active_model_serializers-cancan 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ rvm:
2
+ - 1.9.3
3
+ before_install:
4
+ - gem install bundler --version '>= 1.2.2'
5
+ script: "bundle exec rspec"
data/Gemfile ADDED
@@ -0,0 +1,12 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in active_model_serializers-cancan.gemspec
4
+ gemspec
5
+
6
+ group :test do
7
+ gem 'rspec'
8
+ gem 'supermodel', '0.1.6'
9
+
10
+ gem 'pry'
11
+ end
12
+
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Gordon L. Hempton
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,41 @@
1
+ # ActiveModelSerializers::Cancan
2
+
3
+ Provides a simple integration between [CanCan](https://github.com/ryanb/cancan) and [Active Model Serializers](https://github.com/josevalim/active_model_serializers).
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'active_model_serializers-cancan'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install active_model_serializers-cancan
18
+
19
+ ## Usage
20
+
21
+ `hasOne` and `hasMany` serializer macros now support an additional property, `authorize`. Associations with this property set to true will be authorized and filtered via CanCan. For example:
22
+
23
+ ```ruby
24
+ class PostSerializer < ActiveModel::Serializer
25
+ attributes :title, :content
26
+
27
+ has_one :author, authorize: true
28
+ has_many :comments, authorize: true
29
+ end
30
+
31
+ ```
32
+
33
+ Serializers now also have access to the same helpers as controllers, namely `current_ability`, `can?`, and `cannot?`.
34
+
35
+ ## Contributing
36
+
37
+ 1. Fork it
38
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
39
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
40
+ 4. Push to the branch (`git push origin my-new-feature`)
41
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,21 @@
1
+ # -*- encoding: utf-8 -*-
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'active_model_serializers/cancan/version'
5
+
6
+ Gem::Specification.new do |gem|
7
+ gem.name = "active_model_serializers-cancan"
8
+ gem.version = ActiveModel::Serializers::Cancan::VERSION
9
+ gem.authors = ["Gordon L. Hempton"]
10
+ gem.email = ["ghempton@gmail.com"]
11
+ gem.summary = %q{CanCan integration with Active Model Serializers}
12
+ gem.homepage = ""
13
+
14
+ gem.files = `git ls-files`.split($/)
15
+ gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
16
+ gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
17
+ gem.require_paths = ["lib"]
18
+
19
+ gem.add_dependency "active_model_serializers", "~> 0.7.0"
20
+ gem.add_dependency "cancan", "~> 1.6.9"
21
+ end
data/init.rb ADDED
@@ -0,0 +1 @@
1
+ require 'active_model_serializers/cancan'
@@ -0,0 +1 @@
1
+ require "active_model_serializers/cancan"
@@ -0,0 +1,2 @@
1
+ require "active_model_serializers/cancan/version"
2
+ require "active_model_serializers/cancan/associations"
@@ -0,0 +1,50 @@
1
+ require 'cancan'
2
+ require 'active_model_serializers'
3
+
4
+ module ActiveModel
5
+ class Serializer
6
+ module Associations #:nodoc:
7
+ class Config #:nodoc:
8
+
9
+ def authorize?
10
+ !!option(:authorize)
11
+ end
12
+
13
+ def current_ability
14
+ Ability.new(source_serializer.options[:scope])
15
+ end
16
+
17
+ def can?(*args)
18
+ current_ability.can? *args
19
+ end
20
+
21
+ def cannot?
22
+ current_ability.cannot? *args
23
+ end
24
+
25
+ end
26
+
27
+ class HasMany #:nodoc:
28
+
29
+ def serialize_with_cancan
30
+ return serialize_without_cancan unless authorize?
31
+ associated_object.select{|o| current_ability.can?(:read, o)}.map do |item|
32
+ find_serializable(item).serializable_hash
33
+ end
34
+ end
35
+ alias_method_chain :serialize, :cancan
36
+
37
+ end
38
+
39
+ class HasOne #:nodoc:
40
+
41
+ def serialize_with_cancan
42
+ return nil unless !authorize? || current_ability.can?(:read, associated_object)
43
+ serialize_without_cancan
44
+ end
45
+ alias_method_chain :serialize, :cancan
46
+
47
+ end
48
+ end
49
+ end
50
+ end
@@ -0,0 +1,7 @@
1
+ module ActiveModel
2
+ module Serializers
3
+ module Cancan
4
+ VERSION = "0.0.1"
5
+ end
6
+ end
7
+ end
@@ -0,0 +1,78 @@
1
+ require 'spec_helper'
2
+
3
+ describe ActiveModel::Serializer::Associations do
4
+
5
+ let(:user) { User.find(1) }
6
+
7
+ let(:category) { Category.first }
8
+
9
+ context 'when authorize is set to false' do
10
+
11
+ before do
12
+ CategorySerializer = Class.new(ActiveModel::Serializer) do
13
+ attributes :id
14
+ has_many :projects, authorize: false
15
+ has_one :project, authorize: false
16
+ end
17
+
18
+ ProjectSerializer = Class.new(ActiveModel::Serializer) do
19
+ attributes :id
20
+ end
21
+
22
+ Ability = Class.new do
23
+ include CanCan::Ability
24
+ def initialize(user)
25
+ cannot :read, :project
26
+ end
27
+ end
28
+ end
29
+
30
+ it 'should serialize forbidden has_many records' do
31
+ expect(CategorySerializer.new(category, scope: user).serializable_hash[:projects].length).to eq(2)
32
+ end
33
+
34
+ it 'should serialize forbidden has_one records' do
35
+ expect(CategorySerializer.new(category, scope: user).serializable_hash[:project]).to_not be_nil
36
+ end
37
+
38
+ end
39
+
40
+ context 'when authorize set to true' do
41
+
42
+ before do
43
+ CategorySerializer = Class.new(ActiveModel::Serializer) do
44
+ attributes :id
45
+ has_many :projects, authorize: true
46
+ has_one :project, authorize: true
47
+ end
48
+
49
+ ProjectSerializer = Class.new(ActiveModel::Serializer) do
50
+ attributes :id
51
+ end
52
+
53
+ Ability = Class.new do
54
+ include CanCan::Ability
55
+ def initialize(user)
56
+ can :read, Category
57
+ can :read, Project do |p|
58
+ p.user == user
59
+ end
60
+ end
61
+ end
62
+ end
63
+
64
+ it 'should filter unauthorized records' do
65
+ expect(CategorySerializer.new(category, scope: user).serializable_hash[:projects].length).to eq(1)
66
+ end
67
+
68
+ it 'should nil out unauthorized has_one records' do
69
+ expect(CategorySerializer.new(category, scope: user).serializable_hash[:project]).to be_nil
70
+ end
71
+
72
+ it 'should serialize authorized has_one records' do
73
+ expect(CategorySerializer.new(category, scope: User.find(2)).serializable_hash[:project]).to_not be_nil
74
+ end
75
+
76
+ end
77
+
78
+ end
@@ -0,0 +1,46 @@
1
+ require 'bundler'
2
+
3
+ Bundler.require(:default, :test)
4
+
5
+ class SuperModel::Base
6
+
7
+ def read_attribute_for_serialization(n)
8
+ attributes[n]
9
+ end
10
+
11
+ end
12
+
13
+ class User < SuperModel::Base
14
+ has_many :projects
15
+ has_many :categories
16
+ end
17
+
18
+ class Project < SuperModel::Base
19
+ belongs_to :user
20
+ belongs_to :category
21
+ has_many :categories
22
+ end
23
+
24
+ class Category < SuperModel::Base
25
+ belongs_to :user
26
+ belongs_to :project
27
+ has_many :projects
28
+ end
29
+
30
+ RSpec.configure do |config|
31
+ config.before do
32
+ user1 = User.create(id: 1, name: "User1")
33
+ user2 = User.create(id: 2, name: "User2")
34
+
35
+ c = Category.create(project: Project.create(user: user2))
36
+
37
+ Project.create(user: user1, category: c)
38
+ Project.create(user: user2, category: c)
39
+ end
40
+
41
+ config.after do
42
+ User.delete_all
43
+ Project.delete_all
44
+ Category.delete_all
45
+ end
46
+ end
metadata ADDED
@@ -0,0 +1,94 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: active_model_serializers-cancan
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Gordon L. Hempton
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-03-20 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: active_model_serializers
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: 0.7.0
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: 0.7.0
30
+ - !ruby/object:Gem::Dependency
31
+ name: cancan
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ~>
36
+ - !ruby/object:Gem::Version
37
+ version: 1.6.9
38
+ type: :runtime
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ~>
44
+ - !ruby/object:Gem::Version
45
+ version: 1.6.9
46
+ description:
47
+ email:
48
+ - ghempton@gmail.com
49
+ executables: []
50
+ extensions: []
51
+ extra_rdoc_files: []
52
+ files:
53
+ - .gitignore
54
+ - .travis.yml
55
+ - Gemfile
56
+ - LICENSE.txt
57
+ - README.md
58
+ - Rakefile
59
+ - active_model_serializers-cancan.gemspec
60
+ - init.rb
61
+ - lib/active_model_serializers-cancan.rb
62
+ - lib/active_model_serializers/cancan.rb
63
+ - lib/active_model_serializers/cancan/associations.rb
64
+ - lib/active_model_serializers/cancan/version.rb
65
+ - spec/active_model_serializers/cancan/associations_spec.rb
66
+ - spec/spec_helper.rb
67
+ homepage: ''
68
+ licenses: []
69
+ post_install_message:
70
+ rdoc_options: []
71
+ require_paths:
72
+ - lib
73
+ required_ruby_version: !ruby/object:Gem::Requirement
74
+ none: false
75
+ requirements:
76
+ - - ! '>='
77
+ - !ruby/object:Gem::Version
78
+ version: '0'
79
+ required_rubygems_version: !ruby/object:Gem::Requirement
80
+ none: false
81
+ requirements:
82
+ - - ! '>='
83
+ - !ruby/object:Gem::Version
84
+ version: '0'
85
+ requirements: []
86
+ rubyforge_project:
87
+ rubygems_version: 1.8.23
88
+ signing_key:
89
+ specification_version: 3
90
+ summary: CanCan integration with Active Model Serializers
91
+ test_files:
92
+ - spec/active_model_serializers/cancan/associations_spec.rb
93
+ - spec/spec_helper.rb
94
+ has_rdoc: