cancan-export 0.2.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ab8f4923b92deaad80e7e97bc00cc52b61c4cf23
+  data.tar.gz: b8348cc0d0f60d391644fcbec7a903dea69fd257
+SHA512:
+  metadata.gz: a819e03e5f4abf8633706c04e655f06271695116a91efad3855a52d03303358c388e6ec0ce9b672b0d6d73e6c80bc94f0e48da8775cbf4e1631f2809027f8f85
+  data.tar.gz: 5196e4031a3cbd80c5a7e88e8617c4c0d6a3b2138be478049185d7f85764e6cc7b8c186e0c8da11327550f090c3ceb4c15782fc51e68a80df3e05c1f792cb770

data/.gitignore

@@ -0,0 +1,19 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/tmp/
+
+.directory
+*.log
+*.bak
+*.old
+*.gem
+
+/auth.yml
+/feed.json

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.2
+before_install: gem install bundler -v 1.10.6

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in cancan-export.gemspec
+gemspec

data/README.md

@@ -0,0 +1,35 @@
+# Cancan::Export
+
+It is the rewrite of a vital parts of CanCan v.1.13.1 classes: Ability and Rule.  
+All method names writen in a snake case is rewrites of the CanCan ones.
+
+This rewrite is simplified since we don't have ORM objects and real DB relations.  
+All we have on the client-side is plain old objects,   
+though as long as each object has `_type' or `type' property, it can be identified as an object of a specific model.
+
+## Usage
+
+```javascript
+ability = new CanCanAbility(gon)
+ability.can('read', 'CustomerOrder')
+// => true or false
+customerOrder = {partner_id: 123}
+// or with restmod
+customerOrder = CustomerOrder.$build({ partner_id: 123 })
+ability.can('edit', customerOrder)
+// => true, if a partner can edit only his orders and gon.user.partner_id == 123
+```
+
+### With angular
+
+```javascript
+// include CanCan service into the $rootScope,
+  MyApp.run(['$rootScope', 'CanCan', function($rootScope, CanCan) {
+    angular.extend($rootScope, CanCan);
+    ...
+  }])
+// then, in templates you can authorize parts like
+  can('edit', customerOrder)
+// and check the permissions in a controller like
+  $scope.can('edit', $scope.customerOrder)
+```

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/assets/javascripts/cancan/export-angular.js.coffee

@@ -0,0 +1,24 @@
+# Usage:
+# include CanCan service into the $rootScope,
+#   MyApp.run('MyApp', ['$rootScope', 'CanCan', ($rootScope, CanCan) ->
+#     angular.extend $rootScope, CanCan
+#     ...
+#   ])
+# then, in templates you can authorize parts like
+#   can('edit', customerOrder)
+# and check the permissions in a controller like
+#   $scope.can('edit', $scope.customerOrder)
+((global, factory) ->
+    if typeof define == 'function' and define.amd?
+        define ['angular', 'cancan-export'], factory
+    else
+        factory(global.angular, global.CanCanAbility)
+)(this, (angular, CanCanAbility) ->
+    angular
+        .module 'cancan.export', []
+        .service 'CanCan', ->
+            ability: new CanCanAbility(window.gon)
+            getAbility: (object) -> @ability = new CanCanAbility(object)
+            can: (action, subject, argsForBlock...) -> @ability.can action, subject, argsForBlock...
+            cannot: (action, subject, argsForBlock...) -> @ability.cannot action, subject, argsForBlock...
+)

data/assets/javascripts/cancan/export.js.coffee

@@ -0,0 +1,148 @@
+# It is the rewrite of a vital parts of CanCan v.1.13.1 classes: Ability and Rule.
+# All method names writen in a snake case is rewrites of the CanCan ones.
+#
+# This rewrite is simplified since we don't have ORM objects and real DB relations.
+# All we have on the client-side is plain old objects, 
+# though as long as each object has `_type' or `type' property, it can be identified as an object of a specific model.
+#
+# Usage:
+#   ability = new CanCanAbility(gon)
+#   ability.can('read', 'CustomerOrder')
+#   # => true or false
+#   customerOrder = {partner_id: 123} 
+#   # or with restmod
+#   customerOrder = CustomerOrder.$build({ partner_id: 123 });
+#   ability.can('edit', customerOrder)
+#   # => true, if a partner can edit only his orders and gon.user.partner_id == 123
+((global, factory) ->
+    if typeof define == 'function' and define.amd?
+        define ['lodash'], factory
+    else
+        factory(global._)
+)(this, (_) ->
+  class @CanCanAbility
+    rules: []
+    rulesIndex: {}
+    helpers: [] 
+      
+    # @ data : [gon Object]
+    constructor: (data) ->
+        @user = data.user
+        $.extend @, data.ability
+      
+        # Import each helper defined in ruby's Ability object.
+        # `this' must be the object in which context `user' property is defined, thus it is Ability itself
+        for name, source in @helpersSource
+            @[name] = $.proxy eval(source), @
+      
+        @rules = @rules.map (data) =>
+            new Rule(data, @)
+        
+    can: (action, subject, extra_args...) ->
+        relevant_rules = @relevant_rules(action, subject)
+      
+        match = _(relevant_rules).find (rule) =>
+            rule.matches_conditions(action, subject, extra_args)
+        
+        match and match.baseBehavior or false
+    
+    cannot: (action, object, extra_args...) ->
+        !@can action, object, extra_args...
+      
+      
+    typeOf: (subject) ->
+        if typeof subject == 'string'
+            subject
+        else
+            subject._type or subject.type
+        
+    matches_subject: (subjects, subject) ->
+        _(subjects).include('all') or # wildcard rule
+        _(subjects).include(@typeOf subject)
+          
+    relevant_rules: (action, subject) ->
+        _.clone(@rules).reverse().filter (rule) =>
+            @matches_subject(rule.subjects, subject) and rule.is_relevant action, subject
+      
+    
+    class Rule
+        # there are nor subjects nor actions
+        matchAll: false
+        # can or cannot?
+        baseBehavior: true
+        # what to do?
+        actions: []
+        # object model names
+        # N.B. a Class starts with a Capital letter; a plain string/symbol with a small letter
+        subjects: []
+        # `where' hash on a model
+        conditions: {}
+        # function to check against
+        block: null
+      
+        constructor: (data, ability) ->
+            $.extend @, data
+            @ability = ability
+            @block = $.proxy eval(data.blockSource), ability
+        
+        typeOf: CanCanAbility.prototype.typeOf
+        
+        is_relevant: (action, subject) ->
+            @matchAll or (@matches_action(action) and @matches_subject(subject))
+          
+        matches_action: (action) ->
+            _(@actions).include('manage') or # wildcard rule
+            _(@actions).include(action)
+      
+        matches_subject: (subject) ->
+            @ability.matches_subject(@subjects, subject)
+      
+        # Nested subjects matching is not supported now
+        matches_conditions: (action, subject, extra_args) ->
+            if @matchAll
+                @call_block_with_all(action, subject, extra_args)
+            else if @block && typeof subject != 'string'
+                @block(subject, extra_args...)
+            else if @conditions && typeof subject != 'string'
+                @matches_conditions_hash(subject)
+            else
+                # Don't stop at "cannot" definitions when there are conditions.
+                # We want, if @baseBehavior is false, Ability#relevant_rules to not accept the result and check the next rule.
+                !@conditions or $.isEmptyObject(@conditions) or @baseBehavior
+      
+        # This is not suported yet. Use of this hook implies that we're able to pass a _class_ into block function,
+        # but for the while we can't
+        call_block_with_all: (action, subject, extra_args) ->
+            if typeof subject == 'string'
+                @block(action, subject, nil, extra_args...)
+            else
+                @block(action, @typeOf(subject), subject, extra_args...)
+          
+        # @ subject : [resource Object] : a pattern we match against
+        # @ conditions : [Object] : a pattern we match against
+        matches_conditions_hash: (subject, conditions=@conditions) ->
+            return true if $.isEmptyObject conditions
+            every_match = not _(conditions).find (value, name) =>
+                !@condition_match(subject[name], value)
+            
+        # @ attribute : a value which we match
+        # @ value : a pattern we match against
+        condition_match: (attribute, value) ->
+            if $.isPlainObject value
+                @hash_condition_match(attribute, value)
+            else if $.isArray value
+                # match against any of the rule condition values will do
+                _(value).include(attribute)
+            else
+                # only exact equality will do
+                attribute == value
+      
+        # @ attribute : a value which we match
+        # @ value : [Object] : a pattern we match against
+        hash_condition_match: (attribute, value) ->
+            if $.isArray attribute
+                # match of any element of [Array] attribute against the rule condition hash will do (recursion)
+                _(attribute).find (element) => @matches_conditions_hash(element, value)
+            else
+                attribute? && @matches_conditions_hash?(attribute, value)
+)

data/cancan-export.gemspec

@@ -0,0 +1,22 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cancan/export/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "cancan-export"
+  spec.version       = CanCan::Export::VERSION
+  spec.authors       = ["Sergey Baev"]
+
+  spec.summary       = "Exports CanCan rules to the client-side."
+  spec.homepage      = "https://github.com/tinbka/cancan-export"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.10"
+  spec.add_development_dependency "rake", "~> 10.0"
+  
+  spec.add_dependency "gon"
+  spec.add_dependency "coffee-rails"
+end

data/lib/cancan/export.rb

@@ -0,0 +1,23 @@
+require "cancan"
+require "gon"
+
+require "cancan/export/version"
+require "cancan/export/compiler"
+require "cancan/export/helpers"
+require "cancan/export/engine"
+require "cancan/export/ext/ability"
+require "cancan/export/ext/rule"
+
+module CanCan
+  class Rule
+    include Export::Rule
+  end
+  
+  module Ability
+    include Export::Ability
+  end
+  
+  module Export
+    ::ActionController::Base.send :include, ControllerHelpers
+  end
+end

data/lib/cancan/export/compiler.rb

@@ -0,0 +1,57 @@
+module CanCan
+  module Export
+    class Compiler
+      
+      def initialize
+        @mtimes = {}
+        @lines = {}
+        @js = {}
+      end
+      
+      def to_js(block)
+        source_lines = definition(block)
+        return @js[source_lines] if @js[source_lines]
+        
+        case block
+        when Proc then source_lines[0] =~ / (?:do|{)\s*(?:\|([\s\w\d,]+)\|)?\s*$/
+        when Method then source_lines[0] =~ /def [\w\d\.]+\(?([\s\w\d,]+)\)?\s*$/
+        end
+        arguments = $1.scan(/\w+/)
+        
+        coffeefied_source_lines = source_lines[1..-1]*"\n"
+        coffeefied_source_lines.gsub!(/\.(\w+)\?/, '.is_\1()') # .present? -> .present()
+        coffeefied_source_lines.gsub!(/\.(\w+)!/, '.do_\1()') # .sub! -> .sub!()
+        coffeefied_source_lines.gsub!(/(\d+)\.([a-z_]+)/, '(\1).\2()') # 4.hours -> (4).hours()
+        coffeefied_source_lines.gsub!(/:([\w\d]+)/, '"\1"') # 4.hours -> (4).hours()
+        #$log.info coffeefied_source_lines, caller_at: [0, 9..20]
+        
+        @js[source_lines] = CoffeeScript.compile "(#{arguments*', '}) ->\n#{coffeefied_source_lines}", bare: true
+      end
+      
+      private
+      
+      def definition(proc)
+        file, line = proc.source_location
+        lines = readlines file
+        
+        definition_line = lines[line-1]
+        indentation = definition_line[/^\s*/]
+        return lines[line-1..-1].take_while {|line| line !~ /#{indentation}end$/}
+      end
+      
+      def readlines(file)
+        if File.exists?(file)
+          mtime = File.mtime(file)
+          unless @mtimes[file] and @mtimes[file] >= mtime
+            @mtimes[file] = mtime
+            @lines[file] = IO.readlines(file)
+          end
+          @lines[file]
+        else
+          raise Errno::ENOENT, "The file where a block was defined, does not exist anymore @ rb_sysopen - #{file}"
+        end
+      end
+      
+    end
+  end
+end

data/lib/cancan/export/engine.rb

@@ -0,0 +1,9 @@
+module CanCan
+  module Export
+    class Engine < ::Rails::Engine
+      initializer 'cancan.export' do |app|
+        app.config.assets.paths << root.join('assets', 'javascripts').to_s
+      end
+    end
+  end
+end

data/lib/cancan/export/ext/ability.rb

@@ -0,0 +1,34 @@
+module CanCan
+  module Export
+    module Ability
+      extend ActiveSupport::Concern
+      
+      included do
+        @@compiler = CanCan::Export::Compiler.new
+      end
+      
+      def helper_method(*method_names)
+        helper_methods.merge! method_names.map {|method_name|
+          [method_name, @@compiler.to_js(method(method_name))]
+        }.to_h
+      end
+      
+      def helper_methods
+        @helpers ||= {}
+      end
+      
+      def to_json(options={})
+        {
+          rules: @rules.map {|rule|
+            rule.compile(self, @@compiler)
+          },
+          rulesIndex: @rules_index.map {|object, indices|
+            [object.to_s, indices]
+          }.to_h,
+          helpersSource: helper_methods
+        }.to_json(options)
+      end
+    
+    end
+  end
+end

data/lib/cancan/export/ext/rule.rb

@@ -0,0 +1,18 @@
+module CanCan
+  module Export
+    module Rule
+      
+      def compile(ability, compiler)
+        {
+          matchAll: @match_all,
+          baseBehavior: @base_behavior,
+          subjects: @subjects.map(&:to_s),
+          actions: ability.send(:expand_actions, @actions).map(&:to_s),
+          conditions: @conditions,
+          blockSource: @block && compiler.to_js(@block)
+        }
+      end
+      
+    end
+  end
+end

data/lib/cancan/export/helpers.rb

@@ -0,0 +1,16 @@
+module CanCan
+  module Export
+    module ControllerHelpers
+      
+      def gon
+        super.tap do |g|
+          if current_user
+            g.user ||= current_user
+            g.ability ||= ::Ability.new(g.user)
+          end
+        end
+      end
+      
+    end
+  end
+end

data/lib/cancan/export/version.rb

@@ -0,0 +1,5 @@
+module CanCan
+  module Export
+    VERSION = "0.2.1"
+  end
+end

metadata

@@ -0,0 +1,113 @@
+--- !ruby/object:Gem::Specification
+name: cancan-export
+version: !ruby/object:Gem::Version
+  version: 0.2.1
+platform: ruby
+authors:
+- Sergey Baev
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-11-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: gon
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coffee-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- assets/javascripts/cancan/export-angular.js.coffee
+- assets/javascripts/cancan/export.js.coffee
+- cancan-export.gemspec
+- lib/cancan/export.rb
+- lib/cancan/export/compiler.rb
+- lib/cancan/export/engine.rb
+- lib/cancan/export/ext/ability.rb
+- lib/cancan/export/ext/rule.rb
+- lib/cancan/export/helpers.rb
+- lib/cancan/export/version.rb
+homepage: https://github.com/tinbka/cancan-export
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: Exports CanCan rules to the client-side.
+test_files: []