RubyGems - cantango - Versions diffs - 0.8.0 - Mend

cantango 0.8.0

Files changed (578) hide show

data/.document +5 -0
data/.rspec +1 -0
data/Gemfile +58 -0
data/LICENSE.txt +20 -0
data/README.textile +211 -0
data/Rakefile +48 -0
data/VERSION +1 -0
data/cantango.gemspec +658 -0
data/ideas/feature_list.markdown +58 -0
data/lib/cantango.rb +32 -0
data/lib/cantango/ability.rb +56 -0
data/lib/cantango/ability/cache.rb +95 -0
data/lib/cantango/ability/cache/base_cache.rb +26 -0
data/lib/cantango/ability/cache/kompiler.rb +24 -0
data/lib/cantango/ability/cache/moneta_cache.rb +32 -0
data/lib/cantango/ability/cache/session_cache.rb +38 -0
data/lib/cantango/ability/class_methods.rb +27 -0
data/lib/cantango/ability/masquerade_helpers.rb +19 -0
data/lib/cantango/ability/permission_helpers.rb +20 -0
data/lib/cantango/ability/permit_helpers.rb +27 -0
data/lib/cantango/ability/role_helpers.rb +26 -0
data/lib/cantango/ability/scope.rb +20 -0
data/lib/cantango/ability/user_helpers.rb +22 -0
data/lib/cantango/api.rb +5 -0
data/lib/cantango/api/aliases.rb +8 -0
data/lib/cantango/api/aliases/account_permit.rb +8 -0
data/lib/cantango/api/aliases/license.rb +7 -0
data/lib/cantango/api/aliases/permit.rb +9 -0
data/lib/cantango/api/aliases/role_group_permit.rb +7 -0
data/lib/cantango/api/aliases/role_permit.rb +7 -0
data/lib/cantango/api/aliases/user_permit.rb +8 -0
data/lib/cantango/api/common.rb +10 -0
data/lib/cantango/api/options.rb +16 -0
data/lib/cantango/api/user.rb +20 -0
data/lib/cantango/api/user/ability.rb +38 -0
data/lib/cantango/api/user/can.rb +26 -0
data/lib/cantango/api/user/scope.rb +29 -0
data/lib/cantango/api/user_account.rb +20 -0
data/lib/cantango/api/user_account/ability.rb +44 -0
data/lib/cantango/api/user_account/can.rb +26 -0
data/lib/cantango/api/user_account/scope.rb +29 -0
data/lib/cantango/cache.rb +6 -0
data/lib/cantango/cache/moneta_cache.rb +68 -0
data/lib/cantango/cancan/rule.rb +6 -0
data/lib/cantango/configuration.rb +83 -0
data/lib/cantango/configuration/ability.rb +13 -0
data/lib/cantango/configuration/autoload.rb +38 -0
data/lib/cantango/configuration/categories.rb +55 -0
data/lib/cantango/configuration/engines.rb +49 -0
data/lib/cantango/configuration/engines/cache.rb +20 -0
data/lib/cantango/configuration/engines/engine.rb +31 -0
data/lib/cantango/configuration/engines/permission.rb +49 -0
data/lib/cantango/configuration/engines/permit.rb +26 -0
data/lib/cantango/configuration/engines/store.rb +24 -0
data/lib/cantango/configuration/factory.rb +59 -0
data/lib/cantango/configuration/guest.rb +57 -0
data/lib/cantango/configuration/hash_registry.rb +62 -0
data/lib/cantango/configuration/models.rb +48 -0
data/lib/cantango/configuration/registry.rb +53 -0
data/lib/cantango/configuration/role_groups.rb +15 -0
data/lib/cantango/configuration/role_registry.rb +43 -0
data/lib/cantango/configuration/roles.rb +16 -0
data/lib/cantango/configuration/user.rb +47 -0
data/lib/cantango/configuration/user_account.rb +23 -0
data/lib/cantango/configuration/user_accounts.rb +7 -0
data/lib/cantango/configuration/users.rb +7 -0
data/lib/cantango/helpers.rb +5 -0
data/lib/cantango/helpers/role_methods.rb +26 -0
data/lib/cantango/permission_engine.rb +7 -0
data/lib/cantango/permission_engine/builder.rb +6 -0
data/lib/cantango/permission_engine/collector.rb +43 -0
data/lib/cantango/permission_engine/compiler.rb +67 -0
data/lib/cantango/permission_engine/evaluator.rb +34 -0
data/lib/cantango/permission_engine/factory.rb +60 -0
data/lib/cantango/permission_engine/loader.rb +7 -0
data/lib/cantango/permission_engine/loader/base.rb +39 -0
data/lib/cantango/permission_engine/loader/categories.rb +50 -0
data/lib/cantango/permission_engine/loader/permissions.rb +66 -0
data/lib/cantango/permission_engine/moneta_store.rb +30 -0
data/lib/cantango/permission_engine/parser.rb +32 -0
data/lib/cantango/permission_engine/parser/categories.rb +18 -0
data/lib/cantango/permission_engine/parser/category.rb +34 -0
data/lib/cantango/permission_engine/parser/default.rb +20 -0
data/lib/cantango/permission_engine/parser/ownership.rb +32 -0
data/lib/cantango/permission_engine/parser/permissions.rb +33 -0
data/lib/cantango/permission_engine/parser/regex.rb +35 -0
data/lib/cantango/permission_engine/parser/relationship.rb +23 -0
data/lib/cantango/permission_engine/parser/rule.rb +31 -0
data/lib/cantango/permission_engine/permission.rb +40 -0
data/lib/cantango/permission_engine/selector.rb +16 -0
data/lib/cantango/permission_engine/selector/base.rb +19 -0
data/lib/cantango/permission_engine/selector/licenses.rb +19 -0
data/lib/cantango/permission_engine/selector/role_groups.rb +24 -0
data/lib/cantango/permission_engine/selector/roles.rb +25 -0
data/lib/cantango/permission_engine/selector/users.rb +22 -0
data/lib/cantango/permission_engine/statement.rb +14 -0
data/lib/cantango/permission_engine/statements.rb +35 -0
data/lib/cantango/permission_engine/store.rb +33 -0
data/lib/cantango/permission_engine/yaml_store.rb +108 -0
data/lib/cantango/permit_engine.rb +8 -0
data/lib/cantango/permit_engine/account_permit.rb +41 -0
data/lib/cantango/permit_engine/account_permit/builder.rb +22 -0
data/lib/cantango/permit_engine/account_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/builder.rb +8 -0
data/lib/cantango/permit_engine/builder/base.rb +50 -0
data/lib/cantango/permit_engine/builder/special_permits.rb +20 -0
data/lib/cantango/permit_engine/compatibility.rb +20 -0
data/lib/cantango/permit_engine/executor.rb +7 -0
data/lib/cantango/permit_engine/executor/abstract.rb +40 -0
data/lib/cantango/permit_engine/executor/base.rb +51 -0
data/lib/cantango/permit_engine/executor/system.rb +13 -0
data/lib/cantango/permit_engine/factory.rb +45 -0
data/lib/cantango/permit_engine/finder.rb +39 -0
data/lib/cantango/permit_engine/license.rb +37 -0
data/lib/cantango/permit_engine/license/loader.rb +19 -0
data/lib/cantango/permit_engine/license/rules.rb +17 -0
data/lib/cantango/permit_engine/permit.rb +149 -0
data/lib/cantango/permit_engine/role_group_permit.rb +37 -0
data/lib/cantango/permit_engine/role_group_permit/builder.rb +47 -0
data/lib/cantango/permit_engine/role_group_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/role_matcher.rb +13 -0
data/lib/cantango/permit_engine/role_permit.rb +38 -0
data/lib/cantango/permit_engine/role_permit/builder.rb +46 -0
data/lib/cantango/permit_engine/role_permit/finder.rb +19 -0
data/lib/cantango/permit_engine/user_permit.rb +40 -0
data/lib/cantango/permit_engine/user_permit/builder.rb +21 -0
data/lib/cantango/permit_engine/user_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/util.rb +19 -0
data/lib/cantango/rails.rb +5 -0
data/lib/cantango/rails/base_helpers.rb +26 -0
data/lib/cantango/rails/controller_helpers.rb +15 -0
data/lib/cantango/rails/engine.rb +47 -0
data/lib/cantango/rails/railtie.rb +7 -0
data/lib/cantango/rails/view_helpers.rb +15 -0
data/lib/cantango/rspec.rb +1 -0
data/lib/cantango/rspec/config.rb +9 -0
data/lib/cantango/rspec/matchers.rb +9 -0
data/lib/cantango/rspec/matchers/be_allowed_to.rb +26 -0
data/lib/cantango/rspec/matchers/have_license.rb +11 -0
data/lib/cantango/rspec/matchers/have_license_class.rb +14 -0
data/lib/cantango/rspec/matchers/have_license_file.rb +82 -0
data/lib/cantango/rules.rb +23 -0
data/lib/cantango/rules/adaptor.rb +32 -0
data/lib/cantango/rules/adaptor/active_record.rb +13 -0
data/lib/cantango/rules/adaptor/generic.rb +16 -0
data/lib/cantango/rules/adaptor/mongoid.rb +13 -0
data/lib/cantango/rules/dsl.rb +24 -0
data/lib/cantango/rules/rule_class.rb +11 -0
data/lib/cantango/rules/scope.rb +24 -0
data/lib/cantango/rules/user_relation.rb +68 -0
data/lib/cantango/users.rb +5 -0
data/lib/cantango/users/macros.rb +9 -0
data/lib/cantango/users/masquerade.rb +22 -0
data/lib/cantango/users/masquerade/session_active_user.rb +18 -0
data/lib/cantango/users/user.rb +30 -0
data/lib/cantango/users/user_account.rb +23 -0
data/lib/generators/cantango/base.rb +52 -0
data/lib/generators/cantango/license/license_generator.rb +34 -0
data/lib/generators/cantango/license/templates/license.erb +10 -0
data/lib/generators/cantango/license_base.rb +15 -0
data/lib/generators/cantango/licenses/licenses_generator.rb +31 -0
data/lib/generators/cantango/permit_generator.rb +36 -0
data/lib/generators/cantango/role_permit/role_permit_generator.rb +42 -0
data/lib/generators/cantango/role_permit/templates/account_permit.erb +4 -0
data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +14 -0
data/lib/generators/cantango/role_permit/templates/role_permit.erb +13 -0
data/lib/generators/cantango/role_permits/role_permits_generator.rb +127 -0
data/spec/Note_on_licenses.textile +44 -0
data/spec/Refactor_into_engines.textile +115 -0
data/spec/TODO +7 -0
data/spec/active_record/AR_README.textile +20 -0
data/spec/active_record/config_helper.rb +108 -0
data/spec/active_record/db/database.yml +4 -0
data/spec/active_record/helper/ar_config.rb +19 -0
data/spec/active_record/helper/permits_config.rb +12 -0
data/spec/active_record/helper/rails_config.rb +6 -0
data/spec/active_record/helper/rspec_config.rb +20 -0
data/spec/active_record/migrations/001_create_user.rb +14 -0
data/spec/active_record/migrations/002_create_comment.rb +13 -0
data/spec/active_record/migrations/003_create_post.rb +13 -0
data/spec/active_record/migrations/004_create_article.rb +13 -0
data/spec/active_record/migrations/005_create_account.rb +13 -0
data/spec/active_record/migrations/006_create_todo.rb +12 -0
data/spec/active_record/migrations/007_create_user_todos.rb +13 -0
data/spec/active_record/scenarios/SCENARIOS README.textile +19 -0
data/spec/active_record/scenarios/engines/permission_engine/cantango_permissions.yml +63 -0
data/spec/active_record/scenarios/engines/permission_engine/categories.yml +6 -0
data/spec/active_record/scenarios/engines/permission_engine/tango_permission_yml_spec.rb +77 -0
data/spec/active_record/scenarios/engines/permission_engine/users.rb +88 -0
data/spec/active_record/scenarios/engines/permit_engine/licenses_spec.rb +37 -0
data/spec/active_record/scenarios/engines/permit_engine/role_groups_permits_spec.rb +35 -0
data/spec/active_record/scenarios/guest_user_admin/admin_user_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/docs/GUEST_ADMIN_USER_SCENARIO.textile +20 -0
data/spec/active_record/scenarios/guest_user_admin/editor_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/guest_user_spec.rb +16 -0
data/spec/active_record/scenarios/guest_user_admin/user_having_user_and_editor_roles_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/user_spec.rb +32 -0
data/spec/active_record/scenarios/masquerading/masquerading_for_admin_account_spec.rb +41 -0
data/spec/active_record/scenarios/masquerading/masquerading_for_admin_user_spec.rb +38 -0
data/spec/active_record/scenarios/shared/api.rb +4 -0
data/spec/active_record/scenarios/shared/can_tango.rb +2 -0
data/spec/active_record/scenarios/shared/examples/user_accounts.rb +47 -0
data/spec/active_record/scenarios/shared/examples/users.rb +85 -0
data/spec/active_record/scenarios/shared/licenses/musicians_license.rb +12 -0
data/spec/active_record/scenarios/shared/models/items.rb +26 -0
data/spec/active_record/scenarios/shared/models/todo.rb +4 -0
data/spec/active_record/scenarios/shared/models/user_todo.rb +4 -0
data/spec/active_record/scenarios/shared/models/users.rb +46 -0
data/spec/active_record/scenarios/shared/permits/PERMITS README.textile +3 -0
data/spec/active_record/scenarios/shared/permits/account_permits/admin_account_permit.rb +30 -0
data/spec/active_record/scenarios/shared/permits/account_permits/guest_account_permit.rb +16 -0
data/spec/active_record/scenarios/shared/permits/account_permits/user_account_permit.rb +46 -0
data/spec/active_record/scenarios/shared/permits/role/admin_permit.rb +11 -0
data/spec/active_record/scenarios/shared/permits/role/editor_permit.rb +42 -0
data/spec/active_record/scenarios/shared/permits/role/guest_permit.rb +26 -0
data/spec/active_record/scenarios/shared/permits/role/super_admin_permit.rb +9 -0
data/spec/active_record/scenarios/shared/permits/role/user_permit.rb +49 -0
data/spec/active_record/scenarios/shared/permits/role_group/bloggers_permit.rb +8 -0
data/spec/active_record/scenarios/shared/permits/role_group/musicians_permit.rb +9 -0
data/spec/active_record/scenarios/shared/permits/special/any_role_permit.rb +10 -0
data/spec/active_record/scenarios/shared/permits/special/system_role_permit.rb +10 -0
data/spec/active_record/scenarios/user_accounts/admin_account_spec.rb +34 -0
data/spec/active_record/scenarios/user_accounts/config/account_permits.yml +0 -0
data/spec/active_record/scenarios/user_accounts/docs/USER_ACCOUNTS_SCENARIO.textile +20 -0
data/spec/active_record/scenarios/user_accounts/docs/basic_rules_spec_possible_samples.txt +84 -0
data/spec/active_record/scenarios/user_accounts/guest_account_spec.rb +34 -0
data/spec/active_record/scenarios/user_accounts/helpers.rb +5 -0
data/spec/active_record/scenarios/user_accounts/helpers/account_setup.rb +41 -0
data/spec/active_record/scenarios/user_accounts/helpers/user_factory.rb +19 -0
data/spec/active_record/scenarios/user_accounts/permits/admin_account_permit.rb +28 -0
data/spec/active_record/scenarios/user_accounts/permits/guest_account_permit.rb +14 -0
data/spec/active_record/scenarios/user_accounts/permits/user_account_permit.rb +43 -0
data/spec/active_record/scenarios/user_accounts/user_account_spec.rb +36 -0
data/spec/active_record/spec_helper.rb +19 -0
data/spec/cantango/README.textile +3 -0
data/spec/cantango/ability/cache/compiler_spec.rb +45 -0
data/spec/cantango/ability/cache/session_cache_spec.rb +11 -0
data/spec/cantango/ability/cache_spec.rb +107 -0
data/spec/cantango/ability_filters_spec.rb +128 -0
data/spec/cantango/ability_spec.rb +74 -0
data/spec/cantango/api/current_user_accounts.rb +14 -0
data/spec/cantango/api/current_users.rb +10 -0
data/spec/cantango/api/user/ability_api_spec.rb +44 -0
data/spec/cantango/api/user/can_api_spec.rb +109 -0
data/spec/cantango/api/user/scope_api_spec.rb +65 -0
data/spec/cantango/api/user_account/ability_api_spec.rb +29 -0
data/spec/cantango/api/user_account/can_api_spec.rb +82 -0
data/spec/cantango/api/user_account/scope_api_spec.rb +0 -0
data/spec/cantango/api/user_account_api_spec.rb +0 -0
data/spec/cantango/api/user_api_spec.rb +0 -0
data/spec/cantango/configuration/ability_spec.rb +13 -0
data/spec/cantango/configuration/autoload_spec.rb +53 -0
data/spec/cantango/configuration/categories_spec.rb +60 -0
data/spec/cantango/configuration/engines/cache_spec.rb +19 -0
data/spec/cantango/configuration/engines/engine_shared.rb +22 -0
data/spec/cantango/configuration/engines/permission_spec.rb +31 -0
data/spec/cantango/configuration/engines/permit_spec.rb +16 -0
data/spec/cantango/configuration/engines/store_engine_shared.rb +16 -0
data/spec/cantango/configuration/engines/store_shared.rb +36 -0
data/spec/cantango/configuration/engines_spec.rb +41 -0
data/spec/cantango/configuration/factory_spec.rb +20 -0
data/spec/cantango/configuration/guest/find_guest_default_way_spec.rb +33 -0
data/spec/cantango/configuration/guest_spec.rb +62 -0
data/spec/cantango/configuration/hash_registry_spec.rb +17 -0
data/spec/cantango/configuration/registry_spec.rb +17 -0
data/spec/cantango/configuration/role_groups_spec.rb +15 -0
data/spec/cantango/configuration/roles_spec.rb +16 -0
data/spec/cantango/configuration/shared/factory_ex.rb +40 -0
data/spec/cantango/configuration/shared/hash_registry_ex.rb +65 -0
data/spec/cantango/configuration/shared/registry_ex.rb +39 -0
data/spec/cantango/configuration/shared/role_registry_ex.rb +22 -0
data/spec/cantango/configuration/user_account_spec.rb +26 -0
data/spec/cantango/configuration/user_spec.rb +46 -0
data/spec/cantango/configuration_spec.rb +42 -0
data/spec/cantango/license/save_license_spec.rb +24 -0
data/spec/cantango/models/items.rb +12 -0
data/spec/cantango/models/users.rb +13 -0
data/spec/cantango/moneta_spec.rb +31 -0
data/spec/cantango/parser/categories_spec.rb +0 -0
data/spec/cantango/parser/permissions_spec.rb +0 -0
data/spec/cantango/permission_engine/PERMISSION_STORE.textile +75 -0
data/spec/cantango/permission_engine/categories_store_spec.rb +10 -0
data/spec/cantango/permission_engine/compiler_spec.rb +32 -0
data/spec/cantango/permission_engine/loader/categories_spec.rb +19 -0
data/spec/cantango/permission_engine/loader/permissions/cantango_permissions_loader.rb +27 -0
data/spec/cantango/permission_engine/loader/permissions/shared.rb +9 -0
data/spec/cantango/permission_engine/moneta_store_spec.rb +0 -0
data/spec/cantango/permission_engine/parser_spec.rb +39 -0
data/spec/cantango/permission_engine/permission_spec.rb +35 -0
data/spec/cantango/permission_engine/permission_store_spec.rb +10 -0
data/spec/cantango/permission_engine/shared_examples.rb +22 -0
data/spec/cantango/permission_engine/store_spec.rb +8 -0
data/spec/cantango/permission_engine/user_permission_store_spec.rb +12 -0
data/spec/cantango/permission_engine/yaml_store_spec.rb +83 -0
data/spec/cantango/permit_engine/account_permit_spec.rb +47 -0
data/spec/cantango/permit_engine/builder/role_group_permits_spec.rb +63 -0
data/spec/cantango/permit_engine/builder/role_permits_spec.rb +58 -0
data/spec/cantango/permit_engine/builder/special_permits_spec.rb +42 -0
data/spec/cantango/permit_engine/executor/system_spec.rb +61 -0
data/spec/cantango/permit_engine/factory_spec.rb +50 -0
data/spec/cantango/permit_engine/finder_spec.rb +70 -0
data/spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb +74 -0
data/spec/cantango/permit_engine/role_group_permit_spec.rb +43 -0
data/spec/cantango/permit_engine/role_permit_spec.rb +44 -0
data/spec/cantango/permit_engine/user_permit_spec.rb +41 -0
data/spec/cantango/rules_spec.rb +55 -0
data/spec/devise-dummy/Rakefile +7 -0
data/spec/devise-dummy/app/controllers/accounts_controller.rb +25 -0
data/spec/devise-dummy/app/controllers/application_controller.rb +3 -0
data/spec/devise-dummy/app/controllers/articles_controller.rb +48 -0
data/spec/devise-dummy/app/controllers/comments_controller.rb +40 -0
data/spec/devise-dummy/app/controllers/concertos_controller.rb +49 -0
data/spec/devise-dummy/app/controllers/main_controller.rb +8 -0
data/spec/devise-dummy/app/controllers/posts_controller.rb +49 -0
data/spec/devise-dummy/app/controllers/users_controller.rb +25 -0
data/spec/devise-dummy/app/helpers/application_helper.rb +2 -0
data/spec/devise-dummy/app/models/account_setup.rb +41 -0
data/spec/devise-dummy/app/models/admin.rb +11 -0
data/spec/devise-dummy/app/models/article.rb +6 -0
data/spec/devise-dummy/app/models/comment.rb +5 -0
data/spec/devise-dummy/app/models/concerto.rb +6 -0
data/spec/devise-dummy/app/models/guest.rb +34 -0
data/spec/devise-dummy/app/models/improvisation.rb +2 -0
data/spec/devise-dummy/app/models/post.rb +5 -0
data/spec/devise-dummy/app/models/song.rb +3 -0
data/spec/devise-dummy/app/models/tune.rb +3 -0
data/spec/devise-dummy/app/models/user.rb +22 -0
data/spec/devise-dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
data/spec/devise-dummy/app/permits/licenses/bloggers_license.rb +12 -0
data/spec/devise-dummy/app/permits/licenses/musicians_license.rb +13 -0
data/spec/devise-dummy/app/permits/role_groups/editor_permit.rb +13 -0
data/spec/devise-dummy/app/permits/roles/admin_permit.rb +12 -0
data/spec/devise-dummy/app/permits/roles/guest_permit.rb +12 -0
data/spec/devise-dummy/app/permits/roles/user_permit.rb +14 -0
data/spec/devise-dummy/app/views/articles/admin.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/index.html.haml +23 -0
data/spec/devise-dummy/app/views/articles/show.html.haml +10 -0
data/spec/devise-dummy/app/views/comments/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/comments/index.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/admin.html.haml +19 -0
data/spec/devise-dummy/app/views/concertos/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/index.html.haml +19 -0
data/spec/devise-dummy/app/views/concertos/show.html.haml +10 -0
data/spec/devise-dummy/app/views/devise/confirmations/new.html.erb +12 -0
data/spec/devise-dummy/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
data/spec/devise-dummy/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
data/spec/devise-dummy/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
data/spec/devise-dummy/app/views/devise/passwords/edit.html.erb +16 -0
data/spec/devise-dummy/app/views/devise/passwords/new.html.erb +12 -0
data/spec/devise-dummy/app/views/devise/registrations/edit.html.erb +25 -0
data/spec/devise-dummy/app/views/devise/registrations/new.html.erb +18 -0
data/spec/devise-dummy/app/views/devise/sessions/new.html.erb +17 -0
data/spec/devise-dummy/app/views/devise/shared/_links.erb +25 -0
data/spec/devise-dummy/app/views/devise/unlocks/new.html.erb +12 -0
data/spec/devise-dummy/app/views/layouts/application.html.erb +14 -0
data/spec/devise-dummy/app/views/main/index.html.haml +1 -0
data/spec/devise-dummy/app/views/posts/admin.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/index.html.haml +19 -0
data/spec/devise-dummy/app/views/posts/show.html.haml +11 -0
data/spec/devise-dummy/app/views/users/admin.html.haml +19 -0
data/spec/devise-dummy/app/views/users/admin_account.html.haml +19 -0
data/spec/devise-dummy/app/views/users/guest.html.haml +19 -0
data/spec/devise-dummy/app/views/users/index.html.haml +19 -0
data/spec/devise-dummy/app/views/users/show.html.haml +11 -0
data/spec/devise-dummy/config.ru +4 -0
data/spec/devise-dummy/config/application.rb +46 -0
data/spec/devise-dummy/config/boot.rb +10 -0
data/spec/devise-dummy/config/cantango_permissions.yml +50 -0
data/spec/devise-dummy/config/categories.yml +10 -0
data/spec/devise-dummy/config/database.yml +22 -0
data/spec/devise-dummy/config/environment.rb +5 -0
data/spec/devise-dummy/config/environments/development.rb +26 -0
data/spec/devise-dummy/config/environments/production.rb +49 -0
data/spec/devise-dummy/config/environments/test.rb +35 -0
data/spec/devise-dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/devise-dummy/config/initializers/cantango.rb +8 -0
data/spec/devise-dummy/config/initializers/devise.rb +204 -0
data/spec/devise-dummy/config/initializers/inflections.rb +10 -0
data/spec/devise-dummy/config/initializers/mime_types.rb +5 -0
data/spec/devise-dummy/config/initializers/secret_token.rb +7 -0
data/spec/devise-dummy/config/initializers/session_store.rb +8 -0
data/spec/devise-dummy/config/initializers/simple_roles.rb +42 -0
data/spec/devise-dummy/config/locales/devise.en.yml +53 -0
data/spec/devise-dummy/config/locales/en.yml +5 -0
data/spec/devise-dummy/config/routes.rb +88 -0
data/spec/devise-dummy/db/migrate/002_create_comment.rb +13 -0
data/spec/devise-dummy/db/migrate/003_create_post.rb +14 -0
data/spec/devise-dummy/db/migrate/004_create_article.rb +14 -0
data/spec/devise-dummy/db/migrate/005_create_account.rb +13 -0
data/spec/devise-dummy/db/migrate/006_create_concerto.rb +14 -0
data/spec/devise-dummy/db/migrate/007_devise_create_users.rb +31 -0
data/spec/devise-dummy/db/schema.rb +75 -0
data/spec/devise-dummy/db/seeds.rb +5 -0
data/spec/devise-dummy/db/users.txt +7 -0
data/spec/devise-dummy/public/404.html +26 -0
data/spec/devise-dummy/public/422.html +26 -0
data/spec/devise-dummy/public/500.html +26 -0
data/spec/devise-dummy/public/favicon.ico +0 -0
data/spec/devise-dummy/public/javascripts/application.js +2 -0
data/spec/devise-dummy/public/javascripts/controls.js +965 -0
data/spec/devise-dummy/public/javascripts/dragdrop.js +974 -0
data/spec/devise-dummy/public/javascripts/effects.js +1123 -0
data/spec/devise-dummy/public/javascripts/prototype.js +6001 -0
data/spec/devise-dummy/public/javascripts/rails.js +191 -0
data/spec/devise-dummy/public/stylesheets/.gitkeep +0 -0
data/spec/devise-dummy/script/rails +6 -0
data/spec/devise-dummy_spec_helper.rb +41 -0
data/spec/devise-integration/concerto_spec.rb +80 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/controllers/accounts_controller.rb +23 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/controllers/articles_controller.rb +55 -0
data/spec/dummy/app/controllers/comments_controller.rb +38 -0
data/spec/dummy/app/controllers/concertos_controller.rb +43 -0
data/spec/dummy/app/controllers/main_controller.rb +8 -0
data/spec/dummy/app/controllers/posts_controller.rb +47 -0
data/spec/dummy/app/controllers/sessions_controller.rb +16 -0
data/spec/dummy/app/controllers/users_controller.rb +23 -0
data/spec/dummy/app/helpers/application_helper.rb +37 -0
data/spec/dummy/app/models/account_setup.rb +41 -0
data/spec/dummy/app/models/admin.rb +4 -0
data/spec/dummy/app/models/article.rb +6 -0
data/spec/dummy/app/models/comment.rb +5 -0
data/spec/dummy/app/models/concerto.rb +6 -0
data/spec/dummy/app/models/guest.rb +27 -0
data/spec/dummy/app/models/improvisation.rb +2 -0
data/spec/dummy/app/models/post.rb +5 -0
data/spec/dummy/app/models/song.rb +3 -0
data/spec/dummy/app/models/tune.rb +3 -0
data/spec/dummy/app/models/user.rb +12 -0
data/spec/dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
data/spec/dummy/app/permits/licenses/bloggers_license.rb +12 -0
data/spec/dummy/app/permits/licenses/musicians_license.rb +13 -0
data/spec/dummy/app/permits/role_groups/editor_permit.rb +13 -0
data/spec/dummy/app/permits/roles/admin_permit.rb +12 -0
data/spec/dummy/app/permits/roles/guest_permit.rb +12 -0
data/spec/dummy/app/permits/roles/user_permit.rb +18 -0
data/spec/dummy/app/views/articles/admin.html.haml +20 -0
data/spec/dummy/app/views/articles/admin_account.html.haml +20 -0
data/spec/dummy/app/views/articles/guest.html.haml +20 -0
data/spec/dummy/app/views/articles/index.html.haml +23 -0
data/spec/dummy/app/views/articles/show.html.haml +10 -0
data/spec/dummy/app/views/comments/guest.html.haml +20 -0
data/spec/dummy/app/views/comments/index.html.haml +20 -0
data/spec/dummy/app/views/concertos/admin.html.haml +20 -0
data/spec/dummy/app/views/concertos/admin_account.html.haml +20 -0
data/spec/dummy/app/views/concertos/guest.html.haml +20 -0
data/spec/dummy/app/views/concertos/index.html.haml +19 -0
data/spec/dummy/app/views/concertos/show.html.haml +10 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/app/views/main/index.html.haml +1 -0
data/spec/dummy/app/views/posts/admin.html.haml +20 -0
data/spec/dummy/app/views/posts/admin_account.html.haml +20 -0
data/spec/dummy/app/views/posts/guest.html.haml +20 -0
data/spec/dummy/app/views/posts/index.html.haml +19 -0
data/spec/dummy/app/views/posts/show.html.haml +11 -0
data/spec/dummy/app/views/users/admin.html.haml +19 -0
data/spec/dummy/app/views/users/admin_account.html.haml +19 -0
data/spec/dummy/app/views/users/guest.html.haml +19 -0
data/spec/dummy/app/views/users/index.html.haml +19 -0
data/spec/dummy/app/views/users/show.html.haml +11 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/config/application.rb +43 -0
data/spec/dummy/config/boot.rb +10 -0
data/spec/dummy/config/cantango_permissions.yml +50 -0
data/spec/dummy/config/categories.yml +10 -0
data/spec/dummy/config/database.yml +22 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +26 -0
data/spec/dummy/config/environments/production.rb +49 -0
data/spec/dummy/config/environments/test.rb +35 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cantango.rb +5 -0
data/spec/dummy/config/initializers/inflections.rb +10 -0
data/spec/dummy/config/initializers/mime_types.rb +5 -0
data/spec/dummy/config/initializers/secret_token.rb +7 -0
data/spec/dummy/config/initializers/session_store.rb +8 -0
data/spec/dummy/config/initializers/simple_roles.rb +44 -0
data/spec/dummy/config/locales/en.yml +5 -0
data/spec/dummy/config/routes.rb +84 -0
data/spec/dummy/db/migrate/001_create_user.rb +16 -0
data/spec/dummy/db/migrate/002_create_comment.rb +13 -0
data/spec/dummy/db/migrate/003_create_post.rb +14 -0
data/spec/dummy/db/migrate/004_create_article.rb +14 -0
data/spec/dummy/db/migrate/005_create_account.rb +13 -0
data/spec/dummy/db/migrate/006_create_concerto.rb +14 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +26 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/public/javascripts/application.js +2 -0
data/spec/dummy/public/javascripts/controls.js +965 -0
data/spec/dummy/public/javascripts/dragdrop.js +974 -0
data/spec/dummy/public/javascripts/effects.js +1123 -0
data/spec/dummy/public/javascripts/prototype.js +6001 -0
data/spec/dummy/public/javascripts/rails.js +191 -0
data/spec/dummy/public/stylesheets/.gitkeep +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/dummy/tmp/pids/server.pid +1 -0
data/spec/dummy_spec_helper.rb +43 -0
data/spec/entire_suite_spec.rb +15 -0
data/spec/factories.rb +8 -0
data/spec/fixtures/config/cantango_permissions.yml +48 -0
data/spec/fixtures/config/categories.yml +6 -0
data/spec/fixtures/config/evaluator_fixtures.yml +18 -0
data/spec/fixtures/config/licenses.yml +4 -0
data/spec/fixtures/config/permissions.yml +19 -0
data/spec/fixtures/config/role_group.yml +4 -0
data/spec/fixtures/config/roles.yml +4 -0
data/spec/fixtures/config/user_permissions.yml +8 -0
data/spec/fixtures/models.rb +2 -0
data/spec/fixtures/models/items.rb +8 -0
data/spec/fixtures/models/simple_roles.rb +44 -0
data/spec/fixtures/models/user.rb +22 -0
data/spec/fixtures/models/user_account.rb +21 -0
data/spec/fixtures/tango_fixtures.rb +29 -0
data/spec/generators/cantango/account_role_permit_generator_spec.rb +35 -0
data/spec/generators/cantango/account_role_permits_generator_spec.rb +59 -0
data/spec/generators/cantango/license_generator_spec.rb +33 -0
data/spec/generators/cantango/licenses_generator_spec.rb +58 -0
data/spec/generators/cantango/role_permit_generator_spec.rb +35 -0
data/spec/generators/cantango/role_permits_generator_spec.rb +58 -0
data/spec/helpers/dummy_app_ability.rb +26 -0
data/spec/integration/Design_notes.textile +30 -0
data/spec/integration/admin_user/masquerade_spec.rb +22 -0
data/spec/integration/cache_using_moneta_spec.rb +46 -0
data/spec/integration/cache_using_session_spec.rb +46 -0
data/spec/integration/main_spec.rb +16 -0
data/spec/integration/performance/ability_initialize_performance.rb +54 -0
data/spec/integration/performance/cache_performance.rb +31 -0
data/spec/integration/performance/can_performance.rb +54 -0
data/spec/integration/performance/helpers/ability.rb +44 -0
data/spec/integration/performance/helpers/ability_api.rb +44 -0
data/spec/integration/performance/helpers/ability_raw.rb +8 -0
data/spec/integration/performance/helpers/cache.rb +37 -0
data/spec/integration/performance/helpers/rules.rb +12 -0
data/spec/integration/performance/integral_performance_caching_disabled.rb +33 -0
data/spec/integration/performance/integral_performance_caching_enabled.rb +33 -0
data/spec/integration/performance/raw_performance.rb +11 -0
data/spec/integration/user/articles_spec.rb +39 -0
data/spec/integration/user/concerto_spec.rb +39 -0
data/spec/note_on_caching_and_dynamic.textile +114 -0
data/spec/path_helper.rb +9 -0
data/spec/simple_roles.rb +46 -0
data/spec/spec_helper.rb +22 -0
data/wiki/ability/initialize.markdown +45 -0
data/wiki/api/user/api.markdown +88 -0
data/wiki/api/user_account/api.markdown +88 -0
data/wiki/config/ability.markdown +18 -0
data/wiki/config/autoload.markdown +31 -0
data/wiki/config/guest.markdown +49 -0
data/wiki/config/models_registration.markdown +16 -0
data/wiki/config/role_groups.markdown +1 -0
data/wiki/config/roles.markdown +1 -0
data/wiki/engines/cache/config.markdown +31 -0
data/wiki/engines/cache/session_store.markdown +0 -0
data/wiki/engines/cache/store.markdown +6 -0
data/wiki/engines/permissions/categories.markdown +33 -0
data/wiki/engines/permissions/config.markdown +60 -0
data/wiki/engines/permissions/moneta_store.markdown +0 -0
data/wiki/engines/permissions/store.markdown +0 -0
data/wiki/engines/permissions/yaml_store.markdown +0 -0
data/wiki/engines/permits/config.markdown +0 -0
data/wiki/engines/permits/licenses.markdown +0 -0
data/wiki/engines/permits/role_groups.markdown +0 -0
data/wiki/engines/permits/roles.markdown +0 -0
data/wiki/engines/permits/user_accounts.markdown +0 -0
data/wiki/feature_list.markdown +39 -0
data/wiki/rules_caching.markdown +17 -0
data/wiki/users/masquerading.markdown +29 -0
data/wiki/when_to_use.markdown +64 -0
data/wiki/why_to_use.markdown +11 -0
metadata +788 -0

data/spec/integration/performance/raw_performance.rb ADDED Viewed

@@ -0,0 +1,11 @@
+require 'dummy_spec_helper'
+require'integration/performance/helpers/ability_raw'
+describe "CanTango::Ability raw performance (without rails)" do
+  it "total without engines" do
+    @user = User.create!(:name => "Stanislaw")
+    CanTangoTest.new(@user)
+  end
+end

data/spec/integration/user/articles_spec.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'dummy_spec_helper'
+feature "Articles", %q{
+  In order to have an awesome blog
+  As an author
+  I want to create and manage articles
+} do
+  background do
+    Article.create!(:title => 'one')
+    Article.create!(:title => 'two')
+    @user = User.create! :name => 'stanislaw', :role => 'user', :email => 'stanislaw@mail.ru'
+    @editor = User.create! :name => 'editor', :role => 'editor', :email => 'editor@mail.ru'
+  end
+  scenario "Article index" do
+    visit '/articles'
+    page.should have_content('one')
+    page.should have_content('two')
+  end
+  scenario "Show article to user stanislaw" do
+    visit '/login_user/stanislaw'
+    visit '/articles/one' # using friendly id :)
+    page.should have_content('one')
+    visit '/articles/two'
+    page.should have_content('two')
+  end
+  scenario "Show article to editor" do
+    visit '/login_user/editor'
+    visit '/articles/one' # using friendly id :)
+    page.should have_content('one')
+    #page.should have_content('two')
+  end
+end

data/spec/integration/user/concerto_spec.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'dummy_spec_helper'
+feature "Concertos", %q{
+  In order to have an awesome musical pages
+  As an user having role_groups 'composers'
+  I want to do something with concertos (According to role_groups)
+} do
+  background do
+    Concerto.create!(:title => 'one')
+    Concerto.create!(:title => 'two')
+    @composer = User.create!(:name => 'composer', :role_groups => 'composers', :email => 'stanislaw@mail.ru')
+    @musician = User.create! :name => 'musician', :role_groups => 'musicians', :email => 'editor@mail.ru'
+  end
+  scenario "Concerto index" do
+    visit '/concertos'
+    page.should have_content('one')
+    page.should have_content('two')
+  end
+  scenario "Show concerto to composer" do
+    visit '/login_user/composer'
+    visit '/concertos/one' # using friendly id :)
+    page.should have_content('one')
+    visit '/concertos/two'
+    page.should have_content('two')
+  end
+  scenario "Show concerto to musician" do
+    visit '/login_user/musician'
+    visit '/concertos/one' # using friendly id :)
+    page.should have_content('one')
+    #page.should have_content('two')
+  end
+end

data/spec/note_on_caching_and_dynamic.textile ADDED Viewed

@@ -0,0 +1,114 @@
+h1. Note on caching.
+First of all section of Ryan's wiki on Defining Abilities with Blocks.
+h2. Only for Object Attributes
+The block is only evaluated when an actual instance object is present.
+It is not evaluated when checking permissions on the class (such as in the index action).
+This means any conditions which are not dependent on the object attributes should be moved outside of the block.
+<pre>
+<code>
+  #don't do this
+  can :update, Project do |project|
+    user.admin? # this won't always get called
+  end
+  #do this
+  can :update, Project if user.admin?
+</code>
+</pre>
+<hr/>
+What we have here really are conditions of two types: conditions outside blocks and inside blocks.
+I) Conditions outside blocks. They can't allow dynamic.
+Remember failing spec about #dynamic_rules do not react on changes of $something_dynamic (bspec spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb)?
+Consider _failing_ case I created based on excerpt from Ryan's ability_spec.rb. It behaves the same way as ours failing spec.
+It is ugly but I want to show that there is no possibility to allow dynamic on conditions outside blocks:
+<pre>
+<code>
+  before(:each) do
+    @ability = Object.new
+    @ability.extend(CanCan::Ability)
+  end
+  it "should be able to :read anything" do
+    $something = true
+    @ability.can :read, :all if $something_dynamic
+    @ability.can?(:read, :all).should be_true
+    $something = false
+    @ability.can?(:read, :all).should be_false
+  end
+</code>
+</pre>
+It shows us, that "can :update, Project if user.admin?" (see Ryan's code above) - is a fiction - no real dynamic!
+II) Conditions inside blocks.
+Present Ryan's #can work the following way:
+<pre>
+<code>
+  can :read, Article |article|
+    article.attribute ?   # article here is INSTANCE!
+  end
+</code>
+</pre>
+If you call @can?(:read, Article.new)@ -- inside conditions are evaluated.
+If you call @can?(:read, Article)@ -- inside conditions are SKIPPED!
+Review my pull request again (https://github.com/ryanb/cancan/pull/433) -
+I did this because of I want to allow dynamic not only on instance attributes but wider -
+on some global dynamic things like Time.now < ?
+My resume:
+I quickly explored a possibility to collect and call #dynamic_rules from all permits at the moment #can? was summoned and see - that
+it is not possible with the current design we have. Making wrapping patch will be ugly here.
+Better I suggest write any dynamic we want INSIDE #can's condition blocks like
+<pre>
+<code>
+  can :read, Article do |article|
+    $something_dynamic == true
+  end
+</code>
+</pre>
+Because outside conditions don't work as I described above.
+If we run into this direction (inside conditions blocks) then we can expect dynamic conditions of two types:
+I) Instance conditions - which are based on instance attributes. CanCan's Rule deals with instances (can?(:read, Article.new)) ok now.
+II) (rare, but anyway needed) Some global conditions which applied to the class fx Article (not instance Article.new) as a whole. To address this case
+I suggested my pull request #433, because Ryan's can? expect now that if we want conditions inside blocks being evaluated we should
+call can? on instances. My solution is very simple: extend usage of #can? on classes too. If we call #can? on Class then
+if block condition deals with instance attributes it'll of course raise error which we gracefully rescue and return true -
+in fact now Rule returns conditions'true without evaluating block AT ALL if #can? is called on Class.
+And IF BLOCK CONTAINS some condition related not to instance but to CLASS and has REALLY SOMETHING GLOBAL/DYNAMIC NOT INSTANCE-RELATED
+then we EVALUATE inside conditions ok.
+This approach will lead us to completely drop "caching/static&dynamic_rules" piece because placed dynamic inside conditions,
+WE ALREADY HAVE "CACHED" #rules, which emerge at the moment of CanTango::Ability is initialized and live unchanged
+throughout entire CanTango::Ability lifecycle.
+My request to you is follow carefully all above and consider pull request #433 again.
+I think dynamic things I talk here about really MAKE SENSE. As for us as for extending CanCan himself.
+For now CanCan doesn't allow DYNAMIC that is NO INSTANCE-RELATED!
+UPD: See my comment on pull request #433.

data/spec/path_helper.rb ADDED Viewed

@@ -0,0 +1,9 @@
+def spec_root_path
+  File.dirname(__FILE__)
+end
+def dummy_root_path
+  File.join(spec_root_path, 'dummy')
+end

data/spec/simple_roles.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module SimpleRoles
+  module ClassMethods
+    def is_role_in_group?(role, group)
+      raise "No group #{group} defined in User model" if !role_groups.has_key?(group)
+      role_groups[group].include?(role)
+    end
+    def role_groups
+      {:bloggers => [:editor]}
+    end
+    def roles
+      [:guest, :user, :admin, :editor]
+    end
+  end
+  module InstanceMethods
+    attr_accessor :role
+    attr_accessor :role_groups_list
+    def has_role? rolle
+      roles_list.include? rolle
+    end
+    def has_any_role? roles
+      roles.include?(role.to_sym)
+    end
+    def roles_list
+      role.to_s.scan(/\w+/).map{|r| r.to_sym}
+    end
+    def is_in_group? group
+      role_groups_list.include? group
+    end
+    alias_method :in_role_group?, :is_in_group?
+    def role_groups_list
+      return role_groups.scan(/\w+/).map(&:to_sym) if respond_to?(:role_groups) && !role_groups.nil?
+      @role_groups_list || [] #[:bloggers]
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,22 @@
+require 'require_all'
+require 'rspec'
+require 'cancan/matchers'
+require 'cantango'
+require 'cantango/rspec'
+require 'factory_girl'
+require 'mocha'
+require 'factories'
+require 'cutter'
+# require 'moneta'
+#Cutter::Inspection.quiet!
+require 'simple_roles'
+CanTango.configure do |config|
+  config.permission.config_path File.dirname(__FILE__) + '/fixtures/config'
+  config.cache.set :off
+end
+#require_all File.dirname(__FILE__) + '/fixtures'

data/wiki/ability/initialize.markdown ADDED Viewed

@@ -0,0 +1,45 @@
+The **CanTango::Ability** is initialized with a candidate and an options
+hash.
+## Candidate
+The candidate is any object that can have roles and/or role groups
+behavior attached. A candidate is usually either user and in some cases
+might be a user account.
+## Options hash
+When used from a web framework such as Rails, the options hash
+is populated with essential objects such as:
+* Request
+* Session
+* Params
+These objects are then made available to the permission rules for evaluation.
+Some rules might dependen on whether the user is accessing the site
+from localhost or if the user has a given session state.
+## The Flow
+1. Use cached rules if available for user
+2. Generate rules for user
+3. Cache rules for user
+### Use cache rules
+See [[Rules cache]]
+### Generate rules
+1. Generate Permission rules from store
+2. Generate Permit rules from classes
+### Cache rules
+Generate a unique hash key for the user and marshal all the rule in a
+store with that key as identifier. If the user changes, the rules
+for the old key will be invalidated and new rules generated for the new
+key.

data/wiki/api/user/api.markdown ADDED Viewed

@@ -0,0 +1,88 @@
+Cantango comes with the following Core APIs for users:
+* Can API
+* Scope API
+The examples below assume we have the user models _User_ and _Admin_ registered as Cantango users.
+See [[Registration of User models]].
+## User Can API
+The Can API is very similar to the CanCan API but instead uses a `CanTango::Ability` for a specific kind of current user.
+The devise methods `#current_xxxx` such as current_user, current_admin etc. are wll integrated in the Can API.
+For the user models User and Admin, Cantango will provide the following API:
+API methods:
+* user_can? actions, targets
+* user_cannot? actions, targets
+* admin_can? actions, targets
+* admin_cannot? actions, targets
+Example use:
+```ruby
+if user_can? :edit, Article
+  # do sth
+end
+```
+```ruby
+if admin_cannot? :manage, Article
+  # do sth
+end
+```
+## User Scope API
+The Scope API is useful when you want to do several ability tests for the same kind of user.
+API methods:
+* scope_user type, options = {}, &block
+* real_user type, options = {}, &block
+`#scope_user` is used to define an ability scope for a specific user. The
+permission API can then operate on this ability scope directly instead
+of having to create the ability each time.
+Example use `#scope_user`:
+```ruby
+scope_user :admin do |admin|
+  if admin.can?(:edit, Article) || admin.can?(:read, Post)
+    # do stuff
+  end
+  if admin.can? :delete, Article
+    # delete link here
+  end
+end
+```
+### Real user
+The method `#real_user` is used to explicitly negate masquerading within the scope.
+Thus the permissions apply to the real user, not the masqueraded user.
+Assume we have an app divided into a public app and an admin app.
+For an Admin user it could make sense to masquerade as a Public user in
+the public part of the application, but remain as an Admin user in the
+admin app while remaining in the same session.
+This can be achieve using `#real_user` in the admin app.
+Example use `#real_user`:
+```ruby
+real_user :admin do |admin|
+  if admin.can?(:edit, Article) || admin.can?(:read, Post)
+    # do stuff
+  end
+  if admin.can? :delete, Article
+    # delete link here
+  end
+end
+```

data/wiki/api/user_account/api.markdown ADDED Viewed

@@ -0,0 +1,88 @@
+The User Account APIs are very similar to the [[User APIs]]
+* Can API
+* Scope API
+Assume we have the account models UserAccount and AdminAccount registered as Cantango users.
+See [[Registration of User Account models]] for details.
+## Account Can API
+The Account Can API expects methods in the form `#current_xxxx` are available for each type of user account.
+In our scenario, `#current_user_account` and `#current_admin_account` should be available.
+Cantango will provide the following API:
+API methods:
+* user_can? actions, targets
+* user_cannot? actions, targets
+* admin_can? actions, targets
+* admin_cannot? actions, targets
+Example use:
+```ruby
+if user_account_cannot? :edit, Article
+  # do sth
+end
+```
+```ruby
+if admin_account_can? :manage, Article
+  # do sth
+end
+```
+## Account Scope API
+The Scope API is useful when you want to do several ability tests for the same kind of user account.
+API methods:
+* scope_acount type, options = {}, &block
+* as_real_account type, options = {}, &block
+`#scope_account` is used to define an ability scope for a specific user account. The
+permission API can then operate on this ability scope directly instead
+of having to create the ability each time.
+Example use #scope_account:
+```ruby
+scope_account :admin do |account|
+  if account.can?(:edit, Article) || account.can?(:read, Post)
+    # do stuff
+  end
+  if account.can? :delete, Article
+    # delete link here
+  end
+end
+```
+### Real account
+`#real_account` is used to explicitly negate masquerading within the scope.
+Thus the permissions apply to the real account, not the masqueraded account.
+Assume we have an app divided into a public app and an admin app.
+For an Admin user it could make sense to masquerade as if he was logged
+in to the Public account in the public part of the application.
+The admin should remain as an Admin user on the Admin account when
+accessing the admin app, while remaining in the same session.
+This can be achieve using `#real_account` in the admin app.
+Example use #real_account:
+```ruby
+real_account :admin do |account|
+  if account.can?(:edit, Article) || account.can?(:read, Post)
+    # do stuff
+  end
+  if account.can? :delete, Article
+    # delete link here
+  end
+end
+```