walruz 0.0.7 → 0.0.8
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +14 -0
- data/CHANGELOG +15 -0
- data/Rakefile +5 -25
- data/VERSION.yml +1 -1
- data/lib/walruz.rb +6 -1
- data/lib/walruz/actor.rb +13 -56
- data/lib/walruz/core_ext/memoization.rb +34 -0
- data/lib/walruz/manager.rb +93 -0
- data/lib/walruz/policy.rb +7 -2
- data/lib/walruz/subject.rb +1 -31
- data/spec/scenario.rb +45 -1
- data/spec/walruz/actor_spec.rb +8 -8
- data/spec/walruz/core_ext/memoization_spec.rb +23 -0
- data/spec/walruz/manager_spec.rb +25 -0
- data/spec/walruz/policy_spec.rb +31 -1
- data/spec/walruz/subject_spec.rb +1 -16
- data/walruz.gemspec +76 -0
- metadata +13 -3
data/.document
ADDED
data/.gitignore
ADDED
data/CHANGELOG
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
* 0.0.8 (Aug 21, 2009) The anonymous who
|
2
|
+
* New class <tt>Walruz::Manager</tt> will handle all the authorization
|
3
|
+
invocation that was in Walruz::Actor and Walruz::Subject before
|
4
|
+
* New module <tt>Walruz::Memoize</tt> that provides memoization methods to
|
5
|
+
cache the result of the <tt>can?</tt>, <tt>authorize</tt>, <tt>satisfies?</tt>
|
6
|
+
and <tt>satisfies</tt> methods in the Actor model
|
7
|
+
* Added the Walruz::Policy#halt method to stop execution of policies
|
8
|
+
authorizations (even if they are in a composite policy), and return false with
|
9
|
+
an error message.
|
10
|
+
|
11
|
+
* 0.0.7 (July 23, 2009)
|
12
|
+
* New +Array#only_authorized_for+ method for filtering arrays of _subjects_
|
13
|
+
* Added the +satisfy+ on the +Walruz::Actor+ module
|
14
|
+
* Changed documentation from rDoc to YARD
|
15
|
+
* Documented all the modules of the gem
|
data/Rakefile
CHANGED
@@ -14,6 +14,11 @@ begin
|
|
14
14
|
|
15
15
|
# gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
|
16
16
|
end
|
17
|
+
|
18
|
+
Jeweler::RubyforgeTasks.new do |rubyforge|
|
19
|
+
rubyforge.doc_task = "yard"
|
20
|
+
end
|
21
|
+
|
17
22
|
rescue LoadError
|
18
23
|
puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
|
19
24
|
end
|
@@ -49,28 +54,3 @@ Rake::RDocTask.new do |rdoc|
|
|
49
54
|
rdoc.rdoc_files.include('lib/**/*.rb')
|
50
55
|
end
|
51
56
|
|
52
|
-
begin
|
53
|
-
require 'rake/contrib/sshpublisher'
|
54
|
-
namespace :rubyforge do
|
55
|
-
|
56
|
-
desc "Release gem and RDoc documentation to RubyForge"
|
57
|
-
task :release => ["rubyforge:release:gem", "rubyforge:release:docs"]
|
58
|
-
|
59
|
-
namespace :release do
|
60
|
-
desc "Publish RDoc to RubyForge."
|
61
|
-
task :docs => [:rdoc] do
|
62
|
-
config = YAML.load(
|
63
|
-
File.read(File.expand_path('~/.rubyforge/user-config.yml'))
|
64
|
-
)
|
65
|
-
|
66
|
-
host = "#{config['username']}@rubyforge.org"
|
67
|
-
remote_dir = "/var/www/gforge-projects/walruz/"
|
68
|
-
local_dir = 'rdoc'
|
69
|
-
|
70
|
-
Rake::SshDirPublisher.new(host, remote_dir, local_dir).upload
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|
74
|
-
rescue LoadError
|
75
|
-
puts "Rake SshDirPublisher is unavailable or your rubyforge environment is not configured."
|
76
|
-
end
|
data/VERSION.yml
CHANGED
data/lib/walruz.rb
CHANGED
@@ -20,6 +20,9 @@ module Walruz
|
|
20
20
|
|
21
21
|
end
|
22
22
|
|
23
|
+
class PolicyHalted < Exception
|
24
|
+
end
|
25
|
+
|
23
26
|
class AuthorizationActionsNotDefined < Exception
|
24
27
|
end
|
25
28
|
|
@@ -37,6 +40,8 @@ module Walruz
|
|
37
40
|
end
|
38
41
|
|
39
42
|
base_path = File.dirname(__FILE__)
|
43
|
+
autoload :Memoization, base_path + '/walruz/core_ext/memoization'
|
44
|
+
autoload :Manager, base_path + '/walruz/manager'
|
40
45
|
autoload :Actor, base_path + '/walruz/actor'
|
41
46
|
autoload :Subject, base_path + '/walruz/subject'
|
42
47
|
autoload :Policy, base_path + '/walruz/policy'
|
@@ -88,4 +93,4 @@ module Walruz
|
|
88
93
|
end
|
89
94
|
|
90
95
|
require File.dirname(__FILE__) + '/walruz/core_ext/array'
|
91
|
-
Array.send(:include, Walruz::CoreExt::Array)
|
96
|
+
Array.send(:include, Walruz::CoreExt::Array)
|
data/lib/walruz/actor.rb
CHANGED
@@ -12,7 +12,9 @@ module Walruz
|
|
12
12
|
# [<b><tt>satisfies(policy_label, subject)</tt></b>] Returns Either nil if the actor and subject don't satisfy the policy or a Hash with the parameters returned from the Policy.
|
13
13
|
#
|
14
14
|
module Actor
|
15
|
-
|
15
|
+
include Walruz::Manager::AuthorizationQuery
|
16
|
+
include Walruz::Memoization
|
17
|
+
|
16
18
|
# @overload can?(action, subject)
|
17
19
|
# Allows an <em>actor</em> to check if he can perform an <em>action</em> on a given <em>subject</em>.
|
18
20
|
# === Note:
|
@@ -32,18 +34,8 @@ module Walruz
|
|
32
34
|
# @param [Boolean] A boolean indicating if you want to reset the cached result.
|
33
35
|
# @return [Boolean] A boolean indicating if the <em>actor</em> is authorized to perform the <em>action</em> (or not) on the <em>subject</em>.
|
34
36
|
#
|
35
|
-
def can?(
|
36
|
-
|
37
|
-
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
38
|
-
elsif args.size == 3
|
39
|
-
if args.pop
|
40
|
-
(cached_values_for_can[args] = can_without_caching(*args))[0]
|
41
|
-
else
|
42
|
-
(cached_values_for_can[args] ||= can_without_caching(*args))[0]
|
43
|
-
end
|
44
|
-
else
|
45
|
-
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
46
|
-
end
|
37
|
+
def can?(action, subject)
|
38
|
+
super(self, action, subject)
|
47
39
|
end
|
48
40
|
|
49
41
|
|
@@ -68,31 +60,10 @@ module Walruz
|
|
68
60
|
#
|
69
61
|
# @param [Symbol] The action as it is declared on the <tt>check_authorizations</tt> method on the <em>subject</em> class.
|
70
62
|
# @param [Walruz::Subject] The <em>subject</em> on which the <em>actor</em> wants to execute the <em>action</em>.
|
71
|
-
# @param [
|
63
|
+
# @param [Symbol] A symbol with the value ":reload" indicating that you want to reset the cached result.
|
72
64
|
# @return [Hash] Parameters returned from the <em>policy</em>.
|
73
|
-
def authorize(
|
74
|
-
|
75
|
-
cached_values_for_can[args] ||= can_without_caching(*args)
|
76
|
-
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
77
|
-
elsif args.size == 3
|
78
|
-
if args.pop
|
79
|
-
cached_values_for_can[args] = can_without_caching(*args)[1]
|
80
|
-
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
81
|
-
else
|
82
|
-
cached_values_for_can[args] ||= can_without_caching(*args)[1]
|
83
|
-
cached_values_for_can[args][0] ? cached_values_for_can[args][1] : nil
|
84
|
-
end
|
85
|
-
else
|
86
|
-
raise ArgumentError.new("wrong number of arguments (%d for 2)" % args.size)
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
def can_without_caching(label, subject)
|
91
|
-
subject.can_be?(label, self)
|
92
|
-
end
|
93
|
-
|
94
|
-
def cached_values_for_can
|
95
|
-
@_cached_values_for_can ||= {}
|
65
|
+
def authorize(action, subject)
|
66
|
+
super(self, action, subject)
|
96
67
|
end
|
97
68
|
|
98
69
|
#
|
@@ -108,15 +79,7 @@ module Walruz
|
|
108
79
|
#
|
109
80
|
#
|
110
81
|
def authorize!(label, subject)
|
111
|
-
|
112
|
-
if result[0]
|
113
|
-
cached_values_for_can[[label, subject]] = result
|
114
|
-
result[1]
|
115
|
-
else
|
116
|
-
response_params = result[1]
|
117
|
-
error_message = response_params[:error_message] || "You are not authorized to access this content"
|
118
|
-
raise NotAuthorized.new(self, subject, label, error_message)
|
119
|
-
end
|
82
|
+
super(self, label, subject)
|
120
83
|
end
|
121
84
|
|
122
85
|
#
|
@@ -128,12 +91,9 @@ module Walruz
|
|
128
91
|
# @return [Boolean] saying if the <em>actor</em> and the <em>subject</em> satisify the <em>policy</em>.
|
129
92
|
#
|
130
93
|
def satisfies?(policy_label, subject)
|
131
|
-
|
132
|
-
result = policy_clz.return_policy.new.safe_authorized?(self, subject)
|
133
|
-
result[0]
|
94
|
+
super(self, policy_label, subject)
|
134
95
|
end
|
135
96
|
|
136
|
-
|
137
97
|
#
|
138
98
|
# Allows an <em>actor</em> to check if he satisfies the condition of a <em>policy</em> with a given <em>subject</em>.
|
139
99
|
#
|
@@ -143,13 +103,10 @@ module Walruz
|
|
143
103
|
# @return [Hash] Hash with the parameters returned from the <em>policy</em> if the <em>actor</em> and the <em>subject</em> satisfy the <em>policy</em>, nil otherwise.
|
144
104
|
#
|
145
105
|
def satisfies(policy_label, subject)
|
146
|
-
|
147
|
-
result = policy_clz.return_policy.new.safe_authorized?(self, subject)
|
148
|
-
result[0] ? result[1] : nil
|
106
|
+
super(self, policy_label, subject)
|
149
107
|
end
|
150
108
|
|
151
|
-
|
152
|
-
protected :can_without_caching, :cached_values_for_can
|
109
|
+
walruz_memoize :can?, :authorize, :satisfies?, :satisfies
|
153
110
|
|
154
111
|
end
|
155
|
-
end
|
112
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
module Walruz
|
2
|
+
module Memoization
|
3
|
+
|
4
|
+
def self.included(base)
|
5
|
+
base.extend(ClassMethods)
|
6
|
+
end
|
7
|
+
|
8
|
+
module ClassMethods
|
9
|
+
|
10
|
+
# Avoiding name clashes with Rails
|
11
|
+
def walruz_memoize(*methods)
|
12
|
+
methods.each do |method|
|
13
|
+
self.walruz_memoize_method(method)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def walruz_memoize_method(method)
|
18
|
+
memoized = {}
|
19
|
+
original_method = self.instance_method(method)
|
20
|
+
self.send(:define_method, method) do |*params|
|
21
|
+
bound_original_method = original_method.bind(self).to_proc
|
22
|
+
if params.last.kind_of?(Symbol) && params.last == :reload
|
23
|
+
params.pop
|
24
|
+
memoized[[self, params]] = bound_original_method.call(*params)
|
25
|
+
else
|
26
|
+
memoized[[self, params]] ||= bound_original_method.call(*params)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
32
|
+
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
module Walruz
|
2
|
+
|
3
|
+
# The objective of this class is to start the invocation
|
4
|
+
# of the authorization process, the methods of this class are used
|
5
|
+
# internally by the actor and subject classes.
|
6
|
+
#
|
7
|
+
class Manager
|
8
|
+
|
9
|
+
module AuthorizationQuery
|
10
|
+
|
11
|
+
def can?(actor, action, subject)
|
12
|
+
Walruz::Manager.check_authorization(actor, action, subject)[0]
|
13
|
+
end
|
14
|
+
|
15
|
+
def authorize!(actor, action, subject)
|
16
|
+
result = Walruz::Manager.check_authorization(actor, action, subject)
|
17
|
+
if result[0]
|
18
|
+
result[1]
|
19
|
+
else
|
20
|
+
response_params = result[1]
|
21
|
+
error_message = response_params[:error_message] || "You are not authorized to access this content"
|
22
|
+
raise NotAuthorized.new(self, subject, action, error_message)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def authorize(actor, action, subject)
|
27
|
+
result = Walruz::Manager.check_authorization(actor, action, subject)
|
28
|
+
result[0] ? result[1] : nil
|
29
|
+
end
|
30
|
+
|
31
|
+
def satisfies?(actor, policy_label, subject)
|
32
|
+
policy_clz = Walruz.fetch_policy(policy_label)
|
33
|
+
result = policy_clz.return_policy.new.safe_authorized?(actor, subject)
|
34
|
+
result[0]
|
35
|
+
end
|
36
|
+
|
37
|
+
def satisfies(actor, policy_label, subject)
|
38
|
+
policy_clz = Walruz.fetch_policy(policy_label)
|
39
|
+
result = policy_clz.return_policy.new.safe_authorized?(actor, subject)
|
40
|
+
result[0] ? result[1] : nil
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
|
45
|
+
extend AuthorizationQuery
|
46
|
+
class << self
|
47
|
+
include Memoization
|
48
|
+
walruz_memoize :can?, :authorize, :satisfies?, :satisfies
|
49
|
+
end
|
50
|
+
|
51
|
+
#
|
52
|
+
# core method used on all the actor methods:
|
53
|
+
# can?
|
54
|
+
# authorize!
|
55
|
+
# authorize
|
56
|
+
# :private:
|
57
|
+
def self.check_authorization(actor, action, subject)
|
58
|
+
check_authorization_action_is_declared_on_subject(subject, action)
|
59
|
+
action = if subject.class._walruz_policies.key?(:default)
|
60
|
+
subject.class._walruz_policies.key?(action) ? action : :default
|
61
|
+
else
|
62
|
+
if subject.class._walruz_policies.key?(action)
|
63
|
+
action
|
64
|
+
else
|
65
|
+
raise ActionNotFound.new(:subject_action, :subject => subject,
|
66
|
+
:action => action)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
begin
|
71
|
+
result = subject.class._walruz_policies[action].
|
72
|
+
return_policy.
|
73
|
+
new.
|
74
|
+
safe_authorized?(actor, subject)
|
75
|
+
rescue PolicyHalted => e
|
76
|
+
result = [false, {:error_message => e.message}]
|
77
|
+
end
|
78
|
+
result
|
79
|
+
end
|
80
|
+
|
81
|
+
private
|
82
|
+
|
83
|
+
def self.check_authorization_action_is_declared_on_subject(subject, action)
|
84
|
+
if subject.class._walruz_policies.nil?
|
85
|
+
message =<<-BEGIN
|
86
|
+
You need to invoke `check_authorizations :#{action} => Policies::SomePolicy` on the #{subject.class.name} class
|
87
|
+
BEGIN
|
88
|
+
raise AuthorizationActionsNotDefined.new(message)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
end
|
93
|
+
end
|
data/lib/walruz/policy.rb
CHANGED
@@ -15,7 +15,11 @@ module Walruz
|
|
15
15
|
@policies[child.policy_label] = child
|
16
16
|
end
|
17
17
|
end
|
18
|
-
|
18
|
+
|
19
|
+
def halt(msg="You are not authorized")
|
20
|
+
raise PolicyHalted.new(msg)
|
21
|
+
end
|
22
|
+
|
19
23
|
|
20
24
|
# @see Walruz.policies
|
21
25
|
def self.policies
|
@@ -188,6 +192,7 @@ module Walruz
|
|
188
192
|
def params
|
189
193
|
@params ||= {}
|
190
194
|
end
|
195
|
+
|
191
196
|
|
192
197
|
end
|
193
|
-
end
|
198
|
+
end
|
data/lib/walruz/subject.rb
CHANGED
@@ -39,36 +39,6 @@ module Walruz
|
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
42
|
-
def can_be?(action, actor) # :nodoc:
|
43
|
-
check_authorization_actions_are_setted(action)
|
44
|
-
action = if self.class._walruz_policies.key?(:default)
|
45
|
-
self.class._walruz_policies.key?(action) ? action : :default
|
46
|
-
else
|
47
|
-
if self.class._walruz_policies.key?(action)
|
48
|
-
action
|
49
|
-
else
|
50
|
-
raise ActionNotFound.new(:subject_action, :subject => self,
|
51
|
-
:action => action)
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
result = self.class._walruz_policies[action].
|
56
|
-
return_policy.
|
57
|
-
new.
|
58
|
-
safe_authorized?(actor, self)
|
59
|
-
|
60
|
-
result
|
61
|
-
end
|
62
|
-
|
63
|
-
def check_authorization_actions_are_setted(action) # :nodoc:
|
64
|
-
if self.class._walruz_policies.nil?
|
65
|
-
message =<<BEGIN
|
66
|
-
You need to invoke `check_authorizations :#{action} => Policies::SomePolicy` on the #{self.class.name} class
|
67
|
-
BEGIN
|
68
|
-
raise AuthorizationActionsNotDefined.new(message)
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
42
|
module ClassMethods
|
73
43
|
|
74
44
|
#
|
@@ -118,4 +88,4 @@ BEGIN
|
|
118
88
|
end
|
119
89
|
|
120
90
|
end
|
121
|
-
end
|
91
|
+
end
|
data/spec/scenario.rb
CHANGED
@@ -1,3 +1,25 @@
|
|
1
|
+
class Foo
|
2
|
+
include Walruz::Memoization
|
3
|
+
|
4
|
+
def initialize
|
5
|
+
@first = nil
|
6
|
+
end
|
7
|
+
|
8
|
+
def highcost
|
9
|
+
@first = @first.nil?
|
10
|
+
if @first
|
11
|
+
@first = false
|
12
|
+
"This is the first time"
|
13
|
+
else
|
14
|
+
"This is the second time"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
walruz_memoize :highcost
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
|
1
23
|
class Beatle
|
2
24
|
include Walruz::Actor
|
3
25
|
include Walruz::Subject
|
@@ -9,8 +31,18 @@ class Beatle
|
|
9
31
|
def initialize(name)
|
10
32
|
@name = name
|
11
33
|
@songs = []
|
34
|
+
@invoke_helter_skelter = nil
|
12
35
|
@colaborations = []
|
13
36
|
end
|
37
|
+
|
38
|
+
def invoke_helter_skelter=(bool)
|
39
|
+
@invoke_helter_skellter = bool
|
40
|
+
end
|
41
|
+
|
42
|
+
def helter_skelter_mode?
|
43
|
+
!!@invoke_helter_skellter
|
44
|
+
end
|
45
|
+
|
14
46
|
|
15
47
|
def sing_the_song(song)
|
16
48
|
response = authorize!(:sing, song)
|
@@ -107,11 +139,23 @@ class ColaboratingWithJohnPolicy < Walruz::Policy
|
|
107
139
|
|
108
140
|
end
|
109
141
|
|
142
|
+
class HelterSkellterPolicy < Walruz::Policy
|
143
|
+
|
144
|
+
def authorized?(beatle, song)
|
145
|
+
if beatle == Beatle::PAUL && beatle.helter_skelter_mode?
|
146
|
+
halt("I wanna sing helter skellter!!! YEAAAHHH")
|
147
|
+
else
|
148
|
+
false
|
149
|
+
end
|
150
|
+
end
|
151
|
+
|
152
|
+
end
|
153
|
+
|
110
154
|
class Song
|
111
155
|
include Walruz::Subject
|
112
156
|
extend Walruz::Utils
|
113
157
|
|
114
|
-
check_authorizations :sing => any(AuthorPolicy, AuthorInColaborationPolicy),
|
158
|
+
check_authorizations :sing => any(HelterSkellterPolicy, AuthorPolicy, AuthorInColaborationPolicy),
|
115
159
|
:sell => all(AuthorPolicy, negate(AuthorInColaborationPolicy)),
|
116
160
|
:sing_with_john => ColaboratingWithJohnPolicy
|
117
161
|
attr_accessor :name
|
data/spec/walruz/actor_spec.rb
CHANGED
@@ -68,18 +68,18 @@ describe 'Walruz::Actor' do
|
|
68
68
|
describe '#can?' do
|
69
69
|
|
70
70
|
it "should be invoked only the first time and then return a cached solution" do
|
71
|
-
|
72
|
-
Beatle::JOHN.can?(:sing, Song::YELLOW_SUBMARINE,
|
71
|
+
Walruz::Manager.should_receive(:check_authorization).once.and_return([true, {}])
|
72
|
+
Beatle::JOHN.can?(:sing, Song::YELLOW_SUBMARINE, :reload)
|
73
73
|
Beatle::JOHN.can?(:sing, Song::YELLOW_SUBMARINE)
|
74
74
|
end
|
75
75
|
|
76
|
-
it "if a
|
77
|
-
|
76
|
+
it "if a :reload symbol is passed as the third parameter it should not use the cached result" do
|
77
|
+
Walruz::Manager.stub!(:check_authorization).and_return([true, {}])
|
78
78
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
79
79
|
|
80
|
-
|
80
|
+
Walruz::Manager.stub!(:check_authorization).and_return([false, {}])
|
81
81
|
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE).should be_true
|
82
|
-
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE,
|
82
|
+
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, :reload).should be_false
|
83
83
|
end
|
84
84
|
|
85
85
|
it "should receive at least 2 parameters" do
|
@@ -90,7 +90,7 @@ describe 'Walruz::Actor' do
|
|
90
90
|
|
91
91
|
it "should receive at most 3 parameters" do
|
92
92
|
lambda do
|
93
|
-
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE,
|
93
|
+
Beatle::JOHN.can?(:sing, Song::ALL_YOU_NEED_IS_LOVE, :reload, false)
|
94
94
|
end.should raise_error(ArgumentError)
|
95
95
|
end
|
96
96
|
|
@@ -144,4 +144,4 @@ describe 'Walruz::Actor' do
|
|
144
144
|
|
145
145
|
end
|
146
146
|
|
147
|
-
end
|
147
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/../../spec_helper"
|
2
|
+
|
3
|
+
describe Walruz::Memoization do
|
4
|
+
|
5
|
+
before(:each) do
|
6
|
+
@foo = Foo.new
|
7
|
+
end
|
8
|
+
|
9
|
+
it "should invoke the original method the first time" do
|
10
|
+
@foo.highcost.should == "This is the first time"
|
11
|
+
end
|
12
|
+
|
13
|
+
it "should invoke the memoized result the second time" do
|
14
|
+
@foo.highcost.should == "This is the first time"
|
15
|
+
@foo.highcost.should == "This is the first time"
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should invoke the method once memoized if and only if the reload parameter is given" do
|
19
|
+
@foo.highcost.should == "This is the first time"
|
20
|
+
@foo.highcost(:reload).should == "This is the second time"
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/../spec_helper"
|
2
|
+
|
3
|
+
describe Walruz::Manager do
|
4
|
+
|
5
|
+
describe "#check_authorization" do
|
6
|
+
|
7
|
+
it "should invoke the policies associated to an action on a subject performed by an actor" do
|
8
|
+
result = Walruz::Manager.check_authorization(Beatle::JOHN, :sing, Song::ALL_YOU_NEED_IS_LOVE)
|
9
|
+
result[0].should be_true
|
10
|
+
end
|
11
|
+
|
12
|
+
describe "when executing validations on an invalid subject" do
|
13
|
+
|
14
|
+
it "should raise an Walruz::AuthorizationActionsNotDefined error" do
|
15
|
+
lambda do
|
16
|
+
Walruz::Manager.check_authorization(Beatle::JOHN, :talk_with, Beatle::PAUL)
|
17
|
+
end.should raise_error(Walruz::AuthorizationActionsNotDefined)
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
|
24
|
+
|
25
|
+
end
|
data/spec/walruz/policy_spec.rb
CHANGED
@@ -58,5 +58,35 @@ describe Walruz::Policy do
|
|
58
58
|
end
|
59
59
|
|
60
60
|
end
|
61
|
+
|
62
|
+
describe "when using the halt method inside a policy" do
|
63
|
+
|
64
|
+
before(:each) do
|
65
|
+
Beatle::PAUL.invoke_helter_skelter = true
|
66
|
+
end
|
67
|
+
|
68
|
+
after(:each) do
|
69
|
+
Beatle::PAUL.invoke_helter_skelter = false
|
70
|
+
end
|
71
|
+
|
72
|
+
it "should raise a PolicyHalted exception" do
|
73
|
+
lambda do
|
74
|
+
Beatle::PAUL.authorize!(:sing, Song::YESTERDAY)
|
75
|
+
end.should raise_error(Walruz::NotAuthorized, "I wanna sing helter skellter!!! YEAAAHHH")
|
76
|
+
end
|
77
|
+
|
78
|
+
describe "on composed policies" do
|
79
|
+
|
80
|
+
before(:each) do
|
81
|
+
AuthorPolicy.should_not_receive(:new)
|
82
|
+
end
|
83
|
+
|
84
|
+
it "should not invoke any other policy" do
|
85
|
+
Beatle::PAUL.can?(:sing, Song::YESTERDAY)
|
86
|
+
end
|
87
|
+
|
88
|
+
end
|
89
|
+
|
90
|
+
end
|
61
91
|
|
62
|
-
end
|
92
|
+
end
|
data/spec/walruz/subject_spec.rb
CHANGED
@@ -2,23 +2,8 @@ require File.dirname(__FILE__) + '/../spec_helper'
|
|
2
2
|
|
3
3
|
describe Walruz::Subject do
|
4
4
|
|
5
|
-
it "should add a can_be? method" do
|
6
|
-
Song::A_DAY_IN_LIFE.should respond_to(:can_be?)
|
7
|
-
end
|
8
|
-
|
9
5
|
it "should add a class method called check_authorizations" do
|
10
6
|
Song.should respond_to(:check_authorizations)
|
11
7
|
end
|
12
8
|
|
13
|
-
|
14
|
-
describe "when executing validations on an invalid subject" do
|
15
|
-
|
16
|
-
it "should raise an Walruz::AuthorizationActionsNotDefined error" do
|
17
|
-
lambda do
|
18
|
-
Beatle::JOHN.can_be?(:talk_with, Beatle::PAUL)
|
19
|
-
end.should raise_error(Walruz::AuthorizationActionsNotDefined)
|
20
|
-
end
|
21
|
-
|
22
|
-
end
|
23
|
-
|
24
|
-
end
|
9
|
+
end
|
data/walruz.gemspec
ADDED
@@ -0,0 +1,76 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{walruz}
|
8
|
+
s.version = "0.0.8"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Roman Gonzalez"]
|
12
|
+
s.date = %q{2009-08-21}
|
13
|
+
s.email = %q{roman@noomi.com}
|
14
|
+
s.extra_rdoc_files = [
|
15
|
+
"LICENSE",
|
16
|
+
"README.rdoc"
|
17
|
+
]
|
18
|
+
s.files = [
|
19
|
+
".document",
|
20
|
+
".gitignore",
|
21
|
+
"CHANGELOG",
|
22
|
+
"LICENSE",
|
23
|
+
"README.rdoc",
|
24
|
+
"Rakefile",
|
25
|
+
"VERSION.yml",
|
26
|
+
"lib/walruz.rb",
|
27
|
+
"lib/walruz/actor.rb",
|
28
|
+
"lib/walruz/core_ext/array.rb",
|
29
|
+
"lib/walruz/core_ext/memoization.rb",
|
30
|
+
"lib/walruz/manager.rb",
|
31
|
+
"lib/walruz/policy.rb",
|
32
|
+
"lib/walruz/subject.rb",
|
33
|
+
"lib/walruz/utils.rb",
|
34
|
+
"spec/scenario.rb",
|
35
|
+
"spec/spec.opts",
|
36
|
+
"spec/spec_helper.rb",
|
37
|
+
"spec/walruz/actor_spec.rb",
|
38
|
+
"spec/walruz/core_ext/array_spec.rb",
|
39
|
+
"spec/walruz/core_ext/memoization_spec.rb",
|
40
|
+
"spec/walruz/manager_spec.rb",
|
41
|
+
"spec/walruz/policy_spec.rb",
|
42
|
+
"spec/walruz/subject_spec.rb",
|
43
|
+
"spec/walruz/utils_spec.rb",
|
44
|
+
"spec/walruz/walruz_spec.rb",
|
45
|
+
"walruz.gemspec"
|
46
|
+
]
|
47
|
+
s.has_rdoc = %q{yard}
|
48
|
+
s.homepage = %q{http://github.com/noomii/walruz}
|
49
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
50
|
+
s.require_paths = ["lib"]
|
51
|
+
s.rubyforge_project = %q{walruz}
|
52
|
+
s.rubygems_version = %q{1.3.5}
|
53
|
+
s.summary = %q{Walruz is a gem that provides an easy but powerful way to implement authorization policies in a system, relying on the composition of simple policies to create more complex ones.}
|
54
|
+
s.test_files = [
|
55
|
+
"spec/scenario.rb",
|
56
|
+
"spec/spec_helper.rb",
|
57
|
+
"spec/walruz/actor_spec.rb",
|
58
|
+
"spec/walruz/core_ext/array_spec.rb",
|
59
|
+
"spec/walruz/core_ext/memoization_spec.rb",
|
60
|
+
"spec/walruz/manager_spec.rb",
|
61
|
+
"spec/walruz/policy_spec.rb",
|
62
|
+
"spec/walruz/subject_spec.rb",
|
63
|
+
"spec/walruz/utils_spec.rb",
|
64
|
+
"spec/walruz/walruz_spec.rb"
|
65
|
+
]
|
66
|
+
|
67
|
+
if s.respond_to? :specification_version then
|
68
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
69
|
+
s.specification_version = 3
|
70
|
+
|
71
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
72
|
+
else
|
73
|
+
end
|
74
|
+
else
|
75
|
+
end
|
76
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: walruz
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Roman Gonzalez
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-08-21 00:00:00 -07:00
|
13
13
|
default_executable:
|
14
14
|
dependencies: []
|
15
15
|
|
@@ -23,6 +23,9 @@ extra_rdoc_files:
|
|
23
23
|
- LICENSE
|
24
24
|
- README.rdoc
|
25
25
|
files:
|
26
|
+
- .document
|
27
|
+
- .gitignore
|
28
|
+
- CHANGELOG
|
26
29
|
- LICENSE
|
27
30
|
- README.rdoc
|
28
31
|
- Rakefile
|
@@ -30,6 +33,8 @@ files:
|
|
30
33
|
- lib/walruz.rb
|
31
34
|
- lib/walruz/actor.rb
|
32
35
|
- lib/walruz/core_ext/array.rb
|
36
|
+
- lib/walruz/core_ext/memoization.rb
|
37
|
+
- lib/walruz/manager.rb
|
33
38
|
- lib/walruz/policy.rb
|
34
39
|
- lib/walruz/subject.rb
|
35
40
|
- lib/walruz/utils.rb
|
@@ -38,10 +43,13 @@ files:
|
|
38
43
|
- spec/spec_helper.rb
|
39
44
|
- spec/walruz/actor_spec.rb
|
40
45
|
- spec/walruz/core_ext/array_spec.rb
|
46
|
+
- spec/walruz/core_ext/memoization_spec.rb
|
47
|
+
- spec/walruz/manager_spec.rb
|
41
48
|
- spec/walruz/policy_spec.rb
|
42
49
|
- spec/walruz/subject_spec.rb
|
43
50
|
- spec/walruz/utils_spec.rb
|
44
51
|
- spec/walruz/walruz_spec.rb
|
52
|
+
- walruz.gemspec
|
45
53
|
has_rdoc: yard
|
46
54
|
homepage: http://github.com/noomii/walruz
|
47
55
|
licenses: []
|
@@ -66,7 +74,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
66
74
|
requirements: []
|
67
75
|
|
68
76
|
rubyforge_project: walruz
|
69
|
-
rubygems_version: 1.3.
|
77
|
+
rubygems_version: 1.3.5
|
70
78
|
signing_key:
|
71
79
|
specification_version: 3
|
72
80
|
summary: Walruz is a gem that provides an easy but powerful way to implement authorization policies in a system, relying on the composition of simple policies to create more complex ones.
|
@@ -75,6 +83,8 @@ test_files:
|
|
75
83
|
- spec/spec_helper.rb
|
76
84
|
- spec/walruz/actor_spec.rb
|
77
85
|
- spec/walruz/core_ext/array_spec.rb
|
86
|
+
- spec/walruz/core_ext/memoization_spec.rb
|
87
|
+
- spec/walruz/manager_spec.rb
|
78
88
|
- spec/walruz/policy_spec.rb
|
79
89
|
- spec/walruz/subject_spec.rb
|
80
90
|
- spec/walruz/utils_spec.rb
|