cancancan_js 0.0.2 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 98dbb86ffa6179fa6191597c0abdc5e07b0469ca3ff853fff08aae17baef2478
-  data.tar.gz: aeaedf1f8a29bb53ae1c3cf51f0a3bc54c1b1378ba6c90b5b55139df589318c6
+  metadata.gz: 41ca52e7ad7d0737fd146a795b7894f75043de5b1f4da76ef612e016822a1933
+  data.tar.gz: 61db88d3cc3d0bb7084d63c6b4a41cd85bbfca5f695ca4002f73132cca774b35
 SHA512:
-  metadata.gz: 1752b8f47934c78f0ba4587769cda3a8f53f9120076c128d55573caba87914613d38edfd19b87f0dfe0723c2c5156c0f05ec75bb1f2a49602b3cf80e454d9656
-  data.tar.gz: c0a032be4263d22ebdf5c1a112dd6798b9f0b579533e851b63a2dea1fb35739f1acfea00e591e2f4ae13de1b15d827392f9dae437f55e3e7c351a60f1187d0fc
+  metadata.gz: 96a5681e3aa2da3587f7018ffa34e283922237f7e5191237d9e99ac602baaa4697f552a5861df6b041c05ebf0caa898dd0342d7ada0d970ebab4f2ede6044805
+  data.tar.gz: 6e9d196359bfaa8cfb350eddacffd037101dd22bd21e2c03f4069716aa1af26f42a75e99ff45dfbb9d3f3a4e25d5ef4ba30775b6673d60ad5d954b31c3f057c6

data/README.md

@@ -10,7 +10,18 @@ Depending on your implementation and rule-setup, you may not want to do this.
 If you're using sensitive data as rule-conditions in your Ability#initialize, then you should NOT use this gem!
 
 # Config
-`require 'cancancan_js'`
+create init file: `config/initializers/cancancan_js.rb`
+and populate it with the following:
+```
+require "cancancan_js"
+
+# default values shown
+CanCanCanJs.configure do |config|
+  # Option to export ALL rules (SQL-backed) to the front-end
+  # - false by default
+  config.export_all_back_end_rules = false
+end
+```
 
 Add this to your class Ability:
 `include CanCanCanJs::Export`
@@ -19,16 +30,52 @@ Add to your javascript application.js file:
 `//= require cancancan_js`
 
 # Implementation
+## Ability class
+You can either set the CanCanCanJs.configuration.export_all_back_end_rules config to true
+Or use the `front_end` block we've added to Ability. Both rules are active, but only the `:read, Account` is exported to the front-end.
+### ex:
+```
+class Ability
+  include CanCan::Ability
+  include CanCanCanJs::Export
+  def initialize(user = nil)
+    # not front-end visible 
+    can :read, User
+
+    # front-end visible 
+    front_end do 
+      can :read, Account
+    end
+  end
+end
+```
+
 ## Back-end
 We need to export the Ability rules to your front-end from your back-end. There are several ways to do this.
 - Add a new method to your user model
   - Add that method to a JSON serializer, export that user to the front-end
-- Create a new action/route on your users controller.
+- Create a new action/route on your users controller, application controller, or wherever.
   - Use that action to render the following JSON data: `current_ability.export` or `Ability.export(current_user)`
+### ex:
+```
+class ApplicationController < ActionController::Base
+  def abilities
+    render json: Ability.export(current_user).to_json
+    # or
+    # render json: current_ability.export.to_json
+  end
+end
+```
 
 ## Front-end
-After you are able to pull the back-end cancancan export to the front-end, you then call this javascript method and pass it the cancancan export:
+After you are able to pull the back-end cancancan export to the front-end via your created route, you then call this javascript method and pass it the cancancan export:
 `set_abilities(<export_rules>)`
+### ex:
+```
+$.get("<path_to_your_controller_and_action>", function(data, status){
+  set_abilities(data)
+});
+```
 
 # Usage
 You can now call the JS function `can`, and pass it similar CanCanCan values  

data/cancancan_js.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{cancancan_js}
-  s.version = "0.0.2"
+  s.version = "1.0.0"
   s.date = %q{2023-02-25}
   s.authors = ["benjamin.dana.software.dev@gmail.com"]
   s.summary = %q{CanCanCan, But Accessible in the Front-End Javascript}

data/lib/cancan/ability/front_end_rules_extensions.rb

@@ -0,0 +1,13 @@
+module FrontEndRulesExtensions
+  protected
+  def front_end_rules
+    @front_end_rules ||= []
+  end
+  private
+  def add_rule(rule)
+    if CanCanCanJs.configuration.start_block_front_end_rules
+      front_end_rules << rule
+    end
+    super(rule)
+  end
+end

data/lib/cancan/ability/rules.rb

@@ -0,0 +1,7 @@
+module CanCan
+  module Ability
+    module Rules
+      prepend FrontEndRulesExtensions
+    end
+  end
+end

data/lib/cancancan_js/configuration.rb

@@ -0,0 +1,13 @@
+module CanCanCanJs
+  class Configuration
+    # CanCanCanJs.configuration.start_block_front_end_rules
+    attr_accessor :start_block_front_end_rules
+    # CanCanCanJs.configuration.export_all_back_end_rules
+    attr_accessor :export_all_back_end_rules
+
+    def initialize
+      @start_block_front_end_rules = false
+      @export_all_back_end_rules = false
+    end
+  end
+end

data/lib/cancancan_js/export.rb

@@ -7,12 +7,39 @@ module CanCanCanJs
     end
 
     def export
-      {class_abilities: permissions[:can], object_rules: export_rules}
+      {class_abilities: front_end_permissions[:can], object_rules: export_rules}
+    end
+
+    def front_end &block
+      CanCanCanJs.configuration.start_block_front_end_rules = true
+      begin
+        block.call
+      ensure
+        CanCanCanJs.configuration.start_block_front_end_rules = false
+      end
+    end
+
+    # replicating Ability#permissions method, but for front-end export
+    def front_end_permissions
+      permissions_list = {
+        can: Hash.new { |actions, k1| actions[k1] = Hash.new { |subjects, k2| subjects[k2] = [] } },
+        cannot: Hash.new { |actions, k1| actions[k1] = Hash.new { |subjects, k2| subjects[k2] = [] } }
+      }
+      usable_rules_list = front_end_rules
+      if CanCanCanJs.configuration.export_all_back_end_rules
+        usable_rules_list = rules
+      end
+      usable_rules_list.each { |rule| extract_rule_in_permissions(permissions_list, rule) }
+      permissions_list
     end
 
     def export_rules
       new_list = {}
-      rules.each do |rule|
+      usable_rules_list = front_end_rules
+      if CanCanCanJs.configuration.export_all_back_end_rules
+        usable_rules_list = rules
+      end
+      usable_rules_list.each do |rule|
         # init subjects if necessary
         rule.subjects.each do |subject|
           # subject_key is Class name as sym.
@@ -45,7 +72,7 @@ module CanCanCanJs
       def export user
         local_ability = Ability.new(user)
         # We don't care about the 'cannot' section
-        return {class_abilities: local_ability.permissions[:can], object_rules: local_ability.export_rules}
+        return {class_abilities: local_ability.front_end_permissions[:can], object_rules: local_ability.export_rules}
       end
     end
   end

data/lib/cancancan_js.rb

@@ -1,22 +1,25 @@
-# require 'cancancan'
+require 'cancancan'
 require_relative 'cancancan_js/export'
+require_relative 'cancancan_js/configuration'
 require_relative 'cancancan_js/engine'
+require_relative 'cancan/ability/front_end_rules_extensions'
+require_relative 'cancan/ability/rules'
 
-# module CanCanCanJs
-#   # config src: http://lizabinante.com/blog/creating-a-configurable-ruby-gem/
-#   class << self
-#     attr_accessor :configuration
-#   end
+# config src: http://lizabinante.com/blog/creating-a-configurable-ruby-gem/
+module CanCanCanJs
+  class << self
+    attr_accessor :configuration
+  end
 
-#   def self.configuration
-#     @configuration ||= Configuration.new
-#   end
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
 
-#   def self.reset
-#     @configuration = Configuration.new
-#   end
+  def self.reset
+    @configuration = Configuration.new
+  end
 
-#   def self.configure
-#     yield(configuration)
-#   end
-# end
+  def self.configure
+    yield(configuration)
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cancancan_js
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 1.0.0
 platform: ruby
 authors:
 - benjamin.dana.software.dev@gmail.com
@@ -47,7 +47,10 @@ files:
 - LICENSE
 - README.md
 - cancancan_js.gemspec
+- lib/cancan/ability/front_end_rules_extensions.rb
+- lib/cancan/ability/rules.rb
 - lib/cancancan_js.rb
+- lib/cancancan_js/configuration.rb
 - lib/cancancan_js/engine.rb
 - lib/cancancan_js/export.rb
 - vendor/assets/javascripts/cancancan_js.js