cantango-roles 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.document +5 -0
- data/.rspec +1 -0
- data/Gemfile +36 -0
- data/Gemfile.lock +147 -0
- data/LICENSE.txt +20 -0
- data/README.mdown +83 -0
- data/Rakefile +53 -0
- data/VERSION +1 -0
- data/lib/cantango/roles.rb +11 -0
- data/lib/cantango/roles_ext.rb +9 -0
- data/lib/cantango/roles_ext/ability.rb +7 -0
- data/lib/cantango/roles_ext/ability/helper.rb +7 -0
- data/lib/cantango/roles_ext/ability/helper/role.rb +17 -0
- data/lib/cantango/roles_ext/ability/helper/role_group.rb +17 -0
- data/lib/cantango/roles_ext/builder.rb +7 -0
- data/lib/cantango/roles_ext/builder/permit.rb +7 -0
- data/lib/cantango/roles_ext/builder/permit/role.rb +35 -0
- data/lib/cantango/roles_ext/builder/permit/role_group.rb +61 -0
- data/lib/cantango/roles_ext/configuration.rb +13 -0
- data/lib/cantango/roles_ext/configuration/registry/role.rb +34 -0
- data/lib/cantango/roles_ext/configuration/role_groups.rb +17 -0
- data/lib/cantango/roles_ext/configuration/roles.rb +16 -0
- data/lib/cantango/roles_ext/configuration/system.rb +43 -0
- data/lib/cantango/roles_ext/engine.rb +7 -0
- data/lib/cantango/roles_ext/engine/permits.rb +5 -0
- data/lib/cantango/roles_ext/filter.rb +7 -0
- data/lib/cantango/roles_ext/filter/role.rb +29 -0
- data/lib/cantango/roles_ext/filter/role_group.rb +28 -0
- data/lib/cantango/roles_ext/helpers.rb +7 -0
- data/lib/cantango/roles_ext/helpers/role.rb +14 -0
- data/lib/cantango/roles_ext/helpers/role_group.rb +14 -0
- data/lib/cantango/roles_ext/permit.rb +0 -0
- data/lib/cantango/roles_ext/permit/helper/role_matcher.rb +13 -0
- data/lib/cantango/roles_ext/permit/role.rb +35 -0
- data/lib/cantango/roles_ext/permit/role_group.rb +47 -0
- data/lib/generators/cantango/base.rb +71 -0
- data/lib/generators/cantango/basic.rb +41 -0
- data/lib/generators/cantango/license_base.rb +15 -0
- data/lib/generators/cantango/permit_generator.rb +58 -0
- data/lib/generators/cantango/role_permit/role_permit_generator.rb +39 -0
- data/lib/generators/cantango/role_permit/templates/account_permit.erb +4 -0
- data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +24 -0
- data/lib/generators/cantango/role_permit/templates/role_permit.erb +23 -0
- data/lib/generators/cantango/role_permits/role_permits_generator.rb +45 -0
- data/spec/cantango/ability/helper/role_group_spec.rb +33 -0
- data/spec/cantango/ability/helper/role_spec.rb +33 -0
- data/spec/cantango/ability/helper/shared/role_ex.rb +0 -0
- data/spec/cantango/ability/helper/shared/role_group_ex.rb +0 -0
- data/spec/cantango/builder/role_group_spec.rb +5 -0
- data/spec/cantango/builder/role_spec.rb +5 -0
- data/spec/cantango/configuration/role_groups_spec.rb +13 -0
- data/spec/cantango/configuration/role_registry_spec.rb +9 -0
- data/spec/cantango/configuration/roles_spec.rb +11 -0
- data/spec/cantango/configuration/shared/registry_ex.rb +40 -0
- data/spec/cantango/configuration/shared/role_registry_ex.rb +15 -0
- data/spec/cantango/configuration/shared/system_ex.rb +39 -0
- data/spec/cantango/configuration/system_spec.rb +9 -0
- data/spec/cantango/engine/permits_spec.rb +7 -0
- data/spec/cantango/filter/role_group_spec.rb +96 -0
- data/spec/cantango/filter/role_spec.rb +96 -0
- data/spec/cantango/helpers/role_group_spec.rb +26 -0
- data/spec/cantango/helpers/role_spec.rb +26 -0
- data/spec/fixtures/models.rb +2 -0
- data/spec/fixtures/models/admin.rb +2 -0
- data/spec/fixtures/models/admin_account.rb +22 -0
- data/spec/fixtures/models/items.rb +8 -0
- data/spec/fixtures/models/permission.rb +12 -0
- data/spec/fixtures/models/project.rb +2 -0
- data/spec/fixtures/models/simple_roles.rb +48 -0
- data/spec/fixtures/models/user.rb +52 -0
- data/spec/fixtures/models/user_account.rb +7 -0
- data/spec/helpers/current_user_accounts.rb +20 -0
- data/spec/helpers/current_users.rb +10 -0
- data/spec/spec_helper.rb +2 -0
- metadata +223 -0
@@ -0,0 +1,71 @@
|
|
1
|
+
require 'generators/cantango/basic'
|
2
|
+
|
3
|
+
module Cantango
|
4
|
+
module Generators
|
5
|
+
class Base < ::Rails::Generators::Base
|
6
|
+
|
7
|
+
include Cantango::Generators::Basic
|
8
|
+
|
9
|
+
CAN_ACTIONS = [:create, :update, :manage, :read, :access]
|
10
|
+
|
11
|
+
CAN_ACTIONS.each do |action|
|
12
|
+
class_eval %{
|
13
|
+
class_option :#{action}, :type => :array, :default => [], :desc => "Models allowed to #{action}"
|
14
|
+
class_option :not_#{action}, :type => :array, :default => [], :desc => "Models not allowed to #{action}"
|
15
|
+
}
|
16
|
+
end
|
17
|
+
|
18
|
+
protected
|
19
|
+
|
20
|
+
[:user, :account].each do |name|
|
21
|
+
define_method :"#{name}?" do
|
22
|
+
false
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
CAN_ACTIONS.each do |action|
|
27
|
+
class_eval %{
|
28
|
+
def #{action}
|
29
|
+
options[:#{action}]
|
30
|
+
end
|
31
|
+
}
|
32
|
+
end
|
33
|
+
|
34
|
+
CAN_ACTIONS.each do |action|
|
35
|
+
class_eval %{
|
36
|
+
def not_#{action}
|
37
|
+
options[:not_#{action}]
|
38
|
+
end
|
39
|
+
}
|
40
|
+
end
|
41
|
+
|
42
|
+
def rules_logic
|
43
|
+
can_logic
|
44
|
+
cannot_logic
|
45
|
+
end
|
46
|
+
|
47
|
+
def can_logic
|
48
|
+
CAN_ACTIONS.map do |action|
|
49
|
+
send(action).map do |c|
|
50
|
+
"can(:#{action}, #{act_model(c)})"
|
51
|
+
end.join("\n ")
|
52
|
+
end.join("\n")
|
53
|
+
end
|
54
|
+
|
55
|
+
def cannot_logic
|
56
|
+
CAN_ACTIONS.map do |action|
|
57
|
+
send(action).map do |c|
|
58
|
+
"can(:#{action}, #{act_model(c)})"
|
59
|
+
end.join("\n ")
|
60
|
+
end.join("\n")
|
61
|
+
end
|
62
|
+
|
63
|
+
def act_model name
|
64
|
+
return ':all' if name == 'all'
|
65
|
+
name.camelize
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
|
@@ -0,0 +1,41 @@
|
|
1
|
+
module Cantango
|
2
|
+
module Generators
|
3
|
+
module Basic
|
4
|
+
def rules_logic
|
5
|
+
''
|
6
|
+
end
|
7
|
+
|
8
|
+
def license_logic
|
9
|
+
''
|
10
|
+
end
|
11
|
+
|
12
|
+
def base_logic
|
13
|
+
%{
|
14
|
+
}
|
15
|
+
end
|
16
|
+
|
17
|
+
def admin_logic
|
18
|
+
%{
|
19
|
+
can :manage, :all
|
20
|
+
}
|
21
|
+
end
|
22
|
+
|
23
|
+
def guest_logic
|
24
|
+
%{
|
25
|
+
can :read, :all
|
26
|
+
}
|
27
|
+
end
|
28
|
+
|
29
|
+
def account
|
30
|
+
options[:account]
|
31
|
+
end
|
32
|
+
|
33
|
+
[:is_user, :is_account, :is_group].each do |name|
|
34
|
+
define_method :"#{name}?" do
|
35
|
+
false
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Cantango
|
2
|
+
module Generators
|
3
|
+
module LicenseBase
|
4
|
+
def licenses
|
5
|
+
options[:licenses]
|
6
|
+
end
|
7
|
+
|
8
|
+
def license_logic
|
9
|
+
return ' # use any licenses here' if licenses.empty?
|
10
|
+
ls = licenses.map{|c| ":#{c}"}.join(", ")
|
11
|
+
"licenses #{ls}"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
require 'generators/cantango/basic'
|
2
|
+
|
3
|
+
module Cantango
|
4
|
+
module Generators
|
5
|
+
module PermitGenerator
|
6
|
+
attr_accessor :permit_name, :permit_logic
|
7
|
+
|
8
|
+
include Cantango::Generators::Basic
|
9
|
+
|
10
|
+
def template_permit name, account = nil
|
11
|
+
@permit_name = name
|
12
|
+
set_logic name
|
13
|
+
account.present? ? template_account_permit(name, account) : template_simple_permit(name)
|
14
|
+
end
|
15
|
+
|
16
|
+
def template_simple_permit name
|
17
|
+
template permit_source, "app/permits/#{permit_target(name)}"
|
18
|
+
end
|
19
|
+
|
20
|
+
def template_account_permit name, account
|
21
|
+
template "account_permit.erb" , "app/permits/#{account}/#{permit_target(name)}"
|
22
|
+
end
|
23
|
+
|
24
|
+
def load_permit_template name
|
25
|
+
template = ERB.new File.open(template_filepath).read.gsub(/\n/, "\n\s\s")
|
26
|
+
template.result(binding)
|
27
|
+
end
|
28
|
+
|
29
|
+
def template_filepath
|
30
|
+
File.join source_path, permit_source
|
31
|
+
end
|
32
|
+
|
33
|
+
def source_path
|
34
|
+
source_paths.first
|
35
|
+
end
|
36
|
+
|
37
|
+
def permit_source
|
38
|
+
return "user_permit.erb" if is_user?
|
39
|
+
return "account_permit.erb" if is_account?
|
40
|
+
|
41
|
+
is_group? ? "role_group_permit.erb" : "role_permit.erb"
|
42
|
+
end
|
43
|
+
|
44
|
+
def permit_target name
|
45
|
+
name = name.to_s.underscore
|
46
|
+
return "#{name}_permit.rb" if is_user?
|
47
|
+
return "#{name}_account_permit.rb" if is_account?
|
48
|
+
|
49
|
+
is_group? ? "#{name}_role_group_permit.rb" : "#{name}_role_permit.rb"
|
50
|
+
end
|
51
|
+
|
52
|
+
def set_logic name
|
53
|
+
meth = "#{name}_logic"
|
54
|
+
@permit_logic = respond_to?(meth) ? send(meth) : base_logic
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'generators/cantango/base'
|
2
|
+
require 'generators/cantango/license_base'
|
3
|
+
require 'generators/cantango/permit_generator'
|
4
|
+
|
5
|
+
module Cantango
|
6
|
+
module Generators
|
7
|
+
class RolePermitGenerator < Cantango::Generators::Base
|
8
|
+
desc "Creates a Permit for a role in 'app/permits' with specific permissions and/or licenses"
|
9
|
+
|
10
|
+
argument :role, :type => :string,
|
11
|
+
:desc => "Role to create permit for"
|
12
|
+
|
13
|
+
class_option :licenses, :type => :array, :default => [],
|
14
|
+
:desc => "Licenses to use in Permit"
|
15
|
+
|
16
|
+
class_option :account, :type => :string,
|
17
|
+
:desc => "Generate permits for a specific user account"
|
18
|
+
|
19
|
+
class_option :group, :type => :boolean, :default => false, :desc => "Generate permit for a role group"
|
20
|
+
|
21
|
+
source_root File.dirname(__FILE__) + '/templates'
|
22
|
+
|
23
|
+
def main_flow
|
24
|
+
template_permit role
|
25
|
+
end
|
26
|
+
|
27
|
+
protected
|
28
|
+
|
29
|
+
include Cantango::Generators::LicenseBase
|
30
|
+
include Cantango::Generators::PermitGenerator
|
31
|
+
|
32
|
+
alias_method :role_group, :role
|
33
|
+
|
34
|
+
def is_group?
|
35
|
+
options[:group]
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
class <%= permit_name.to_s.camelize %>RoleGroupPermit < CanTango::RoleGroupPermit
|
2
|
+
def initialize ability
|
3
|
+
super
|
4
|
+
end
|
5
|
+
|
6
|
+
protected
|
7
|
+
|
8
|
+
def permit_rules
|
9
|
+
# insert your can, cannot and any other rule statements here
|
10
|
+
<%= rules_logic.strip %>
|
11
|
+
<%= license_logic %>
|
12
|
+
end
|
13
|
+
|
14
|
+
module Cached
|
15
|
+
def permit_rules
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
module NonCached
|
20
|
+
def permit_rules
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class <%= permit_name.to_s.camelize %>RolePermit < CanTango::RolePermit
|
2
|
+
def initialize ability
|
3
|
+
super
|
4
|
+
end
|
5
|
+
|
6
|
+
protected
|
7
|
+
|
8
|
+
def permit_rules
|
9
|
+
# insert your can, cannot and any other rule statements here
|
10
|
+
<%= rules_logic.strip %>
|
11
|
+
<%= license_logic %>
|
12
|
+
end
|
13
|
+
|
14
|
+
module Cached
|
15
|
+
def permit_rules
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
module NonCached
|
20
|
+
def permit_rules
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'generators/cantango/permit_generator'
|
2
|
+
|
3
|
+
module Cantango
|
4
|
+
module Generators
|
5
|
+
class RolePermitsGenerator < Rails::Generators::Base
|
6
|
+
desc "Creates a Permit for each role in 'app/permits' and ensures that the permit folder is added to Rails load path."
|
7
|
+
|
8
|
+
argument :roles, :type => :array,
|
9
|
+
:desc => "Roles to create permits for"
|
10
|
+
|
11
|
+
class_option :special_permits, :type => :boolean, :default => false,
|
12
|
+
:desc => "Create special permits Syatem and Any"
|
13
|
+
|
14
|
+
class_option :account, :type => :string,
|
15
|
+
:desc => "Generate permits for a specific user account"
|
16
|
+
|
17
|
+
class_option :group, :type => :boolean, :default => false,
|
18
|
+
:desc => "Generate permits for role groups"
|
19
|
+
|
20
|
+
source_root File.dirname(__FILE__) + '/../role_permit/templates'
|
21
|
+
|
22
|
+
def main_flow
|
23
|
+
create_special_permits if special_permits?
|
24
|
+
create_permits
|
25
|
+
end
|
26
|
+
|
27
|
+
protected
|
28
|
+
|
29
|
+
include Cantango::Generators::PermitGenerator
|
30
|
+
|
31
|
+
def create_special_permits
|
32
|
+
template_permit :any
|
33
|
+
template_permit :system
|
34
|
+
end
|
35
|
+
|
36
|
+
def create_permits
|
37
|
+
roles.each { |role| template_permit role }
|
38
|
+
end
|
39
|
+
|
40
|
+
def special_permits?
|
41
|
+
options[:special_permits]
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'fixtures/models'
|
3
|
+
require 'helpers/current_users'
|
4
|
+
|
5
|
+
class Permits
|
6
|
+
include CanTango::Ability::Helper::RoleGroup
|
7
|
+
|
8
|
+
attr_accessor :subject
|
9
|
+
|
10
|
+
def initialize subject
|
11
|
+
@subject = subject
|
12
|
+
end
|
13
|
+
|
14
|
+
def role_groups_list_meth
|
15
|
+
:role_groups_list
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
class User
|
20
|
+
include_and_extend SimpleRoles
|
21
|
+
end
|
22
|
+
|
23
|
+
describe CanTango::Ability::Helper::RoleGroup do
|
24
|
+
before do
|
25
|
+
@user = User.new 'mike', 'mike@mail.ru', :role_groups => [:admins, :editors]
|
26
|
+
end
|
27
|
+
|
28
|
+
subject { Permits.new @user }
|
29
|
+
|
30
|
+
describe 'role_groups' do
|
31
|
+
specify { subject.role_groups.should == [:admins, :editors] }
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'fixtures/models'
|
3
|
+
require 'helpers/current_users'
|
4
|
+
|
5
|
+
class Permits
|
6
|
+
include CanTango::Ability::Helper::Role
|
7
|
+
|
8
|
+
attr_accessor :subject
|
9
|
+
|
10
|
+
def initialize subject
|
11
|
+
@subject = subject
|
12
|
+
end
|
13
|
+
|
14
|
+
def roles_list_meth
|
15
|
+
:roles_list
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
class User
|
20
|
+
include_and_extend SimpleRoles
|
21
|
+
end
|
22
|
+
|
23
|
+
describe CanTango::Ability::Helper::Role do
|
24
|
+
before do
|
25
|
+
@user = User.new 'mike', 'mike@mail.ru', :roles => [:admin, :editor]
|
26
|
+
end
|
27
|
+
|
28
|
+
subject { Permits.new @user }
|
29
|
+
|
30
|
+
describe 'roles' do
|
31
|
+
specify { subject.roles.should == [:admin, :editor] }
|
32
|
+
end
|
33
|
+
end
|
File without changes
|
File without changes
|
@@ -0,0 +1,13 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'cantango/configuration/shared/role_registry_ex'
|
3
|
+
|
4
|
+
describe CanTango::Configuration::RoleGroups do
|
5
|
+
subject { CanTango.config.role_groups }
|
6
|
+
|
7
|
+
it_should_behave_like "Role Registry" do
|
8
|
+
specify { subject.system_api[:list].should == :role_group_list }
|
9
|
+
specify { subject.system_api[:has].should == :in_role_group? }
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
|
@@ -0,0 +1,11 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'cantango/configuration/shared/role_registry_ex'
|
3
|
+
|
4
|
+
describe CanTango::Configuration::Roles do
|
5
|
+
subject { CanTango.config.roles }
|
6
|
+
|
7
|
+
it_should_behave_like "Role Registry" do
|
8
|
+
let (:has) { :has_role? }
|
9
|
+
let (:list) { :roles_list }
|
10
|
+
end
|
11
|
+
end
|