bali 6.0.0rc2 → 6.0.0rc3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/.travis.yml +44 -2
- data/gemfiles/Gemfile-rails.5.0.x +7 -0
- data/gemfiles/Gemfile-rails.5.1.x +6 -0
- data/gemfiles/Gemfile-rails.5.2.x +6 -0
- data/gemfiles/Gemfile-rails.6.0.x +5 -0
- data/gemfiles/Gemfile-rails.edge +14 -0
- data/lib/bali.rb +9 -0
- data/lib/bali/judge.rb +10 -22
- data/lib/bali/printer.rb +23 -3
- data/lib/bali/rails/action_controller.rb +6 -0
- data/lib/bali/rails/action_view.rb +1 -0
- data/lib/bali/rails/active_record.rb +0 -2
- data/lib/bali/role.rb +39 -9
- data/lib/bali/rspec/able_to_matcher.rb +39 -0
- data/lib/bali/ruler.rb +15 -3
- data/lib/bali/rules.rb +23 -46
- data/lib/bali/statics/authorizer.rb +56 -4
- data/lib/bali/statics/scope_ruler.rb +39 -0
- data/lib/bali/tasks/bali/print_rules.rake +1 -1
- data/lib/bali/version.rb +1 -1
- metadata +28 -8
- data/lib/bali/authorizer.rb +0 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0e9334cb26b9dabfd0fea90717a16aa2963086c7b15c25bb1119df0da7b52fc6
|
4
|
+
data.tar.gz: e909e2291baeade6fb075d8280d1f3e82bbeb7254bcff845b4242667d7b4c8a0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2bab74fcaeb2feca9d4062c939f7c56e41f21becf949e2ce0065c704463d1b07af034bb058c602ef0d2e9c365074b03b171c50ca35297d863a8da71445164c55
|
7
|
+
data.tar.gz: db8d79a694289e8c59f25c8008ac0c9230b46d40bdea30b6cf15477fa66cf8394f07f8d442fc35c154a31a78b4a7725dda12f6ef67aacfa88dc777306364783a
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
@@ -1,4 +1,46 @@
|
|
1
1
|
language: ruby
|
2
|
+
|
3
|
+
env:
|
4
|
+
global:
|
5
|
+
- CC_TEST_REPORTER_ID=76cedf4d3aa437009b269ff68b901102ca24baeb46245eb94fca42e21bba20a7
|
6
|
+
|
2
7
|
rvm:
|
3
|
-
|
4
|
-
|
8
|
+
- 2.6.5
|
9
|
+
|
10
|
+
before_install:
|
11
|
+
- curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
|
12
|
+
- chmod +x ./cc-test-reporter
|
13
|
+
- ./cc-test-reporter before-build
|
14
|
+
- sudo apt update -qq
|
15
|
+
- gem i bundler -v '<2'
|
16
|
+
|
17
|
+
cache: bundler
|
18
|
+
|
19
|
+
script:
|
20
|
+
- bundle exec rspec
|
21
|
+
|
22
|
+
after_script:
|
23
|
+
- ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
|
24
|
+
|
25
|
+
matrix:
|
26
|
+
include:
|
27
|
+
- rvm: 2.7.0
|
28
|
+
gemfile: gemfiles/Gemfile-rails.6.0.x
|
29
|
+
- rvm: 2.6.3
|
30
|
+
gemfile: gemfiles/Gemfile-rails.6.0.x
|
31
|
+
- rvm: 2.6.3
|
32
|
+
gemfile: gemfiles/Gemfile-rails.5.2.x
|
33
|
+
- rvm: 2.4.4
|
34
|
+
gemfile: gemfiles/Gemfile-rails.5.2.x
|
35
|
+
- rvm: 2.6.3
|
36
|
+
gemfile: gemfiles/Gemfile-rails.5.1.x
|
37
|
+
- rvm: 2.6.3
|
38
|
+
gemfile: gemfiles/Gemfile-rails.5.0.x
|
39
|
+
- rvm: 2.4.4
|
40
|
+
gemfile: gemfiles/Gemfile-rails.5.0.x
|
41
|
+
- rvm: ruby-head
|
42
|
+
gemfile: gemfiles/Gemfile-rails.edge
|
43
|
+
|
44
|
+
allow_failures:
|
45
|
+
- rvm: ruby-head
|
46
|
+
- gemfile: gemfiles/Gemfile-rails.edge
|
@@ -0,0 +1,14 @@
|
|
1
|
+
source 'https://rubygems.org'
|
2
|
+
|
3
|
+
gemspec path: '..'
|
4
|
+
|
5
|
+
git_source(:github) do |repo_name|
|
6
|
+
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
|
7
|
+
"https://github.com/#{repo_name}.git"
|
8
|
+
end
|
9
|
+
|
10
|
+
github 'rails/rails' do
|
11
|
+
gem 'rails'
|
12
|
+
end
|
13
|
+
|
14
|
+
gem 'rspec-rails', '~> 4.0'
|
data/lib/bali.rb
CHANGED
@@ -11,6 +11,7 @@ require "zeitwerk"
|
|
11
11
|
loader = Zeitwerk::Loader.for_gem
|
12
12
|
loader.ignore("#{__dir__}/generators")
|
13
13
|
loader.ignore("#{__dir__}/bali/rails")
|
14
|
+
loader.ignore("#{__dir__}/bali/rspec")
|
14
15
|
loader.setup
|
15
16
|
|
16
17
|
module Bali
|
@@ -30,6 +31,14 @@ module Bali
|
|
30
31
|
require "bali/rails/action_view"
|
31
32
|
require "bali/rails/active_record"
|
32
33
|
end
|
34
|
+
|
35
|
+
if defined? RSpec
|
36
|
+
begin
|
37
|
+
require "rspec/matchers"
|
38
|
+
require "bali/rspec/able_to_matcher"
|
39
|
+
rescue LoadError => e
|
40
|
+
end
|
41
|
+
end
|
33
42
|
end
|
34
43
|
|
35
44
|
loader.eager_load
|
data/lib/bali/judge.rb
CHANGED
@@ -79,10 +79,6 @@ class Bali::Judge
|
|
79
79
|
def judgement
|
80
80
|
judgement = natural_value if no_rule_group?
|
81
81
|
|
82
|
-
if judgement.nil? && rule.nil? && may_have_reservation?
|
83
|
-
judgement = cross_check_reverse_value(cross_check_judge.judgement)
|
84
|
-
end
|
85
|
-
|
86
82
|
if judgement.nil? && rule.nil?
|
87
83
|
cross_check_value = nil
|
88
84
|
# default if can? for undefined rule is false, after related clause
|
@@ -99,7 +95,7 @@ class Bali::Judge
|
|
99
95
|
# give chance to check at others block
|
100
96
|
@rule = otherly_rule
|
101
97
|
else
|
102
|
-
judgement =
|
98
|
+
judgement = reverse_value(cross_check_value)
|
103
99
|
end
|
104
100
|
end
|
105
101
|
end
|
@@ -176,12 +172,13 @@ class Bali::Judge
|
|
176
172
|
term == :cant ? DEFINITE_TRUE : DEFINITE_FALSE
|
177
173
|
end
|
178
174
|
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
175
|
+
def reverse_value(value)
|
176
|
+
case value
|
177
|
+
when DEFINITE_TRUE then DEFINITE_FALSE
|
178
|
+
when DEFINITE_FALSE then DEFINITE_TRUE
|
179
|
+
when FUZY_FALSE then FUZY_TRUE
|
180
|
+
when FUZY_TRUE then FUZY_FALSE
|
181
|
+
end
|
185
182
|
end
|
186
183
|
|
187
184
|
def evaluate(rule, actor, record)
|
@@ -195,15 +192,6 @@ class Bali::Judge
|
|
195
192
|
evaluation ? DEFINITE_TRUE : DEFINITE_FALSE
|
196
193
|
end
|
197
194
|
|
198
|
-
def cross_check_reverse_value(cross_check_value)
|
199
|
-
case cross_check_value
|
200
|
-
when DEFINITE_TRUE then DEFINITE_FALSE
|
201
|
-
when DEFINITE_FALSE then DEFINITE_TRUE
|
202
|
-
when FUZY_FALSE then FUZY_TRUE
|
203
|
-
when FUZY_TRUE then FUZY_FALSE
|
204
|
-
end
|
205
|
-
end
|
206
|
-
|
207
195
|
def deduce_by_evaluation
|
208
196
|
return unless rule
|
209
197
|
|
@@ -216,9 +204,9 @@ class Bali::Judge
|
|
216
204
|
return unless rule_group
|
217
205
|
|
218
206
|
if rule_group.can_all?
|
219
|
-
|
207
|
+
reverse_value(natural_value)
|
220
208
|
elsif rule_group.cant_all?
|
221
|
-
|
209
|
+
natural_value
|
222
210
|
end
|
223
211
|
end
|
224
212
|
|
data/lib/bali/printer.rb
CHANGED
@@ -2,17 +2,37 @@ require "stringio"
|
|
2
2
|
require "date"
|
3
3
|
|
4
4
|
# module that would allow all defined rules to be printed for check
|
5
|
-
|
6
|
-
|
5
|
+
class Bali::Printer
|
6
|
+
include Singleton
|
7
7
|
|
8
8
|
SEPARATOR = " " * 6
|
9
9
|
SUBTARGET_TITLE_SEPARATOR = SEPARATOR + ("-" * 80) + "\n"
|
10
10
|
|
11
|
-
def
|
11
|
+
def self.printable
|
12
|
+
instance.printable
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.pretty_print
|
16
|
+
printable
|
17
|
+
end
|
18
|
+
|
19
|
+
def load_rule_classes
|
20
|
+
return unless Bali.config.rules_path.present?
|
21
|
+
|
22
|
+
Dir["#{Bali.config.rules_path}/**/*.rb"].each do |rule_class_path|
|
23
|
+
require rule_class_path
|
24
|
+
end
|
25
|
+
rescue LoadError
|
26
|
+
# ignore
|
27
|
+
end
|
28
|
+
|
29
|
+
def printable
|
30
|
+
load_rule_classes
|
12
31
|
output = StringIO.new
|
13
32
|
|
14
33
|
# build up the string for pretty printing rules
|
15
34
|
rule_classes = ObjectSpace.each_object(Class).select { |cls| cls < Bali::Rules }
|
35
|
+
rule_classes.sort! { |a, b| a.to_s <=> b.to_s }
|
16
36
|
rule_classes.each do |rule_class|
|
17
37
|
output << "===== #{rule_class.model_class} =====\n\n"
|
18
38
|
|
@@ -5,4 +5,10 @@ require 'active_support/lazy_load_hooks'
|
|
5
5
|
ActiveSupport.on_load :action_controller do
|
6
6
|
require "bali"
|
7
7
|
::ActionController::Base.send :include, Bali::Statics::Authorizer
|
8
|
+
::ActionController::Base.send :include, Bali::Statics::ScopeRuler
|
9
|
+
|
10
|
+
if defined? ::ActionController::API
|
11
|
+
::ActionController::API.send :include, Bali::Statics::Authorizer
|
12
|
+
::ActionController::API.send :include, Bali::Statics::ScopeRuler
|
13
|
+
end
|
8
14
|
end
|
@@ -4,7 +4,5 @@ require 'active_support/lazy_load_hooks'
|
|
4
4
|
|
5
5
|
ActiveSupport.on_load :active_record do
|
6
6
|
require "bali"
|
7
|
-
::ActiveRecord::Base.send :include, Bali::Authorizer
|
8
|
-
::ActiveRecord::Base.send :extend, Bali::Statics::Authorizer
|
9
7
|
::ActiveRecord::Base.send :extend, Bali::Statics::ActiveRecord
|
10
8
|
end
|
data/lib/bali/role.rb
CHANGED
@@ -5,8 +5,15 @@ class Bali::Role
|
|
5
5
|
DEFAULT_ALLOW = :default_allow
|
6
6
|
].freeze
|
7
7
|
|
8
|
+
IDENTIFIER_CLASSES = [
|
9
|
+
String,
|
10
|
+
Symbol,
|
11
|
+
NilClass,
|
12
|
+
].freeze
|
13
|
+
|
8
14
|
attr_accessor :name
|
9
15
|
attr_accessor :cans, :cants
|
16
|
+
attr_reader :scope
|
10
17
|
|
11
18
|
attr_accessor :can_all
|
12
19
|
alias :can_all? :can_all
|
@@ -15,7 +22,7 @@ class Bali::Role
|
|
15
22
|
|
16
23
|
def self.formalize(object)
|
17
24
|
case object
|
18
|
-
when
|
25
|
+
when *IDENTIFIER_CLASSES then [object]
|
19
26
|
when Array then object
|
20
27
|
else formalize(extract_roles_from_object(object))
|
21
28
|
end
|
@@ -30,7 +37,7 @@ class Bali::Role
|
|
30
37
|
end
|
31
38
|
|
32
39
|
def initialize(name)
|
33
|
-
@name = name
|
40
|
+
@name = name.to_sym if name
|
34
41
|
@right_level = INHERIT
|
35
42
|
|
36
43
|
@cans = {}
|
@@ -45,19 +52,42 @@ class Bali::Role
|
|
45
52
|
right_level == DEFAULT_DENY
|
46
53
|
end
|
47
54
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
55
|
+
##### DSL METHODS
|
56
|
+
def can(*args, &block)
|
57
|
+
add :can, *args, block
|
58
|
+
end
|
59
|
+
|
60
|
+
def cant(*args, &block)
|
61
|
+
add :cant, *args, block
|
62
|
+
end
|
63
|
+
|
64
|
+
def can_all
|
65
|
+
@right_level = DEFAULT_ALLOW
|
66
|
+
end
|
67
|
+
|
68
|
+
def cant_all
|
69
|
+
@right_level = DEFAULT_DENY
|
70
|
+
end
|
71
|
+
|
72
|
+
def scope(&block)
|
73
|
+
return @scope unless block_given?
|
74
|
+
|
75
|
+
raise Bali::DslError, "Block can't be scoped inside a role" if name
|
76
|
+
@scope = block
|
77
|
+
end
|
78
|
+
|
79
|
+
def add(term, *operations, block)
|
80
|
+
operations.each do |operation|
|
81
|
+
rule = Bali::Rule.new(term, operation)
|
82
|
+
rule.conditional = block if block
|
83
|
+
self << rule
|
52
84
|
end
|
53
85
|
end
|
86
|
+
##### DSL METHODS
|
54
87
|
|
55
88
|
def << rule
|
56
|
-
# operation cant be defined twice
|
57
89
|
operation = rule.operation.to_sym
|
58
90
|
|
59
|
-
return if cants[operation] && cans[operation]
|
60
|
-
|
61
91
|
if rule.term == :cant
|
62
92
|
cants[operation] = rule
|
63
93
|
cans.delete operation
|
@@ -0,0 +1,39 @@
|
|
1
|
+
module RSpec
|
2
|
+
module Matchers
|
3
|
+
module BuiltIn
|
4
|
+
class AbleToMatcher < Be
|
5
|
+
def initialize(operation, class_or_record = nil)
|
6
|
+
@operation = operation
|
7
|
+
@class_or_record = class_or_record
|
8
|
+
end
|
9
|
+
|
10
|
+
def matches?(actor)
|
11
|
+
if @class_or_record
|
12
|
+
rule_class = "#{@class_or_record.class.name}#{Bali.config.suffix}".constantize
|
13
|
+
rule_class.can?(actor, @operation, @class_or_record)
|
14
|
+
else
|
15
|
+
@class_or_record = actor
|
16
|
+
rule_class = "#{@class_or_record.name}#{Bali.config.suffix}".constantize
|
17
|
+
rule_class.can?(nil, @operation, @class_or_record)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def failure_message
|
22
|
+
"expected to be able to #{@operation}, but actually cannot"
|
23
|
+
end
|
24
|
+
|
25
|
+
def failure_message_when_negated
|
26
|
+
"expected not to be able to #{@operation}, but actually can"
|
27
|
+
end
|
28
|
+
|
29
|
+
def description
|
30
|
+
"be able to #{@operation}"
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def be_able_to(*args)
|
36
|
+
BuiltIn::AbleToMatcher.new(*args)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
data/lib/bali/ruler.rb
CHANGED
@@ -6,14 +6,14 @@ class Bali::Ruler
|
|
6
6
|
private :model_class
|
7
7
|
|
8
8
|
def self.for(record_class)
|
9
|
-
|
10
|
-
rule_class = rule_maker_cls_str.safe_constantize
|
9
|
+
rule_class = Bali::Rules.for(record_class)
|
11
10
|
rule_class.ruler if rule_class
|
12
11
|
end
|
13
12
|
|
14
13
|
def initialize(model_class)
|
15
14
|
@model_class = model_class
|
16
15
|
@roles = {}
|
16
|
+
@roles[nil] = Bali::Role.new(nil)
|
17
17
|
end
|
18
18
|
|
19
19
|
def << role
|
@@ -21,6 +21,18 @@ class Bali::Ruler
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def [] role
|
24
|
-
|
24
|
+
symbolized_role = role.to_sym if role
|
25
|
+
@roles[symbolized_role]
|
26
|
+
end
|
27
|
+
|
28
|
+
def find_or_create_role role_name
|
29
|
+
role = self[role_name]
|
30
|
+
|
31
|
+
if role.nil?
|
32
|
+
role = Bali::Role.new(role_name)
|
33
|
+
self << role
|
34
|
+
end
|
35
|
+
|
36
|
+
role
|
25
37
|
end
|
26
38
|
end
|
data/lib/bali/rules.rb
CHANGED
@@ -1,17 +1,25 @@
|
|
1
|
+
require "forwardable"
|
2
|
+
|
1
3
|
class Bali::Rules
|
4
|
+
extend Bali::Statics::Authorizer
|
5
|
+
extend Bali::Statics::ScopeRuler
|
6
|
+
|
2
7
|
class << self
|
8
|
+
extend Forwardable
|
9
|
+
|
3
10
|
attr_writer :current_role
|
4
11
|
attr_reader :ruler
|
5
|
-
end
|
6
12
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
+
def_delegators :inheritable_role, :scope, :scope
|
14
|
+
def_delegators :inheritable_role, :can, :can
|
15
|
+
def_delegators :inheritable_role, :cant, :cant
|
16
|
+
def_delegators :inheritable_role, :cant_all, :cant_all
|
17
|
+
def_delegators :inheritable_role, :can_all, :can_all
|
18
|
+
end
|
13
19
|
|
14
|
-
|
20
|
+
def self.for(record_class)
|
21
|
+
rule_maker_cls_str = "#{record_class}#{Bali.config.suffix}"
|
22
|
+
rule_maker_cls_str.safe_constantize
|
15
23
|
end
|
16
24
|
|
17
25
|
def self.model_class
|
@@ -21,27 +29,11 @@ class Bali::Rules
|
|
21
29
|
rule_class_maker_str.constantize
|
22
30
|
end
|
23
31
|
|
24
|
-
def self.
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
add :cant, *args, block
|
30
|
-
end
|
31
|
-
|
32
|
-
def self.cant_all(*args)
|
33
|
-
current_role.can_all = false
|
34
|
-
end
|
35
|
-
|
36
|
-
def self.can_all(*args)
|
37
|
-
current_role.can_all = true
|
38
|
-
end
|
39
|
-
|
40
|
-
def self.role(*roles)
|
41
|
-
roles.each do |role|
|
42
|
-
if Symbol === role || String === role || NilClass === role
|
43
|
-
set_role role
|
44
|
-
yield
|
32
|
+
def self.role(*role_names, &block)
|
33
|
+
role_names.each do |role_name|
|
34
|
+
if Bali::Role::IDENTIFIER_CLASSES.include?(role_name.class)
|
35
|
+
role = ruler.find_or_create_role role_name
|
36
|
+
role.instance_eval(&block)
|
45
37
|
else
|
46
38
|
raise Bali::DslError, "Cannot define role using #{param.class}. " +
|
47
39
|
"Please use either a Symbol, a String or nil"
|
@@ -49,26 +41,11 @@ class Bali::Rules
|
|
49
41
|
end
|
50
42
|
end
|
51
43
|
|
52
|
-
def self.current_role
|
53
|
-
@current_role ||= set_role nil
|
54
|
-
end
|
55
|
-
|
56
44
|
def self.ruler
|
57
45
|
@ruler ||= Bali::Ruler.new(model_class)
|
58
46
|
end
|
59
47
|
|
60
|
-
def self.
|
61
|
-
|
62
|
-
ruler << role
|
63
|
-
@current_role = role
|
48
|
+
def self.inheritable_role
|
49
|
+
ruler[nil]
|
64
50
|
end
|
65
|
-
|
66
|
-
def self.add(term, *operations, block)
|
67
|
-
operations.each do |operation|
|
68
|
-
rule = Bali::Rule.new(term, operation)
|
69
|
-
rule.conditional = block if block
|
70
|
-
current_role << rule
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
51
|
end
|
@@ -1,9 +1,61 @@
|
|
1
1
|
module Bali::Statics::Authorizer
|
2
|
-
|
3
|
-
|
2
|
+
module HelperFunctions
|
3
|
+
extend self
|
4
|
+
|
5
|
+
def not_true_actor?(actor)
|
6
|
+
Symbol === actor || String === actor
|
7
|
+
end
|
8
|
+
|
9
|
+
def find_actor(actor, operation, record = nil)
|
10
|
+
return actor unless not_true_actor?(actor)
|
11
|
+
end
|
12
|
+
|
13
|
+
def find_operation(actor, operation, record = nil)
|
14
|
+
not_true_actor?(actor) ?
|
15
|
+
actor :
|
16
|
+
operation
|
17
|
+
end
|
18
|
+
|
19
|
+
def find_record(actor, operation, record = nil)
|
20
|
+
if not_true_actor?(actor) && record.nil?
|
21
|
+
operation
|
22
|
+
elsif actor.is_a?(ActiveRecord::Base) && record.nil?
|
23
|
+
actor.class
|
24
|
+
else
|
25
|
+
record
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def determine_model_class!(obj, arg1, arg2, arg3)
|
30
|
+
if arg2.nil? && arg3.nil? && !obj.respond_to?(:model_class)
|
31
|
+
raise Bali::Error, "Cannot perform checking when the actor is not known"
|
32
|
+
end
|
33
|
+
arg3 = obj.model_class if (arg2.nil? || arg1.nil?) && arg3.nil?
|
34
|
+
arg3
|
35
|
+
end
|
36
|
+
|
37
|
+
def check(term, obj, arg1, arg2, arg3)
|
38
|
+
# try to infer current user if only passing one arg
|
39
|
+
if arg2.nil? && arg3.nil? && obj.respond_to?(:current_user)
|
40
|
+
arg2 = arg1
|
41
|
+
arg1 = obj.current_user
|
42
|
+
end
|
43
|
+
|
44
|
+
arg3 = HelperFunctions.determine_model_class! obj, arg1, arg2, arg3
|
45
|
+
|
46
|
+
actor = HelperFunctions.find_actor(arg1, arg2, arg3)
|
47
|
+
operation = HelperFunctions.find_operation(arg1, arg2, arg3)
|
48
|
+
record = HelperFunctions.find_record(arg1, arg2, arg3)
|
49
|
+
|
50
|
+
Bali::Judge.check(term, actor, operation, record)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def can?(arg1, arg2 = nil, arg3 = nil)
|
55
|
+
HelperFunctions.check(:can, self, arg1, arg2, arg3)
|
4
56
|
end
|
5
57
|
|
6
|
-
def cant?(
|
7
|
-
|
58
|
+
def cant?(arg1, arg2 = nil, arg3 = nil)
|
59
|
+
HelperFunctions.check(:cant, self, arg1, arg2, arg3)
|
8
60
|
end
|
9
61
|
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
module Bali::Statics::ScopeRuler
|
2
|
+
module HelperFunctions
|
3
|
+
extend self
|
4
|
+
|
5
|
+
def extract_data_and_actor(obj, arg1, arg2 = nil)
|
6
|
+
if arg2.nil?
|
7
|
+
data = arg1
|
8
|
+
if obj.respond_to?(:current_user)
|
9
|
+
actor = obj.current_user
|
10
|
+
end
|
11
|
+
else
|
12
|
+
data, actor = arg1, arg2
|
13
|
+
end
|
14
|
+
|
15
|
+
return data, actor
|
16
|
+
end
|
17
|
+
|
18
|
+
def scope_for(relation)
|
19
|
+
rule_class = Bali::Rules.for(relation.model)
|
20
|
+
return unless rule_class
|
21
|
+
|
22
|
+
rule_class.inheritable_role.scope
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def rule_scope(arg1, arg2 = nil)
|
27
|
+
data, actor = HelperFunctions.extract_data_and_actor(self, arg1, arg2)
|
28
|
+
return unless data
|
29
|
+
|
30
|
+
scope = HelperFunctions.scope_for(data)
|
31
|
+
scoped_data = case scope.arity
|
32
|
+
when 0 then scope.call
|
33
|
+
when 1 then scope.call(data)
|
34
|
+
when 2 then scope.call(data, actor)
|
35
|
+
end
|
36
|
+
|
37
|
+
scoped_data || data
|
38
|
+
end
|
39
|
+
end
|
data/lib/bali/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bali
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.0.
|
4
|
+
version: 6.0.0rc3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Notodikromo
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-05-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: zeitwerk
|
@@ -73,19 +73,19 @@ dependencies:
|
|
73
73
|
- !ruby/object:Gem::Version
|
74
74
|
version: '0'
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
|
-
name: rspec
|
76
|
+
name: rspec-rails
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
78
78
|
requirements:
|
79
|
-
- - "
|
79
|
+
- - "<="
|
80
80
|
- !ruby/object:Gem::Version
|
81
|
-
version: '
|
81
|
+
version: '4'
|
82
82
|
type: :development
|
83
83
|
prerelease: false
|
84
84
|
version_requirements: !ruby/object:Gem::Requirement
|
85
85
|
requirements:
|
86
|
-
- - "
|
86
|
+
- - "<="
|
87
87
|
- !ruby/object:Gem::Version
|
88
|
-
version: '
|
88
|
+
version: '4'
|
89
89
|
- !ruby/object:Gem::Dependency
|
90
90
|
name: pry-byebug
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
@@ -102,6 +102,20 @@ dependencies:
|
|
102
102
|
version: '0'
|
103
103
|
- !ruby/object:Gem::Dependency
|
104
104
|
name: simplecov
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - '='
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0.17'
|
110
|
+
type: :development
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - '='
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '0.17'
|
117
|
+
- !ruby/object:Gem::Dependency
|
118
|
+
name: sqlite3
|
105
119
|
requirement: !ruby/object:Gem::Requirement
|
106
120
|
requirements:
|
107
121
|
- - ">="
|
@@ -130,8 +144,12 @@ files:
|
|
130
144
|
- bali.gemspec
|
131
145
|
- bin/console
|
132
146
|
- bin/setup
|
147
|
+
- gemfiles/Gemfile-rails.5.0.x
|
148
|
+
- gemfiles/Gemfile-rails.5.1.x
|
149
|
+
- gemfiles/Gemfile-rails.5.2.x
|
150
|
+
- gemfiles/Gemfile-rails.6.0.x
|
151
|
+
- gemfiles/Gemfile-rails.edge
|
133
152
|
- lib/bali.rb
|
134
|
-
- lib/bali/authorizer.rb
|
135
153
|
- lib/bali/config.rb
|
136
154
|
- lib/bali/dsl_error.rb
|
137
155
|
- lib/bali/error.rb
|
@@ -142,11 +160,13 @@ files:
|
|
142
160
|
- lib/bali/rails/active_record.rb
|
143
161
|
- lib/bali/railtie.rb
|
144
162
|
- lib/bali/role.rb
|
163
|
+
- lib/bali/rspec/able_to_matcher.rb
|
145
164
|
- lib/bali/rule.rb
|
146
165
|
- lib/bali/ruler.rb
|
147
166
|
- lib/bali/rules.rb
|
148
167
|
- lib/bali/statics/active_record.rb
|
149
168
|
- lib/bali/statics/authorizer.rb
|
169
|
+
- lib/bali/statics/scope_ruler.rb
|
150
170
|
- lib/bali/tasks/bali/print_rules.rake
|
151
171
|
- lib/bali/version.rb
|
152
172
|
- lib/generators/rails/USAGE
|
data/lib/bali/authorizer.rb
DELETED
@@ -1,13 +0,0 @@
|
|
1
|
-
module Bali::Authorizer
|
2
|
-
def self.included(base)
|
3
|
-
base.extend Bali::Statics::Authorizer
|
4
|
-
end
|
5
|
-
|
6
|
-
def can?(actor_or_roles, operation = nil)
|
7
|
-
self.class.can?(actor_or_roles, operation, self)
|
8
|
-
end
|
9
|
-
|
10
|
-
def cant?(actor_or_roles, operation = nil)
|
11
|
-
self.class.cant?(actor_or_roles, operation, self)
|
12
|
-
end
|
13
|
-
end
|