cancancan 1.7.0

data/Gemfile

@@ -0,0 +1,23 @@
+source "https://rubygems.org"
+
+case ENV["MODEL_ADAPTER"]
+when nil, "active_record"
+  # Sqlite for CRuby, Rubinius, including Windows and RubyInstaller
+  gem "sqlite3", :platform => [:ruby, :mswin, :mingw]
+  # Sqlite for JRuby
+  gem 'activerecord-jdbcsqlite3-adapter', :platform => :jruby
+  gem "activerecord", '~> 3.0.9', :require => "active_record"
+  gem "with_model", "~> 0.2.5"
+  gem "meta_where"
+when "data_mapper"
+  gem "dm-core", "~> 1.0.2"
+  gem "dm-sqlite-adapter", "~> 1.0.2"
+  gem "dm-migrations", "~> 1.0.2"
+when "mongoid"
+  gem "bson_ext", "~> 1.1"
+  gem "mongoid", "~> 2.0.0.beta.20"
+else
+  raise "Unknown model adapter: #{ENV["MODEL_ADAPTER"]}"
+end
+
+gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Ryan Bates
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,161 @@
+= CanCan
+{<img src="https://fury-badge.herokuapp.com/rb/cancancan.png" alt="Gem Version" />}[http://badge.fury.io/rb/cancancan]
+{<img src="https://secure.travis-ci.org/bryanrite/cancancan.png?branch=master" />}[http://travis-ci.org/bryanrite/cancancan]
+{<img src="https://codeclimate.com/github/bryanrite/cancancan.png" />}[https://codeclimate.com/github/bryanrite/cancancan]
+
+Wiki[https://github.com/bryanrite/cancancan/wiki] | RDocs[http://rdoc.info/projects/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan]
+
+CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the +Ability+ class) and not duplicated across controllers, views, and database queries.
+
+
+== Mission
+
+This repo is a continuation of the dead CanCan[https://github.com/rbates/cancan] project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
+
+I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
+
+Any help is greatly appreciated, feel free to submit pull-requests or open issues.
+
+
+== Installation
+
+In <b>Rails 3</b>, add this to your Gemfile and run the +bundle+ command.
+
+  gem 'cancancan', '~> 1.7'
+
+In <b>Rails 2</b>, add this to your environment.rb file.
+
+  config.gem "cancancan"
+
+Alternatively, you can install it as a plugin.
+
+  rails plugin install git://github.com/bryanrite/cancancan.git
+
+
+== Getting Started
+
+CanCan expects a +current_user+ method to exist in the controller. First, set up some authentication (such as Authlogic[https://github.com/binarylogic/authlogic] or Devise[https://github.com/plataformatec/devise]). See {Changing Defaults}[https://github.com/bryanrite/cancan/wiki/changing-defaults] if you need different behavior.
+
+
+=== 1. Define Abilities
+
+User permissions are defined in an +Ability+ class. CanCan 1.5 includes a Rails 3 generator for creating this class.
+
+  rails g cancan:ability
+
+In Rails 2.3, just add a new class in <tt>app/models/ability.rb</tt> with the following contents:
+
+  class Ability
+    include CanCan::Ability
+
+    def initialize(user)
+    end
+  end
+
+See {Defining Abilities}[https://github.com/bryanrite/cancan/wiki/defining-abilities] for details.
+
+
+=== 2. Check Abilities & Authorization
+
+The current user's permissions can then be checked using the <tt>can?</tt> and <tt>cannot?</tt> methods in the view and controller.
+
+  <% if can? :update, @article %>
+    <%= link_to "Edit", edit_article_path(@article) %>
+  <% end %>
+
+See {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/checking-abilities] for more information
+
+The <tt>authorize!</tt> method in the controller will raise an exception if the user is not able to perform the given action.
+
+  def show
+    @article = Article.find(params[:id])
+    authorize! :read, @article
+  end
+
+Setting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
+
+  class ArticlesController < ApplicationController
+    load_and_authorize_resource
+
+    def show
+      # @article is already loaded and authorized
+    end
+  end
+
+See {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/authorizing-controller-actions] for more information.
+
+
+==== Strong Parameters
+
+When using <tt>strong_parameters</tt> or Rails 4+, you have to sanitize inputs before saving the record, in actions such as <tt>:create</tt> and <tt>:update</tt>.
+
+By default, CanCan will try to sanitize the input on <tt>:create</tt> and <tt>:update</tt> routes by seeing if your controller will respond to the following methods (in order):
+
+* <tt>create_params</tt> or <tt>update_params</tt> (depending on the action you are performing)
+* <tt><model_name>_params</tt> such as <tt>article_params</tt> (this is the default convention in rails for naming your param method)
+* <tt>resource_params</tt> (a generically named method you could specify in each controller)
+
+Additionally, <tt>load_and_authorize_resource</tt> can now take a <tt>param_method</tt> option to specify a custom method in the controller to run to sanitize input.
+
+  class ArticlesController < ApplicationController
+    load_and_authorize_resource param_method: :my_sanitizer
+
+    def create
+      if @article.save
+        # hurray
+      else
+        render :new
+      end
+    end
+
+    private
+
+    def my_sanitizer
+      params.require(:article).permit(:name)
+    end
+  end
+
+=== 3. Handle Unauthorized Access
+
+If the user authorization fails, a <tt>CanCan::AccessDenied</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
+
+  class ApplicationController < ActionController::Base
+    rescue_from CanCan::AccessDenied do |exception|
+      redirect_to root_url, :alert => exception.message
+    end
+  end
+
+See {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/exception-handling] for more information.
+
+
+=== 4. Lock It Down
+
+If you want to ensure authorization happens on every action in your application, add +check_authorization+ to your ApplicationController.
+
+  class ApplicationController < ActionController::Base
+    check_authorization
+  end
+
+This will raise an exception if authorization is not performed in an action. If you want to skip this add +skip_authorization_check+ to a controller subclass. See {Ensure Authorization}[https://github.com/bryanrite/cancancan/wiki/Ensure-Authorization] for more information.
+
+
+== Wiki Docs
+
+* {Upgrading to 1.6}[https://github.com/bryanrite/cancancan/wiki/Upgrading-to-1.6]
+* {Defining Abilities}[https://github.com/bryanrite/cancancan/wiki/Defining-Abilities]
+* {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/Checking-Abilities]
+* {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/Authorizing-Controller-Actions]
+* {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/Exception-Handling]
+* {Changing Defaults}[https://github.com/bryanrite/cancancan/wiki/Changing-Defaults]
+* {See more}[https://github.com/bryanrite/cancancan/wiki]
+
+== Questions or Problems?
+
+If you have any issues with CanCan which you cannot find the solution to in the documentation[https://github.com/bryanrite/cancancan/wiki], please add an {issue on GitHub}[https://github.com/bryanrite/cancancan/issues] or fork the project and send a pull request.
+
+To get the specs running you should call +bundle+ and then +rake+. See the {spec/README}[https://github.com/bryanrite/cancancan/blob/master/spec/README.rdoc] for more information.
+
+
+== Special Thanks
+
+CanCan was inspired by declarative_authorization[https://github.com/stffn/declarative_authorization/] and aegis[https://github.com/makandra/aegis]. Also many thanks to the CanCan contributors[https://github.com/bryanrite/cancancan/contributors]. See the CHANGELOG[https://github.com/bryanrite/cancancan/blob/master/CHANGELOG.rdoc] for the full list.

data/Rakefile

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'rake'
+require 'rspec/core/rake_task'
+
+desc "Run RSpec"
+RSpec::Core::RakeTask.new do |t|
+  t.verbose = false
+end
+
+desc "Run specs for all adapters"
+task :spec_all do
+  %w[active_record data_mapper mongoid].each do |model_adapter|
+    puts "MODEL_ADAPTER = #{model_adapter}"
+    system "rake spec MODEL_ADAPTER=#{model_adapter}"
+  end
+end
+
+task :default => :spec

data/init.rb

@@ -0,0 +1 @@
+require 'cancan'

data/lib/cancan.rb

@@ -0,0 +1,13 @@
+require 'cancan/ability'
+require 'cancan/rule'
+require 'cancan/controller_resource'
+require 'cancan/controller_additions'
+require 'cancan/model_additions'
+require 'cancan/exceptions'
+require 'cancan/inherited_resource'
+
+require 'cancan/model_adapters/abstract_adapter'
+require 'cancan/model_adapters/default_adapter'
+require 'cancan/model_adapters/active_record_adapter' if defined? ActiveRecord
+require 'cancan/model_adapters/data_mapper_adapter' if defined? DataMapper
+require 'cancan/model_adapters/mongoid_adapter' if defined?(Mongoid) && defined?(Mongoid::Document)

data/lib/cancan/ability.rb

@@ -0,0 +1,324 @@
+module CanCan
+
+  # This module is designed to be included into an Ability class. This will
+  # provide the "can" methods for defining and checking abilities.
+  #
+  #   class Ability
+  #     include CanCan::Ability
+  #
+  #     def initialize(user)
+  #       if user.admin?
+  #         can :manage, :all
+  #       else
+  #         can :read, :all
+  #       end
+  #     end
+  #   end
+  #
+  module Ability
+    # Check if the user has permission to perform a given action on an object.
+    #
+    #   can? :destroy, @project
+    #
+    # You can also pass the class instead of an instance (if you don't have one handy).
+    #
+    #   can? :create, Project
+    #
+    # Nested resources can be passed through a hash, this way conditions which are
+    # dependent upon the association will work when using a class.
+    #
+    #   can? :create, @category => Project
+    #
+    # Any additional arguments will be passed into the "can" block definition. This
+    # can be used to pass more information about the user's request for example.
+    #
+    #   can? :create, Project, request.remote_ip
+    #
+    #   can :create, Project do |project, remote_ip|
+    #     # ...
+    #   end
+    #
+    # Not only can you use the can? method in the controller and view (see ControllerAdditions),
+    # but you can also call it directly on an ability instance.
+    #
+    #   ability.can? :destroy, @project
+    #
+    # This makes testing a user's abilities very easy.
+    #
+    #   def test "user can only destroy projects which he owns"
+    #     user = User.new
+    #     ability = Ability.new(user)
+    #     assert ability.can?(:destroy, Project.new(:user => user))
+    #     assert ability.cannot?(:destroy, Project.new)
+    #   end
+    #
+    # Also see the RSpec Matchers to aid in testing.
+    def can?(action, subject, *extra_args)
+      match = relevant_rules_for_match(action, subject).detect do |rule|
+        rule.matches_conditions?(action, subject, extra_args)
+      end
+      match ? match.base_behavior : false
+    end
+
+    # Convenience method which works the same as "can?" but returns the opposite value.
+    #
+    #   cannot? :destroy, @project
+    #
+    def cannot?(*args)
+      !can?(*args)
+    end
+
+    # Defines which abilities are allowed using two arguments. The first one is the action
+    # you're setting the permission for, the second one is the class of object you're setting it on.
+    #
+    #   can :update, Article
+    #
+    # You can pass an array for either of these parameters to match any one.
+    # Here the user has the ability to update or destroy both articles and comments.
+    #
+    #   can [:update, :destroy], [Article, Comment]
+    #
+    # You can pass :all to match any object and :manage to match any action. Here are some examples.
+    #
+    #   can :manage, :all
+    #   can :update, :all
+    #   can :manage, Project
+    #
+    # You can pass a hash of conditions as the third argument. Here the user can only see active projects which he owns.
+    #
+    #   can :read, Project, :active => true, :user_id => user.id
+    #
+    # See ActiveRecordAdditions#accessible_by for how to use this in database queries. These conditions
+    # are also used for initial attributes when building a record in ControllerAdditions#load_resource.
+    #
+    # If the conditions hash does not give you enough control over defining abilities, you can use a block
+    # along with any Ruby code you want.
+    #
+    #   can :update, Project do |project|
+    #     project.groups.include?(user.group)
+    #   end
+    #
+    # If the block returns true then the user has that :update ability for that project, otherwise he
+    # will be denied access. The downside to using a block is that it cannot be used to generate
+    # conditions for database queries.
+    #
+    # You can pass custom objects into this "can" method, this is usually done with a symbol
+    # and is useful if a class isn't available to define permissions on.
+    #
+    #   can :read, :stats
+    #   can? :read, :stats # => true
+    #
+    # IMPORTANT: Neither a hash of conditions or a block will be used when checking permission on a class.
+    #
+    #   can :update, Project, :priority => 3
+    #   can? :update, Project # => true
+    #
+    # If you pass no arguments to +can+, the action, class, and object will be passed to the block and the
+    # block will always be executed. This allows you to override the full behavior if the permissions are
+    # defined in an external source such as the database.
+    #
+    #   can do |action, object_class, object|
+    #     # check the database and return true/false
+    #   end
+    #
+    def can(action = nil, subject = nil, conditions = nil, &block)
+      rules << Rule.new(true, action, subject, conditions, block)
+    end
+
+    # Defines an ability which cannot be done. Accepts the same arguments as "can".
+    #
+    #   can :read, :all
+    #   cannot :read, Comment
+    #
+    # A block can be passed just like "can", however if the logic is complex it is recommended
+    # to use the "can" method.
+    #
+    #   cannot :read, Product do |product|
+    #     product.invisible?
+    #   end
+    #
+    def cannot(action = nil, subject = nil, conditions = nil, &block)
+      rules << Rule.new(false, action, subject, conditions, block)
+    end
+
+    # Alias one or more actions into another one.
+    #
+    #   alias_action :update, :destroy, :to => :modify
+    #   can :modify, Comment
+    #
+    # Then :modify permission will apply to both :update and :destroy requests.
+    #
+    #   can? :update, Comment # => true
+    #   can? :destroy, Comment # => true
+    #
+    # This only works in one direction. Passing the aliased action into the "can?" call
+    # will not work because aliases are meant to generate more generic actions.
+    #
+    #   alias_action :update, :destroy, :to => :modify
+    #   can :update, Comment
+    #   can? :modify, Comment # => false
+    #
+    # Unless that exact alias is used.
+    #
+    #   can :modify, Comment
+    #   can? :modify, Comment # => true
+    #
+    # The following aliases are added by default for conveniently mapping common controller actions.
+    #
+    #   alias_action :index, :show, :to => :read
+    #   alias_action :new, :to => :create
+    #   alias_action :edit, :to => :update
+    #
+    # This way one can use params[:action] in the controller to determine the permission.
+    def alias_action(*args)
+      target = args.pop[:to]
+      validate_target(target)
+      aliased_actions[target] ||= []
+      aliased_actions[target] += args
+    end
+
+    # User shouldn't specify targets with names of real actions or it will cause Seg fault
+    def validate_target(target)
+      raise Error, "You can't specify target (#{target}) as alias because it is real action name" if aliased_actions.values.flatten.include? target
+    end
+
+    # Returns a hash of aliased actions. The key is the target and the value is an array of actions aliasing the key.
+    def aliased_actions
+      @aliased_actions ||= default_alias_actions
+    end
+
+    # Removes previously aliased actions including the defaults.
+    def clear_aliased_actions
+      @aliased_actions = {}
+    end
+
+    def model_adapter(model_class, action)
+      adapter_class = ModelAdapters::AbstractAdapter.adapter_class(model_class)
+      adapter_class.new(model_class, relevant_rules_for_query(action, model_class))
+    end
+
+    # See ControllerAdditions#authorize! for documentation.
+    def authorize!(action, subject, *args)
+      message = nil
+      if args.last.kind_of?(Hash) && args.last.has_key?(:message)
+        message = args.pop[:message]
+      end
+      if cannot?(action, subject, *args)
+        message ||= unauthorized_message(action, subject)
+        raise AccessDenied.new(message, action, subject)
+      end
+      subject
+    end
+
+    def unauthorized_message(action, subject)
+      keys = unauthorized_message_keys(action, subject)
+      variables = {:action => action.to_s}
+      variables[:subject] = (subject.class == Class ? subject : subject.class).to_s.underscore.humanize.downcase
+      message = I18n.translate(nil, variables.merge(:scope => :unauthorized, :default => keys + [""]))
+      message.blank? ? nil : message
+    end
+
+    def attributes_for(action, subject)
+      attributes = {}
+      relevant_rules(action, subject).map do |rule|
+        attributes.merge!(rule.attributes_from_conditions) if rule.base_behavior
+      end
+      attributes
+    end
+
+    def has_block?(action, subject)
+      relevant_rules(action, subject).any?(&:only_block?)
+    end
+
+    def has_raw_sql?(action, subject)
+      relevant_rules(action, subject).any?(&:only_raw_sql?)
+    end
+
+    def merge(ability)
+      ability.send(:rules).each do |rule|
+        rules << rule.dup
+      end
+      self
+    end
+
+    private
+
+    def unauthorized_message_keys(action, subject)
+      subject = (subject.class == Class ? subject : subject.class).name.underscore unless subject.kind_of? Symbol
+      [subject, :all].map do |try_subject|
+        [aliases_for_action(action), :manage].flatten.map do |try_action|
+          :"#{try_action}.#{try_subject}"
+        end
+      end.flatten
+    end
+
+    # Accepts an array of actions and returns an array of actions which match.
+    # This should be called before "matches?" and other checking methods since they
+    # rely on the actions to be expanded.
+    def expand_actions(actions)
+      expanded_actions[actions] ||= begin
+        expanded = []
+        actions.each do |action|
+          expanded << action
+          if aliases = aliased_actions[action]
+            expanded += expand_actions(aliases)
+          end
+        end
+        expanded
+      end
+    end
+
+    def expanded_actions
+      @expanded_actions ||= {}
+    end
+
+    # Given an action, it will try to find all of the actions which are aliased to it.
+    # This does the opposite kind of lookup as expand_actions.
+    def aliases_for_action(action)
+      results = [action]
+      aliased_actions.each do |aliased_action, actions|
+        results += aliases_for_action(aliased_action) if actions.include? action
+      end
+      results
+    end
+
+    def rules
+      @rules ||= []
+    end
+
+    # Returns an array of Rule instances which match the action and subject
+    # This does not take into consideration any hash conditions or block statements
+    def relevant_rules(action, subject)
+      relevant = rules.select do |rule|
+        rule.expanded_actions = expand_actions(rule.actions)
+        rule.relevant? action, subject
+      end
+      relevant.reverse!
+      relevant
+    end
+
+    def relevant_rules_for_match(action, subject)
+      relevant_rules(action, subject).each do |rule|
+        if rule.only_raw_sql?
+          raise Error, "The can? and cannot? call cannot be used with a raw sql 'can' definition. The checking code cannot be determined for #{action.inspect} #{subject.inspect}"
+        end
+      end
+    end
+
+    def relevant_rules_for_query(action, subject)
+      relevant_rules(action, subject).each do |rule|
+        if rule.only_block?
+          raise Error, "The accessible_by call cannot be used with a block 'can' definition. The SQL cannot be determined for #{action.inspect} #{subject.inspect}"
+        end
+      end
+    end
+
+    def default_alias_actions
+      {
+        :read => [:index, :show],
+        :create => [:new],
+        :update => [:edit],
+      }
+    end
+  end
+end