cancan_namespace 0.1.1

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Aimbulance
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,50 @@
+= CancanNamespace
+
+Namespace for cancan gem.
+
+== Install
+
+  gem 'cancan_namespace'
+
+== Usage
+
+  class Ability
+    include CanCanNamespace::Ability
+
+    def initialize(user, context = nil)
+      @context = context
+      
+      ...
+      
+      if user.admin?
+        can :manage, :all
+        can :manage, :all, :context => :manage
+      end
+    end
+  end
+  
+
+=== Controller
+
+  Manage::BaseController < ApplicationController
+    protected
+    
+      def current_ability
+        @current_ability ||= ::Ability.new(current_user, :manage)
+      end
+  end
+
+  class Manage::PostsController < Manage::BaseController
+    before_filter :find_post, :only => [:edit, :update, :destroy]
+    authorize_resource
+    ...
+  end
+  
+=== View
+
+  <% if can? :edit, post, :context => :manage %>
+    <%= link_to 'Edit', edit_manage_post_path(post) %>
+  <% end %>
+
+
+Copyright (c) 2011 Aimbulance, released under the MIT license

data/Rakefile

@@ -0,0 +1,45 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+require File.join(File.dirname(__FILE__), 'lib', 'cancan_namespace', 'version')
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'Test the cancan_namespace plugin.'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end
+
+desc 'Generate documentation for the cancan_namespace plugin.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'CancanNamespace'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "cancan_namespace"
+    gemspec.version = CancanNamespace::Version.dup
+    gemspec.summary = "Cancan namespace"
+    gemspec.description = "Add namespace for cancan authorization library"
+    gemspec.email = "galeta.igor@gmail.com"
+    gemspec.homepage = "https://github.com/galetahub/cancan_namespace"
+    gemspec.authors = ["Igor Galeta", "Pavlo Galeta"]
+    gemspec.files = FileList["[A-Z]*", "lib/**/*"]
+    gemspec.rubyforge_project = "cancan_namespace"
+    
+    gemspec.add_dependency('cancan', '>= 1.6.3')
+  end
+  
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler not available. Install it with: gem install jeweler"
+end

data/lib/cancan_namespace.rb

@@ -0,0 +1,5 @@
+require 'cancan'
+require 'cancan_namespace/ability'
+require 'cancan_namespace/rule'
+require 'cancan_namespace/controller_resource'
+require 'cancan_namespace/version'

data/lib/cancan_namespace/ability.rb

@@ -0,0 +1,63 @@
+module CanCanNamespace
+
+  # This module is designed to be included into an Ability class. This will
+  # provide the "can" methods for defining and checking abilities.
+  #
+  #   class Ability
+  #     include CanCan::Ability
+  #
+  #     def initialize(user)
+  #       if user.admin?
+  #         can :manage, :all
+  #       else
+  #         can :read, :all
+  #       end
+  #     end
+  #   end
+  #
+  module Ability
+    include CanCan::Ability
+    
+    attr_accessor :context
+
+    def can?(action, subject, *extra_args)
+      context = @context
+      if extra_args.last.kind_of?(Hash) && extra_args.last.has_key?(:context)
+        context = extra_args.pop[:context]
+      end
+      
+      match = relevant_rules_for_match(action, subject, context).detect do |rule|
+        rule.matches_conditions?(action, subject, extra_args)
+      end
+      match ? match.base_behavior : false
+    end
+    
+    def can(action = nil, subject = nil, conditions = nil, &block)
+      rules << CanCanNamespace::Rule.new(true, action, subject, conditions, block)
+    end
+    
+    def cannot(action = nil, subject = nil, conditions = nil, &block)
+      rules << CanCanNamespace::Rule.new(false, action, subject, conditions, block)
+    end
+    
+    private
+    
+      # Returns an array of Rule instances which match the action and subject
+      # This does not take into consideration any hash conditions or block statements
+      def relevant_rules(action, subject, context = nil)
+        context ||= @context
+        rules.reverse.select do |rule|
+          rule.expanded_actions = expand_actions(rule.actions)
+          rule.relevant? action, subject, context
+        end
+      end
+    
+      def relevant_rules_for_match(action, subject, context = nil)
+        relevant_rules(action, subject, context).each do |rule|
+          if rule.only_raw_sql?
+            raise Error, "The can? and cannot? call cannot be used with a raw sql 'can' definition. The checking code cannot be determined for #{action.inspect} #{subject.inspect}"
+          end
+        end
+      end
+  end
+end

data/lib/cancan_namespace/controller_resource.rb

@@ -0,0 +1,42 @@
+module CanCanNamespace
+  # Handle the load and authorization controller logic so we don't clutter up all controllers with non-interface methods.
+  # This class is used internally, so you do not need to call methods directly on it.
+  module ControllerResource # :nodoc:
+    def self.included(base)
+      base.send :include, InstanceMethods
+      base.send :extend,  ClassMethods
+    end
+    
+    module ClassMethods
+      def self.extended(base)
+        base.class_eval do
+          alias_method :authorize_resource, :authorize_resource_with_context
+        end
+      end
+    end
+    
+    module InstanceMethods
+      def authorize_resource_with_context
+        unless skip?(:authorize)
+          options = { :context => module_from_controller }
+          @controller.authorize!(authorization_action, resource_instance || resource_class_with_parent, options)
+        end
+      end
+      
+      private
+      
+        def module_from_controller
+          modules = @params[:controller].sub("Controller", "").underscore.split('/')
+          if modules.size > 1
+            modules.first.singularize
+          else
+            return nil
+          end
+        end
+    end
+  end
+end
+
+if defined? CanCan::ControllerResource
+  CanCan::ControllerResource.send(:include, CanCanNamespace::ControllerResource)
+end

data/lib/cancan_namespace/rule.rb

@@ -0,0 +1,29 @@
+module CanCanNamespace
+  # This class is used internally and should only be called through Ability.
+  # it holds the information about a "can" call made on Ability and provides
+  # helpful methods to determine permission checking and conditions hash generation.
+  class Rule < ::CanCan::Rule
+    # The first argument when initializing is the base_behavior which is a true/false
+    # value. True for "can" and false for "cannot". The next two arguments are the action
+    # and subject respectively (such as :read, @project). The third argument is a hash
+    # of conditions and the last one is the block passed to the "can" call.
+    def initialize(base_behavior, action, subject, conditions, block)
+      super
+      @contexts = has_conditions? && @conditions.has_key?(:context) ? [@conditions.delete(:context)].flatten.map(&:to_s) : []
+    end
+    
+    def has_conditions?
+      !conditions_empty? && @conditions.kind_of?(Hash)
+    end
+    
+    # Matches both the subject and action, not necessarily the conditions
+    def relevant?(action, subject, context = nil)
+      subject = subject.values.first if subject.class == Hash
+      @match_all || (matches_action?(action) && matches_subject?(subject) && matches_context(context))
+    end
+    
+    def matches_context(context)
+      (context.nil? && @contexts.empty?) || (context && @contexts.include?(context.to_s))
+    end
+  end
+end

data/lib/cancan_namespace/version.rb

@@ -0,0 +1,12 @@
+# encoding: utf-8
+module CancanNamespace
+  module Version
+    MAJOR = 0
+    MINOR = 1
+    RELEASE = 1
+
+    def self.dup
+      "#{MAJOR}.#{MINOR}.#{RELEASE}"
+    end
+  end
+end

metadata

@@ -0,0 +1,90 @@
+--- !ruby/object:Gem::Specification 
+name: cancan_namespace
+version: !ruby/object:Gem::Version 
+  hash: 25
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 1
+  version: 0.1.1
+platform: ruby
+authors: 
+- Igor Galeta
+- Pavlo Galeta
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-03-29 00:00:00 +03:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: cancan
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 9
+        segments: 
+        - 1
+        - 6
+        - 3
+        version: 1.6.3
+  type: :runtime
+  version_requirements: *id001
+description: Add namespace for cancan authorization library
+email: galeta.igor@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- lib/cancan_namespace.rb
+- lib/cancan_namespace/ability.rb
+- lib/cancan_namespace/controller_resource.rb
+- lib/cancan_namespace/rule.rb
+- lib/cancan_namespace/version.rb
+has_rdoc: true
+homepage: https://github.com/galetahub/cancan_namespace
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: cancan_namespace
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: Cancan namespace
+test_files: []
+