canard 0.2.7 → 0.3.1

data/.gitignore

@@ -1,3 +1,4 @@
+.DS_Store
 *.gem
 .bundle
 pkg/*

data/TODO

@@ -1,7 +1,6 @@
-* Test the ability class.
 * Test the generators.
 * Test the railtie
 * Expand the tests to produce all the standard abilities: index,show,read,new,create,edit,update,destroy.
 * Add test unit generator.
 * Add install generator to allow overriding of the default tests.
-* Add some rdocs.
+* Make the Ability user referece configureable.

data/lib/ability.rb

@@ -1,11 +1,39 @@
+# Canard provides a CanCan Ability class for you. The Canard Ability class
+# looks for and applies abilities for the object passed when a new Ability
+# instance is initialized.
+#
+# If the passed object has a reference to user the user is set to that.
+# Otherwise the passed object is assumed to be the user. This gives the
+# flexibility to have a seperate model for authorization from the model used
+# to authenticate the user.
+#
+# Abilities are applied in the order they are set with the acts_as_user method
+# for example for the User model
+#
+#     class User < ActiveRecord::Base
+#
+#       acts_as_user :roles =>  :manager, :admin
+#
+#     end
+#
+# the abilities would be applied in the order: users, managers, admins
+# with each subsequent set of abilities building on or overriding the existing
+# abilities.
+#
+# If there is no object passed to the Ability.new method a guest ability is
+# created and Canard will look for a guests.rb amongst the ability definitions
+# and give the guest those abilities.
 class Ability
 
   include CanCan::Ability
 
+  attr_reader :user
+
   def initialize(object=nil)
     
-    # If a user was passed set the user from it.
-    @user = object.is_a?(Account) ? object.user : object
+    # If object has a user attribute set the user from it otherwise assume
+    # this is the user.
+    @user = object.respond_to?(:user) ? object.user : object
     
     if @user
       # Add the base user abilities.
@@ -26,12 +54,8 @@ class Ability
   
   private
   
-  def user
-    @user
-  end
-  
   def ability_definitions
-    Canard::Abilities.definitions
+    Canard.ability_definitions
   end
   
   def append_abilities(role)

data/lib/canard/find_abilities.rb

@@ -4,7 +4,11 @@ module Canard
     # A string specifying the location that should be searched for ability
     # definitions. By default, Canard will attempt to load abilities from
     # Rails.root + /abilities/.
-    attr_accessor :abilities_path
+    attr_writer :abilities_path
+    
+    def abilities_path 
+      @abilities_path ||= File.expand_path('abilities', Rails.root)
+    end
     
     def ability_definitions
       Abilities.definitions
@@ -18,7 +22,6 @@ module Canard
   end
 
   def self.find_abilities #:nodoc:
-    
     absolute_abilities_path = File.expand_path(abilities_path)
 
     if File.directory? absolute_abilities_path

data/lib/canard/railtie.rb

@@ -7,7 +7,6 @@ module Canard
     initializer "canard.active_record" do |app|
       ActiveSupport.on_load :active_record do
         extend Canard::UserModel
-        Canard.abilities_path ||= File.expand_path('abilities', Rails.root)
         Canard.find_abilities
       end
     end

data/lib/canard/user_model.rb

@@ -2,6 +2,43 @@ module Canard
 
   module UserModel
     
+    # Canard applies roles to a model using the acts_as_user class method. The following User model
+    # will be given the :manager and :admin roles
+    #
+    #   class User < ActiveRecord::Base
+    #
+    #     acts_as_user :roles =>  :manager, :admin
+    #
+    #   end
+    #
+    # == Scopes
+    #
+    # Beyond applying the roles to model acts_as_user also creates some useful scopes on the User
+    # model;
+    #
+    #   User.with_any_role(:manager, :admin)
+    #
+    # returns all the managers and admins
+    #
+    #  User.with_all_roles(:manager, :admin)
+    #
+    # returns only the users with both the manager and admin roles
+    #
+    #   User.admins
+    #
+    # returns all the admins as
+    #
+    #  User.managers
+    #
+    # returns all the users with the maager role likewise
+    #
+    #   User.non_admins
+    #
+    # returns all the users who don't have the admin role and
+    #
+    #   User.non_managers
+    #
+    # returns all the users who don't have the manager role.
     def acts_as_user(*args)
       include RoleModel
 

data/lib/canard/version.rb

@@ -1,3 +1,3 @@
 module Canard
-  VERSION = "0.2.7"
+  VERSION = "0.3.1"
 end

data/test/abilities/admins.rb

@@ -1,9 +1,5 @@
 abilities_for(:admin) do
-    
-  can :manage, [Activity, User, Variation, Year]
-  
-  cannot :destroy, User do |u|
-    (user == u)
-  end
-    
+
+  can :manage, [Activity, User]
+
 end

data/test/abilities_test.rb

@@ -39,7 +39,7 @@ describe 'Canard::Abilities' do
     
   end
   
-  describe "define" do
+  describe "for" do
     
     it "adds the block to the definitions" do
       block = lambda { puts 'some block' }

data/test/ability_test.rb

@@ -0,0 +1,113 @@
+require 'test_helper'
+
+describe Ability do
+  
+  before do
+    # reload abilities because the reloader will have removed them after the railtie ran
+    Canard.find_abilities
+  end
+    
+  describe "new" do
+    
+    describe "with a user" do
+      
+      let(:user) { User.new }
+      subject { Ability.new(user) }
+      
+      it "assign the user to Ability#user" do
+        subject.user.must_equal user
+      end
+
+    end
+    
+    describe "with a model that references a user" do
+      
+      let(:user) { User.create }
+      let(:member) { Member.new(:user => user) }
+      
+      subject { Ability.new(member) }
+      
+      it "assign the user to Ability#user" do
+        subject.user.must_equal user
+      end
+
+    end
+    
+    describe "for a user with author role" do
+      
+      let(:user) { User.create(:roles => [:author]) }
+      let(:member) { Member.create(:user => user) }
+      let(:other_member) { Member.new(:user => User.create) }
+      subject { Ability.new(user) }
+      
+      it "has all the abilities of the base class" do
+        subject.can?(:edit, member).must_equal true
+        subject.can?(:update, member).must_equal true
+
+        subject.can?(:edit, other_member).wont_equal true
+        subject.can?(:update, other_member).wont_equal true
+      end
+      
+      it "has all the abilities of an author" do
+        subject.can?(:new, Post).must_equal true
+        subject.can?(:create, Post).must_equal true
+        subject.can?(:edit, Post).must_equal true
+        subject.can?(:update, Post).must_equal true
+        subject.can?(:show, Post).must_equal true
+        subject.can?(:index, Post).must_equal true
+      end
+      
+      it "has no admin abilities" do
+        subject.cannot?(:destroy, Post).must_equal true
+      end
+      
+    end
+
+    describe "for a user with admin and author role" do
+      
+      let(:user) { User.create(:roles => [:author, :admin]) }
+      let(:member) { Member.create(:user => user) }
+      let(:other_user) { User.create }
+      let(:other_member) { Member.new(:user => other_user) }
+      subject { Ability.new(user) }
+      
+      it "has all the abilities of the base class" do
+        subject.can?(:edit, member).must_equal true
+        subject.can?(:update, member).must_equal true
+
+        subject.cannot?(:edit, other_member).must_equal true
+        subject.cannot?(:update, other_member).must_equal true
+      end
+      
+      it "has all the abilities of an author" do
+        subject.can?(:new, Post).must_equal true
+      end
+      
+      it "has the abilities of an admin" do
+        subject.can?(:manage, Post).must_equal true
+        subject.can?(:manage, other_user).must_equal true
+        subject.can?(:destroy, other_user).must_equal true
+        subject.cannot?(:destroy, user).must_equal true
+      end
+      
+    end
+    
+    describe "for a guest" do
+      
+      subject { Ability.new }
+      
+      it "applies the guest abilities" do
+        subject.can?(:index, Post)
+        subject.can?(:show, Post)
+        
+        subject.cannot?(:create, Post)
+        subject.cannot?(:update, Post)
+        subject.cannot?(:destroy, Post)
+        
+        subject.cannot?(:show, User)
+        subject.cannot?(:show, Member)
+      end
+    end
+  end
+  
+end

data/test/dummy/app/abilities/admins.rb

@@ -0,0 +1,9 @@
+Canard::Abilities.for(:admin) do
+  
+  can :manage, [Post, User]
+  
+  cannot :destroy, User do |u|
+    (user == u)
+  end
+  
+end

data/test/dummy/app/abilities/authors.rb

@@ -0,0 +1,5 @@
+Canard::Abilities.for(:author) do
+    
+  can [:create, :update, :read], Post
+    
+end

data/test/dummy/app/abilities/guests.rb

@@ -0,0 +1,5 @@
+Canard::Abilities.for(:guest) do
+
+  can :read, Post
+
+end

data/test/dummy/app/abilities/users.rb

@@ -0,0 +1,5 @@
+Canard::Abilities.for(:user) do
+  
+  can [:edit, :update], Member, :user_id => user.id
+  
+end

data/test/dummy/app/models/activity.rb

@@ -0,0 +1,2 @@
+class Activity
+end

data/test/dummy/app/models/member.rb

@@ -0,0 +1,7 @@
+class Member < ActiveRecord::Base
+    
+  belongs_to :user
+  
+  attr_accessible :user, :user_id
+  
+end

data/test/dummy/app/models/post.rb

@@ -0,0 +1,2 @@
+class Post < ActiveRecord::Base
+end

data/test/dummy/app/models/user.rb

@@ -1,7 +1,8 @@
 class User < ActiveRecord::Base
   
   extend Canard::UserModel
-  acts_as_user :roles => [:admin, :author, :viewer]
+  
+  acts_as_user :roles => [:viewer, :author, :admin]
   
   attr_accessible :roles
 end

data/test/dummy/db/migrate/20120430083231_initialize_db.rb

@@ -0,0 +1,18 @@
+class InitializeDb < ActiveRecord::Migration
+  
+  def change
+    create_table :users, :force => true do |t|
+      t.string     :roles_mask
+    end
+    create_table :user_without_roles, :force => true do |t|
+      t.string     :roles_mask
+    end
+    create_table :user_without_role_masks, :force => true do |t|
+    end
+  
+    create_table :members, :force => true do |t|
+      t.references :user
+    end
+  end
+  
+end

data/test/dummy/db/schema.rb

@@ -0,0 +1,31 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20120430083231) do
+
+  create_table "members", :force => true do |t|
+    t.integer "user_id"
+  end
+
+  create_table "user_without_role_masks", :force => true do |t|
+  end
+
+  create_table "user_without_roles", :force => true do |t|
+    t.string "roles_mask"
+  end
+
+  create_table "users", :force => true do |t|
+    t.string "roles_mask"
+  end
+
+end

data/test/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/test/find_abilities_test.rb

@@ -23,7 +23,7 @@ describe Canard do
     it "finds the abilities with the new syntax" do
       Canard.find_abilities
       
-      Canard.ability_definitions.keys.must_include :moderator
+      Canard.ability_definitions.keys.must_include :author
     end
     
     it "reloads existing abilities" do
@@ -31,7 +31,7 @@ describe Canard do
       Canard::Abilities.send(:instance_variable_set, '@definitions', {})
       Canard.find_abilities
       
-      Canard.ability_definitions.keys.must_include :moderator
+      Canard.ability_definitions.keys.must_include :author
       Canard.ability_definitions.keys.must_include :admin
     end
     
@@ -41,7 +41,7 @@ describe Canard do
     
     it "raises a deprecation warning" do
       assert_deprecated do
-        Canard.abilities_for(:this) { puts 'that' }
+        Canard.abilities_for(:this) { return 'that' }
       end
     end
     

data/test/test_helper.rb

@@ -1,3 +1,4 @@
+gem 'minitest'
 require 'minitest/autorun'
 
 # Configure Rails Environment
@@ -11,5 +12,6 @@ Rails.backtrace_cleaner.remove_silencers!
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
 
 ActiveRecord::Migration.verbose = false
-load(File.dirname(__FILE__) + '/schema.rb')
+load(File.expand_path('../dummy/db/schema.rb', __FILE__))
+
 

data/test/user_model_test.rb

@@ -29,7 +29,7 @@ describe Canard::UserModel do
       describe 'and :roles => [] specified' do
       
         it 'should set the valid_roles for the class' do
-          User.valid_roles.must_equal [:admin, :author, :viewer]
+          User.valid_roles.must_equal [:viewer, :author, :admin]
         end
         
       end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: canard
 version: !ruby/object:Gem::Version
-  version: 0.2.7
+  version: 0.3.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-04-10 00:00:00.000000000Z
+date: 2012-05-02 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
-  requirement: &2152271020 !ruby/object:Gem::Requirement
+  requirement: &2152517180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: '2'
   type: :development
   prerelease: false
-  version_requirements: *2152271020
+  version_requirements: *2152517180
 - !ruby/object:Gem::Dependency
   name: sqlite3
-  requirement: &2152263860 !ruby/object:Gem::Requirement
+  requirement: &2152516180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152263860
+  version_requirements: *2152516180
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2152261660 !ruby/object:Gem::Requirement
+  requirement: &2152514320 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -43,10 +43,10 @@ dependencies:
         version: 3.2.3
   type: :development
   prerelease: false
-  version_requirements: *2152261660
+  version_requirements: *2152514320
 - !ruby/object:Gem::Dependency
   name: activesupport
-  requirement: &2152259720 !ruby/object:Gem::Requirement
+  requirement: &2152512180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *2152259720
+  version_requirements: *2152512180
 - !ruby/object:Gem::Dependency
   name: cancan
-  requirement: &2152258740 !ruby/object:Gem::Requirement
+  requirement: &2152511480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *2152258740
+  version_requirements: *2152511480
 - !ruby/object:Gem::Dependency
   name: role_model
-  requirement: &2152256860 !ruby/object:Gem::Requirement
+  requirement: &2152510060 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -76,7 +76,7 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *2152256860
+  version_requirements: *2152510060
 description: Wraps CanCan and RoleModel up to make role based authorisation really
   easy in Rails 3.x.
 email:
@@ -107,10 +107,17 @@ files:
 - lib/generators/rspec/ability/templates/abilities_spec.rb.erb
 - test/abilities/admins.rb
 - test/abilities_test.rb
+- test/ability_test.rb
 - test/canard_test.rb
 - test/dummy/Rakefile
-- test/dummy/app/abilities/moderators.rb
+- test/dummy/app/abilities/admins.rb
+- test/dummy/app/abilities/authors.rb
+- test/dummy/app/abilities/guests.rb
+- test/dummy/app/abilities/users.rb
 - test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/models/activity.rb
+- test/dummy/app/models/member.rb
+- test/dummy/app/models/post.rb
 - test/dummy/app/models/user.rb
 - test/dummy/app/models/user_without_role.rb
 - test/dummy/app/models/user_without_role_mask.rb
@@ -126,10 +133,12 @@ files:
 - test/dummy/config/initializers/wrap_parameters.rb
 - test/dummy/config/locales/en.yml
 - test/dummy/config/routes.rb
+- test/dummy/db/migrate/20120430083231_initialize_db.rb
+- test/dummy/db/schema.rb
 - test/dummy/db/test.sqlite3
 - test/dummy/log/.gitkeep
+- test/dummy/script/rails
 - test/find_abilities_test.rb
-- test/schema.rb
 - test/support/reloadable.rb
 - test/test_helper.rb
 - test/user_model_test.rb
@@ -160,10 +169,17 @@ summary: Adds role based authorisation to Rails by combining RoleModel and CanCa
 test_files:
 - test/abilities/admins.rb
 - test/abilities_test.rb
+- test/ability_test.rb
 - test/canard_test.rb
 - test/dummy/Rakefile
-- test/dummy/app/abilities/moderators.rb
+- test/dummy/app/abilities/admins.rb
+- test/dummy/app/abilities/authors.rb
+- test/dummy/app/abilities/guests.rb
+- test/dummy/app/abilities/users.rb
 - test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/models/activity.rb
+- test/dummy/app/models/member.rb
+- test/dummy/app/models/post.rb
 - test/dummy/app/models/user.rb
 - test/dummy/app/models/user_without_role.rb
 - test/dummy/app/models/user_without_role_mask.rb
@@ -179,10 +195,12 @@ test_files:
 - test/dummy/config/initializers/wrap_parameters.rb
 - test/dummy/config/locales/en.yml
 - test/dummy/config/routes.rb
+- test/dummy/db/migrate/20120430083231_initialize_db.rb
+- test/dummy/db/schema.rb
 - test/dummy/db/test.sqlite3
 - test/dummy/log/.gitkeep
+- test/dummy/script/rails
 - test/find_abilities_test.rb
-- test/schema.rb
 - test/support/reloadable.rb
 - test/test_helper.rb
 - test/user_model_test.rb

data/test/dummy/app/abilities/moderators.rb

@@ -1,9 +0,0 @@
-Canard::Abilities.for(:moderator) do
-    
-  can :manage, [Post]
-  
-  cannot :destroy, User do |u|
-    (user == u)
-  end
-    
-end

data/test/schema.rb

@@ -1,12 +0,0 @@
-ActiveRecord::Schema.define :version => 0 do
-
-  create_table :users, :force => true do |t|
-    t.string     :roles_mask
-  end
-  create_table :user_without_roles, :force => true do |t|
-    t.string     :roles_mask
-  end
-  create_table :user_without_role_masks, :force => true do |t|
-  end
-
-end