authority 2.4.3 → 2.5.0

data/CHANGELOG.markdown

@@ -2,6 +2,10 @@
 
 Authority does its best to use [semantic versioning](http://semver.org).
 
+## v2.5.0
+
+Models whose `authorizer_name` is not specified will now check for an authorizer with their own name before falling back to `ApplicationAuthorizer`.  Eg, `Comment` will look for `CommentAuthorizer`. Namespacing is respected.
+
 ## v2.4.3
 
 Bugfix for Rails 3.1 - apparently its `class_attribute` method stepped on instance methods even when given `:instance_reader => false`

data/README.markdown

@@ -7,7 +7,7 @@ Authority will work fine with a standalone app or a single sign-on system. You c
 It requires that you already have some kind of user object in your application, accessible from all controllers and views via a method like `current_user` (configurable).
 
 [![Build Status](https://secure.travis-ci.org/nathanl/authority.png?branch=master)](http://travis-ci.org/nathanl/authority)
-[![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/nathanl/authority)
+[![Code Climate](https://codeclimate.com/github/nathanl/authority.png)](https://codeclimate.com/github/nathanl/authority)
 
 ## Contents
 
@@ -71,9 +71,12 @@ All you have to do is define the methods you need on your authorizers. You have
 
 Authority encapsulates all authorization logic in `Authorizer` classes. Want to do something with a model? **Ask its authorizer**.
 
-Models that have the same authorization rules should use the same authorizer. In other words, if you would write the exact same methods on two models to determine who can create them, who can edit them, etc, then they should use the same authorizer.
+You can specify a model's authorizer using the class method `authorizer_name=`. If you don't specify it, it will:
 
-Every model starts out assuming that its authorizer is `ApplicationAuthorizer`, but you can specify another one using the model's `authorizer_name=` method. Authorizers are just classes, so you can use any inheritance pattern you like.
+- Look for an authorizer with its name. Eg, `Comment` will look for `CommentAuthorizer`.
+- If that's not found, it will use `ApplicationAuthorizer`.
+
+**Models that have the same authorization rules should use the same authorizer**. In other words, if you would write the exact same methods on two models to determine who can create them, who can edit them, etc, then they should use the same authorizer.
 
 Some example groupings:
 

data/TODO.markdown

@@ -4,7 +4,7 @@
 
 ## Tests
 
-- Test with Rails 4 and Ruby 2.0
+- Test with Rails 4
 - Test `ActionController` integration
 - Add tests for the generators
 

data/lib/authority/abilities.rb

@@ -11,10 +11,17 @@ module Authority
     extend ActiveSupport::Concern
     extend Forwardable
 
-    # Assume authorizer is `ApplicationAuthorizer` (but let the user change that)
-    included do
+    included do |base|
       class_attribute :authorizer_name
-      self.authorizer_name = "ApplicationAuthorizer"
+
+      # Set the default authorizer for this model.
+      # - Look for an authorizer named like the model inside the model's namespace.
+      # - If there is none, use 'ApplicationAuthorizer'
+      self.authorizer_name = begin
+                               "#{base.name}Authorizer".constantize.name
+                             rescue NameError => e
+                               "ApplicationAuthorizer"
+                             end
     end
 
     def authorizer

data/lib/authority/version.rb

@@ -1,3 +1,3 @@
 module Authority
-  VERSION = "2.4.3"
+  VERSION = "2.5.0"
 end

data/spec/authority/abilities_spec.rb

@@ -3,23 +3,45 @@ require 'support/example_classes'
 
 describe Authority::Abilities do
 
-  let(:user)           { ExampleUser.new }
-  let(:resource_class) { ExampleResource }
+  let(:user)                      { ExampleUser.new }
+  let(:resource_class)            { ExampleResource }
+  let(:namespaced_resource_class) { Namespaced::SampleResource }
+  let(:other_resource_class)      { OtherResource }
 
   describe "instance methods" do
 
     describe "authorizer_name" do
 
-      it "has a class attribute getter for authorizer_name" do
+      it "has a class attribute getter" do
         expect(resource_class).to respond_to(:authorizer_name)
       end
 
-      it "has a class attribute setter for authorizer_name" do
+      it "has a class attribute setter" do
         expect(resource_class).to respond_to(:authorizer_name=)
       end
 
-      it "has a default authorizer_name of 'ApplicationAuthorizer'" do
-        expect(resource_class.authorizer_name).to eq("ApplicationAuthorizer")
+      describe "by default" do
+
+        context "when there is an authorizer with a name like the resource's" do
+
+          it "uses that authorizer" do
+            expect(resource_class.authorizer_name).to eq("ExampleResourceAuthorizer")
+          end
+
+          it "respects namespaces when it's looking" do
+            expect(namespaced_resource_class.authorizer_name).to eq("Namespaced::SampleResourceAuthorizer")
+          end
+
+        end
+
+        context "when there is no authorizer with a name like the resource's" do
+
+          it "uses 'ApplicationAuthorizer'" do
+            expect(other_resource_class.authorizer_name).to eq("ApplicationAuthorizer")
+          end
+
+        end
+
       end
 
     end

data/spec/support/example_classes.rb

@@ -1,13 +1,30 @@
+class ApplicationAuthorizer < Authority::Authorizer
+  def self.readable_by?(user)
+    true
+  end
+end
+
 class ExampleUser
   include Authority::UserAbilities
 end
 
+class ExampleResourceAuthorizer < ApplicationAuthorizer
+end
+
 class ExampleResource
   include Authority::Abilities
 end
 
-class ApplicationAuthorizer < Authority::Authorizer
-  def self.readable_by?(user)
-    true
+module Namespaced
+  class SampleResourceAuthorizer < ApplicationAuthorizer
+  end
+
+  class SampleResource
+    include Authority::Abilities
   end
+
+end
+
+class OtherResource
+  include Authority::Abilities
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authority
 version: !ruby/object:Gem::Version
-  version: 2.4.3
+  version: 2.5.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-02-20 00:00:00.000000000 Z
+date: 2013-03-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &74282880 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,12 +22,7 @@ dependencies:
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.0.0
+  version_requirements: *74282880
 description: Authority helps you authorize actions in your Rails app. It's ORM-neutral
   and has very little fancy syntax; just group your models under one or more Authorizer
   classes and write plain Ruby methods on them.
@@ -87,33 +82,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 4595590261951067039
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 4595590261951067039
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.8.10
 signing_key: 
 specification_version: 3
 summary: Authority helps you authorize actions in your Rails app using plain Ruby
   methods on Authorizer classes.
-test_files:
-- spec/authority/abilities_spec.rb
-- spec/authority/authorizer_spec.rb
-- spec/authority/configuration_spec.rb
-- spec/authority/controller_spec.rb
-- spec/authority/integration_spec.rb
-- spec/authority/user_abilities_spec.rb
-- spec/authority_spec.rb
-- spec/spec_helper.rb
-- spec/support/example_classes.rb
-- spec/support/mock_rails.rb
+test_files: []