cantango 0.8.0 → 0.8.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +32 -19
- data/README.textile +79 -131
- data/VERSION +1 -1
- data/cantango.gemspec +94 -61
- data/lib/cantango.rb +4 -6
- data/lib/cantango/ability.rb +28 -17
- data/lib/cantango/ability/cache.rb +30 -60
- data/lib/cantango/ability/cache/base_cache.rb +1 -1
- data/lib/cantango/ability/cache/key.rb +39 -0
- data/lib/cantango/ability/cache/kompiler.rb +22 -6
- data/lib/cantango/ability/cache/moneta_cache.rb +1 -1
- data/lib/cantango/ability/cache/reader.rb +32 -0
- data/lib/cantango/ability/cache/rules_cache.rb +31 -0
- data/lib/cantango/ability/cache/session_cache.rb +3 -2
- data/lib/cantango/ability/cache/writer.rb +42 -0
- data/lib/cantango/ability/cache_helpers.rb +28 -0
- data/lib/cantango/ability/masquerade_helpers.rb +7 -2
- data/lib/cantango/ability/permission_helpers.rb +0 -8
- data/lib/cantango/ability/permit_helpers.rb +0 -17
- data/lib/cantango/ability/role_helpers.rb +0 -2
- data/lib/cantango/ability/user_helpers.rb +1 -0
- data/lib/cantango/adapter/compiler.rb +9 -0
- data/lib/cantango/adapter/moneta.rb +23 -0
- data/lib/cantango/api.rb +1 -1
- data/lib/cantango/api/aliases.rb +4 -8
- data/lib/cantango/api/attributes.rb +17 -0
- data/lib/cantango/api/common.rb +6 -0
- data/lib/cantango/api/options.rb +9 -5
- data/lib/cantango/cache.rb +1 -1
- data/lib/cantango/cache/hash_cache.rb +34 -0
- data/lib/cantango/configuration.rb +13 -8
- data/lib/cantango/configuration/adapters.rb +25 -0
- data/lib/cantango/configuration/categories.rb +3 -1
- data/lib/cantango/configuration/engines.rb +83 -11
- data/lib/cantango/configuration/engines/cache.rb +12 -1
- data/lib/cantango/configuration/engines/engine.rb +5 -5
- data/lib/cantango/configuration/engines/permission.rb +1 -1
- data/lib/cantango/configuration/permit_registry.rb +17 -0
- data/lib/cantango/configuration/permits.rb +29 -0
- data/lib/cantango/configuration/registry.rb +5 -2
- data/lib/cantango/configuration/role_groups.rb +3 -0
- data/lib/cantango/configuration/role_registry.rb +4 -0
- data/lib/cantango/configuration/roles.rb +2 -0
- data/lib/cantango/configuration/user_accounts.rb +1 -0
- data/lib/cantango/configuration/users.rb +1 -0
- data/lib/cantango/engine.rb +13 -0
- data/lib/cantango/filters.rb +5 -0
- data/lib/cantango/filters/filter.rb +34 -0
- data/lib/cantango/filters/role_filter.rb +29 -0
- data/lib/cantango/filters/role_group_filter.rb +28 -0
- data/lib/cantango/permission_engine.rb +26 -1
- data/lib/cantango/permission_engine/collector.rb +7 -2
- data/lib/cantango/permission_engine/compiler.rb +8 -1
- data/lib/cantango/permission_engine/evaluator.rb +2 -2
- data/lib/cantango/permission_engine/factory.rb +8 -12
- data/lib/cantango/permission_engine/loader.rb +1 -1
- data/lib/cantango/permission_engine/loader/base.rb +1 -1
- data/lib/cantango/permission_engine/loader/categories.rb +3 -3
- data/lib/cantango/permission_engine/loader/permissions.rb +8 -5
- data/lib/cantango/permission_engine/moneta_store.rb +2 -2
- data/lib/cantango/permission_engine/parser.rb +1 -1
- data/lib/cantango/permission_engine/parser/categories.rb +1 -1
- data/lib/cantango/permission_engine/parser/category.rb +1 -1
- data/lib/cantango/permission_engine/parser/default.rb +1 -2
- data/lib/cantango/permission_engine/parser/ownership.rb +1 -1
- data/lib/cantango/permission_engine/parser/permissions.rb +1 -1
- data/lib/cantango/permission_engine/parser/regex.rb +2 -2
- data/lib/cantango/permission_engine/parser/relationship.rb +1 -1
- data/lib/cantango/permission_engine/parser/rule.rb +1 -1
- data/lib/cantango/permission_engine/permission.rb +2 -2
- data/lib/cantango/permission_engine/selector.rb +3 -3
- data/lib/cantango/permission_engine/selector/account_types.rb +24 -0
- data/lib/cantango/permission_engine/selector/base.rb +3 -3
- data/lib/cantango/permission_engine/selector/licenses.rb +2 -2
- data/lib/cantango/permission_engine/selector/role_groups.rb +7 -6
- data/lib/cantango/permission_engine/selector/roles.rb +10 -6
- data/lib/cantango/permission_engine/selector/user_types.rb +23 -0
- data/lib/cantango/permission_engine/selector/users.rb +2 -2
- data/lib/cantango/permission_engine/statement.rb +10 -9
- data/lib/cantango/permission_engine/statements.rb +27 -25
- data/lib/cantango/permission_engine/store.rb +1 -1
- data/lib/cantango/permission_engine/yaml_store.rb +2 -2
- data/lib/cantango/permit_engine.rb +29 -4
- data/lib/cantango/permit_engine/builder.rb +2 -3
- data/lib/cantango/permit_engine/builder/base.rb +9 -1
- data/lib/cantango/permit_engine/builder/special_permits.rb +7 -8
- data/lib/cantango/permit_engine/compatibility.rb +1 -1
- data/lib/cantango/permit_engine/executor.rb +1 -1
- data/lib/cantango/permit_engine/executor/abstract.rb +1 -1
- data/lib/cantango/permit_engine/executor/base.rb +1 -1
- data/lib/cantango/permit_engine/executor/system.rb +1 -1
- data/lib/cantango/permit_engine/factory.rb +2 -7
- data/lib/cantango/permit_engine/finder.rb +43 -9
- data/lib/cantango/permit_engine/role_matcher.rb +1 -1
- data/lib/cantango/permit_engine/util.rb +2 -1
- data/lib/cantango/permits.rb +9 -0
- data/lib/cantango/{permit_engine → permits}/account_permit.rb +15 -4
- data/lib/cantango/{permit_engine → permits}/account_permit/builder.rb +2 -6
- data/lib/cantango/{permit_engine → permits}/account_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/license.rb +1 -1
- data/lib/cantango/{permit_engine → permits}/license/loader.rb +1 -1
- data/lib/cantango/{permit_engine → permits}/license/rules.rb +1 -1
- data/lib/cantango/permits/macros.rb +19 -0
- data/lib/cantango/{permit_engine → permits}/permit.rb +13 -1
- data/lib/cantango/{permit_engine → permits}/role_group_permit.rb +15 -3
- data/lib/cantango/{permit_engine → permits}/role_group_permit/builder.rb +10 -22
- data/lib/cantango/{permit_engine → permits}/role_group_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/role_permit.rb +15 -3
- data/lib/cantango/permits/role_permit/builder.rb +27 -0
- data/lib/cantango/{permit_engine → permits}/role_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/user_permit.rb +15 -3
- data/lib/cantango/{permit_engine → permits}/user_permit/builder.rb +2 -6
- data/lib/cantango/{permit_engine → permits}/user_permit/finder.rb +2 -2
- data/lib/cantango/rails.rb +3 -1
- data/lib/cantango/rails/engine.rb +11 -6
- data/lib/cantango/rails/helpers/base_helper.rb +28 -0
- data/lib/cantango/rails/helpers/controller_helper.rb +17 -0
- data/lib/cantango/rails/helpers/rest_helper.rb +44 -0
- data/lib/cantango/rails/helpers/view_helper.rb +17 -0
- data/lib/cantango/rails/railtie.rb +1 -1
- data/lib/cantango/rspec/config.rb +1 -1
- data/lib/cantango/rspec/matchers/be_allowed_to.rb +5 -3
- data/lib/cantango/rules/user_relation.rb +1 -1
- data/lib/cantango/users/macros.rb +8 -2
- data/lib/cantango/users/user.rb +1 -1
- data/lib/generators/cantango/account_permit/account_permit_generator.rb +37 -0
- data/lib/generators/cantango/account_permit/templates/account_permit.erb +13 -0
- data/lib/generators/cantango/base.rb +15 -18
- data/lib/generators/cantango/basic.rb +41 -0
- data/lib/generators/cantango/install/install_generator.rb +37 -0
- data/lib/generators/cantango/install/templates/cantango.rb +4 -0
- data/{spec/active_record/scenarios/user_accounts/config/account_permits.yml → lib/generators/cantango/install/templates/categories.yml} +0 -0
- data/lib/generators/cantango/install/templates/permissions.yml +4 -0
- data/lib/generators/cantango/license/license_generator.rb +6 -11
- data/lib/generators/cantango/license/templates/license.erb +1 -1
- data/lib/generators/cantango/license_base.rb +2 -2
- data/lib/generators/cantango/licenses/licenses_generator.rb +2 -7
- data/lib/generators/cantango/permit_generator.rb +31 -10
- data/lib/generators/cantango/role_permit/role_permit_generator.rb +11 -14
- data/lib/generators/cantango/role_permit/templates/account_permit.erb +2 -2
- data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +2 -2
- data/lib/generators/cantango/role_permit/templates/role_permit.erb +2 -2
- data/lib/generators/cantango/role_permits/role_permits_generator.rb +16 -98
- data/lib/generators/cantango/user_permit/templates/account_permit.erb +5 -0
- data/lib/generators/cantango/user_permit/templates/user_permit.erb +13 -0
- data/lib/generators/cantango/user_permit/user_permit_generator.rb +36 -0
- data/spec/TODO +1 -6
- data/spec/active_record/helper/permits_config.rb +1 -1
- data/spec/active_record/scenarios/engines/permission_engine/{cantango_permissions.yml → permissions.yml} +2 -1
- data/spec/active_record/scenarios/engines/permission_engine/tango_permission_yml_spec.rb +8 -9
- data/spec/active_record/scenarios/engines/permit_engine/licenses_spec.rb +2 -2
- data/spec/active_record/scenarios/engines/permit_engine/role_groups_permits_spec.rb +2 -2
- data/spec/active_record/scenarios/shared/{can_tango.rb → cantango.rb} +1 -1
- data/spec/active_record/scenarios/shared/models/items.rb +0 -1
- data/spec/active_record/scenarios/shared/models/users.rb +6 -1
- data/spec/active_record/spec_helper.rb +6 -4
- data/spec/cantango/ability/cache/key_spec.rb +64 -0
- data/spec/cantango/ability/cache/{compiler_spec.rb → kompiler_spec.rb} +9 -21
- data/spec/cantango/ability/cache/reader_compile_spec.rb +42 -0
- data/spec/cantango/ability/cache/reader_spec.rb +33 -0
- data/spec/cantango/ability/cache/rules_cache_spec.rb +15 -0
- data/spec/cantango/ability/cache/session_cache_spec.rb +1 -1
- data/spec/cantango/ability/cache/writer_spec.rb +21 -0
- data/spec/cantango/ability/cache_spec.rb +6 -2
- data/spec/cantango/ability_filters_spec.rb +5 -10
- data/spec/cantango/ability_spec.rb +2 -3
- data/spec/cantango/api/attributes_spec.rb +27 -0
- data/spec/cantango/api/user/can_api_spec.rb +2 -2
- data/spec/cantango/api/user_account/can_api_spec.rb +2 -2
- data/spec/cantango/configuration/adapter_spec.rb +28 -0
- data/spec/cantango/configuration/engines/cache_spec.rb +2 -2
- data/spec/cantango/configuration/engines/permission_spec.rb +3 -3
- data/spec/cantango/configuration/engines/permit_spec.rb +1 -1
- data/spec/cantango/configuration/engines/store_shared.rb +3 -1
- data/spec/cantango/configuration/engines_spec.rb +106 -3
- data/spec/cantango/configuration/hash_registry_spec.rb +1 -1
- data/spec/cantango/configuration/permit_registry_spec.rb +14 -0
- data/spec/cantango/configuration/permits_spec.rb +25 -0
- data/spec/cantango/configuration/registry_spec.rb +1 -1
- data/spec/cantango/configuration/shared/registry_ex.rb +2 -1
- data/spec/cantango/configuration_spec.rb +5 -5
- data/spec/cantango/permission_engine/compiler_spec.rb +8 -0
- data/spec/cantango/permission_engine/permission_spec.rb +1 -1
- data/spec/cantango/permission_engine/yaml_store_spec.rb +14 -4
- data/spec/cantango/permission_engine_spec.rb +0 -0
- data/spec/cantango/permit_engine/account_permit_spec.rb +2 -4
- data/spec/cantango/permit_engine/builder/role_group_permits_spec.rb +4 -7
- data/spec/cantango/permit_engine/builder/role_permits_spec.rb +5 -6
- data/spec/cantango/permit_engine/builder/special_permits_spec.rb +3 -4
- data/spec/cantango/permit_engine/executor/system_spec.rb +2 -2
- data/spec/cantango/permit_engine/factory_spec.rb +2 -3
- data/spec/cantango/permit_engine/finder_spec.rb +144 -23
- data/spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb +4 -5
- data/spec/cantango/permit_engine/role_group_permit_spec.rb +1 -1
- data/spec/cantango/permit_engine/role_permit_spec.rb +6 -7
- data/spec/cantango/permit_engine/user_permit_spec.rb +2 -3
- data/spec/cantango/permit_engine_spec.rb +2 -0
- data/spec/cantango/permits/macros_spec.rb +41 -0
- data/spec/cantango/permits/permit_spec.rb +46 -0
- data/spec/cantango_spec.rb +13 -0
- data/spec/devise-dummy/app/helpers/application_helper.rb +7 -0
- data/spec/devise-dummy/app/views/articles/admin.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/admin_account.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/comments/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/comments/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/admin.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/admin_account.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/users/index.html.haml +1 -1
- data/spec/devise-dummy/config/initializers/cantango.rb +3 -3
- data/spec/devise-dummy/config/{cantango_permissions.yml → permissions.yml} +2 -1
- data/spec/devise-integration/concerto_spec.rb +1 -1
- data/spec/dummy/app/models/user.rb +1 -0
- data/spec/dummy/app/views/articles/admin.html.haml +1 -1
- data/spec/dummy/app/views/articles/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/articles/guest.html.haml +1 -1
- data/spec/dummy/app/views/articles/index.html.haml +1 -1
- data/spec/dummy/app/views/comments/guest.html.haml +1 -1
- data/spec/dummy/app/views/comments/index.html.haml +1 -1
- data/spec/dummy/app/views/concertos/admin.html.haml +1 -1
- data/spec/dummy/app/views/concertos/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/concertos/guest.html.haml +1 -1
- data/spec/dummy/app/views/concertos/index.html.haml +1 -1
- data/spec/dummy/app/views/posts/admin.html.haml +1 -1
- data/spec/dummy/app/views/posts/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/posts/guest.html.haml +1 -1
- data/spec/dummy/app/views/posts/index.html.haml +1 -1
- data/spec/dummy/app/views/users/admin.html.haml +1 -1
- data/spec/dummy/app/views/users/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/users/guest.html.haml +1 -1
- data/spec/dummy/app/views/users/index.html.haml +1 -1
- data/spec/dummy/config/application.rb +1 -0
- data/spec/dummy/config/initializers/cantango.rb +1 -3
- data/spec/dummy/config/{cantango_permissions.yml → permissions.yml} +2 -2
- data/spec/dummy_spec_helper.rb +2 -0
- data/spec/entire_suite_spec.rb +2 -0
- data/spec/factories/user.rb +8 -0
- data/spec/factories/user_account.rb +6 -0
- data/spec/fixtures/config/permissions.yml +60 -19
- data/spec/fixtures/models/admin.rb +2 -0
- data/spec/fixtures/models/admin_account.rb +22 -0
- data/spec/fixtures/models/simple_roles.rb +5 -0
- data/spec/fixtures/models/user.rb +4 -0
- data/spec/helpers/dummy_app_ability.rb +2 -5
- data/spec/integration/cache_using_moneta_spec.rb +3 -1
- data/spec/integration/cache_using_session_spec.rb +2 -2
- data/spec/integration/user/articles_spec.rb +1 -1
- data/spec/integration/user/concerto_spec.rb +1 -1
- data/spec/spec_helper.rb +5 -5
- metadata +120 -95
- data/lib/cantango/ability/class_methods.rb +0 -27
- data/lib/cantango/api/aliases/account_permit.rb +0 -8
- data/lib/cantango/api/aliases/license.rb +0 -7
- data/lib/cantango/api/aliases/permit.rb +0 -9
- data/lib/cantango/api/aliases/role_group_permit.rb +0 -7
- data/lib/cantango/api/aliases/role_permit.rb +0 -7
- data/lib/cantango/api/aliases/user_permit.rb +0 -8
- data/lib/cantango/permission_engine/builder.rb +0 -6
- data/lib/cantango/permit_engine/role_permit/builder.rb +0 -46
- data/lib/cantango/rails/base_helpers.rb +0 -26
- data/lib/cantango/rails/controller_helpers.rb +0 -15
- data/lib/cantango/rails/view_helpers.rb +0 -15
- data/spec/active_record/scenarios/shared/permits/PERMITS README.textile +0 -3
- data/spec/active_record/scenarios/user_accounts/docs/USER_ACCOUNTS_SCENARIO.textile +0 -20
- data/spec/active_record/scenarios/user_accounts/docs/basic_rules_spec_possible_samples.txt +0 -84
- data/spec/factories.rb +0 -8
- data/spec/fixtures/config/cantango_permissions.yml +0 -48
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
3
|
-
module Loader
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
module Loader
|
|
4
4
|
class Categories < Base
|
|
5
5
|
attr_reader :file_name, :categories
|
|
6
6
|
|
|
@@ -42,7 +42,7 @@ module CanTango
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def config_path
|
|
45
|
-
CanTango.config.
|
|
45
|
+
CanTango.config.permission_engine.config_path
|
|
46
46
|
end
|
|
47
47
|
end
|
|
48
48
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Loader
|
|
4
4
|
class Permissions < Base
|
|
5
5
|
attr_accessor :permissions
|
|
@@ -10,6 +10,7 @@ module CanTango
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def load_from_hash hash
|
|
13
|
+
return if hash.empty?
|
|
13
14
|
hash.each do |type, groups|
|
|
14
15
|
groups.each do |group, rules|
|
|
15
16
|
permissions[type] ||= {}
|
|
@@ -23,6 +24,7 @@ module CanTango
|
|
|
23
24
|
end
|
|
24
25
|
|
|
25
26
|
def load!
|
|
27
|
+
return if yml_content.empty?
|
|
26
28
|
yml_content.each do |type, groups|
|
|
27
29
|
(permissions[type] = {} # This is for having fx empty users: section
|
|
28
30
|
next) if groups.nil? #
|
|
@@ -45,18 +47,19 @@ module CanTango
|
|
|
45
47
|
@parser ||= CanTango::PermissionEngine::Parser::Permissions.new
|
|
46
48
|
end
|
|
47
49
|
|
|
48
|
-
CanTango.config.
|
|
50
|
+
CanTango.config.permission_engine.types.each do |type|
|
|
49
51
|
define_method(:"#{type}_permissions") {
|
|
50
52
|
permissions.send(:"#{type}")
|
|
51
53
|
}
|
|
52
54
|
|
|
53
|
-
define_method(:"#{type}_compiled_permissions")
|
|
55
|
+
define_method(:"#{type}_compiled_permissions") do
|
|
56
|
+
type_permissions = send(:"#{type}_permissions")
|
|
57
|
+
return Hashie::Mash.new if !type_permissions || type_permissions.empty?
|
|
54
58
|
compiled_sum = send(:"#{type}_permissions").inject({}) do |compiled_sum, (actor, permission)|
|
|
55
59
|
compiled_sum.merge(permission.to_compiled_hash)
|
|
56
60
|
end
|
|
57
61
|
Hashie::Mash.new(compiled_sum)
|
|
58
|
-
|
|
59
|
-
|
|
62
|
+
end
|
|
60
63
|
end
|
|
61
64
|
|
|
62
65
|
include ClassMethods
|
|
@@ -2,7 +2,7 @@ require 'moneta'
|
|
|
2
2
|
require 'active_support/inflector'
|
|
3
3
|
|
|
4
4
|
module CanTango
|
|
5
|
-
class
|
|
5
|
+
class PermissionEngine < Engine
|
|
6
6
|
class MonetaStore < Store
|
|
7
7
|
# one cache store is shared for all store instances (w different names)
|
|
8
8
|
attr_reader :store
|
|
@@ -10,7 +10,7 @@ module CanTango
|
|
|
10
10
|
# for a YamlStore, the name is the name of the yml file
|
|
11
11
|
def initialize name, options = {}
|
|
12
12
|
super
|
|
13
|
-
@store = CanTango::Cache::MonetaCache.instance
|
|
13
|
+
@store = CanTango::Cache::MonetaCache.instance
|
|
14
14
|
@store.configure_with options
|
|
15
15
|
end
|
|
16
16
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Parser
|
|
4
4
|
class Regex < Rule
|
|
5
5
|
attr_reader :regex
|
|
@@ -21,7 +21,7 @@ module CanTango
|
|
|
21
21
|
"#{method} :#{action}, #{target.name}"
|
|
22
22
|
end.join("\n")
|
|
23
23
|
end
|
|
24
|
-
|
|
24
|
+
|
|
25
25
|
def config_models
|
|
26
26
|
CanTango.config.models
|
|
27
27
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
class Permission
|
|
4
4
|
# rules is a Hashie, a Hash where keys can also be accessed as method calls
|
|
5
5
|
attr_accessor :name, :static_rules, :compiled_rules
|
|
@@ -28,7 +28,7 @@ module CanTango
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def compile_rules!
|
|
31
|
-
compiler.compile! self
|
|
31
|
+
compiler.compile! self
|
|
32
32
|
@compiled_rules = compiler.to_hashie
|
|
33
33
|
end
|
|
34
34
|
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
3
|
-
module Selector
|
|
4
|
-
autoload_modules :Base, :Licenses, :Roles, :RoleGroups, :Users
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
module Selector
|
|
4
|
+
autoload_modules :Base, :Licenses, :Roles, :RoleGroups, :Users, :UserTypes, :AccountTypes
|
|
5
5
|
|
|
6
6
|
def self.create type, collector
|
|
7
7
|
selector_class(type).new collector
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
module CanTango
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
module Selector
|
|
4
|
+
class AccountTypes < Base
|
|
5
|
+
attr_reader :account_type
|
|
6
|
+
|
|
7
|
+
def initialize subject
|
|
8
|
+
@account_type = subject.account.class.to_s.underscore
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
protected
|
|
12
|
+
|
|
13
|
+
def relevant? account_type
|
|
14
|
+
self.account_type == account_type
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
3
|
-
module Selector
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
module Selector
|
|
4
4
|
class Base
|
|
5
5
|
attr_reader :subject
|
|
6
6
|
|
|
@@ -9,7 +9,7 @@ module CanTango
|
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def select permissions
|
|
12
|
-
permissions.select{|permission|
|
|
12
|
+
permissions.select { |permission| relevant? permission }
|
|
13
13
|
end
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Selector
|
|
4
4
|
class Licenses < Base
|
|
5
5
|
attr_reader :roles, :role_groups
|
|
@@ -9,7 +9,7 @@ module CanTango
|
|
|
9
9
|
@role_groups = subject.role_groups_list
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
def
|
|
12
|
+
def relevant? permission
|
|
13
13
|
(roles | role_groups).include? permission.to_sym
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Selector
|
|
4
4
|
class RoleGroups < Base
|
|
5
5
|
attr_reader :role_groups
|
|
@@ -8,14 +8,15 @@ module CanTango
|
|
|
8
8
|
@role_groups = collector.role_groups_list
|
|
9
9
|
end
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
valid_role_groups.include? permission.to_sym
|
|
11
|
+
def relevant? role_group
|
|
12
|
+
filter(role_group).valid?
|
|
14
13
|
end
|
|
15
14
|
|
|
16
|
-
def
|
|
17
|
-
|
|
15
|
+
def filter role_group
|
|
16
|
+
CanTango::Filters::RoleGroupFilter.new role_group, role_groups
|
|
18
17
|
end
|
|
18
|
+
|
|
19
|
+
private
|
|
19
20
|
end
|
|
20
21
|
end
|
|
21
22
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Selector
|
|
4
4
|
class Roles < Base
|
|
5
5
|
attr_reader :roles
|
|
@@ -8,14 +8,18 @@ module CanTango
|
|
|
8
8
|
@roles = subject.roles_list
|
|
9
9
|
end
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
protected
|
|
12
|
+
|
|
13
|
+
def relevant? role
|
|
14
|
+
filter(role).valid?
|
|
14
15
|
end
|
|
15
16
|
|
|
16
|
-
def
|
|
17
|
-
|
|
17
|
+
def filter role
|
|
18
|
+
CanTango::Filters::RoleFilter.new role, roles
|
|
18
19
|
end
|
|
20
|
+
|
|
21
|
+
private
|
|
22
|
+
|
|
19
23
|
end
|
|
20
24
|
end
|
|
21
25
|
end
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
module CanTango
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
module Selector
|
|
4
|
+
class UserTypes < Base
|
|
5
|
+
attr_reader :user_type
|
|
6
|
+
|
|
7
|
+
def initialize subject
|
|
8
|
+
@user_type = subject.user.class.to_s.underscore
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
protected
|
|
12
|
+
|
|
13
|
+
def relevant? user_type
|
|
14
|
+
self.user_type == user_type
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module CanTango
|
|
2
|
-
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
3
|
module Selector
|
|
4
4
|
class Users < Base
|
|
5
5
|
attr_reader :user, :user_key
|
|
@@ -9,7 +9,7 @@ module CanTango
|
|
|
9
9
|
@user_key = user.send(subject.user_key_field)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
def
|
|
12
|
+
def relevant? permission
|
|
13
13
|
permission == user_key
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -1,14 +1,15 @@
|
|
|
1
|
-
module CanTango
|
|
2
|
-
class
|
|
3
|
-
|
|
1
|
+
module CanTango
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
class Statement
|
|
4
|
+
attr_reader :method, :action, :conditions
|
|
4
5
|
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
def initialize method, action, conditions = {}
|
|
7
|
+
@method, @action, @conditions = [method, action, conditions]
|
|
8
|
+
end
|
|
8
9
|
|
|
9
|
-
|
|
10
|
-
|
|
10
|
+
def to_code
|
|
11
|
+
line = conditions.empty? ? "#{method}(:#{action})" : "#{method}(:#{action}, #{conditions})"
|
|
12
|
+
end
|
|
11
13
|
end
|
|
12
14
|
end
|
|
13
15
|
end
|
|
14
|
-
|
|
@@ -1,35 +1,37 @@
|
|
|
1
|
-
module CanTango
|
|
2
|
-
class
|
|
3
|
-
|
|
1
|
+
module CanTango
|
|
2
|
+
class PermissionEngine < Engine
|
|
3
|
+
class Statements
|
|
4
|
+
attr_reader :method, :action
|
|
4
5
|
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
6
|
+
def initialize method, action, targets
|
|
7
|
+
@method = method
|
|
8
|
+
@action = action
|
|
9
|
+
@targets = targets
|
|
10
|
+
end
|
|
10
11
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
12
|
+
def to_code
|
|
13
|
+
parse_statements.join("\n")
|
|
14
|
+
end
|
|
14
15
|
|
|
15
|
-
|
|
16
|
+
protected
|
|
16
17
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
def parse_statements
|
|
19
|
+
targets.inject([]) do |statements, target|
|
|
20
|
+
statements << parser(target).parse
|
|
21
|
+
end.flatten
|
|
22
|
+
end
|
|
22
23
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
def targets
|
|
25
|
+
@targets ||= []
|
|
26
|
+
end
|
|
26
27
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
28
|
+
#def statement target_and_conditions
|
|
29
|
+
# CanTango::PermissionEngine::Statement.new method, action, target_and_conditions
|
|
30
|
+
#end
|
|
30
31
|
|
|
31
|
-
|
|
32
|
-
|
|
32
|
+
def parser target
|
|
33
|
+
CanTango::PermissionEngine::Parser.create_for method, action, target
|
|
34
|
+
end
|
|
33
35
|
end
|
|
34
36
|
end
|
|
35
37
|
end
|