RubyGems - cantango - Versions diffs - 0.8.0 - Mend

cantango 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (578) hide show

data/.document +5 -0
data/.rspec +1 -0
data/Gemfile +58 -0
data/LICENSE.txt +20 -0
data/README.textile +211 -0
data/Rakefile +48 -0
data/VERSION +1 -0
data/cantango.gemspec +658 -0
data/ideas/feature_list.markdown +58 -0
data/lib/cantango.rb +32 -0
data/lib/cantango/ability.rb +56 -0
data/lib/cantango/ability/cache.rb +95 -0
data/lib/cantango/ability/cache/base_cache.rb +26 -0
data/lib/cantango/ability/cache/kompiler.rb +24 -0
data/lib/cantango/ability/cache/moneta_cache.rb +32 -0
data/lib/cantango/ability/cache/session_cache.rb +38 -0
data/lib/cantango/ability/class_methods.rb +27 -0
data/lib/cantango/ability/masquerade_helpers.rb +19 -0
data/lib/cantango/ability/permission_helpers.rb +20 -0
data/lib/cantango/ability/permit_helpers.rb +27 -0
data/lib/cantango/ability/role_helpers.rb +26 -0
data/lib/cantango/ability/scope.rb +20 -0
data/lib/cantango/ability/user_helpers.rb +22 -0
data/lib/cantango/api.rb +5 -0
data/lib/cantango/api/aliases.rb +8 -0
data/lib/cantango/api/aliases/account_permit.rb +8 -0
data/lib/cantango/api/aliases/license.rb +7 -0
data/lib/cantango/api/aliases/permit.rb +9 -0
data/lib/cantango/api/aliases/role_group_permit.rb +7 -0
data/lib/cantango/api/aliases/role_permit.rb +7 -0
data/lib/cantango/api/aliases/user_permit.rb +8 -0
data/lib/cantango/api/common.rb +10 -0
data/lib/cantango/api/options.rb +16 -0
data/lib/cantango/api/user.rb +20 -0
data/lib/cantango/api/user/ability.rb +38 -0
data/lib/cantango/api/user/can.rb +26 -0
data/lib/cantango/api/user/scope.rb +29 -0
data/lib/cantango/api/user_account.rb +20 -0
data/lib/cantango/api/user_account/ability.rb +44 -0
data/lib/cantango/api/user_account/can.rb +26 -0
data/lib/cantango/api/user_account/scope.rb +29 -0
data/lib/cantango/cache.rb +6 -0
data/lib/cantango/cache/moneta_cache.rb +68 -0
data/lib/cantango/cancan/rule.rb +6 -0
data/lib/cantango/configuration.rb +83 -0
data/lib/cantango/configuration/ability.rb +13 -0
data/lib/cantango/configuration/autoload.rb +38 -0
data/lib/cantango/configuration/categories.rb +55 -0
data/lib/cantango/configuration/engines.rb +49 -0
data/lib/cantango/configuration/engines/cache.rb +20 -0
data/lib/cantango/configuration/engines/engine.rb +31 -0
data/lib/cantango/configuration/engines/permission.rb +49 -0
data/lib/cantango/configuration/engines/permit.rb +26 -0
data/lib/cantango/configuration/engines/store.rb +24 -0
data/lib/cantango/configuration/factory.rb +59 -0
data/lib/cantango/configuration/guest.rb +57 -0
data/lib/cantango/configuration/hash_registry.rb +62 -0
data/lib/cantango/configuration/models.rb +48 -0
data/lib/cantango/configuration/registry.rb +53 -0
data/lib/cantango/configuration/role_groups.rb +15 -0
data/lib/cantango/configuration/role_registry.rb +43 -0
data/lib/cantango/configuration/roles.rb +16 -0
data/lib/cantango/configuration/user.rb +47 -0
data/lib/cantango/configuration/user_account.rb +23 -0
data/lib/cantango/configuration/user_accounts.rb +7 -0
data/lib/cantango/configuration/users.rb +7 -0
data/lib/cantango/helpers.rb +5 -0
data/lib/cantango/helpers/role_methods.rb +26 -0
data/lib/cantango/permission_engine.rb +7 -0
data/lib/cantango/permission_engine/builder.rb +6 -0
data/lib/cantango/permission_engine/collector.rb +43 -0
data/lib/cantango/permission_engine/compiler.rb +67 -0
data/lib/cantango/permission_engine/evaluator.rb +34 -0
data/lib/cantango/permission_engine/factory.rb +60 -0
data/lib/cantango/permission_engine/loader.rb +7 -0
data/lib/cantango/permission_engine/loader/base.rb +39 -0
data/lib/cantango/permission_engine/loader/categories.rb +50 -0
data/lib/cantango/permission_engine/loader/permissions.rb +66 -0
data/lib/cantango/permission_engine/moneta_store.rb +30 -0
data/lib/cantango/permission_engine/parser.rb +32 -0
data/lib/cantango/permission_engine/parser/categories.rb +18 -0
data/lib/cantango/permission_engine/parser/category.rb +34 -0
data/lib/cantango/permission_engine/parser/default.rb +20 -0
data/lib/cantango/permission_engine/parser/ownership.rb +32 -0
data/lib/cantango/permission_engine/parser/permissions.rb +33 -0
data/lib/cantango/permission_engine/parser/regex.rb +35 -0
data/lib/cantango/permission_engine/parser/relationship.rb +23 -0
data/lib/cantango/permission_engine/parser/rule.rb +31 -0
data/lib/cantango/permission_engine/permission.rb +40 -0
data/lib/cantango/permission_engine/selector.rb +16 -0
data/lib/cantango/permission_engine/selector/base.rb +19 -0
data/lib/cantango/permission_engine/selector/licenses.rb +19 -0
data/lib/cantango/permission_engine/selector/role_groups.rb +24 -0
data/lib/cantango/permission_engine/selector/roles.rb +25 -0
data/lib/cantango/permission_engine/selector/users.rb +22 -0
data/lib/cantango/permission_engine/statement.rb +14 -0
data/lib/cantango/permission_engine/statements.rb +35 -0
data/lib/cantango/permission_engine/store.rb +33 -0
data/lib/cantango/permission_engine/yaml_store.rb +108 -0
data/lib/cantango/permit_engine.rb +8 -0
data/lib/cantango/permit_engine/account_permit.rb +41 -0
data/lib/cantango/permit_engine/account_permit/builder.rb +22 -0
data/lib/cantango/permit_engine/account_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/builder.rb +8 -0
data/lib/cantango/permit_engine/builder/base.rb +50 -0
data/lib/cantango/permit_engine/builder/special_permits.rb +20 -0
data/lib/cantango/permit_engine/compatibility.rb +20 -0
data/lib/cantango/permit_engine/executor.rb +7 -0
data/lib/cantango/permit_engine/executor/abstract.rb +40 -0
data/lib/cantango/permit_engine/executor/base.rb +51 -0
data/lib/cantango/permit_engine/executor/system.rb +13 -0
data/lib/cantango/permit_engine/factory.rb +45 -0
data/lib/cantango/permit_engine/finder.rb +39 -0
data/lib/cantango/permit_engine/license.rb +37 -0
data/lib/cantango/permit_engine/license/loader.rb +19 -0
data/lib/cantango/permit_engine/license/rules.rb +17 -0
data/lib/cantango/permit_engine/permit.rb +149 -0
data/lib/cantango/permit_engine/role_group_permit.rb +37 -0
data/lib/cantango/permit_engine/role_group_permit/builder.rb +47 -0
data/lib/cantango/permit_engine/role_group_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/role_matcher.rb +13 -0
data/lib/cantango/permit_engine/role_permit.rb +38 -0
data/lib/cantango/permit_engine/role_permit/builder.rb +46 -0
data/lib/cantango/permit_engine/role_permit/finder.rb +19 -0
data/lib/cantango/permit_engine/user_permit.rb +40 -0
data/lib/cantango/permit_engine/user_permit/builder.rb +21 -0
data/lib/cantango/permit_engine/user_permit/finder.rb +20 -0
data/lib/cantango/permit_engine/util.rb +19 -0
data/lib/cantango/rails.rb +5 -0
data/lib/cantango/rails/base_helpers.rb +26 -0
data/lib/cantango/rails/controller_helpers.rb +15 -0
data/lib/cantango/rails/engine.rb +47 -0
data/lib/cantango/rails/railtie.rb +7 -0
data/lib/cantango/rails/view_helpers.rb +15 -0
data/lib/cantango/rspec.rb +1 -0
data/lib/cantango/rspec/config.rb +9 -0
data/lib/cantango/rspec/matchers.rb +9 -0
data/lib/cantango/rspec/matchers/be_allowed_to.rb +26 -0
data/lib/cantango/rspec/matchers/have_license.rb +11 -0
data/lib/cantango/rspec/matchers/have_license_class.rb +14 -0
data/lib/cantango/rspec/matchers/have_license_file.rb +82 -0
data/lib/cantango/rules.rb +23 -0
data/lib/cantango/rules/adaptor.rb +32 -0
data/lib/cantango/rules/adaptor/active_record.rb +13 -0
data/lib/cantango/rules/adaptor/generic.rb +16 -0
data/lib/cantango/rules/adaptor/mongoid.rb +13 -0
data/lib/cantango/rules/dsl.rb +24 -0
data/lib/cantango/rules/rule_class.rb +11 -0
data/lib/cantango/rules/scope.rb +24 -0
data/lib/cantango/rules/user_relation.rb +68 -0
data/lib/cantango/users.rb +5 -0
data/lib/cantango/users/macros.rb +9 -0
data/lib/cantango/users/masquerade.rb +22 -0
data/lib/cantango/users/masquerade/session_active_user.rb +18 -0
data/lib/cantango/users/user.rb +30 -0
data/lib/cantango/users/user_account.rb +23 -0
data/lib/generators/cantango/base.rb +52 -0
data/lib/generators/cantango/license/license_generator.rb +34 -0
data/lib/generators/cantango/license/templates/license.erb +10 -0
data/lib/generators/cantango/license_base.rb +15 -0
data/lib/generators/cantango/licenses/licenses_generator.rb +31 -0
data/lib/generators/cantango/permit_generator.rb +36 -0
data/lib/generators/cantango/role_permit/role_permit_generator.rb +42 -0
data/lib/generators/cantango/role_permit/templates/account_permit.erb +4 -0
data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +14 -0
data/lib/generators/cantango/role_permit/templates/role_permit.erb +13 -0
data/lib/generators/cantango/role_permits/role_permits_generator.rb +127 -0
data/spec/Note_on_licenses.textile +44 -0
data/spec/Refactor_into_engines.textile +115 -0
data/spec/TODO +7 -0
data/spec/active_record/AR_README.textile +20 -0
data/spec/active_record/config_helper.rb +108 -0
data/spec/active_record/db/database.yml +4 -0
data/spec/active_record/helper/ar_config.rb +19 -0
data/spec/active_record/helper/permits_config.rb +12 -0
data/spec/active_record/helper/rails_config.rb +6 -0
data/spec/active_record/helper/rspec_config.rb +20 -0
data/spec/active_record/migrations/001_create_user.rb +14 -0
data/spec/active_record/migrations/002_create_comment.rb +13 -0
data/spec/active_record/migrations/003_create_post.rb +13 -0
data/spec/active_record/migrations/004_create_article.rb +13 -0
data/spec/active_record/migrations/005_create_account.rb +13 -0
data/spec/active_record/migrations/006_create_todo.rb +12 -0
data/spec/active_record/migrations/007_create_user_todos.rb +13 -0
data/spec/active_record/scenarios/SCENARIOS README.textile +19 -0
data/spec/active_record/scenarios/engines/permission_engine/cantango_permissions.yml +63 -0
data/spec/active_record/scenarios/engines/permission_engine/categories.yml +6 -0
data/spec/active_record/scenarios/engines/permission_engine/tango_permission_yml_spec.rb +77 -0
data/spec/active_record/scenarios/engines/permission_engine/users.rb +88 -0
data/spec/active_record/scenarios/engines/permit_engine/licenses_spec.rb +37 -0
data/spec/active_record/scenarios/engines/permit_engine/role_groups_permits_spec.rb +35 -0
data/spec/active_record/scenarios/guest_user_admin/admin_user_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/docs/GUEST_ADMIN_USER_SCENARIO.textile +20 -0
data/spec/active_record/scenarios/guest_user_admin/editor_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/guest_user_spec.rb +16 -0
data/spec/active_record/scenarios/guest_user_admin/user_having_user_and_editor_roles_spec.rb +19 -0
data/spec/active_record/scenarios/guest_user_admin/user_spec.rb +32 -0
data/spec/active_record/scenarios/masquerading/masquerading_for_admin_account_spec.rb +41 -0
data/spec/active_record/scenarios/masquerading/masquerading_for_admin_user_spec.rb +38 -0
data/spec/active_record/scenarios/shared/api.rb +4 -0
data/spec/active_record/scenarios/shared/can_tango.rb +2 -0
data/spec/active_record/scenarios/shared/examples/user_accounts.rb +47 -0
data/spec/active_record/scenarios/shared/examples/users.rb +85 -0
data/spec/active_record/scenarios/shared/licenses/musicians_license.rb +12 -0
data/spec/active_record/scenarios/shared/models/items.rb +26 -0
data/spec/active_record/scenarios/shared/models/todo.rb +4 -0
data/spec/active_record/scenarios/shared/models/user_todo.rb +4 -0
data/spec/active_record/scenarios/shared/models/users.rb +46 -0
data/spec/active_record/scenarios/shared/permits/PERMITS README.textile +3 -0
data/spec/active_record/scenarios/shared/permits/account_permits/admin_account_permit.rb +30 -0
data/spec/active_record/scenarios/shared/permits/account_permits/guest_account_permit.rb +16 -0
data/spec/active_record/scenarios/shared/permits/account_permits/user_account_permit.rb +46 -0
data/spec/active_record/scenarios/shared/permits/role/admin_permit.rb +11 -0
data/spec/active_record/scenarios/shared/permits/role/editor_permit.rb +42 -0
data/spec/active_record/scenarios/shared/permits/role/guest_permit.rb +26 -0
data/spec/active_record/scenarios/shared/permits/role/super_admin_permit.rb +9 -0
data/spec/active_record/scenarios/shared/permits/role/user_permit.rb +49 -0
data/spec/active_record/scenarios/shared/permits/role_group/bloggers_permit.rb +8 -0
data/spec/active_record/scenarios/shared/permits/role_group/musicians_permit.rb +9 -0
data/spec/active_record/scenarios/shared/permits/special/any_role_permit.rb +10 -0
data/spec/active_record/scenarios/shared/permits/special/system_role_permit.rb +10 -0
data/spec/active_record/scenarios/user_accounts/admin_account_spec.rb +34 -0
data/spec/active_record/scenarios/user_accounts/config/account_permits.yml +0 -0
data/spec/active_record/scenarios/user_accounts/docs/USER_ACCOUNTS_SCENARIO.textile +20 -0
data/spec/active_record/scenarios/user_accounts/docs/basic_rules_spec_possible_samples.txt +84 -0
data/spec/active_record/scenarios/user_accounts/guest_account_spec.rb +34 -0
data/spec/active_record/scenarios/user_accounts/helpers.rb +5 -0
data/spec/active_record/scenarios/user_accounts/helpers/account_setup.rb +41 -0
data/spec/active_record/scenarios/user_accounts/helpers/user_factory.rb +19 -0
data/spec/active_record/scenarios/user_accounts/permits/admin_account_permit.rb +28 -0
data/spec/active_record/scenarios/user_accounts/permits/guest_account_permit.rb +14 -0
data/spec/active_record/scenarios/user_accounts/permits/user_account_permit.rb +43 -0
data/spec/active_record/scenarios/user_accounts/user_account_spec.rb +36 -0
data/spec/active_record/spec_helper.rb +19 -0
data/spec/cantango/README.textile +3 -0
data/spec/cantango/ability/cache/compiler_spec.rb +45 -0
data/spec/cantango/ability/cache/session_cache_spec.rb +11 -0
data/spec/cantango/ability/cache_spec.rb +107 -0
data/spec/cantango/ability_filters_spec.rb +128 -0
data/spec/cantango/ability_spec.rb +74 -0
data/spec/cantango/api/current_user_accounts.rb +14 -0
data/spec/cantango/api/current_users.rb +10 -0
data/spec/cantango/api/user/ability_api_spec.rb +44 -0
data/spec/cantango/api/user/can_api_spec.rb +109 -0
data/spec/cantango/api/user/scope_api_spec.rb +65 -0
data/spec/cantango/api/user_account/ability_api_spec.rb +29 -0
data/spec/cantango/api/user_account/can_api_spec.rb +82 -0
data/spec/cantango/api/user_account/scope_api_spec.rb +0 -0
data/spec/cantango/api/user_account_api_spec.rb +0 -0
data/spec/cantango/api/user_api_spec.rb +0 -0
data/spec/cantango/configuration/ability_spec.rb +13 -0
data/spec/cantango/configuration/autoload_spec.rb +53 -0
data/spec/cantango/configuration/categories_spec.rb +60 -0
data/spec/cantango/configuration/engines/cache_spec.rb +19 -0
data/spec/cantango/configuration/engines/engine_shared.rb +22 -0
data/spec/cantango/configuration/engines/permission_spec.rb +31 -0
data/spec/cantango/configuration/engines/permit_spec.rb +16 -0
data/spec/cantango/configuration/engines/store_engine_shared.rb +16 -0
data/spec/cantango/configuration/engines/store_shared.rb +36 -0
data/spec/cantango/configuration/engines_spec.rb +41 -0
data/spec/cantango/configuration/factory_spec.rb +20 -0
data/spec/cantango/configuration/guest/find_guest_default_way_spec.rb +33 -0
data/spec/cantango/configuration/guest_spec.rb +62 -0
data/spec/cantango/configuration/hash_registry_spec.rb +17 -0
data/spec/cantango/configuration/registry_spec.rb +17 -0
data/spec/cantango/configuration/role_groups_spec.rb +15 -0
data/spec/cantango/configuration/roles_spec.rb +16 -0
data/spec/cantango/configuration/shared/factory_ex.rb +40 -0
data/spec/cantango/configuration/shared/hash_registry_ex.rb +65 -0
data/spec/cantango/configuration/shared/registry_ex.rb +39 -0
data/spec/cantango/configuration/shared/role_registry_ex.rb +22 -0
data/spec/cantango/configuration/user_account_spec.rb +26 -0
data/spec/cantango/configuration/user_spec.rb +46 -0
data/spec/cantango/configuration_spec.rb +42 -0
data/spec/cantango/license/save_license_spec.rb +24 -0
data/spec/cantango/models/items.rb +12 -0
data/spec/cantango/models/users.rb +13 -0
data/spec/cantango/moneta_spec.rb +31 -0
data/spec/cantango/parser/categories_spec.rb +0 -0
data/spec/cantango/parser/permissions_spec.rb +0 -0
data/spec/cantango/permission_engine/PERMISSION_STORE.textile +75 -0
data/spec/cantango/permission_engine/categories_store_spec.rb +10 -0
data/spec/cantango/permission_engine/compiler_spec.rb +32 -0
data/spec/cantango/permission_engine/loader/categories_spec.rb +19 -0
data/spec/cantango/permission_engine/loader/permissions/cantango_permissions_loader.rb +27 -0
data/spec/cantango/permission_engine/loader/permissions/shared.rb +9 -0
data/spec/cantango/permission_engine/moneta_store_spec.rb +0 -0
data/spec/cantango/permission_engine/parser_spec.rb +39 -0
data/spec/cantango/permission_engine/permission_spec.rb +35 -0
data/spec/cantango/permission_engine/permission_store_spec.rb +10 -0
data/spec/cantango/permission_engine/shared_examples.rb +22 -0
data/spec/cantango/permission_engine/store_spec.rb +8 -0
data/spec/cantango/permission_engine/user_permission_store_spec.rb +12 -0
data/spec/cantango/permission_engine/yaml_store_spec.rb +83 -0
data/spec/cantango/permit_engine/account_permit_spec.rb +47 -0
data/spec/cantango/permit_engine/builder/role_group_permits_spec.rb +63 -0
data/spec/cantango/permit_engine/builder/role_permits_spec.rb +58 -0
data/spec/cantango/permit_engine/builder/special_permits_spec.rb +42 -0
data/spec/cantango/permit_engine/executor/system_spec.rb +61 -0
data/spec/cantango/permit_engine/factory_spec.rb +50 -0
data/spec/cantango/permit_engine/finder_spec.rb +70 -0
data/spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb +74 -0
data/spec/cantango/permit_engine/role_group_permit_spec.rb +43 -0
data/spec/cantango/permit_engine/role_permit_spec.rb +44 -0
data/spec/cantango/permit_engine/user_permit_spec.rb +41 -0
data/spec/cantango/rules_spec.rb +55 -0
data/spec/devise-dummy/Rakefile +7 -0
data/spec/devise-dummy/app/controllers/accounts_controller.rb +25 -0
data/spec/devise-dummy/app/controllers/application_controller.rb +3 -0
data/spec/devise-dummy/app/controllers/articles_controller.rb +48 -0
data/spec/devise-dummy/app/controllers/comments_controller.rb +40 -0
data/spec/devise-dummy/app/controllers/concertos_controller.rb +49 -0
data/spec/devise-dummy/app/controllers/main_controller.rb +8 -0
data/spec/devise-dummy/app/controllers/posts_controller.rb +49 -0
data/spec/devise-dummy/app/controllers/users_controller.rb +25 -0
data/spec/devise-dummy/app/helpers/application_helper.rb +2 -0
data/spec/devise-dummy/app/models/account_setup.rb +41 -0
data/spec/devise-dummy/app/models/admin.rb +11 -0
data/spec/devise-dummy/app/models/article.rb +6 -0
data/spec/devise-dummy/app/models/comment.rb +5 -0
data/spec/devise-dummy/app/models/concerto.rb +6 -0
data/spec/devise-dummy/app/models/guest.rb +34 -0
data/spec/devise-dummy/app/models/improvisation.rb +2 -0
data/spec/devise-dummy/app/models/post.rb +5 -0
data/spec/devise-dummy/app/models/song.rb +3 -0
data/spec/devise-dummy/app/models/tune.rb +3 -0
data/spec/devise-dummy/app/models/user.rb +22 -0
data/spec/devise-dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
data/spec/devise-dummy/app/permits/licenses/bloggers_license.rb +12 -0
data/spec/devise-dummy/app/permits/licenses/musicians_license.rb +13 -0
data/spec/devise-dummy/app/permits/role_groups/editor_permit.rb +13 -0
data/spec/devise-dummy/app/permits/roles/admin_permit.rb +12 -0
data/spec/devise-dummy/app/permits/roles/guest_permit.rb +12 -0
data/spec/devise-dummy/app/permits/roles/user_permit.rb +14 -0
data/spec/devise-dummy/app/views/articles/admin.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/articles/index.html.haml +23 -0
data/spec/devise-dummy/app/views/articles/show.html.haml +10 -0
data/spec/devise-dummy/app/views/comments/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/comments/index.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/admin.html.haml +19 -0
data/spec/devise-dummy/app/views/concertos/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/concertos/index.html.haml +19 -0
data/spec/devise-dummy/app/views/concertos/show.html.haml +10 -0
data/spec/devise-dummy/app/views/devise/confirmations/new.html.erb +12 -0
data/spec/devise-dummy/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
data/spec/devise-dummy/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
data/spec/devise-dummy/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
data/spec/devise-dummy/app/views/devise/passwords/edit.html.erb +16 -0
data/spec/devise-dummy/app/views/devise/passwords/new.html.erb +12 -0
data/spec/devise-dummy/app/views/devise/registrations/edit.html.erb +25 -0
data/spec/devise-dummy/app/views/devise/registrations/new.html.erb +18 -0
data/spec/devise-dummy/app/views/devise/sessions/new.html.erb +17 -0
data/spec/devise-dummy/app/views/devise/shared/_links.erb +25 -0
data/spec/devise-dummy/app/views/devise/unlocks/new.html.erb +12 -0
data/spec/devise-dummy/app/views/layouts/application.html.erb +14 -0
data/spec/devise-dummy/app/views/main/index.html.haml +1 -0
data/spec/devise-dummy/app/views/posts/admin.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/admin_account.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/guest.html.haml +20 -0
data/spec/devise-dummy/app/views/posts/index.html.haml +19 -0
data/spec/devise-dummy/app/views/posts/show.html.haml +11 -0
data/spec/devise-dummy/app/views/users/admin.html.haml +19 -0
data/spec/devise-dummy/app/views/users/admin_account.html.haml +19 -0
data/spec/devise-dummy/app/views/users/guest.html.haml +19 -0
data/spec/devise-dummy/app/views/users/index.html.haml +19 -0
data/spec/devise-dummy/app/views/users/show.html.haml +11 -0
data/spec/devise-dummy/config.ru +4 -0
data/spec/devise-dummy/config/application.rb +46 -0
data/spec/devise-dummy/config/boot.rb +10 -0
data/spec/devise-dummy/config/cantango_permissions.yml +50 -0
data/spec/devise-dummy/config/categories.yml +10 -0
data/spec/devise-dummy/config/database.yml +22 -0
data/spec/devise-dummy/config/environment.rb +5 -0
data/spec/devise-dummy/config/environments/development.rb +26 -0
data/spec/devise-dummy/config/environments/production.rb +49 -0
data/spec/devise-dummy/config/environments/test.rb +35 -0
data/spec/devise-dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/devise-dummy/config/initializers/cantango.rb +8 -0
data/spec/devise-dummy/config/initializers/devise.rb +204 -0
data/spec/devise-dummy/config/initializers/inflections.rb +10 -0
data/spec/devise-dummy/config/initializers/mime_types.rb +5 -0
data/spec/devise-dummy/config/initializers/secret_token.rb +7 -0
data/spec/devise-dummy/config/initializers/session_store.rb +8 -0
data/spec/devise-dummy/config/initializers/simple_roles.rb +42 -0
data/spec/devise-dummy/config/locales/devise.en.yml +53 -0
data/spec/devise-dummy/config/locales/en.yml +5 -0
data/spec/devise-dummy/config/routes.rb +88 -0
data/spec/devise-dummy/db/migrate/002_create_comment.rb +13 -0
data/spec/devise-dummy/db/migrate/003_create_post.rb +14 -0
data/spec/devise-dummy/db/migrate/004_create_article.rb +14 -0
data/spec/devise-dummy/db/migrate/005_create_account.rb +13 -0
data/spec/devise-dummy/db/migrate/006_create_concerto.rb +14 -0
data/spec/devise-dummy/db/migrate/007_devise_create_users.rb +31 -0
data/spec/devise-dummy/db/schema.rb +75 -0
data/spec/devise-dummy/db/seeds.rb +5 -0
data/spec/devise-dummy/db/users.txt +7 -0
data/spec/devise-dummy/public/404.html +26 -0
data/spec/devise-dummy/public/422.html +26 -0
data/spec/devise-dummy/public/500.html +26 -0
data/spec/devise-dummy/public/favicon.ico +0 -0
data/spec/devise-dummy/public/javascripts/application.js +2 -0
data/spec/devise-dummy/public/javascripts/controls.js +965 -0
data/spec/devise-dummy/public/javascripts/dragdrop.js +974 -0
data/spec/devise-dummy/public/javascripts/effects.js +1123 -0
data/spec/devise-dummy/public/javascripts/prototype.js +6001 -0
data/spec/devise-dummy/public/javascripts/rails.js +191 -0
data/spec/devise-dummy/public/stylesheets/.gitkeep +0 -0
data/spec/devise-dummy/script/rails +6 -0
data/spec/devise-dummy_spec_helper.rb +41 -0
data/spec/devise-integration/concerto_spec.rb +80 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/controllers/accounts_controller.rb +23 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/controllers/articles_controller.rb +55 -0
data/spec/dummy/app/controllers/comments_controller.rb +38 -0
data/spec/dummy/app/controllers/concertos_controller.rb +43 -0
data/spec/dummy/app/controllers/main_controller.rb +8 -0
data/spec/dummy/app/controllers/posts_controller.rb +47 -0
data/spec/dummy/app/controllers/sessions_controller.rb +16 -0
data/spec/dummy/app/controllers/users_controller.rb +23 -0
data/spec/dummy/app/helpers/application_helper.rb +37 -0
data/spec/dummy/app/models/account_setup.rb +41 -0
data/spec/dummy/app/models/admin.rb +4 -0
data/spec/dummy/app/models/article.rb +6 -0
data/spec/dummy/app/models/comment.rb +5 -0
data/spec/dummy/app/models/concerto.rb +6 -0
data/spec/dummy/app/models/guest.rb +27 -0
data/spec/dummy/app/models/improvisation.rb +2 -0
data/spec/dummy/app/models/post.rb +5 -0
data/spec/dummy/app/models/song.rb +3 -0
data/spec/dummy/app/models/tune.rb +3 -0
data/spec/dummy/app/models/user.rb +12 -0
data/spec/dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
data/spec/dummy/app/permits/licenses/bloggers_license.rb +12 -0
data/spec/dummy/app/permits/licenses/musicians_license.rb +13 -0
data/spec/dummy/app/permits/role_groups/editor_permit.rb +13 -0
data/spec/dummy/app/permits/roles/admin_permit.rb +12 -0
data/spec/dummy/app/permits/roles/guest_permit.rb +12 -0
data/spec/dummy/app/permits/roles/user_permit.rb +18 -0
data/spec/dummy/app/views/articles/admin.html.haml +20 -0
data/spec/dummy/app/views/articles/admin_account.html.haml +20 -0
data/spec/dummy/app/views/articles/guest.html.haml +20 -0
data/spec/dummy/app/views/articles/index.html.haml +23 -0
data/spec/dummy/app/views/articles/show.html.haml +10 -0
data/spec/dummy/app/views/comments/guest.html.haml +20 -0
data/spec/dummy/app/views/comments/index.html.haml +20 -0
data/spec/dummy/app/views/concertos/admin.html.haml +20 -0
data/spec/dummy/app/views/concertos/admin_account.html.haml +20 -0
data/spec/dummy/app/views/concertos/guest.html.haml +20 -0
data/spec/dummy/app/views/concertos/index.html.haml +19 -0
data/spec/dummy/app/views/concertos/show.html.haml +10 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/app/views/main/index.html.haml +1 -0
data/spec/dummy/app/views/posts/admin.html.haml +20 -0
data/spec/dummy/app/views/posts/admin_account.html.haml +20 -0
data/spec/dummy/app/views/posts/guest.html.haml +20 -0
data/spec/dummy/app/views/posts/index.html.haml +19 -0
data/spec/dummy/app/views/posts/show.html.haml +11 -0
data/spec/dummy/app/views/users/admin.html.haml +19 -0
data/spec/dummy/app/views/users/admin_account.html.haml +19 -0
data/spec/dummy/app/views/users/guest.html.haml +19 -0
data/spec/dummy/app/views/users/index.html.haml +19 -0
data/spec/dummy/app/views/users/show.html.haml +11 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/config/application.rb +43 -0
data/spec/dummy/config/boot.rb +10 -0
data/spec/dummy/config/cantango_permissions.yml +50 -0
data/spec/dummy/config/categories.yml +10 -0
data/spec/dummy/config/database.yml +22 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +26 -0
data/spec/dummy/config/environments/production.rb +49 -0
data/spec/dummy/config/environments/test.rb +35 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cantango.rb +5 -0
data/spec/dummy/config/initializers/inflections.rb +10 -0
data/spec/dummy/config/initializers/mime_types.rb +5 -0
data/spec/dummy/config/initializers/secret_token.rb +7 -0
data/spec/dummy/config/initializers/session_store.rb +8 -0
data/spec/dummy/config/initializers/simple_roles.rb +44 -0
data/spec/dummy/config/locales/en.yml +5 -0
data/spec/dummy/config/routes.rb +84 -0
data/spec/dummy/db/migrate/001_create_user.rb +16 -0
data/spec/dummy/db/migrate/002_create_comment.rb +13 -0
data/spec/dummy/db/migrate/003_create_post.rb +14 -0
data/spec/dummy/db/migrate/004_create_article.rb +14 -0
data/spec/dummy/db/migrate/005_create_account.rb +13 -0
data/spec/dummy/db/migrate/006_create_concerto.rb +14 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +26 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/public/javascripts/application.js +2 -0
data/spec/dummy/public/javascripts/controls.js +965 -0
data/spec/dummy/public/javascripts/dragdrop.js +974 -0
data/spec/dummy/public/javascripts/effects.js +1123 -0
data/spec/dummy/public/javascripts/prototype.js +6001 -0
data/spec/dummy/public/javascripts/rails.js +191 -0
data/spec/dummy/public/stylesheets/.gitkeep +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/dummy/tmp/pids/server.pid +1 -0
data/spec/dummy_spec_helper.rb +43 -0
data/spec/entire_suite_spec.rb +15 -0
data/spec/factories.rb +8 -0
data/spec/fixtures/config/cantango_permissions.yml +48 -0
data/spec/fixtures/config/categories.yml +6 -0
data/spec/fixtures/config/evaluator_fixtures.yml +18 -0
data/spec/fixtures/config/licenses.yml +4 -0
data/spec/fixtures/config/permissions.yml +19 -0
data/spec/fixtures/config/role_group.yml +4 -0
data/spec/fixtures/config/roles.yml +4 -0
data/spec/fixtures/config/user_permissions.yml +8 -0
data/spec/fixtures/models.rb +2 -0
data/spec/fixtures/models/items.rb +8 -0
data/spec/fixtures/models/simple_roles.rb +44 -0
data/spec/fixtures/models/user.rb +22 -0
data/spec/fixtures/models/user_account.rb +21 -0
data/spec/fixtures/tango_fixtures.rb +29 -0
data/spec/generators/cantango/account_role_permit_generator_spec.rb +35 -0
data/spec/generators/cantango/account_role_permits_generator_spec.rb +59 -0
data/spec/generators/cantango/license_generator_spec.rb +33 -0
data/spec/generators/cantango/licenses_generator_spec.rb +58 -0
data/spec/generators/cantango/role_permit_generator_spec.rb +35 -0
data/spec/generators/cantango/role_permits_generator_spec.rb +58 -0
data/spec/helpers/dummy_app_ability.rb +26 -0
data/spec/integration/Design_notes.textile +30 -0
data/spec/integration/admin_user/masquerade_spec.rb +22 -0
data/spec/integration/cache_using_moneta_spec.rb +46 -0
data/spec/integration/cache_using_session_spec.rb +46 -0
data/spec/integration/main_spec.rb +16 -0
data/spec/integration/performance/ability_initialize_performance.rb +54 -0
data/spec/integration/performance/cache_performance.rb +31 -0
data/spec/integration/performance/can_performance.rb +54 -0
data/spec/integration/performance/helpers/ability.rb +44 -0
data/spec/integration/performance/helpers/ability_api.rb +44 -0
data/spec/integration/performance/helpers/ability_raw.rb +8 -0
data/spec/integration/performance/helpers/cache.rb +37 -0
data/spec/integration/performance/helpers/rules.rb +12 -0
data/spec/integration/performance/integral_performance_caching_disabled.rb +33 -0
data/spec/integration/performance/integral_performance_caching_enabled.rb +33 -0
data/spec/integration/performance/raw_performance.rb +11 -0
data/spec/integration/user/articles_spec.rb +39 -0
data/spec/integration/user/concerto_spec.rb +39 -0
data/spec/note_on_caching_and_dynamic.textile +114 -0
data/spec/path_helper.rb +9 -0
data/spec/simple_roles.rb +46 -0
data/spec/spec_helper.rb +22 -0
data/wiki/ability/initialize.markdown +45 -0
data/wiki/api/user/api.markdown +88 -0
data/wiki/api/user_account/api.markdown +88 -0
data/wiki/config/ability.markdown +18 -0
data/wiki/config/autoload.markdown +31 -0
data/wiki/config/guest.markdown +49 -0
data/wiki/config/models_registration.markdown +16 -0
data/wiki/config/role_groups.markdown +1 -0
data/wiki/config/roles.markdown +1 -0
data/wiki/engines/cache/config.markdown +31 -0
data/wiki/engines/cache/session_store.markdown +0 -0
data/wiki/engines/cache/store.markdown +6 -0
data/wiki/engines/permissions/categories.markdown +33 -0
data/wiki/engines/permissions/config.markdown +60 -0
data/wiki/engines/permissions/moneta_store.markdown +0 -0
data/wiki/engines/permissions/store.markdown +0 -0
data/wiki/engines/permissions/yaml_store.markdown +0 -0
data/wiki/engines/permits/config.markdown +0 -0
data/wiki/engines/permits/licenses.markdown +0 -0
data/wiki/engines/permits/role_groups.markdown +0 -0
data/wiki/engines/permits/roles.markdown +0 -0
data/wiki/engines/permits/user_accounts.markdown +0 -0
data/wiki/feature_list.markdown +39 -0
data/wiki/rules_caching.markdown +17 -0
data/wiki/users/masquerading.markdown +29 -0
data/wiki/when_to_use.markdown +64 -0
data/wiki/why_to_use.markdown +11 -0
metadata +788 -0

data/spec/integration/performance/raw_performance.rb ADDED Viewed

@@ -0,0 +1,11 @@
+require 'dummy_spec_helper'
+require'integration/performance/helpers/ability_raw'
+describe "CanTango::Ability raw performance (without rails)" do
+  it "total without engines" do
+    @user = User.create!(:name => "Stanislaw")
+    CanTangoTest.new(@user)
+  end
+end

data/spec/integration/user/articles_spec.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'dummy_spec_helper'
+feature "Articles", %q{
+  In order to have an awesome blog
+  As an author
+  I want to create and manage articles
+} do
+  background do
+    Article.create!(:title => 'one')
+    Article.create!(:title => 'two')
+    @user = User.create! :name => 'stanislaw', :role => 'user', :email => 'stanislaw@mail.ru'
+    @editor = User.create! :name => 'editor', :role => 'editor', :email => 'editor@mail.ru'
+  end
+  scenario "Article index" do
+    visit '/articles'
+    page.should have_content('one')
+    page.should have_content('two')
+  end
+  scenario "Show article to user stanislaw" do
+    visit '/login_user/stanislaw'
+    visit '/articles/one' # using friendly id :)
+    page.should have_content('one')
+    visit '/articles/two'
+    page.should have_content('two')
+  end
+  scenario "Show article to editor" do
+    visit '/login_user/editor'
+    visit '/articles/one' # using friendly id :)
+    page.should have_content('one')
+    #page.should have_content('two')
+  end
+end

data/spec/integration/user/concerto_spec.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'dummy_spec_helper'
+feature "Concertos", %q{
+  In order to have an awesome musical pages
+  As an user having role_groups 'composers'
+  I want to do something with concertos (According to role_groups)
+} do
+  background do
+    Concerto.create!(:title => 'one')
+    Concerto.create!(:title => 'two')
+    @composer = User.create!(:name => 'composer', :role_groups => 'composers', :email => 'stanislaw@mail.ru')
+    @musician = User.create! :name => 'musician', :role_groups => 'musicians', :email => 'editor@mail.ru'
+  end
+  scenario "Concerto index" do
+    visit '/concertos'
+    page.should have_content('one')
+    page.should have_content('two')
+  end
+  scenario "Show concerto to composer" do
+    visit '/login_user/composer'
+    visit '/concertos/one' # using friendly id :)
+    page.should have_content('one')
+    visit '/concertos/two'
+    page.should have_content('two')
+  end
+  scenario "Show concerto to musician" do
+    visit '/login_user/musician'
+    visit '/concertos/one' # using friendly id :)
+    page.should have_content('one')
+    #page.should have_content('two')
+  end
+end

data/spec/note_on_caching_and_dynamic.textile ADDED Viewed

@@ -0,0 +1,114 @@
+h1. Note on caching.
+First of all section of Ryan's wiki on Defining Abilities with Blocks.
+h2. Only for Object Attributes
+The block is only evaluated when an actual instance object is present.
+It is not evaluated when checking permissions on the class (such as in the index action).
+This means any conditions which are not dependent on the object attributes should be moved outside of the block.
+<pre>
+<code>
+  #don't do this
+  can :update, Project do |project|
+    user.admin? # this won't always get called
+  end
+  #do this
+  can :update, Project if user.admin?
+</code>
+</pre>
+<hr/>
+What we have here really are conditions of two types: conditions outside blocks and inside blocks.
+I) Conditions outside blocks. They can't allow dynamic.
+Remember failing spec about #dynamic_rules do not react on changes of $something_dynamic (bspec spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb)?
+Consider _failing_ case I created based on excerpt from Ryan's ability_spec.rb. It behaves the same way as ours failing spec.
+It is ugly but I want to show that there is no possibility to allow dynamic on conditions outside blocks:
+<pre>
+<code>
+  before(:each) do
+    @ability = Object.new
+    @ability.extend(CanCan::Ability)
+  end
+  it "should be able to :read anything" do
+    $something = true
+    @ability.can :read, :all if $something_dynamic
+    @ability.can?(:read, :all).should be_true
+    $something = false
+    @ability.can?(:read, :all).should be_false
+  end
+</code>
+</pre>
+It shows us, that "can :update, Project if user.admin?" (see Ryan's code above) - is a fiction - no real dynamic!
+II) Conditions inside blocks.
+Present Ryan's #can work the following way:
+<pre>
+<code>
+  can :read, Article |article|
+    article.attribute ?   # article here is INSTANCE!
+  end
+</code>
+</pre>
+If you call @can?(:read, Article.new)@ -- inside conditions are evaluated.
+If you call @can?(:read, Article)@ -- inside conditions are SKIPPED!
+Review my pull request again (https://github.com/ryanb/cancan/pull/433) -
+I did this because of I want to allow dynamic not only on instance attributes but wider -
+on some global dynamic things like Time.now < ?
+My resume:
+I quickly explored a possibility to collect and call #dynamic_rules from all permits at the moment #can? was summoned and see - that
+it is not possible with the current design we have. Making wrapping patch will be ugly here.
+Better I suggest write any dynamic we want INSIDE #can's condition blocks like
+<pre>
+<code>
+  can :read, Article do |article|
+    $something_dynamic == true
+  end
+</code>
+</pre>
+Because outside conditions don't work as I described above.
+If we run into this direction (inside conditions blocks) then we can expect dynamic conditions of two types:
+I) Instance conditions - which are based on instance attributes. CanCan's Rule deals with instances (can?(:read, Article.new)) ok now.
+II) (rare, but anyway needed) Some global conditions which applied to the class fx Article (not instance Article.new) as a whole. To address this case
+I suggested my pull request #433, because Ryan's can? expect now that if we want conditions inside blocks being evaluated we should
+call can? on instances. My solution is very simple: extend usage of #can? on classes too. If we call #can? on Class then
+if block condition deals with instance attributes it'll of course raise error which we gracefully rescue and return true -
+in fact now Rule returns conditions'true without evaluating block AT ALL if #can? is called on Class.
+And IF BLOCK CONTAINS some condition related not to instance but to CLASS and has REALLY SOMETHING GLOBAL/DYNAMIC NOT INSTANCE-RELATED
+then we EVALUATE inside conditions ok.
+This approach will lead us to completely drop "caching/static&dynamic_rules" piece because placed dynamic inside conditions,
+WE ALREADY HAVE "CACHED" #rules, which emerge at the moment of CanTango::Ability is initialized and live unchanged
+throughout entire CanTango::Ability lifecycle.
+My request to you is follow carefully all above and consider pull request #433 again.
+I think dynamic things I talk here about really MAKE SENSE. As for us as for extending CanCan himself.
+For now CanCan doesn't allow DYNAMIC that is NO INSTANCE-RELATED!
+UPD: See my comment on pull request #433.

data/spec/path_helper.rb ADDED Viewed

@@ -0,0 +1,9 @@
+def spec_root_path
+  File.dirname(__FILE__)
+end
+def dummy_root_path
+  File.join(spec_root_path, 'dummy')
+end

data/spec/simple_roles.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module SimpleRoles
+  module ClassMethods
+    def is_role_in_group?(role, group)
+      raise "No group #{group} defined in User model" if !role_groups.has_key?(group)
+      role_groups[group].include?(role)
+    end
+    def role_groups
+      {:bloggers => [:editor]}
+    end
+    def roles
+      [:guest, :user, :admin, :editor]
+    end
+  end
+  module InstanceMethods
+    attr_accessor :role
+    attr_accessor :role_groups_list
+    def has_role? rolle
+      roles_list.include? rolle
+    end
+    def has_any_role? roles
+      roles.include?(role.to_sym)
+    end
+    def roles_list
+      role.to_s.scan(/\w+/).map{|r| r.to_sym}
+    end
+    def is_in_group? group
+      role_groups_list.include? group
+    end
+    alias_method :in_role_group?, :is_in_group?
+    def role_groups_list
+      return role_groups.scan(/\w+/).map(&:to_sym) if respond_to?(:role_groups) && !role_groups.nil?
+      @role_groups_list || [] #[:bloggers]
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,22 @@
+require 'require_all'
+require 'rspec'
+require 'cancan/matchers'
+require 'cantango'
+require 'cantango/rspec'
+require 'factory_girl'
+require 'mocha'
+require 'factories'
+require 'cutter'
+# require 'moneta'
+#Cutter::Inspection.quiet!
+require 'simple_roles'
+CanTango.configure do |config|
+  config.permission.config_path File.dirname(__FILE__) + '/fixtures/config'
+  config.cache.set :off
+end
+#require_all File.dirname(__FILE__) + '/fixtures'

data/wiki/ability/initialize.markdown ADDED Viewed

@@ -0,0 +1,45 @@
+The **CanTango::Ability** is initialized with a candidate and an options
+hash.
+## Candidate
+The candidate is any object that can have roles and/or role groups
+behavior attached. A candidate is usually either user and in some cases
+might be a user account.
+## Options hash
+When used from a web framework such as Rails, the options hash
+is populated with essential objects such as:
+* Request
+* Session
+* Params
+These objects are then made available to the permission rules for evaluation.
+Some rules might dependen on whether the user is accessing the site
+from localhost or if the user has a given session state.
+## The Flow
+1. Use cached rules if available for user
+2. Generate rules for user
+3. Cache rules for user
+### Use cache rules
+See [[Rules cache]]
+### Generate rules
+1. Generate Permission rules from store
+2. Generate Permit rules from classes
+### Cache rules
+Generate a unique hash key for the user and marshal all the rule in a
+store with that key as identifier. If the user changes, the rules
+for the old key will be invalidated and new rules generated for the new
+key.

data/wiki/api/user/api.markdown ADDED Viewed

@@ -0,0 +1,88 @@
+Cantango comes with the following Core APIs for users:
+* Can API
+* Scope API
+The examples below assume we have the user models _User_ and _Admin_ registered as Cantango users.
+See [[Registration of User models]].
+## User Can API
+The Can API is very similar to the CanCan API but instead uses a `CanTango::Ability` for a specific kind of current user.
+The devise methods `#current_xxxx` such as current_user, current_admin etc. are wll integrated in the Can API.
+For the user models User and Admin, Cantango will provide the following API:
+API methods:
+* user_can? actions, targets
+* user_cannot? actions, targets
+* admin_can? actions, targets
+* admin_cannot? actions, targets
+Example use:
+```ruby
+if user_can? :edit, Article
+  # do sth
+end
+```
+```ruby
+if admin_cannot? :manage, Article
+  # do sth
+end
+```
+## User Scope API
+The Scope API is useful when you want to do several ability tests for the same kind of user.
+API methods:
+* scope_user type, options = {}, &block
+* real_user type, options = {}, &block
+`#scope_user` is used to define an ability scope for a specific user. The
+permission API can then operate on this ability scope directly instead
+of having to create the ability each time.
+Example use `#scope_user`:
+```ruby
+scope_user :admin do |admin|
+  if admin.can?(:edit, Article) || admin.can?(:read, Post)
+    # do stuff
+  end
+  if admin.can? :delete, Article
+    # delete link here
+  end
+end
+```
+### Real user
+The method `#real_user` is used to explicitly negate masquerading within the scope.
+Thus the permissions apply to the real user, not the masqueraded user.
+Assume we have an app divided into a public app and an admin app.
+For an Admin user it could make sense to masquerade as a Public user in
+the public part of the application, but remain as an Admin user in the
+admin app while remaining in the same session.
+This can be achieve using `#real_user` in the admin app.
+Example use `#real_user`:
+```ruby
+real_user :admin do |admin|
+  if admin.can?(:edit, Article) || admin.can?(:read, Post)
+    # do stuff
+  end
+  if admin.can? :delete, Article
+    # delete link here
+  end
+end
+```

data/wiki/api/user_account/api.markdown ADDED Viewed

@@ -0,0 +1,88 @@
+The User Account APIs are very similar to the [[User APIs]]
+* Can API
+* Scope API
+Assume we have the account models UserAccount and AdminAccount registered as Cantango users.
+See [[Registration of User Account models]] for details.
+## Account Can API
+The Account Can API expects methods in the form `#current_xxxx` are available for each type of user account.
+In our scenario, `#current_user_account` and `#current_admin_account` should be available.
+Cantango will provide the following API:
+API methods:
+* user_can? actions, targets
+* user_cannot? actions, targets
+* admin_can? actions, targets
+* admin_cannot? actions, targets
+Example use:
+```ruby
+if user_account_cannot? :edit, Article
+  # do sth
+end
+```
+```ruby
+if admin_account_can? :manage, Article
+  # do sth
+end
+```
+## Account Scope API
+The Scope API is useful when you want to do several ability tests for the same kind of user account.
+API methods:
+* scope_acount type, options = {}, &block
+* as_real_account type, options = {}, &block
+`#scope_account` is used to define an ability scope for a specific user account. The
+permission API can then operate on this ability scope directly instead
+of having to create the ability each time.
+Example use #scope_account:
+```ruby
+scope_account :admin do |account|
+  if account.can?(:edit, Article) || account.can?(:read, Post)
+    # do stuff
+  end
+  if account.can? :delete, Article
+    # delete link here
+  end
+end
+```
+### Real account
+`#real_account` is used to explicitly negate masquerading within the scope.
+Thus the permissions apply to the real account, not the masqueraded account.
+Assume we have an app divided into a public app and an admin app.
+For an Admin user it could make sense to masquerade as if he was logged
+in to the Public account in the public part of the application.
+The admin should remain as an Admin user on the Admin account when
+accessing the admin app, while remaining in the same session.
+This can be achieve using `#real_account` in the admin app.
+Example use #real_account:
+```ruby
+real_account :admin do |account|
+  if account.can?(:edit, Article) || account.can?(:read, Post)
+    # do stuff
+  end
+  if account.can? :delete, Article
+    # delete link here
+  end
+end
+```