cancan-permits 0.1.0 → 0.1.1

data/README.markdown

@@ -34,19 +34,17 @@ By default it returns User.roles if such exists, otherwise it returns [:guest, :
 _Note:_ You might consider using the Permits generator in order to generate your permits for you (see below)
 
 <pre>
-  module RolePermit  
-    class Admin < Base
-      def initialize(ability)
-        super
-      end
-
-      def permit?(user, request=nil)    
-        super
-        return if !role_match? user
-
-        can :manage, :all    
-      end  
+  class AdminPermit < Permit::Base
+    def initialize(ability)
+      super
     end
+
+    def permit?(user, request=nil)    
+      super
+      return if !role_match? user
+
+      can :manage, :all    
+    end  
   end
 </pre>
 

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.1.1

data/cancan-permits.gemspec

@@ -0,0 +1,89 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{cancan-permits}
+  s.version = "0.1.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Kristian Mandrup"]
+  s.date = %q{2010-09-19}
+  s.description = %q{Role specific Permits for use with CanCan permission system}
+  s.email = %q{kmandrup@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.markdown"
+  ]
+  s.files = [
+    ".document",
+     ".gitignore",
+     ".rspec",
+     "LICENSE",
+     "README.markdown",
+     "Rakefile",
+     "VERSION",
+     "cancan-permits.gemspec",
+     "lib/cancan-permits.rb",
+     "lib/cancan-permits/namespaces.rb",
+     "lib/cancan-permits/permit/base_license.rb",
+     "lib/cancan-permits/permit/base_permit.rb",
+     "lib/cancan-permits/permits/ability.rb",
+     "lib/cancan-permits/permits/configuration.rb",
+     "lib/cancan-permits/permits/roles.rb",
+     "lib/cancan-permits/rspec/config.rb",
+     "lib/cancan-permits/rspec/matchers/have_license.rb",
+     "lib/cancan-permits/rspec/matchers/have_license_class.rb",
+     "lib/cancan-permits/rspec/matchers/have_license_file.rb",
+     "lib/generators/permits/permits_generator.rb",
+     "lib/generators/permits/templates/licenses.rb",
+     "lib/generators/permits/templates/permit.rb",
+     "spec/cancan-permits/fixtures/permits/admin_permit.rb",
+     "spec/cancan-permits/fixtures/permits/editor_permit.rb",
+     "spec/cancan-permits/fixtures/permits/guest_permit.rb",
+     "spec/cancan-permits/permits/fixtures/models.rb",
+     "spec/cancan-permits/permits/owner_permits_spec.rb",
+     "spec/cancan-permits/permits/permits_spec.rb",
+     "spec/generators/permit_generator_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/kristianmandrup/cancan-permits}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Permits for use with CanCan}
+  s.test_files = [
+    "spec/cancan-permits/fixtures/permits/admin_permit.rb",
+     "spec/cancan-permits/fixtures/permits/editor_permit.rb",
+     "spec/cancan-permits/fixtures/permits/guest_permit.rb",
+     "spec/cancan-permits/permits/fixtures/models.rb",
+     "spec/cancan-permits/permits/owner_permits_spec.rb",
+     "spec/cancan-permits/permits/permits_spec.rb",
+     "spec/generators/permit_generator_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, ["~> 2.0.0"])
+      s.add_runtime_dependency(%q<cancan>, ["~> 1.3"])
+      s.add_runtime_dependency(%q<require_all>, ["~> 1.1"])
+      s.add_runtime_dependency(%q<sugar-high>, ["~> 0.1"])
+    else
+      s.add_dependency(%q<rspec>, ["~> 2.0.0"])
+      s.add_dependency(%q<cancan>, ["~> 1.3"])
+      s.add_dependency(%q<require_all>, ["~> 1.1"])
+      s.add_dependency(%q<sugar-high>, ["~> 0.1"])
+    end
+  else
+    s.add_dependency(%q<rspec>, ["~> 2.0.0"])
+    s.add_dependency(%q<cancan>, ["~> 1.3"])
+    s.add_dependency(%q<require_all>, ["~> 1.1"])
+    s.add_dependency(%q<sugar-high>, ["~> 0.1"])
+  end
+end
+

data/lib/cancan-permits/namespaces.rb

@@ -1,6 +1,11 @@
+require 'sugar-high/module'
+
 module Permits
-  modules :ability, :roles
+  modules :roles
 end 
 
 module Permit
+end
+
+module License
 end

data/lib/cancan-permits/permit/base_license.rb

@@ -0,0 +1,25 @@
+module License
+  class Base
+    attr_reader :permit
+    
+    def initialize permit
+      @permit = permit
+    end
+
+    def enforce!
+      raise "enforce! must be implemented by subclass of License::Base"
+    end
+    
+    def can(action, subject, conditions = nil, &block)
+      permit.can action, subject, conditions, &block
+    end
+        
+    def cannot(action, subject, conditions = nil, &block)
+      permit.cannot action, subject, conditions, &block
+    end
+    
+    def owns(user, clazz, ownership_relation = :user_id, user_id_attribute = :id)
+      permit.owns user, clazz, ownership_relation, user_id_attribute
+    end
+  end
+end

data/lib/cancan-permits/permit/base_permit.rb

@@ -1,6 +1,18 @@
 module Permit
   class Base 
     attr_reader :ability
+
+    def licenses *names
+      names.to_strings.each do |name|         
+        begin
+          module_name = "#{name.camelize}License"
+          clazz = module_name.constantize
+          clazz.new(self).enforce!
+        rescue
+          # puts "License #{module_name} not found"
+        end
+      end
+    end
        
     def initialize(ability)
       @ability = ability
@@ -34,7 +46,7 @@ module Permit
     end
 
     def role_match? user
-      user.has_role? self.class.last_name.downcase.to_sym
+      user.has_role? self.class.last_name.gsub(/Permit$/, '').downcase.to_sym
     end
       
     def can_definitions

data/lib/cancan-permits/permits/ability.rb

@@ -0,0 +1,54 @@
+module Permits
+  class Ability
+    include CanCan::Ability
+
+    # set up each Permit instance to share this same Ability 
+    # so that the can and cannot operations work on the same permission collection!
+    def self.permits ability
+      special_permits = []
+      special_permits << [:system, :any].map{|role| make_permit(role, ability)}
+      role_permits = Permits::Roles.available.inject([]) do |permits, role|
+        permit = make_permit(role, ability)
+        permits << permit if permit
+      end
+      (special_permits + role_permits).flatten.compact
+    end
+
+    def initialize(user, request=nil)
+      # put ability logic here!
+      user ||= Guest.new   
+                  
+      Permits::Ability.permits(self).each do |permit|
+        # get role name of permit 
+        permit_role = permit.class.demodulize.gsub(/Permit$/, '').underscore.to_sym
+        
+        if permit_role == :system
+          # always execute system permit
+          result = role_permit.permit?(user, request)
+          break if result == :break
+        else
+          # only execute the permit if the user has the role of the permit or is for any role
+          if user.has_role?(permit_role) || permit_role == :any
+            # puts "user: #{user} of #{permit_role} has permit?"
+            permit.permit?(user, request) 
+          # else
+            # puts "Permit #{permit} not used for role #{permit_role}"
+          end
+        end
+      end
+    end      
+    
+    protected
+    
+    def self.make_permit role, ability
+      begin            
+        clazz_name = "#{role.to_s.camelize}Permit"
+        permit_clazz = clazz_name.constantize
+        permit_clazz.new(ability) if permit_clazz && permit_clazz.kind_of?(Class)
+      rescue
+        # puts "permit class not found: #{clazz_name}"
+        nil
+      end
+    end          
+  end
+end      

data/lib/cancan-permits/rspec/config.rb

@@ -0,0 +1,8 @@
+require 'rspec/core'
+require 'code-spec'
+
+require_all File.dirname(__FILE__) + '/matchers'    
+
+RSpec.configure do |config|
+  config.include RSpec::RubyContentMatchers::License
+end

data/lib/cancan-permits/rspec/matchers/have_license.rb

@@ -0,0 +1,11 @@
+module RSpec::RubyContentMatchers 
+  module License 
+    def have_license name
+      have_call :licenses, :args => [name.to_sym]
+    end    
+
+    def have_licenses *names
+      have_call :licenses, :args => names.to_symbols
+    end    
+  end
+end

data/lib/cancan-permits/rspec/matchers/have_license_class.rb

@@ -0,0 +1,11 @@
+module RSpec::RubyContentMatchers 
+  module License 
+    def have_license_class name, superclass = nil
+      superclass ? have_subclass(name, :superclass => superclass) : have_class(name)
+    end    
+
+    def have_license_classes *names
+      have_classes names
+    end    
+  end
+end

data/lib/cancan-permits/rspec/matchers/have_license_file.rb

@@ -0,0 +1,26 @@
+require 'rails-app-spec'
+
+module RSpec::RailsApp::File
+  module Matchers    
+    class HaveLicenseFile
+      include ::Rails3::Assist::Artifact
+      include ::Rails3::Assist::File
+
+      attr_reader :name
+    
+      def initialize name
+        @name = name
+      end
+
+      def matches? obj, &block
+        found = File.file? license_file(name)
+        yield if block && found
+        found
+      end  
+    end
+
+    def have_license_file name
+      HaveLicenseFile.new name
+    end
+  end
+end

data/lib/generators/permits/permits_generator.rb

@@ -35,6 +35,7 @@ class PermitsGenerator < Rails::Generators::Base
     self.permit_name = name
 
     template "permit.rb", "app/permits/#{name}_permit.rb"
+    template "licenses.rb", "app/permits/licenses.rb"    
   end 
 
   def any_logic

data/lib/generators/permits/templates/licenses.rb

@@ -0,0 +1,22 @@
+class UserAdminLicense < License::Base
+  def initialize name
+    super
+  end
+
+  def enforce!
+    can(:manage, User)
+  end
+end
+
+class BloggingLicense < License::Base
+  def initialize name
+    super
+  end
+  
+  def enforce!
+    can(:read, Blog)
+    can(:create, Post)
+    owns(user, Post)
+  end
+end
+

data/lib/generators/permits/templates/permit.rb

@@ -1,12 +1,12 @@
-module Permit  
-  class <%= permit_name %> < Base
-    def initialize(ability)
-      super
-    end
-
-    def permit?(user, request=nil) 
-      super
-      <%= permit logic %>
-    end  
+class <%= permit_name.to_s.camelize %>Permit < Permit::Base
+  def initialize(ability)
+    super
   end
-end
+
+  def permit?(user, request=nil) 
+    super
+    <%= permit_logic %>
+    
+    licenses :user_admin, :blogging
+  end  
+end

data/spec/cancan-permits/fixtures/permits/admin_permit.rb

@@ -1,14 +1,12 @@
-module RolePermit
-  class Admin < Base
-    def initialize(ability)
-      super
-    end
-
-    def permit?(user, request=nil)    
-      super
-      return if !role_match? user
-      
-      can :manage, :all    
-    end  
+class AdminPermit < Permit::Base
+  def initialize(ability)
+    super
   end
-end
+
+  def permit?(user, request=nil)    
+    super
+    return if !role_match? user
+    
+    can :manage, :all    
+  end  
+end

data/spec/cancan-permits/fixtures/permits/editor_permit.rb

@@ -1,26 +1,24 @@
-module RolePermit
-  class Editor < Base
-    def initialize(ability)
-      super
-    end
+class EditorPermit < Permit::Base
+  def initialize(ability)
+    super
+  end
 
-    def permit?(user, request=nil) 
-      super
-      return if !role_match? user
-     
-      # uses default user_id
-      owns(user, Comment)     
-      # 
-      owns(user, Post, :writer)
-      # 
-      owns(user, Article, :author, :name)
+  def permit?(user, request=nil) 
+    super
+    return if !role_match? user
+   
+    # uses default user_id
+    owns(user, Comment)     
+    # 
+    owns(user, Post, :writer)
+    # 
+    owns(user, Article, :author, :name)
 
-      # a user can manage comments he/she created
-      # can :manage, Comment do |comment|
-      #   comment.try(:user) == user
-      # end            
+    # a user can manage comments he/she created
+    # can :manage, Comment do |comment|
+    #   comment.try(:user) == user
+    # end            
 
-      # can :create, Comment
-    end 
-  end
-end
+    # can :create, Comment
+  end 
+end

data/spec/cancan-permits/fixtures/permits/guest_permit.rb

@@ -1,25 +1,24 @@
-module RolePermit
-  class Guest < Base
-    def initialize(ability)
-      super
-    end
-
-    def permit?(user, request=nil) 
-      super
-      return if !role_match? user
-      
-      can :read, [Comment, Post]
-      can [:update, :destroy], [Comment]
-      can :create, Article
-      
-      # owns(user, Comment)
-      
-      # a user can manage comments he/she created
-      # can :manage, Comment do |comment|
-      #   comment.try(:user) == user
-      # end            
-      
-      # can :create, Comment
-    end  
+class GuestPermit < Permit::Base
+  def initialize(ability)
+    super
   end
-end
+
+  def permit?(user, request=nil) 
+    super    
+    return if !role_match? user
+    
+    can :read, [Comment, Post]
+    can [:update, :destroy], [Comment]
+    can :create, Article
+ 
+    licenses :user_admin, :blogging
+    # owns(user, Comment)
+    
+    # a user can manage comments he/she created
+    # can :manage, Comment do |comment|
+    #   comment.try(:user) == user
+    # end            
+    
+    # can :create, Comment
+  end  
+end

data/spec/cancan-permits/permits/owner_permits_spec.rb

@@ -1,15 +1,10 @@
 require 'spec_helper'
 
-# can :read, [Comment, Post]
-# can [:update, :destroy], [Comment]
-# can :create, Article
-
-
-describe AuthAssistant::Ability do
+describe Permits::Ability do
   context "Editor user" do
     before :each do
       @editor = User.new(1, :editor, 'kristian')
-      @ability = AuthAssistant::Ability.new @editor
+      @ability = Permits::Ability.new @editor
       @comment  = Comment.new(1)
       @post     = Post.new(1)
       @article  = Article.new('kristian')      

data/spec/cancan-permits/permits/permits_spec.rb

@@ -13,11 +13,11 @@ class Article
 end
 
 
-describe AuthAssistant::Ability do
+describe Permits::Ability do
   context "Guest user" do
     before :each do
       @guest = User.new(1, :guest)
-      @ability = AuthAssistant::Ability.new @guest 
+      @ability = Permits::Ability.new @guest 
       @comment  = Comment.new(1)
       @post     = Post.new(1)
     end
@@ -29,7 +29,7 @@ describe AuthAssistant::Ability do
     it "should be able to :read Comment and Post but NOT Article" do
       @ability.can?(:read, Comment).should be_true
       @ability.can?(:read, @comment).should be_true
-
+      
       @ability.can?(:read, Post).should be_true      
       @ability.can?(:read, @post).should be_true      
       
@@ -50,7 +50,7 @@ describe AuthAssistant::Ability do
   context "Admin user" do
     before do
       admin = User.new(2, :admin)
-      @ability = AuthAssistant::Ability.new admin
+      @ability = Permits::Ability.new admin
     end
   # 
   #   # can :manage, :all    

data/spec/generators/permit_generator_spec.rb

@@ -1,35 +1,56 @@
 require 'spec_helper' 
 require 'generator-spec'
 
+require_generator :permits
+
+RSpec::Generator.configure do |config|
+  config.debug = true
+  config.remove_temp_dir = true #false
+  config.default_rails_root(__FILE__) 
+  config.lib = File.dirname(__FILE__) + '/../lib'
+  config.logger = :stdout  # :file
+end
+
+
 describe 'Permits generator' do
-  GeneratorSpec.with_generator do
+  setup_generator :permits do
     tests PermitsGenerator
   end
 
   describe 'result of running generator with default profile' do
     before :each do
-      GeneratorSpec.with_generator do |g, check|    
+      @generator = with_generator do |g|    
         g.run_generator
       end
     end
 
     it "should create Admin permit" do
-      g.should have_permit :admin
+      @generator.should generate_permit :admin
     end
   end
 
-  describe 'result of running generator with option to create permit for each registered role' do
-    context "Registered roles :guest, :admin"
-      before :each do
-        GeneratorSpec.with_generator do |g, check|    
-          g.run_generator "--roles admin guest"
-        end
-      end
-
-      it "should have created Guest and Admin permits" do
-        # Find at: 'app/permits/admin_permit.rb'
-        g.should have_permits :guest, :admin
-      end
-    end
-  end    
+  # describe 'result of running generator with option to create permit for each registered role' do
+  #   context "Registered roles :guest, :admin"
+  #     before :each do
+  #       with_generator do |g|    
+  #         g.run_generator "--roles admin guest"
+  #       end
+  #     end
+  # 
+  #     it "should have created Guest and Admin permits" do
+  #       # Find at: 'app/permits/admin_permit.rb'
+  #       g.should have_permit_files :guest, :admin
+  # 
+  #       # g.should have_permit_file :guest do |guest_permit|
+  #       #   guest_permit.should have_licenses :user_admin, :blogging 
+  #       # end
+  #       # 
+  #       # g.should have_license_file :licenses do |license_file|      
+  #       #   license_file.should have_module :license do |license_module|
+  #       #     license_module.should have_license_classes :user_admin, :blogging, :superclass => :base
+  #       #   end
+  #       # end
+  #     end
+  #   end #ctx
+  # end    
 end

data/spec/spec_helper.rb

@@ -1,16 +1,16 @@
-require 'rspec'
-require 'rspec/autorun' 
+require 'rspec/core'
 require 'cancan/matchers'
 require 'cancan-permits'
 
-require_all File.dirname(__FILE__) + 'cancan-permits/fixtures/permits'
-require 'cancan-permits/fixtures/ability'
+require_all File.dirname(__FILE__) + '/cancan-permits/fixtures/permits'
+
+require_all File.dirname(__FILE__) + '/cancan-permits/permits/fixtures'
 
 RSpec.configure do |config|
   config.mock_with :mocha
 end
 
-module AuthAssistant::Roles
+module Permits::Roles
   def self.available
     User.roles
   end
@@ -23,11 +23,11 @@ class User
     [:guest, :admin, :editor]
   end    
 
-  def initialize id, role, name
+  def initialize id, role, name = nil
     self.id = id    
     raise ArgumentError, "Role #{role} is not in list of available roles: #{self.class.roles}" if !self.class.roles.include? role
     self.role = role
-    self.name = name
+    self.name = name || role.to_s
   end
   
   def has_role? role

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors: 
 - Kristian Mandrup
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-09-17 00:00:00 +02:00
+date: 2010-09-19 00:00:00 +02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -91,17 +91,21 @@ files:
 - README.markdown
 - Rakefile
 - VERSION
+- cancan-permits.gemspec
 - lib/cancan-permits.rb
 - lib/cancan-permits/namespaces.rb
+- lib/cancan-permits/permit/base_license.rb
 - lib/cancan-permits/permit/base_permit.rb
-- lib/cancan-permits/permits/abiity.rb
+- lib/cancan-permits/permits/ability.rb
 - lib/cancan-permits/permits/configuration.rb
 - lib/cancan-permits/permits/roles.rb
 - lib/cancan-permits/rspec/config.rb
-- lib/cancan-permits/rspec/matchers/have_permits.rb
+- lib/cancan-permits/rspec/matchers/have_license.rb
+- lib/cancan-permits/rspec/matchers/have_license_class.rb
+- lib/cancan-permits/rspec/matchers/have_license_file.rb
 - lib/generators/permits/permits_generator.rb
+- lib/generators/permits/templates/licenses.rb
 - lib/generators/permits/templates/permit.rb
-- spec/cancan-permits/fixtures/ability.rb
 - spec/cancan-permits/fixtures/permits/admin_permit.rb
 - spec/cancan-permits/fixtures/permits/editor_permit.rb
 - spec/cancan-permits/fixtures/permits/guest_permit.rb
@@ -143,7 +147,6 @@ signing_key:
 specification_version: 3
 summary: Permits for use with CanCan
 test_files: 
-- spec/cancan-permits/fixtures/ability.rb
 - spec/cancan-permits/fixtures/permits/admin_permit.rb
 - spec/cancan-permits/fixtures/permits/editor_permit.rb
 - spec/cancan-permits/fixtures/permits/guest_permit.rb

data/lib/cancan-permits/permits/abiity.rb

@@ -1,40 +0,0 @@
-module Permits
-  class Ability
-    include CanCan::Ability
-
-    # set up each RolePermit instance to share this same Ability 
-    # so that the can and cannot operations work on the same permission collection!
-    def self.permits ability
-      special_permits << [:system, :any].map{|name| make_permit(role, ability)}
-      role_permits = Permits::Roles.available.inject([]) do |permits, role|
-        permits << make_permit role, ability
-      end
-      special_permits + role_permits
-    end
-
-    def initialize(user, request=nil)
-      # put ability logic here!
-      user ||= Guest.new   
-                  
-      Ability.permits(self).each do |permit|
-        # get role name of permit 
-        permit_role = permit.class.demodulize.to_sym                      
-        
-        if permit_role == :system
-          # always execute system permit
-          result = role_permit.permit?(user, request)
-          break if result == :break
-        else
-          # only execute the permit if the user has the role of the permit or is for any role
-          role_permit.permit?(user, request) if user.has_role?(permit_role) || permit_role == :any
-        end
-      end
-    end      
-    
-    protected
-    
-    def self.make_permit role, ability
-      "Permit::#{role.to_s.camelize}".constantize.new(ability)
-    end          
-  end
-end      

data/spec/cancan-permits/fixtures/ability.rb

@@ -1,19 +0,0 @@
-module AuthAssistant
-  class Ability
-    include CanCan::Ability
-
-    # set up each RolePermit instance to share this same Ability 
-    # so that the can and cannot operations work on the same permission collection!
-    def self.role_permits ability
-      @role_permits = AuthAssistant::Roles.available.inject([]) do |permits, role|
-        permits << "RolePermit::#{role.to_s.camelize}".constantize.new(ability)
-      end
-    end
-
-    def initialize(user, request=nil)
-      # put ability logic here!
-      user ||= Guest.new   
-      Ability.role_permits(self).each{|role_permit| role_permit.permit?(user, request) }
-    end      
-  end
-end