acl9 2.1.0 → 3.2.0

data/gemfiles/rails_5.1.gemfile

@@ -0,0 +1,10 @@
+# This file was generated by Appraisal
+
+source "http://rubygems.org"
+
+gem "appraisal"
+gem "byebug"
+gem "rails", "~> 5.1.0"
+gem "sqlite3", "~> 1.3.6", :group => :development
+
+gemspec path: "../"

data/gemfiles/{rails_4.0.gemfile → rails_5.2.gemfile}

@@ -3,9 +3,7 @@
 source "http://rubygems.org"
 
 gem "appraisal"
-gem "tapout"
-gem "minitap"
 gem "byebug"
-gem "rails", "~> 4.0.0"
+gem "rails", "~> 5.2.0"
 
-gemspec :path => "../"
+gemspec path: "../"

data/gemfiles/{rails_4.1.gemfile → rails_6.0.gemfile}

@@ -3,9 +3,7 @@
 source "http://rubygems.org"
 
 gem "appraisal"
-gem "tapout"
-gem "minitap"
 gem "byebug"
-gem "rails", "~> 4.1.0"
+gem "rails", "~> 6.0.0"
 
-gemspec :path => "../"
+gemspec path: "../"

data/gemfiles/{rails_4.2.gemfile → rails_6.1.gemfile}

@@ -3,9 +3,7 @@
 source "http://rubygems.org"
 
 gem "appraisal"
-gem "tapout"
-gem "minitap"
 gem "byebug"
-gem "rails", "~> 4.2.0"
+gem "rails", "~> 6.1.0"
 
-gemspec :path => "../"
+gemspec path: "../"

data/lib/acl9.rb

@@ -22,6 +22,10 @@ module Acl9
         send "#{k}=", v
       end
     end
+
+    def merge! h
+      h.each { |k,v| self[k.to_sym] = v }
+    end
   end
 
   @@config = Config.new( *CONFIG.values_at(*Config.members))
@@ -31,6 +35,42 @@ module Acl9
   def self.configure
     yield config
   end
+
+  class ArgumentError < ArgumentError; end
+  class RuntimeError < RuntimeError; end
+  class NilObjectError < RuntimeError; end
+
+  ##
+  # This exception is raised whenever ACL block finds that the current user
+  # is not authorized for the controller action he wants to execute.
+  # @example How to catch this exception in ApplicationController
+  #   class ApplicationController < ActionController::Base
+  #     rescue_from 'Acl9::AccessDenied', :with => :access_denied
+  #
+  #     # ...other stuff...
+  #     private
+  #
+  #     def access_denied
+  #       if current_user
+  #         # It's presumed you have a template with words of pity and regret
+  #         # for unhappy user who is not authorized to do what he wanted
+  #         render :template => 'home/access_denied'
+  #       else
+  #         # In this case user has not even logged in. Might be OK after login.
+  #         flash[:notice] = 'Access denied. Try to log in first.'
+  #         redirect_to login_path
+  #       end
+  #     end
+  #   end
+  #
+  class AccessDenied < RuntimeError; end
+
+  ##
+  # This exception is raised when acl9 has generated invalid code for the
+  # filtering method or block. Should never happen, and it's a bug when it
+  # happens.
+  class FilterSyntaxError < ArgumentError; end
+
 end
 
 ActiveRecord::Base.send(:include, Acl9::ModelExtensions)

data/lib/acl9/controller_extensions.rb

@@ -1,4 +1,4 @@
-require File.join(File.dirname(__FILE__), 'controller_extensions', 'generators')
+require_relative "controller_extensions/generators"
 
 module Acl9
   module ControllerExtensions

data/lib/acl9/controller_extensions/dsl_base.rb

@@ -1,4 +1,4 @@
-require File.expand_path '../../prepositions', __FILE__
+require_relative "../prepositions"
 
 module Acl9
   module Dsl
@@ -12,6 +12,7 @@ module Acl9
         @allows = []
         @denys  = []
         @original_args = args
+        @action_clause = nil
       end
 
       def acl_block!(&acl_block)
@@ -108,7 +109,7 @@ module Acl9
 
         _set_action_clause( _retrieve_only(options), options.delete(:except))
 
-        object = _role_object(options)
+        object_s = _role_object_s(options)
 
         role_checks = args.map do |who|
           case who
@@ -116,7 +117,7 @@ module Acl9
           when logged_in then "!#{_subject_ref}.nil?"
           when all       then "true"
           else
-            "!#{_subject_ref}.nil? && #{_subject_ref}.has_role?('#{who}', #{object})"
+            "!#{_subject_ref}.nil? && #{_subject_ref}.has_role?('#{who}'#{object_s})"
           end
         end
 
@@ -179,13 +180,13 @@ module Acl9
         end
       end
 
-      def _role_object(options)
+      def _role_object_s(options)
         object = _by_preposition options
 
         case object
-        when Class  then object.to_s
-        when Symbol then _object_ref object
-        when nil    then "nil"
+        when Class  then ", #{object}"
+        when Symbol then ", #{_object_ref object}"
+        when nil    then ""
         else
           raise ArgumentError, "object specified by preposition can only be a Class or a Symbol"
         end

data/lib/acl9/controller_extensions/generators.rb

@@ -1,37 +1,6 @@
-require File.join(File.dirname(__FILE__), 'dsl_base')
+require_relative "dsl_base"
 
 module Acl9
-  ##
-  # This exception is raised whenever ACL block finds that the current user
-  # is not authorized for the controller action he wants to execute.
-  # @example How to catch this exception in ApplicationController
-  #   class ApplicationController < ActionController::Base
-  #     rescue_from 'Acl9::AccessDenied', :with => :access_denied
-  #
-  #     # ...other stuff...
-  #     private
-  #
-  #     def access_denied
-  #       if current_user
-  #         # It's presumed you have a template with words of pity and regret
-  #         # for unhappy user who is not authorized to do what he wanted
-  #         render :template => 'home/access_denied'
-  #       else
-  #         # In this case user has not even logged in. Might be OK after login.
-  #         flash[:notice] = 'Access denied. Try to log in first.'
-  #         redirect_to login_path
-  #       end
-  #     end
-  #   end
-  #
-  class AccessDenied < StandardError; end
-
-  ##
-  # This exception is raised when acl9 has generated invalid code for the
-  # filtering method or block. Should never happen, and it's a bug when it
-  # happens.
-  class FilterSyntaxError < StandardError; end
-
   module Dsl
     module Generators
       class BaseGenerator < Acl9::Dsl::Base
@@ -93,7 +62,7 @@ module Acl9
         def install_on(controller_class, options)
           super
 
-          controller_class.send(:before_filter, options, &self.to_proc)
+          controller_class.send(:before_action, options, &self.to_proc)
         end
 
         def to_proc
@@ -124,7 +93,7 @@ module Acl9
         def install_on(controller_class, options)
           super
           _add_method(controller_class)
-          controller_class.send(:before_filter, @method_name, options)
+          controller_class.send(:before_action, @method_name, options)
         end
 
         protected
@@ -171,7 +140,7 @@ module Acl9
                 raise ArgumentError, "call #{@method_name} with 0, 1 or 2 arguments"
               end
 
-              action_name = args.empty? ? self.action_name : args.first.to_s
+              self.action_name = args.first.to_s if args.present?
 
               return #{allowance_expression}
             end

data/lib/acl9/model_extensions.rb

@@ -1,5 +1,5 @@
-require File.join(File.dirname(__FILE__), 'model_extensions', 'for_subject')
-require File.join(File.dirname(__FILE__), 'model_extensions', 'for_object')
+require_relative "model_extensions/for_subject"
+require_relative "model_extensions/for_object"
 
 module Acl9
   module ModelExtensions  #:nodoc:
@@ -129,7 +129,7 @@ module Acl9
           :class_name => subject,
           :join_table => join_table
 
-        belongs_to :authorizable, :polymorphic => true
+        belongs_to :authorizable, polymorphic: true, optional: true
       end
     end
   end

data/lib/acl9/model_extensions/for_subject.rb

@@ -1,10 +1,16 @@
-require File.expand_path '../../prepositions', __FILE__
+require_relative "../prepositions"
 
 module Acl9
   module ModelExtensions
     module ForSubject
       include Prepositions
 
+      DEFAULT = Class.new do
+        def default?
+          true
+        end
+      end.new.freeze
+
       ##
       # Role check.
       #
@@ -38,16 +44,17 @@ module Acl9
       # @param [Object] object Object to query a role on
       #
       # @see Acl9::ModelExtensions::Object#accepts_role?
-      def has_role?(role_name, object = nil)
+      def has_role?(role_name, object = default)
+        check! object
         role_name = normalize role_name
         object = _by_preposition object
 
-        !! if object.nil? && !::Acl9.config[:protect_global_roles]
-          self._role_objects.find_by_name(role_name.to_s) ||
-          self._role_objects.member?(get_role(role_name, nil))
+        !! if object == default && !::Acl9.config[:protect_global_roles]
+          _role_objects.find_by_name(role_name.to_s) ||
+          _role_objects.member?(get_role(role_name, object))
         else
           role = get_role(role_name, object)
-          role && self._role_objects.exists?(role.id)
+          role && _role_objects.exists?(role.id)
         end
       end
 
@@ -57,7 +64,8 @@ module Acl9
       # @param [Symbol,String] role_name Role name
       # @param [Object] object Object to add a role for
       # @see Acl9::ModelExtensions::Object#accepts_role!
-      def has_role!(role_name, object = nil)
+      def has_role!(role_name, object = default)
+        check! object
         role_name = normalize role_name
         object = _by_preposition object
 
@@ -65,15 +73,15 @@ module Acl9
 
         if role.nil?
           role_attrs = case object
-                       when Class then { :authorizable_type => object.to_s }
-                       when nil   then {}
-                       else            { :authorizable => object }
-                       end.merge(      { :name => role_name.to_s })
+                       when Class   then { :authorizable_type => object.to_s }
+                       when default then {}
+                       else              { :authorizable => object }
+                       end.merge({ :name => role_name.to_s })
 
-          role = self._auth_role_class.create(role_attrs)
+          role = _auth_role_class.create(role_attrs)
         end
 
-        self._role_objects << role if role && !self._role_objects.exists?(role.id)
+        _role_objects << role if role && !_role_objects.exists?(role.id)
       end
 
       ##
@@ -82,7 +90,8 @@ module Acl9
       # @param [Symbol,String] role_name Role name
       # @param [Object] object Object to remove a role on
       # @see Acl9::ModelExtensions::Object#accepts_no_role!
-      def has_no_role!(role_name, object = nil)
+      def has_no_role!(role_name, object = default)
+        check! object
         role_name = normalize role_name
         object = _by_preposition object
         delete_role(get_role(role_name, object))
@@ -95,7 +104,8 @@ module Acl9
       # @return [Boolean] Returns true if +self+ has any roles on +object+.
       # @see Acl9::ModelExtensions::Object#accepts_roles_by?
       def has_roles_for?(object)
-        !!self._role_objects.detect(&role_selecting_lambda(object))
+        check! object
+        !!_role_objects.detect(&role_selecting_lambda(object))
       end
 
       alias :has_role_for? :has_roles_for?
@@ -112,14 +122,16 @@ module Acl9
       #
       #   user.roles_for(product).map(&:name).sort  #=> role names in alphabetical order
       def roles_for(object)
-        self._role_objects.select(&role_selecting_lambda(object))
+        check! object
+        _role_objects.select(&role_selecting_lambda(object))
       end
 
       ##
       # Unassign any roles on +object+ from +self+.
       #
-      # @param [Object,nil] object Object to unassign roles for. +nil+ means unassign global roles.
-      def has_no_roles_for!(object = nil)
+      # @param [Object,default] object Object to unassign roles for. Empty args means unassign global roles.
+      def has_no_roles_for!(object = default)
+        check! object
         roles_for(object).each { |role| delete_role(role) }
       end
 
@@ -128,11 +140,11 @@ module Acl9
       def has_no_roles!
         # for some reason simple
         #
-        #   self.roles.each { |role| delete_role(role) }
+        #   roles.each { |role| delete_role(role) }
         #
         # doesn't work. seems like a bug in ActiveRecord
-        self._role_objects.map(&:id).each do |role_id|
-          delete_role self._auth_role_class.find(role_id)
+        _role_objects.map(&:id).each do |role_id|
+          delete_role _auth_role_class.find(role_id)
         end
       end
 
@@ -142,7 +154,7 @@ module Acl9
         case object
         when Class
           lambda { |role| role.authorizable_type == object.to_s }
-        when nil
+        when default
           lambda { |role| role.authorizable.nil? }
         else
           lambda do |role|
@@ -152,13 +164,14 @@ module Acl9
         end
       end
 
-      def get_role(role_name, object)
+      def get_role(role_name, object = default)
+        check! object
         role_name = normalize role_name
 
         cond = case object
                when Class
                  [ 'name = ? and authorizable_type = ? and authorizable_id IS NULL', role_name, object.to_s ]
-               when nil
+               when default
                  [ 'name = ? and authorizable_type IS NULL and authorizable_id IS NULL', role_name ]
                else
                  [
@@ -167,17 +180,17 @@ module Acl9
                  ]
                end
 
-        if self._auth_role_class.respond_to?(:where)
-          self._auth_role_class.where(cond).first
+        if _auth_role_class.respond_to?(:where)
+          _auth_role_class.where(cond).first
         else
-          self._auth_role_class.find(:first, :conditions => cond)
+          _auth_role_class.find(:first, :conditions => cond)
         end
       end
 
       def delete_role(role)
         if role
-          if ret = self._role_objects.delete(role)
-            if role.send(self._auth_subject_class_name.demodulize.tableize).empty?
+          if ret = _role_objects.delete(role)
+            if role.send(_auth_subject_class_name.demodulize.tableize).empty?
               ret &&= role.destroy unless role.respond_to?(:system?) && role.system?
             end
           end
@@ -189,7 +202,11 @@ module Acl9
         Acl9.config[:normalize_role_names] ? role_name.to_s.underscore.singularize : role_name.to_s
       end
 
-      protected
+      private
+
+      def check! object
+        raise NilObjectError if object.nil?
+      end
 
       def _by_preposition object
         object.is_a?(Hash) ? super : object
@@ -204,7 +221,11 @@ module Acl9
       end
 
       def _role_objects
-        send(self._auth_role_assoc)
+        send(_auth_role_assoc)
+      end
+
+      def default
+        DEFAULT
       end
     end
   end

data/lib/acl9/version.rb

@@ -1,3 +1,3 @@
 module Acl9
-  VERSION = "2.1.0"
+  VERSION = "3.2.0"
 end

data/lib/generators/acl9/setup/setup_generator.rb

@@ -10,9 +10,8 @@ module Acl9
     argument :arg_role, type: :string, default: 'role', banner: "role"
     argument :arg_objects, type: :array, default: [], banner: "objects..."
 
-    def create_migration
-      next_migration_number = self.class.next_migration_number( File.expand_path( '../db/migrate', __FILE__))
-      template "create_role_tables.rb", "db/migrate/#{next_migration_number}_create_#{role_name}_tables.rb"
+    def create_migration_file
+      migration_template "create_role_tables.rb", File.join(db_migrate_path, "create_#{role_name}_tables.rb")
     end
 
     def create_models
@@ -56,6 +55,14 @@ module Acl9
       role_name.classify
     end
 
+    def model_base_name
+      r5? ? ApplicationRecord : ActiveRecord::Base
+    end
+
+    def r5?
+      Rails.gem_version >= Gem::Version.new(5)
+    end
+
     def habtm_table
       Acl9.config.default_join_table_name || [ subject_name, role_name ].map(&:pluralize).sort.join('_')
     end