cancan-permits 0.2.1 → 0.2.2

data/README.markdown

@@ -4,10 +4,11 @@ Role specific Permits for use with [CanCan](http://github.com/ryanb/cancan) perm
 
 ## Update Oct 13
 
-Now updated to support multiple ownership startegies so that alternative ORMs can be supported. Demonstrates how to use it with Mongoid, including specs to prove it!
-Special thanks to Sam (yoda) for this inspiration and help in this regard :)
+Now updated to support multiple ownership startegies so that alternative ORMs can be supported. 
+This gem now includes specs that demonstrate how to configure it for use with Mongoid, Mongo Mapper and Data Mapper! 
+Special thanks to Sam (yoda) for the initial inspiration and work to ensure support for Mongoid  :)
 
-The generator has also been updated slightly to support this new strategy as of version 0.2.1. 
+The generator has also been updated slightly to support this new strategy option as of version 0.2.1. 
 In general, the new Permits API now uses an options hash to replace the old optional request parameter. 
 This design allows for better extensibility in the future if needed. 
 

data/VERSION

@@ -1 +1 @@
-0.2.1
+0.2.2

data/cancan-permits.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{cancan-permits}
-  s.version = "0.2.1"
+  s.version = "0.2.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Kristian Mandrup"]
@@ -47,7 +47,15 @@ Gem::Specification.new do |s|
      "spec/cancan-permits/permits/fixtures/models.rb",
      "spec/cancan-permits/permits/owner_permits_spec.rb",
      "spec/cancan-permits/permits/permits_spec.rb",
+     "spec/data_mapper/models/all_models.rb",
+     "spec/data_mapper/owner_permits_spec.rb",
+     "spec/data_mapper/permits_spec.rb",
+     "spec/data_mapper/spec_helper.rb",
      "spec/generators/permit_generator_spec.rb",
+     "spec/mongo_mapper/models/all_models.rb",
+     "spec/mongo_mapper/owner_permits_spec.rb",
+     "spec/mongo_mapper/permits_spec.rb",
+     "spec/mongo_mapper/spec_helper.rb",
      "spec/mongoid/models/all_models.rb",
      "spec/mongoid/owner_permits_spec.rb",
      "spec/mongoid/permits_spec.rb",
@@ -66,7 +74,15 @@ Gem::Specification.new do |s|
      "spec/cancan-permits/permits/fixtures/models.rb",
      "spec/cancan-permits/permits/owner_permits_spec.rb",
      "spec/cancan-permits/permits/permits_spec.rb",
+     "spec/data_mapper/models/all_models.rb",
+     "spec/data_mapper/owner_permits_spec.rb",
+     "spec/data_mapper/permits_spec.rb",
+     "spec/data_mapper/spec_helper.rb",
      "spec/generators/permit_generator_spec.rb",
+     "spec/mongo_mapper/models/all_models.rb",
+     "spec/mongo_mapper/owner_permits_spec.rb",
+     "spec/mongo_mapper/permits_spec.rb",
+     "spec/mongo_mapper/spec_helper.rb",
      "spec/mongoid/models/all_models.rb",
      "spec/mongoid/owner_permits_spec.rb",
      "spec/mongoid/permits_spec.rb",

data/lib/cancan-permits/permit/base_permit.rb

@@ -43,21 +43,8 @@ module Permit
       # puts "Using strategy: #{strategy_used}"
       begin
         case strategy_used
-        when :mongoid   
-          # puts "Ownership with mongoid for class: #{clazz}"
-          # can :manage, clazz, ownership_relation => user_id
-          can :manage, clazz do |obj|  
-            # puts "obj: #{obj.inspect}"
-            # puts "ownership relation: #{ownership_relation}"          
-            # rel = obj.send ownership_relation
-            # 
-            # puts "related obj: #{rel.inspect}"
-            # puts "user_id: #{user_id_attribute.inspect}"
-            # puts "user.user_id: #{user.send(user_id_attribute).inspect}"
-            # puts user.send(user_id_attribute).to_s
-            #           
-            obj.send(ownership_relation) == user.send(user_id_attribute).to_s
-          end
+        when :orm   
+          can :manage, clazz, ownership_relation => user_id.to_s
         when :default      
           # puts "Basic CanCan ownership"
           can :manage, clazz, ownership_relation => user_id

data/spec/data_mapper/models/all_models.rb

@@ -0,0 +1,20 @@
+class Comment
+  include DataMapper::Resource
+
+  property :id, Serial    
+  property :user_id, String
+end
+
+class Post
+  include DataMapper::Resource
+  
+  property :id, Serial  
+  property :writer, String
+end
+
+class Article
+  include DataMapper::Resource
+  
+  property :id, Serial  
+  property :author, String  
+end

data/spec/data_mapper/owner_permits_spec.rb

@@ -0,0 +1,73 @@
+require 'data_mapper/spec_helper'
+
+describe Permits::Ability do
+  context "Editor user" do
+    context "using default :user_id relation - foreign key to User.id" do   
+      before :each do                  
+        @editor         = User.create(:name => "Kristian", :role => "editor")
+        @other_guy      = User.create(:name => "Random dude", :role => "admin")
+
+        @ability        = Permits::Ability.new(@editor, :strategy => :orm)
+
+        @own_comment    = Comment.create(:user_id => @editor.id)
+        @other_comment  = Comment.create(:user_id => @other_guy.id)      
+        # @post     = Post.create(:writer => @editor.id)
+        # @article  = Article.create(:author => @editor.id)
+      end      
+      
+      it "should be able to :read Comment he owns" do
+        @ability.should be_able_to(:read, Comment)
+        @ability.should be_able_to(:read, @own_comment)      
+      end
+
+      it "should be able to :update Comment he owns" do
+        @ability.should be_able_to(:update, @own_comment)      
+      end
+      
+      it "should NOT be able to :update Comment he does NOT own" do
+        @ability.should_not be_able_to(:update, @other_comment)      
+      end
+      
+      it "should be able to :delete Comment he owns" do
+        @ability.should be_able_to(:delete, @own_comment)      
+      end
+      
+      it "should NOT be able to :update Comment he does NOT own" do
+        @ability.should_not be_able_to(:delete, @other_comment)      
+      end
+    end 
+    
+    context "using custom :writer relation - foreign key to User.id" do   
+      before :each do                  
+        @editor         = User.create(:name => "Kristian", :role => "editor")
+        @other_guy      = User.create(:name => "Random dude", :role => "admin")
+    
+        @ability        = Permits::Ability.new(@editor, :strategy => :orm)
+    
+        @own_post       = Post.create(:writer => @editor.id)
+        @other_post     = Post.create(:writer => @other_guy.id)      
+      end      
+      
+      it "should be able to :read Post he owns" do
+        @ability.should be_able_to(:read, Post)
+        @ability.should be_able_to(:read, @own_post)      
+      end
+    
+      it "should be able to :update Post he owns" do
+        @ability.should be_able_to(:update, @own_post)      
+      end
+    
+      it "should NOT be able to :update Post he does NOT own" do
+        @ability.should_not be_able_to(:update, @other_post)      
+      end
+      
+      it "should be able to :delete Post he owns" do
+        @ability.should be_able_to(:delete, @own_post)      
+      end
+      
+      it "should NOT be able to :update Post he does NOT own" do
+        @ability.should_not be_able_to(:delete, @other_post)      
+      end
+    end    
+  end        
+end

data/spec/data_mapper/permits_spec.rb

@@ -0,0 +1,36 @@
+require 'data_mapper/spec_helper'
+
+describe Permits::Ability do
+  context "Guest user" do
+    before :each do
+      @guest    = User.create(:name => "Kristian", :role => "guest")
+
+      @ability  = Permits::Ability.new(@guest, :strategy => :orm)
+
+      @comment  = Comment.create(:user_id => @guest.id)
+
+      @post     = Post.create(:writer => @guest.id)
+
+      @article  = Article.create(:author => @guest.id)
+    end
+
+    it "should be able to :read Comment and Post but NOT Article" do
+      @ability.can?(:read, Comment).should be_true
+      @ability.can?(:read, @comment).should be_true
+      
+      @ability.can?(:read, Post).should be_true      
+      @ability.can?(:read, @post).should be_true      
+      
+      @ability.can?(:read, Article).should be_false
+      @ability.can?(:read, @article).should be_false      
+    end
+
+    it "should be not able to :update only Comment" do
+      @ability.can?(:update, Comment).should be_true
+      @ability.can?(:update, @comment).should be_true      
+      
+      @ability.can?(:update, Post).should be_false
+      @ability.can?(:update, @post).should be_false
+    end
+  end
+end

data/spec/data_mapper/spec_helper.rb

@@ -0,0 +1,56 @@
+require 'rspec/core' 
+
+require 'dm-core'
+require 'dm-types'
+require 'dm-migrations'
+
+require 'cancan/matchers'
+require 'cancan-permits'
+require 'cancan-permits/rspec'
+
+# gem install dm-core dm-sqlite-adapter 
+# gem install dm-types dm-validations dm-timestamps dm-aggregates dm-adjust dm-is-list dm-is-tree dm-is-versioned dm-is-nested_set 
+# gem install rails_datamapper dm-migrations dm-observer
+
+DataMapper::Logger.new($stdout, :debug)                 
+DataMapper.setup(:default, 'sqlite::memory:')
+
+RSpec.configure do |config|
+  config.mock_with :mocha
+end
+
+
+require_all File.dirname(__FILE__) + '/../cancan-permits/fixtures/permits'
+require_all File.dirname(__FILE__) + '/models/all_models'
+
+RSpec.configure do |config|
+  config.mock_with :mocha
+end
+
+module Permits::Roles
+  def self.available
+    User.roles
+  end
+end
+
+class User
+  include DataMapper::Resource  
+
+  property :id, Serial  
+  property :role, String
+  property :name, String 
+
+
+  def self.roles
+    [:guest, :admin, :editor]
+  end    
+  
+  def has_role? role
+    self.role.to_sym == role.to_sym
+  end
+end
+
+DataMapper.finalize
+DataMapper.auto_migrate!
+
+

data/spec/mongo_mapper/models/all_models.rb

@@ -0,0 +1,17 @@
+class Comment
+  include MongoMapper::Document
+  
+  key :user_id, String
+end
+
+class Post
+  include MongoMapper::Document
+  
+  key :writer, String
+end
+
+class Article
+  include MongoMapper::Document
+  
+  key :author, String  
+end

data/spec/mongo_mapper/owner_permits_spec.rb

@@ -0,0 +1,73 @@
+require 'mongo_mapper/spec_helper'
+
+describe Permits::Ability do
+  context "Editor user" do
+    context "using default :user_id relation - foreign key to User.id" do   
+      before :each do                  
+        @editor         = User.create(:name => "Kristian", :role => "editor")
+        @other_guy      = User.create(:name => "Random dude", :role => "admin")
+
+        @ability        = Permits::Ability.new(@editor, :strategy => :orm)
+
+        @own_comment    = Comment.create(:user_id => @editor.id)
+        @other_comment  = Comment.create(:user_id => @other_guy.id)      
+        # @post     = Post.create(:writer => @editor.id)
+        # @article  = Article.create(:author => @editor.id)
+      end      
+      
+      it "should be able to :read Comment he owns" do
+        @ability.should be_able_to(:read, Comment)
+        @ability.should be_able_to(:read, @own_comment)      
+      end
+
+      it "should be able to :update Comment he owns" do
+        @ability.should be_able_to(:update, @own_comment)      
+      end
+      
+      it "should NOT be able to :update Comment he does NOT own" do
+        @ability.should_not be_able_to(:update, @other_comment)      
+      end
+      
+      it "should be able to :delete Comment he owns" do
+        @ability.should be_able_to(:delete, @own_comment)      
+      end
+      
+      it "should NOT be able to :update Comment he does NOT own" do
+        @ability.should_not be_able_to(:delete, @other_comment)      
+      end
+    end 
+    
+    context "using custom :writer relation - foreign key to User.id" do   
+      before :each do                  
+        @editor         = User.create(:name => "Kristian", :role => "editor")
+        @other_guy      = User.create(:name => "Random dude", :role => "admin")
+    
+        @ability        = Permits::Ability.new(@editor, :strategy => :mongo)
+    
+        @own_post       = Post.create(:writer => @editor.id)
+        @other_post     = Post.create(:writer => @other_guy.id)      
+      end      
+      
+      it "should be able to :read Post he owns" do
+        @ability.should be_able_to(:read, Post)
+        @ability.should be_able_to(:read, @own_post)      
+      end
+    
+      it "should be able to :update Post he owns" do
+        @ability.should be_able_to(:update, @own_post)      
+      end
+    
+      it "should NOT be able to :update Post he does NOT own" do
+        @ability.should_not be_able_to(:update, @other_post)      
+      end
+      
+      it "should be able to :delete Post he owns" do
+        @ability.should be_able_to(:delete, @own_post)      
+      end
+      
+      it "should NOT be able to :update Post he does NOT own" do
+        @ability.should_not be_able_to(:delete, @other_post)      
+      end
+    end    
+  end        
+end

data/spec/mongo_mapper/permits_spec.rb

@@ -0,0 +1,36 @@
+require 'mongo_mapper/spec_helper'
+
+describe Permits::Ability do
+  context "Guest user" do
+    before :each do
+      @guest    = User.create(:name => "Kristian", :role => "guest")
+
+      @ability  = Permits::Ability.new(@guest, :strategy => :orm)
+
+      @comment  = Comment.create(:user_id => @guest.id)
+
+      @post     = Post.create(:writer => @guest.id)
+
+      @article  = Article.create(:author => @guest.id)
+    end
+
+    it "should be able to :read Comment and Post but NOT Article" do
+      @ability.can?(:read, Comment).should be_true
+      @ability.can?(:read, @comment).should be_true
+      
+      @ability.can?(:read, Post).should be_true      
+      @ability.can?(:read, @post).should be_true      
+      
+      @ability.can?(:read, Article).should be_false
+      @ability.can?(:read, @article).should be_false      
+    end
+
+    it "should be not able to :update only Comment" do
+      @ability.can?(:update, Comment).should be_true
+      @ability.can?(:update, @comment).should be_true      
+      
+      @ability.can?(:update, Post).should be_false
+      @ability.can?(:update, @post).should be_false
+    end
+  end
+end

data/spec/mongo_mapper/spec_helper.rb

@@ -0,0 +1,59 @@
+require 'rspec/core' 
+require 'mongo_mapper'
+require 'cancan/matchers'
+require 'cancan-permits'
+require 'cancan-permits/rspec'
+
+require_all File.dirname(__FILE__) + '/../cancan-permits/fixtures/permits'
+require_all File.dirname(__FILE__) + '/models/all_models'
+
+RSpec.configure do |config|
+  config.mock_with :mocha
+end
+
+module Permits::Roles
+  def self.available
+    User.roles
+  end
+end
+
+class User
+  include MongoMapper::Document
+  
+  key :role, String
+  key :name, String  
+
+  def self.roles
+    [:guest, :admin, :editor]
+  end    
+  
+  def has_role? role
+    self.role.to_sym == role.to_sym
+  end     
+end
+
+                 
+MongoMapper.database = 'cancan-permits_mongo_mapper'
+
+module Database
+  def self.teardown
+    # MongoMapper.database.collections.each {|collection| collection.drop }    
+    MongoMapper.database.collections.each do |coll|
+      coll.drop unless coll.name =~ /(.*\.)?system\..*/
+    end    
+  end
+end
+
+
+RSpec.configure do |config|
+  config.mock_with :mocha
+  config.before do
+    MongoMapper.database.collections.each do |coll|
+      coll.drop unless coll.name =~ /(.*\.)?system\..*/
+    end    
+  end
+end
+
+
+
+

data/spec/mongoid/owner_permits_spec.rb

@@ -7,7 +7,7 @@ describe Permits::Ability do
         @editor         = User.create(:name => "Kristian", :role => "editor")
         @other_guy      = User.create(:name => "Random dude", :role => "admin")
 
-        @ability        = Permits::Ability.new(@editor, :strategy => :mongoid)
+        @ability        = Permits::Ability.new(@editor, :strategy => :orm)
 
         @own_comment    = Comment.create(:user_id => @editor.id)
         @other_comment  = Comment.create(:user_id => @other_guy.id)      
@@ -42,7 +42,7 @@ describe Permits::Ability do
         @editor         = User.create(:name => "Kristian", :role => "editor")
         @other_guy      = User.create(:name => "Random dude", :role => "admin")
 
-        @ability        = Permits::Ability.new(@editor, :strategy => :mongoid)
+        @ability        = Permits::Ability.new(@editor, :strategy => :mongo)
 
         @own_post       = Post.create(:writer => @editor.id)
         @other_post     = Post.create(:writer => @other_guy.id)      

data/spec/mongoid/permits_spec.rb

@@ -1,23 +1,11 @@
 require 'mongoid/spec_helper'
 
-# class Comment
-#   attr_accessor :owner
-# end
-# 
-# class Post
-#   attr_accessor :writer  
-# end
-# 
-# class Article
-#   attr_accessor :author
-# end
-
 describe Permits::Ability do
   context "Guest user" do
     before :each do
       @guest   = User.create(:name => "Kristian", :role => "guest")
 
-      @ability  = Permits::Ability.new(@guest)
+      @ability  = Permits::Ability.new(@guest, :strategy => :orm)
 
       @comment  = Comment.create(:user_id => @guest.id)
 
@@ -26,10 +14,6 @@ describe Permits::Ability do
       @article  = Article.create(:author => @guest.id)
     end
 
-    # can :read, [Comment, Post]
-    # can [:update, :destroy], [Comment]
-    # can :create, Article
-
     it "should be able to :read Comment and Post but NOT Article" do
       @ability.can?(:read, Comment).should be_true
       @ability.can?(:read, @comment).should be_true
@@ -48,7 +32,6 @@ describe Permits::Ability do
       @ability.can?(:update, Post).should be_false
       @ability.can?(:update, @post).should be_false
     end
-
   end
   
   context "Admin user" do
@@ -56,9 +39,7 @@ describe Permits::Ability do
       @admin = User.create(:role => 'admin')
       @ability = Permits::Ability.new(@admin)
     end
-  # 
-  #   # can :manage, :all    
-  # 
+
     it "should be able to :read anything" do
       @ability.can?(:read, Comment).should be_true
       @ability.can?(:read, Post).should be_true      

data/spec/mongoid/spec_helper.rb

@@ -43,10 +43,6 @@ module Database
   end
 end
 
-Mongoid.database.collections.each do |coll|
-  coll.remove
-end
-
 RSpec.configure do |config|
   config.mock_with :mocha
   config.before do

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 2
-  - 1
-  version: 0.2.1
+  - 2
+  version: 0.2.2
 platform: ruby
 authors: 
 - Kristian Mandrup
@@ -149,7 +149,15 @@ files:
 - spec/cancan-permits/permits/fixtures/models.rb
 - spec/cancan-permits/permits/owner_permits_spec.rb
 - spec/cancan-permits/permits/permits_spec.rb
+- spec/data_mapper/models/all_models.rb
+- spec/data_mapper/owner_permits_spec.rb
+- spec/data_mapper/permits_spec.rb
+- spec/data_mapper/spec_helper.rb
 - spec/generators/permit_generator_spec.rb
+- spec/mongo_mapper/models/all_models.rb
+- spec/mongo_mapper/owner_permits_spec.rb
+- spec/mongo_mapper/permits_spec.rb
+- spec/mongo_mapper/spec_helper.rb
 - spec/mongoid/models/all_models.rb
 - spec/mongoid/owner_permits_spec.rb
 - spec/mongoid/permits_spec.rb
@@ -194,7 +202,15 @@ test_files:
 - spec/cancan-permits/permits/fixtures/models.rb
 - spec/cancan-permits/permits/owner_permits_spec.rb
 - spec/cancan-permits/permits/permits_spec.rb
+- spec/data_mapper/models/all_models.rb
+- spec/data_mapper/owner_permits_spec.rb
+- spec/data_mapper/permits_spec.rb
+- spec/data_mapper/spec_helper.rb
 - spec/generators/permit_generator_spec.rb
+- spec/mongo_mapper/models/all_models.rb
+- spec/mongo_mapper/owner_permits_spec.rb
+- spec/mongo_mapper/permits_spec.rb
+- spec/mongo_mapper/spec_helper.rb
 - spec/mongoid/models/all_models.rb
 - spec/mongoid/owner_permits_spec.rb
 - spec/mongoid/permits_spec.rb