cancat 0.0.1.beta1

data/spec/cancan/model_adapters/default_adapter_spec.rb

@@ -0,0 +1,7 @@
+require "spec_helper"
+
+describe CanCan::ModelAdapters::DefaultAdapter do
+  it "should be default for generic classes" do
+    CanCan::ModelAdapters::AbstractAdapter.adapter_class(Object).should == CanCan::ModelAdapters::DefaultAdapter
+  end
+end

data/spec/cancan/model_adapters/mongoid_adapter_spec.rb

@@ -0,0 +1,216 @@
+if ENV["MODEL_ADAPTER"] == "mongoid"
+  require "spec_helper"
+
+  class MongoidCategory
+    include Mongoid::Document
+
+    references_many :mongoid_projects
+  end
+
+  class MongoidProject
+    include Mongoid::Document
+
+    referenced_in :mongoid_category
+  end
+
+  Mongoid.configure do |config|
+    config.master = Mongo::Connection.new('127.0.0.1', 27017).db("cancan_mongoid_spec")
+  end
+
+  describe CanCan::ModelAdapters::MongoidAdapter do
+    context "Mongoid defined" do
+      before(:each) do
+        @ability = Object.new
+        @ability.extend(CanCan::Ability)
+      end
+
+      after(:each) do
+        Mongoid.master.collections.select do |collection|
+          collection.name !~ /system/
+        end.each(&:drop)
+      end
+
+      it "should be for only Mongoid classes" do
+        CanCan::ModelAdapters::MongoidAdapter.should_not be_for_class(Object)
+        CanCan::ModelAdapters::MongoidAdapter.should be_for_class(MongoidProject)
+        CanCan::ModelAdapters::AbstractAdapter.adapter_class(MongoidProject).should == CanCan::ModelAdapters::MongoidAdapter
+      end
+
+      it "should find record" do
+        project = MongoidProject.create
+        CanCan::ModelAdapters::MongoidAdapter.find(MongoidProject, project.id).should == project
+      end
+
+      it "should compare properties on mongoid documents with the conditions hash" do
+        model = MongoidProject.new
+        @ability.can :read, MongoidProject, :id => model.id
+        @ability.should be_able_to(:read, model)
+      end
+
+      it "should be able to read hashes when field is array" do
+        one_to_three = MongoidProject.create(:numbers => ['one', 'two', 'three'])
+        two_to_five  = MongoidProject.create(:numbers => ['two', 'three', 'four', 'five'])
+
+        @ability.can :foo, MongoidProject, :numbers => 'one'
+        @ability.should be_able_to(:foo, one_to_three)
+        @ability.should_not be_able_to(:foo, two_to_five)
+      end
+
+      it "should return [] when no ability is defined so no records are found" do
+        MongoidProject.create(:title => 'Sir')
+        MongoidProject.create(:title => 'Lord')
+        MongoidProject.create(:title => 'Dude')
+
+        MongoidProject.accessible_by(@ability, :read).entries.should == []
+      end
+
+      it "should return the correct records based on the defined ability" do
+        @ability.can :read, MongoidProject, :title => "Sir"
+        sir   = MongoidProject.create(:title => 'Sir')
+        lord  = MongoidProject.create(:title => 'Lord')
+        dude  = MongoidProject.create(:title => 'Dude')
+
+        MongoidProject.accessible_by(@ability, :read).entries.should == [sir]
+      end
+
+      it "should be able to mix empty conditions and hashes" do
+        @ability.can :read, MongoidProject
+        @ability.can :read, MongoidProject, :title => 'Sir'
+        sir  = MongoidProject.create(:title => 'Sir')
+        lord = MongoidProject.create(:title => 'Lord')
+
+        MongoidProject.accessible_by(@ability, :read).count.should == 2
+      end
+
+      it "should return everything when the defined ability is manage all" do
+        @ability.can :manage, :all
+        sir   = MongoidProject.create(:title => 'Sir')
+        lord  = MongoidProject.create(:title => 'Lord')
+        dude  = MongoidProject.create(:title => 'Dude')
+
+        MongoidProject.accessible_by(@ability, :read).entries.should == [sir, lord, dude]
+      end
+
+      it "should allow a scope for conditions" do
+        @ability.can :read, MongoidProject, MongoidProject.where(:title => 'Sir')
+        sir   = MongoidProject.create(:title => 'Sir')
+        lord  = MongoidProject.create(:title => 'Lord')
+        dude  = MongoidProject.create(:title => 'Dude')
+
+        MongoidProject.accessible_by(@ability, :read).entries.should == [sir]
+      end
+
+      describe "Mongoid::Criteria where clause Symbol extensions using MongoDB expressions" do
+        it "should handle :field.in" do
+          obj = MongoidProject.create(:title => 'Sir')
+          @ability.can :read, MongoidProject, :title.in => ["Sir", "Madam"]
+          @ability.can?(:read, obj).should == true
+          MongoidProject.accessible_by(@ability, :read).should == [obj]
+
+          obj2 = MongoidProject.create(:title => 'Lord')
+          @ability.can?(:read, obj2).should == false
+        end
+
+        describe "activates only when there are Criteria in the hash" do
+          it "Calls where on the model class when there are criteria" do
+            obj = MongoidProject.create(:title => 'Bird')
+            @conditions = {:title.nin => ["Fork", "Spoon"]}
+
+            @ability.can :read, MongoidProject, @conditions
+            @ability.should be_able_to(:read, obj)
+          end
+          it "Calls the base version if there are no mongoid criteria" do
+            obj = MongoidProject.new(:title => 'Bird')
+            @conditions = {:id => obj.id}
+            @ability.can :read, MongoidProject, @conditions
+            @ability.should be_able_to(:read, obj)
+          end
+        end
+
+        it "should handle :field.nin" do
+          obj = MongoidProject.create(:title => 'Sir')
+          @ability.can :read, MongoidProject, :title.nin => ["Lord", "Madam"]
+          @ability.can?(:read, obj).should == true
+          MongoidProject.accessible_by(@ability, :read).should == [obj]
+
+          obj2 = MongoidProject.create(:title => 'Lord')
+          @ability.can?(:read, obj2).should == false
+        end
+
+        it "should handle :field.size" do
+          obj = MongoidProject.create(:titles => ['Palatin', 'Margrave'])
+          @ability.can :read, MongoidProject, :titles.size => 2
+          @ability.can?(:read, obj).should == true
+          MongoidProject.accessible_by(@ability, :read).should == [obj]
+
+          obj2 = MongoidProject.create(:titles => ['Palatin', 'Margrave', 'Marquis'])
+          @ability.can?(:read, obj2).should == false
+        end
+
+        it "should handle :field.exists" do
+          obj = MongoidProject.create(:titles => ['Palatin', 'Margrave'])
+          @ability.can :read, MongoidProject, :titles.exists => true
+          @ability.can?(:read, obj).should == true
+          MongoidProject.accessible_by(@ability, :read).should == [obj]
+
+          obj2 = MongoidProject.create
+          @ability.can?(:read, obj2).should == false
+        end
+
+        it "should handle :field.gt" do
+          obj = MongoidProject.create(:age => 50)
+          @ability.can :read, MongoidProject, :age.gt => 45
+          @ability.can?(:read, obj).should == true
+          MongoidProject.accessible_by(@ability, :read).should == [obj]
+
+          obj2 = MongoidProject.create(:age => 40)
+          @ability.can?(:read, obj2).should == false
+        end
+
+        it "should handle instance not saved to database" do
+          obj = MongoidProject.new(:title => 'Sir')
+          @ability.can :read, MongoidProject, :title.in => ["Sir", "Madam"]
+          @ability.can?(:read, obj).should == true
+
+          # accessible_by only returns saved records
+          MongoidProject.accessible_by(@ability, :read).entries.should == []
+
+          obj2 = MongoidProject.new(:title => 'Lord')
+          @ability.can?(:read, obj2).should == false
+        end
+      end
+
+      it "should call where with matching ability conditions" do
+        obj = MongoidProject.create(:foo => {:bar => 1})
+        @ability.can :read, MongoidProject, :foo => {:bar => 1}
+        MongoidProject.accessible_by(@ability, :read).entries.first.should == obj
+      end
+      
+      it "should exclude from the result if set to cannot" do
+        obj = MongoidProject.create(:bar => 1)
+        obj2 = MongoidProject.create(:bar => 2)
+        @ability.can :read, MongoidProject
+        @ability.cannot :read, MongoidProject, :bar => 2
+        MongoidProject.accessible_by(@ability, :read).entries.should == [obj]
+      end
+
+      it "should combine the rules" do
+        obj = MongoidProject.create(:bar => 1)
+        obj2 = MongoidProject.create(:bar => 2)
+        obj3 = MongoidProject.create(:bar => 3)
+        @ability.can :read, MongoidProject, :bar => 1
+        @ability.can :read, MongoidProject, :bar => 2
+        MongoidProject.accessible_by(@ability, :read).entries.should =~ [obj, obj2]
+      end
+      
+      it "should not allow to fetch records when ability with just block present" do
+        @ability.can :read, MongoidProject do
+          false
+        end
+        lambda {
+          MongoidProject.accessible_by(@ability)
+        }.should raise_error(CanCan::Error)
+      end
+    end
+  end
+end

data/spec/cancan/rule_spec.rb

@@ -0,0 +1,39 @@
+require "spec_helper"
+
+# Most of Rule functionality is tested in Ability specs
+describe CanCan::Rule do
+  before(:each) do
+    @conditions = {}
+    @rule = CanCan::Rule.new(true, :read, Integer, @conditions, nil)
+  end
+
+  it "should return no association joins if none exist" do
+    @rule.associations_hash.should == {}
+  end
+
+  it "should return no association for joins if just attributes" do
+    @conditions[:foo] = :bar
+    @rule.associations_hash.should == {}
+  end
+
+  it "should return single association for joins" do
+    @conditions[:foo] = {:bar => 1}
+    @rule.associations_hash.should == {:foo => {}}
+  end
+
+  it "should return multiple associations for joins" do
+    @conditions[:foo] = {:bar => 1}
+    @conditions[:test] = {1 => 2}
+    @rule.associations_hash.should == {:foo => {}, :test => {}}
+  end
+
+  it "should return nested associations for joins" do
+    @conditions[:foo] = {:bar => {1 => 2}}
+    @rule.associations_hash.should == {:foo => {:bar => {}}}
+  end
+
+  it "should return no association joins if conditions is nil" do
+    rule = CanCan::Rule.new(true, :read, Integer, nil, nil)
+    rule.associations_hash.should == {}
+  end
+end

data/spec/matchers.rb

@@ -0,0 +1,13 @@
+RSpec::Matchers.define :orderlessly_match do |original_string|
+  match do |given_string|
+    original_string.split('').sort == given_string.split('').sort
+  end
+
+  failure_message_for_should do |given_string|
+    "expected \"#{given_string}\" to have the same characters as \"#{original_string}\""
+  end
+
+  failure_message_for_should_not do |given_string|
+    "expected \"#{given_string}\" not to have the same characters as \"#{original_string}\""
+  end
+end

data/spec/spec.opts

@@ -0,0 +1,2 @@
+--color
+--backtrace

data/spec/spec_helper.rb

@@ -0,0 +1,41 @@
+require 'rubygems'
+require 'bundler/setup'
+
+Bundler.require(:default)
+
+require 'supermodel' # shouldn't Bundler do this already?
+require 'active_support/all'
+require 'matchers'
+require 'cancan/matchers'
+
+RSpec.configure do |config|
+  config.mock_with :rr
+  config.before(:each) do
+    Project.delete_all
+    Category.delete_all
+  end
+end
+
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+  end
+end
+
+class Category < SuperModel::Base
+  has_many :projects
+end
+
+class Project < SuperModel::Base
+  belongs_to :category
+  attr_accessor :category # why doesn't SuperModel do this automatically?
+
+  def self.respond_to?(method, include_private = false)
+    if method.to_s == "find_by_name!" # hack to simulate ActiveRecord
+      true
+    else
+      super
+    end
+  end
+end

metadata

@@ -0,0 +1,171 @@
+--- !ruby/object:Gem::Specification 
+name: cancat
+version: !ruby/object:Gem::Version 
+  hash: 62196393
+  prerelease: 6
+  segments: 
+  - 0
+  - 0
+  - 1
+  - beta
+  - 1
+  version: 0.0.1.beta1
+platform: ruby
+authors: 
+- Ryan Bates, Matthew Burket
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-05-30 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 11
+        segments: 
+        - 2
+        - 1
+        - 0
+        version: 2.1.0
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rails
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 9
+        segments: 
+        - 3
+        - 0
+        - 7
+        version: 3.0.7
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rr
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 33
+        segments: 
+        - 0
+        - 10
+        - 11
+        version: 0.10.11
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: supermodel
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 19
+        segments: 
+        - 0
+        - 1
+        - 4
+        version: 0.1.4
+  type: :development
+  version_requirements: *id004
+description: Simple authorization solution for Rails which is decoupled from user roles. All permissions are stored in a single location.
+email: support@AssignItApp.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- lib/cancan/rule.rb
+- lib/cancan/model_additions.rb
+- lib/cancan/exceptions.rb
+- lib/cancan/model_adapters/default_adapter.rb
+- lib/cancan/model_adapters/active_record_adapter.rb
+- lib/cancan/model_adapters/abstract_adapter.rb
+- lib/cancan/model_adapters/data_mapper_adapter.rb
+- lib/cancan/model_adapters/mongoid_adapter.rb
+- lib/cancan/ability.rb
+- lib/cancan/inherited_resource.rb
+- lib/cancan/controller_additions.rb
+- lib/cancan/matchers.rb
+- lib/cancan/controller_resource.rb
+- lib/cancan.rb
+- lib/generators/cancan/ability/USAGE
+- lib/generators/cancan/ability/templates/ability.rb
+- lib/generators/cancan/ability/ability_generator.rb
+- spec/spec.opts
+- spec/cancan/ability_spec.rb
+- spec/cancan/exceptions_spec.rb
+- spec/cancan/rule_spec.rb
+- spec/cancan/controller_additions_spec.rb
+- spec/cancan/model_adapters/data_mapper_adapter_spec.rb
+- spec/cancan/model_adapters/active_record_adapter_spec.rb
+- spec/cancan/model_adapters/mongoid_adapter_spec.rb
+- spec/cancan/model_adapters/default_adapter_spec.rb
+- spec/cancan/matchers_spec.rb
+- spec/cancan/inherited_resource_spec.rb
+- spec/cancan/controller_resource_spec.rb
+- spec/spec_helper.rb
+- spec/README.rdoc
+- spec/matchers.rb
+- Gemfile
+- Rakefile
+- CHANGELOG.rdoc
+- LICENSE
+- README.rdoc
+- init.rb
+has_rdoc: true
+homepage: http://github.com/Mab879/cancant
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 19
+      segments: 
+      - 1
+      - 3
+      - 4
+      version: 1.3.4
+requirements: []
+
+rubyforge_project: cancat
+rubygems_version: 1.6.1
+signing_key: 
+specification_version: 3
+summary: Simple authorization solution for Rails.
+test_files: []
+