bali 1.2.0 → 2.0.0rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bfdb9274e88935206ba786522f65dba0cb1ddfb4
-  data.tar.gz: f3dc6a29a69a526540bfd1fab705acdade594773
+  metadata.gz: cf53e89889a8f3f41843b1e46cb4da90c0d76121
+  data.tar.gz: 6fc380eb95bb66723ae74851a796ead78b1f44bd
 SHA512:
-  metadata.gz: 4801d9b6dc47bd70b75689663485487533c82d1de7ae2cb37c8657972837f5894d03cc7598fad9f87adea0312672ccd81ce00458012ae7aa157d95895bba17a0
-  data.tar.gz: 1a0597385c6bded708cba7d9bac719921706465df49d9a29b445910e086859e3da5b0b9e123da4ce38d63d11b1c3dae033854ca76c539d5b57077da57243c709
+  metadata.gz: 92b8ed097eccd7c929de0617a1359055e4b5fdcccee2d2e3e3af09781b03210ba5c50c76d67281db61e95167f506fbcaa915c6e24e5779d202005133a8566e84
+  data.tar.gz: cc8c1ed6a7e2381d9b41639c2d6d3e4a8250cebc4d3cef2ff50a8f6a22ba066c2bb4f05a5a868f12428a6a566a7583581895986d30b963d9d8e79b53c02a60ce

data/README.md

@@ -22,6 +22,11 @@ And then execute:
 
     $ bundle
 
+## Deprecation notice
+
+1. `cant` and `cant_all` which are used to declare rules will be deprecated on version 3.0, in favor of `cannot` and `cannot_all`. The reason behind this is that `can` and `cant` only differ by 1 letter, it is thought to be better to make it less ambiguous.
+2. `cant?` and subsequently new-introduced `cant!` will be deprecated on version 3.0, in favor of `cannot?` and `cannot!` for the same reason as above.
+
 ## Usage
 
 ### Defining access rules
@@ -35,8 +40,8 @@ Rule in Bali is the law determining whether a user (called `subtarget`) can do o
       describe :admin_user do
         can_all
         # a more specific rule would be executed even if can_all is present
-        can :cancel, 
-          if: proc { |record| record.payment_channel == "CREDIT_CARD" && 
+        can :cancel,
+          if: proc { |record| record.payment_channel == "CREDIT_CARD" &&
                               !record.is_settled? }
       end
       describe "general user", can: [:update, :edit], cant: [:delete]
@@ -148,16 +153,16 @@ That is, we can check `can?` and `cant?` with multiple roles by passing array of
 
 ### Using subtarget's instance for Can and Cant testing
 
-You may pass in real subtarget instance rather than (1) a symbol, (2) string or (3) array of string/symbol for can/cant testing. 
+You may pass in real subtarget instance rather than (1) a symbol, (2) string or (3) array of string/symbol for can/cant testing.
 
 In order to do so, you need to specify the field/method in the subtarget that will be used to evaluating the subtarget's role(s). To do that, we define `roles_for` as follow inside `Bali.map_rules` block:
 
 ```ruby
-Bali.map_rules do 
+Bali.map_rules do
   roles_for My::Employee, :roles
   roles_for My::AdminUser, :admin_roles
   roles_for My::BankUser, :roles
-  
+
   # rules definition
   # may follow
 end
@@ -173,6 +178,22 @@ By doing so, we can now perform authorisation testing as follow:
   txn.can?(current_employee, :print)
 ```
 
+### Raises error on unauthorized access
+
+`can?` and `cant?` just return boolean values on whether access is granted or not. If you want to raise an exception when an operation is inappropriate, use its variant: `can!` and `cant!`
+
+When `can!` result in denied operation, it will raise `Bali::AuthorizationError`. In the other hand, `cant!` will raise `Bali::AuthorizationError` if it allows an operation.
+
+`can!` and `cant` are invoked with a similar fashion as you would invoke `can?` and `cant?`
+
+`Bali::AuthorizationError` is more than an exception, it also store information regarding:
+
+1. `auth_level`: whether it is can, or cant testing.
+2. `role`: the role under which authorisation is performed
+3. `subtarget`: the object (if passing an object), or string/symbol representing the role
+4. `operation`: the action
+5. `target`: targeted object/class of the authorization
+
 ### Rule clause if/unless
 
 Rule clause may contain `if` and `unless` (decider) proc as already seen before. This `if` and `unless` `proc` have three variants that can be used to express your rule in sufficient detail:
@@ -184,7 +205,7 @@ Rule clause may contain `if` and `unless` (decider) proc as already seen before.
 When rule is very brief, use zero-arity rule clause as below:
 
 ```ruby
-Bali.map_rules do 
+Bali.map_rules do
   rules_for My::Transaction do
     describe(:staff) { can :cancel }
     describe(:finance) { can :cancel }
@@ -200,7 +221,7 @@ describe :staff do
 end
 ```
 
-Good, but, in addition to that, how to allow transaction cancellation only to staff who has 3 years or so experience in working with the company? 
+Good, but, in addition to that, how to allow transaction cancellation only to staff who has 3 years or so experience in working with the company?
 
 In order to do that, we need to resort to 2-arity decider, as follow:
 
@@ -265,4 +286,10 @@ Bali is proudly available as open source under the terms of the [MIT License](ht
 == Version 1.2.0
 
 1. Passing real object as subtarget's role, instead of symbol or array of symbol
-2. Clause can also yielding user, along with the object in question
+2. Clause can also yielding user, along with the object in question
+
+== Version 2.0.0rc1
+
+1. `Bali::AuthorizationError` subclass of `StandardError` tailored for raising error regarding with authorisation
+2. Deprecating `cant`, `cant?`, and `cant_all` in favor of `cannot`, `cannot?` and `cannot_all`
+3. new objectors `can!` and `cannot!` to raise error on inappropriate access

data/lib/bali.rb

@@ -1,21 +1,13 @@
 require_relative "bali/version"
 
-# foundations, onto which good-purposed gem is developed upon
-require_relative "bali/foundations/bali_statics"
-require_relative "bali/foundations/rule_class"
-require_relative "bali/foundations/rule_group"
-require_relative "bali/foundations/rule"
-
 # load the DSL syntax maker definition, ordered by proper order of invocation
-require_relative "bali/dsl/map_rules_dsl.rb"
-require_relative "bali/dsl/rules_for_dsl.rb"
+require_relative "bali/dsl/map_rules_dsl"
+require_relative "bali/dsl/rules_for_dsl"
 
 require_relative "bali/objector"
 
-# exception classes
-require_relative "bali/exceptions/bali_error"
-require_relative "bali/exceptions/dsl_error"
-require_relative "bali/exceptions/objection_error"
+require_relative "bali/foundations/all_foundations"
+require_relative "bali/integrators/all_integrators"
 
 module Bali
   # mapping class to a RuleClass
@@ -32,6 +24,9 @@ module Bali
   #   AdminUser: :admin_roles
   # }
   TRANSLATED_SUBTARGET_ROLES = {}
+
+  # pub/sub for plugin that extend bali
+  LISTENABLE_EVENTS = {}
 end
 
 module Bali

data/lib/bali/dsl/map_rules_dsl.rb

@@ -15,7 +15,7 @@ class Bali::MapRulesDsl
       Bali::RulesForDsl.new(self).instance_eval(&block)
 
       # done processing the block, now add the rule class
-      Bali.add_rule_class(self.current_rule_class)
+      Bali::Integrators::Rule.add_rule_class(self.current_rule_class)
     end
   end
 
@@ -25,7 +25,7 @@ class Bali::MapRulesDsl
     raise Bali::DslError, "Subtarget must be a class" unless subtarget_class.is_a?(Class)
     raise Bali::DslError, "Field name must be a symbol/string" if !(field_name.is_a?(Symbol) || field_name.is_a?(String))
 
-    Bali::TRANSLATED_SUBTARGET_ROLES[subtarget_class.to_s] = field_name 
+    Bali::TRANSLATED_SUBTARGET_ROLES[subtarget_class.to_s] = field_name
     nil
   end
 
@@ -38,6 +38,11 @@ class Bali::MapRulesDsl
   end
 
   def cant(*params)
+    puts "Deprecation Warning: declaring rules with cant will be deprecated on major release 3.0, use cannot instead"
+    cannot *params
+  end
+
+  def cannot(*params)
     raise Bali::DslError, "cant block must be within describe block"
   end
 
@@ -46,6 +51,11 @@ class Bali::MapRulesDsl
   end
 
   def cant_all(*params)
+    puts "Deprecation Warning: declaring rules with cant_all will be deprecated on major release 3.0, use cannot instead"
+    cannot_all *params
+  end
+
+  def cannot_all(*params)
     raise Bali::DslError, "cant_all block must be within describe block"
   end
 end

data/lib/bali/dsl/rules_for_dsl.rb

@@ -27,7 +27,7 @@ class Bali::RulesForDsl
         subtargets += passed_argument
       elsif passed_argument.is_a?(Hash)
         rules = passed_argument
-      else 
+      else
         raise Bali::DslError, "Allowed argument: symbol, string, nil and hash"
       end
     end
@@ -56,7 +56,7 @@ class Bali::RulesForDsl
               end
             else
               operation = operations # well, basically is 1 only
-              rule = Bali::Rule.new(auth_val, operation) 
+              rule = Bali::Rule.new(auth_val, operation)
               self.current_rule_group.add_rule(rule)
             end
           end # each rules
@@ -71,7 +71,7 @@ class Bali::RulesForDsl
   # to define can and cant is basically using this method
   def process_auth_rules(auth_val, operations)
     conditional_hash = nil
-    
+
     # scan operations for options
     operations.each do |elm|
       if elm.is_a?(Hash)
@@ -103,8 +103,13 @@ class Bali::RulesForDsl
     process_auth_rules(:can, operations)
   end
 
+  def cannot(*operations)
+    process_auth_rules(:cannot, operations)
+  end
+
   def cant(*operations)
-    process_auth_rules(:cant, operations)
+    puts "Deprecation Warning: declaring rules with cant will be deprecated on major release 3.0, use cannot instead"
+    cannot(*operations)
   end
 
   def can_all
@@ -112,8 +117,13 @@ class Bali::RulesForDsl
     self.current_rule_group.plant = false
   end
 
-  def cant_all
+  def cannot_all
     self.current_rule_group.plant = true
     self.current_rule_group.zeus = false
   end
+
+  def cant_all
+    puts "Deprecation Warning: declaring rules with cant_all will be deprecated on major release 3.0, use cannot_all instead"
+    cannot_all
+  end
 end # class

data/lib/bali/foundations/all_foundations.rb

@@ -0,0 +1,11 @@
+# ./exceptions
+require_relative "exceptions/bali_error"
+require_relative "exceptions/dsl_error"
+require_relative "exceptions/objection_error"
+require_relative "exceptions/authorization_error"
+
+# rule
+require_relative "rule/rule"
+require_relative "rule/rule_class"
+require_relative "rule/rule_group"
+

data/lib/bali/foundations/exceptions/authorization_error.rb

@@ -0,0 +1,17 @@
+# Error that will be raised when subtarget cannot do something he wanted to do,
+# or when subtarget do something he should not be allowed to do.
+class Bali::AuthorizationError < Bali::Error
+  attr_accessor :operation
+  attr_accessor :auth_level
+  attr_accessor :role
+
+  # it may be nil, depends on whether rule checking is using symbol/user
+  attr_accessor :subtarget
+
+  # whether a class or an object
+  attr_accessor :target
+
+  def to_s
+    "Role #{role} is performing #{operation} using precedence #{auth_level}"
+  end
+end

data/lib/bali/foundations/{rule.rb → rule/rule.rb}

@@ -1,6 +1,6 @@
 # for internal use, representing one, single, atomic rule
 class Bali::Rule
-  # auth_val is either :can or :cant
+  # auth_val is either :can or :cannot
   attr_reader :auth_val
 
   # what is the operation: create, update, delete, or any other
@@ -18,10 +18,13 @@ class Bali::Rule
   end
 
   def auth_val=(aval)
-    if aval == :can || aval == :cant
+    # TODO: in version 3 remove :cant
+    if aval == :can || aval == :cannot
       @auth_val = aval
+    elsif aval == :cant
+      @auth_val = :cannot
     else
-      raise Bali::DslError, "auth_val can only either be :can or :cant"
+      raise Bali::DslError, "auth_val can only either be :can or :cannot"
     end
   end
 
@@ -34,7 +37,8 @@ class Bali::Rule
   end
 
   def is_discouragement?
-    self.auth_val == :cant
+    # TODO: in version 3.0 remove :cant
+    self.auth_val == :cannot || self.auth_val == :cant
   end
 
   def has_decider?

data/lib/bali/foundations/{rule_group.rb → rule/rule_group.rb}

@@ -59,7 +59,7 @@ class Bali::RuleGroup
     case auth_val
     when :can, "can"
       rule = self.cans[operation.to_sym]
-    when :cant, "cant"
+    when :cannot, "cannot"
       rule = self.cants[operation.to_sym]
     else
       raise Bali::DslError, "Undefined operation: #{auth_val}"

data/lib/bali/integrators/all_integrators.rb

@@ -0,0 +1,4 @@
+module Bali::Integrators
+end
+
+require_relative "rules_integrator"

data/lib/bali/{foundations/bali_statics.rb → integrators/rules_integrator.rb}

@@ -1,4 +1,4 @@
-module Bali
+module Bali::Integrators::Rule
   extend self
 
   def rule_classes
@@ -18,7 +18,7 @@ module Bali
 
   # attempt to search the rule group, but if not exist, will return nil
   def rule_group_for(target_class, subtarget)
-    rule_class = Bali.rule_class_for(target_class)
+    rule_class = rule_class_for(target_class)
     if rule_class
       rule_group = rule_class.rules_for(subtarget)
       return rule_group
@@ -35,7 +35,7 @@ module Bali
       raise Bali::DslError, "Target must be a class" unless target.is_a?(Class)
 
       # remove any previous association of rule
-      begin 
+      begin
         last_associated_alias = Bali::REVERSE_ALIASED_RULE_CLASS_MAP[target]
         if last_associated_alias
           Bali::ALIASED_RULE_CLASS_MAP.delete(last_associated_alias)

data/lib/bali/objector.rb

@@ -5,19 +5,45 @@ module Bali::Objector
     base.extend Bali::Objector::Statics
   end
 
-  def can?(subtargets, operation) 
+  # check whether user can/cant perform an operation, return true when positive
+  # or false otherwise
+  def can?(subtargets, operation)
     self.class.can?(subtargets, operation, self)
   end
 
+  # check whether user can/cant perform an operation, raise an error when access
+  # is denied
+  def can!(subtargets, operation)
+    self.class.can!(subtargets, operation, self)
+  end
+
+  # check whether user can/cant perform an operation, return true when negative
+  # or false otherwise
+  def cannot?(subtargets, operation)
+    self.class.cannot?(subtargets, operation, self)
+  end
+
+  # check whether user can/cant perform an operation, raise an error when access
+  # is given
+  def cannot!(subtargets, operation)
+    self.class.cannot!(subtargets, operation, self)
+  end
+
   def cant?(subtargets, operation)
-    self.class.cant?(subtargets, operation, self)
+    puts "Deprecation Warning: please use cannot? instead, cant? will be deprecated on major release 3.0"
+    cannot?(subtargets, operation)
+  end
+
+  def cant!(subtargets, operation)
+    puts "Deprecation Warning: please use cannot! instead, cant! will be deprecated on major release 3.0"
+    cannot!(subtargets, operation)
   end
 end
 
 module Bali::Objector::Statics
 
   # will return array
-  def __translate_subtarget_roles__(_subtarget_roles)
+  def bali_translate_subtarget_roles(_subtarget_roles)
     if _subtarget_roles.is_a?(String) || _subtarget_roles.is_a?(Symbol) || _subtarget_roles.is_a?(NilClass)
       return [_subtarget_roles]
     elsif _subtarget_roles.is_a?(Array)
@@ -28,7 +54,7 @@ module Bali::Objector::Statics
 
       _subtarget = _subtarget_roles
       _subtarget_class = _subtarget.class.to_s
-      
+
       # variable to hold deducted role of the passed object
       deducted_roles = nil
 
@@ -51,19 +77,19 @@ module Bali::Objector::Statics
     end # if
   end
 
-  ### options passable to __can__? and __cant__? are:
+  ### options passable to bali_can? and bali_cannot? are:
   ### cross_action: if set to true wouldn't call its counterpart so as to prevent
   ###   overflowing stack
-  ### original_subtarget: the original passed to can? and cant? before 
-  ###   processed by  __translate_subtarget_roles__
+  ### original_subtarget: the original passed to can? and cannot? before
+  ###   processed by bali_translate_subtarget_roles
 
-  def __can__?(subtarget, operation, record = self, options = {})
+  def bali_can?(subtarget, operation, record = self, options = {})
     # if performed on a class-level, don't call its class or it will return
     # Class. That's not what is expected.
     if self.is_a?(Class)
-      rule_group = Bali.rule_group_for(self, subtarget)
+      rule_group = Bali::Integrators::Rule.rule_group_for(self, subtarget)
     else
-      rule_group = Bali.rule_group_for(self.class, subtarget)
+      rule_group = Bali::Integrators::Rule.rule_group_for(self.class, subtarget)
     end
 
     # default of can? is false whenever RuleClass for that class is undefined
@@ -82,20 +108,20 @@ module Bali::Objector::Statics
     if rule_group.zeus?
       if rule.nil?
         # check further whether cant is defined to overwrite this can_all
-        if self.cant?(subtarget, operation, record, cross_check: true)
+        if self.cannot?(subtarget, operation, record, cross_check: true)
           return false
         else
           return true
         end
       end
     end
-    
+
     if rule.nil?
       # default if can? for undefined rule is false, after related clause
-      # cannot be found in cant?
+      # cannot be found in cannot?
       return false if options[:cross_check]
       options[:cross_check] = true
-      return !self.cant?(subtarget, operation, record, options)
+      return !self.cannot?(subtarget, operation, record, options)
     else
       if rule.has_decider?
         # must test first
@@ -105,43 +131,43 @@ module Bali::Objector::Statics
         when 0
           if rule.decider_type == :if
             if decider.()
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.()
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         when 1
           if rule.decider_type == :if
             if decider.(record)
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.(record)
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         when 2
           if rule.decider_type == :if
             if decider.(record, original_subtarget)
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.(record, original_subtarget)
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         end
@@ -152,18 +178,18 @@ module Bali::Objector::Statics
     end
   end
 
-  def __cant__?(subtarget, operation, record = self, options = {})
+  def bali_cannot?(subtarget, operation, record = self, options = {})
     if self.is_a?(Class)
-      rule_group = Bali.rule_group_for(self, subtarget)
+      rule_group = Bali::Integrators::Rule.rule_group_for(self, subtarget)
     else
-      rule_group = Bali.rule_group_for(self.class, subtarget)
+      rule_group = Bali::Integrators::Rule.rule_group_for(self.class, subtarget)
     end
 
-    # default of cant? is true whenever RuleClass for that class is undefined
+    # default of cannot? is true whenever RuleClass for that class is undefined
     # or RuleGroup for that subtarget is not defined
     return true if rule_group.nil?
 
-    rule = rule_group.get_rule(:cant, operation)
+    rule = rule_group.get_rule(:cannot, operation)
 
     # godly subtarget is not to be prohibited in his endeavours
     # so long that no specific rule about this operation is defined
@@ -183,7 +209,7 @@ module Bali::Objector::Statics
       end
     end
 
-    # if rule cannot be found, then true is returned for cant? unless 
+    # if rule cannot be found, then true is returned for cannot? unless
     # can? is defined exactly for the same target, and subtarget, and record (if given)
     if rule.nil?
       return true if options[:cross_check]
@@ -197,43 +223,43 @@ module Bali::Objector::Statics
         when 0
           if rule.decider_type == :if
             if decider.()
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.()
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         when 1
           if rule.decider_type == :if
             if decider.(record)
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.(record)
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         when 2
           if rule.decider_type == :if
             if decider.(record, original_subtarget)
-              return true 
-            else 
+              return true
+            else
               return false
             end
           elsif rule.decider_type == :unless
             unless decider.(record, original_subtarget)
-              return true 
-            else 
-              return false 
+              return true
+            else
+              return false
             end
           end
         end
@@ -244,29 +270,99 @@ module Bali::Objector::Statics
   end
 
   def can?(subtarget_roles, operation, record = self, options = {})
-    subs = __translate_subtarget_roles__(subtarget_roles)
+    subs = bali_translate_subtarget_roles(subtarget_roles)
     # well, it is largely not used unless decider's is 2 arity
     options[:original_subtarget] = options[:original_subtarget].nil? ? subtarget_roles : options[:original_subtarget]
 
+    can_value = false
+    role = nil
+
     subs.each do |subtarget|
-      can_value = __can__?(subtarget, operation, record, options)
-      return true if can_value == true
+      next if can_value
+      role = subtarget
+      can_value = bali_can?(role, operation, record, options)
     end
-    false
+
+    yield options[:original_subtarget], role, can_value if can_value == false && block_given?
+    can_value
   rescue => e
-    raise Bali::ObjectionError, e.message
+    if e.is_a?(Bali::AuthorizationError)
+      raise e
+    else
+      raise Bali::ObjectionError, e.message
+    end
   end
 
   def cant?(subtarget_roles, operation, record = self, options = {})
-    subs = __translate_subtarget_roles__ subtarget_roles
+    puts "Deprecation Warning: please use cannot? instead, cant? will be deprecated on major release 3.0"
+    cannot?(subtarget_roles, operation, record, options)
+  end
+
+  def cannot?(subtarget_roles, operation, record = self, options = {})
+    subs = bali_translate_subtarget_roles subtarget_roles
     options[:original_subtarget] = options[:original_subtarget].nil? ? subtarget_roles : options[:original_subtarget]
 
     subs.each do |subtarget|
-      cant_value = __cant__?(subtarget, operation, record, options)
-      return false if cant_value == false
+      cant_value = bali_cannot?(subtarget, operation, record, options)
+      if cant_value == false
+        role = subtarget
+        if block_given?
+          yield options[:original_subtarget], role, false
+        else
+          return false
+        end
+      end
     end
+
     true
-  rescue => e 
-    raise Bali::ObjectionError, e.message
+  rescue => e
+    if e.is_a?(Bali::AuthorizationError)
+      raise e
+    else
+      raise Bali::ObjectionError, e.message
+    end
+  end
+
+  def can!(subtarget_roles, operation, record = self, options = {})
+    can?(subtarget_roles, operation, record, options) do |original_subtarget, role, can_value|
+      if !can_value
+        auth_error = Bali::AuthorizationError.new
+        auth_error.auth_level = :can
+        auth_error.operation = operation
+        auth_error.role = role
+        auth_error.target = record
+        auth_error.subtarget = original_subtarget
+
+        if role
+          auth_error.subtarget = original_subtarget if !(original_subtarget.is_a?(Symbol) || original_subtarget.is_a?(String) || original_subtarget.is_a?(Array))
+        end
+
+        raise auth_error
+      end
+    end
+  end
+
+  def cant!(subtarget_roles, operation, record = self, options = {})
+    puts "Deprecation Warning: please use cannot! instead, cant! will be deprecated on major release 3.0"
+    cannot!(subtarget_roles, operation, record, options)
+  end
+
+  def cannot!(subtarget_roles, operation, record = self, options = {})
+    cannot?(subtarget_roles, operation, record, options) do |original_subtarget, role, cant_value|
+      if cant_value == false
+        auth_error = Bali::AuthorizationError.new
+        auth_error.auth_level = :cannot
+        auth_error.operation = operation
+        auth_error.role = role
+        auth_error.target = record
+        auth_error.subtarget = original_subtarget
+
+        if role
+          auth_error.subtarget = original_subtarget if !(original_subtarget.is_a?(Symbol) || original_subtarget.is_a?(String) || original_subtarget.is_a?(Array))
+        end
+
+        raise auth_error
+      end
+    end
   end
 end

data/lib/bali/version.rb

@@ -1,3 +1,3 @@
 module Bali
-  VERSION = "1.2.0"
+  VERSION = "2.0.0rc1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bali
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 2.0.0rc1
 platform: ruby
 authors:
 - Adam Pahlevi
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-08-25 00:00:00.000000000 Z
+date: 2015-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -75,13 +75,16 @@ files:
 - lib/bali.rb
 - lib/bali/dsl/map_rules_dsl.rb
 - lib/bali/dsl/rules_for_dsl.rb
-- lib/bali/exceptions/bali_error.rb
-- lib/bali/exceptions/dsl_error.rb
-- lib/bali/exceptions/objection_error.rb
-- lib/bali/foundations/bali_statics.rb
-- lib/bali/foundations/rule.rb
-- lib/bali/foundations/rule_class.rb
-- lib/bali/foundations/rule_group.rb
+- lib/bali/foundations/all_foundations.rb
+- lib/bali/foundations/exceptions/authorization_error.rb
+- lib/bali/foundations/exceptions/bali_error.rb
+- lib/bali/foundations/exceptions/dsl_error.rb
+- lib/bali/foundations/exceptions/objection_error.rb
+- lib/bali/foundations/rule/rule.rb
+- lib/bali/foundations/rule/rule_class.rb
+- lib/bali/foundations/rule/rule_group.rb
+- lib/bali/integrators/all_integrators.rb
+- lib/bali/integrators/rules_integrator.rb
 - lib/bali/objector.rb
 - lib/bali/version.rb
 homepage: https://github.com/saveav/bali
@@ -99,9 +102,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.5