RubyGems - abilities - Versions diffs - 0.0.1 - Mend

abilities 0.0.1

Files changed (63) hide show

checksums.yaml +7 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +85 -0
data/Rakefile +32 -0
data/lib/abilities.rb +25 -0
data/lib/abilities/action_controller/base.rb +20 -0
data/lib/abilities/action_view/base.rb +14 -0
data/lib/abilities/concern.rb +12 -0
data/lib/abilities/definitions.rb +54 -0
data/lib/abilities/exceptions.rb +3 -0
data/lib/abilities/proxy.rb +23 -0
data/lib/abilities/railtie.rb +14 -0
data/lib/abilities/version.rb +5 -0
data/lib/generators/abilities/install_generator.rb +13 -0
data/lib/generators/abilities/templates/abilities.rb +2 -0
data/test/changes_test.rb +12 -0
data/test/checking_test.rb +52 -0
data/test/controller_test.rb +38 -0
data/test/dummy/README.rdoc +28 -0
data/test/dummy/Rakefile +6 -0
data/test/dummy/app/assets/javascripts/application.js +13 -0
data/test/dummy/app/assets/stylesheets/application.css +15 -0
data/test/dummy/app/controllers/application_controller.rb +5 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/models/post.rb +3 -0
data/test/dummy/app/models/user.rb +2 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/bin/bundle +3 -0
data/test/dummy/bin/rails +4 -0
data/test/dummy/bin/rake +4 -0
data/test/dummy/config.ru +4 -0
data/test/dummy/config/application.rb +23 -0
data/test/dummy/config/boot.rb +5 -0
data/test/dummy/config/database.yml +25 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +37 -0
data/test/dummy/config/environments/production.rb +83 -0
data/test/dummy/config/environments/test.rb +39 -0
data/test/dummy/config/initializers/abilities.rb +8 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/test/dummy/config/initializers/inflections.rb +16 -0
data/test/dummy/config/initializers/mime_types.rb +4 -0
data/test/dummy/config/initializers/secret_token.rb +1 -0
data/test/dummy/config/initializers/session_store.rb +3 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +23 -0
data/test/dummy/config/routes.rb +56 -0
data/test/dummy/config/secrets.yml +22 -0
data/test/dummy/db/migrate/20140629203344_create_users.rb +11 -0
data/test/dummy/db/migrate/20140629203412_create_posts.rb +10 -0
data/test/dummy/db/schema.rb +31 -0
data/test/dummy/log/development.log +80 -0
data/test/dummy/log/test.log +4543 -0
data/test/dummy/public/404.html +67 -0
data/test/dummy/public/422.html +67 -0
data/test/dummy/public/500.html +66 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/generator_test.rb +18 -0
data/test/test_helper.rb +24 -0
data/test/view_test.rb +23 -0
metadata +186 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8dcaf769f98c1072413ffbd18e8a14668ce4d757
+  data.tar.gz: b6d76bf41fc236ab00c23e12d04313047761b5d3
+SHA512:
+  metadata.gz: 833a56e60b6484581beef76c1ea9894b2dec1b6418a3b85a9d65148a9f590cbdfa9b574221c7994501778677a1dd36bdb7b221ca81ab91c776cbcb3ec410e8cc
+  data.tar.gz: 59edbc899675ac1cadc1d3b9edb84898302c01ba958e838410f2aeab1542fc747578b6f71835b3f1c979f0b8440ce531e10e70a97344c57a4238680baa1510d7

data/MIT-LICENSE ADDED Viewed

@@ -0,0 +1,20 @@
+Copyright 2014 Museways
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc ADDED Viewed

@@ -0,0 +1,85 @@
+{<img src="https://badge.fury.io/rb/abilities.png" alt="Gem Version" />}[http://badge.fury.io/rb/abilities] {<img src="https://codeclimate.com/github/museways/abilities.png" />}[https://codeclimate.com/github/museways/abilities] {<img src="https://travis-ci.org/museways/abilities.png?branch=master" alt="Build Status" />}[https://travis-ci.org/museways/abilities]
+= Abilities
+Minimalistic cancan alternative for rails.
+= Install
+Put this line in your Gemfile:
+  gem 'abilities'
+Then bundle:
+  $ bundle
+= Configuration
+Generate the abilities initializer:
+  bundle exec rails g abilities:install
+Ensure there is a current_user helper available in your controllers and views:
+  class ApplicationController < ActionController::Base
+    helper :current_user
+    def current_user
+      @current_user ||= User.find_by(id: session[:user_id])
+    end
+  end
+= Usage
+== Defining
+All the abilities are defined in config/initializers/abilities.rb by can and cannot methods:
+  Abilities.define do
+    can :create, Post
+    cannot :destroy, User unless admin?
+    can :edit, Post do |post|
+      post.user == self
+    end
+  end
+== Loading
+If you want to load the abilities from the database you may do something like this:
+  permissions.each do |permission|
+    can premissions.action, permissions.subject
+  end
+== Checking
+=== Controllers
+With the authorize! method Abilities::AccessDenied is raised if authorization fails:
+  class PostsController < ApplicationController
+    def edit
+      @post = Post.find(params[:id])
+      authorize! :edit, @post
+    end
+  end
+If you don't want an exception to be raised use can? and cannot? helpers:
+  class UsersController < ApplicationController
+    def edit
+      @post = Post.find(params[:id])
+      if can? :edit, @post
+        @post.update post_params
+      else
+        # handle access denied
+      end
+    end
+  end
+=== Views
+The helpers can? and cannot? are available:
+  <% if can? :create, Post %>
+    <%= link_to new_post_path %>
+  <% end %>
+= Credits
+This gem is maintained and funded by museways[http://museways.com].
+= License
+It is free software, and may be redistributed under the terms specified in the MIT-LICENSE file.

data/Rakefile ADDED Viewed

@@ -0,0 +1,32 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+require 'rdoc/task'
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Abilities'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+Bundler::GemHelper.install_tasks
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+task default: :test

data/lib/abilities.rb ADDED Viewed

@@ -0,0 +1,25 @@
+require 'abilities/action_controller/base'
+require 'abilities/action_view/base'
+require 'abilities/proxy'
+require 'abilities/definitions'
+require 'abilities/exceptions'
+require 'abilities/concern'
+require 'abilities/railtie'
+module Abilities
+  class << self
+    def define(&block)
+      @block = block
+    end
+    def can?(actor, action, subject)
+      Definitions.new(actor, &@block).can?(action, subject)
+    end
+    def cannot?(*args)
+      !can?(*args)
+    end
+  end
+end

data/lib/abilities/action_controller/base.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Abilities
+  module ActionController
+    module Base
+      extend ActiveSupport::Concern
+      protected
+      %w(can? cannot?).each do |name|
+        define_method name do |action, subject|
+          Abilities.send name, current_user, action, subject
+        end
+      end
+      def authorize!(action, subject)
+        raise Abilities::AccessDenied unless can? action, subject
+      end
+    end
+  end
+end

data/lib/abilities/action_view/base.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module Abilities
+  module ActionView
+    module Base
+      extend ActiveSupport::Concern
+      %w(can? cannot?).each do |name|
+        define_method name do |action, subject|
+          Abilities.send name, current_user, action, subject
+        end
+      end
+    end
+  end
+end

data/lib/abilities/concern.rb ADDED Viewed

@@ -0,0 +1,12 @@
+module Abilities
+  module Concern
+    extend ActiveSupport::Concern
+    %w(can? cannot?).each do |name|
+      define_method name do |action, subject|
+        Abilities.send name, self, action, subject
+      end
+    end
+  end
+end

data/lib/abilities/definitions.rb ADDED Viewed

@@ -0,0 +1,54 @@
+module Abilities
+  class Definitions
+    def initialize(actor, &block)
+      @actor = actor
+      Proxy.new(actor, self, &block)
+    end
+    def add(actions, subjects, behavior, &block)
+      actions = [actions] unless actions.is_a? Array
+      subjects = [subjects] unless subjects.is_a? Array
+      subjects.each do |subject|
+        actions.each do |action|
+          (all[find_subject_class(subject)] ||= {})[action.to_s] = block_given? ? block : behavior
+        end
+      end
+    end
+    def can?(action, subject)
+      if actions = all[find_subject_class(subject)]
+        if behavior = actions[action.to_s]
+          if behavior.is_a? Proc
+            @actor.instance_exec subject, &behavior
+          else
+            behavior
+          end
+        else
+          false
+        end
+      else
+        false
+      end
+    end
+    def cannot?(*args)
+      !can?(*args)
+    end
+    protected
+    def all
+      @all ||= {}
+    end
+    def find_subject_class(subject)
+      if subject.is_a? Class
+        subject.name
+      else
+        subject.class.name
+      end
+    end
+  end
+end

data/lib/abilities/exceptions.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module Abilities
+  class AccessDenied < StandardError; end
+end

data/lib/abilities/proxy.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Abilities
+  class Proxy
+    def initialize(actor, definitions, &block)
+      @actor = actor
+      @definitions = definitions
+      instance_eval &block
+    end
+    def can(actions, subjects, &block)
+      @definitions.add actions, subjects, true, &block
+    end
+    def cannot(actions, subjects, &block)
+      @definitions.add actions, subjects, false, &block
+    end
+    def method_missing(name, *args, &block)
+      @actor.send name, *args, &block
+    end
+  end
+end

data/lib/abilities/railtie.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module Abilities
+  class Railtie < Rails::Railtie
+    initializer 'abilites' do
+      User rescue {}
+      if defined? User
+        User.send :include, Abilities::Concern
+      end
+      ::ActionView::Base.send :include, Abilities::ActionView::Base
+      ::ActionController::Base.send :include, Abilities::ActionController::Base
+    end
+  end
+end

data/lib/abilities/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Abilities
+  VERSION = '0.0.1'
+end

data/lib/generators/abilities/install_generator.rb ADDED Viewed

@@ -0,0 +1,13 @@
+require 'rails/generators'
+module Abilities
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path('../templates', __FILE__)
+    def create_capable_concern
+      copy_file 'abilities.rb', 'config/initializers/abilities.rb'
+    end
+  end
+end

data/lib/generators/abilities/templates/abilities.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ Abilities.define do
2	+ end

data/test/changes_test.rb ADDED Viewed

@@ -0,0 +1,12 @@
+require 'test_helper'
+class ChangesTest < ActiveSupport::TestCase
+  test "record changes" do
+    user = User.new
+    assert user.cannot?(:destroy, Post)
+    user.admin = true
+    assert user.can?(:destroy, Post)
+  end
+end

data/test/checking_test.rb ADDED Viewed

@@ -0,0 +1,52 @@
+require 'test_helper'
+class CheckingTest < ActiveSupport::TestCase
+  test "can definition with model" do
+    assert user.can?(:create, Post)
+    assert !user.cannot?(:create, Post)
+  end
+  test "can definition with instance" do
+    assert user.can?(:create, post)
+    assert !user.cannot?(:create, post)
+  end
+  test "cannot definition" do
+    assert user.cannot?('read', post)
+    assert !user.can?('read', post)
+  end
+  test "ability conditions" do
+    assert admin_user.can?(:destroy, post)
+    assert user.cannot?(:destroy, post)
+  end
+  test "ability block" do
+    assert user.can?(:update, post_with_user)
+  end
+  test "undefined definition" do
+    assert user.cannot?(:other, post)
+    assert user.cannot?(:other, post)
+  end
+  private
+  def post_with_user
+    @post_with_user ||= Post.new(user: user)
+  end
+  def post
+    @post ||= Post.new
+  end
+  def user
+    @user ||= User.new
+  end
+  def admin_user
+    @admin_user ||= User.new(admin: true)
+  end
+end

data/test/controller_test.rb ADDED Viewed

@@ -0,0 +1,38 @@
+require 'test_helper'
+class ControllerTest < ActiveSupport::TestCase
+  test "can helper" do
+    assert controller.send(:can?, :create, post)
+  end
+  test "cannot helper" do
+    assert controller.send(:cannot?, :read, post)
+  end
+  test "authorize helper" do
+    assert_nothing_raised do
+      controller.send :authorize!, :create, post
+    end
+    assert_raises Abilities::AccessDenied do
+      controller.send :authorize!, :read, post
+    end
+  end
+  private
+  def controller
+    @controller ||= ActionController::Base.new.tap do |controller|
+      controller.class_eval do
+        define_method :current_user do
+          @user ||= User.new
+        end
+      end
+    end
+  end
+  def post
+    @post ||= Post.new
+  end
+end