cancannible 1.0.0 → 2.1.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    ZjFkNmJkNGYzODQ2NDRkZDJlODM0M2UyYjY2OTNlODJjMWIzNjU1Yw==
-  data.tar.gz: !binary |-
-    YzhmMDIxNGY3Y2NkOThiMDEzYzI2ODU5NTA1ZDMyMDA3NWQ1YzdjYQ==
+SHA256:
+  metadata.gz: ecb16c35b4fdf331771322c61a13d78d34e6e75eb97b26b06e8745ec0bf86ff4
+  data.tar.gz: 88d347b2f3dccf1e8fa6c38413676d38d89e7ad654ef425e70da5de5dce79592
 SHA512:
-  metadata.gz: !binary |-
-    MTc3ZGNlOTU1NzliNGFlNjBjOTk0ZGVmZDMyNzg4ODBlYTkxNGM4Njg3Mjdi
-    NDlkYjc0ZDg3NDRkZDIzMjkzMjRhOGQxZTQ4N2JiZDI1MjAxMWE4NzQ3ZmY5
-    NGFjZTYxYWM4Yzg0NGNlMWM3NGMzZTgxNjIxZWE5OThjNTAyMGE=
-  data.tar.gz: !binary |-
-    YzQzYzU4ZDEzZmRjZWZmNTZkYmVkNzExNzQxN2UyODNmNjc4ZWUzNTE2ZTZm
-    MzhmNDE2NjQwN2YyMzcwMDg5OTg5MGY1OGNiZjQyNDRmM2EyNjJmOGYxZGUw
-    ZjY1MjI2NmNhNTBkM2UyNjg4MTA1MGI3ZWIwNWFmYWE5MTY2NGM=
+  metadata.gz: 5e418c7689141e1967e44d011da10579dd6d1439bab2043ec5d71088a7f7f916be8496aa8dcf04c9c65bc70367980e32206e8c7029da2ccfb3fc52d7bc338b20
+  data.tar.gz: 481bdcff9e0e8501070e4c0ca1e0d4400e65708608bdcfaa6a7fd551d5783849eba6808bda6fe3e97c3df18c12b6c04764363bc1cb25e623e06803b67aeb0301

data/.github/workflows/ruby.yml

@@ -0,0 +1,34 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    branches: [ '*' ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.7', '3.0']
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@473e4d8fe5dd94ee328fdfca9f8c9c7afc9dae5e
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+      - name: Install dependencies
+        run: bundle install
+      - name: Run tests
+        run: bundle exec rake

data/.gitignore

@@ -22,3 +22,4 @@ tmp
 mkmf.log
 .rvm*
 .ruby*
+.byebug_history

data/Gemfile

@@ -1,6 +1,4 @@
 source 'https://rubygems.org'
 
-gem "appraisal"
-
 # Specify your gem's dependencies in cancannible.gemspec
 gemspec

data/Guardfile

@@ -1,18 +1,8 @@
 # A sample Guardfile
 # More info at https://github.com/guard/guard#readme
 
-# Note: The cmd option is now required due to the increasing number of ways
-#       rspec may be run, below are examples of the most common uses.
-#  * bundler: 'bundle exec rspec'
-#  * bundler binstubs: 'bin/rspec'
-#  * spring: 'bin/rsspec' (This will use spring if running and you have
-#                          installed the spring binstubs per the docs)
-#  * zeus: 'zeus rspec' (requires the server to be started separetly)
-#  * 'just' rspec: 'rspec'
-guard :rspec, cmd: 'bundle exec rspec' do
+guard :rspec, cmd: 'bundle exec rspec', all_on_start: false, all_after_pass: false do
   watch(%r{^spec/.+_spec\.rb$})
-  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/unit/#{m[1]}_spec.rb" }
+  watch(%r{^lib/cancannible/(.+)\.rb$})   { |m| "spec/unit/#{m[1]}_spec.rb" }
   watch('spec/spec_helper.rb')  { "spec" }
-
 end
-

data/README.md

@@ -1,23 +1,28 @@
 # Cancannible
-[![Build Status](https://travis-ci.org/evendis/cancannible.svg?branch=master)](https://travis-ci.org/evendis/cancannible)
 
-Cancannible is a gem that extends CanCan with a range of capabilities:
+Cancannible is a gem that extends [CanCanCan](https://github.com/CanCanCommunity/cancancan) with a range of capabilities:
+
 * database-persisted permissions
 * export CanCan methods to the model layer (so that permissions can be applied in model methods, and easily set in a test case)
 * permissions inheritance (so that, for example, a User can inherit permissions from Roles and/or Groups)
 * caching of abilities (so that they don't need to be recalculated on each web request)
 * general-purpose access refinements (so that, for example, CanCan will automatically enforce multi-tenant or other security restrictions)
-* battle-tested with Rails 3.2
-* tested with Rails 4 (but limited experience in the field?)
+* battle-tested with Rails 3.2.x and 4.2.x
+
+Two demo applications are available (with source) that show cancannible in action:
+
+* [cancannibledemo.evendis.com](http://cancannibledemo.evendis.com) uses Rails 3.2.x
+* [cancannibledemo4.evendis.com](http://cancannibledemo4.evendis.com) uses Rails 4.2.x
 
 ## Limitations
+
 Cancannible's origin was in a web application that's been in production for over 4 years.
 This gem is an initial refactoring as a separate component. It continues to be used in production, but
 there are some limitations and constraints that will ideally be removed or changed over time:
 
 * It only supports ActiveRecord for permissions storage (specifically, it has been tested with PostgreSQL and SQLite)
 * It currently assumes permissions are stored in a Permission model with a specific structure
-* It works with the [CanCan](https://github.com/ryanb/cancan) gem. It has not yet been tested with the new [CanCanCan](https://github.com/CanCanCommunity/cancancan) gem.
+* It works with the [CanCanCan](https://github.com/CanCanCommunity/cancancan) gem.
 * It assumes your CanCan rules are setup with the default `Ability` class
 
 

data/Rakefile

@@ -7,5 +7,5 @@ task :default => :spec
 
 desc "Open an irb session preloaded with this library"
 task :console do
-  sh "irb -rubygems -I lib -r cancannible.rb"
-end
+  sh "irb -I lib -r cancannible.rb"
+end

data/cancannible.gemspec

@@ -18,14 +18,17 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "activesupport", ">= 3.2.1"
-  spec.add_runtime_dependency "activemodel", ">= 3.2.1"
-  spec.add_runtime_dependency "cancan", "~> 1.6"
+  spec.add_runtime_dependency "activesupport", "~> 6.1"
+  spec.add_runtime_dependency "activemodel", "~> 6.1"
+  spec.add_runtime_dependency "cancancan"
 
-  spec.add_development_dependency "activerecord", ">= 3.2.1"
-  spec.add_development_dependency "sqlite3", "~> 1.3"
-  spec.add_development_dependency "bundler", "~> 1.6"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
-  spec.add_development_dependency "guard-rspec", "~> 4.0"
+  spec.add_development_dependency "activerecord", "~> 6.1"
+  spec.add_development_dependency "sqlite3", ">= 1.3.2"
+
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rdoc"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "guard-rspec"
+  spec.add_development_dependency "rb-fsevent"
 end

data/lib/cancannible/config.rb

@@ -1,5 +1,4 @@
 module Cancannible
-
   mattr_accessor :refinements
   mattr_accessor :get_cached_abilities
   mattr_accessor :store_cached_abilities
@@ -24,5 +23,4 @@ module Cancannible
     self.refinements[stage] ||= []
     self.refinements[stage] << refinement
   end
-
-end
+end

data/lib/cancannible/grantee.rb

@@ -35,16 +35,13 @@ module Cancannible::Grantee
         permission
       end
     end
-
   end
 
   module ClassMethods
-
     # Command: configures the set of associations (array of symbols) from which permissions should be inherited
     def inherit_permissions_from(*relations)
       self.inheritable_permissions = relations
     end
-
   end
 
   # Returns the Ability set for the owner.
@@ -53,7 +50,10 @@ module Cancannible::Grantee
     @abilities = if refresh
       nil
     elsif Cancannible.get_cached_abilities.respond_to?(:call)
-      Cancannible.get_cached_abilities.call(self)
+      result = Cancannible.get_cached_abilities.call(self)
+      # performs a crude compatibility check: cancan rules won't have a @rules_index
+      # (neither will an empty ability object, but we ignore this case)
+      result unless result && !result.instance_variable_defined?(:@rules_index)
     end
     return @abilities if @abilities
 
@@ -64,7 +64,7 @@ module Cancannible::Grantee
       ability_class.new(self)
     end
 
-    Cancannible.store_cached_abilities.call(self,@abilities) if Cancannible.store_cached_abilities.respond_to?(:call)
+    Cancannible.store_cached_abilities.call(self, @abilities) if Cancannible.store_cached_abilities.respond_to?(:call)
     @abilities
   end
 
@@ -98,16 +98,18 @@ module Cancannible::Grantee
   def cannot(ability, resource)
     permissions << [ability, resource, false]
   end
-
 end
 
-
 module Cancannible
   # This module is automatically included into all controllers.
   # It overrides some CanCan ControllerAdditions
   module ControllerAdditions
+    # Returns abilities cached in the current_user model.
+    # If that fails, returns a default Ability instance
     def current_ability
-      current_user.try(:abilities)
+      current_user.try(:abilities) || if ability_class = ('::Ability'.constantize rescue nil)
+        ability_class.new(current_user)
+      end
     end
   end
 end

data/lib/cancannible/preload_adapter.rb

@@ -2,14 +2,11 @@ module Cancannible::PreloadAdapter
   extend ActiveSupport::Concern
 
   included do
-
     # Tap Ability.new to first preload permissions via Cancannible
     alias_method :cancan_initialize, :initialize
     def initialize(user)
-      Cancannible::Preloader.preload_abilities!(user,self)
+      Cancannible::Preloader.preload_abilities!(user, self)
       cancan_initialize(user)
     end
-
   end
-
-end
+end

data/lib/cancannible/preloader.rb

@@ -1,19 +1,19 @@
 class Cancannible::Preloader
-
-  def self.preload_abilities!(grantee,cancan_ability_object)
-    new(grantee,cancan_ability_object).preload!
+  def self.preload_abilities!(grantee, cancan_ability_object)
+    new(grantee, cancan_ability_object).preload!
   end
 
   attr_accessor :grantee
   attr_accessor :cancan_ability_object
 
-  def initialize(grantee,cancan_ability_object)
+  def initialize(grantee, cancan_ability_object)
     self.grantee = grantee
     self.cancan_ability_object = cancan_ability_object
   end
 
   def preload!
     return unless grantee.respond_to?(:inherited_permissions)
+
     # load inherited permissions to CanCan Abilities
     preload_abilities_from_permissions(grantee.inherited_permissions)
     # load user-based permissions from database to CanCan Abilities
@@ -39,17 +39,15 @@ class Cancannible::Preloader
       end
 
       if permission.resource_id.nil?
-
         if action == :cannot
           # apply generic unrestricted permission to the class
-          cancan_ability_object.send( action, ability, resource_type )
+          cancan_ability_object.send(action, ability, resource_type)
         else
-
           refinements = resolve_resource_refinements(ability,model_resource)
 
           if refinements.empty?
             # apply generic unrestricted permission to the class
-            cancan_ability_object.send( action, ability, resource_type )
+            cancan_ability_object.send(action, ability, resource_type)
           else
             secondary_refinements = resolve_resource_refinements(ability,model_resource,2).presence || [{}]
             refinements.each do |refinement|
@@ -58,25 +56,22 @@ class Cancannible::Preloader
               end
             end
           end
-
         end
-
       elsif resource_type.find_by_id(permission.resource_id)
         cancan_ability_object.send( action,  ability, resource_type, id: permission.resource_id)
       end
-
     end
   end
 
   def resolve_resource_type(given_resource_type)
     model_resource = nil
     resource_type = given_resource_type
-    resource_type = resource_type==resource_type.downcase ? resource_type.to_sym : resource_type.constantize rescue nil
+    resource_type = resource_type == resource_type.downcase ? resource_type.to_sym : resource_type.constantize rescue nil
     model_resource = resource_type.respond_to?(:new) ? resource_type.new : resource_type rescue nil
     [resource_type,model_resource]
   end
 
-  def resolve_resource_refinements(ability,model_resource,stage=1)
+  def resolve_resource_refinements(ability, model_resource, stage=1)
     Array(Cancannible.refinements[stage-1]).each_with_object([]) do |refinement,memo|
       refinement_attributes = refinement.dup
 
@@ -111,5 +106,4 @@ class Cancannible::Preloader
       memo.push(restriction) if restriction.present?
     end
   end
-
-end
+end

data/lib/cancannible/version.rb

@@ -1,3 +1,3 @@
 module Cancannible
-  VERSION = "1.0.0"
+  VERSION = '2.1.0'
 end

data/lib/cancannible.rb

@@ -1,9 +1,9 @@
 require 'active_support'
 require 'active_support/core_ext'
-require 'cancan'
+require 'cancancan'
 
-require "cancannible/version"
-require "cancannible/config"
-require "cancannible/preload_adapter"
-require "cancannible/preloader"
-require "cancannible/grantee"
+require 'cancannible/version'
+require 'cancannible/config'
+require 'cancannible/preload_adapter'
+require 'cancannible/preloader'
+require 'cancannible/grantee'

data/lib/generators/cancannible/install_generator.rb

@@ -34,6 +34,5 @@ module Cancannible
         end
       end
     end
-
   end
 end

data/lib/generators/cancannible/templates/cancannible_initializer.rb

@@ -1,5 +1,4 @@
 Cancannible.setup do |config|
-
   # ABILITY CACHING
   # ===============
   # Cancannible supports optional ability caching. This can provide a significant performance
@@ -100,5 +99,4 @@ Cancannible.setup do |config|
   #
   # By default, access refinements are "stage 1" i.e. applied directly to the permissions being loaded.
   # By specifying stage 2, this refinement is applied on top of all stage 1 refinements (if possible / applicable)
-
 end

data/lib/generators/cancannible/templates/migration.rb

@@ -1,4 +1,4 @@
-class CreateCancanniblePermissions < ActiveRecord::Migration
+class CreateCancanniblePermissions < ActiveRecord::Migration[6.1]
   def change
     create_table :permissions, force: true do |table|
       table.integer  :permissible_id

data/lib/generators/cancannible/templates/permission.rb

@@ -1,8 +1,12 @@
 # The Permission class stores permissions managed by CanCan and Cancannible
 class Permission < ActiveRecord::Base
   belongs_to :permissible, polymorphic: true
-  belongs_to :resource, polymorphic: true
+  belongs_to :resource, polymorphic: true, optional: true
 
-  validates_uniqueness_of :ability, scope: [:resource_id, :resource_type, :permissible_id, :permissible_type]
+  validates :ability, uniqueness: { scope: [:resource_id, :resource_type, :permissible_id, :permissible_type] }
 
-end
+  # Note: for Rails 3 you may need to declare attr_accessible as follows, depending on your whitelist_attributes setting.
+  # A future version of cancannible should make this unnecessary.
+  #
+  # attr_accessible :asserted, :ability, :resource_id, :resource_type
+end

data/spec/spec_helper.rb

@@ -13,4 +13,4 @@ RSpec.configure do |config|
     Cancannible.reset!
     run_migrations
   end
-end
+end

data/spec/support/migrations_helper.rb

@@ -1,5 +1,4 @@
 module MigrationsHelper
-
   def run_migrations
     ActiveRecord::Base.establish_connection({
         adapter:   'sqlite3',
@@ -8,7 +7,6 @@ module MigrationsHelper
 
     ActiveRecord::Migration.suppress_messages do
       ActiveRecord::Schema.define(:version => 0) do
-
         create_table "members", :force => true do |t|
           t.string   "name"
           t.string   "email"
@@ -49,13 +47,11 @@ module MigrationsHelper
           t.string   "name"
           t.integer  "category_id"
         end
-
       end
     end
   end
-
 end
 
 RSpec.configure do |conf|
   conf.include MigrationsHelper
-end
+end

data/spec/support/models.rb

@@ -1,13 +1,10 @@
 # These model definitions are just used for the test scenarios
 
-# The Permission class stores permissions maanged by CanCan and Cancannible
 class Permission < ActiveRecord::Base
   belongs_to :permissible, polymorphic: true
-  belongs_to :resource, polymorphic: true
+  belongs_to :resource, polymorphic: true, optional: true
 
-  validates_uniqueness_of :ability,
-    :scope => [:resource_id, :resource_type,
-      :permissible_id, :permissible_type]
+  validates :ability, uniqueness: { scope: [:resource_id, :resource_type, :permissible_id, :permissible_type] }
 end
 
 class Member < ActiveRecord::Base

data/spec/unit/cached_abilities_spec.rb

@@ -3,29 +3,46 @@ require 'spec_helper'
 describe Cancannible do
   let(:grantee_class) { Member }
   let(:grantee) { grantee_class.create! }
+  let(:cached_object) do
+    abilities = Ability.new(grantee)
+    abilities.can :read, :all
+    abilities
+  end
 
   describe "#abilities" do
     subject { grantee.abilities }
 
     context "when get_cached_abilities provided" do
       before do
-        Cancannible.get_cached_abilities = proc{|grantee| "get_cached_abilities for #{grantee.id}" }
+        Cancannible.get_cached_abilities = proc { |grantee| cached_object }
+      end
+
+      it "returns the cached object" do
+        expect(cached_object.instance_variable_defined?(:@rules_index)).to eql(true)
+        expect(subject).to eql(cached_object)
       end
-      it "should returned the cached object" do
-        should eql("get_cached_abilities for #{grantee.id}")
+      context 'when incompatible cached_object' do
+        let(:cached_object) { 'bogative' }
+        it 'returns a new object' do
+          expect(subject).to be_an(Ability)
+          expect(subject).to_not eql(cached_object)
+        end
       end
       context "unless reload requested" do
         subject { grantee.abilities(true) }
-        it { should be_an(Ability) }
+        it 'returns a new object' do
+          expect(subject).to be_an(Ability)
+          expect(subject).to_not eql(cached_object)
+        end
       end
     end
 
     context "when store_cached_abilities provided" do
       before do
         @stored = nil
-        Cancannible.store_cached_abilities = proc{ |grantee,ability| @stored = { grantee_id: grantee.id, ability: ability } }
+        Cancannible.store_cached_abilities = proc { |grantee, ability| @stored = { grantee_id: grantee.id, ability: cached_object } }
       end
-      it "should store the cached object" do
+      it "stores the cached object" do
         expect { subject }.to change { @stored }.from(nil)
         expect(@stored[:grantee_id]).to eql(grantee.id)
         expect(@stored[:ability]).to be_an(Ability)
@@ -36,32 +53,27 @@ describe Cancannible do
       before do
         @stored = nil
         @store = 0
-        Cancannible.get_cached_abilities = proc{|grantee| @stored }
-        Cancannible.store_cached_abilities = proc{ |grantee,ability| @store += 1 ; @stored = { grantee_id: grantee.id, ability: ability } }
+        Cancannible.get_cached_abilities = proc { |grantee| @stored && cached_object }
+        Cancannible.store_cached_abilities = proc { |grantee, ability| @store += 1 ; @stored = { grantee_id: grantee.id, ability: ability } }
       end
-      it "should store the cached object on the first call" do
+      it "stores the cached object on the first call" do
         expect { subject }.to change { @stored }.from(nil)
         expect(@store).to eql(1)
-        expect(@stored[:grantee_id]).to eql(grantee.id)
-        expect(@stored[:ability]).to be_an(Ability)
+        expect(grantee.abilities.instance_variable_get(:@rules).size).to eql(1)
+        expect(grantee.abilities.instance_variable_get(:@rules_index).size).to eql(1)
       end
-      it "should return the cached object on the second call" do
+      it "returns the cached object on the second call" do
         expect { subject }.to change { @stored }.from(nil)
         expect(@store).to eql(1)
         expect { grantee.abilities }.to_not change { @store }
-        expect(grantee.abilities[:grantee_id]).to eql(grantee.id)
-        expect(grantee.abilities[:ability]).to be_an(Ability)
+        expect(grantee.abilities).to be_an(Ability)
       end
       it "should re-cache object on the second call if refresh requested" do
         expect { subject }.to change { @stored }.from(nil)
         expect(@store).to eql(1)
         expect { grantee.abilities(true) }.to change { @store }.from(1).to(2)
-        expect(grantee.abilities[:grantee_id]).to eql(grantee.id)
-        expect(grantee.abilities[:ability]).to be_an(Ability)
+        expect(grantee.abilities).to be_an(Ability)
       end
     end
-
-
   end
-
-end
+end

data/spec/unit/config_spec.rb

@@ -14,4 +14,4 @@ describe Cancannible do
       subject
     end
   end
-end
+end

data/spec/unit/custom_refinements_spec.rb

@@ -1,6 +1,5 @@
 require 'spec_helper'
 
-
 describe Cancannible do
   let(:grantee_class) { User }
   let(:ability) { :blow }
@@ -9,7 +8,6 @@ describe Cancannible do
   subject(:grantee) { grantee_class.create!(username: username) }
 
   describe "#can?" do
-
     context "with custom attribute association restriction" do
       let(:resource_class) { Widget }
       before do
@@ -245,7 +243,5 @@ describe Cancannible do
         it { should be_falsey }
       end
     end
-
   end
-
 end

data/spec/unit/grantee_spec.rb

@@ -4,7 +4,6 @@ describe Cancannible::Grantee do
   let(:grantee_class) { Member }
 
   context "without permissions inheritance" do
-
     describe "##inheritable_permissions" do
       subject { grantee_class.inheritable_permissions }
       it { should be_empty }
@@ -58,31 +57,6 @@ describe Cancannible::Grantee do
       end
     end
 
-    context "with a nil resource" do
-      let!(:resource) { nil }
-      describe "#can? -> nil" do
-        subject { grantee.can?(:read, nil) }
-        context "when permission is not set" do
-          it { should be_falsey }
-        end
-        context "when permission is set" do
-          before { grantee.can(:read, resource) }
-          it { should be_truthy }
-        end
-      end
-      describe "#can? -> ''" do
-        subject { grantee.can?(:read, '') }
-        context "when permission is not set" do
-          it { should be_falsey }
-        end
-        context "when permission is set" do
-          before { grantee.can(:read, resource) }
-          it { should be_falsey }
-        end
-      end
-    end
-
-
     context "with a resource class" do
       let!(:resource) { Widget }
 
@@ -121,15 +95,14 @@ describe Cancannible::Grantee do
     context "with a non-existent model" do
       describe "instance" do
         let!(:obsolete_permission) {grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'Bogative', resource_id: 33) }
-        it "should not error on load" do
-          expect { grantee.abilities }.to_not raise_error
+        it "raises CanCan::Error" do
+          expect { grantee.abilities }.to raise_error(CanCan::Error)
         end
       end
       describe "class" do
         let!(:obsolete_permission) {grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'Bogative') }
-        it "should not error on load" do
-          grantee.abilities
-          expect { grantee.abilities }.to_not raise_error
+        it "raises CanCan::Error" do
+          expect { grantee.abilities }.to raise_error(CanCan::Error)
         end
       end
     end
@@ -138,19 +111,17 @@ describe Cancannible::Grantee do
       class SuperBogative < ActiveRecord::Base
       end
       context "instance" do
-        let!(:obsolete_permission) { grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'SuperBogative', resource_id: 33) }
-        it "should not error on load" do
+        let!(:invalid_permission) { grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'SuperBogative', resource_id: 33) }
+        it "does not error on load" do
           expect { grantee.abilities }.to_not raise_error
         end
       end
       context "class" do
-        let!(:obsolete_permission) { grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'SuperBogative') }
-        it "should not error on load" do
+        let!(:invalid_permission) { grantee.permissions.create!(asserted: true, ability: 'manage', resource_type: 'SuperBogative') }
+        it "does not error on load" do
           expect { grantee.abilities }.to_not raise_error
         end
       end
     end
-
   end
-
 end

data/spec/unit/inherited_permissions_spec.rb

@@ -1,11 +1,9 @@
 require 'spec_helper'
 
-
 describe Cancannible do
   let(:grantee_class) { User }
 
   context "with mulitple sources of permissions inheritance" do
-
     describe "##inheritable_permissions" do
       subject { grantee_class.inheritable_permissions }
       it { should eql([:roles, :group]) }
@@ -15,12 +13,12 @@ describe Cancannible do
     let!(:role_b)  { Role.create! }
     let!(:group_a) { Group.create! }
     let!(:group_b) { Group.create! }
-    subject(:grantee) {
+    subject(:grantee) do
       u = grantee_class.new(group: group_a)
       u.roles << role_a
       u.save!
       u
-    }
+    end
 
     context "with a symbolic resource" do
       let!(:resource) { :something }
@@ -43,10 +41,8 @@ describe Cancannible do
           it { should be_truthy }
         end
       end
-
     end
 
-
     context "with a resource class" do
       let!(:resource) { Widget }
 
@@ -68,7 +64,6 @@ describe Cancannible do
           it { should be_truthy }
         end
       end
-
     end
 
     context "with a resource instance" do
@@ -136,10 +131,6 @@ describe Cancannible do
           it { should be_truthy }
         end
       end
-
-
     end
-
   end
-
 end

metadata

@@ -1,141 +1,169 @@
 --- !ruby/object:Gem::Specification
 name: cancannible
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Paul Gallagher
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-01-06 00:00:00.000000000 Z
+date: 2022-06-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: cancan
+  name: cancancan
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.1
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.3.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.3.2
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: guard-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rb-fsevent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0'
 description: Extends CanCan with dynamic, inheritable permissions stored in a database,
   with caching and multi-tenant refinements
 email:
@@ -144,20 +172,14 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
-- Appraisals
+- ".github/workflows/ruby.yml"
+- ".gitignore"
 - Gemfile
 - Guardfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - cancannible.gemspec
-- gemfiles/rails_3.gemfile
-- gemfiles/rails_3.gemfile.lock
-- gemfiles/rails_4.gemfile
-- gemfiles/rails_4.gemfile.lock
 - lib/cancannible.rb
 - lib/cancannible/config.rb
 - lib/cancannible/grantee.rb
@@ -181,24 +203,23 @@ homepage: https://github.com/evendis/cancannible
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5
-signing_key: 
+rubygems_version: 3.2.20
+signing_key:
 specification_version: 4
 summary: Dynamic, configurable permissions for CanCan
 test_files:

data/.rspec

@@ -1,2 +0,0 @@
---format documentation
---color

data/.travis.yml

@@ -1,14 +0,0 @@
-# These are specific configuration settings required for travis-ci
-language: ruby
-rvm:
-  - 1.9.3
-  - 2.1.5
-gemfile:
-  - gemfiles/rails_3.gemfile
-  - gemfiles/rails_4.gemfile
-matrix:
-  exclude:
-    - rvm: 1.9.3
-      gemfile: gemfiles/rails_4.gemfile
-    - rvm: 2.1.5
-      gemfile: gemfiles/rails_3.gemfile

data/Appraisals

@@ -1,11 +0,0 @@
-appraise "rails-3" do
-  gem "activesupport", '~> 3.2'
-  gem "activemodel", '~> 3.2'
-  gem "activerecord", '~> 3.2'
-end
-
-appraise "rails-4" do
-  gem "activesupport", '> 4'
-  gem "activemodel", '> 4'
-  gem "activerecord", '> 4'
-end

data/gemfiles/rails_3.gemfile

@@ -1,10 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "appraisal"
-gem "activesupport", "~> 3.2"
-gem "activemodel", "~> 3.2"
-gem "activerecord", "~> 3.2"
-
-gemspec :path => "../"

data/gemfiles/rails_3.gemfile.lock

@@ -1,98 +0,0 @@
-PATH
-  remote: ../
-  specs:
-    cancannible (1.0.0)
-      activemodel (>= 3.2.1)
-      activesupport (>= 3.2.1)
-      cancan (~> 1.6)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activemodel (3.2.19)
-      activesupport (= 3.2.19)
-      builder (~> 3.0.0)
-    activerecord (3.2.19)
-      activemodel (= 3.2.19)
-      activesupport (= 3.2.19)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activesupport (3.2.19)
-      i18n (~> 0.6, >= 0.6.4)
-      multi_json (~> 1.0)
-    appraisal (1.0.2)
-      bundler
-      rake
-      thor (>= 0.14.0)
-    arel (3.0.3)
-    builder (3.0.4)
-    cancan (1.6.10)
-    celluloid (0.16.0)
-      timers (~> 4.0.0)
-    coderay (1.1.0)
-    diff-lcs (1.2.5)
-    ffi (1.9.6)
-    formatador (0.2.5)
-    guard (2.10.5)
-      formatador (>= 0.2.4)
-      listen (~> 2.7)
-      lumberjack (~> 1.0)
-      nenv (~> 0.1)
-      pry (>= 0.9.12)
-      thor (>= 0.18.1)
-    guard-compat (1.2.0)
-    guard-rspec (4.5.0)
-      guard (~> 2.1)
-      guard-compat (~> 1.1)
-      rspec (>= 2.99.0, < 4.0)
-    hitimes (1.2.2)
-    i18n (0.7.0)
-    listen (2.8.4)
-      celluloid (>= 0.15.2)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-    lumberjack (1.0.9)
-    method_source (0.8.2)
-    multi_json (1.10.1)
-    nenv (0.1.1)
-    pry (0.10.1)
-      coderay (~> 1.1.0)
-      method_source (~> 0.8.1)
-      slop (~> 3.4)
-    rake (10.4.2)
-    rb-fsevent (0.9.4)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
-    rspec (3.1.0)
-      rspec-core (~> 3.1.0)
-      rspec-expectations (~> 3.1.0)
-      rspec-mocks (~> 3.1.0)
-    rspec-core (3.1.7)
-      rspec-support (~> 3.1.0)
-    rspec-expectations (3.1.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.1.0)
-    rspec-mocks (3.1.3)
-      rspec-support (~> 3.1.0)
-    rspec-support (3.1.2)
-    slop (3.6.0)
-    sqlite3 (1.3.10)
-    thor (0.19.1)
-    timers (4.0.1)
-      hitimes
-    tzinfo (0.3.40)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  activemodel (~> 3.2)
-  activerecord (~> 3.2)
-  activesupport (~> 3.2)
-  appraisal
-  bundler (~> 1.6)
-  cancannible!
-  guard-rspec (~> 4.0)
-  rake (~> 10.0)
-  rspec (~> 3.0)
-  sqlite3 (~> 1.3)

data/gemfiles/rails_4.gemfile

@@ -1,10 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "appraisal"
-gem "activesupport", "> 4"
-gem "activemodel", "> 4"
-gem "activerecord", "> 4"
-
-gemspec :path => "../"

data/gemfiles/rails_4.gemfile.lock

@@ -1,103 +0,0 @@
-PATH
-  remote: ../
-  specs:
-    cancannible (1.0.0)
-      activemodel (>= 3.2.1)
-      activesupport (>= 3.2.1)
-      cancan (~> 1.6)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activemodel (4.2.0)
-      activesupport (= 4.2.0)
-      builder (~> 3.1)
-    activerecord (4.2.0)
-      activemodel (= 4.2.0)
-      activesupport (= 4.2.0)
-      arel (~> 6.0)
-    activesupport (4.2.0)
-      i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
-    appraisal (1.0.2)
-      bundler
-      rake
-      thor (>= 0.14.0)
-    arel (6.0.0)
-    builder (3.2.2)
-    cancan (1.6.10)
-    celluloid (0.16.0)
-      timers (~> 4.0.0)
-    coderay (1.1.0)
-    diff-lcs (1.2.5)
-    ffi (1.9.6)
-    formatador (0.2.5)
-    guard (2.10.5)
-      formatador (>= 0.2.4)
-      listen (~> 2.7)
-      lumberjack (~> 1.0)
-      nenv (~> 0.1)
-      pry (>= 0.9.12)
-      thor (>= 0.18.1)
-    guard-compat (1.2.0)
-    guard-rspec (4.5.0)
-      guard (~> 2.1)
-      guard-compat (~> 1.1)
-      rspec (>= 2.99.0, < 4.0)
-    hitimes (1.2.2)
-    i18n (0.7.0)
-    json (1.8.1)
-    listen (2.8.4)
-      celluloid (>= 0.15.2)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-    lumberjack (1.0.9)
-    method_source (0.8.2)
-    minitest (5.5.0)
-    nenv (0.1.1)
-    pry (0.10.1)
-      coderay (~> 1.1.0)
-      method_source (~> 0.8.1)
-      slop (~> 3.4)
-    rake (10.4.2)
-    rb-fsevent (0.9.4)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
-    rspec (3.1.0)
-      rspec-core (~> 3.1.0)
-      rspec-expectations (~> 3.1.0)
-      rspec-mocks (~> 3.1.0)
-    rspec-core (3.1.7)
-      rspec-support (~> 3.1.0)
-    rspec-expectations (3.1.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.1.0)
-    rspec-mocks (3.1.3)
-      rspec-support (~> 3.1.0)
-    rspec-support (3.1.2)
-    slop (3.6.0)
-    sqlite3 (1.3.10)
-    thor (0.19.1)
-    thread_safe (0.3.4)
-    timers (4.0.1)
-      hitimes
-    tzinfo (1.2.2)
-      thread_safe (~> 0.1)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  activemodel (> 4)
-  activerecord (> 4)
-  activesupport (> 4)
-  appraisal
-  bundler (~> 1.6)
-  cancannible!
-  guard-rspec (~> 4.0)
-  rake (~> 10.0)
-  rspec (~> 3.0)
-  sqlite3 (~> 1.3)