cantango 0.8.0 → 0.8.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +32 -19
- data/README.textile +79 -131
- data/VERSION +1 -1
- data/cantango.gemspec +94 -61
- data/lib/cantango.rb +4 -6
- data/lib/cantango/ability.rb +28 -17
- data/lib/cantango/ability/cache.rb +30 -60
- data/lib/cantango/ability/cache/base_cache.rb +1 -1
- data/lib/cantango/ability/cache/key.rb +39 -0
- data/lib/cantango/ability/cache/kompiler.rb +22 -6
- data/lib/cantango/ability/cache/moneta_cache.rb +1 -1
- data/lib/cantango/ability/cache/reader.rb +32 -0
- data/lib/cantango/ability/cache/rules_cache.rb +31 -0
- data/lib/cantango/ability/cache/session_cache.rb +3 -2
- data/lib/cantango/ability/cache/writer.rb +42 -0
- data/lib/cantango/ability/cache_helpers.rb +28 -0
- data/lib/cantango/ability/masquerade_helpers.rb +7 -2
- data/lib/cantango/ability/permission_helpers.rb +0 -8
- data/lib/cantango/ability/permit_helpers.rb +0 -17
- data/lib/cantango/ability/role_helpers.rb +0 -2
- data/lib/cantango/ability/user_helpers.rb +1 -0
- data/lib/cantango/adapter/compiler.rb +9 -0
- data/lib/cantango/adapter/moneta.rb +23 -0
- data/lib/cantango/api.rb +1 -1
- data/lib/cantango/api/aliases.rb +4 -8
- data/lib/cantango/api/attributes.rb +17 -0
- data/lib/cantango/api/common.rb +6 -0
- data/lib/cantango/api/options.rb +9 -5
- data/lib/cantango/cache.rb +1 -1
- data/lib/cantango/cache/hash_cache.rb +34 -0
- data/lib/cantango/configuration.rb +13 -8
- data/lib/cantango/configuration/adapters.rb +25 -0
- data/lib/cantango/configuration/categories.rb +3 -1
- data/lib/cantango/configuration/engines.rb +83 -11
- data/lib/cantango/configuration/engines/cache.rb +12 -1
- data/lib/cantango/configuration/engines/engine.rb +5 -5
- data/lib/cantango/configuration/engines/permission.rb +1 -1
- data/lib/cantango/configuration/permit_registry.rb +17 -0
- data/lib/cantango/configuration/permits.rb +29 -0
- data/lib/cantango/configuration/registry.rb +5 -2
- data/lib/cantango/configuration/role_groups.rb +3 -0
- data/lib/cantango/configuration/role_registry.rb +4 -0
- data/lib/cantango/configuration/roles.rb +2 -0
- data/lib/cantango/configuration/user_accounts.rb +1 -0
- data/lib/cantango/configuration/users.rb +1 -0
- data/lib/cantango/engine.rb +13 -0
- data/lib/cantango/filters.rb +5 -0
- data/lib/cantango/filters/filter.rb +34 -0
- data/lib/cantango/filters/role_filter.rb +29 -0
- data/lib/cantango/filters/role_group_filter.rb +28 -0
- data/lib/cantango/permission_engine.rb +26 -1
- data/lib/cantango/permission_engine/collector.rb +7 -2
- data/lib/cantango/permission_engine/compiler.rb +8 -1
- data/lib/cantango/permission_engine/evaluator.rb +2 -2
- data/lib/cantango/permission_engine/factory.rb +8 -12
- data/lib/cantango/permission_engine/loader.rb +1 -1
- data/lib/cantango/permission_engine/loader/base.rb +1 -1
- data/lib/cantango/permission_engine/loader/categories.rb +3 -3
- data/lib/cantango/permission_engine/loader/permissions.rb +8 -5
- data/lib/cantango/permission_engine/moneta_store.rb +2 -2
- data/lib/cantango/permission_engine/parser.rb +1 -1
- data/lib/cantango/permission_engine/parser/categories.rb +1 -1
- data/lib/cantango/permission_engine/parser/category.rb +1 -1
- data/lib/cantango/permission_engine/parser/default.rb +1 -2
- data/lib/cantango/permission_engine/parser/ownership.rb +1 -1
- data/lib/cantango/permission_engine/parser/permissions.rb +1 -1
- data/lib/cantango/permission_engine/parser/regex.rb +2 -2
- data/lib/cantango/permission_engine/parser/relationship.rb +1 -1
- data/lib/cantango/permission_engine/parser/rule.rb +1 -1
- data/lib/cantango/permission_engine/permission.rb +2 -2
- data/lib/cantango/permission_engine/selector.rb +3 -3
- data/lib/cantango/permission_engine/selector/account_types.rb +24 -0
- data/lib/cantango/permission_engine/selector/base.rb +3 -3
- data/lib/cantango/permission_engine/selector/licenses.rb +2 -2
- data/lib/cantango/permission_engine/selector/role_groups.rb +7 -6
- data/lib/cantango/permission_engine/selector/roles.rb +10 -6
- data/lib/cantango/permission_engine/selector/user_types.rb +23 -0
- data/lib/cantango/permission_engine/selector/users.rb +2 -2
- data/lib/cantango/permission_engine/statement.rb +10 -9
- data/lib/cantango/permission_engine/statements.rb +27 -25
- data/lib/cantango/permission_engine/store.rb +1 -1
- data/lib/cantango/permission_engine/yaml_store.rb +2 -2
- data/lib/cantango/permit_engine.rb +29 -4
- data/lib/cantango/permit_engine/builder.rb +2 -3
- data/lib/cantango/permit_engine/builder/base.rb +9 -1
- data/lib/cantango/permit_engine/builder/special_permits.rb +7 -8
- data/lib/cantango/permit_engine/compatibility.rb +1 -1
- data/lib/cantango/permit_engine/executor.rb +1 -1
- data/lib/cantango/permit_engine/executor/abstract.rb +1 -1
- data/lib/cantango/permit_engine/executor/base.rb +1 -1
- data/lib/cantango/permit_engine/executor/system.rb +1 -1
- data/lib/cantango/permit_engine/factory.rb +2 -7
- data/lib/cantango/permit_engine/finder.rb +43 -9
- data/lib/cantango/permit_engine/role_matcher.rb +1 -1
- data/lib/cantango/permit_engine/util.rb +2 -1
- data/lib/cantango/permits.rb +9 -0
- data/lib/cantango/{permit_engine → permits}/account_permit.rb +15 -4
- data/lib/cantango/{permit_engine → permits}/account_permit/builder.rb +2 -6
- data/lib/cantango/{permit_engine → permits}/account_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/license.rb +1 -1
- data/lib/cantango/{permit_engine → permits}/license/loader.rb +1 -1
- data/lib/cantango/{permit_engine → permits}/license/rules.rb +1 -1
- data/lib/cantango/permits/macros.rb +19 -0
- data/lib/cantango/{permit_engine → permits}/permit.rb +13 -1
- data/lib/cantango/{permit_engine → permits}/role_group_permit.rb +15 -3
- data/lib/cantango/{permit_engine → permits}/role_group_permit/builder.rb +10 -22
- data/lib/cantango/{permit_engine → permits}/role_group_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/role_permit.rb +15 -3
- data/lib/cantango/permits/role_permit/builder.rb +27 -0
- data/lib/cantango/{permit_engine → permits}/role_permit/finder.rb +2 -2
- data/lib/cantango/{permit_engine → permits}/user_permit.rb +15 -3
- data/lib/cantango/{permit_engine → permits}/user_permit/builder.rb +2 -6
- data/lib/cantango/{permit_engine → permits}/user_permit/finder.rb +2 -2
- data/lib/cantango/rails.rb +3 -1
- data/lib/cantango/rails/engine.rb +11 -6
- data/lib/cantango/rails/helpers/base_helper.rb +28 -0
- data/lib/cantango/rails/helpers/controller_helper.rb +17 -0
- data/lib/cantango/rails/helpers/rest_helper.rb +44 -0
- data/lib/cantango/rails/helpers/view_helper.rb +17 -0
- data/lib/cantango/rails/railtie.rb +1 -1
- data/lib/cantango/rspec/config.rb +1 -1
- data/lib/cantango/rspec/matchers/be_allowed_to.rb +5 -3
- data/lib/cantango/rules/user_relation.rb +1 -1
- data/lib/cantango/users/macros.rb +8 -2
- data/lib/cantango/users/user.rb +1 -1
- data/lib/generators/cantango/account_permit/account_permit_generator.rb +37 -0
- data/lib/generators/cantango/account_permit/templates/account_permit.erb +13 -0
- data/lib/generators/cantango/base.rb +15 -18
- data/lib/generators/cantango/basic.rb +41 -0
- data/lib/generators/cantango/install/install_generator.rb +37 -0
- data/lib/generators/cantango/install/templates/cantango.rb +4 -0
- data/{spec/active_record/scenarios/user_accounts/config/account_permits.yml → lib/generators/cantango/install/templates/categories.yml} +0 -0
- data/lib/generators/cantango/install/templates/permissions.yml +4 -0
- data/lib/generators/cantango/license/license_generator.rb +6 -11
- data/lib/generators/cantango/license/templates/license.erb +1 -1
- data/lib/generators/cantango/license_base.rb +2 -2
- data/lib/generators/cantango/licenses/licenses_generator.rb +2 -7
- data/lib/generators/cantango/permit_generator.rb +31 -10
- data/lib/generators/cantango/role_permit/role_permit_generator.rb +11 -14
- data/lib/generators/cantango/role_permit/templates/account_permit.erb +2 -2
- data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +2 -2
- data/lib/generators/cantango/role_permit/templates/role_permit.erb +2 -2
- data/lib/generators/cantango/role_permits/role_permits_generator.rb +16 -98
- data/lib/generators/cantango/user_permit/templates/account_permit.erb +5 -0
- data/lib/generators/cantango/user_permit/templates/user_permit.erb +13 -0
- data/lib/generators/cantango/user_permit/user_permit_generator.rb +36 -0
- data/spec/TODO +1 -6
- data/spec/active_record/helper/permits_config.rb +1 -1
- data/spec/active_record/scenarios/engines/permission_engine/{cantango_permissions.yml → permissions.yml} +2 -1
- data/spec/active_record/scenarios/engines/permission_engine/tango_permission_yml_spec.rb +8 -9
- data/spec/active_record/scenarios/engines/permit_engine/licenses_spec.rb +2 -2
- data/spec/active_record/scenarios/engines/permit_engine/role_groups_permits_spec.rb +2 -2
- data/spec/active_record/scenarios/shared/{can_tango.rb → cantango.rb} +1 -1
- data/spec/active_record/scenarios/shared/models/items.rb +0 -1
- data/spec/active_record/scenarios/shared/models/users.rb +6 -1
- data/spec/active_record/spec_helper.rb +6 -4
- data/spec/cantango/ability/cache/key_spec.rb +64 -0
- data/spec/cantango/ability/cache/{compiler_spec.rb → kompiler_spec.rb} +9 -21
- data/spec/cantango/ability/cache/reader_compile_spec.rb +42 -0
- data/spec/cantango/ability/cache/reader_spec.rb +33 -0
- data/spec/cantango/ability/cache/rules_cache_spec.rb +15 -0
- data/spec/cantango/ability/cache/session_cache_spec.rb +1 -1
- data/spec/cantango/ability/cache/writer_spec.rb +21 -0
- data/spec/cantango/ability/cache_spec.rb +6 -2
- data/spec/cantango/ability_filters_spec.rb +5 -10
- data/spec/cantango/ability_spec.rb +2 -3
- data/spec/cantango/api/attributes_spec.rb +27 -0
- data/spec/cantango/api/user/can_api_spec.rb +2 -2
- data/spec/cantango/api/user_account/can_api_spec.rb +2 -2
- data/spec/cantango/configuration/adapter_spec.rb +28 -0
- data/spec/cantango/configuration/engines/cache_spec.rb +2 -2
- data/spec/cantango/configuration/engines/permission_spec.rb +3 -3
- data/spec/cantango/configuration/engines/permit_spec.rb +1 -1
- data/spec/cantango/configuration/engines/store_shared.rb +3 -1
- data/spec/cantango/configuration/engines_spec.rb +106 -3
- data/spec/cantango/configuration/hash_registry_spec.rb +1 -1
- data/spec/cantango/configuration/permit_registry_spec.rb +14 -0
- data/spec/cantango/configuration/permits_spec.rb +25 -0
- data/spec/cantango/configuration/registry_spec.rb +1 -1
- data/spec/cantango/configuration/shared/registry_ex.rb +2 -1
- data/spec/cantango/configuration_spec.rb +5 -5
- data/spec/cantango/permission_engine/compiler_spec.rb +8 -0
- data/spec/cantango/permission_engine/permission_spec.rb +1 -1
- data/spec/cantango/permission_engine/yaml_store_spec.rb +14 -4
- data/spec/cantango/permission_engine_spec.rb +0 -0
- data/spec/cantango/permit_engine/account_permit_spec.rb +2 -4
- data/spec/cantango/permit_engine/builder/role_group_permits_spec.rb +4 -7
- data/spec/cantango/permit_engine/builder/role_permits_spec.rb +5 -6
- data/spec/cantango/permit_engine/builder/special_permits_spec.rb +3 -4
- data/spec/cantango/permit_engine/executor/system_spec.rb +2 -2
- data/spec/cantango/permit_engine/factory_spec.rb +2 -3
- data/spec/cantango/permit_engine/finder_spec.rb +144 -23
- data/spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb +4 -5
- data/spec/cantango/permit_engine/role_group_permit_spec.rb +1 -1
- data/spec/cantango/permit_engine/role_permit_spec.rb +6 -7
- data/spec/cantango/permit_engine/user_permit_spec.rb +2 -3
- data/spec/cantango/permit_engine_spec.rb +2 -0
- data/spec/cantango/permits/macros_spec.rb +41 -0
- data/spec/cantango/permits/permit_spec.rb +46 -0
- data/spec/cantango_spec.rb +13 -0
- data/spec/devise-dummy/app/helpers/application_helper.rb +7 -0
- data/spec/devise-dummy/app/views/articles/admin.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/admin_account.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/articles/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/comments/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/comments/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/admin.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/admin_account.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/guest.html.haml +1 -1
- data/spec/devise-dummy/app/views/concertos/index.html.haml +1 -1
- data/spec/devise-dummy/app/views/users/index.html.haml +1 -1
- data/spec/devise-dummy/config/initializers/cantango.rb +3 -3
- data/spec/devise-dummy/config/{cantango_permissions.yml → permissions.yml} +2 -1
- data/spec/devise-integration/concerto_spec.rb +1 -1
- data/spec/dummy/app/models/user.rb +1 -0
- data/spec/dummy/app/views/articles/admin.html.haml +1 -1
- data/spec/dummy/app/views/articles/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/articles/guest.html.haml +1 -1
- data/spec/dummy/app/views/articles/index.html.haml +1 -1
- data/spec/dummy/app/views/comments/guest.html.haml +1 -1
- data/spec/dummy/app/views/comments/index.html.haml +1 -1
- data/spec/dummy/app/views/concertos/admin.html.haml +1 -1
- data/spec/dummy/app/views/concertos/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/concertos/guest.html.haml +1 -1
- data/spec/dummy/app/views/concertos/index.html.haml +1 -1
- data/spec/dummy/app/views/posts/admin.html.haml +1 -1
- data/spec/dummy/app/views/posts/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/posts/guest.html.haml +1 -1
- data/spec/dummy/app/views/posts/index.html.haml +1 -1
- data/spec/dummy/app/views/users/admin.html.haml +1 -1
- data/spec/dummy/app/views/users/admin_account.html.haml +1 -1
- data/spec/dummy/app/views/users/guest.html.haml +1 -1
- data/spec/dummy/app/views/users/index.html.haml +1 -1
- data/spec/dummy/config/application.rb +1 -0
- data/spec/dummy/config/initializers/cantango.rb +1 -3
- data/spec/dummy/config/{cantango_permissions.yml → permissions.yml} +2 -2
- data/spec/dummy_spec_helper.rb +2 -0
- data/spec/entire_suite_spec.rb +2 -0
- data/spec/factories/user.rb +8 -0
- data/spec/factories/user_account.rb +6 -0
- data/spec/fixtures/config/permissions.yml +60 -19
- data/spec/fixtures/models/admin.rb +2 -0
- data/spec/fixtures/models/admin_account.rb +22 -0
- data/spec/fixtures/models/simple_roles.rb +5 -0
- data/spec/fixtures/models/user.rb +4 -0
- data/spec/helpers/dummy_app_ability.rb +2 -5
- data/spec/integration/cache_using_moneta_spec.rb +3 -1
- data/spec/integration/cache_using_session_spec.rb +2 -2
- data/spec/integration/user/articles_spec.rb +1 -1
- data/spec/integration/user/concerto_spec.rb +1 -1
- data/spec/spec_helper.rb +5 -5
- metadata +120 -95
- data/lib/cantango/ability/class_methods.rb +0 -27
- data/lib/cantango/api/aliases/account_permit.rb +0 -8
- data/lib/cantango/api/aliases/license.rb +0 -7
- data/lib/cantango/api/aliases/permit.rb +0 -9
- data/lib/cantango/api/aliases/role_group_permit.rb +0 -7
- data/lib/cantango/api/aliases/role_permit.rb +0 -7
- data/lib/cantango/api/aliases/user_permit.rb +0 -8
- data/lib/cantango/permission_engine/builder.rb +0 -6
- data/lib/cantango/permit_engine/role_permit/builder.rb +0 -46
- data/lib/cantango/rails/base_helpers.rb +0 -26
- data/lib/cantango/rails/controller_helpers.rb +0 -15
- data/lib/cantango/rails/view_helpers.rb +0 -15
- data/spec/active_record/scenarios/shared/permits/PERMITS README.textile +0 -3
- data/spec/active_record/scenarios/user_accounts/docs/USER_ACCOUNTS_SCENARIO.textile +0 -20
- data/spec/active_record/scenarios/user_accounts/docs/basic_rules_spec_possible_samples.txt +0 -84
- data/spec/factories.rb +0 -8
- data/spec/fixtures/config/cantango_permissions.yml +0 -48
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'yaml'
|
2
2
|
|
3
3
|
module CanTango
|
4
|
-
|
4
|
+
class PermissionEngine < Engine
|
5
5
|
class YamlStore < Store
|
6
6
|
attr_reader :path
|
7
7
|
|
@@ -30,7 +30,7 @@ module CanTango
|
|
30
30
|
@permissions ||= loader.permissions
|
31
31
|
end
|
32
32
|
|
33
|
-
CanTango.config.
|
33
|
+
CanTango.config.permission_engine.types.each do |type|
|
34
34
|
define_method(:"#{type}_permissions") do
|
35
35
|
loader.send(:"#{type}_permissions")
|
36
36
|
end
|
@@ -1,8 +1,33 @@
|
|
1
1
|
module CanTango
|
2
|
-
|
2
|
+
class PermitEngine < Engine
|
3
3
|
autoload_modules :Builder, :Compatibility, :Executor
|
4
|
-
autoload_modules :Factory, :Finder, :
|
5
|
-
|
6
|
-
|
4
|
+
autoload_modules :Factory, :Finder, :Loaders, :Util, :RoleMatcher
|
5
|
+
|
6
|
+
def initialize ability
|
7
|
+
super
|
8
|
+
end
|
9
|
+
|
10
|
+
def execute!
|
11
|
+
permits.each do |permit|
|
12
|
+
break if permit.execute == :break
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
# by default, only execute permits for which the user
|
17
|
+
# has a role or a role group
|
18
|
+
# also execute any permit marked as special
|
19
|
+
def permits
|
20
|
+
permit_factory.build!
|
21
|
+
end
|
22
|
+
|
23
|
+
def permit_class_names
|
24
|
+
@permit_class_names ||= permits.map{|p| p.class.to_s}
|
25
|
+
end
|
26
|
+
|
27
|
+
protected
|
28
|
+
|
29
|
+
def permit_factory
|
30
|
+
@permit_factory ||= CanTango::PermitEngine::Factory.new ability
|
31
|
+
end
|
7
32
|
end
|
8
33
|
end
|
@@ -1,8 +1,7 @@
|
|
1
1
|
module CanTango
|
2
|
-
|
2
|
+
class PermitEngine < Engine
|
3
3
|
module Builder
|
4
|
-
|
5
|
-
autoload :SpecialPermits, 'cantango/permit_engine/builder/special_permits'
|
4
|
+
autoload_modules :Base, :SpecialPermits
|
6
5
|
end
|
7
6
|
end
|
8
7
|
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
module CanTango
|
2
|
-
|
2
|
+
class PermitEngine < Engine
|
3
3
|
module Builder
|
4
4
|
class Base
|
5
5
|
attr_accessor :ability
|
@@ -13,6 +13,14 @@ module CanTango
|
|
13
13
|
|
14
14
|
protected
|
15
15
|
|
16
|
+
def finder
|
17
|
+
ns::Finder
|
18
|
+
end
|
19
|
+
|
20
|
+
def ns
|
21
|
+
self.class.to_s.gsub(/::Builder/, '').constantize
|
22
|
+
end
|
23
|
+
|
16
24
|
# Tries to create a new permit for the given role
|
17
25
|
# If no permit Class can be found, it should return nil
|
18
26
|
# @param [Symbol] the name
|
@@ -1,20 +1,19 @@
|
|
1
1
|
module CanTango
|
2
|
-
|
2
|
+
class PermitEngine < Engine
|
3
3
|
module Builder
|
4
|
-
class SpecialPermits < Base
|
4
|
+
class SpecialPermits < Base
|
5
5
|
def build
|
6
6
|
special_permits.map{|role| create_permit(role)}.compact
|
7
|
-
end
|
7
|
+
end
|
8
8
|
|
9
9
|
def special_permits
|
10
10
|
[:system, :any]
|
11
|
-
end
|
12
|
-
|
11
|
+
end
|
12
|
+
|
13
13
|
def finder
|
14
|
-
CanTango::
|
15
|
-
end
|
14
|
+
CanTango::Permits::RolePermit::Finder
|
15
|
+
end
|
16
16
|
end
|
17
17
|
end
|
18
|
-
|
19
18
|
end
|
20
19
|
end
|
@@ -1,10 +1,6 @@
|
|
1
|
-
require 'sugar-high/class_ext'
|
2
|
-
|
3
1
|
module CanTango
|
4
|
-
|
2
|
+
class PermitEngine < Engine
|
5
3
|
class Factory
|
6
|
-
include ClassExt
|
7
|
-
|
8
4
|
attr_accessor :ability, :builders
|
9
5
|
|
10
6
|
# creates the factory for the ability
|
@@ -28,7 +24,7 @@ module CanTango
|
|
28
24
|
|
29
25
|
def builder_class builder
|
30
26
|
return "CanTango::PermitEngine::Builder::SpecialPermits" if builder == :special
|
31
|
-
"CanTango::
|
27
|
+
"CanTango::Permits::#{builder.to_s.camelize}Permit::Builder"
|
32
28
|
end
|
33
29
|
|
34
30
|
def builders
|
@@ -39,7 +35,6 @@ module CanTango
|
|
39
35
|
ability.options
|
40
36
|
end
|
41
37
|
end
|
42
|
-
|
43
38
|
end
|
44
39
|
end
|
45
40
|
|
@@ -1,10 +1,7 @@
|
|
1
1
|
module CanTango
|
2
|
-
|
2
|
+
class PermitEngine < Engine
|
3
3
|
class Finder
|
4
|
-
include ClassExt
|
5
|
-
|
6
4
|
# This class is used to find the right permit, possible scoped for a specific user account
|
7
|
-
|
8
5
|
attr_reader :user_account, :name
|
9
6
|
|
10
7
|
def initialize user_account, name
|
@@ -13,13 +10,50 @@ module CanTango
|
|
13
10
|
end
|
14
11
|
|
15
12
|
def get_permit
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
13
|
+
raise find_error if !retrieve_permit
|
14
|
+
retrieve_permit
|
15
|
+
end
|
16
|
+
|
17
|
+
protected
|
18
|
+
|
19
|
+
def find_error
|
20
|
+
"Permit for #{type} #{name} could not be loaded. Define either class: #{account_permit_class} or #{permit_class}"
|
21
21
|
end
|
22
22
|
|
23
|
+
def retrieve_permit
|
24
|
+
@found_permit ||= [account_permit(name), permit(name)].compact.first
|
25
|
+
end
|
26
|
+
|
27
|
+
def account_permit name
|
28
|
+
|
29
|
+
# TODO: User/Account cases should be handled somehow following is just interim measure
|
30
|
+
return nil if !user_account.class.name =~ /Account/
|
31
|
+
account_permits_for_account.send(type).registered[name]
|
32
|
+
rescue
|
33
|
+
nil
|
34
|
+
end
|
35
|
+
|
36
|
+
def permit name
|
37
|
+
permits.send(type).registered[name]
|
38
|
+
end
|
39
|
+
|
40
|
+
def permits
|
41
|
+
CanTango.config.permits
|
42
|
+
end
|
43
|
+
|
44
|
+
# TODO: make proper account touching
|
45
|
+
|
46
|
+
def account_permits_for_account
|
47
|
+
account_permits.send(account)
|
48
|
+
end
|
49
|
+
|
50
|
+
def account_permits
|
51
|
+
CanTango.config.permits
|
52
|
+
end
|
53
|
+
|
54
|
+
def account
|
55
|
+
user_account.class.name.underscore
|
56
|
+
end
|
23
57
|
# this is used to namespace role permits for a specific type of user account
|
24
58
|
# this allows role permits to be defined differently for each user account (and hence sub application) if need be
|
25
59
|
# otherwise it will fall back to the generic role permit (the one which is not wrapped in a user account namespace)
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'active_support/inflector'
|
2
2
|
|
3
3
|
module CanTango
|
4
|
-
|
4
|
+
class PermitEngine < Engine
|
5
5
|
module Util
|
6
6
|
def permit_name clazz
|
7
7
|
@name ||= clazz.to_s.demodulize.gsub(/Role/,'').gsub(/Permit$/, '').gsub(/Group/,'').underscore.to_sym
|
@@ -17,3 +17,4 @@ module CanTango
|
|
17
17
|
end
|
18
18
|
end
|
19
19
|
end
|
20
|
+
|
@@ -1,12 +1,23 @@
|
|
1
1
|
module CanTango
|
2
|
-
module
|
3
|
-
class AccountPermit < CanTango::
|
2
|
+
module Permits
|
3
|
+
class AccountPermit < CanTango::Permit
|
4
4
|
|
5
5
|
autoload_modules :Builder, :Finder
|
6
6
|
|
7
|
-
|
7
|
+
def self.inherited(base_clazz)
|
8
|
+
CanTango.config.permits.register_permit_class account_type_name(base_clazz), base_clazz, type, account_name(base_clazz)
|
9
|
+
end
|
10
|
+
|
11
|
+
def self.type
|
12
|
+
:account
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.account_type_name clazz
|
16
|
+
clazz.name.demodulize.gsub(/(.*)(AccountPermit)/, '\1').underscore.to_sym
|
17
|
+
end
|
18
|
+
|
8
19
|
def account_type
|
9
|
-
self.class.
|
20
|
+
self.class.account_type_name self.class
|
10
21
|
end
|
11
22
|
|
12
23
|
# creates the permit
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module CanTango
|
2
|
-
module
|
3
|
-
class AccountPermit < CanTango::
|
2
|
+
module Permits
|
3
|
+
class AccountPermit < CanTango::Permit
|
4
4
|
class Builder < CanTango::PermitEngine::Builder::Base
|
5
5
|
# class NoAvailableRoles < StandardError; end
|
6
6
|
|
@@ -11,10 +11,6 @@ module CanTango
|
|
11
11
|
# raise NoAvailableRoles, "no available roles are defined" if available_roles.empty?
|
12
12
|
[] << create_permit(user_account.class.to_s)
|
13
13
|
end
|
14
|
-
|
15
|
-
def finder
|
16
|
-
CanTango::PermitEngine::AccountPermit::Finder
|
17
|
-
end
|
18
14
|
end
|
19
15
|
end
|
20
16
|
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
class Module
|
2
|
+
def tango_permit options = {}
|
3
|
+
name_from_class_name = CanTango::Permits::Permit.first_name self.to_s.split("::").last
|
4
|
+
name = options[:name] || name_from_class_name
|
5
|
+
|
6
|
+
account_from_class_name = CanTango::Permits::Permit.first_name self.to_s.split("::").first if (self.to_s.split("::").size > 1)
|
7
|
+
account = options[:account] || account_from_class_name
|
8
|
+
|
9
|
+
type = options[:type] || self.superclass.type
|
10
|
+
|
11
|
+
raise "Name of permit could not be determined, try specifying a :name option" if name.nil?
|
12
|
+
raise "Type of permit could not be determined, try specifying a :type option" if type.nil?
|
13
|
+
|
14
|
+
CanTango.config.permits.register_permit_class name, self, type, account
|
15
|
+
# return hash for debugging
|
16
|
+
{:name => name, :type => type, :account => account}
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
@@ -3,18 +3,30 @@ require 'sugar-high/array'
|
|
3
3
|
# The permit base class for both Role Permits and Role Group Permits
|
4
4
|
# Should contain all common logic
|
5
5
|
module CanTango
|
6
|
-
module
|
6
|
+
module Permits
|
7
7
|
class Permit
|
8
8
|
attr_reader :ability
|
9
9
|
|
10
10
|
# strategy is used to control the owns strategy (see rules.rb)
|
11
11
|
attr_reader :strategy
|
12
12
|
|
13
|
+
include CanTango::Api::Attributes
|
14
|
+
|
13
15
|
# creates the permit
|
14
16
|
def initialize ability
|
15
17
|
@ability = ability
|
16
18
|
end
|
17
19
|
|
20
|
+
def self.first_name clazz
|
21
|
+
clazz.to_s.gsub(/^([A-Za-z]+).*/, '\1').underscore.to_sym # first part of class name
|
22
|
+
end
|
23
|
+
|
24
|
+
|
25
|
+
def self.account_name clazz
|
26
|
+
return nil if clazz.name == clazz.name.demodulize
|
27
|
+
clazz.name.gsub(/::.*/,'').gsub(/(.*)Permits/, '\1').underscore.to_sym
|
28
|
+
end
|
29
|
+
|
18
30
|
# executes the permit
|
19
31
|
def execute
|
20
32
|
executor.execute!
|
@@ -1,11 +1,23 @@
|
|
1
1
|
module CanTango
|
2
|
-
module
|
3
|
-
class RoleGroupPermit < CanTango::
|
2
|
+
module Permits
|
3
|
+
class RoleGroupPermit < CanTango::Permit
|
4
4
|
|
5
5
|
autoload_modules :Builder, :Finder
|
6
6
|
|
7
|
+
def self.inherited(base_clazz)
|
8
|
+
CanTango.config.permits.register_permit_class role_group_name(base_clazz), base_clazz, type, account_name(base_clazz)
|
9
|
+
end
|
10
|
+
|
11
|
+
def self.type
|
12
|
+
:role_group
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.role_group_name clazz
|
16
|
+
clazz.name.demodulize.gsub(/(.*)(RoleGroupPermit)/, '\1').underscore.to_sym
|
17
|
+
end
|
18
|
+
|
7
19
|
def role_group
|
8
|
-
self.class.
|
20
|
+
self.class.role_group_name self.class
|
9
21
|
end
|
10
22
|
|
11
23
|
# creates the permit
|