Permalink
Browse files

contexts added

  • Loading branch information...
1 parent 370a60f commit 2bb15ca81ceb0d38b4e2772cd5694184a0e7cda9 @unnitallman unnitallman committed Apr 16, 2012
View
4 .rvmrc
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+environment_id="ruby-1.9.3-p125"
+
@@ -9,7 +9,9 @@ module Matchers
require "acts_as_authoritah/access_rule"
require "acts_as_authoritah/access_control_list"
+require "acts_as_authoritah/acl_loader"
require "acts_as_authoritah/identifier_parser"
+require "acts_as_authoritah/errors.rb"
require 'spreadsheet'
Spreadsheet.client_encoding = 'UTF-8'
@@ -6,7 +6,7 @@
class ActsAsAuthoritah::AccessControlList
include ActsAsAuthoritah::Matchers
- attr_reader :store
+ attr_accessor :store
def initialize(access_rules)
@store = {}
@@ -29,4 +29,9 @@ def match_identifier(identifier)
match(identifier) || {}
end
+ def merge!(other_access_control_list)
+ store.merge!(other_access_control_list.store)
+ self
+ end
+
end
@@ -0,0 +1,23 @@
+class ActsAsAuthoritah::AclLoader
+ attr_reader :contexts, :acls
+
+ def initialize(path)
+ @path = path
+ @files = []
+ @contexts = []
+ Dir.glob(File.join(@path,"*.xls")).each{ |x|
+ @files << x
+ @contexts << File.split(x).last.split('.').first
+ }
+ @acls = {}
+ end
+
+ def load
+ @files.each_with_index do |file, i|
+ context = @contexts[i]
+ rules = ActsAsAuthoritah::SpreadsheetWrapper.new(file).to_access_rules
+ @acls[context.to_sym] = ActsAsAuthoritah::AccessControlList.new(rules)
+ end
+ @acls
+ end
+end
@@ -13,20 +13,29 @@ module Core
module InstanceMethods
def can?(identifier, options={})
klass = self.class
- h = klass.send(:default_acl).match_identifier(identifier)
+ context = (options[:context] && options[:context] != '') ? options[:context] : 'default'
+ raise ActsAsAuthoritah::InvalidContextError, "'#{context}' is not a valid context" unless klass.valid_contexts.include?(context)
+ h = klass.send(:get_acl, context.to_sym).match_identifier(identifier)
h.empty? ? !klass.send(:whitelist) : h[self.usertype(options)]
end
end
module ClassMethods
def acts_as_authoritah(path, options={})
- rules = ActsAsAuthoritah::SpreadsheetWrapper.new(path).to_access_rules
@@whitelist = options[:whitelist] ||= false
- @@default_acl = ActsAsAuthoritah::AccessControlList.new(rules)
+ loader = ActsAsAuthoritah::AclLoader.new(path)
+ @@contexts = loader.contexts
+ @@acls = loader.load
end
- def default_acl
- @@default_acl ||= ActsAsAuthoritah::AccessControlList.new(rules)
+ def valid_contexts
+ @@contexts
+ end
+
+ def get_acl(key = :default)
+ h = @@acls[key]
+ h = @@acls[:default].clone.merge!(@@acls[key]) unless key.eql?(:default)
+ h
end
def whitelist
@@ -0,0 +1,3 @@
+module ActsAsAuthoritah
+ class InvalidContextError < RuntimeError; end
+end
@@ -75,4 +75,27 @@
@acl.match_identifier("Admin::ProjectsController#create").should eq "c"
end
end
+
+ context "merge" do
+ before :each do
+ rules = [
+ ActsAsAuthoritah::AccessRule.new("Admin", nil, nil, "c"),
+ ActsAsAuthoritah::AccessRule.new("Admin", "Projects", nil, "d"),
+ ]
+ @acl1 = ActsAsAuthoritah::AccessControlList.new(rules)
+
+ rules = [
+ ActsAsAuthoritah::AccessRule.new("Admin", nil, nil, "C")
+ ]
+ @acl2 = ActsAsAuthoritah::AccessControlList.new(rules)
+ end
+
+ it "should merge two @acl2 into @acl1 overriding common rule using the one from @acl2" do
+ @acl1.store.should eq({"Admin"=>"c", "Admin::ProjectsController"=>"d"})
+ @acl2.store.should eq({"Admin"=>"C"})
+ @acl1.merge!(@acl2).store.should eq({"Admin"=>"C", "Admin::ProjectsController"=>"d"})
+ @acl1.store.should eq({"Admin"=>"C", "Admin::ProjectsController"=>"d"})
+ @acl2.store.should eq({"Admin"=>"C"})
+ end
+ end
end
@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+describe ActsAsAuthoritah::AclLoader do
+ before :each do
+ @acl_loader = ActsAsAuthoritah::AclLoader.new("spec/data/")
+ @acl_loader.load
+ end
+
+ it "should be able to get the list of contexts" do
+ @acl_loader.contexts.should eq ["archived", "default", "unpublished"]
+ end
+
+ it "should load the rules of 'archived' context" do
+ archived_rules = {"scope1::scope2::DummyController#edit"=>{"admin"=>true, "anonymous"=>false, "super_admin"=>true}, "scope3::scope4::AnotherController#update"=>{"admin"=>true, "anonymous"=>true, "super_admin"=>true}}
+ @acl_loader.acls[:archived].store.should eq archived_rules
+ end
+
+ it "should load all contexts" do
+ @acl_loader.acls.keys.size.should eq 3
+ end
+end
@@ -4,34 +4,54 @@
before :each do
class Foo
include ActsAsAuthoritah::Core
- acts_as_authoritah "spec/data/default.xls"
+ acts_as_authoritah "spec/data"
def usertype(options)
"admin"
end
end
end
- it "should work" do
- end
-
it "should be able to use 'can?' on instance of Foo class" do
Foo.new.should respond_to('can?')
end
- it "should be able to add 'default_acl' method to Foo class" do
- Foo.should respond_to('default_acl')
+ it "should be able to add 'get_acl' method to Foo class" do
+ Foo.should respond_to('get_acl')
+ end
+
+ it "should be able to get the default acl" do
+ Foo.get_acl(:default).should_not be_nil
end
it "should be able to use 'can?' on Foo to check access rights - case1" do
Foo.new.can?("scope1::scope2::DummyController#edit").should eq true
end
+ it "should be able to use 'can?' on Foo to check access rights - case2" do
+ Foo.new.can?("scope3::scope4::AnotherController#update").should eq false
+ end
+
+ it "should be able to use 'can?' with a context on Foo to check access rights - case3" do
+ Foo.new.can?("scope3::scope4::AnotherController#update", :context => 'archived').should eq true
+ end
+
+ it "should know the valid contexts" do
+ Foo.should respond_to('valid_contexts')
+ Foo.valid_contexts.should eq ["archived", "default", "unpublished"]
+ end
+
+ it "should raise 'InvalidContextError' if an invalid context is passed" do
+ lambda{
+ Foo.new.can?("scope3::scope4::AnotherController#update", :context => 'foobar')
+ }.should raise_error(ActsAsAuthoritah::InvalidContextError, "'foobar' is not a valid context")
+ end
+
context "whitelist=false" do
before :each do
class Foo
include ActsAsAuthoritah::Core
- acts_as_authoritah "spec/data/default.xls", :whitelist => false
+ acts_as_authoritah "spec/data", :whitelist => false
def usertype(options)
"admin"
@@ -48,7 +68,7 @@ def usertype(options)
before :each do
class Foo
include ActsAsAuthoritah::Core
- acts_as_authoritah "spec/data/default.xls", :whitelist => true
+ acts_as_authoritah "spec/data", :whitelist => true
def usertype(options)
"admin"
View
Binary file not shown.
View
Binary file not shown.
View
Binary file not shown.

0 comments on commit 2bb15ca

Please sign in to comment.