RubyGems - abilities - Versions diffs - 0.1.2 → 4.0.0.0 - Mend

abilities 0.1.2 → 4.0.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 73ae248bbe708f9a398a788c4db88773f66bbf08
-  data.tar.gz: c59fcc7224d4493496754293d535d2e35e28a5b4
+  metadata.gz: d2bc9ac0cfbd40fc108a5cd619f54e7844096292
+  data.tar.gz: 1e8aa0c9839cad844c4b540e663124e070cbfe63
 SHA512:
-  metadata.gz: ad7edc77a9356754a83df963fa96ff53fb677e89a3cbab259b68465973bbf581b594cf40c52fcd0edf663be587471816e3628943ec2940f94a50b7221f941687
-  data.tar.gz: 55d7a75da416b82320cb3fb36c5d8499ed478485d03baf4c5aab7ed74e06d0e34c37d66e42d1f4a083fdca262346a03712a2b2ea26f1409c85f92310da14f47a
+  metadata.gz: 1b83c49c8ce1332ca10d8b9dcee7d1415572ed39cc849a2801b5970176fc3b8f5095d822d4fa8560f53b8133f568bd403e98b763df67456c075e3a79910a5e32
+  data.tar.gz: 32d1b4733cf942cf5247110c5790b9c093eb7212febdf11ca1d0ec8f17f44b7ec32710f4e9907dabe3ce1753f9706c1b4c171ad3f6fb7d88fc54c2b4935fc3e5

data/MIT-LICENSE CHANGED

@@ -1,4 +1,4 @@
-Copyright 2015 Mathías Montossi
+Copyright 2016 Mathías Montossi
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md CHANGED

@@ -5,7 +5,14 @@
 # Abilities
-Minimalistic authorization inspired in cancan for rails.
+Authorization dsl to manage permissions in rails.
+## Why
+I did this gem to:
+- Use a dsl instead of a plain class to simplify the syntax.
+- Limit authorizations to only controllers and their views.
 ## Install
@@ -21,65 +28,45 @@ $ bundle
 ## Configuration
-Generate the abilities configuration file:
+Generate the definitions file:
 ```
 bundle exec rails g abilities:install
 ```
-Define the user fetcher for your controllers and views:
+Ensure there is a current_user method in your controllers:
 ```ruby
-Abilities.configure do |config|
-  config.fetcher do
-    current_user
+class ApplicationController < ActionController::Base
+  def current_user
+    @current_user ||= User.find(session[:user_id])
   end
 end
 ```
-Add the abilities concern to the model if you want to call can? and cannot? in the user instance:
-```ruby
-class User < ActiveRecord::Base
-  include Abilities::Concern
-end
-```
 ## Usage
-### Defining
+### Definitions
-All the abilities are defined in config/abilities.rb by can and cannot methods:
+Use can and cannot methods to define the policies:
 ```ruby
 Abilities.define do
-  can :create, Post
-  cannot :destroy, User unless admin?
-  can :edit, Post do |subject|
-    subject.user == self
+  can :view, :any
+  can :manage, User do |user|
+    user == self
   end
-  can :manage, User
-  can :touch, :all
+  can :detroy, Product if admin?
 end
 ```
-If you want to load the abilities from the database you may do something like this:
-```ruby
-Abilities.define do
-  permissions.each do |permission|
-    can premissions.action, permissions.subject
-  end
-end
-```
+NOTE: Methods besides can and cannot are sent to the current_user.
-NOTE: Any method besides can and cannot references the user instance.
-### Checking
-#### Controllers
+### Controllers
 With the authorize! method Abilities::AccessDenied is raised if authorization fails:
 ```ruby
-class PostsController < ApplicationController
+class UsersController < ApplicationController
   def edit
-    @post = Post.find(params[:id])
-    authorize! :edit, @post
+    @user = User.find(params[:id])
+    authorize! :edit, @user
   end
 end
 ```
@@ -88,9 +75,9 @@ If you don't want an exception to be raised use can? and cannot? helpers:
 ```ruby
 class UsersController < ApplicationController
   def edit
-    @post = Post.find(params[:id])
-    if can? :edit, @post
-      @post.update post_params
+    @user = User.find(params[:id])
+    if can?(:edit, @user)
+      @user.update post_params
     else
       # handle access denied
     end
@@ -98,12 +85,12 @@ class UsersController < ApplicationController
 end
 ```
-#### Views
+### Views
-The helpers can? and cannot? are available here too:
+The helpers can? and cannot? are available in the controller views too:
 ```erb
-<% if can? :create, Post %>
-  <%= link_to new_post_path %>
+<% if can?(:detroy, @product) %>
+  <%= link_to product_path(@product), method: 'delete' %>
 <% end %>
 ```

data/Rakefile CHANGED

@@ -4,19 +4,6 @@ rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
-require 'rdoc/task'
-RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'Abilities'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('README.rdoc')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
 Bundler::GemHelper.install_tasks
 require 'rake/testtask'
@@ -26,7 +13,7 @@ Rake::TestTask.new(:test) do |t|
   t.libs << 'test'
   t.pattern = 'test/**/*_test.rb'
   t.verbose = false
+  t.warning = false
 end
 task default: :test

data/lib/abilities.rb CHANGED

@@ -1,33 +1,24 @@
-require 'abilities/action_controller/base'
-require 'abilities/action_view/base'
-require 'abilities/proxy'
-require 'abilities/configuration'
+require 'abilities/extensions/action_controller/base'
 require 'abilities/definitions'
 require 'abilities/exceptions'
-require 'abilities/concern'
+require 'abilities/proxy'
 require 'abilities/railtie'
+require 'abilities/version'
 module Abilities
   class << self
-    def configure
-      yield configuration
-    end
-    def configuration
-      @configuration ||= Configuration.new
-    end
+    attr_reader :block
     def define(&block)
       @block = block
     end
-    def can?(actor, action, subject)
-      Definitions.new(actor, &@block).can?(action, subject)
-    end
-    def cannot?(*args)
-      !can?(*args)
+    %i(can? cannot?).each do |name|
+      define_method name do |user, action, resource|
+        definitions = Definitions.new(user, &block)
+        definitions.send name, action, resource
+      end
     end
   end

data/lib/abilities/definitions.rb CHANGED

@@ -1,31 +1,23 @@
 module Abilities
   class Definitions
-    def initialize(actor, &block)
-      @actor = actor
-      Proxy.new(actor, self, &block)
-    end
+    attr_reader :user
-    def add(actions, subjects, behavior, &block)
-      actions = [actions] unless actions.is_a? Array
-      subjects = [subjects] unless subjects.is_a? Array
-      subjects.each do |subject|
-        actions.each do |action|
-          (all[find_subject_id(subject)] ||= {})[action.to_s] = block_given? ? block : behavior
-        end
-      end
+    def initialize(user, &block)
+      @user = user
+      Proxy.new self, &block
     end
-    def can?(action, subject)
-      subject_id = find_subject_id(subject)
-      if subject_id != 'all' and can?(action, 'all')
+    def can?(action, resource)
+      id = resource_id(resource)
+      if id != :any && can?(action, :any)
         true
-      elsif actions = all[subject_id]
-        if behavior = (actions[action.to_s] || actions['manage'])
-          if behavior.is_a? Proc
-            @actor.instance_exec subject, &behavior
+      elsif actions = registry[id]
+        if policy = (actions[action] || actions[:manage])
+          if policy.is_a?(Proc)
+            user.instance_exec resource, &policy
           else
-            behavior
+            policy
           end
         else
           false
@@ -39,19 +31,36 @@ module Abilities
       !can?(*args)
     end
-    protected
+    def add(actions, resources, policy)
+      unless actions.is_a?(Array)
+        actions = [actions]
+      end
+      unless resources.is_a?(Array)
+        resources = [resources]
+      end
+      resources.each do |resource|
+        actions.each do |action|
+          id = resource_id(resource)
+          registry[id] ||= {}
+          registry[id][action] = policy
+        end
+      end
+    end
+    private
-    def all
-      @all ||= {}
+    def registry
+      @registry ||= {}
     end
-    def find_subject_id(subject)
-      if subject.to_s == 'all'
-        subject.to_s
-      elsif subject.is_a? Class
-        subject.name
+    def resource_id(resource)
+      case resource
+      when :any
+        resource
+      when Class
+        resource.name.underscore.to_sym
       else
-        subject.class.name
+        resource.class.name.underscore.to_sym
       end
     end

data/lib/abilities/extensions/action_controller/base.rb ADDED

@@ -0,0 +1,28 @@
+module Abilities
+  module Extensions
+    module ActionController
+      module Base
+        extend ActiveSupport::Concern
+        included do
+          helper_method :can?, :cannot?
+        end
+        %w(can? cannot?).each do |name|
+          define_method name do |action, resource|
+            Abilities.send name, current_user, action, resource
+          end
+        end
+        private
+        def authorize!(action, subject)
+          if cannot?(action, subject)
+            raise Abilities::AccessDenied
+          end
+        end
+      end
+    end
+  end
+end

data/lib/abilities/proxy.rb CHANGED

@@ -1,22 +1,21 @@
 module Abilities
   class Proxy
-    def initialize(actor, definitions, &block)
-      @actor = actor
+    def initialize(definitions, &block)
       @definitions = definitions
       instance_eval &block
     end
-    def can(actions, subjects, &block)
-      @definitions.add actions, subjects, true, &block
+    def can(actions, resources, &block)
+      @definitions.add actions, resources, (block_given? ? block : true)
     end
-    def cannot(actions, subjects, &block)
-      @definitions.add actions, subjects, false, &block
+    def cannot(actions, resources, &block)
+      @definitions.add actions, resources, (block_given? ? block : false)
     end
     def method_missing(name, *args, &block)
-      @actor.send name, *args, &block
+      @definitions.user.send name, *args, &block
     end
   end

data/lib/abilities/railtie.rb CHANGED

@@ -1,9 +1,10 @@
 module Abilities
   class Railtie < Rails::Railtie
-    initializer 'abilites' do
-      ::ActionView::Base.send :include, Abilities::ActionView::Base
-      ::ActionController::Base.send :include, Abilities::ActionController::Base
+    initializer 'abilites.extensions' do
+      ::ActionController::Base.include(
+        Abilities::Extensions::ActionController::Base
+      )
     end
     config.after_initialize do

data/lib/abilities/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Abilities
-  VERSION = '0.1.2'
+  VERSION = '4.0.0.0'
 end

data/lib/generators/abilities/install/install_generator.rb ADDED

@@ -0,0 +1,15 @@
+require 'rails/generators'
+module Abilities
+  module Generators
+    class InstallGenerator < ::Rails::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+      def create_configuration_file
+        copy_file 'configuration.rb', 'config/abilities.rb'
+      end
+    end
+  end
+end

data/lib/generators/abilities/{templates/abilities.rb → install/templates/configuration.rb} RENAMED

File without changes

data/test/dummy/Rakefile CHANGED

@@ -2,5 +2,4 @@
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
 require File.expand_path('../config/application', __FILE__)
 Rails.application.load_tasks

data/test/dummy/app/assets/javascripts/application.js CHANGED

@@ -2,12 +2,12 @@
 // listed below.
 //
 // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
 //
 // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
 // compiled file.
 //
-// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
 // about supported directives.
 //
 //= require_tree .

data/test/dummy/app/assets/stylesheets/application.css CHANGED

@@ -3,7 +3,7 @@
  * listed below.
  *
  * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
  *
  * You're free to add application-wide styles to this file and they'll appear at the bottom of the
  * compiled file so the styles you add here take precedence over styles defined in any styles

data/test/dummy/app/controllers/products_controller.rb ADDED

@@ -0,0 +1,10 @@
+class ProductsController < ApplicationController
+  attr_accessor :current_user
+  def show
+    @current_user = User.new
+    @product = Product.new
+  end
+end