zeiv-declarative_authorization 1.0.0.pre

data/test/schema.sql

@@ -0,0 +1,56 @@
+CREATE TABLE 'test_models' (
+  'id' INTEGER PRIMARY KEY NOT NULL,
+  'test_attr_through_id' INTEGER,
+  'content' text,
+  'country_id' integer,
+  'created_at' datetime, 
+  'updated_at' datetime
+);
+
+CREATE TABLE 'test_attrs' (
+  'id' INTEGER PRIMARY KEY NOT NULL, 
+  'test_model_id' integer,
+  'test_another_model_id' integer,
+  'test_a_third_model_id' integer,
+  'branch_id' integer,
+  'company_id' integer,
+  'test_attr_through_id' INTEGER,
+  'n_way_join_item_id' INTEGER,
+  'test_model_security_model_id' integer,
+  'attr' integer default 1
+);
+
+CREATE TABLE 'test_attr_throughs' (
+  'id' INTEGER PRIMARY KEY NOT NULL, 
+  'test_attr_id' integer
+);
+
+CREATE TABLE 'test_model_security_models' (
+  'id' INTEGER PRIMARY KEY NOT NULL, 
+  'attr' integer default 1, 
+  'attr_2' integer default 1,
+  'test_attr_id' integer
+);
+
+CREATE TABLE 'n_way_join_items' (
+  'id' INTEGER PRIMARY KEY NOT NULL
+);
+
+CREATE TABLE 'branches' (
+  'id' INTEGER PRIMARY KEY NOT NULL,
+  'company_id' integer,
+  'test_model_id' integer,
+  'name' text
+);
+
+CREATE TABLE 'companies' (
+  'id' INTEGER PRIMARY KEY NOT NULL,
+  'country_id' integer,
+  'type' text,
+  'name' text
+);
+
+CREATE TABLE 'countries' (
+  'id' INTEGER PRIMARY KEY NOT NULL,
+  'name' text
+);

data/test/test_helper.rb

@@ -0,0 +1,255 @@
+require 'pathname'
+
+ENV['RAILS_ENV'] = 'test'
+
+require 'bundler/setup'
+begin
+  # rails 3
+  require 'rails/all'
+rescue LoadError
+  # rails 2.3
+  %w(action_pack action_controller active_record active_support initializer).each {|f| require f}
+end
+Bundler.require
+
+if Rails.version >= '4.1'
+  require 'minitest/autorun'
+  require 'test_support/minitest_compatibility'
+else
+  require 'test/unit'
+end
+
+# rails 2.3 and ruby 1.9.3 fix
+MissingSourceFile::REGEXPS.push([/^cannot load such file -- (.+)$/i, 1])
+
+# Silence Rails 4 deprecation warnings in test suite
+# TODO: Model.scoped is deprecated
+# TODO: Eager loading Post.includes(:comments).where("comments.title = 'foo'") becomes Post.includes(:comments).where("comments.title = 'foo'").references(:comments)
+# if Rails.version >= '4'
+#   ActiveSupport::Deprecation.silenced = true
+# end
+
+puts "Testing against rails #{Rails::VERSION::STRING}"
+
+RAILS_ROOT = File.dirname(__FILE__)
+
+DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
+
+require DA_ROOT + File.join(%w{lib declarative_authorization rails_legacy})
+require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
+require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
+require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
+
+begin
+  require 'ruby-debug'
+rescue MissingSourceFile; end
+
+
+class MockDataObject
+  def initialize (attrs = {})
+    attrs.each do |key, value|
+      instance_variable_set(:"@#{key}", value)
+      self.class.class_eval do
+        attr_reader key
+      end
+    end
+  end
+  
+  def self.descends_from_active_record?
+    true
+  end
+
+  def self.table_name
+    name.tableize
+  end
+
+  def self.name
+    "Mock"
+  end
+  
+  def self.find(*args)
+    raise StandardError, "Couldn't find #{self.name} with id #{args[0].inspect}" unless args[0]
+    new :id => args[0]
+  end
+
+  def self.find_or_initialize_by(args)
+    raise StandardError, "Syntax error: find_or_initialize by expects a hash: User.find_or_initialize_by(:id => @user.id)" unless args.is_a?(Hash)
+    new :id => args[:id]
+  end
+end
+
+class MockUser < MockDataObject
+  def initialize (*roles)
+    options = roles.last.is_a?(::Hash) ? roles.pop : {}
+    super({:role_symbols => roles, :login => hash}.merge(options))
+  end
+
+  def initialize_copy (other)
+    @role_symbols = @role_symbols.clone
+  end
+end
+
+class MocksController < ActionController::Base
+  attr_accessor :current_user
+  attr_writer :authorization_engine
+  
+  def authorized?
+    !!@authorized
+  end
+  
+  def self.define_action_methods (*methods)
+    methods.each do |method|
+      define_method method do
+        @authorized = true
+        render :text => 'nothing'
+      end
+    end
+  end
+
+  def self.define_resource_actions
+    define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
+  end
+  
+  def logger (*args)
+    Class.new do 
+      def warn(*args)
+        #p args
+      end
+      alias_method :info, :warn
+      alias_method :debug, :warn
+      def warn?; end
+      alias_method :info?, :warn?
+      alias_method :debug?, :warn?
+    end.new
+  end
+end
+
+if Rails.version < "3"
+  ActiveRecord::Base.establish_connection({:adapter => 'sqlite3', :database => ':memory:'})
+  ActionController::Routing::Routes.draw do |map|
+    map.connect ':controller/:action/:id'
+  end
+else
+  class TestApp
+    class Application < ::Rails::Application
+      config.secret_key_base = "testingpurposesonly"
+      config.active_support.deprecation = :stderr
+      database_path = File.expand_path('../database.yml', __FILE__)
+      if Rails.version.start_with? '3.0.'
+        config.paths.config.database database_path
+      else
+        config.paths['config/database'] = database_path
+      end
+      initialize!
+    end
+  end
+  class ApplicationController < ActionController::Base
+  end
+  #Rails::Application.routes.draw do
+  if Rails.version.start_with? '4'
+    Rails.application.routes.draw do
+      match '/name/spaced_things(/:action)' => 'name/spaced_things', :via => [:get, :post, :put, :patch, :delete]
+      match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things', :via => [:get, :post, :put, :patch, :delete]
+      match '/:controller(/:action(/:id))', :via => [:get, :post, :put, :patch, :delete]
+    end
+    class TestApp
+      class Application < ::Rails::Application
+        config.secret_key_base = 'thisstringdoesnothing'
+      end
+    end
+  else
+    Rails.application.routes.draw do
+      match '/name/spaced_things(/:action)' => 'name/spaced_things'
+      match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things'
+      match '/:controller(/:action(/:id))'
+    end
+  end
+end
+
+ActionController::Base.send :include, Authorization::AuthorizationInController
+if Rails.version < "3"
+  require "action_controller/test_process"
+end
+
+
+if Rails.version < "4"
+  class Test::Unit::TestCase
+    include Authorization::TestHelper
+    
+    def request! (user, action, reader, params = {})
+      action = action.to_sym if action.is_a?(String)
+      @controller.current_user = user
+      @controller.authorization_engine = Authorization::Engine.new(reader)
+      
+      ((params.delete(:clear) || []) + [:@authorized]).each do |var|
+        @controller.instance_variable_set(var, nil)
+      end
+      get action, params
+    end
+
+    unless Rails.version < "3"
+      def setup
+        #@routes = Rails::Application.routes
+        @routes = Rails.application.routes
+      end
+    end
+  end
+
+elsif Rails.version < '4.1'
+  class Test::Unit::TestCase
+    include Authorization::TestHelper
+  end
+
+  class ActiveSupport::TestCase
+    include Authorization::TestHelper
+    
+    def request! (user, action, reader, params = {})
+      action = action.to_sym if action.is_a?(String)
+      @controller.current_user = user
+      @controller.authorization_engine = Authorization::Engine.new(reader)
+      
+      ((params.delete(:clear) || []) + [:@authorized]).each do |var|
+        @controller.instance_variable_set(var, nil)
+      end
+      get action, params
+    end
+
+    unless Rails.version < "3"
+      def setup
+        #@routes = Rails::Application.routes
+        @routes = Rails.application.routes
+      end
+    end
+  end
+else
+  module Test
+    module Unit
+    end
+  end
+
+  class Test::Unit::TestCase < Minitest::Test
+    include Authorization::TestHelper
+  end
+
+  class ActiveSupport::TestCase
+    include Authorization::TestHelper
+    
+    def request! (user, action, reader, params = {})
+      action = action.to_sym if action.is_a?(String)
+      @controller.current_user = user
+      @controller.authorization_engine = Authorization::Engine.new(reader)
+      
+      ((params.delete(:clear) || []) + [:@authorized]).each do |var|
+        @controller.instance_variable_set(var, nil)
+      end
+      get action, params
+    end
+
+    unless Rails.version < "3"
+      def setup
+        #@routes = Rails::Application.routes
+        @routes = Rails.application.routes
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,95 @@
+--- !ruby/object:Gem::Specification
+name: zeiv-declarative_authorization
+version: !ruby/object:Gem::Version
+  version: 1.0.0.pre
+platform: ruby
+authors:
+- Steffen Bartsch
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-05-29 00:00:00.000000000 Z
+dependencies: []
+description: 
+email: sbartsch@tzi.org
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.rdoc
+- CHANGELOG
+files:
+- CHANGELOG
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- app/controllers/authorization_rules_controller.rb
+- app/controllers/authorization_usages_controller.rb
+- app/helpers/authorization_rules_helper.rb
+- app/views/authorization_rules/_change.erb
+- app/views/authorization_rules/_show_graph.erb
+- app/views/authorization_rules/_suggestions.erb
+- app/views/authorization_rules/change.html.erb
+- app/views/authorization_rules/graph.dot.erb
+- app/views/authorization_rules/graph.html.erb
+- app/views/authorization_rules/index.html.erb
+- app/views/authorization_usages/index.html.erb
+- authorization_rules.dist.rb
+- config/routes.rb
+- garlic_example.rb
+- init.rb
+- lib/declarative_authorization.rb
+- lib/declarative_authorization/adapters/active_record.rb
+- lib/declarative_authorization/adapters/active_record/base_extensions.rb
+- lib/declarative_authorization/adapters/active_record/obligation_scope_builder.rb
+- lib/declarative_authorization/authorization.rb
+- lib/declarative_authorization/development_support/analyzer.rb
+- lib/declarative_authorization/development_support/change_analyzer.rb
+- lib/declarative_authorization/development_support/change_supporter.rb
+- lib/declarative_authorization/development_support/development_support.rb
+- lib/declarative_authorization/helper.rb
+- lib/declarative_authorization/in_controller.rb
+- lib/declarative_authorization/in_model.rb
+- lib/declarative_authorization/maintenance.rb
+- lib/declarative_authorization/obligation_scope.rb
+- lib/declarative_authorization/rails_legacy.rb
+- lib/declarative_authorization/railsengine.rb
+- lib/declarative_authorization/reader.rb
+- lib/generators/authorization/install/install_generator.rb
+- lib/generators/authorization/rules/rules_generator.rb
+- lib/generators/authorization/rules/templates/authorization_rules.rb
+- lib/tasks/authorization_tasks.rake
+- test/authorization_test.rb
+- test/controller_filter_resource_access_test.rb
+- test/controller_test.rb
+- test/database.yml
+- test/dsl_reader_test.rb
+- test/helper_test.rb
+- test/maintenance_test.rb
+- test/model_test.rb
+- test/schema.sql
+- test/test_helper.rb
+homepage: http://github.com/stffn/declarative_authorization
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.8.6
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.7
+signing_key: 
+specification_version: 4
+summary: declarative_authorization is a Rails plugin for maintainable authorization
+  based on readable authorization rules.
+test_files: []