inossidabile / heimdallr Goto Github PK
View Code? Open in Web Editor NEWDeprecated in favor of Protector ⬆
Home Page: https://github.com/inossidabile/protector
License: MIT License
Deprecated in favor of Protector ⬆
Home Page: https://github.com/inossidabile/protector
License: MIT License
not sure if this applies to heimdallr
policies from readme, you can use the code if it applies
https://github.com/rilian/heimdallr/commit/413d29bee97773f7a21cb478646399b279dad7c8
# @method becomes
# @macro delegate
delegate :becomes, :to => :@record
I am trying to port over some security logic from CanCan. I am hitting a lot of complexity around disjunctions. E.g. some rules look like:
can :manage, User, :id => user.id
can :read, User, :developer => { :matches => { :project_listing => { :employer => { :user_id => user.id } } } }
can :read, User, :employer => { :project_listings => { :matches => { :team => { :developers => { :user_id => user.id } } } } }
can :read, User, :developer => { :teams => { :developers => { :user_id => user.id } } }
can :read, User, :admin => true
This becomes extremely unwieldy to combine all of the read permissions into a single fetch
scope. The workaround is to just use the default unrestricted fetch
scope and just set the can :view
permissions in code, but this seems slightly messy.
Any suggestions as to go about this?
Full trace:
krasnoukhov:smmify krasnoukhov$ rails c
/Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/activesupport-3.2.0/lib/active_support/dependencies.rb:251:in require': no such file to load -- heimdallr/resource (LoadError) from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/activesupport-3.2.0/lib/active_support/dependencies.rb:251:in
block in require'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/activesupport-3.2.0/lib/active_support/dependencies.rb:236:in load_dependency' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/activesupport-3.2.0/lib/active_support/dependencies.rb:251:in
require'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/bundler/gems/heimdallr-9525f62cafe3/lib/heimdallr.rb:48:in <top (required)>' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:68:in
require'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:68:in block (2 levels) in require' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:66:in
each'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:66:in block in require' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:55:in
each'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler/runtime.rb:55:in require' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/bundler-1.0.21/lib/bundler.rb:122:in
require'
from /Users/krasnoukhov/Sites/Freelance/Smmify/smmify/config/application.rb:7:in <top (required)>' from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/railties-3.2.0/lib/rails/commands.rb:39:in
require'
from /Users/krasnoukhov/.rvm/gems/ruby-1.9.2-p290/gems/railties-3.2.0/lib/rails/commands.rb:39:in <top (required)>' from script/rails:6:in
require'
from script/rails:6:in `
Is there mistake in dependencies?
My project is running Rails 3.2 and i've installed heimdallr from git.
I tried to use Heimdallr with Mongoid. Scoping seems to work well, but operations on the record level presumes ActiveRecord. How much effort, what it would need to add support for mongoid?
DEPRECATION WARNING: The InstanceMethods module inside ActiveSupport::Concern will be no longer included automatically. Please define instance methods directly in %module_name% instead.
I'm trying to use active_model_serializers, however it fails as misses active_model_serializer method.. and perhaps others as well.
As I see there are several methods delegated to the record. For active_record_serializers this would need to be extended or maybe possible to customize.
Probably heimdallr would be used in "implicit mode" with the serializers. Here I miss that restricted collections haven't implicit call. So Model.restrict(context).first
would return an instance which is view/serializing friendly, not failing on unrestricted access.
I know this is a probably a bit fuzzy "issue report", rather a question or an intention to find a way how to make model serializing working with heimdallr.
Consider the following class:
class Post < ActiveRecord::Base
include Heimdallr::Model
restrict do |user, record|
scope :fetch
scope :delete
can [:view, :create, :update]
end
def slug
title.parameterize
end
end
Even though everything is whitelisted, calling post.restrict(user).slug
raises a permission error because it is not an actual attribute and will not be automatically picked up by can
.
The current workaround is to use:
restrict do |user, record|
scope :fetch
scope :delete
can [:view, :create, :update]
can :view, [:slug]
end
But this becomes unwieldy for most models.
Does it make sense to refactor the proxy to authorize on read_attribute
and write_attribute
?
> Transaction.includes(:card).all
Transaction Load (59.6ms) SELECT "transactions".* FROM "transactions"
Card Load (2.7ms) SELECT "cards".* FROM "cards" WHERE "cards"."id" IN (...)
> Transaction.restrict(User.first).includes(:card).all
SQL (1.0ms) SELECT ... FROM "transactions" LEFT OUTER JOIN "cards" ON "cards"."id" = "transactions"."card_id" WHERE ...
please note in readme that Article should have default secrecy_level 0
otherwise
# If only a single value is possible, it is inferred automatically:
secure.create! content: "My second article"
# => Article(id: 4, owner: johndoe, content: "My second article", security_level: 0)
throws
/Users/xxx/.rvm/gems/ruby-1.9.3-p286@heimdallr_testing/gems/activerecord-3.2.8/lib/active_record/validations.rb:56:in `save!': Validation failed: Secrecy level is not included in the list (ActiveRecord::RecordInvalid)
from /Users/xxx/.rvm/gems/ruby-1.9.3-p286@heimdallr_testing/gems/activerecord-3.2.8/lib/active_record/attribute_methods/dirty.rb:33:in `save!'
At resource.rb:7 : in `resource_for'
Example:
(:quick_link).to_s.capitalize
=> "Quick_link"
This will not pass #constantize
This thread has started at #19
To ease usage of AR extensions we could add the method that "insecurely taps" current model relation with custom calls preserving security context. In fact we need an effective shortcut to this:
restricted_relation.insecure.other_relation('foo').restrict(context)
Possible notations:
restricted_relation.insecurely{|r| r.other_relation('foo')}
restricted_relation.insecurely(:other_relation, 'foo')
Are there any additional checks we should run between insecure
and restrict
calls? Like checking if we still have the same class/record or anything...
@whitequark @AlexanderPavlenko I'd like to hear from you.
Since for most cases we do not require level A security it would be handy to have availability to lower Heimdallr paranoia about managing associations.
We could have something like: config.heimdallr.allow_unrestricted_associations = true
which is true by default. If it's false Heimdallr should check associations and throw exception if you try to get something unrestricted from a restricted scope. Or it shouldn't otherwise.
Hi and thanks for the module!
Is it possible to restrict nested models which being updated using accepts_nested_attributes_for ? Restriction in the nested model itself seems to not working.
For example, I have Company class which can accept attributes of associated Beneficiary model (this is just copy-paste of subset of the module; I tried to remove all unnecessary fields and logic from there to simplify it as possible, so here may exist typos etc.):
class Company < ActiveRecord::Base
include Heimdallr::Model
attr_accessible :name, :beneficiaries_attributes
has_many :beneficiaries
accepts_nested_attributes_for :beneficiaries, :allow_destroy => true
restrict do |user, record|
scope :fetch
can [:view, :create, :update]
cannot :view, [:beneficiaries_attributes]
cannot :update, [:beneficiaries_attributes]
end
end
Also I have Beneficiary class itself with protected attributes (i.e. name):
class Beneficiary < ActiveRecord::Base
include Heimdallr::Model
attr_accessible :name, :comments
belongs_to :company
restrict do |user, record|
scope :fetch
can [:view, :create, :update]
cannot :view, [:name, :comments]
cannot :edit, [:name, :comments]
end
end
Also I have a view which deals with company beneficiaries.
And I found no way to restrict such updating. Restrictions in the nested model (Beneficiary) are ignored, and restrictions in the Company model (for beneficiaries_attributes) seems to not working.
I can make these attributes not shown in the view, but I can't prevent them from updating it the case when proper parameter hash was somehow created.
Is is correct that Heimdallr currently can't deal with this, or I just missed something?
Hello and thanks for great gem.
I'm using MetaSearch and want to restrict regular users in their searches. So I have a block for restrictions:
restrict do |user, record|
scope :fetch
scope :search
can :view
end
When I call this line, I get:
Model.restrict(current_user).search(params[:search])
#=> RuntimeError: There is no such scope as search
My investigation brought me to this line: https://github.com/roundlake/heimdallr/blob/master/lib/heimdallr/evaluator.rb#L51
So I can't find out, how to allow user to call search.
Guys,
Thanks for this awesome gem! However I have the following issue:
Showing app/views/accounts/index.html.erb where line #15 raised:
undefined method `model_name' for Heimdallr::Proxy::Record:Class
Extracted source (around line #15):
12: <tr>
13: <td><%= account.id %></td>
14: <td><%= account.name %></td>
15: <td><%= link_to 'Show', account %></td>
16: <td><%= link_to 'Edit', edit_account_path(account) %></td>
17: </tr>
18: <% end %>
rails -v: Rails 3.1.3
Hi!
What is the proper way to implement pagination on collection protected by Heimdallr?
Using will_paginate and trying to do:
@companies = Company.restrict(current_user).paginate(:page => @page)
I'm getting:
Heimdallr::InsecureOperationError in CompaniesController#index
Potentially insecure method paginate was called
I can deal with it using:
@records = Company.restrict(current_user).all
@companies = WillPaginate::Collection.create(@page, @per_page, @records.size) do |pager|
pager.replace(@records)
end
But I suppose this is not as efficient as it could be.
How do you deal with it?
Hello! I'm trying to rewrite my application from CanCan to Heimdallr.
I use the Ancestry gem (https://github.com/stefankroes/ancestry) in a User model. Users has a tree-like structure.
In CanCan I have:
node = User.accessible_by(current_ability).roots.arrange(:order => :created_at)
For Heimdallr I'm rewrited this line to:
node = User.restrict(current_user).roots.arrange(:order => :created_at)
... and got an exception:
Heimdallr::InsecureOperationError (Potentially insecure method arrange was called)
Is there any way to disable this potentially insecure method check? Or another suggestion.
Thanks in advance!
Gem is not compatible with ruby 1.8 due to 1.9 syntax sugar (lambda, json-style for hashes).
Heimdallr::PermissionError: Attempt to fetch non-whitelisted attribute build_bla_bla_association
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.