RubyGems - acts_as_permission - Versions diffs - 2.0.0 → 2.0.1 - Mend

acts_as_permission 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/README.md ADDED

@@ -0,0 +1,320 @@
+Acts as permission
+==================
+Acts as permission is a plugin for Ruby on Rails that allows to assign a list of
+permissions on an object, according to the ACL concept, where each permission
+can be extended to a subject.
+More specifically, it can make possible to allow or to deny any action of the
+controller of a protected resource.  These actions are called permittables.
+A permittable action can be directly attached to a resource.  Examples of such
+actions:
+*   `show`,
+*   `edit`,
+*   `update`,
+*   `destroy`.
+Or it can be indirectly, through a parent resource.  Examples:
+*   `index`,
+*   `new`,
+*   `create`.
+Here is an example of query to a direct article's action:
+``` ruby
+@article = Article.find(params[:id])
+@article.permission?("articles#destroy")          # => false
+```
+Same query, extended to a user:
+``` ruby
+@article.permission?("articles#destroy", @bob)    # => nil
+@article.permission?("articles#destroy", @admin)  # => true
+```
+A query example on an indirect articles' action, through a category:
+``` ruby
+@category = Category.find(params[:category_id])
+@category.permission?("articles#index")           # => true
+```
+Other examples, on unpermittable actions:
+``` ruby
+@category.permission?("articles#read")            # => nil
+@category.permission?("silk_routes#index")        # => nil
+```
+The value of a permission depends on its context, which includes a route and an
+optional extension to a permitted resource.
+The `permission?(route, ext = nil)` query may return, depending on the context:
+*   `true`, if the permission is allowed;
+*   `false`, if the permission is denied;
+*   `nil`, if the permission is indefinable (resulting of the unknown context).
+Philosophy
+----------
+General library that does only one thing, without any feature.
+Installation
+------------
+Include the gem in your `Gemfile`:
+    gem 'acts_as_permission'
+And run the `bundle` command.  Or as a plugin:
+    rails plugin install git://github.com/cyril/acts_as_permission.git
+Then, generate files and apply the migration:
+    rails generate permissions
+    rake db:migrate
+Getting started
+---------------
+### Configuring models
+Permittable models have to be declared with `acts_as_permission`.  And they have
+to be so with a default permission mask.  For example:
+``` ruby
+# app/models/article.rb
+class Article < ActiveRecord::Base
+  acts_as_permission({
+    'articles#show'     => [true, {}],
+    'articles#edit'     => [false, {
+      permitted_id: 1,
+      permitted_type: "User",
+      value: true }],
+    'articles#update'   => [false, {
+      permitted_id: 1,
+      permitted_type: "User",
+      value: true }],
+    'articles#destroy'  => [false, {
+      permitted_id: 1,
+      permitted_type: "User",
+      value: true }],
+    'comments#index'    => true,
+    'comments#new'      => [true, [{
+      permitted_id: 3,
+      permitted_type: "User",
+      value: false }]],
+    'comments#create'   => [true, [{
+      permitted_id: 3,
+      permitted_type: "User",
+      value: false }]]})
+  belongs_to :user
+  has_many :comments, dependent: :destroy
+end
+# app/models/comment.rb
+class Comment < ActiveRecord::Base
+  acts_as_permission([
+    ["comments#show",    true],
+    ["comments#edit",    [false, [
+      {permitted_id: 1, permitted_type: "User", value: true},
+      {permitted_id: 2, permitted_type: "User", value: true} ]]],
+    ["comments#update",  [false, [
+      {permitted_id: 1, permitted_type: "User", value: true},
+      {permitted_id: 2, permitted_type: "User", value: true} ]]],
+    ["comments#destroy", [false, {
+      permitted_id: 1,
+      permitted_type: "User",
+      value: true }]]])
+  belongs_to :article
+  belongs_to :user
+end
+```
+Optionally, some models (such as `User`, `Group`, `Role`) can also be declared
+as permitted with `is_able_to_be_permitted`.  Example:
+``` ruby
+# app/models/user.rb
+class User < ActiveRecord::Base
+  is_able_to_be_permitted
+  with_options(dependent: :destroy) do |opts|
+    opts.has_many :articles
+    opts.has_many :comments
+  end
+end
+```
+### Configuring controllers
+Example of a fully protected comments controller:
+``` ruby
+class CommentsController < ApplicationController
+  before_filter :check_permissions
+  # GET /comments
+  # GET /comments.xml
+  def index
+    @comments = current_resource.comments
+    respond_to do |format|
+      format.html # index.html.erb
+      format.xml  { render :xml => @comments }
+    end
+  end
+  # GET /comments/1
+  # GET /comments/1.xml
+  def show
+    @comment = current_resource
+    respond_to do |format|
+      format.html # show.html.erb
+      format.xml  { render :xml => @comment }
+    end
+  end
+  # GET /comments/new
+  # GET /comments/new.xml
+  def new
+    @comment = current_resource.comments.build
+    respond_to do |format|
+      format.html # new.html.erb
+      format.xml  { render :xml => @comment }
+    end
+  end
+  # GET /comments/1/edit
+  def edit
+    @comment = current_resource
+  end
+  # POST /comments
+  # POST /comments.xml
+  def create
+    @comment = current_resource.comments.build(params[:comment])
+    respond_to do |format|
+      if @comment.save
+        format.html { redirect_to(@comment,
+          :notice => 'Comment was successfully created.') }
+        format.xml  { render :xml => @comment, :status => :created,
+          :location => @comment }
+      else
+        format.html { render :action => "new" }
+        format.xml  { render :xml => @comment.errors,
+          :status => :unprocessable_entity }
+      end
+    end
+  end
+  # PUT /comments/1
+  # PUT /comments/1.xml
+  def update
+    @comment = current_resource
+    respond_to do |format|
+      if @comment.update_attributes(params[:comment])
+        format.html { redirect_to(@comment,
+          :notice => 'Comment was successfully updated.') }
+        format.xml  { head :ok }
+      else
+        format.html { render :action => "edit" }
+        format.xml  { render :xml => @comment.errors,
+          :status => :unprocessable_entity }
+      end
+    end
+  end
+  # DELETE /comments/1
+  # DELETE /comments/1.xml
+  def destroy
+    @comment = current_resource
+    @comment.destroy
+    respond_to do |format|
+      format.html { redirect_to(comments_url) }
+      format.xml  { head :ok }
+    end
+  end
+  protected
+  def check_permissions
+    route = [ params[:controller],
+              params[:action] ].join('#')
+    unless (current_user &&
+                         current_resource.permission?(route, current_user)) ||
+                         current_resource.permission?(route)
+      respond_to do |format|
+        format.html { redirect_to(:back, :warning => '403 Forbidden',
+          :status => :forbidden) }
+        format.xml  { render :xml => '403 Forbidden', :status => :forbidden }
+      end
+    end
+  end
+  def current_resource
+    @current_resource ||= if params[:id]
+      Comment.find(params[:id])
+    else
+      Article.find(params[:article_id], :readonly => true)
+    end
+  end
+end
+```
+### Configuring views
+We can now perform some checks on related views from a comment instance, thanks
+to the protected actions of its controller, in order to only display allowed
+links:
+``` ruby
+if current_user && @comment.permission?("comments#edit", current_user) ||
+                   @comment.permission?("comments#edit")
+  link_to "Edit comment", edit_article_comment_path(@comment.article, @comment)
+end
+```
+And also some indirect checks from the current article instance, like this one:
+``` ruby
+if current_user && @article.permission?("comments#index", current_user) ||
+                   @article.permission?("comments#index")
+  link_to "Comments", article_comments_path(@article)
+end
+```
+Or this other one:
+``` ruby
+if current_user && @article.permission?("comments#new", current_user) ||
+                   @article.permission?("comments#new")
+  link_to "New comment", new_article_comment_path(@article)
+end
+```
+#### Form helper
+Object's permissions management is as simple as:
+``` ruby
+form_for @article do |f|
+  permission_fields f
+end
+```
+Copyright (c) 2009-2011 Cyril Wack, released under the MIT license

data/VERSION.yml CHANGED

@@ -1,4 +1,4 @@
 ---
 :major: 2
 :minor: 0
-:patch: 0
+:patch: 1

data/acts_as_permission.gemspec CHANGED

@@ -1,9 +1,9 @@
 Gem::Specification.new do |s|
   s.name        = "acts_as_permission"
-  s.version     = Psych.load_file("VERSION.yml").values.join('.')
+  s.version     = YAML.load_file("VERSION.yml").values.join('.')
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Cyril Wack"]
-  s.email       = ["cyril@gosu.fr"]
+  s.email       = ["contact@cyril.io"]
   s.homepage    = "http://github.com/cyril/acts_as_permission"
   s.summary     = %q{Simple permission solution for Rails.}
   s.description = %q{Simple Rails plugin to assign a list of permissions on a resource.}

data/lib/acts_as_permission.rb CHANGED

@@ -44,10 +44,6 @@ module ActsAsPermission
       permissions.compact
     end
-    def mass_assignment_authorizer
-      super + [:permissions_attributes]
-    end
     def has_permission?(action)
       ActiveSupport::Deprecation.warn 'has_permission?(action) is deprecated ' +
         'and may be removed from future releases, use permission?(route, ext ' +
@@ -119,6 +115,7 @@ class ActiveRecord::Base
     has_many :permissions, :as => :permittable, :dependent => :destroy
     accepts_nested_attributes_for :permissions, :allow_destroy => true
+    attr_accessible :permissions_attributes
     validates_associated :permissions
     class << self

data/test/permission_test.rb CHANGED

@@ -195,28 +195,35 @@ class PermissionTest < MiniTest::Unit::TestCase
     refute @blog.permission?("articles#new")
     assert_nil @blog.permission?("silk_routes#index")
     assert_equal 5, @blog.permissions.count
-    assert_empty @blog.permissions.delete_all
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     refute_empty @blog.create_default_permissions!
     assert_equal @blog.permissions.length, @blog.permissions.count
-    assert_empty @blog.permissions.delete_all
+    refute_empty @blog.permissions
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     assert_empty @blog.permissions
     refute_nil @blog.create_permission!("categories#create", false, @admin)
     assert_equal 1, @blog.permissions.count
     refute @blog.permission?(:"categories#create", @admin)
     assert_equal 1, @blog.permissions.count
-    assert_empty @blog.permissions.delete_all
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     assert @blog.permission("categories#create", @admin).
       update_attribute(:value, false)
     assert_equal 1, @blog.permissions.count
     refute @blog.permission?(:"categories#create", @admin)
     assert_equal 1, @blog.permissions.count
-    assert_empty @blog.permissions.delete_all
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     refute_nil @blog.create_permission!("categories#create", true, @admin)
     assert @blog.permission?(:"categories#create", @admin)
-    assert_empty @blog.permissions.delete_all
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     refute_nil @blog.create_permission!("categories#create", true, @admin)
     assert @blog.permission?(:"categories#create", @admin)
-    assert_empty @blog.permissions.delete_all
+    @blog.permissions.delete_all
+    assert_empty @blog.permissions
     refute_nil @blog.create_permission!("categories#create", true, @bob)
     refute Blog.first.permissions.empty?
     assert_equal @blog.permissions.length, @blog.permissions.count
@@ -246,7 +253,8 @@ class PermissionTest < MiniTest::Unit::TestCase
     assert @category.permission?("articles#create", @bob)
     assert_nil @category.permission?("articles#show", @bob)
     assert_equal 5, @category.permissions.count
-    assert_empty @category.permissions.delete_all
+    @category.permissions.delete_all
+    assert_empty @category.permissions
     assert_nil @category.permission?("articles#create", @bob)
     refute_nil @category.create_permission!("articles#create", true, @bob)
     assert @category.permission?("articles#create", @bob)
@@ -274,7 +282,8 @@ class PermissionTest < MiniTest::Unit::TestCase
     refute @article.permission?('comments#new', @spammer)
     refute @article.permission?('comments#create', @spammer)
     assert_equal 5, @article.permissions.count
-    assert_empty @article.permissions.delete_all
+    @article.permissions.delete_all
+    assert_empty @article.permissions
     assert_equal 0, @article.permissions.count
     assert @article.permission?('comments#new')
     assert_equal @article.permissions.count, @article.permissions.length
@@ -318,7 +327,8 @@ class PermissionTest < MiniTest::Unit::TestCase
     assert_equal 1, @comment1.permissions.count
     refute @comment1.permission?(:"comments#show")
     assert_equal 1, @comment1.permissions.count
-    assert_empty @comment1.permissions.delete_all
+    @comment1.permissions.delete_all
+    assert_empty @comment1.permissions
     assert @comment1.permission?(:"comments#show")
     assert_equal 1, @comment1.permissions.count
     refute_nil @comment1.permission("comments#show").

metadata CHANGED

@@ -1,39 +1,43 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: acts_as_permission
-version: !ruby/object:Gem::Version
-  version: 2.0.0
+version: !ruby/object:Gem::Version
   prerelease:
+  version: 2.0.1
 platform: ruby
-authors:
+authors:
 - Cyril Wack
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-04-23 00:00:00.000000000Z
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2011-09-08 00:00:00 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: railties
-  requirement: &2153626060 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
         version: 3.0.0
   type: :runtime
-  prerelease: false
-  version_requirements: *2153626060
+  version_requirements: *id001
 description: Simple Rails plugin to assign a list of permissions on a resource.
-email:
-- cyril@gosu.fr
+email:
+- contact@cyril.io
 executables: []
 extensions: []
 extra_rdoc_files: []
-files:
+files:
 - .gitignore
 - .rvmrc
 - Gemfile
 - MIT-LICENSE
-- README.rdoc
+- README.md
 - Rakefile
 - VERSION.yml
 - acts_as_permission.gemspec
@@ -52,28 +56,30 @@ files:
 - test/test_helper.rb
 homepage: http://github.com/cyril/acts_as_permission
 licenses: []
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
 requirements: []
 rubyforge_project: acts_as_permission
-rubygems_version: 1.7.2
+rubygems_version: 1.8.9
 signing_key:
 specification_version: 3
 summary: Simple permission solution for Rails.
-test_files:
-- test/permission_test.rb
-- test/test_helper.rb
+test_files: []

data/README.rdoc DELETED

@@ -1,296 +0,0 @@
-= Acts as permission
-Acts as permission is a plugin for Ruby on Rails that allows to assign a list of
-permissions on an object, according to the ACL concept, where each permission
-can be extended to a subject.
-More specifically, it can make possible to allow or to deny any action of the
-controller of a protected resource.  These actions are called permittables.
-A permittable action can be directly attached to a resource.  Examples of such
-actions:
-* <tt>show</tt>,
-* <tt>edit</tt>,
-* <tt>update</tt>,
-* <tt>destroy</tt>.
-Or it can be indirectly, through a parent resource.  Examples:
-* <tt>index</tt>,
-* <tt>new</tt>,
-* <tt>create</tt>.
-Here is an example of query to a direct article's action:
-  @article = Article.find(params[:id])
-  @article.permission?("articles#destroy")          # => false
-Same query, extended to a user:
-  @article.permission?("articles#destroy", @bob)    # => nil
-  @article.permission?("articles#destroy", @admin)  # => true
-A query example on an indirect articles' action, through a category:
-  @category = Category.find(params[:category_id])
-  @category.permission?("articles#index")           # => true
-Other examples, on unpermittable actions:
-  @category.permission?("articles#read")            # => nil
-  @category.permission?("silk_routes#index")        # => nil
-The value of a permission depends on its context, which includes a route and an
-optional extension to a permitted resource.
-The <tt>permission?(route, ext = nil)</tt> query may return, depending on the
-context:
-* <tt>true</tt>, if the permission is allowed;
-* <tt>false</tt>, if the permission is denied;
-* <tt>nil</tt>, if the permission is indefinable (resulting of the unknowned
-context).
-== Philosophy
-General library that does only one thing, without any feature.
-== Installation
-Include the gem in your <tt>Gemfile</tt>:
-  gem 'acts_as_permission'
-And run the +bundle+ command.  Or as a plugin:
-  rails plugin install git://github.com/cyril/acts_as_permission.git
-Then, generate files and apply the migration:
-  rails generate permissions
-  rake db:migrate
-== Getting started
-=== Configuring models
-Permittable models have to be declared with <tt>acts_as_permission</tt>.  And
-they have to be so with a default permission mask.  For example:
-  # app/models/article.rb
-  class Article < ActiveRecord::Base
-    acts_as_permission({
-      'articles#show'     => [true, {}],
-      'articles#edit'     => [false, {
-        :permitted_id => 1,
-        :permitted_type => "User",
-        :value => true }],
-      'articles#update'   => [false, {
-        :permitted_id => 1,
-        :permitted_type => "User",
-        :value => true }],
-      'articles#destroy'  => [false, {
-        :permitted_id => 1,
-        :permitted_type => "User",
-        :value => true }],
-      'comments#index'    => true,
-      'comments#new'      => [true, [{
-        :permitted_id => 3,
-        :permitted_type => "User",
-        :value => false }]],
-      'comments#create'   => [true, [{
-        :permitted_id => 3,
-        :permitted_type => "User",
-        :value => false }]]})
-    belongs_to :user
-    has_many :comments, :dependent => :destroy
-  end
-  # app/models/comment.rb
-  class Comment < ActiveRecord::Base
-    acts_as_permission([
-      ["comments#show",     true],
-      ["comments#edit",     [false, [
-        {:permitted_id => 1, :permitted_type => "User", :value => true},
-        {:permitted_id => 2, :permitted_type => "User", :value => true} ]]],
-      ["comments#update",   [false, [
-        {:permitted_id => 1, :permitted_type => "User", :value => true},
-        {:permitted_id => 2, :permitted_type => "User", :value => true} ]]],
-      ["comments#destroy",  [false, {
-        :permitted_id => 1,
-        :permitted_type => "User",
-        :value => true }]]])
-    belongs_to :article
-    belongs_to :user
-  end
-Optionally, some models (such as <tt>User</tt>, <tt>Group</tt>, <tt>Role</tt>)
-can also be declared as permitted with <tt>is_able_to_be_permitted</tt>.
-Example:
-  # app/models/user.rb
-  class User < ActiveRecord::Base
-    is_able_to_be_permitted
-    with_options :dependent => :destroy do |opts|
-      opts.has_many :articles
-      opts.has_many :comments
-    end
-  end
-=== Configuring controllers
-Example of a fully protected comments controller:
-  class CommentsController < ApplicationController
-    before_filter :check_permissions
-    # GET /comments
-    # GET /comments.xml
-    def index
-      @comments = current_resource.comments
-      respond_to do |format|
-        format.html # index.html.erb
-        format.xml  { render :xml => @comments }
-      end
-    end
-    # GET /comments/1
-    # GET /comments/1.xml
-    def show
-      @comment = current_resource
-      respond_to do |format|
-        format.html # show.html.erb
-        format.xml  { render :xml => @comment }
-      end
-    end
-    # GET /comments/new
-    # GET /comments/new.xml
-    def new
-      @comment = current_resource.comments.build
-      respond_to do |format|
-        format.html # new.html.erb
-        format.xml  { render :xml => @comment }
-      end
-    end
-    # GET /comments/1/edit
-    def edit
-      @comment = current_resource
-    end
-    # POST /comments
-    # POST /comments.xml
-    def create
-      @comment = current_resource.comments.build(params[:comment])
-      respond_to do |format|
-        if @comment.save
-          format.html { redirect_to(@comment,
-            :notice => 'Comment was successfully created.') }
-          format.xml  { render :xml => @comment, :status => :created,
-            :location => @comment }
-        else
-          format.html { render :action => "new" }
-          format.xml  { render :xml => @comment.errors,
-            :status => :unprocessable_entity }
-        end
-      end
-    end
-    # PUT /comments/1
-    # PUT /comments/1.xml
-    def update
-      @comment = current_resource
-      respond_to do |format|
-        if @comment.update_attributes(params[:comment])
-          format.html { redirect_to(@comment,
-            :notice => 'Comment was successfully updated.') }
-          format.xml  { head :ok }
-        else
-          format.html { render :action => "edit" }
-          format.xml  { render :xml => @comment.errors,
-            :status => :unprocessable_entity }
-        end
-      end
-    end
-    # DELETE /comments/1
-    # DELETE /comments/1.xml
-    def destroy
-      @comment = current_resource
-      @comment.destroy
-      respond_to do |format|
-        format.html { redirect_to(comments_url) }
-        format.xml  { head :ok }
-      end
-    end
-    protected
-    def check_permissions
-      route = [ params[:controller],
-                params[:action] ].join('#')
-      unless (current_user &&
-                           current_resource.permission?(route, current_user)) ||
-                           current_resource.permission?(route)
-        respond_to do |format|
-          format.html { redirect_to(:back, :warning => '403 Forbidden',
-            :status => :forbidden) }
-          format.xml  { render :xml => '403 Forbidden', :status => :forbidden }
-        end
-      end
-    end
-    def current_resource
-      @current_resource ||= if params[:id]
-        Comment.find(params[:id])
-      else
-        Article.find(params[:article_id], :readonly => true)
-      end
-    end
-  end
-=== Configuring views
-We can now perform some checks on related views from a comment instance, thanks
-to the protected actions of its controller, in order to only display allowed
-links:
-  <% if current_user && @comment.permission?("comments#edit", current_user) ||
-                        @comment.permission?("comments#edit") %>
-    <%= link_to "Edit comment",
-      edit_article_comment_path(@comment.article, @comment) %>
-  <% end %>
-And also some indirect checks from the current article instance, like this one:
-  <% if current_user && @article.permission?("comments#index", current_user) ||
-                        @article.permission?("comments#index") %>
-    <%= link_to "Comments", article_comments_path(@article) %>
-  <% end %>
-Or this other one:
-  <% if current_user && @article.permission?("comments#new", current_user) ||
-                        @article.permission?("comments#new") %>
-    <%= link_to "New comment", new_article_comment_path(@article) %>
-  <% end %>
-==== Form helper
-Object's permissions management is as simple as:
-  <%= permission_fields f %>
-Copyright (c) 2009-2011 Cyril Wack, released under the MIT license