bali 1.1.0rc1 → 1.1.0rc2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 340aadebc55874ca95a0b864e0117d2d93e798c3
-  data.tar.gz: 7019bbc158e229ff267012ae472e6969fa03f5ef
+  metadata.gz: fd5c0fb2638885502b2fdb39ecaba159b90dac24
+  data.tar.gz: 2d6308b4df6d3d363bed7d2ce4b72ec9b7368e57
 SHA512:
-  metadata.gz: 0a88ac2145d2c73d087b286e3046b30a839b50bb5564b2747b4a60822a571db72b5fe8de53d4eb7b97debb1f93b40a5220b2d4471bd6b696649d9440b112f879
-  data.tar.gz: 6be3dcc843c90c4c08e07303d863c7ae43550951980b1e28b86994c8432f26a1420011cd3efdccb494077cdac473360ba0654ca3bebe2e69c0e5340ab1581f42
+  metadata.gz: 5f675d90ac77a7558ce6cb545a3dbf3aa5c05bf6856df44b50331b34ed3c786200453efa371c13ac13b3b3eaef7d38a9b1d3d8ee05cfadb473246a0982e9224e
+  data.tar.gz: 33919e7f7c83e50aee8afb59704bef97f902d257099f3af799a947ab955353b4144f7df3243623dee88d9d3f37ba298216b65313ae1638ad5a6a513f7649fc78

data/README.md

@@ -24,9 +24,9 @@ And then execute:
 
 ## Usage
 
-### First things first: defining rules
+### Defining access rules
 
-Rule in Bali is the law determining whether a user (called `subtarget`) can do or perform specific operation on a target (which is your resource/model).
+Rule in Bali is the law determining whether a user (called `subtarget`) can do or perform a specific operation on a target (which is your resource/model).
 
 ```ruby
   Bali.map_rules do
@@ -53,7 +53,20 @@ Rule in Bali is the law determining whether a user (called `subtarget`) can do o
 
 You may or may not assign an alias name (`as`). Make sure to keep it unique had you decided to give alias name to your rules group.
 
-### Can and Cannot testing
+It is also possible for a rule to be defined for multiple subtarget at once:
+
+```ruby
+  Bali.map_rules do
+    rules_for My::Transaction do
+      # rules described bellow will affect both :general_user and :finance_user
+      describe :general_user, :finance_user do
+        can :update, :edit
+      end
+    end
+  end
+```
+
+### Can and Cant? testing
 
 Say:
 
@@ -105,30 +118,54 @@ My::Employee.can?(:undefined_subtarget, :new)  # => false, rule class for this i
 
 As we have never define the `rules_for` My::Employee before, any attempt to `can?` for `My::Employee` will return `false`, so does any attempt to object `cant?` on which will only return `true` for any given subtarget and operation.
 
+### Can and Cant testing with multiple-roles subtarget
+
+A subtarget may have multiple roles. For eg., a user may have a role of `finance_user` and `general_user`. A general user normally by itself cannot `delete`, or `cancel`; but a `finance_user` does can, so long the condition is met. But, if a subtarget has role of both `finance_user` and `general_user`, he/she can perform `delete` or `cancel` (so far that the condition is met.)
+
+Thus, if we have:
+
+```ruby
+  txn = My::Transaction.new
+  txn.process_transaction(from_user_input)
+
+  # delete or cancel can only happen when a transaction is settled
+  # as per rule definition
+  txn.is_settled = true
+  txn.save
+
+  subtarget = User.new
+  subtarget.roles = [:finance_user, :general_user]
+
+  txn.can?(subtarget.roles, :delete)       # => true
+  txn.cant?(subtarget.roles, :delete)      # => false
+  txn.can?(:general_user, :delete)         # => false
+```
+
+That is, we can check `can?` and `cant?` with multiple roles by passing array of roles to it.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/saveav/bali. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
 
-
 ## License
 
 Bali is proudly available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
 
-### Changelog
+## Changelog
 
-#### Version 1.0.0beta1
+### Version 1.0.0beta1
 1. Initial version
 
-#### Version 1.0.0rc1
+### Version 1.0.0rc1
 1. Fix bug where user can't check on class
 2. Adding new clause: cant_all
 
-#### Version 1.0.0rc2
+### Version 1.0.0rc2
 1. [Fix bug when class's name, as a constant, is reloaded](http://stackoverflow.com/questions/2509350/rails-class-object-id-changes-after-i-make-a-request) (re-allocated to different address in the memory)
 2. Allow describing rule for `nil`, useful if user is not authenticated thus role is probably `nil`
 3. Remove pry from development dependency
 
-#### Version 1.0.0rc3
+### Version 1.0.0rc3
 1. Each target class should includes `Bali::Objector`, for the following reasons:
    - Makes it clear that class do want to include the Bali::Objector
    - Transparant, and thus less confusing as to where "can?" and "cant" come from
@@ -136,11 +173,15 @@ Bali is proudly available as open source under the terms of the [MIT License](ht
 2. Return `true` to any `can?` for undefined target/subtarget alike
 3. Return `false` to any `cant?` for undefined target/subtarget alike
 
-#### Version 1.0.0
+### Version 1.0.0
 1. Released the stable version of this gem
 
-#### Version 1.1.0rc1
-1. Ability for rule class to be parsed later by parsing later: true to rule class definition
-2. Add `Bali.parse` and `Bali.parse!` (Bali.parse! executes "later"-tagged rule class, Bali.parse executes automatically after all rules are defined)
+### Version 1.1.0rc1
+1. Ability for rule class to be parsed later by passing `later: true` to rule class definition
+2. Add `Bali.parse` and `Bali.parse!` (`Bali.parse!` executes "later"-tagged rule class, Bali.parse executes automatically after all rules are defined)
 3. Added more thorough testing specs
-4. Proc can be served under `unless` for defining the rule's decider
+4. Proc can be served under `unless` for defining the rule's decider
+
+### Version 1.1.0rc2
+1. Ability to check `can?` and `cant?` for subtarget with multiple roles
+2. Describe multiple rules at once for multiple subtarget

data/lib/bali/dsl/map_rules_dsl.rb

@@ -17,4 +17,8 @@ class Bali::MapRulesDsl
       Bali.add_rule_class(self.current_rule_class)
     end
   end
+
+  def describe(*params)
+    raise Bali::DslError, "describe block must be within rules_for block"
+  end
 end

data/lib/bali/dsl/rules_for_dsl.rb

@@ -9,38 +9,63 @@ class Bali::RulesForDsl
     self.map_rules_dsl = map_rules_dsl
   end
 
-  def describe(subtarget, rules = {})
+  def current_rule_class
+    self.map_rules_dsl.current_rule_class
+  end
+
+  def describe(*params)
+
+    subtargets = []
+    rules = {}
+
+    params.each do |passed_argument|
+      if passed_argument.is_a?(Symbol) || passed_argument.is_a?(String)
+        subtargets << passed_argument
+      elsif passed_argument.is_a?(NilClass)
+        subtargets << passed_argument
+      elsif passed_argument.is_a?(Array)
+        subtargets += passed_argument
+      elsif passed_argument.is_a?(Hash)
+        rules = passed_argument
+      else 
+        raise Bali::DslError, "Allowed argument: symbol, string, nil and hash"
+      end
+    end
+
     target_class = self.map_rules_dsl.current_rule_class.target_class
     target_alias = self.map_rules_dsl.current_rule_class.alias_name
 
-    @@lock.synchronize do
-      rule_group = Bali::RuleGroup.new(target_class, target_alias, subtarget)
-      self.current_rule_group = rule_group
-
-      if block_given?
-        the_object = Object.new
-        # the_object would be the record, or the object of class as specified
-        # in rules_for
-        yield the_object
-      else
-        # auth_val is either can or cant
-        rules.each do |auth_val, operations|
-          if operations.is_a?(Array)
-            operations.each do |op|
-              rule = Bali::Rule.new(auth_val, op)
-              rule_group.add_rule(rule)
+    subtargets.each do |subtarget|
+      @@lock.synchronize do
+        rule_group = self.current_rule_class.rules_for(subtarget)
+        if rule_group.nil?
+          rule_group = Bali::RuleGroup.new(target_class, target_alias, subtarget)
+        end
+
+        self.current_rule_group = rule_group
+
+        if block_given?
+          yield
+        else
+          # auth_val is either can or cant
+          rules.each do |auth_val, operations|
+            if operations.is_a?(Array)
+              operations.each do |op|
+                rule = Bali::Rule.new(auth_val, op)
+                self.current_rule_group.add_rule(rule)
+              end
+            else
+              operation = operations # well, basically is 1 only
+              rule = Bali::Rule.new(auth_val, operation) 
+              self.current_rule_group.add_rule(rule)
             end
-          else
-            operation = operations # well, basically is 1 only
-            rule = Bali::Rule.new(auth_val, operation) 
-            rule_group.add_rule(rule)
-          end
-        end # each rules
-      end # block_given?
-
-      # add current_rule_group
-      self.map_rules_dsl.current_rule_class.add_rule_group(rule_group)
-    end # mutex synchronize
+          end # each rules
+        end # block_given?
+
+        # add current_rule_group
+        self.map_rules_dsl.current_rule_class.add_rule_group(self.current_rule_group)
+      end # mutex synchronize
+    end # each subtarget
   end # describe
 
   # to define can and cant is basically using this method

data/lib/bali/foundations/rule_group.rb

@@ -38,6 +38,8 @@ class Bali::RuleGroup
   end
 
   def add_rule(rule)
+    raise Bali::DslError, "Rule must be of class Bali::Rule" unless rule.is_a?(Bali::Rule)
+
     # operation cannot be defined twice
     operation = rule.operation.to_sym
 

data/lib/bali/objector.rb

@@ -5,17 +5,23 @@ module Bali::Objector
     base.extend Bali::Objector::Statics
   end
 
-  def can?(subtarget, operation) 
-    self.class.can?(subtarget, operation, self)
+  def can?(subtargets, operation) 
+    self.class.can?(subtargets, operation, self)
   end
 
-  def cant?(subtarget, operation)
-    self.class.cant?(subtarget, operation, self)
+  def cant?(subtargets, operation)
+    self.class.cant?(subtargets, operation, self)
   end
 end
 
 module Bali::Objector::Statics
-  def can?(subtarget, operation, record = self, options = {})
+
+  ### options passable to __can__? and __cant__? are:
+  ### cross_action: if set to true wouldn't call its counterpart so as to prevent
+  ###   overflowing stack
+  ###
+
+  def __can__?(subtarget, operation, record = self, options = {})
     # if performed on a class-level, don't call its class or it will return
     # Class. That's not what is expected.
     if self.is_a?(Class)
@@ -67,10 +73,9 @@ module Bali::Objector::Statics
         return true
       end
     end
-
   end
 
-  def cant?(subtarget, operation, record = self, options = {})
+  def __cant__?(subtarget, operation, record = self, options = {})
     if self.is_a?(Class)
       rule_group = Bali.rule_group_for(self, subtarget)
     else
@@ -119,4 +124,24 @@ module Bali::Objector::Statics
       end # if rule has decider
     end # if rule is nil
   end
+
+  def can?(subtargets, operation, record = self, options = {})
+    subs = (subtargets.is_a?(Array)) ? subtargets : [subtargets]
+
+    subs.each do |subtarget|
+      can_value = __can__?(subtarget, operation, record, options)
+      return true if can_value == true
+    end
+    false
+  end
+
+  def cant?(subtargets, operation, record = self, options = {})
+    subs = (subtargets.is_a?(Array)) ? subtargets : [subtargets]
+
+    subs.each do |subtarget|
+      cant_value = __cant__?(subtarget, operation, record, options)
+      return false if cant_value == false
+    end
+    true
+  end
 end

data/lib/bali/version.rb

@@ -1,3 +1,3 @@
 module Bali
-  VERSION = "1.1.0rc1"
+  VERSION = "1.1.0rc2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bali
 version: !ruby/object:Gem::Version
-  version: 1.1.0rc1
+  version: 1.1.0rc2
 platform: ruby
 authors:
 - Adam Pahlevi
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-08-22 00:00:00.000000000 Z
+date: 2015-08-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,20 +52,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.3'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: "Bali (Bulwark Authorization Library) is a universal authorization library,
   in the sense that \n                          it does not assume you to use specific
   Ruby library/gem/framework."