :actor
|
6
|
+
attr_reader :subject
|
7
|
+
attr_reader :action
|
8
|
+
|
9
|
+
def initialize(actor, subject, action, error_message = nil)
|
10
|
+
@actor = actor
|
11
|
+
@subject = subject
|
12
|
+
@action = action
|
13
|
+
|
14
|
+
if error_message.nil?
|
15
|
+
super
|
16
|
+
else
|
17
|
+
super(error_message)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
4
21
|
end
|
5
22
|
|
6
23
|
class AuthorizationActionsNotDefined < Exception
|
data/spec/scenario.rb
CHANGED
@@ -13,7 +13,7 @@ class Beatle
|
|
13
13
|
end
|
14
14
|
|
15
15
|
def sing_the_song(song)
|
16
|
-
response = authorize(:sing, song)
|
16
|
+
response = authorize!(:sing, song)
|
17
17
|
case response[:owner]
|
18
18
|
when Colaboration
|
19
19
|
authors = response[:owner].authors.dup
|
@@ -26,7 +26,7 @@ class Beatle
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def sing_with_john(song)
|
29
|
-
authorize(:sing_with_john, song)
|
29
|
+
authorize!(:sing_with_john, song)
|
30
30
|
"Ok John, Let's Play '%s'" % song.name
|
31
31
|
end
|
32
32
|
|
data/spec/walruz/actor_spec.rb
CHANGED
@@ -6,6 +6,10 @@ describe 'Walruz::Actor' do
|
|
6
6
|
Beatle::JOHN.should respond_to(:authorize)
|
7
7
|
end
|
8
8
|
|
9
|
+
it "should add an instance method `authorize!` to included classes" do
|
10
|
+
Beatle::JOHN.should respond_to(:authorize!)
|
11
|
+
end
|
12
|
+
|
9
13
|
it "should add an instance method `can?` to included classes" do
|
10
14
|
Beatle::JOHN.should respond_to(:can?)
|
11
15
|
end
|
@@ -17,12 +21,37 @@ describe 'Walruz::Actor' do
|
|
17
21
|
|
18
22
|
describe "#authorize" do
|
19
23
|
|
24
|
+
it "should return nil when the actor is not authorized" do
|
25
|
+
Beatle::RINGO.authorize(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_nil
|
26
|
+
end
|
27
|
+
|
28
|
+
it "should return the policy parameters when the actor is authorized" do
|
29
|
+
result = Beatle::JOHN.authorize(:sing, Song::ALL_YOU_NEED_IS_LOVE)
|
30
|
+
result.should_not be_nil
|
31
|
+
result.should be_kind_of(Hash)
|
32
|
+
result[:owner].should == Beatle::JOHN
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
describe "#authorize!" do
|
38
|
+
|
20
39
|
it "should raise a Walruz::NotAuthorized error when the actor is not authorized" do
|
21
40
|
lambda do
|
22
41
|
Beatle::RINGO.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
23
42
|
end.should raise_error(Walruz::NotAuthorized)
|
24
43
|
end
|
25
44
|
|
45
|
+
it "should raise a Walruz::NotAuthorized error with the information of actor, subject and action when actor is not authorized" do
|
46
|
+
begin
|
47
|
+
Beatle::RINGO.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
48
|
+
rescue Walruz::NotAuthorized => e
|
49
|
+
e.actor.should == Beatle::RINGO
|
50
|
+
e.subject.should == Song::ALL_YOU_NEED_IS_LOVE
|
51
|
+
e.action == :sing
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
26
55
|
it "should not raise a Walruz::NotAuthorized error when the actor is authorized" do
|
27
56
|
lambda do
|
28
57
|
Beatle::JOHN.sing_the_song(Song::ALL_YOU_NEED_IS_LOVE)
|
@@ -44,20 +73,11 @@ describe 'Walruz::Actor' do
|
|
44
73
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE)
|
45
74
|
end
|
46
75
|
|
47
|
-
# @deprecated functionality
|
48
|
-
# WHY: When you execute `can?` you should probably have already executed `authorize`
|
49
|
-
# it "should execute a given block if the condition is true" do
|
50
|
-
# proc_called = lambda { raise "Is being called" }
|
51
|
-
# lambda do
|
52
|
-
# Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, &proc_called)
|
53
|
-
# end.should raise_error
|
54
|
-
# end
|
55
|
-
|
56
76
|
it "if a boolean third parameter is received it should not use the cached result" do
|
57
|
-
Beatle::JOHN.stub!(:can_without_caching
|
77
|
+
Beatle::JOHN.stub!(:can_without_caching).and_return([true, {}])
|
58
78
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
59
79
|
|
60
|
-
Beatle::JOHN.stub!(:can_without_caching
|
80
|
+
Beatle::JOHN.stub!(:can_without_caching).and_return([false, {}])
|
61
81
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
62
82
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, true).should be_false
|
63
83
|
end
|
data/spec/walruz/utils_spec.rb
CHANGED
@@ -4,13 +4,13 @@ describe Walruz::Utils do
|
|
4
4
|
|
5
5
|
def check_actor_can_on_subject(label, actor, subject)
|
6
6
|
lambda do
|
7
|
-
actor.authorize(label, subject)
|
7
|
+
actor.authorize!(label, subject)
|
8
8
|
end.should_not raise_error(Walruz::NotAuthorized)
|
9
9
|
end
|
10
10
|
|
11
11
|
def check_actor_can_not_on_subject(label, actor, subject)
|
12
12
|
lambda do
|
13
|
-
actor.authorize(label, subject)
|
13
|
+
actor.authorize!(label, subject)
|
14
14
|
end.should raise_error(Walruz::NotAuthorized)
|
15
15
|
end
|
16
16
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: walruz
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Roman Gonzalez
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-07-
|
12
|
+
date: 2009-07-13 00:00:00 -07:00
|
13
13
|
default_executable:
|
14
14
|
dependencies: []
|
15
15
|
|