attribute_access_controllable 1.1.2

data/.gitignore

@@ -0,0 +1,16 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.pairs

@@ -0,0 +1,7 @@
+pairs:
+  cb: Chris Barretto; chris
+  km: Ken Mayer; ken@bitwrangler.com
+email:
+  prefix: pair
+  domain: socialchorus.com
+  no_solo_prefix: true

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in attribute_access_controllable.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Social Chorus
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,68 @@
+# AttributeAccessControllable
+
+This gem allows you to control write access at the _attribute_ level, on a per-instance basis. For example, let's say you had a model `Person` that has an attribute, `birthday`, which, for security purposes, once this attribute is set, cannot be changed again (except, perhaps by an administrator with extraordinary privileges). You would want any attempts to change this value to raise a validation error.
+
+e.g.
+
+    alice = Person.create(:birthday => '12/12/12')
+    => <Person...>
+    alice.birthday= '1/1/01'
+    => '1/1/01'
+    alice.save!
+    => ActiveRecord::RecordInvalid ... "birthday is invalid: birthday is read_only"
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'attribute_access_controllable'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install attribute_access_controllable
+
+## Usage
+
+Generate a migration for your class
+
+    $ rails generate attribute_access Person
+    $ rake db:migrate
+    
+In your model, add the following:
+
+    class Person < ActiveRecord::Base
+      include AttributeAccessControllable
+      
+Add hooks to mark attributes as read_only:
+
+    before_save :mark_birthday_read_only
+      
+    private
+      
+      def mark_birthday_read_only
+        attr_read_only(:birthday)
+      end
+    
+If, in the future, you need by-pass the validations, pass `:skip_read_only => true` to the instance's `save` or `save!` methods.
+
+## RSpec support
+
+Adding this to your model spec will exercise the feature.
+
+    require 'attribute_access_controllable/spec_support'
+
+    describe Person do
+      it_should_behave_like "it has AttributeAccessControllable", :test_column
+    end
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,12 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc 'Default: run unit tests.'
+task :default => :spec
+
+desc "Run all specs"
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = 'spec/**/*_spec.rb'
+  t.rspec_opts = ["-c", "-f progress"]
+end

data/attribute_access_controllable.gemspec

@@ -0,0 +1,35 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/attribute_access_controllable/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Social Chorus", "Kenneth Mayer"]
+  gem.email         = ["tech@socialchorus.com", "kmayer@bitwrangler.com"]
+  gem.description   = %q{Allow attribute-level read/write access control, per instance, of any ActiveModel class.}
+  gem.summary       = <<'EOT'
+This gem allows you to control write access at the _attribute_ level, on a 
+per-instance basis. For example, let's say you had a model `Person` that has 
+an attribute, `birthday`, which, for security purposes, once this attribute is 
+set, cannot be changed again (except, perhaps by an administrator with 
+extraordinary privileges). Any attempts to change this value to 
+raise a validation error.
+EOT
+  gem.homepage      = "https://github.com/halogenguides/Attribute-Access-Controllable"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "attribute_access_controllable"
+  gem.require_paths = ["lib"]
+  gem.version       = AttributeAccessControllable::VERSION
+  
+  gem.add_runtime_dependency('activesupport', ['~> 3.2.1'])
+  gem.add_runtime_dependency('activemodel',   ['~> 3.2.1'])
+  gem.add_runtime_dependency('railties',      ['~> 3.2.1'])
+  
+  gem.add_development_dependency('rspec', ['~> 2.8.0'])
+  gem.add_development_dependency('pivotal_git_scripts')
+  gem.add_development_dependency('informal')
+  gem.add_development_dependency('activerecord')
+  gem.add_development_dependency('aruba')
+  gem.add_development_dependency('ammeter')
+end

data/cucumber.yml

@@ -0,0 +1 @@
+default: --tags ~@slow_process --no-source

data/doc/blog-post.md

@@ -0,0 +1,212 @@
+# Read-only access at attribute granularity
+
+One of the many pleasures of working at Pivotal Labs is that we are encouraged to release some of our work as open source. Often during the course of our engagements, we write code that might have wide-spread use. Due to the nature of our contracts, we can not unilaterally release such code. Those rights belong to the client. And rightly so. So, it is an even greater pleasure when one of our clients believes in "giving back" to the community, as well. 
+
+One such example is this modest gem, `attribute_access_controllable` which allows you to set read-only access at the _attribute_ level, on a per-instance basis. For example, let's say that you have a model `Person` with an attribute `birthday`, which, for security purposes, cannot be changed once this attribute is set (except, perhaps, by an administrator with extraordinary privileges). Any future attempts to change this attribute will result in a validation error.
+
+e.g.
+
+    > alice = Person.new(:birthday => '12/12/12')
+    => #<Person id: nil, attr1: nil, created_at: nil, updated_at: nil, read_only_attributes: nil, birthday: "0012-12-12"> 
+    > alice.attr_read_only(:birthday)
+    => #<Set: {"birthday"}> 
+    > alice.save!
+    => true
+    > alice.birthday = "2012-12-12"
+    => "2012-12-12" 
+    > alice.save!
+    ActiveRecord::RecordInvalid: Validation failed: Birthday is invalid, Birthday is read_only
+    > alice.save!(:skip_read_only => true)
+    => true
+    
+Setting this up is trivial, thanks to a Rails generator which does most of the heavy lifting for you.
+
+    rails generate attribute_access Person
+    
+After that, you need only know about one new method added to your class:
+
+    #attr_read_only(*attributes) # Marks attributes as read-only
+    
+There are a few others, but this one, plus the new functionality added to `#save` and `#save!` will get you quite far.
+
+And if that's all that you were looking for when you stumbled across this article, then there's no need to read any further. Go install the gem and have fun (and may your tests be green when you expect them to be).
+
+## From customer requirements to releasable gem
+
+On the other hand, if you are interested in how we got from the original customer story to a releasable open sourced gem, read on. The source code for the module is a [mere 34 lines long](https://github.com/halogenguides/Attribute-Access-Controllable/blob/master/lib/attribute_access_controllable.rb). It implements 2 new methods, a validator and (gently) overrides `#save` and `#save!`. Being good Test Driven Developers, we wrote our specs first, and since we wanted this behavior to be included in several models, we wrote our specs as a [_shared behavior_](https://github.com/halogenguides/Attribute-Access-Controllable/blob/master/lib/attribute_access_controllable/spec_support/shared_examples.rb) as well. The spec clocks in at 44 lines, slightly longer than our implementation. All in all, tiny. The whole commit was less than 100 lines of code.
+
+    AttributeAccessControllable
+      it should behave like it has AttributeAccessControllable
+        #attr_read_only(:attribute, ...) marks an attribute as read-only
+        #read_only_attribute?(:attribute) returns true when marked read-only
+        #read_only_attribute?(:attribute) returns false when not marked read-only (or not marked at all)
+        #save! raises error when :attribute is read-only
+        #save!(:context => :skip_read_only) is okay
+        #save is invalid when :attribute is read-only
+        #save(:context => :skip_read_only) is okay 
+
+In order to get to something "releasable" we needed a few more things, which we put on our To-Do list:
+
+#### To do
+  1. MIT License
+  2. A gem specification
+  3. Basic documentation in a README file
+
+The list got longer as we fleshed out both the documentation and the integration tests, as you'll see in a moment, but first, let's talk about
+
+### Getting the legal issues resolved, easily and quickly
+
+Pivotal's open sourcing policy is straightforward and simple to execute; We don't touch it. We write code for our clients, it's their code to do with as they please. My particular client liked the work we did for them and thought it would make a great open source gem. The Director of Engineering signed off on the idea and I paired with him to create the github repository during a lunch break. The first commit was tiny, just a basic directory structure and the existing code. I don't think the tests passed because they lacked a proper RSpec infrastructure.
+
+### Creating the gem
+
+    bundler gem DIRECTORY
+
+is your best friend. It set up the layout for us, including an MIT License and a gem specification. It had a boilerplate README, too.
+
+### Writing the documentation for the code you wished you had
+
+Next, we wrote a draft of the README file which documented what we knew: You needed a migration to create a column called `:read_only_attributes` and you needed to include the module into the class. Then we started thinking about the pain points of using our code as is. Wouldn't it be nice if we could create the migration automatically? Rails generators do that sort of thing, how hard could it be? (Famous last words...) It became clear that we needed to test drive out some new features of the _gem_ that supported the actual _module_.
+
+#### To do
+  1. ~~MIT License~~
+  2. ~~A gem specification~~
+  3. ~~Basic documentation in a README file~~
+  4. Integration test
+
+### I am not a big cucumber fan, but...
+
+Really, I'm not. I used to write Cucumber features all the time, but nowadays, I use a combination of RSpec and Capybara to get most of my day-to-day integration testing done. There is, however, one sweet spot for Cucumber that I'm finding more and more useful; A very high-level document that describes essential features in a way that a reader will say, "Ahhh, so _that_ is how it is supposed to work!" Here's a copy of the spec I wrote:
+
+    Feature: Read only attributes
+
+    Scenario: In a simple rails application
+      Given a new rails application
+      And I generate a new migration for the class "Person"
+      And I generate an attribute access migration for the class "Person"
+      And I have a test that exercises read-only
+      When I run `rake spec`
+      Then the output should contain "7 examples, 0 failures"
+
+You probably won't find any web-steps out there to handle these lines. I use [Aruba](https://github.com/cucumber/aruba) to handle the dirty work of executing shell commands in a safe sandbox-y way. The [step definition file](https://github.com/halogenguides/Attribute-Access-Controllable/blob/master/features/step_definitions/steps.rb) hides most of the ugliness. Even so, most readers could figure out what to do, by hand, for each step.
+
+#### To do
+  1. ~~MIT License~~
+  2. ~~A gem specification~~
+  3. ~~Basic documentation in a README file~~
+  4. ~~Integration test~~
+  5. Generator
+
+### Big generators
+
+This gem was my first attempt at writing a generator, so it was awkward. I still don't understand [Thor](https://github.com/wycats/thor) properly. Fortunately, I happened upon [Ammeter](https://github.com/alexrothenberg/ammeter), which helped me write out test specs for the generator. If you've got good specs, then you can sometimes stumble along until you learn enough to get it right. Alex Rothenberg's original [blog post](http://www.alexrothenberg.com/2011/10/10/ammeter-the-way-to-write-specs-for-your-rails-generators.html) about the gem was quite informative, as were the test cases from the [Devise](https://github.com/plataformatec/devise/tree/master/test/generators) gem.
+
+I have to admit; constructing the generator was more complex than the original module! There are more "moving parts;" templates, usage files, specs, in addition to the generator itself. So there is a certain amount of overhead that might overwhelm the original content. On the other hand, I learned quite a bit, and the gem is far more useful.
+
+    require "spec_helper"
+    require 'generators/attribute_access/attribute_access_generator'
+
+    describe AttributeAccessGenerator do
+      before do
+        prepare_destination
+        Rails::Generators.options[:rails][:orm] = :active_record
+      end
+
+      describe "the migration" do
+        before { run_generator %w(Person) }
+        subject { migration_file('db/migrate/create_people.rb') }
+        it { should exist }
+        it { should be_a_migration }
+        it { should contain 'class CreatePeople < ActiveRecord::Migration' }
+        it { should contain 'create_table :people do |t|'}
+        it { should contain 't.text :read_only_attributes'}
+      end
+      
+      describe "the class" do
+        before { run_generator %w(Person) }
+        subject { file('app/models/person.rb') }
+        it { should exist }
+        it { should contain 'include AttributeAccessControllable' }
+      end
+
+Some interesting things to note; you must `require` the generator, since it is not pulled in by default. The subject of each suite is a _file_, not the class `AttributeAccessGenerator`. The `migration_file` helper prepends the TIMESTAMP onto the migration file for you. If you need to set up more things for your test, `destination_root` is a helper with a path to the temporary directory. It remains after the tests have run, which makes it useful when debugging.
+
+Here's something else that I did not know, but it might help new generator writers; the order in which you define your methods in the generator class is _significant_. I don't know how this is done, but each "method" in the generator class is executed in turn. This is important for my generator; the model class definition _must_ exist before I inject the new content that mixes in the module, so I had to write the `generate_model` method before the `inject_attribute_access_content` method. I was scratching my head over that one for quite awhile.
+
+    require "rails/generators/active_record"
+
+    class AttributeAccessGenerator < ActiveRecord::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+  
+      def create_migration_file
+        if (behavior == :invoke && model_exists?)
+          migration_template "migration.rb", "db/migrate/add_read_only_attributes_to_#{table_name}"
+        else
+          migration_template "migration_create.rb", "db/migrate/create_#{table_name}"
+        end
+      end
+  
+      def generate_model
+        invoke "active_record:model", [name], :migration => false unless model_exists? && behavior == :invoke
+      end
+  
+      def inject_attribute_access_content
+        class_path = class_name.to_s.split('::')
+    
+        indent_depth = class_path.size
+        content = "  " * indent_depth + 'include AttributeAccessControllable' + "\n"
+    
+        inject_into_class(model_path, class_path.last, content)
+      end
+
+#### To do
+  1. ~~MIT License~~
+  2. ~~A gem specification~~
+  3. ~~Basic documentation in a README file~~
+  4. ~~Integration test~~
+  5. ~~Generator~~
+  6. Shareable tests
+  
+## Yo, I hear you like tests in your tests
+
+Lastly, we want to share the testing love. The gem consumer should not have to _write_ tests to drive out the same feature that we have already tested. That would not be very DRY. So, in order to make our shared behavior, er, um, _shareable_, we moved it into `lib` with a few wrappers, namely, the `spec_support.rb` file, which you can include in your own spec files to test drive adding the module to your own classes.
+
+Which is where `And I have a test that exercises read-only` comes in. You can see this in the `steps.rb` file:
+
+    require 'spec_helper'
+    require 'attribute_access_controllable/spec_support'
+
+    describe Person do
+      it_should_behave_like "it has AttributeAccessControllable", :attr1
+    end
+
+#### To do
+  1. ~~MIT License~~
+  2. ~~A gem specification~~
+  3. ~~Basic documentation in a README file~~
+  4. ~~Integration test~~
+  5. ~~Generator~~
+  6. ~~Shareable tests~~
+  
+## Don't be afraid to release v1.0.0
+
+I am a strong believer in [semantic versioning](http://semver.org/). I simply can not understand why some core ruby tools are still living in version zero land, even after years and years of development and use. So, after a couple of internal commits, we released v1.0.0 of the gem, and less than a day later released v1.1.0 and then v1.1.1! (You probably shouldn't use anything less than v1.1.1)
+
+## An interesting mix
+
+In summary, we used a lot of tools and techniques to go from a simple commit to a shareable gem:
+
+  * Rails generators
+  * Cucumber
+  * Aruba
+  * Ammeter
+  * RSpec shared behaviors
+  * Integration tests
+  * Generator tests
+  * Module tests
+
+I encourage everyone to release as much of their work as possible because it raises the state of the art for us all. There are limits, of course, but that still affords lots of wiggle room. Small gems like `attribute_access_controllable` won't change the world, but they ease the pain of staying DRY and we all get to learn a little something.
+
+### Thanks
+
+To Social Chorus for choosing to open source this code. And to Pivotal Labs for encouraging a better way to do software engineering.

data/features/read_only_attributes.feature

@@ -0,0 +1,12 @@
+@announce-cmd
+Feature: Read only attributes
+
+Scenario: In a simple rails application
+  Given a new rails application
+  And I generate a new migration for the class "Person"
+  And I generate an attribute access migration for the class "Person"
+  And I have a test that exercises read-only
+  When I run `rake spec`
+  Then the output should contain "8 examples, 0 failures"
+
+

data/features/step_definitions/steps.rb

@@ -0,0 +1,49 @@
+World(Aruba::Api)
+
+Given /^a new rails application$/ do
+  run_simple "rails new test_app --quiet --force --skip-bundle --skip-test-unit --skip-javascript --skip-sprockets"
+  cd '/test_app'
+  use_clean_gemset 'test_app'
+  write_file '.rvmrc', "rvm use default@test_app\n"
+  append_to_file 'Gemfile', <<EOT
+gem 'attribute_access_controllable', :path => '../../..'
+gem 'rspec-rails'
+EOT
+  run_simple 'bundle install --quiet'
+  run_simple 'script/rails generate rspec:install'
+end
+
+Given /^I generate a new migration for the class "Person"$/ do
+  cmd = "rails generate model Person attr1:string --test-framework"
+  run_simple cmd
+  output = stdout_from cmd
+  assert_partial_output "invoke  active_record", output
+  
+  cmd = "rake db:migrate"
+  run_simple cmd
+  output = stdout_from cmd
+  assert_matching_output %q{==  Create.+: migrating}, output
+  assert_matching_output %q{==  Create.+: migrated}, output
+end
+
+Given /^I generate an attribute access migration for the class "Person"$/ do
+  cmd = "rails generate attribute_access Person"
+  run_simple cmd
+  output = stdout_from cmd
+  assert_matching_output "create\\s+db/migrate/\\d+_add_read_only_attributes_to_.+\.rb", output
+  assert_matching_output "insert\\s+app/models/.+\.rb", output
+
+  cmd = "rake db:migrate"
+  run_simple cmd
+end
+
+Given /^I have a test that exercises read\-only$/ do
+  overwrite_file 'spec/models/person_spec.rb', <<EOT
+require 'spec_helper'
+require 'attribute_access_controllable/spec_support'
+
+describe Person do
+  it_should_behave_like "it has AttributeAccessControllable", :attr1
+end
+EOT
+end

data/features/support/env.rb

@@ -0,0 +1,7 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__) + '/../../lib')
+
+require 'aruba/cucumber'
+
+Before do
+  @aruba_timeout_seconds = 60
+end

data/lib/attribute_access_controllable.rb

@@ -0,0 +1,35 @@
+module AttributeAccessControllable
+  extend ActiveSupport::Concern
+
+  included do
+    include ActiveModel::Validations
+    serialize :read_only_attributes
+    attr_accessor :skip_read_only # TODO: Really should name this something private (e.g. :_#{class_name}_skip_read_only)
+    validate :read_only_attributes_unchanged, :on => :update, :unless => :skip_read_only
+  end
+
+  def attr_read_only(*attributes)
+    self.read_only_attributes = Set.new(attributes.map { |a| a.to_s }) + (read_only_attributes || [])
+  end
+
+  def read_only_attribute?(attribute)
+    return false if read_only_attributes.nil?
+    read_only_attributes.member?(attribute.to_s)
+  end
+
+  def read_only_attributes_unchanged
+    changed_attributes.each_key do |attr|
+      errors.add(attr) << "is read_only" if read_only_attribute?(attr)
+    end
+  end
+
+  def save(options = {})
+    self.skip_read_only = options.delete(:skip_read_only)
+    super
+  end
+
+  def save!(options = {})
+    self.skip_read_only = options.delete(:skip_read_only)
+    super
+  end
+end

data/lib/attribute_access_controllable/spec_support.rb

@@ -0,0 +1 @@
+require 'attribute_access_controllable/spec_support/shared_examples'

data/lib/attribute_access_controllable/spec_support/shared_examples.rb

@@ -0,0 +1,51 @@
+shared_examples_for "it has AttributeAccessControllable" do |test_column|
+  it "#attr_read_only(:attribute, ...) marks an attribute as read-only" do
+    expect {
+      subject.attr_read_only(test_column)
+    }.to change(subject, :read_only_attributes).from(nil).to(Set.new([test_column.to_s]))
+  end
+
+  it "#read_only_attribute?(:attribute) returns true when marked read-only" do
+    subject.read_only_attributes = Set.new([test_column.to_s])
+    subject.should be_read_only_attribute(test_column)
+  end
+
+  it "#read_only_attribute?(:attribute) returns false when not marked read-only (or not marked at all)" do
+    subject.should_not be_read_only_attribute(test_column)
+  end
+
+  it "#save! raises error when :attribute is read-only" do
+    subject.attr_read_only(test_column)
+    subject.send(test_column.to_s + '=', 0)
+    expect { subject.save!(context: :update) }.to raise_error ActiveRecord::RecordInvalid
+    subject.errors[test_column].should =~ ["is invalid", "is read_only"]
+  end
+
+  it "#save!(:context => :skip_read_only) is okay" do
+    subject.attr_read_only(test_column)
+    subject.send(test_column.to_s + '=', 0)
+    expect { subject.save!(:skip_read_only => true) }.to_not raise_error
+  end
+
+  it "#save is invalid when :attribute is read-only" do
+    subject.attr_read_only(test_column)
+    subject.send(test_column.to_s + '=', 0)
+    subject.save(context: :update).should be_false
+    subject.errors[test_column].should =~ ["is invalid", "is read_only"]
+  end
+
+  it "#save(:context => :skip_read_only) is okay" do
+    subject.attr_read_only(test_column)
+    subject.send(test_column.to_s + '=', 0)
+    subject.save!(:skip_read_only => true).should_not be_false
+  end
+  
+  it "serializes :read_only_attributes" do
+    subject.attr_read_only(test_column)
+    subject.save!
+    subject.reload
+    subject.read_only_attributes.should == Set.new([test_column.to_s])
+  end
+
+  #it "#attr_writable(:attribute)"
+end

data/lib/attribute_access_controllable/version.rb

@@ -0,0 +1,3 @@
+module AttributeAccessControllable
+  VERSION = "1.1.2"
+end

data/lib/generators/attribute_access/USAGE

@@ -0,0 +1,14 @@
+Description:
+    Add attribute access control to an ActiveRecord model
+
+Example:
+    rails generate attribute_access Thing
+
+    This will create a migration thats adds 
+    :read_only_attributes to your Thing model
+        
+    You will then need to add
+    
+        include AttributeAccessControllable
+    
+    to your model to enable the new behavior

data/lib/generators/attribute_access/attribute_access_generator.rb

@@ -0,0 +1,36 @@
+require "rails/generators/active_record"
+
+class AttributeAccessGenerator < ActiveRecord::Generators::Base
+  source_root File.expand_path('../templates', __FILE__)
+  
+  def create_migration_file
+    if (behavior == :invoke && model_exists?)
+      migration_template "migration.rb", "db/migrate/add_read_only_attributes_to_#{table_name}"
+    else
+      migration_template "migration_create.rb", "db/migrate/create_#{table_name}"
+    end
+  end
+  
+  def generate_model
+    invoke "active_record:model", [name], :migration => false unless model_exists? && behavior == :invoke
+  end
+  
+  def inject_attribute_access_content
+    class_path = class_name.to_s.split('::')
+    
+    indent_depth = class_path.size
+    content = "  " * indent_depth + 'include AttributeAccessControllable' + "\n"
+    
+    inject_into_class(model_path, class_path.last, content)
+  end
+  
+  private
+  
+  def model_exists?
+    File.exists?(File.join(destination_root, model_path))
+  end
+  
+  def model_path
+    @model_path ||= File.join("app", "models", "#{file_path}.rb")
+  end
+end

data/lib/generators/attribute_access/templates/migration.rb

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration
+  def change
+    add_column :<%= table_name %>, :read_only_attributes, :text
+  end
+end

data/lib/generators/attribute_access/templates/migration_create.rb

@@ -0,0 +1,9 @@
+class <%= migration_class_name %> < ActiveRecord::Migration
+  def change
+    create_table :<%= table_name %> do |t|
+      t.text :read_only_attributes
+      
+      t.timestamps
+    end
+  end
+end

data/spec/attribute_access_controllable_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper'
+require 'informal'
+require 'active_record/errors'
+require 'active_record/validations'
+
+require 'attribute_access_controllable'
+require 'attribute_access_controllable/spec_support'
+
+class TestFakePersistance
+  include Informal::Model
+  include ActiveRecord::Validations
+
+  def save(options={})
+    perform_validations(options) ? :pretend_to_call_super : false
+  end
+
+  def save!(options={})
+    perform_validations(options) ? :pretend_to_call_super : raise(ActiveRecord::RecordInvalid.new(self))
+  end
+  
+  def reload
+    self
+  end
+  
+  def self.serialize(*)
+  end
+end
+
+class TestAttributeAccessControllable < TestFakePersistance
+  attr_accessor :read_only_attributes # usually created via a migration
+  include ActiveModel::Dirty
+
+  define_attribute_methods [:test_column]
+
+  def test_column
+    @test_column
+  end
+
+  def test_column=(val)
+    test_column_will_change! unless val == @test_column
+    @test_column = val
+  end
+
+  include AttributeAccessControllable # code under test
+end
+
+describe AttributeAccessControllable do
+  subject { TestAttributeAccessControllable.new }
+
+  it_should_behave_like "it has AttributeAccessControllable", :test_column
+end
+

data/spec/generators/attribute_access_generator_spec.rb

@@ -0,0 +1,45 @@
+require "spec_helper"
+require 'generators/attribute_access/attribute_access_generator'
+
+describe AttributeAccessGenerator do
+  before do
+    prepare_destination
+    Rails::Generators.options[:rails][:orm] = :active_record
+  end
+
+  context "new class" do
+    describe "the migration" do
+      before { run_generator %w(Person) }
+      subject { migration_file('db/migrate/create_people.rb') }
+      it { should exist }
+      it { should be_a_migration }
+      it { should contain 'class CreatePeople < ActiveRecord::Migration' }
+      it { should contain 'create_table :people do |t|'}
+      it { should contain 't.text :read_only_attributes'}
+    end
+  end
+  
+  context "existing class" do
+    describe "the migration" do
+      before do
+        FileUtils.mkdir_p(File.join(destination_root, "app/models"))
+        File.open(File.join(destination_root, "app/models/person.rb"), "w") {|f|
+          f.puts "class Person < ActiveRecord::Base\nend\n"
+        }
+        run_generator %w(Person)
+      end
+      subject { migration_file('db/migrate/add_read_only_attributes_to_people.rb') }
+      it { should exist }
+      it { should be_a_migration }
+      it { should contain 'class AddReadOnlyAttributesToPeople < ActiveRecord::Migration' }
+      it { should contain 'add_column :people, :read_only_attributes, :text'}
+    end
+  end
+  
+  describe "the class" do
+    before { run_generator %w(Person) }
+    subject { file('app/models/person.rb') }
+    it { should exist }
+    it { should contain 'include AttributeAccessControllable' }
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,13 @@
+require 'bundler'
+Bundler.setup
+require 'ammeter/init'
+
+SPEC_ROOT = File.dirname(__FILE__)
+
+Dir[File.join(SPEC_ROOT, "support/**/*.rb")].each {|f| require f}
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+end

metadata

@@ -0,0 +1,226 @@
+--- !ruby/object:Gem::Specification
+name: attribute_access_controllable
+version: !ruby/object:Gem::Version
+  version: 1.1.2
+  prerelease: 
+platform: ruby
+authors:
+- Social Chorus
+- Kenneth Mayer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-05-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+- !ruby/object:Gem::Dependency
+  name: pivotal_git_scripts
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: informal
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: aruba
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ammeter
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Allow attribute-level read/write access control, per instance, of any
+  ActiveModel class.
+email:
+- tech@socialchorus.com
+- kmayer@bitwrangler.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .pairs
+- .rspec
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- attribute_access_controllable.gemspec
+- cucumber.yml
+- doc/blog-post.md
+- features/read_only_attributes.feature
+- features/step_definitions/steps.rb
+- features/support/env.rb
+- lib/attribute_access_controllable.rb
+- lib/attribute_access_controllable/spec_support.rb
+- lib/attribute_access_controllable/spec_support/shared_examples.rb
+- lib/attribute_access_controllable/version.rb
+- lib/generators/attribute_access/USAGE
+- lib/generators/attribute_access/attribute_access_generator.rb
+- lib/generators/attribute_access/templates/migration.rb
+- lib/generators/attribute_access/templates/migration_create.rb
+- spec/attribute_access_controllable_spec.rb
+- spec/generators/attribute_access_generator_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/halogenguides/Attribute-Access-Controllable
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.21
+signing_key: 
+specification_version: 3
+summary: This gem allows you to control write access at the _attribute_ level, on
+  a  per-instance basis. For example, let's say you had a model `Person` that has  an
+  attribute, `birthday`, which, for security purposes, once this attribute is  set,
+  cannot be changed again (except, perhaps by an administrator with  extraordinary
+  privileges). Any attempts to change this value to  raise a validation error.
+test_files:
+- features/read_only_attributes.feature
+- features/step_definitions/steps.rb
+- features/support/env.rb
+- spec/attribute_access_controllable_spec.rb
+- spec/generators/attribute_access_generator_spec.rb
+- spec/spec_helper.rb