cantango-permits 0.1.1

data/lib/cantango/permits_ext/builder/permit/special.rb

@@ -0,0 +1,13 @@
+module CanTango
+  module Builder::Permit
+    class Special < Base
+      def build
+        special_permits.map{|name| create_permit(name) }.compact
+      end
+
+      def special_permits
+        [:system, :any]
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/builder/permit/user_type.rb

@@ -0,0 +1,7 @@
+module CanTango
+  module Builder::Permit
+    class UserType < Base
+    end
+  end
+end
+

data/lib/cantango/permits_ext/class_methods.rb

@@ -0,0 +1,28 @@
+module CanTango
+  module ClassMethods
+    def permits_allowed candidate, actions, subjects, *extra_args
+      raise "Debugging has not been turned on. Turn it on using: CanTango.debug!" if CanTango.config.debug.off?
+      config.permits.allowed candidate, actions, subjects, *extra_args
+    end
+
+    def permits_denied candidate, actions, subjects, *extra_args
+      raise "Debugging has not been turned on. Turn it on using: CanTango.debug!" if CanTango.config.debug.off?
+      config.permits.denied candidate, actions, subjects, *extra_args
+    end
+
+    def debug_permits_registry
+      puts "permits registry:" << CanTango.config.permits.show_all.inspect
+    end
+
+    def debug_ability candidate, actions, subjects, *extra_args
+      puts "Ability: #{actions} on #{subjects}"
+      puts "permits allowed:" << permits_allowed(candidate, actions, subjects, *extra_args).inspect
+      puts "permits denied:"  << permits_denied(candidate, actions, subjects, *extra_args).inspect
+    end
+
+    def clear_permits_executed!
+      config.permits.clear_executed!
+    end
+  end
+  extend ClassMethods
+end

data/lib/cantango/permits_ext/config.rb

@@ -0,0 +1,11 @@
+module CanTango
+  class Config
+    sweet_scope :ns => {:CanTango => 'cantango/permits_ext'} do
+      sweetload :Permits
+    end
+    
+    def permits
+      CanTango::Config::Permits.instance
+    end
+  end
+end

data/lib/cantango/permits_ext/config/engines.rb

@@ -0,0 +1,9 @@
+module CanTango
+  class Config
+    class Engines < Registry::Hash
+      sweet_scope :ns => {:CanTango => 'cantango/permits_ext'} do
+        sweetload :PermitEngineConfig
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/engines/permit.rb

@@ -0,0 +1,20 @@
+module CanTango
+  class Config
+    class Engines
+      class PermitEngineConfig < EngineConfig
+        def on?
+          @state ||= :on
+          @state == :on
+        end
+        
+        protected
+        
+        def valid_mode_names
+          [:cache, :no_cache, :both]
+        end
+      end
+    end
+  end
+end
+
+

data/lib/cantango/permits_ext/config/permits.rb

@@ -0,0 +1,43 @@
+module CanTango
+  class Config
+    class Permits
+      include Singleton
+      include CanTango::Helpers::Debug
+      include CanTango::Registry::Permit
+
+      sweet_scope :ns => {:CanTango => 'cantango/permits_ext'} do
+        sweetload :Execution, :Tracking, :Enabling, :Disabling
+        sweetload :Accounts, :Types, :Registration, :Key
+      end
+
+      include Execution
+      include Tracking
+      include Enabling
+      include Disabling
+      include Registration
+
+      attr_writer :available, :default_permits
+
+      def available
+        @available ||= default_permits
+      end
+
+      def default_permits
+        @default_permits ||= {}
+      end
+
+      def accounts
+        Accounts.instance
+      end
+
+      # permit types
+      def types
+        Types.instance
+      end
+
+      def key
+        Key.instance
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/accounts.rb

@@ -0,0 +1,15 @@
+class CanTango::Config
+  class Permits
+    class Accounts
+      include Singleton
+            
+      def registry_for name
+        registries[name] ||= CanTango::Registry::Permit::Base.new
+      end
+      
+      def registries
+        @registries ||= {}
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/disabling.rb

@@ -0,0 +1,22 @@
+class CanTango::Config
+  class Permits
+    module Disabling
+      def disable_for type, *names
+        @disabled ||= {}
+        @disabled[type.to_sym] = names.to_symbols
+      end
+
+      def disabled
+        @disabled ||= {}
+      end
+
+      def disabled? type, *names
+        (names.flatten - disabled_for(type)).empty?
+      end
+
+      def disabled_for type
+        disabled[type.to_sym] || []
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/enabling.rb

@@ -0,0 +1,14 @@
+class CanTango::Config
+  class Permits
+    module Enabling
+      def enable_all_for type
+        @disabled ||= {}
+        @disabled[type.to_sym] = nil
+      end
+
+      def enable_all!
+        @disabled = {}
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/execution.rb

@@ -0,0 +1,21 @@
+class CanTango::Config
+  class Permits
+    module Execution
+      def was_executed permit, ability
+        executed_for(ability) << permit
+      end
+      
+      def executed_for ability
+        executed[hash_key_for(ability)] ||= []
+      end
+      
+      def executed
+        @executed ||= {}
+      end
+
+      def clear_executed!
+        @executed = nil
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/key.rb

@@ -0,0 +1,19 @@
+class CanTango::Config
+  class Permits
+    class Key
+      include Singleton
+
+      def hash_for ability
+        create_for(ability).value
+      end
+
+      def create_for ability
+        ability.respond_to?(:subject) ? maker.create_for(ability) : maker.new(ability)
+      end
+
+      def maker
+        CanTango::Ability::Cache::SimpleKey
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/registration.rb

@@ -0,0 +1,33 @@
+class CanTango::Config
+  class Permits
+    module Registration
+      include CanTango::Permit::Helper::Naming
+      
+      def register_permit clazz, options = {}
+        register clazz, options
+      end
+
+      def register_permit_type clazz, options = {}
+        types.register permit_name(clazz), clazz
+      end
+      
+      def register permit_clazz, options = {}
+        permit_name = options[:name]    || permit_name(permit_clazz)
+        permit_type = options[:type]    || permit_type(permit_clazz)
+        acc_name    = options[:account] || (permit_clazz.account_name if permit_clazz.respond_to?(:account_name))
+
+        registry = acc_name ? accounts.registry_for(acc_name) : self
+        
+        unless registry
+          raise acc_name ? "Missing Permit account Registry for #{acc_name}" : "Missing Permit Registry for #{self}"
+        end 
+                
+        acc_debug = acc_name ? "(#{acc_name})" : ''
+        debug "Registering #{permit_type} permit: #{permit_name} of class #{permit_clazz} #{acc_debug}"
+
+        permit_registry = registry.registry_for(permit_type)
+        permit_registry.register permit_name => permit_clazz        
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/tracking.rb

@@ -0,0 +1,19 @@
+class CanTango::Config
+  class Permits
+    module Tracking
+      def allowed candidate, actions, subjects, *extra_args
+        executed_for(candidate).inject([]) do |result, permit|
+          result << permit.class if permit.can? actions, subjects, *extra_args
+          result
+        end
+      end
+
+      def denied candidate, actions, subjects, *extra_args
+        executed_for(candidate).inject([]) do |result, permit|
+          result << permit.class if permit.cannot? actions, subjects, *extra_args
+          result
+        end
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/config/permits/types.rb

@@ -0,0 +1,25 @@
+class CanTango::Config
+  class Permits
+    class Types < CanTango::Registry::Base
+      include Singleton
+
+      attr_writer :enabled
+
+      def available
+        registered
+      end
+
+      def enabled
+        @enabled || available
+      end
+
+      def disable *types
+        @enabled = available - registered.flatten
+      end
+
+      def enable_all!
+        @enabled = available
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/engine.rb

@@ -0,0 +1,7 @@
+module CanTango
+  class Engine
+    sweet_scope :ns => {:CanTango => 'cantango/permits_ext'} do
+      sweetload :Permits
+    end
+  end
+end

data/lib/cantango/permits_ext/engine/permits.rb

@@ -0,0 +1,75 @@
+module CanTango
+  class Engine
+    class Permits < CanTango::Ability::Executor::Base
+      include CanTango::Ability::Helper::User
+
+      def initialize ability
+        super
+      end
+
+      def calc_rules
+        # push result of each permit type execution into main ability rules array
+        permits.each_pair do |type, permits|
+          perm_rules = executor(type, permits).execute!
+          rules << perm_rules if !perm_rules.blank?
+        end
+      end
+
+      def executor type, permits
+        CanTango::Ability::Executor::PermitType.new self, type, permits_of(type)
+      end
+
+      def engine_name
+        :permit
+      end
+
+      def valid?
+        return false if !valid_mode?
+        permits.empty? ? invalid : true
+      end
+
+      # by default, only execute permits for which the user
+      # has a role or a role group
+      # also execute any permit marked as special
+      def permits_of type
+        @permits ||= permit_factory(type).create
+      end
+
+      def permit_class_names
+        @permit_class_names ||= permits.map{|p| p.class.to_s}
+      end
+
+      protected
+
+      alias_method :cache_key, :engine_name
+
+      def start_execute
+        debug "Permit Engine executing..."
+      end
+
+      def end_execute
+        debug "Done executing Permit Engine"
+      end
+
+      def invalid
+        debug "No permits found!"
+        false
+      end
+
+      def permit_factory type
+        @permit_factory ||= CanTango::Factory::Permit.new self, type
+      end
+
+      def key_method_names
+        permits.keys.map do |permit|
+          permit_class = available_permits_for permit
+          permit_class.hash_key if permit_class && permit_class.respond_to?(:hash_key)
+        end.compact
+      end
+    
+      def available_permits_for type
+        CanTango.config.permits.types.available
+      end
+    end
+  end
+end

data/lib/cantango/permits_ext/factory.rb

@@ -0,0 +1,7 @@
+module CanTango
+  module Factory
+    sweet_scope :ns => {:CanTango => 'cantango/permits_ext'} do    
+      sweetload :Permits
+    end
+  end
+end

data/lib/cantango/permits_ext/factory/permits.rb

@@ -0,0 +1,40 @@
+module CanTango
+  module Factory
+    class Permits
+      include CanTango::Helpers::Debug
+
+      attr_accessor :ability
+      attr_reader :type
+
+      # creates the factory for the ability
+      # note that the ability contains the roles and role groups of the user (or account)
+      # @param [Permits::Ability] the ability
+      def initialize ability, type
+        @ability, @type = [ability, type]
+      end
+
+      def create
+        permits.build
+      end
+
+      def permits
+        permits_builder.new ability
+      end
+      
+      def permits_builder
+        permits_builder_class.constantize
+      end
+
+      def permits_builder_class
+        return "CanTango::Builder::Permit::Special" if type == :special
+        "CanTango::Builder::Permit::#{type.to_s.camelize}"
+      end
+
+      protected
+
+      def enabled_permit_types
+        CanTango.config.permits.types.enabled
+      end
+    end
+  end
+end