RubyGems - abilities - Versions diffs - 0.0.1 - Mend

abilities 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

checksums.yaml +7 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +85 -0
data/Rakefile +32 -0
data/lib/abilities.rb +25 -0
data/lib/abilities/action_controller/base.rb +20 -0
data/lib/abilities/action_view/base.rb +14 -0
data/lib/abilities/concern.rb +12 -0
data/lib/abilities/definitions.rb +54 -0
data/lib/abilities/exceptions.rb +3 -0
data/lib/abilities/proxy.rb +23 -0
data/lib/abilities/railtie.rb +14 -0
data/lib/abilities/version.rb +5 -0
data/lib/generators/abilities/install_generator.rb +13 -0
data/lib/generators/abilities/templates/abilities.rb +2 -0
data/test/changes_test.rb +12 -0
data/test/checking_test.rb +52 -0
data/test/controller_test.rb +38 -0
data/test/dummy/README.rdoc +28 -0
data/test/dummy/Rakefile +6 -0
data/test/dummy/app/assets/javascripts/application.js +13 -0
data/test/dummy/app/assets/stylesheets/application.css +15 -0
data/test/dummy/app/controllers/application_controller.rb +5 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/models/post.rb +3 -0
data/test/dummy/app/models/user.rb +2 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/bin/bundle +3 -0
data/test/dummy/bin/rails +4 -0
data/test/dummy/bin/rake +4 -0
data/test/dummy/config.ru +4 -0
data/test/dummy/config/application.rb +23 -0
data/test/dummy/config/boot.rb +5 -0
data/test/dummy/config/database.yml +25 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +37 -0
data/test/dummy/config/environments/production.rb +83 -0
data/test/dummy/config/environments/test.rb +39 -0
data/test/dummy/config/initializers/abilities.rb +8 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/test/dummy/config/initializers/inflections.rb +16 -0
data/test/dummy/config/initializers/mime_types.rb +4 -0
data/test/dummy/config/initializers/secret_token.rb +1 -0
data/test/dummy/config/initializers/session_store.rb +3 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +23 -0
data/test/dummy/config/routes.rb +56 -0
data/test/dummy/config/secrets.yml +22 -0
data/test/dummy/db/migrate/20140629203344_create_users.rb +11 -0
data/test/dummy/db/migrate/20140629203412_create_posts.rb +10 -0
data/test/dummy/db/schema.rb +31 -0
data/test/dummy/log/development.log +80 -0
data/test/dummy/log/test.log +4543 -0
data/test/dummy/public/404.html +67 -0
data/test/dummy/public/422.html +67 -0
data/test/dummy/public/500.html +66 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/generator_test.rb +18 -0
data/test/test_helper.rb +24 -0
data/test/view_test.rb +23 -0
metadata +186 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8dcaf769f98c1072413ffbd18e8a14668ce4d757
+  data.tar.gz: b6d76bf41fc236ab00c23e12d04313047761b5d3
+SHA512:
+  metadata.gz: 833a56e60b6484581beef76c1ea9894b2dec1b6418a3b85a9d65148a9f590cbdfa9b574221c7994501778677a1dd36bdb7b221ca81ab91c776cbcb3ec410e8cc
+  data.tar.gz: 59edbc899675ac1cadc1d3b9edb84898302c01ba958e838410f2aeab1542fc747578b6f71835b3f1c979f0b8440ce531e10e70a97344c57a4238680baa1510d7

data/MIT-LICENSE ADDED Viewed

@@ -0,0 +1,20 @@
+Copyright 2014 Museways
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc ADDED Viewed

@@ -0,0 +1,85 @@
+{<img src="https://badge.fury.io/rb/abilities.png" alt="Gem Version" />}[http://badge.fury.io/rb/abilities] {<img src="https://codeclimate.com/github/museways/abilities.png" />}[https://codeclimate.com/github/museways/abilities] {<img src="https://travis-ci.org/museways/abilities.png?branch=master" alt="Build Status" />}[https://travis-ci.org/museways/abilities]
+= Abilities
+Minimalistic cancan alternative for rails.
+= Install
+Put this line in your Gemfile:
+  gem 'abilities'
+Then bundle:
+  $ bundle
+= Configuration
+Generate the abilities initializer:
+  bundle exec rails g abilities:install
+Ensure there is a current_user helper available in your controllers and views:
+  class ApplicationController < ActionController::Base
+    helper :current_user
+    def current_user
+      @current_user ||= User.find_by(id: session[:user_id])
+    end
+  end
+= Usage
+== Defining
+All the abilities are defined in config/initializers/abilities.rb by can and cannot methods:
+  Abilities.define do
+    can :create, Post
+    cannot :destroy, User unless admin?
+    can :edit, Post do |post|
+      post.user == self
+    end
+  end
+== Loading
+If you want to load the abilities from the database you may do something like this:
+  permissions.each do |permission|
+    can premissions.action, permissions.subject
+  end
+== Checking
+=== Controllers
+With the authorize! method Abilities::AccessDenied is raised if authorization fails:
+  class PostsController < ApplicationController
+    def edit
+      @post = Post.find(params[:id])
+      authorize! :edit, @post
+    end
+  end
+If you don't want an exception to be raised use can? and cannot? helpers:
+  class UsersController < ApplicationController
+    def edit
+      @post = Post.find(params[:id])
+      if can? :edit, @post
+        @post.update post_params
+      else
+        # handle access denied
+      end
+    end
+  end
+=== Views
+The helpers can? and cannot? are available:
+  <% if can? :create, Post %>
+    <%= link_to new_post_path %>
+  <% end %>
+= Credits
+This gem is maintained and funded by museways[http://museways.com].
+= License
+It is free software, and may be redistributed under the terms specified in the MIT-LICENSE file.

data/Rakefile ADDED Viewed

@@ -0,0 +1,32 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+require 'rdoc/task'
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Abilities'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+Bundler::GemHelper.install_tasks
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+task default: :test

data/lib/abilities.rb ADDED Viewed

@@ -0,0 +1,25 @@
+require 'abilities/action_controller/base'
+require 'abilities/action_view/base'
+require 'abilities/proxy'
+require 'abilities/definitions'
+require 'abilities/exceptions'
+require 'abilities/concern'
+require 'abilities/railtie'
+module Abilities
+  class << self
+    def define(&block)
+      @block = block
+    end
+    def can?(actor, action, subject)
+      Definitions.new(actor, &@block).can?(action, subject)
+    end
+    def cannot?(*args)
+      !can?(*args)
+    end
+  end
+end

data/lib/abilities/action_controller/base.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Abilities
+  module ActionController
+    module Base
+      extend ActiveSupport::Concern
+      protected
+      %w(can? cannot?).each do |name|
+        define_method name do |action, subject|
+          Abilities.send name, current_user, action, subject
+        end
+      end
+      def authorize!(action, subject)
+        raise Abilities::AccessDenied unless can? action, subject
+      end
+    end
+  end
+end

data/lib/abilities/action_view/base.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module Abilities
+  module ActionView
+    module Base
+      extend ActiveSupport::Concern
+      %w(can? cannot?).each do |name|
+        define_method name do |action, subject|
+          Abilities.send name, current_user, action, subject
+        end
+      end
+    end
+  end
+end

data/lib/abilities/concern.rb ADDED Viewed

@@ -0,0 +1,12 @@
+module Abilities
+  module Concern
+    extend ActiveSupport::Concern
+    %w(can? cannot?).each do |name|
+      define_method name do |action, subject|
+        Abilities.send name, self, action, subject
+      end
+    end
+  end
+end

data/lib/abilities/definitions.rb ADDED Viewed

@@ -0,0 +1,54 @@
+module Abilities
+  class Definitions
+    def initialize(actor, &block)
+      @actor = actor
+      Proxy.new(actor, self, &block)
+    end
+    def add(actions, subjects, behavior, &block)
+      actions = [actions] unless actions.is_a? Array
+      subjects = [subjects] unless subjects.is_a? Array
+      subjects.each do |subject|
+        actions.each do |action|
+          (all[find_subject_class(subject)] ||= {})[action.to_s] = block_given? ? block : behavior
+        end
+      end
+    end
+    def can?(action, subject)
+      if actions = all[find_subject_class(subject)]
+        if behavior = actions[action.to_s]
+          if behavior.is_a? Proc
+            @actor.instance_exec subject, &behavior
+          else
+            behavior
+          end
+        else
+          false
+        end
+      else
+        false
+      end
+    end
+    def cannot?(*args)
+      !can?(*args)
+    end
+    protected
+    def all
+      @all ||= {}
+    end
+    def find_subject_class(subject)
+      if subject.is_a? Class
+        subject.name
+      else
+        subject.class.name
+      end
+    end
+  end
+end

data/lib/abilities/exceptions.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module Abilities
+  class AccessDenied < StandardError; end
+end

data/lib/abilities/proxy.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Abilities
+  class Proxy
+    def initialize(actor, definitions, &block)
+      @actor = actor
+      @definitions = definitions
+      instance_eval &block
+    end
+    def can(actions, subjects, &block)
+      @definitions.add actions, subjects, true, &block
+    end
+    def cannot(actions, subjects, &block)
+      @definitions.add actions, subjects, false, &block
+    end
+    def method_missing(name, *args, &block)
+      @actor.send name, *args, &block
+    end
+  end
+end

data/lib/abilities/railtie.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module Abilities
+  class Railtie < Rails::Railtie
+    initializer 'abilites' do
+      User rescue {}
+      if defined? User
+        User.send :include, Abilities::Concern
+      end
+      ::ActionView::Base.send :include, Abilities::ActionView::Base
+      ::ActionController::Base.send :include, Abilities::ActionController::Base
+    end
+  end
+end

data/lib/abilities/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Abilities
+  VERSION = '0.0.1'
+end

data/lib/generators/abilities/install_generator.rb ADDED Viewed

@@ -0,0 +1,13 @@
+require 'rails/generators'
+module Abilities
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path('../templates', __FILE__)
+    def create_capable_concern
+      copy_file 'abilities.rb', 'config/initializers/abilities.rb'
+    end
+  end
+end

data/lib/generators/abilities/templates/abilities.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ Abilities.define do
2	+ end

data/test/changes_test.rb ADDED Viewed

@@ -0,0 +1,12 @@
+require 'test_helper'
+class ChangesTest < ActiveSupport::TestCase
+  test "record changes" do
+    user = User.new
+    assert user.cannot?(:destroy, Post)
+    user.admin = true
+    assert user.can?(:destroy, Post)
+  end
+end

data/test/checking_test.rb ADDED Viewed

@@ -0,0 +1,52 @@
+require 'test_helper'
+class CheckingTest < ActiveSupport::TestCase
+  test "can definition with model" do
+    assert user.can?(:create, Post)
+    assert !user.cannot?(:create, Post)
+  end
+  test "can definition with instance" do
+    assert user.can?(:create, post)
+    assert !user.cannot?(:create, post)
+  end
+  test "cannot definition" do
+    assert user.cannot?('read', post)
+    assert !user.can?('read', post)
+  end
+  test "ability conditions" do
+    assert admin_user.can?(:destroy, post)
+    assert user.cannot?(:destroy, post)
+  end
+  test "ability block" do
+    assert user.can?(:update, post_with_user)
+  end
+  test "undefined definition" do
+    assert user.cannot?(:other, post)
+    assert user.cannot?(:other, post)
+  end
+  private
+  def post_with_user
+    @post_with_user ||= Post.new(user: user)
+  end
+  def post
+    @post ||= Post.new
+  end
+  def user
+    @user ||= User.new
+  end
+  def admin_user
+    @admin_user ||= User.new(admin: true)
+  end
+end

data/test/controller_test.rb ADDED Viewed

@@ -0,0 +1,38 @@
+require 'test_helper'
+class ControllerTest < ActiveSupport::TestCase
+  test "can helper" do
+    assert controller.send(:can?, :create, post)
+  end
+  test "cannot helper" do
+    assert controller.send(:cannot?, :read, post)
+  end
+  test "authorize helper" do
+    assert_nothing_raised do
+      controller.send :authorize!, :create, post
+    end
+    assert_raises Abilities::AccessDenied do
+      controller.send :authorize!, :read, post
+    end
+  end
+  private
+  def controller
+    @controller ||= ActionController::Base.new.tap do |controller|
+      controller.class_eval do
+        define_method :current_user do
+          @user ||= User.new
+        end
+      end
+    end
+  end
+  def post
+    @post ||= Post.new
+  end
+end