Module: AuthorizationRulesHelper

Defined in:
app/helpers/authorization_rules_helper.rb

Instance Method Summary collapse

Instance Method Details

#auth_usage_info_classes(auth_info) ⇒ Object 



69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'app/helpers/authorization_rules_helper.rb', line 69

def auth_usage_info_classes (auth_info)
  classes = []
  if auth_info[:controller_permissions]
    if auth_info[:controller_permissions][0]
      classes << "catch-all" if auth_info[:controller_permissions][0].actions.include?(:all)
      classes << "default-privilege" unless auth_info[:controller_permissions][0].privilege
      classes << "default-context" unless auth_info[:controller_permissions][0].context
      classes << "no-attribute-check" unless auth_info[:controller_permissions][0].attribute_check
    end
  else
    classes << "unprotected"
  end
  classes * " "
end

#auth_usage_info_title(auth_info) ⇒ Object 



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
# File 'app/helpers/authorization_rules_helper.rb', line 84

def auth_usage_info_title (auth_info)
  titles = []
  if auth_usage_info_classes(auth_info) =~ /unprotected/
    titles << I18n.t(:no_filter_access_to_call_protects_this_action, :scope => [:declarative_authorization])
  end
  if auth_usage_info_classes(auth_info) =~ /no-attribute-check/
    titles << I18n.t(:action_is_not_protected_with_attribute_check, :scope => [:declarative_authorization])
  end
  if auth_usage_info_classes(auth_info) =~ /default-privilege/
    titles << I18n.t(:privilege_set_automatically_from_action_name_by_all_rule, :scope => [:declarative_authorization])
  end
  if auth_usage_info_classes(auth_info) =~ /default-context/
    titles << I18n.t(:context_set_automatically_from_controller_name_by_filter_access_to_call_without_context_option, :scope => [:declarative_authorization])
  end
  titles * ". "
end

#link_to_graph(title, options = {}) ⇒ Object 



41
42
43
44
 
# File 'app/helpers/authorization_rules_helper.rb', line 41

def link_to_graph (title, options = {})
  type = options[:type] || ''
  link_to_function title, "$$('object')[0].data = '#{url_for :action => 'index', :format => 'svg', :type => type}'"
end

#navigationObject 



46
47
48
49
50
51
52
 
# File 'app/helpers/authorization_rules_helper.rb', line 46

def navigation
  link_to(I18n.t(:rules, :scope => [:declarative_authorization]), authorization_rules_path) << ' | ' <<
  link_to(I18n.t(:graphical_view, :scope => [:declarative_authorization]), graph_authorization_rules_path) << ' | ' <<
  link_to(I18n.t(:usages, :scope => [:declarative_authorization]), authorization_usages_path) #<< ' | ' <<
#  'Edit | ' <<
#  link_to("XACML export", :action => 'index', :format => 'xacml')
end

#policy_analysis_hints(marked_up, policy_data) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'app/helpers/authorization_rules_helper.rb', line 25

def policy_analysis_hints (marked_up, policy_data)
  analyzer = Authorization::Analyzer.new(controller.authorization_engine)
  analyzer.analyze(policy_data)
  marked_up_by_line = marked_up.split("\n")
  reports_by_line = analyzer.reports.inject({}) do |memo, report|
    memo[report.line] ||= []
    memo[report.line] << report
    memo
  end
  reports_by_line.each do |line, reports|
    note = %Q{<span class="note" title="#{reports.first.type}: #{reports.first.message}">[i]</span>}
    marked_up_by_line[line - 1] = note + marked_up_by_line[line - 1]
  end
  marked_up_by_line * "\n"
end

#role_color(role, fill = false) ⇒ Object 



54
55
56
57
58
59
60
61
62
63
 
# File 'app/helpers/authorization_rules_helper.rb', line 54

def role_color (role, fill = false)
  fill_colors = %w{#ffdddd #ddffdd #ddddff #ffffdd #ffddff #ddffff}
  colors = %w{#dd0000 #00dd00 #0000dd #dddd00 #dd00dd #00dddd}
  @@role_colors ||= {}
  @@role_colors[role] ||= begin
    idx = @@role_colors.length % colors.length
    [colors[idx], fill_colors[idx]]
  end
  @@role_colors[role][fill ? 1 : 0]
end

#role_fill_color(role) ⇒ Object 



65
66
67
 
# File 'app/helpers/authorization_rules_helper.rb', line 65

def role_fill_color (role)
  role_color(role, true)
end

#syntax_highlight(rules) ⇒ Object 



2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'app/helpers/authorization_rules_helper.rb', line 2

def syntax_highlight (rules)
  regexps = {
    :constant => [/(:)(\w+)/], 
    :proc => ['role', 'authorization', 'privileges'],
    :statement => ['has_permission_on', 'if_attribute', 'includes', 'privilege', 'to'],
    :operator => ['is', 'contains'],
    :special => ['user', 'true', 'false'],
    :preproc => ['do', 'end', /()(=&gt;)/, /()(\{)/, /()(\})/, /()(\[)/, /()(\])/],
    :comment => [/()(#.*$)/]#,
    #:privilege => [:read],
    #:context => [:conferences]
  }
  regexps.each do |name, res|
    res.each do |re|
      rules.gsub!(
        re.is_a?(String) ? Regexp.new("(^|[^:])\\b(#{Regexp.escape(re)})\\b") :
           (re.is_a?(Symbol) ? Regexp.new("()(:#{Regexp.escape(re.to_s)})\\b") : re), 
        "\\1<span class=\"#{name}\">\\2</span>")
    end
  end
  rules
end