banken 0.0.1 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6b535c2ea0ee44062ee539386142447ab1db0054
-  data.tar.gz: 74d457b467b4ec2c8a4d39899732aad37ff90d36
+  metadata.gz: 5fa23a2a65fb5297370655ef973516a3615be3d4
+  data.tar.gz: 5965509ce31efeb8243a1796191b4da0c416e429
 SHA512:
-  metadata.gz: 0aa2d9fd1a1eb732252d0093fa407f654fc6d47396b16888771d35c719226ebb9c151d51650354856959dc90b3ddd2987508c8f02a8ce90ed883ed697aae3133
-  data.tar.gz: e081bc1f541fe7476cd46170a72dcac38fc12c01ef4709c7d1c6da27dc20154242dbedccfeb0cd60550507daba95ba2b7a737659ba16a3ce8c7d70ffeec74d59
+  metadata.gz: 763ee80874810e27d2d9edfa8dca6298e8f6694fa097ac558ac9857c23848b57d638b000410126e1bb427e183afb17ce4c37690a07d4c4701f4c3b9a50295d71
+  data.tar.gz: d8ea1e7142b0b3badd6bf538dc6a1498b921a858683e53d6b735bd5cd73bd6a02b848727d5f6fae4867fe7d69d894fa89f6458f8d2d634fa6a6c94e5083522cb

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--order rand

data/.travis.yml

@@ -0,0 +1,8 @@
+language: ruby
+sudo: false
+script: "bundle exec rake"
+rvm:
+  - 2.0.0
+  - 2.1.5
+  - 2.2.3
+  - rbx-2

data/Gemfile

@@ -1,5 +1,3 @@
 source 'https://rubygems.org'
 
-# Specify your gem's dependencies in banken.gemspec
-gem "rspec", ENV["RSPEC_VERSION"] unless ENV["RSPEC_VERSION"].to_s.empty?
 gemspec

data/README.md

@@ -1,41 +1,405 @@
 # Banken
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/banken`. To experiment with that code, run `bin/console` for an interactive prompt.
+[![Build Status](https://img.shields.io/travis/kyuden/banken/master.svg)](https://travis-ci.org/kyuden/banken)
+[![Code Climate](https://codeclimate.com/github/kyuden/banken/badges/gpa.svg)](https://codeclimate.com/github/kyuden/banken)
+[![Gem Version](https://badge.fury.io/rb/banken.svg)](https://badge.fury.io/rb/banken)
 
-TODO: Delete this and the text above, and describe your gem
+Banken provides a set of helpers which guide you in leveraging regular Ruby
+classes and object oriented design patterns to build a simple, robust and
+scaleable authorization system.
 
 ## Installation
 
-Add this line to your application's Gemfile:
+``` ruby
+gem "banken"
+```
+
+Include Banken in your application controller:
+
+``` ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  include Banken
+  protect_from_forgery
+end
+```
+
+Optionally, you can run the generator, which will set up an application loyalty
+with some useful defaults for you:
+
+``` sh
+rails g banken:install
+```
+
+After generating your application loyalty, restart the Rails server so that Rails
+can pick up any classes in the new `app/loyalties/` directory.
+
+## Policies
+
+Banken is focused around the notion of loyalty classes. We suggest that you put
+these classes in `app/loyalties`. This is a simple example that allows updating
+a post if the user is an admin, or if the post is unpublished:
+
+``` ruby
+# app/loyalties/posts_loyalty.rb
+class PostsLoyalty
+  attr_reader :user, :post
+
+  def initialize(user, post)
+    @user = user
+    @post = post
+  end
+
+  def update?
+    user.admin? || post.unpublished?
+  end
+end
+```
+
+As you can see, this is just a plain Ruby class. Banken makes the following
+assumptions about this class:
+
+- The class has the same name as some kind of controller class, only suffixed
+  with the word "Loyalty".
+- The first argument is a user. In your controller, Banken will call the
+  `current_user` method to retrieve what to send into this argument
+- The second argument is optional, whose authorization you want to check.
+  This does not need to be an ActiveRecord or even an ActiveModel object,
+  it can be anything really.
+- The class implements some kind of query method, in this case `update?`.
+  Usually, this will map to the name of a particular controller action.
+
+That's it really.
+
+Usually you'll want to inherit from the application loyalty created by the
+generator, or set up your own base class to inherit from:
+
+``` ruby
+# app/loyalties/posts_loyalty.rb
+class PostsLoyalty < ApplicationLoyalty
+  def update?
+    user.admin? || record.unpublished?
+  end
+end
+```
+
+In the generated `ApplicationLoyalty`, the optional object is called `record`.
+
+Supposing that you are in PostsController, Banken now lets you do
+this in your controller:
+
+``` ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def update
+    @post = Post.find(params[:id])
+    authorize! @post
+    if @post.update(post_params)
+      redirect_to @post
+    else
+      render :edit
+    end
+  end
+end
+```
+
+The authorize method automatically infers from controller name that `Posts` will have a matching
+`PostsLoyalty` class, and instantiates this class, handing in the current user
+and the given optional object. It then infers from the action name, that it should call
+`update?` on this instance of the loyalty. In this case, you can imagine that
+`authorize!` would have done something like this:
+
+``` ruby
+raise "not authorized" unless PostsLoyalty.new(current_user, @post).update?
+```
+
+If you don't have an optional object for the first argument to `authorize!`, then you can pass
+the class. For example:
+
+Loyalty:
+```ruby
+# app/loyalties/posts_loyalty.rb
+class PostsLoyalty < ApplicationLoyalty
+  def admin_list?
+    user.admin?
+  end
+end
+```
+
+Controller:
+```ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def admin_list
+    authorize!
+    # Rest of controller action
+  end
+end
+```
+
+You can easily get a hold of an instance of the loyalty through the `loyalty`
+method in both the view and controller. This is especially useful for
+conditionally showing links or buttons in the view:
+
+``` erb
+<% if loyalty(@post, :posts).update? %>
+  <%= link_to "Edit post", edit_post_path(@post) %>
+<% end %>
+```
+
+## Ensuring loyalties are used
+
+Banken adds a method called `verify_authorized` to your controllers. This
+method will raise an exception if `authorize!` has not yet been called. You
+should run this method in an `after_action` to ensure that you haven't
+forgotten to authorize the action. For example:
+
+``` ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  after_action :verify_authorized, except: :index
+end
+```
+
+
+If you're using `verify_authorized` in your controllers but need to
+conditionally bypass verification, you can use `skip_authorization`.
+These are useful in circumstances where you don't want to disable verification for the
+entire action, but have some cases where you intend to not authorize.
+
+```ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def show
+    record = Record.find_by(attribute: "value")
+    if record.present?
+      authorize record
+    else
+      skip_authorization
+    end
+  end
+end
+```
+
+If you need to perform some more sophisticated logic or you want to raise a custom
+exception you can use the two lower level method `banken_loyalty_authorized?` which
+return `true` or `false` depending on whether `authorize!` have been called, respectively.
+
+## Just plain old Ruby
+
+As you can see, Banken doesn't do anything you couldn't have easily done
+yourself.  It's a very small library, it just provides a few neat helpers.
+Together these give you the power of building a well structured, fully working
+authorization system without using any special DSLs or funky syntax or
+anything.
+
+Remember that all of the loyalty is just plain Ruby classes,
+which means you can use the same mechanisms you always use to DRY things up.
+Encapsulate a set of permissions into a module and include them in multiple
+loyalties. Use `alias_method` to make some permissions behave the same as
+others. Inherit from a base set of permissions. Use metaprogramming if you
+really have to.
+
+## Generator
+
+Use the supplied generator to generate loyalties:
+
+``` sh
+rails g banken:loyalty posts
+```
+
+## Closed systems
+
+In many applications, only logged in users are really able to do anything. If
+you're building such a system, it can be kind of cumbersome to check that the
+user in a loyalty isn't `nil` for every single permission.
+
+We suggest that you define a filter that redirects unauthenticated users to the
+login page. As a secondary defence, if you've defined an ApplicationLoyalty, it
+might be a good idea to raise an exception if somehow an unauthenticated user
+got through. This way you can fail more gracefully.
+
+``` ruby
+# app/loyalties/application_loyalty.rb
+class ApplicationLoyalty
+  def initialize(user, record)
+    raise Banken::NotAuthorizedError, "must be logged in" unless user
+    @user = user
+    @record = record
+  end
+end
+```
+
+## Rescuing a denied Authorization in Rails
+
+Banken raises a `Banken::NotAuthorizedError` you can
+[rescue_from](http://guides.rubyonrails.org/action_controller_overview.html#rescue-from)
+in your `ApplicationController`. You can customize the `user_not_authorized`
+method in every controller.
+
+```ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+  include Banken
+
+  rescue_from Banken::NotAuthorizedError, with: :user_not_authorized
+
+  private
+
+  def user_not_authorized
+    flash[:alert] = "You are not authorized to perform this action."
+    redirect_to(request.referrer || root_path)
+  end
+end
+```
+
+## Creating custom error messages
+
+`NotAuthorizedError`s provide information on what query (e.g. `:create?`), what
+controller (e.g. `PostsController`), and what loyalty (e.g. an instance of
+`PostsLoyalty`) caused the error to be raised.
+
+One way to use these `query`, `record`, and `loyalty` properties is to connect
+them with `I18n` to generate error messages. Here's how you might go about doing
+that.
 
 ```ruby
-gem 'banken'
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+ rescue_from Banken::NotAuthorizedError, with: :user_not_authorized
+
+ private
+
+ def user_not_authorized(exception)
+   loyalty_name = exception.loyalty.class.to_s.underscore
+
+   flash[:error] = t "#{loyalty_name}.#{exception.query}", scope: "banken", default: :default
+   redirect_to(request.referrer || root_path)
+ end
+end
+```
+
+```yaml
+en:
+ banken:
+   default: 'You cannot perform this action.'
+   posts_loyalty:
+     update?: 'You cannot edit this post!'
+     create?: 'You cannot create posts!'
 ```
 
-And then execute:
+Of course, this is just an example. Banken is agnostic as to how you implement
+your error messaging.
 
-    $ bundle
+## Customize Banken user
 
-Or install it yourself as:
+In some cases your controller might not have access to `current_user`, or your
+`current_user` is not the method that should be invoked by Banken. Simply
+define a method in your controller called `banken_user`.
 
-    $ gem install banken
+```ruby
+def banken_user
+  User.find_by_other_means
+end
+```
+
+## Additional context
 
-## Usage
+Banken strongly encourages you to model your application in such a way that the
+only context you need for authorization is a user object and a domain model that
+you want to check authorization for. If you find yourself needing more context than
+that, consider whether you are authorizing the right domain model, maybe another
+domain model (or a wrapper around multiple domain models) can provide the context
+you need.
 
-TODO: Write usage instructions here
+Banken does not allow you to pass additional arguments to loyalties for precisely
+this reason.
 
-## Development
+However, in very rare cases, you might need to authorize based on more context than just
+the currently authenticated user. Suppose for example that authorization is dependent
+on IP address in addition to the authenticated user. In that case, one option is to
+create a special class which wraps up both user and IP and passes it to the loyalty.
 
-After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+``` ruby
+class UserContext
+  attr_reader :user, :ip
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+  def initialize(user, ip)
+    @user = user
+    @ip = ip
+  end
+end
 
-## Contributing
+# app/controllers/application_controller.rb
+class ApplicationController
+  include Banken
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/banken. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
+  def banken_user
+    UserContext.new(current_user, request.ip)
+  end
+end
+```
+
+## Strong parameters
 
+In Rails 4 (or Rails 3.2 with the
+[strong_parameters](https://github.com/rails/strong_parameters) gem),
+mass-assignment protection is handled in the controller. With Banken you can
+control which attributes a user has access to update via your loyalties. You can
+set up a `permitted_attributes` method in your loyalty like this:
 
-## License
+```ruby
+# app/loyalties/posts_loyalty.rb
+class PostsLoyalty < ApplicationLoyalty
+  def permitted_attributes
+    if user.admin? || user.owner_of?(post)
+      [:title, :body, :tag_list]
+    else
+      [:tag_list]
+    end
+  end
+end
+```
+
+You can now retrieve these attributes from the loyalty:
+
+```ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def update
+    @post = Post.find(params[:id])
+    if @post.update_attributes(post_params)
+      redirect_to @post
+    else
+      render :edit
+    end
+  end
+
+  private
+
+  def post_params
+    params.require(:post).permit(loyalty(@post).permitted_attributes)
+  end
+end
+```
+
+However, this is a bit cumbersome, so Banken provides a convenient helper method:
+
+```ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def update
+    @post = Post.find(params[:id])
+    if @post.update_attributes(permitted_attributes(@post))
+      redirect_to @post
+    else
+      render :edit
+    end
+  end
+end
+```
 
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+# License
 
+Licensed under the MIT license, see the separate LICENSE.txt file.

data/Rakefile

@@ -1 +1,17 @@
-require "bundler/gem_tasks"
+require 'rubygems'
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'yard'
+
+desc "Run all examples"
+RSpec::Core::RakeTask.new(:spec) do |t|
+  #t.rspec_path = 'bin/rspec'
+  t.rspec_opts = %w[--color]
+end
+
+YARD::Rake::YardocTask.new do |t|
+  t.files   = ['lib/**/*.rb']
+  #t.options = ['--any', '--extra', '--opts'] # optional
+end
+
+task :default => [:spec]

data/banken.gemspec

@@ -26,4 +26,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rspec", ">=2.0.0"
   spec.add_development_dependency "pry"
   spec.add_development_dependency "rake"
+  spec.add_development_dependency "yard"
 end

data/lib/banken.rb

@@ -4,67 +4,52 @@ require "active_support/core_ext/object/blank"
 require "active_support/core_ext/module/introspection"
 require "banken/version"
 require "banken/error"
-require "banken/helper"
-require "banken/policy_finder"
+require "banken/loyalty_finder"
 
 module Banken
   extend ActiveSupport::Concern
 
   included do
-    # TODO
-    # helper Helper if respond_to?(:helper)
     if respond_to?(:helper_method)
-      # TODO
-      # helper_method :banken_policy_scope
+      helper_method :loyalty
       helper_method :banken_user
     end
+
     if respond_to?(:hide_action)
-      hide_action :policy_scope
       hide_action :permitted_attributes
-      hide_action :policy
+      hide_action :loyalty
       hide_action :banken_user
       hide_action :skip_authorization
-      hide_action :skip_policy_scope
       hide_action :verify_authorized
-      hide_action :verify_policy_scoped
-      hide_action :policies
-      hide_action :policy_scopes
+      hide_action :loyalties
     end
   end
 
   class << self
-    def policy_scope!(controller, user, scope)
-      PolicyFinder.new(controller).scope!.new(user, scope).resolve
-    end
-
-    def policy!(controller, user, record)
-      PolicyFinder.new(controller).policy!.new(user, record)
+    def loyalty!(controller_name, user, record=nil)
+      LoyaltyFinder.new(controller_name).loyalty!.new(user, record)
     end
   end
 
   def authorize!(record=nil)
-    @_banken_policy_authorized = true
+    @_banken_loyalty_authorized = true
 
-    policy = policy(record)
-    unless policy.public_send("#{banken_action_name}?")
-      raise NotAuthorizedError.new(controller: banken_controller_name, action: banken_action_name, policy: policy)
+    loyalty = loyalty(record)
+    unless loyalty.public_send(banken_query_name)
+      raise NotAuthorizedError.new(controller: banken_controller_name, query: banken_query_name, loyalty: loyalty)
     end
 
     true
   end
 
-  def policy_scope(scope)
-    @_banken_policy_scoped = true
-    banken_policy_scope(scope)
-  end
-
   def permitted_attributes(record)
     name = record.class.to_s.demodulize.underscore
-    params.require(name).permit(policy(record).permitted_attributes)
+    params.require(name).permit(loyalty(record).permitted_attributes)
   end
 
-  def policy(record)
-    policies[banken_action_name] ||= Banken.policy!(banken_controller_name, banken_user, record)
+  def loyalty(record=nil, controller_name=nil)
+    controller_name = banken_controller_name unless controller_name
+    loyalties[controller_name.to_s] ||= Banken.loyalty!(controller_name, banken_user, record)
   end
 
   def banken_user
@@ -72,48 +57,32 @@ module Banken
   end
 
   def skip_authorization
-    @_banken_policy_authorized = true
-  end
-
-  def skip_policy_scope
-    @_banken_policy_scoped = true
+    @_banken_loyalty_authorized = true
   end
 
   def verify_authorized
-    raise AuthorizationNotPerformedError unless banken_policy_authorized?
-  end
-
-  def verify_policy_scoped
-    raise PolicyScopingNotPerformedError unless banken_policy_scoped?
+    raise AuthorizationNotPerformedError unless banken_loyalty_authorized?
   end
 
-  def banken_policy_authorized?
-    !!@_banken_policy_authorized
+  def banken_loyalty_authorized?
+    !!@_banken_loyalty_authorized
   end
 
-  def banken_policy_scoped?
-    !!@_banken_policy_scoped
-  end
-
-  def policies
-    @_banken_policies ||= {}
-  end
-
-  def policy_scopes
-    @_banken_policy_scopes ||= {}
+  def loyalties
+    @_banken_loyalties ||= {}
   end
 
   private
 
-    def banken_policy_scope(scope)
-      policy_scopes[scope] ||= Banken.policy_scope!(banken_controller_name, banken_user, scope)
-    end
-
     def banken_action_name
-      params[:action].to_s
+      params[:action]
     end
 
     def banken_controller_name
-      params[:controller].to_s
+      params[:controller]
+    end
+
+    def banken_query_name
+      "#{banken_action_name}?"
     end
 end

data/lib/banken/error.rb

@@ -2,17 +2,17 @@ module Banken
   class Error < StandardError; end
 
   class NotAuthorizedError < Error
-    attr_reader :controller, :action, :policy
+    attr_reader :controller, :query, :loyalty
 
     def initialize(options={})
       if options.is_a? String
         message = options
       else
         @controller = options[:controller]
-        @action     = options[:action]
-        @policy     = options[:policy]
+        @query      = options[:query]
+        @loyalty    = options[:loyalty]
 
-        message = options.fetch(:message) { "not allowed to #{action} of #{controller} by #{policy.inspect}" }
+        message = options.fetch(:message) { "not allowed to #{query} of #{controller} by #{loyalty.inspect}" }
       end
 
       super(message)
@@ -22,5 +22,5 @@ module Banken
   class NotDefinedError < Error; end
   class AuthorizationNotPerformedError < Error; end
 
-  class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
+  class LoyaltyScopingNotPerformedError < AuthorizationNotPerformedError; end
 end

data/lib/banken/loyalty_finder.rb

@@ -0,0 +1,28 @@
+module Banken
+  class LoyaltyFinder
+    SUFFIX = "Loyalty"
+
+    attr_reader :controller
+
+    def initialize(controller)
+      @controller = controller.to_s
+    end
+
+    def loyalty
+      loyalty_name.constantize
+    rescue NameError
+      nil
+    end
+
+    def loyalty!
+      raise NotDefinedError, "unable to find loyalty of nil" unless controller
+      loyalty || raise(NotDefinedError, "unable to find loyalty `#{loyalty_name}` for `#{controller}`")
+    end
+
+    private
+
+      def loyalty_name
+        "#{controller.camelize}#{SUFFIX}"
+      end
+  end
+end

data/lib/banken/version.rb

@@ -1,3 +1,3 @@
 module Banken
-  VERSION = "0.0.1"
+  VERSION = "0.1.1"
 end

data/lib/generators/banken/install/USAGE

@@ -1,2 +1,2 @@
 Description:
-    Generates an application policy as a starting point for your application.
+    Generates an application loyalty as a starting point for your application.

data/lib/generators/banken/install/install_generator.rb

@@ -3,8 +3,8 @@ module Banken
     class InstallGenerator < ::Rails::Generators::Base
       source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
 
-      def copy_application_policy
-        template 'application_policy.rb', 'app/policies/application_policy.rb'
+      def copy_application_loyalty
+        template 'application_loyalty.rb', 'app/loyalties/application_loyalty.rb'
       end
     end
   end

data/lib/generators/banken/install/templates/{application_policy.rb → application_loyalty.rb}

@@ -1,4 +1,4 @@
-class ApplicationPolicy
+class ApplicationLoyalty
   attr_reader :user, :record
 
   def initialize(user, record)
@@ -11,7 +11,7 @@ class ApplicationPolicy
   end
 
   def show?
-    scope.where(:id => record.id).exists?
+    false
   end
 
   def create?
@@ -33,21 +33,4 @@ class ApplicationPolicy
   def destroy?
     false
   end
-
-  def scope
-    Scope.new(user, record.class).resolve
-  end
-
-  class Scope
-    attr_reader :user, :scope
-
-    def initialize(user, scope)
-      @user = user
-      @scope = scope
-    end
-
-    def resolve
-      scope
-    end
-  end
 end

data/lib/generators/banken/loyalty/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Generates a loyalty for a controller with the given name.
+
+Example:
+    rails generate banken:loyalty users
+
+    This will create:
+        app/loyalties/users_loyalty.rb

data/lib/generators/banken/loyalty/loyalty_generator.rb

@@ -0,0 +1,13 @@
+module Banken
+  module Generators
+    class LoyaltyGenerator < ::Rails::Generators::NamedBase
+      source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
+
+      def create_loyalty
+        template 'loyalty.rb', File.join('app/loyalties', class_path, "#{file_name}_loyalty.rb")
+      end
+
+      hook_for :test_framework
+    end
+  end
+end

data/lib/generators/banken/loyalty/templates/loyalty.rb

@@ -0,0 +1,4 @@
+<% module_namespacing do -%>
+class <%= class_name %>Loyalty < ApplicationLoyalty
+end
+<% end -%>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: banken
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.1
 platform: ruby
 authors:
 - kyuden
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-30 00:00:00.000000000 Z
+date: 2015-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -108,6 +108,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Object oriented authorization like pundit for Rails applications.
 email:
 - msmsms.um@gmail.com
@@ -116,6 +130,8 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.txt
@@ -124,15 +140,14 @@ files:
 - banken.gemspec
 - lib/banken.rb
 - lib/banken/error.rb
-- lib/banken/helper.rb
-- lib/banken/policy_finder.rb
+- lib/banken/loyalty_finder.rb
 - lib/banken/version.rb
 - lib/generators/banken/install/USAGE
 - lib/generators/banken/install/install_generator.rb
-- lib/generators/banken/install/templates/application_policy.rb
-- lib/generators/banken/policy/USAGE
-- lib/generators/banken/policy/policy_generator.rb
-- lib/generators/banken/policy/templates/policy.rb
+- lib/generators/banken/install/templates/application_loyalty.rb
+- lib/generators/banken/loyalty/USAGE
+- lib/generators/banken/loyalty/loyalty_generator.rb
+- lib/generators/banken/loyalty/templates/loyalty.rb
 homepage: https://github.com/kyuden/banken
 licenses:
 - MIT
@@ -158,3 +173,4 @@ signing_key:
 specification_version: 4
 summary: OO authorization for Rails.
 test_files: []
+has_rdoc: 

data/lib/banken/helper.rb

@@ -1,8 +0,0 @@
-module Banken
-  module Helper
-    # TODO
-    # def policy_scope(scope)
-    #   banken_policy_scope(scope)
-    # end
-  end
-end

data/lib/banken/policy_finder.rb

@@ -1,41 +0,0 @@
-module Banken
-  class PolicyFinder
-    SUFFIX = "Policy"
-
-    attr_reader :controller
-
-    def initialize(controller)
-      @controller = controller
-    end
-
-    def scope
-      policy::Scope if policy
-    rescue NameError
-      nil
-    end
-
-    def policy
-      klass = find
-      klass = klass.constantize if klass.is_a?(String)
-      klass
-    rescue NameError
-      nil
-    end
-
-    def scope!
-      raise NotDefinedError, "unable to find policy scope of nil" unless controller
-      scope || raise(NotDefinedError, "unable to find scope `#{find}::Scope` for `#{controller}`")
-    end
-
-    def policy!
-      raise NotDefinedError, "unable to find policy of nil" unless controller
-      policy || raise(NotDefinedError, "unable to find policy `#{find}` for `#{controller}`")
-    end
-
-    private
-
-      def find
-        "#{controller.camelize}#{SUFFIX}"
-      end
-  end
-end

data/lib/generators/banken/policy/USAGE

@@ -1,8 +0,0 @@
-Description:
-    Generates a policy for a controller with the given name.
-
-Example:
-    rails generate banken:policy users
-
-    This will create:
-        app/policies/users_policy.rb

data/lib/generators/banken/policy/policy_generator.rb

@@ -1,13 +0,0 @@
-module Banken
-  module Generators
-    class PolicyGenerator < ::Rails::Generators::NamedBase
-      source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
-
-      def create_policy
-        template 'policy.rb', File.join('app/policies', class_path, "#{file_name}_policy.rb")
-      end
-
-      hook_for :test_framework
-    end
-  end
-end

data/lib/generators/banken/policy/templates/policy.rb

@@ -1,9 +0,0 @@
-<% module_namespacing do -%>
-class <%= class_name %>Policy < ApplicationPolicy
-  class Scope < Scope
-    def resolve
-      scope
-    end
-  end
-end
-<% end -%>