cantango-permits 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (166) hide show
  1. data/.rspec +1 -0
  2. data/Gemfile +39 -0
  3. data/Gemfile.lock +155 -0
  4. data/MIT-LICENSE +20 -0
  5. data/README.mdown +362 -0
  6. data/Rakefile +45 -0
  7. data/VERSION +1 -0
  8. data/lib/cantango/executor.rb +5 -0
  9. data/lib/cantango/executor/base.rb +9 -0
  10. data/lib/cantango/executor/permit.rb +7 -0
  11. data/lib/cantango/executor/permit/abstract.rb +27 -0
  12. data/lib/cantango/executor/permit/base.rb +19 -0
  13. data/lib/cantango/executor/permit/special.rb +9 -0
  14. data/lib/cantango/executor/permit_type.rb +50 -0
  15. data/lib/cantango/license.rb +19 -0
  16. data/lib/cantango/license/rules.rb +17 -0
  17. data/lib/cantango/permit.mdown +4 -0
  18. data/lib/cantango/permit.rb +5 -0
  19. data/lib/cantango/permit/account_type.rb +44 -0
  20. data/lib/cantango/permit/attribute.rb +71 -0
  21. data/lib/cantango/permit/base.rb +94 -0
  22. data/lib/cantango/permit/class_methods.rb +49 -0
  23. data/lib/cantango/permit/helper.rb +11 -0
  24. data/lib/cantango/permit/helper/execution.rb +38 -0
  25. data/lib/cantango/permit/helper/host.rb +13 -0
  26. data/lib/cantango/permit/helper/license.rb +34 -0
  27. data/lib/cantango/permit/helper/naming.rb +38 -0
  28. data/lib/cantango/permit/helper/state.rb +21 -0
  29. data/lib/cantango/permit/special.rb +17 -0
  30. data/lib/cantango/permit/user.rb +36 -0
  31. data/lib/cantango/permit/user_type.rb +34 -0
  32. data/lib/cantango/permits.rb +20 -0
  33. data/lib/cantango/permits_ext.rb +7 -0
  34. data/lib/cantango/permits_ext/ability.rb +7 -0
  35. data/lib/cantango/permits_ext/ability/helper.rb +9 -0
  36. data/lib/cantango/permits_ext/ability/helper/permits.rb +8 -0
  37. data/lib/cantango/permits_ext/builder.rb +7 -0
  38. data/lib/cantango/permits_ext/builder/permit.rb +9 -0
  39. data/lib/cantango/permits_ext/builder/permit/account_type.rb +13 -0
  40. data/lib/cantango/permits_ext/builder/permit/base.rb +94 -0
  41. data/lib/cantango/permits_ext/builder/permit/special.rb +13 -0
  42. data/lib/cantango/permits_ext/builder/permit/user_type.rb +7 -0
  43. data/lib/cantango/permits_ext/class_methods.rb +28 -0
  44. data/lib/cantango/permits_ext/config.rb +11 -0
  45. data/lib/cantango/permits_ext/config/engines.rb +9 -0
  46. data/lib/cantango/permits_ext/config/engines/permit.rb +20 -0
  47. data/lib/cantango/permits_ext/config/permits.rb +43 -0
  48. data/lib/cantango/permits_ext/config/permits/accounts.rb +15 -0
  49. data/lib/cantango/permits_ext/config/permits/disabling.rb +22 -0
  50. data/lib/cantango/permits_ext/config/permits/enabling.rb +14 -0
  51. data/lib/cantango/permits_ext/config/permits/execution.rb +21 -0
  52. data/lib/cantango/permits_ext/config/permits/key.rb +19 -0
  53. data/lib/cantango/permits_ext/config/permits/registration.rb +33 -0
  54. data/lib/cantango/permits_ext/config/permits/tracking.rb +19 -0
  55. data/lib/cantango/permits_ext/config/permits/types.rb +25 -0
  56. data/lib/cantango/permits_ext/engine.rb +7 -0
  57. data/lib/cantango/permits_ext/engine/permits.rb +75 -0
  58. data/lib/cantango/permits_ext/factory.rb +7 -0
  59. data/lib/cantango/permits_ext/factory/permits.rb +40 -0
  60. data/lib/cantango/permits_ext/finder.rb +7 -0
  61. data/lib/cantango/permits_ext/finder/base.rb +35 -0
  62. data/lib/cantango/permits_ext/finder/permit.rb +7 -0
  63. data/lib/cantango/permits_ext/finder/permit/account.rb +47 -0
  64. data/lib/cantango/permits_ext/finder/permit/base.rb +53 -0
  65. data/lib/cantango/permits_ext/loader.rb +7 -0
  66. data/lib/cantango/permits_ext/loader/categories.rb +50 -0
  67. data/lib/cantango/permits_ext/loader/license.rb +19 -0
  68. data/lib/cantango/permits_ext/macros.rb +7 -0
  69. data/lib/cantango/permits_ext/macros/permit.rb +32 -0
  70. data/lib/cantango/permits_ext/parser.rb +7 -0
  71. data/lib/cantango/permits_ext/parser/categories.rb +15 -0
  72. data/lib/cantango/permits_ext/registry.rb +7 -0
  73. data/lib/cantango/permits_ext/registry/permit.rb +45 -0
  74. data/lib/generators/cantango/account_permit/account_permit_generator.rb +37 -0
  75. data/lib/generators/cantango/account_permit/templates/account_permit.erb +23 -0
  76. data/lib/generators/cantango/base.rb +71 -0
  77. data/lib/generators/cantango/basic.rb +41 -0
  78. data/lib/generators/cantango/license/license_generator.rb +29 -0
  79. data/lib/generators/cantango/license/templates/license.erb +10 -0
  80. data/lib/generators/cantango/license_base.rb +15 -0
  81. data/lib/generators/cantango/licenses/licenses_generator.rb +26 -0
  82. data/lib/generators/cantango/permit_generator.rb +58 -0
  83. data/lib/generators/cantango/role_permit/role_permit_generator.rb +39 -0
  84. data/lib/generators/cantango/role_permit/templates/account_permit.erb +4 -0
  85. data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +24 -0
  86. data/lib/generators/cantango/role_permit/templates/role_permit.erb +23 -0
  87. data/lib/generators/cantango/role_permits/role_permits_generator.rb +45 -0
  88. data/lib/generators/cantango/user_permit/templates/account_permit.erb +5 -0
  89. data/lib/generators/cantango/user_permit/templates/user_permit.erb +23 -0
  90. data/lib/generators/cantango/user_permit/user_permit_generator.rb +36 -0
  91. data/lib/tasks/permits_tasks.rake +4 -0
  92. data/spec/cantango/ability/helper/permits_spec.rb +14 -0
  93. data/spec/cantango/builder/permit/account_type_spec.rb +25 -0
  94. data/spec/cantango/builder/permit/base_spec.rb +30 -0
  95. data/spec/cantango/builder/permit/special_spec.rb +25 -0
  96. data/spec/cantango/builder/permit/user_type_spec.rb +27 -0
  97. data/spec/cantango/config/engines/permit_spec.rb +14 -0
  98. data/spec/cantango/config/engines_spec.rb +142 -0
  99. data/spec/cantango/config/permit_registry_ex.rb +9 -0
  100. data/spec/cantango/config/permit_registry_spec.rb +8 -0
  101. data/spec/cantango/config/permits/accounts_spec.rb +23 -0
  102. data/spec/cantango/config/permits/disabling_spec.rb +38 -0
  103. data/spec/cantango/config/permits/enabling_spec.rb +19 -0
  104. data/spec/cantango/config/permits/execution_spec.rb +27 -0
  105. data/spec/cantango/config/permits/registration_spec.rb +15 -0
  106. data/spec/cantango/config/permits/tracking_spec.rb +19 -0
  107. data/spec/cantango/config/permits/types_spec.rb +27 -0
  108. data/spec/cantango/config/permits_spec.rb +76 -0
  109. data/spec/cantango/engine/permit_cached_spec.rb +52 -0
  110. data/spec/cantango/engine/permit_spec.rb +58 -0
  111. data/spec/cantango/engine/permit_static_dynamic_spec.rb +65 -0
  112. data/spec/cantango/executor/custom_permit_spec.rb +65 -0
  113. data/spec/cantango/executor/more_permit_spec.rb +45 -0
  114. data/spec/cantango/executor/permit_base_spec.rb +46 -0
  115. data/spec/cantango/executor/permit_spec.rb +53 -0
  116. data/spec/cantango/executor/special_permit_spec.rb +36 -0
  117. data/spec/cantango/factory/permits_spec.rb +70 -0
  118. data/spec/cantango/finder/account_permit_spec.rb +30 -0
  119. data/spec/cantango/finder/permit_spec.rb +23 -0
  120. data/spec/cantango/license/save_license_spec.rb +24 -0
  121. data/spec/cantango/license_spec.rb +0 -0
  122. data/spec/cantango/loader/categories_spec.rb +47 -0
  123. data/spec/cantango/loader/license_spec.rb +7 -0
  124. data/spec/cantango/macros/permit_spec.rb +38 -0
  125. data/spec/cantango/parser/categories_spec.rb +19 -0
  126. data/spec/cantango/permit/account_type_spec.rb +34 -0
  127. data/spec/cantango/permit/attribute_permit_spec.rb +65 -0
  128. data/spec/cantango/permit/base_spec.rb +106 -0
  129. data/spec/cantango/permit/class_methods_spec.rb +34 -0
  130. data/spec/cantango/permit/helper/execution_spec.rb +54 -0
  131. data/spec/cantango/permit/helper/host_spec.rb +29 -0
  132. data/spec/cantango/permit/helper/license_spec.rb +37 -0
  133. data/spec/cantango/permit/helper/naming_spec.rb +56 -0
  134. data/spec/cantango/permit/helper/state_spec.rb +24 -0
  135. data/spec/cantango/permit/special_default_spec.rb +2 -0
  136. data/spec/cantango/permit/special_first_spec.rb +2 -0
  137. data/spec/cantango/permit/user_type_spec.rb +78 -0
  138. data/spec/cantango/registry/permit_spec.rb +67 -0
  139. data/spec/fixtures/config/cantango_permissions.yml +49 -0
  140. data/spec/fixtures/config/categories.yml +6 -0
  141. data/spec/fixtures/config/evaluator_fixtures.yml +18 -0
  142. data/spec/fixtures/config/licenses.yml +4 -0
  143. data/spec/fixtures/config/permissions.yml +60 -0
  144. data/spec/fixtures/config/role_group.yml +4 -0
  145. data/spec/fixtures/config/roles.yml +4 -0
  146. data/spec/fixtures/config/test_permissions.yml +55 -0
  147. data/spec/fixtures/config/user_permissions.yml +8 -0
  148. data/spec/fixtures/models.rb +15 -0
  149. data/spec/fixtures/models/admin.rb +2 -0
  150. data/spec/fixtures/models/admin_account.rb +22 -0
  151. data/spec/fixtures/models/items.rb +11 -0
  152. data/spec/fixtures/models/permission.rb +12 -0
  153. data/spec/fixtures/models/simple_roles.rb +49 -0
  154. data/spec/fixtures/models/user.rb +52 -0
  155. data/spec/fixtures/models/user_account.rb +21 -0
  156. data/spec/fixtures/tango_fixtures.rb +29 -0
  157. data/spec/generators/cantango/account_role_permit_generator_spec.rb +35 -0
  158. data/spec/generators/cantango/account_role_permits_generator_spec.rb +59 -0
  159. data/spec/generators/cantango/license_generator_spec.rb +33 -0
  160. data/spec/generators/cantango/licenses_generator_spec.rb +58 -0
  161. data/spec/generators/cantango/role_permit_generator_spec.rb +35 -0
  162. data/spec/generators/cantango/role_permits_generator_spec.rb +58 -0
  163. data/spec/helpers/current_user_accounts.rb +20 -0
  164. data/spec/helpers/current_users.rb +10 -0
  165. data/spec/spec_helper.rb +24 -0
  166. metadata +325 -0
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --color --format nested
data/Gemfile ADDED
@@ -0,0 +1,39 @@
1
+ source :rubygems
2
+
3
+ group :default do
4
+ gem 'rails', '>= 3.1'
5
+ gem 'sugar-high', '>= 0.6.1'
6
+ gem 'sweetloader', '>= 0.1.6'
7
+ gem 'hashie', '>= 1.2.0'
8
+
9
+ gem 'cantango-config', '~> 0.2.0'
10
+ gem 'cantango-api', '>= 0.1.3'
11
+ end
12
+
13
+ group :development do
14
+ gem "bundler", ">= 1.1.rc"
15
+ gem "jeweler", ">= 1.6.4"
16
+ gem "rcov", ">= 0"
17
+ end
18
+
19
+ group :test do
20
+ gem 'require_all', '~> 1.2.0'
21
+
22
+ # gem 'cantango-roles' #, :path => '/Users/kmandrup/pr/stanislaw/cantango-roles'
23
+
24
+ gem 'forgery'
25
+ gem 'sqlite3'
26
+ # Data
27
+ gem 'database_cleaner'
28
+ gem 'factory_girl'
29
+
30
+ # Specs
31
+ gem 'spork'
32
+
33
+ # Debug and performance tests
34
+ gem 'cutter'
35
+ end
36
+
37
+ group :test, :development do
38
+ gem "rspec", ">= 2.6.0"
39
+ end
@@ -0,0 +1,155 @@
1
+ GEM
2
+ remote: http://rubygems.org/
3
+ specs:
4
+ actionmailer (3.1.3)
5
+ actionpack (= 3.1.3)
6
+ mail (~> 2.3.0)
7
+ actionpack (3.1.3)
8
+ activemodel (= 3.1.3)
9
+ activesupport (= 3.1.3)
10
+ builder (~> 3.0.0)
11
+ erubis (~> 2.7.0)
12
+ i18n (~> 0.6)
13
+ rack (~> 1.3.5)
14
+ rack-cache (~> 1.1)
15
+ rack-mount (~> 0.8.2)
16
+ rack-test (~> 0.6.1)
17
+ sprockets (~> 2.0.3)
18
+ activemodel (3.1.3)
19
+ activesupport (= 3.1.3)
20
+ builder (~> 3.0.0)
21
+ i18n (~> 0.6)
22
+ activerecord (3.1.3)
23
+ activemodel (= 3.1.3)
24
+ activesupport (= 3.1.3)
25
+ arel (~> 2.2.1)
26
+ tzinfo (~> 0.3.29)
27
+ activeresource (3.1.3)
28
+ activemodel (= 3.1.3)
29
+ activesupport (= 3.1.3)
30
+ activesupport (3.1.3)
31
+ multi_json (~> 1.0)
32
+ arel (2.2.1)
33
+ builder (3.0.0)
34
+ cancan (1.6.7)
35
+ cantango-api (0.1.3)
36
+ cantango-config (>= 0.1.9.2)
37
+ cantango-core (>= 0.1.9.3)
38
+ hashie (~> 1.2)
39
+ rails (>= 3.1)
40
+ sugar-high (~> 0.6.2)
41
+ sweetloader (~> 0.1.6)
42
+ cantango-config (0.2.1)
43
+ cantango-core (~> 0.1.9)
44
+ hashie (~> 1.2)
45
+ rails (>= 3.1)
46
+ sugar-high (>= 0.6.1)
47
+ sweetloader (~> 0.1.6)
48
+ cantango-core (0.1.9.3)
49
+ cancan (>= 1.4)
50
+ hashie (~> 1.2)
51
+ rails (>= 3.0.1)
52
+ sugar-high (>= 0.6.0)
53
+ sweetloader (~> 0.1.5)
54
+ colorize (0.5.8)
55
+ cutter (0.8.2)
56
+ activesupport (>= 2.3.5)
57
+ colorize (>= 0.5)
58
+ database_cleaner (0.7.0)
59
+ diff-lcs (1.1.3)
60
+ erubis (2.7.0)
61
+ factory_girl (2.3.2)
62
+ activesupport
63
+ forgery (0.5.0)
64
+ git (1.2.5)
65
+ hashie (1.2.0)
66
+ hike (1.2.1)
67
+ i18n (0.6.0)
68
+ jeweler (1.6.4)
69
+ bundler (~> 1.0)
70
+ git (>= 1.2.5)
71
+ rake
72
+ json (1.6.3)
73
+ mail (2.3.0)
74
+ i18n (>= 0.4.0)
75
+ mime-types (~> 1.16)
76
+ treetop (~> 1.4.8)
77
+ mime-types (1.17.2)
78
+ multi_json (1.0.4)
79
+ polyglot (0.3.3)
80
+ rack (1.3.5)
81
+ rack-cache (1.1)
82
+ rack (>= 0.4)
83
+ rack-mount (0.8.3)
84
+ rack (>= 1.0.0)
85
+ rack-ssl (1.3.2)
86
+ rack
87
+ rack-test (0.6.1)
88
+ rack (>= 1.0)
89
+ rails (3.1.3)
90
+ actionmailer (= 3.1.3)
91
+ actionpack (= 3.1.3)
92
+ activerecord (= 3.1.3)
93
+ activeresource (= 3.1.3)
94
+ activesupport (= 3.1.3)
95
+ bundler (~> 1.0)
96
+ railties (= 3.1.3)
97
+ railties (3.1.3)
98
+ actionpack (= 3.1.3)
99
+ activesupport (= 3.1.3)
100
+ rack-ssl (~> 1.3.2)
101
+ rake (>= 0.8.7)
102
+ rdoc (~> 3.4)
103
+ thor (~> 0.14.6)
104
+ rake (0.9.2.2)
105
+ rcov (0.9.11)
106
+ rdoc (3.12)
107
+ json (~> 1.4)
108
+ require_all (1.2.0)
109
+ rspec (2.7.0)
110
+ rspec-core (~> 2.7.0)
111
+ rspec-expectations (~> 2.7.0)
112
+ rspec-mocks (~> 2.7.0)
113
+ rspec-core (2.7.1)
114
+ rspec-expectations (2.7.0)
115
+ diff-lcs (~> 1.1.2)
116
+ rspec-mocks (2.7.0)
117
+ spork (0.8.5)
118
+ sprockets (2.0.3)
119
+ hike (~> 1.2)
120
+ rack (~> 1.0)
121
+ tilt (~> 1.1, != 1.3.0)
122
+ sqlite3 (1.3.5)
123
+ sugar-high (0.6.2.1)
124
+ activesupport (>= 3.0.1)
125
+ sweetloader (0.1.6)
126
+ activesupport (>= 3.0.1)
127
+ i18n
128
+ thor (0.14.6)
129
+ tilt (1.3.3)
130
+ treetop (1.4.10)
131
+ polyglot
132
+ polyglot (>= 0.3.1)
133
+ tzinfo (0.3.31)
134
+
135
+ PLATFORMS
136
+ ruby
137
+
138
+ DEPENDENCIES
139
+ bundler (>= 1.1.rc)
140
+ cantango-api (>= 0.1.3)
141
+ cantango-config (~> 0.2.0)
142
+ cutter
143
+ database_cleaner
144
+ factory_girl
145
+ forgery
146
+ hashie (>= 1.2.0)
147
+ jeweler (>= 1.6.4)
148
+ rails (>= 3.1)
149
+ rcov
150
+ require_all (~> 1.2.0)
151
+ rspec (>= 2.6.0)
152
+ spork
153
+ sqlite3
154
+ sugar-high (>= 0.6.1)
155
+ sweetloader (>= 0.1.6)
@@ -0,0 +1,20 @@
1
+ Copyright 2011 YOURNAME
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,362 @@
1
+ # CanTango Permits
2
+
3
+ The Permit system for [CanTango](https://github.com/kristianmandrup/cantango).
4
+
5
+ Permits are a way to partition Ability rules into logical units.
6
+
7
+ *CanTango Permits* includes:
8
+
9
+ * a basic set of useful permits
10
+ * a permit engine to execute the permits
11
+
12
+ The Permits systems comes with a few useful Permit types out-of-the-box, but you are free to develop your own to suit your needs.
13
+
14
+ ## Built-in permit types
15
+
16
+ The set of buit-in Permit types include:
17
+
18
+ * User
19
+ * UserType
20
+ * AccountType
21
+ * Special
22
+
23
+ The [CanTango roles](http://github.com/kristianmandrup/cantango-roles) system adds Permit types for the following:
24
+
25
+ * Role
26
+ * RoleGroup
27
+
28
+ ## Custom permit types
29
+
30
+ You can easily customize or create your own types of Permits to suit your needs!
31
+ The Permit system will introspect the ability candidate and see which Permits apply and then build and execute these permits automatically, merging all the resulting rule sets into one.
32
+ The simplest way to create a custom permit types is to subclass the Attribute permit as shown below.
33
+ To create more complex permit types that go beyond mapping to an attribute, please look at the code of any of the built-in permits (such as Attribute Permit) to gain an insight for how to do this.
34
+
35
+ Example of a custom permit type:
36
+
37
+ ```ruby
38
+ class MembershipPermit < CanTango::Permit::Attribute
39
+ class Builder < CanTango::Permit::Attribute::Builder
40
+ attribute :membership
41
+ end
42
+
43
+ def self.inherited(base_clazz)
44
+ register base_clazz, :name => attribute_name(base_clazz)
45
+ end
46
+
47
+ # optional override of inference of attribute via class name
48
+ attribute :membership
49
+ end
50
+ ```
51
+
52
+ ## Permit system
53
+
54
+ The permit system iterates over all the registered types of permits and executes all registered permits of each type. The result is a set of Ability rules that work with the [CanCan](http://github.com/ryanb/cancan) Ability mechanism.
55
+
56
+ ## Defining Permits and Licenses in your app
57
+
58
+ The `app/permits` folder will be added to Rails autoloading.
59
+ The directory layout should be the following:
60
+
61
+ ```text
62
+ - /app
63
+ - /permits
64
+ - /permit
65
+ - /role
66
+ - editor.rb
67
+ - /role_group
68
+ - editors.rb
69
+ - /user_type
70
+ - admin.rb
71
+ -/admin (account)
72
+ - /role
73
+ - editor.rb
74
+ ```
75
+
76
+ Default _:editor_ Role permit (scope less):
77
+
78
+ ```ruby
79
+ module Permit::Role
80
+ class Editor < CanTango::Permit::Role
81
+ def calc_rules
82
+ can :edit, Post
83
+ end
84
+
85
+ module Cache
86
+ def calc_rules
87
+ can :edit, Post
88
+ end
89
+ end
90
+ end
91
+ end
92
+ ```
93
+
94
+ The _:editor_ Role permit applicable for the Admin scope. Typically the scope is linked to the account (but doesn't have to be).
95
+
96
+ ```ruby
97
+ module Permit::Admin::Role
98
+ class Editor < CanTango::Permit::Role
99
+ def calc_rules
100
+ can :edit, Post if session[:edit_mode]
101
+ end
102
+
103
+ modes :no_cache
104
+ end
105
+ end
106
+ ```
107
+
108
+ Here the `#modes` macro is used to indicate that this Permit should only be executed for the `:no_cache` mode.
109
+
110
+ Another option is fx to wrap the Permit class inside the Account class namespace like this:
111
+
112
+ ```text
113
+ - /app
114
+ - /models
115
+ - /admin_account
116
+ - editor_role_permit.rb
117
+ - admin_account.rb
118
+ ```
119
+
120
+ ```ruby
121
+ class AdminAccount < ActiveRecord::Base
122
+ class EditorRolePermit < CanTango::Permit::Role
123
+ tango_permit :name => :editor, :type => :role, :ns => :admin
124
+
125
+ def calc_rules
126
+ can :edit, Post if session[:edit_mode]
127
+ end
128
+
129
+ modes :no_cache
130
+ end
131
+ end
132
+ ```
133
+
134
+ By default this is not supported out-of-the-box, hence you have to use the `#tango_permit` macro to tell CanTango exactly how to understand this custom class namespace layout.
135
+
136
+ Note: This is NOT a recommended approach.
137
+
138
+ ### Licenses
139
+
140
+ Licenses have their own namespace folder `license` inside the `app/permits` folder. The default (scope less) licenses are placed directly in the `license` folder.
141
+
142
+ ```text
143
+ - /app
144
+ - /permits
145
+ - /license
146
+ - blogging.rb
147
+ - /admin
148
+ - blogging.rb
149
+ ```
150
+
151
+ Default _:blogging_ License (scope less):
152
+
153
+ ```ruby
154
+ module License
155
+ class Blogging < CanTango::License
156
+ module Cache
157
+ def calc_rules
158
+ can [:create, :edit], Post
159
+ end
160
+ end
161
+
162
+ module NoCache
163
+ def calc_rules
164
+ can :publish, Post if session[:publishing] == :on
165
+ end
166
+ end
167
+ end
168
+ end
169
+ ```
170
+
171
+ The _:editor_ License applicable for the Admin scope. Typically the scope is linked to the account (but doesn't have to be).
172
+
173
+ ```ruby
174
+ module License::Admin
175
+ class Blogging < CanTango::License
176
+ def calc_rules
177
+ can :edit, Post
178
+ end
179
+
180
+ modes :all
181
+ end
182
+ end
183
+ ```
184
+
185
+
186
+ ## Install 'cantango-permits' gem
187
+
188
+ `gem install cantango-permits`
189
+
190
+ Or insert into Gemfile
191
+
192
+ `gem 'cantango-permits'`
193
+
194
+ Run bundler in a terminal/console from the folder of your Gemfile (root folder of app)
195
+
196
+ `$ bundle`
197
+
198
+ ## Usage
199
+
200
+ ```ruby
201
+ require 'cantango/permits'
202
+ require 'cantango/permit_engine'
203
+ ```
204
+
205
+ ## Configuration
206
+
207
+ Turn on/off: Enable and disable types of permits and specific permits
208
+
209
+ ```ruby
210
+ CanTango.config.permits do |permits|
211
+ # which types of permits to enable
212
+ permits.types.enable :user_type, :account_type
213
+
214
+ permits.enable_all_for :account_type
215
+ permits.types.disable :user_type, :account_type
216
+ permits.disable_for :user_type, :admin, :editor
217
+ end
218
+ ```
219
+
220
+ Registration: Which permits have been registered (and for which types)
221
+
222
+ ```ruby
223
+ CanTango.config.permits do |permits|
224
+ permits.registry_for :account_type # Registry for :account_type permits
225
+ permits.registered_for :account_type # names of AccountType permits
226
+ permits.all
227
+ permits.show_all
228
+ end
229
+ ```
230
+
231
+ Debug: Which permits allowed/denied specific actions for specific candidates to be taken
232
+
233
+ ```ruby
234
+ CanTango.config.permits do |permits|
235
+ permits.allowed candidate, actions, subjects, *extra_args
236
+ permits.denied candidate, actions, subjects, *extra_args
237
+ end
238
+ ```
239
+
240
+ ### Permits Engine
241
+
242
+ The Permits engine can be configured as any other CanTango Engine:
243
+ Use the `on!` and `off!` methods to enable to disable use of the engine.
244
+ Use the `mode=` to set the execution mode.
245
+
246
+ ```ruby
247
+ CanTango.config.engine(:permits) do |engine|
248
+ # toggle engine on/off
249
+ engine.on!
250
+ engine.on?
251
+ engine.off!
252
+ engine.modes.valid # => [:cache, :no_cache, :both]
253
+
254
+ # set execution modes
255
+ engine.modes.register :cache, :no_cache
256
+ engine.modes.registered # => [:cache, :no_cache]
257
+ end
258
+ ```
259
+
260
+ ## Permits finder
261
+
262
+ Will look up a particular registered Permit in the Permit registry (see Configuration).
263
+ Permits are registered automatically by an inheritance hook. If you want to override this, you need
264
+ to register your class directly (manually) with the the permits registry.
265
+
266
+ ```ruby
267
+ module CanTango::Finder::Permit
268
+ class Base
269
+ def initialize name, type
270
+ @name, @type = [name, type]
271
+ end
272
+ end
273
+ end
274
+ ```
275
+
276
+ ## Permits Factory
277
+
278
+ Builds and returns a list of all enabled permits of a specific type
279
+
280
+ ```ruby
281
+ module CanTango::Factory
282
+ class Permits
283
+ def initialize ability
284
+ @ability = ability
285
+ end
286
+
287
+ # @return Array<Permit>
288
+ def create
289
+ permits.build
290
+ end
291
+ end
292
+ end
293
+ ```
294
+
295
+ ## Categories
296
+
297
+ Categories are loaded from a Yaml file (by default `categories.yaml`). The loader `CanTango::Loader::Categories` is based on the `CanTango::Loader::Yaml` from _cantango-core_.
298
+ The parser `CanTango::Parser::Categories` parses the yaml into a hash referencing constants (models).
299
+
300
+ ## Macros
301
+
302
+ The macro `#tango_permit` can be used to attempt to register a Permit class with the Permits registry based on naming conventions and options passed in.
303
+
304
+ ```ruby
305
+ class MySuperPermit < CanTango::Permit::Base
306
+ tango_permit :name => :super, :type => :user_type, :account => :admin
307
+
308
+ # the internals
309
+ end
310
+ ```
311
+
312
+ ## Engine
313
+
314
+ ```ruby
315
+ module CanTango::Engine
316
+ class Permits
317
+ def initialize ability
318
+ super
319
+ end
320
+
321
+ def calc_rules
322
+ # push result of each permit type execution into main ability rules array
323
+ permits.each_pair do |type, permits|
324
+ perm_rules = executor(type, permits).execute!
325
+ rules << perm_rules if !perm_rules.blank?
326
+ end
327
+ end
328
+
329
+ def executor type, permits
330
+ CanTango::Ability::Executor::PermitType.new self, type, permits(type)
331
+ end
332
+
333
+ def permits type
334
+ @permits ||= permits_factory(type).build!
335
+ end
336
+
337
+ def permits_factory type
338
+ @permits_factory ||= CanTango::Factory::Permits.new self, type
339
+ end
340
+ end
341
+ end
342
+ ```
343
+
344
+ ## Design goals
345
+
346
+ This CanTango extension should have the least amount of dependencies on other extensions.
347
+
348
+ ## Contributing to Cantango Permits
349
+
350
+ * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
351
+ * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
352
+ * Fork the project
353
+ * Start a feature/bugfix branch
354
+ * Commit and push until you are happy with your contribution
355
+ * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
356
+ * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
357
+
358
+ ## Copyright
359
+
360
+ Copyright (c) 2011 Kristian Mandrup. See LICENSE.txt for
361
+ further details.
362
+