cantango-api 0.0.0

data/lib/cantango/api/model/user.rb

@@ -0,0 +1,39 @@
+module CanTango::Api
+  module Model
+    module User
+      attr_writer :active_user, :active_account, :ability_class
+
+      def self.included(base)
+        CanTango.config.users.register base
+      end
+
+      def active_user
+        @active_user || self
+      end
+
+      def active_account
+        return @active_account if  @active_account
+        return send(:account) if respond_to? :account
+        raise "No account could be found for user: #{self}"
+      end
+
+      def can? *args
+        ability.can?(*args)
+      end
+
+      def cannot? *args
+        ability.cannot?(*args)
+      end
+
+      protected
+  
+      def ability
+        ability_class.new(active_user)
+      end
+  
+      def ability_class
+        CanTango::Ability::Executor::Modes
+      end
+    end
+  end
+end

data/lib/cantango/api/model.rb

@@ -0,0 +1,5 @@
+module CanTango::Api
+  module Session
+    autoload_modules :User, :Account
+  end
+end

data/lib/cantango/api/options.rb

@@ -0,0 +1,19 @@
+module CanTango::Api
+  module Options
+    def ability_options
+      opts = {}
+      options_list.each do |option|
+        opts.merge!(option => send(option)) if respond_to? option, true
+      end
+      opts
+    end
+
+    def self.options_list
+      [:session, :request, :params, :controller, :domain, :cookies]
+    end
+
+    def options_list
+      CanTango::Api::Options.options_list
+    end
+  end
+end

data/lib/cantango/api/scope/account.rb

@@ -0,0 +1,26 @@
+module CanTango::Api
+  module Scope
+    module Account
+      def account_scope scope, options = {}, &block
+        account = scoped_account(scope)
+        ab_scope = account_ability_scope(account, options)
+        yield ab_scope if block
+        ab_scope
+      end
+
+      def as_real_account scope, options = {}, &block
+        scope_account scope, options.merge(:masquerade => false), &block
+      end
+
+      protected
+
+      def account_ability_scope account, options = {}
+        CanTango::Ability::Scope.new user_account_ability(account, options)
+      end
+
+      def scoped_acount scope
+        send(:"current_#{scope}_account")
+      end
+    end
+  end
+end

data/lib/cantango/api/scope/user.rb

@@ -0,0 +1,26 @@
+module CanTango::Api
+  module Scope
+    module User
+      def scope_user scope, options = {}, &block
+        user = scoped_user(scope)
+        ab_scope = user_ability_scope(user, options)
+        yield ab_scope if block
+        ab_scope
+      end
+
+      def real_user scope, options = {}, &block
+        scope_user scope, options.merge(:masquerade => false), &block
+      end
+
+      protected
+
+      def user_ability_scope user, options = {}
+        CanTango::Ability::Scope.new user_ability(user, options)
+      end
+
+      def scoped_user scope
+        send(:"current_#{scope}")
+      end
+    end
+  end
+end

data/lib/cantango/api/scope.rb

@@ -0,0 +1,5 @@
+module CanTango::Api
+  module Scope
+    autoload_modules :User, :Account
+  end
+end

data/lib/cantango/api/session/account.rb

@@ -0,0 +1,38 @@
+module CanTango::Api
+  module Session
+    module Account
+      def self.included(base)
+        ::CanTango.config.user_accounts.registered.each do |type|
+          base.class_eval %{
+            def session_#{type}_account
+              current_#{type}_account if respond_to? :current_#{type}_account
+              guest_account
+            end
+          }
+        end
+      end
+
+      # give me any logged in user or the guest user
+      def any_account *types
+        types = types.flatten.select_labels.map(&:to_sym)
+        c_account = ::CanTango.config.user_accounts.registered.each do |type|
+          meth = :"current_#{type}_account"
+          send(meth) if respond_to?(meth) && (types.empty? || types.include?(user))
+        end.compact.first
+        c_account || guest_account
+      end
+
+      def guest_account
+        CanTango.config.guest.account
+      end
+      
+      def active_account
+        session[:active_account]
+      end
+
+      def active_account= account
+        session[:active_account] = account
+      end
+    end
+  end
+end

data/lib/cantango/api/session/user.rb

@@ -0,0 +1,38 @@
+module CanTango::Api
+  module Session
+    module User
+      def self.included(base)
+        ::CanTango.config.users.registered.each do |user|
+          base.class_eval %{
+            def session_#{user}
+              current_#{user} if respond_to? :current_#{user}
+              guest_user
+            end
+          }
+        end
+      end
+
+      # give me any logged in user or the guest user
+      def any_user *types
+        types = types.flatten.select_labels.map(&:to_sym)
+        c_user = ::CanTango.config.users.registered.each do |user|
+          meth = :"current_#{user}"
+          send(meth) if respond_to?(meth) && (types.empty? || types.include?(user))
+        end.compact.first
+        c_user || guest_user
+      end
+
+      def guest_user
+        CanTango.config.guest.user
+      end
+      
+      def active_user
+        session[:active_user]
+      end
+
+      def active_user= user
+        session[:active_user] = user
+      end
+    end
+  end
+end

data/lib/cantango/api/session.rb

@@ -0,0 +1,5 @@
+module CanTango::Api
+  module Session
+    autoload_modules :User, :Account
+  end
+end

data/lib/cantango/api/user.rb

@@ -0,0 +1,19 @@
+module CanTango::Api
+  module User
+    module All
+      def self.included base
+        apis.each do |api|
+          base.send :include, clazz(api)
+        end
+      end
+
+      def self.apis
+        [:ability, :can, :scope, :session]
+      end
+
+      def clazz api
+        "CanTango::Api::#{api.to_s.camelize}::User".constantize
+      end
+    end
+  end
+end

data/lib/cantango/api.rb

@@ -0,0 +1,26 @@
+require 'sugar-high/array'
+require 'sugar-high/blank'
+require 'hashie'
+require 'sweetloader'
+
+AutoLoader.namespaces = {:CanTango => 'cantango'}
+
+module CanTango
+  module Api
+    autoload_modules :Ability, :Account, :Attributes, :Can
+    autoload_modules :Common, :Options, :Model, :Scope, :Session, :User
+
+    def self.apis
+      [:ability, :can, :scope, :session]
+    end
+
+    apis.each do |api|
+      clazz = api.to_s.camelize
+      self.extend "CanTango::Api::#{clazz}::User".constantize
+      self.extend "CanTango::Api::#{clazz}::Account".constantize
+    end
+    
+    # FIX - sweetloader, camelize there!
+    autoload_modules *apis.map{|api| api.to_s.camelize}
+  end
+end

data/spec/cantango/api/ability/account_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+# require 'cantango/configuration/engines/store_engine_shared'
+
+CanTango.configure do |config|
+  config.users.register     :user, User
+  config.users.register     :admin, Admin
+
+  config.accounts.register  :user, UserAccount
+  config.accounts.register  :admin, AdminAccount
+
+  # config.cache_engine.set :off
+  # config.permit_engine.set :on
+end
+
+class Context
+  include CanTango::Api::Account::Ability
+
+  include_and_extend ::CurrentUserAccounts
+end
+
+describe CanTango::Api::UserAccount::Ability do
+  subject { Context.new }
+
+  describe 'user_account_ability' do
+    specify { subject.user_account_ability(subject.current_user_account).should be_a CanTango::Ability }
+    specify { subject.user_account_ability(subject.current_admin_account).should be_a CanTango::Ability }
+  end
+
+  describe 'current_account_ability' do
+    specify { subject.current_account_ability(:user).should be_a CanTango::Ability }
+    specify { subject.current_account_ability(:admin).should be_a CanTango::Ability }
+  end
+end

data/spec/cantango/api/ability/user_spec.rb

@@ -0,0 +1,57 @@
+require 'rspec'
+require 'cantango'
+require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/api/current_users'
+# require 'cantango/configuration/engines/store_engine_shared'
+
+class User
+  include_and_extend SimpleRoles
+end
+
+class Admin < User
+end
+
+CanTango.configure do |config|
+  config.users.register :user, User
+  config.users.register :admin, Admin
+
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
+
+class Context
+  include CanTango::Api::User::Ability
+
+  include_and_extend ::CurrentUsers
+end
+
+describe CanTango::Api::User::Ability do
+  subject { Context.new }
+
+  describe 'user_ability user' do
+    specify { subject.user_ability(subject.current_user).should be_a CanTango::Ability }
+  end
+
+  describe 'user_ability admin' do
+    specify { subject.user_ability(subject.current_admin).should be_a CanTango::Ability }
+  end
+
+  describe 'current_user_ability :user' do
+    specify { subject.current_user_ability(:user).should be_a CanTango::Ability }
+
+    it 'should set the :user user correctly on ability' do
+      subject.current_user_ability(:user).user.should == subject.current_user
+    end
+  end
+
+  describe 'current_user_ability :admin' do
+    specify { subject.current_user_ability(:admin).should be_a CanTango::Ability }
+
+    it 'should set the :admin user correctly on ability' do
+      subject.current_user_ability(:admin).user.should == subject.current_admin
+    end
+  end
+end
+
+

data/spec/cantango/api/attributes_spec.rb

@@ -0,0 +1,25 @@
+require 'spec_helper'
+require 'helpers/current_users'
+
+CanTango.config.users.register :user, User
+CanTango.config.users.register :admin, Admin
+
+class Context
+  include CanTango::Api::User::Ability
+
+  include CurrentUsers
+  extend ::CurrentUsers
+end
+
+describe CanTango::Api::User::Ability do
+  subject { Context.new }
+
+  describe 'user_ability user' do
+    specify { subject.user_ability(subject.current_user).should be_a CanTango::Ability }
+  end
+
+  describe 'user_ability admin' do
+    specify { subject.user_ability(subject.current_admin).should be_a CanTango::Ability }
+  end
+end
+ 

data/spec/cantango/api/can/account_spec.rb

@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+require 'helpers/current_user_accounts'
+# require 'cantango/configuration/engines/store_engine_shared'
+
+class User
+  include_and_extend SimpleRoles
+end
+
+CanTango.configure do |config|
+  config.users.register     :user, User
+  config.users.register     :admin, Admin
+
+  config.accounts.register  :user, UserAccount
+  config.accounts.register  :admin, AdminAccount
+
+  #config.cache_engine.set :off
+  #config.permit_engine.set :on
+end
+
+class UserRolePermit < CanTango::RolePermit
+  def permit_rules
+    can :edit, Article
+    cannot :edit, User
+  end
+end
+
+class AdminRolePermit < CanTango::RolePermit
+  def permit_rules
+    can :edit, Article
+    cannot :edit, User 
+  end
+end
+
+class User
+  include CanTango::Users::Masquerade
+end
+
+class Context
+  include CanTango::Api::UserAccount::Can
+
+  include_and_extend ::CurrentUserAccounts
+end
+
+describe "CanTango::Api::Can::Account" do
+  subject { Context.new }
+
+  describe 'user_account' do
+    # user can edit Article, not Admin
+    specify do
+      subject.user_account_can?(:edit, Article).should be_true
+      subject.user_account_can?(:edit, User).should be_false
+
+      subject.user_account_cannot?(:edit, User).should be_true
+      subject.user_account_cannot?(:edit, Article).should be_false
+    end
+  end
+
+  describe 'admin_account' do
+    specify do
+      subject.admin_account_can?(:edit, Article).should be_true
+      subject.admin_account_can?(:edit, User).should be_false
+
+      subject.admin_account_cannot?(:edit, User).should be_true
+      subject.admin_account_cannot?(:edit, Article).should be_false
+    end
+  end
+
+  describe 'admin masquerades as user' do
+    before do
+      Context.current_admin.masquerade_as Context.current_user
+    end
+
+    # admin masquerading as user can do same as user
+    specify do
+      subject.admin_account_can?(:edit, Article).should be_true
+      subject.admin_account_can?(:edit, User).should be_false
+
+      subject.admin_account_cannot?(:edit, User).should be_true
+      subject.admin_account_cannot?(:edit, Article).should be_false
+    end
+  end
+end
+
+

data/spec/cantango/api/can/user_spec.rb

@@ -0,0 +1,113 @@
+require 'rspec'
+require 'cantango'
+require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/api/current_users'
+# require 'cantango/configuration/engines/store_engine_shared'
+
+class User
+  include CanTango::Users::Masquerade
+  include_and_extend SimpleRoles
+
+  tango_user
+end
+
+class Admin < User
+  tango_user
+end
+
+CanTango.configure do |config|
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
+
+# puts "#{CanTango.config.users.registered_classes} : #{CanTango.config.users.registered}"
+
+class UserRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  def permit_rules
+    can :edit, Article
+    cannot :edit, User
+  end
+end
+
+class AdminRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  def permit_rules
+    can :edit, Article
+    cannot :edit, User
+  end
+end
+
+class Context
+  include CanTango::Api::User::Can
+
+  include_and_extend ::CurrentUsers
+end
+
+describe CanTango::Api::User::Can do
+  subject { Context.new }
+
+  describe 'user_ability' do
+    specify { subject.user_ability(subject.current_user).should be_a CanTango::Ability }
+    specify { subject.user_ability(subject.current_admin).should be_a CanTango::Ability }
+  end
+
+  describe 'current_user_ability :user' do
+    specify { subject.current_user_ability(:user).should be_a CanTango::Ability }
+
+    it 'should set the :user user correctly on ability' do
+      subject.current_user_ability(:user).user.should == subject.current_user
+    end
+  end
+
+  describe 'current_user_ability :admin' do
+    specify { subject.current_user_ability(:admin).should be_a CanTango::Ability }
+
+    it 'should set the :admin user correctly on ability' do
+      subject.current_user_ability(:admin).user.should == subject.current_admin
+    end
+  end
+
+  describe 'user' do
+    specify { subject.current_user.role.should == 'user' }
+
+    # user can edit Article, not Admin
+    specify { subject.user_can?(:edit, Article).should be_true }
+    specify { subject.user_can?(:edit, User).should be_false }
+
+    specify { subject.user_cannot?(:edit, User).should be_true }
+    specify { subject.user_cannot?(:edit, Article).should be_false }
+  end
+
+  describe 'admin' do
+    specify { subject.current_admin.role.should == 'admin' }
+
+    specify { subject.admin_can?(:edit, Article).should be_true }
+    specify { subject.admin_can?(:edit, User).should be_false }
+
+    specify { subject.admin_cannot?(:edit, User).should be_true }
+    specify { subject.admin_cannot?(:edit, Article).should be_false }
+  end
+
+  describe 'admin masquerades as user' do
+    before do
+      Context.new.current_admin.masquerade_as Context.new.current_user
+    end
+
+    # admin masquerading as user can do same as user
+    specify { subject.admin_can?(:edit, Article).should be_true }
+
+    specify { subject.admin_can?(:edit, User).should be_false }
+
+    specify { subject.admin_cannot?(:edit, User).should be_true }
+    specify { subject.admin_cannot?(:edit, Article).should be_false }
+  end
+end
+

data/spec/cantango/api/scope/user_spec.rb

@@ -0,0 +1,73 @@
+require 'rspec'
+require 'cantango'
+require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/api/current_users'
+# require 'cantango/configuration/engines/store_engine_shared'
+
+CanTango.configure do |config|
+  config.users.register :user, User
+  config.users.register :admin, Admin
+
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
+
+# puts "#{CanTango.config.users.registered_classes} : #{CanTango.config.users.registered}"
+
+class User
+  include CanTango::Users::Masquerade
+  include_and_extend ::SimpleRoles
+end
+
+class Context
+  include CanTango::Api::User::Ability
+  include CanTango::Api::User::Scope
+
+  include_and_extend ::CurrentUsers
+end
+
+describe CanTango::Api::User::Scope do
+  subject { Context.new }
+
+  describe 'scope_user' do
+    before do
+      subject.current_admin.masquerade_as subject.current_user
+    end
+
+    specify do
+      subject.scope_user(:admin) do |user|
+        user.should be_a CanTango::Ability::Scope
+        user.ability.user.name.should == 'admin'
+      end
+    end
+
+    specify do
+      admin = subject.scope_user(:user)
+      admin.should be_a CanTango::Ability::Scope
+      admin.ability.user.name.should == 'stan'
+    end
+  end
+
+  describe 'real_user' do
+    before do
+      subject.current_user.masquerade_as subject.current_admin
+   end
+
+    specify do
+      subject.real_user(:user) do |user|
+        user.should be_a CanTango::Ability::Scope
+        user.ability.user.name.should == 'stan'
+      end
+    end
+
+    specify do
+      admin = subject.real_user(:admin)
+      admin.should be_a CanTango::Ability::Scope
+      admin.ability.user.name.should == 'admin'
+    end
+  end
+end
+
+
+

data/spec/cantango/api_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+
+def config_folder
+  File.dirname(__FILE__)+ "/../fixtures/config/"
+end
+
+describe CanTango::Api do
+  subject { CanTango::Api }
+
+  specify { subject.methods.should include(:current_user_ability) }
+end

data/spec/cantango_api_spec.rb

@@ -0,0 +1,8 @@
+require 'rspec'
+require 'cantango/api'
+
+describe 'cantango/api' do
+  specify do 
+    lambda { CanTango::Api }.should_not raise_error
+  end
+end

data/spec/fixtures/models/admin.rb

@@ -0,0 +1,2 @@
+class Admin < User
+end