RubyGems - bali - Versions diffs - 1.1.0rc1 → 1.1.0rc2 - Mend

bali 1.1.0rc1 → 1.1.0rc2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +55 -14
data/lib/bali/dsl/map_rules_dsl.rb +4 -0
data/lib/bali/dsl/rules_for_dsl.rb +53 -28
data/lib/bali/foundations/rule_group.rb +2 -0
data/lib/bali/objector.rb +32 -7
data/lib/bali/version.rb +1 -1
metadata +2 -16

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 340aadebc55874ca95a0b864e0117d2d93e798c3
-  data.tar.gz: 7019bbc158e229ff267012ae472e6969fa03f5ef
+  metadata.gz: fd5c0fb2638885502b2fdb39ecaba159b90dac24
+  data.tar.gz: 2d6308b4df6d3d363bed7d2ce4b72ec9b7368e57
 SHA512:
-  metadata.gz: 0a88ac2145d2c73d087b286e3046b30a839b50bb5564b2747b4a60822a571db72b5fe8de53d4eb7b97debb1f93b40a5220b2d4471bd6b696649d9440b112f879
-  data.tar.gz: 6be3dcc843c90c4c08e07303d863c7ae43550951980b1e28b86994c8432f26a1420011cd3efdccb494077cdac473360ba0654ca3bebe2e69c0e5340ab1581f42
+  metadata.gz: 5f675d90ac77a7558ce6cb545a3dbf3aa5c05bf6856df44b50331b34ed3c786200453efa371c13ac13b3b3eaef7d38a9b1d3d8ee05cfadb473246a0982e9224e
+  data.tar.gz: 33919e7f7c83e50aee8afb59704bef97f902d257099f3af799a947ab955353b4144f7df3243623dee88d9d3f37ba298216b65313ae1638ad5a6a513f7649fc78

data/README.md CHANGED

@@ -24,9 +24,9 @@ And then execute:
 ## Usage
-### First things first: defining rules
+### Defining access rules
-Rule in Bali is the law determining whether a user (called `subtarget`) can do or perform specific operation on a target (which is your resource/model).
+Rule in Bali is the law determining whether a user (called `subtarget`) can do or perform a specific operation on a target (which is your resource/model).
 ```ruby
   Bali.map_rules do
@@ -53,7 +53,20 @@ Rule in Bali is the law determining whether a user (called `subtarget`) can do o
 You may or may not assign an alias name (`as`). Make sure to keep it unique had you decided to give alias name to your rules group.
-### Can and Cannot testing
+It is also possible for a rule to be defined for multiple subtarget at once:
+```ruby
+  Bali.map_rules do
+    rules_for My::Transaction do
+      # rules described bellow will affect both :general_user and :finance_user
+      describe :general_user, :finance_user do
+        can :update, :edit
+      end
+    end
+  end
+```
+### Can and Cant? testing
 Say:
@@ -105,30 +118,54 @@ My::Employee.can?(:undefined_subtarget, :new)  # => false, rule class for this i
 As we have never define the `rules_for` My::Employee before, any attempt to `can?` for `My::Employee` will return `false`, so does any attempt to object `cant?` on which will only return `true` for any given subtarget and operation.
+### Can and Cant testing with multiple-roles subtarget
+A subtarget may have multiple roles. For eg., a user may have a role of `finance_user` and `general_user`. A general user normally by itself cannot `delete`, or `cancel`; but a `finance_user` does can, so long the condition is met. But, if a subtarget has role of both `finance_user` and `general_user`, he/she can perform `delete` or `cancel` (so far that the condition is met.)
+Thus, if we have:
+```ruby
+  txn = My::Transaction.new
+  txn.process_transaction(from_user_input)
+  # delete or cancel can only happen when a transaction is settled
+  # as per rule definition
+  txn.is_settled = true
+  txn.save
+  subtarget = User.new
+  subtarget.roles = [:finance_user, :general_user]
+  txn.can?(subtarget.roles, :delete)       # => true
+  txn.cant?(subtarget.roles, :delete)      # => false
+  txn.can?(:general_user, :delete)         # => false
+```
+That is, we can check `can?` and `cant?` with multiple roles by passing array of roles to it.
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/saveav/bali. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
 ## License
 Bali is proudly available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
-### Changelog
+## Changelog
-#### Version 1.0.0beta1
+### Version 1.0.0beta1
 1. Initial version
-#### Version 1.0.0rc1
+### Version 1.0.0rc1
 1. Fix bug where user can't check on class
 2. Adding new clause: cant_all
-#### Version 1.0.0rc2
+### Version 1.0.0rc2
 1. [Fix bug when class's name, as a constant, is reloaded](http://stackoverflow.com/questions/2509350/rails-class-object-id-changes-after-i-make-a-request) (re-allocated to different address in the memory)
 2. Allow describing rule for `nil`, useful if user is not authenticated thus role is probably `nil`
 3. Remove pry from development dependency
-#### Version 1.0.0rc3
+### Version 1.0.0rc3
 1. Each target class should includes `Bali::Objector`, for the following reasons:
    - Makes it clear that class do want to include the Bali::Objector
    - Transparant, and thus less confusing as to where "can?" and "cant" come from
@@ -136,11 +173,15 @@ Bali is proudly available as open source under the terms of the [MIT License](ht
 2. Return `true` to any `can?` for undefined target/subtarget alike
 3. Return `false` to any `cant?` for undefined target/subtarget alike
-#### Version 1.0.0
+### Version 1.0.0
 1. Released the stable version of this gem
-#### Version 1.1.0rc1
-1. Ability for rule class to be parsed later by parsing later: true to rule class definition
-2. Add `Bali.parse` and `Bali.parse!` (Bali.parse! executes "later"-tagged rule class, Bali.parse executes automatically after all rules are defined)
+### Version 1.1.0rc1
+1. Ability for rule class to be parsed later by passing `later: true` to rule class definition
+2. Add `Bali.parse` and `Bali.parse!` (`Bali.parse!` executes "later"-tagged rule class, Bali.parse executes automatically after all rules are defined)
 3. Added more thorough testing specs
-4. Proc can be served under `unless` for defining the rule's decider
+4. Proc can be served under `unless` for defining the rule's decider
+### Version 1.1.0rc2
+1. Ability to check `can?` and `cant?` for subtarget with multiple roles
+2. Describe multiple rules at once for multiple subtarget

data/lib/bali/dsl/map_rules_dsl.rb CHANGED

@@ -17,4 +17,8 @@ class Bali::MapRulesDsl
       Bali.add_rule_class(self.current_rule_class)
     end
   end
+  def describe(*params)
+    raise Bali::DslError, "describe block must be within rules_for block"
+  end
 end

data/lib/bali/dsl/rules_for_dsl.rb CHANGED

@@ -9,38 +9,63 @@ class Bali::RulesForDsl
     self.map_rules_dsl = map_rules_dsl
   end
-  def describe(subtarget, rules = {})
+  def current_rule_class
+    self.map_rules_dsl.current_rule_class
+  end
+  def describe(*params)
+    subtargets = []
+    rules = {}
+    params.each do |passed_argument|
+      if passed_argument.is_a?(Symbol) || passed_argument.is_a?(String)
+        subtargets << passed_argument
+      elsif passed_argument.is_a?(NilClass)
+        subtargets << passed_argument
+      elsif passed_argument.is_a?(Array)
+        subtargets += passed_argument
+      elsif passed_argument.is_a?(Hash)
+        rules = passed_argument
+      else
+        raise Bali::DslError, "Allowed argument: symbol, string, nil and hash"
+      end
+    end
     target_class = self.map_rules_dsl.current_rule_class.target_class
     target_alias = self.map_rules_dsl.current_rule_class.alias_name
-    @@lock.synchronize do
-      rule_group = Bali::RuleGroup.new(target_class, target_alias, subtarget)
-      self.current_rule_group = rule_group
-      if block_given?
-        the_object = Object.new
-        # the_object would be the record, or the object of class as specified
-        # in rules_for
-        yield the_object
-      else
-        # auth_val is either can or cant
-        rules.each do |auth_val, operations|
-          if operations.is_a?(Array)
-            operations.each do |op|
-              rule = Bali::Rule.new(auth_val, op)
-              rule_group.add_rule(rule)
+    subtargets.each do |subtarget|
+      @@lock.synchronize do
+        rule_group = self.current_rule_class.rules_for(subtarget)
+        if rule_group.nil?
+          rule_group = Bali::RuleGroup.new(target_class, target_alias, subtarget)
+        end
+        self.current_rule_group = rule_group
+        if block_given?
+          yield
+        else
+          # auth_val is either can or cant
+          rules.each do |auth_val, operations|
+            if operations.is_a?(Array)
+              operations.each do |op|
+                rule = Bali::Rule.new(auth_val, op)
+                self.current_rule_group.add_rule(rule)
+              end
+            else
+              operation = operations # well, basically is 1 only
+              rule = Bali::Rule.new(auth_val, operation)
+              self.current_rule_group.add_rule(rule)
             end
-          else
-            operation = operations # well, basically is 1 only
-            rule = Bali::Rule.new(auth_val, operation)
-            rule_group.add_rule(rule)
-          end
-        end # each rules
-      end # block_given?
-      # add current_rule_group
-      self.map_rules_dsl.current_rule_class.add_rule_group(rule_group)
-    end # mutex synchronize
+          end # each rules
+        end # block_given?
+        # add current_rule_group
+        self.map_rules_dsl.current_rule_class.add_rule_group(self.current_rule_group)
+      end # mutex synchronize
+    end # each subtarget
   end # describe
   # to define can and cant is basically using this method

data/lib/bali/foundations/rule_group.rb CHANGED

@@ -38,6 +38,8 @@ class Bali::RuleGroup
   end
   def add_rule(rule)
+    raise Bali::DslError, "Rule must be of class Bali::Rule" unless rule.is_a?(Bali::Rule)
     # operation cannot be defined twice
     operation = rule.operation.to_sym

data/lib/bali/objector.rb CHANGED

@@ -5,17 +5,23 @@ module Bali::Objector
     base.extend Bali::Objector::Statics
   end
-  def can?(subtarget, operation)
-    self.class.can?(subtarget, operation, self)
+  def can?(subtargets, operation)
+    self.class.can?(subtargets, operation, self)
   end
-  def cant?(subtarget, operation)
-    self.class.cant?(subtarget, operation, self)
+  def cant?(subtargets, operation)
+    self.class.cant?(subtargets, operation, self)
   end
 end
 module Bali::Objector::Statics
-  def can?(subtarget, operation, record = self, options = {})
+  ### options passable to __can__? and __cant__? are:
+  ### cross_action: if set to true wouldn't call its counterpart so as to prevent
+  ###   overflowing stack
+  ###
+  def __can__?(subtarget, operation, record = self, options = {})
     # if performed on a class-level, don't call its class or it will return
     # Class. That's not what is expected.
     if self.is_a?(Class)
@@ -67,10 +73,9 @@ module Bali::Objector::Statics
         return true
       end
     end
   end
-  def cant?(subtarget, operation, record = self, options = {})
+  def __cant__?(subtarget, operation, record = self, options = {})
     if self.is_a?(Class)
       rule_group = Bali.rule_group_for(self, subtarget)
     else
@@ -119,4 +124,24 @@ module Bali::Objector::Statics
       end # if rule has decider
     end # if rule is nil
   end
+  def can?(subtargets, operation, record = self, options = {})
+    subs = (subtargets.is_a?(Array)) ? subtargets : [subtargets]
+    subs.each do |subtarget|
+      can_value = __can__?(subtarget, operation, record, options)
+      return true if can_value == true
+    end
+    false
+  end
+  def cant?(subtargets, operation, record = self, options = {})
+    subs = (subtargets.is_a?(Array)) ? subtargets : [subtargets]
+    subs.each do |subtarget|
+      cant_value = __cant__?(subtarget, operation, record, options)
+      return false if cant_value == false
+    end
+    true
+  end
 end

data/lib/bali/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Bali
-  VERSION = "1.1.0rc1"
+  VERSION = "1.1.0rc2"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bali
 version: !ruby/object:Gem::Version
-  version: 1.1.0rc1
+  version: 1.1.0rc2
 platform: ruby
 authors:
 - Adam Pahlevi
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2015-08-22 00:00:00.000000000 Z
+date: 2015-08-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,20 +52,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.3'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: "Bali (Bulwark Authorization Library) is a universal authorization library,
   in the sense that \n                          it does not assume you to use specific
   Ruby library/gem/framework."