zeiv-declarative_authorization 1.0.0.pre
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG +189 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +632 -0
- data/Rakefile +53 -0
- data/app/controllers/authorization_rules_controller.rb +258 -0
- data/app/controllers/authorization_usages_controller.rb +22 -0
- data/app/helpers/authorization_rules_helper.rb +218 -0
- data/app/views/authorization_rules/_change.erb +58 -0
- data/app/views/authorization_rules/_show_graph.erb +44 -0
- data/app/views/authorization_rules/_suggestions.erb +48 -0
- data/app/views/authorization_rules/change.html.erb +169 -0
- data/app/views/authorization_rules/graph.dot.erb +68 -0
- data/app/views/authorization_rules/graph.html.erb +47 -0
- data/app/views/authorization_rules/index.html.erb +17 -0
- data/app/views/authorization_usages/index.html.erb +36 -0
- data/authorization_rules.dist.rb +20 -0
- data/config/routes.rb +20 -0
- data/garlic_example.rb +20 -0
- data/init.rb +5 -0
- data/lib/declarative_authorization.rb +19 -0
- data/lib/declarative_authorization/adapters/active_record.rb +13 -0
- data/lib/declarative_authorization/adapters/active_record/base_extensions.rb +0 -0
- data/lib/declarative_authorization/adapters/active_record/obligation_scope_builder.rb +0 -0
- data/lib/declarative_authorization/authorization.rb +798 -0
- data/lib/declarative_authorization/development_support/analyzer.rb +261 -0
- data/lib/declarative_authorization/development_support/change_analyzer.rb +253 -0
- data/lib/declarative_authorization/development_support/change_supporter.rb +620 -0
- data/lib/declarative_authorization/development_support/development_support.rb +243 -0
- data/lib/declarative_authorization/helper.rb +68 -0
- data/lib/declarative_authorization/in_controller.rb +703 -0
- data/lib/declarative_authorization/in_model.rb +188 -0
- data/lib/declarative_authorization/maintenance.rb +210 -0
- data/lib/declarative_authorization/obligation_scope.rb +361 -0
- data/lib/declarative_authorization/rails_legacy.rb +22 -0
- data/lib/declarative_authorization/railsengine.rb +6 -0
- data/lib/declarative_authorization/reader.rb +546 -0
- data/lib/generators/authorization/install/install_generator.rb +77 -0
- data/lib/generators/authorization/rules/rules_generator.rb +14 -0
- data/lib/generators/authorization/rules/templates/authorization_rules.rb +27 -0
- data/lib/tasks/authorization_tasks.rake +89 -0
- data/test/authorization_test.rb +1124 -0
- data/test/controller_filter_resource_access_test.rb +575 -0
- data/test/controller_test.rb +480 -0
- data/test/database.yml +3 -0
- data/test/dsl_reader_test.rb +178 -0
- data/test/helper_test.rb +247 -0
- data/test/maintenance_test.rb +46 -0
- data/test/model_test.rb +2008 -0
- data/test/schema.sql +56 -0
- data/test/test_helper.rb +255 -0
- metadata +95 -0
data/test/schema.sql
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
CREATE TABLE 'test_models' (
|
2
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
3
|
+
'test_attr_through_id' INTEGER,
|
4
|
+
'content' text,
|
5
|
+
'country_id' integer,
|
6
|
+
'created_at' datetime,
|
7
|
+
'updated_at' datetime
|
8
|
+
);
|
9
|
+
|
10
|
+
CREATE TABLE 'test_attrs' (
|
11
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
12
|
+
'test_model_id' integer,
|
13
|
+
'test_another_model_id' integer,
|
14
|
+
'test_a_third_model_id' integer,
|
15
|
+
'branch_id' integer,
|
16
|
+
'company_id' integer,
|
17
|
+
'test_attr_through_id' INTEGER,
|
18
|
+
'n_way_join_item_id' INTEGER,
|
19
|
+
'test_model_security_model_id' integer,
|
20
|
+
'attr' integer default 1
|
21
|
+
);
|
22
|
+
|
23
|
+
CREATE TABLE 'test_attr_throughs' (
|
24
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
25
|
+
'test_attr_id' integer
|
26
|
+
);
|
27
|
+
|
28
|
+
CREATE TABLE 'test_model_security_models' (
|
29
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
30
|
+
'attr' integer default 1,
|
31
|
+
'attr_2' integer default 1,
|
32
|
+
'test_attr_id' integer
|
33
|
+
);
|
34
|
+
|
35
|
+
CREATE TABLE 'n_way_join_items' (
|
36
|
+
'id' INTEGER PRIMARY KEY NOT NULL
|
37
|
+
);
|
38
|
+
|
39
|
+
CREATE TABLE 'branches' (
|
40
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
41
|
+
'company_id' integer,
|
42
|
+
'test_model_id' integer,
|
43
|
+
'name' text
|
44
|
+
);
|
45
|
+
|
46
|
+
CREATE TABLE 'companies' (
|
47
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
48
|
+
'country_id' integer,
|
49
|
+
'type' text,
|
50
|
+
'name' text
|
51
|
+
);
|
52
|
+
|
53
|
+
CREATE TABLE 'countries' (
|
54
|
+
'id' INTEGER PRIMARY KEY NOT NULL,
|
55
|
+
'name' text
|
56
|
+
);
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,255 @@
|
|
1
|
+
require 'pathname'
|
2
|
+
|
3
|
+
ENV['RAILS_ENV'] = 'test'
|
4
|
+
|
5
|
+
require 'bundler/setup'
|
6
|
+
begin
|
7
|
+
# rails 3
|
8
|
+
require 'rails/all'
|
9
|
+
rescue LoadError
|
10
|
+
# rails 2.3
|
11
|
+
%w(action_pack action_controller active_record active_support initializer).each {|f| require f}
|
12
|
+
end
|
13
|
+
Bundler.require
|
14
|
+
|
15
|
+
if Rails.version >= '4.1'
|
16
|
+
require 'minitest/autorun'
|
17
|
+
require 'test_support/minitest_compatibility'
|
18
|
+
else
|
19
|
+
require 'test/unit'
|
20
|
+
end
|
21
|
+
|
22
|
+
# rails 2.3 and ruby 1.9.3 fix
|
23
|
+
MissingSourceFile::REGEXPS.push([/^cannot load such file -- (.+)$/i, 1])
|
24
|
+
|
25
|
+
# Silence Rails 4 deprecation warnings in test suite
|
26
|
+
# TODO: Model.scoped is deprecated
|
27
|
+
# TODO: Eager loading Post.includes(:comments).where("comments.title = 'foo'") becomes Post.includes(:comments).where("comments.title = 'foo'").references(:comments)
|
28
|
+
# if Rails.version >= '4'
|
29
|
+
# ActiveSupport::Deprecation.silenced = true
|
30
|
+
# end
|
31
|
+
|
32
|
+
puts "Testing against rails #{Rails::VERSION::STRING}"
|
33
|
+
|
34
|
+
RAILS_ROOT = File.dirname(__FILE__)
|
35
|
+
|
36
|
+
DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
|
37
|
+
|
38
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
|
39
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
|
40
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
|
41
|
+
require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
|
42
|
+
|
43
|
+
begin
|
44
|
+
require 'ruby-debug'
|
45
|
+
rescue MissingSourceFile; end
|
46
|
+
|
47
|
+
|
48
|
+
class MockDataObject
|
49
|
+
def initialize (attrs = {})
|
50
|
+
attrs.each do |key, value|
|
51
|
+
instance_variable_set(:"@#{key}", value)
|
52
|
+
self.class.class_eval do
|
53
|
+
attr_reader key
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def self.descends_from_active_record?
|
59
|
+
true
|
60
|
+
end
|
61
|
+
|
62
|
+
def self.table_name
|
63
|
+
name.tableize
|
64
|
+
end
|
65
|
+
|
66
|
+
def self.name
|
67
|
+
"Mock"
|
68
|
+
end
|
69
|
+
|
70
|
+
def self.find(*args)
|
71
|
+
raise StandardError, "Couldn't find #{self.name} with id #{args[0].inspect}" unless args[0]
|
72
|
+
new :id => args[0]
|
73
|
+
end
|
74
|
+
|
75
|
+
def self.find_or_initialize_by(args)
|
76
|
+
raise StandardError, "Syntax error: find_or_initialize by expects a hash: User.find_or_initialize_by(:id => @user.id)" unless args.is_a?(Hash)
|
77
|
+
new :id => args[:id]
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
class MockUser < MockDataObject
|
82
|
+
def initialize (*roles)
|
83
|
+
options = roles.last.is_a?(::Hash) ? roles.pop : {}
|
84
|
+
super({:role_symbols => roles, :login => hash}.merge(options))
|
85
|
+
end
|
86
|
+
|
87
|
+
def initialize_copy (other)
|
88
|
+
@role_symbols = @role_symbols.clone
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
class MocksController < ActionController::Base
|
93
|
+
attr_accessor :current_user
|
94
|
+
attr_writer :authorization_engine
|
95
|
+
|
96
|
+
def authorized?
|
97
|
+
!!@authorized
|
98
|
+
end
|
99
|
+
|
100
|
+
def self.define_action_methods (*methods)
|
101
|
+
methods.each do |method|
|
102
|
+
define_method method do
|
103
|
+
@authorized = true
|
104
|
+
render :text => 'nothing'
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
def self.define_resource_actions
|
110
|
+
define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
|
111
|
+
end
|
112
|
+
|
113
|
+
def logger (*args)
|
114
|
+
Class.new do
|
115
|
+
def warn(*args)
|
116
|
+
#p args
|
117
|
+
end
|
118
|
+
alias_method :info, :warn
|
119
|
+
alias_method :debug, :warn
|
120
|
+
def warn?; end
|
121
|
+
alias_method :info?, :warn?
|
122
|
+
alias_method :debug?, :warn?
|
123
|
+
end.new
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
127
|
+
if Rails.version < "3"
|
128
|
+
ActiveRecord::Base.establish_connection({:adapter => 'sqlite3', :database => ':memory:'})
|
129
|
+
ActionController::Routing::Routes.draw do |map|
|
130
|
+
map.connect ':controller/:action/:id'
|
131
|
+
end
|
132
|
+
else
|
133
|
+
class TestApp
|
134
|
+
class Application < ::Rails::Application
|
135
|
+
config.secret_key_base = "testingpurposesonly"
|
136
|
+
config.active_support.deprecation = :stderr
|
137
|
+
database_path = File.expand_path('../database.yml', __FILE__)
|
138
|
+
if Rails.version.start_with? '3.0.'
|
139
|
+
config.paths.config.database database_path
|
140
|
+
else
|
141
|
+
config.paths['config/database'] = database_path
|
142
|
+
end
|
143
|
+
initialize!
|
144
|
+
end
|
145
|
+
end
|
146
|
+
class ApplicationController < ActionController::Base
|
147
|
+
end
|
148
|
+
#Rails::Application.routes.draw do
|
149
|
+
if Rails.version.start_with? '4'
|
150
|
+
Rails.application.routes.draw do
|
151
|
+
match '/name/spaced_things(/:action)' => 'name/spaced_things', :via => [:get, :post, :put, :patch, :delete]
|
152
|
+
match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things', :via => [:get, :post, :put, :patch, :delete]
|
153
|
+
match '/:controller(/:action(/:id))', :via => [:get, :post, :put, :patch, :delete]
|
154
|
+
end
|
155
|
+
class TestApp
|
156
|
+
class Application < ::Rails::Application
|
157
|
+
config.secret_key_base = 'thisstringdoesnothing'
|
158
|
+
end
|
159
|
+
end
|
160
|
+
else
|
161
|
+
Rails.application.routes.draw do
|
162
|
+
match '/name/spaced_things(/:action)' => 'name/spaced_things'
|
163
|
+
match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things'
|
164
|
+
match '/:controller(/:action(/:id))'
|
165
|
+
end
|
166
|
+
end
|
167
|
+
end
|
168
|
+
|
169
|
+
ActionController::Base.send :include, Authorization::AuthorizationInController
|
170
|
+
if Rails.version < "3"
|
171
|
+
require "action_controller/test_process"
|
172
|
+
end
|
173
|
+
|
174
|
+
|
175
|
+
if Rails.version < "4"
|
176
|
+
class Test::Unit::TestCase
|
177
|
+
include Authorization::TestHelper
|
178
|
+
|
179
|
+
def request! (user, action, reader, params = {})
|
180
|
+
action = action.to_sym if action.is_a?(String)
|
181
|
+
@controller.current_user = user
|
182
|
+
@controller.authorization_engine = Authorization::Engine.new(reader)
|
183
|
+
|
184
|
+
((params.delete(:clear) || []) + [:@authorized]).each do |var|
|
185
|
+
@controller.instance_variable_set(var, nil)
|
186
|
+
end
|
187
|
+
get action, params
|
188
|
+
end
|
189
|
+
|
190
|
+
unless Rails.version < "3"
|
191
|
+
def setup
|
192
|
+
#@routes = Rails::Application.routes
|
193
|
+
@routes = Rails.application.routes
|
194
|
+
end
|
195
|
+
end
|
196
|
+
end
|
197
|
+
|
198
|
+
elsif Rails.version < '4.1'
|
199
|
+
class Test::Unit::TestCase
|
200
|
+
include Authorization::TestHelper
|
201
|
+
end
|
202
|
+
|
203
|
+
class ActiveSupport::TestCase
|
204
|
+
include Authorization::TestHelper
|
205
|
+
|
206
|
+
def request! (user, action, reader, params = {})
|
207
|
+
action = action.to_sym if action.is_a?(String)
|
208
|
+
@controller.current_user = user
|
209
|
+
@controller.authorization_engine = Authorization::Engine.new(reader)
|
210
|
+
|
211
|
+
((params.delete(:clear) || []) + [:@authorized]).each do |var|
|
212
|
+
@controller.instance_variable_set(var, nil)
|
213
|
+
end
|
214
|
+
get action, params
|
215
|
+
end
|
216
|
+
|
217
|
+
unless Rails.version < "3"
|
218
|
+
def setup
|
219
|
+
#@routes = Rails::Application.routes
|
220
|
+
@routes = Rails.application.routes
|
221
|
+
end
|
222
|
+
end
|
223
|
+
end
|
224
|
+
else
|
225
|
+
module Test
|
226
|
+
module Unit
|
227
|
+
end
|
228
|
+
end
|
229
|
+
|
230
|
+
class Test::Unit::TestCase < Minitest::Test
|
231
|
+
include Authorization::TestHelper
|
232
|
+
end
|
233
|
+
|
234
|
+
class ActiveSupport::TestCase
|
235
|
+
include Authorization::TestHelper
|
236
|
+
|
237
|
+
def request! (user, action, reader, params = {})
|
238
|
+
action = action.to_sym if action.is_a?(String)
|
239
|
+
@controller.current_user = user
|
240
|
+
@controller.authorization_engine = Authorization::Engine.new(reader)
|
241
|
+
|
242
|
+
((params.delete(:clear) || []) + [:@authorized]).each do |var|
|
243
|
+
@controller.instance_variable_set(var, nil)
|
244
|
+
end
|
245
|
+
get action, params
|
246
|
+
end
|
247
|
+
|
248
|
+
unless Rails.version < "3"
|
249
|
+
def setup
|
250
|
+
#@routes = Rails::Application.routes
|
251
|
+
@routes = Rails.application.routes
|
252
|
+
end
|
253
|
+
end
|
254
|
+
end
|
255
|
+
end
|
metadata
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: zeiv-declarative_authorization
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0.pre
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Steffen Bartsch
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-05-29 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description:
|
14
|
+
email: sbartsch@tzi.org
|
15
|
+
executables: []
|
16
|
+
extensions: []
|
17
|
+
extra_rdoc_files:
|
18
|
+
- README.rdoc
|
19
|
+
- CHANGELOG
|
20
|
+
files:
|
21
|
+
- CHANGELOG
|
22
|
+
- MIT-LICENSE
|
23
|
+
- README.rdoc
|
24
|
+
- Rakefile
|
25
|
+
- app/controllers/authorization_rules_controller.rb
|
26
|
+
- app/controllers/authorization_usages_controller.rb
|
27
|
+
- app/helpers/authorization_rules_helper.rb
|
28
|
+
- app/views/authorization_rules/_change.erb
|
29
|
+
- app/views/authorization_rules/_show_graph.erb
|
30
|
+
- app/views/authorization_rules/_suggestions.erb
|
31
|
+
- app/views/authorization_rules/change.html.erb
|
32
|
+
- app/views/authorization_rules/graph.dot.erb
|
33
|
+
- app/views/authorization_rules/graph.html.erb
|
34
|
+
- app/views/authorization_rules/index.html.erb
|
35
|
+
- app/views/authorization_usages/index.html.erb
|
36
|
+
- authorization_rules.dist.rb
|
37
|
+
- config/routes.rb
|
38
|
+
- garlic_example.rb
|
39
|
+
- init.rb
|
40
|
+
- lib/declarative_authorization.rb
|
41
|
+
- lib/declarative_authorization/adapters/active_record.rb
|
42
|
+
- lib/declarative_authorization/adapters/active_record/base_extensions.rb
|
43
|
+
- lib/declarative_authorization/adapters/active_record/obligation_scope_builder.rb
|
44
|
+
- lib/declarative_authorization/authorization.rb
|
45
|
+
- lib/declarative_authorization/development_support/analyzer.rb
|
46
|
+
- lib/declarative_authorization/development_support/change_analyzer.rb
|
47
|
+
- lib/declarative_authorization/development_support/change_supporter.rb
|
48
|
+
- lib/declarative_authorization/development_support/development_support.rb
|
49
|
+
- lib/declarative_authorization/helper.rb
|
50
|
+
- lib/declarative_authorization/in_controller.rb
|
51
|
+
- lib/declarative_authorization/in_model.rb
|
52
|
+
- lib/declarative_authorization/maintenance.rb
|
53
|
+
- lib/declarative_authorization/obligation_scope.rb
|
54
|
+
- lib/declarative_authorization/rails_legacy.rb
|
55
|
+
- lib/declarative_authorization/railsengine.rb
|
56
|
+
- lib/declarative_authorization/reader.rb
|
57
|
+
- lib/generators/authorization/install/install_generator.rb
|
58
|
+
- lib/generators/authorization/rules/rules_generator.rb
|
59
|
+
- lib/generators/authorization/rules/templates/authorization_rules.rb
|
60
|
+
- lib/tasks/authorization_tasks.rake
|
61
|
+
- test/authorization_test.rb
|
62
|
+
- test/controller_filter_resource_access_test.rb
|
63
|
+
- test/controller_test.rb
|
64
|
+
- test/database.yml
|
65
|
+
- test/dsl_reader_test.rb
|
66
|
+
- test/helper_test.rb
|
67
|
+
- test/maintenance_test.rb
|
68
|
+
- test/model_test.rb
|
69
|
+
- test/schema.sql
|
70
|
+
- test/test_helper.rb
|
71
|
+
homepage: http://github.com/stffn/declarative_authorization
|
72
|
+
licenses: []
|
73
|
+
metadata: {}
|
74
|
+
post_install_message:
|
75
|
+
rdoc_options: []
|
76
|
+
require_paths:
|
77
|
+
- lib
|
78
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: 1.8.6
|
83
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
84
|
+
requirements:
|
85
|
+
- - ">"
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: 1.3.1
|
88
|
+
requirements: []
|
89
|
+
rubyforge_project:
|
90
|
+
rubygems_version: 2.4.7
|
91
|
+
signing_key:
|
92
|
+
specification_version: 4
|
93
|
+
summary: declarative_authorization is a Rails plugin for maintainable authorization
|
94
|
+
based on readable authorization rules.
|
95
|
+
test_files: []
|