cantango 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (578) hide show
  1. data/.document +5 -0
  2. data/.rspec +1 -0
  3. data/Gemfile +58 -0
  4. data/LICENSE.txt +20 -0
  5. data/README.textile +211 -0
  6. data/Rakefile +48 -0
  7. data/VERSION +1 -0
  8. data/cantango.gemspec +658 -0
  9. data/ideas/feature_list.markdown +58 -0
  10. data/lib/cantango.rb +32 -0
  11. data/lib/cantango/ability.rb +56 -0
  12. data/lib/cantango/ability/cache.rb +95 -0
  13. data/lib/cantango/ability/cache/base_cache.rb +26 -0
  14. data/lib/cantango/ability/cache/kompiler.rb +24 -0
  15. data/lib/cantango/ability/cache/moneta_cache.rb +32 -0
  16. data/lib/cantango/ability/cache/session_cache.rb +38 -0
  17. data/lib/cantango/ability/class_methods.rb +27 -0
  18. data/lib/cantango/ability/masquerade_helpers.rb +19 -0
  19. data/lib/cantango/ability/permission_helpers.rb +20 -0
  20. data/lib/cantango/ability/permit_helpers.rb +27 -0
  21. data/lib/cantango/ability/role_helpers.rb +26 -0
  22. data/lib/cantango/ability/scope.rb +20 -0
  23. data/lib/cantango/ability/user_helpers.rb +22 -0
  24. data/lib/cantango/api.rb +5 -0
  25. data/lib/cantango/api/aliases.rb +8 -0
  26. data/lib/cantango/api/aliases/account_permit.rb +8 -0
  27. data/lib/cantango/api/aliases/license.rb +7 -0
  28. data/lib/cantango/api/aliases/permit.rb +9 -0
  29. data/lib/cantango/api/aliases/role_group_permit.rb +7 -0
  30. data/lib/cantango/api/aliases/role_permit.rb +7 -0
  31. data/lib/cantango/api/aliases/user_permit.rb +8 -0
  32. data/lib/cantango/api/common.rb +10 -0
  33. data/lib/cantango/api/options.rb +16 -0
  34. data/lib/cantango/api/user.rb +20 -0
  35. data/lib/cantango/api/user/ability.rb +38 -0
  36. data/lib/cantango/api/user/can.rb +26 -0
  37. data/lib/cantango/api/user/scope.rb +29 -0
  38. data/lib/cantango/api/user_account.rb +20 -0
  39. data/lib/cantango/api/user_account/ability.rb +44 -0
  40. data/lib/cantango/api/user_account/can.rb +26 -0
  41. data/lib/cantango/api/user_account/scope.rb +29 -0
  42. data/lib/cantango/cache.rb +6 -0
  43. data/lib/cantango/cache/moneta_cache.rb +68 -0
  44. data/lib/cantango/cancan/rule.rb +6 -0
  45. data/lib/cantango/configuration.rb +83 -0
  46. data/lib/cantango/configuration/ability.rb +13 -0
  47. data/lib/cantango/configuration/autoload.rb +38 -0
  48. data/lib/cantango/configuration/categories.rb +55 -0
  49. data/lib/cantango/configuration/engines.rb +49 -0
  50. data/lib/cantango/configuration/engines/cache.rb +20 -0
  51. data/lib/cantango/configuration/engines/engine.rb +31 -0
  52. data/lib/cantango/configuration/engines/permission.rb +49 -0
  53. data/lib/cantango/configuration/engines/permit.rb +26 -0
  54. data/lib/cantango/configuration/engines/store.rb +24 -0
  55. data/lib/cantango/configuration/factory.rb +59 -0
  56. data/lib/cantango/configuration/guest.rb +57 -0
  57. data/lib/cantango/configuration/hash_registry.rb +62 -0
  58. data/lib/cantango/configuration/models.rb +48 -0
  59. data/lib/cantango/configuration/registry.rb +53 -0
  60. data/lib/cantango/configuration/role_groups.rb +15 -0
  61. data/lib/cantango/configuration/role_registry.rb +43 -0
  62. data/lib/cantango/configuration/roles.rb +16 -0
  63. data/lib/cantango/configuration/user.rb +47 -0
  64. data/lib/cantango/configuration/user_account.rb +23 -0
  65. data/lib/cantango/configuration/user_accounts.rb +7 -0
  66. data/lib/cantango/configuration/users.rb +7 -0
  67. data/lib/cantango/helpers.rb +5 -0
  68. data/lib/cantango/helpers/role_methods.rb +26 -0
  69. data/lib/cantango/permission_engine.rb +7 -0
  70. data/lib/cantango/permission_engine/builder.rb +6 -0
  71. data/lib/cantango/permission_engine/collector.rb +43 -0
  72. data/lib/cantango/permission_engine/compiler.rb +67 -0
  73. data/lib/cantango/permission_engine/evaluator.rb +34 -0
  74. data/lib/cantango/permission_engine/factory.rb +60 -0
  75. data/lib/cantango/permission_engine/loader.rb +7 -0
  76. data/lib/cantango/permission_engine/loader/base.rb +39 -0
  77. data/lib/cantango/permission_engine/loader/categories.rb +50 -0
  78. data/lib/cantango/permission_engine/loader/permissions.rb +66 -0
  79. data/lib/cantango/permission_engine/moneta_store.rb +30 -0
  80. data/lib/cantango/permission_engine/parser.rb +32 -0
  81. data/lib/cantango/permission_engine/parser/categories.rb +18 -0
  82. data/lib/cantango/permission_engine/parser/category.rb +34 -0
  83. data/lib/cantango/permission_engine/parser/default.rb +20 -0
  84. data/lib/cantango/permission_engine/parser/ownership.rb +32 -0
  85. data/lib/cantango/permission_engine/parser/permissions.rb +33 -0
  86. data/lib/cantango/permission_engine/parser/regex.rb +35 -0
  87. data/lib/cantango/permission_engine/parser/relationship.rb +23 -0
  88. data/lib/cantango/permission_engine/parser/rule.rb +31 -0
  89. data/lib/cantango/permission_engine/permission.rb +40 -0
  90. data/lib/cantango/permission_engine/selector.rb +16 -0
  91. data/lib/cantango/permission_engine/selector/base.rb +19 -0
  92. data/lib/cantango/permission_engine/selector/licenses.rb +19 -0
  93. data/lib/cantango/permission_engine/selector/role_groups.rb +24 -0
  94. data/lib/cantango/permission_engine/selector/roles.rb +25 -0
  95. data/lib/cantango/permission_engine/selector/users.rb +22 -0
  96. data/lib/cantango/permission_engine/statement.rb +14 -0
  97. data/lib/cantango/permission_engine/statements.rb +35 -0
  98. data/lib/cantango/permission_engine/store.rb +33 -0
  99. data/lib/cantango/permission_engine/yaml_store.rb +108 -0
  100. data/lib/cantango/permit_engine.rb +8 -0
  101. data/lib/cantango/permit_engine/account_permit.rb +41 -0
  102. data/lib/cantango/permit_engine/account_permit/builder.rb +22 -0
  103. data/lib/cantango/permit_engine/account_permit/finder.rb +20 -0
  104. data/lib/cantango/permit_engine/builder.rb +8 -0
  105. data/lib/cantango/permit_engine/builder/base.rb +50 -0
  106. data/lib/cantango/permit_engine/builder/special_permits.rb +20 -0
  107. data/lib/cantango/permit_engine/compatibility.rb +20 -0
  108. data/lib/cantango/permit_engine/executor.rb +7 -0
  109. data/lib/cantango/permit_engine/executor/abstract.rb +40 -0
  110. data/lib/cantango/permit_engine/executor/base.rb +51 -0
  111. data/lib/cantango/permit_engine/executor/system.rb +13 -0
  112. data/lib/cantango/permit_engine/factory.rb +45 -0
  113. data/lib/cantango/permit_engine/finder.rb +39 -0
  114. data/lib/cantango/permit_engine/license.rb +37 -0
  115. data/lib/cantango/permit_engine/license/loader.rb +19 -0
  116. data/lib/cantango/permit_engine/license/rules.rb +17 -0
  117. data/lib/cantango/permit_engine/permit.rb +149 -0
  118. data/lib/cantango/permit_engine/role_group_permit.rb +37 -0
  119. data/lib/cantango/permit_engine/role_group_permit/builder.rb +47 -0
  120. data/lib/cantango/permit_engine/role_group_permit/finder.rb +20 -0
  121. data/lib/cantango/permit_engine/role_matcher.rb +13 -0
  122. data/lib/cantango/permit_engine/role_permit.rb +38 -0
  123. data/lib/cantango/permit_engine/role_permit/builder.rb +46 -0
  124. data/lib/cantango/permit_engine/role_permit/finder.rb +19 -0
  125. data/lib/cantango/permit_engine/user_permit.rb +40 -0
  126. data/lib/cantango/permit_engine/user_permit/builder.rb +21 -0
  127. data/lib/cantango/permit_engine/user_permit/finder.rb +20 -0
  128. data/lib/cantango/permit_engine/util.rb +19 -0
  129. data/lib/cantango/rails.rb +5 -0
  130. data/lib/cantango/rails/base_helpers.rb +26 -0
  131. data/lib/cantango/rails/controller_helpers.rb +15 -0
  132. data/lib/cantango/rails/engine.rb +47 -0
  133. data/lib/cantango/rails/railtie.rb +7 -0
  134. data/lib/cantango/rails/view_helpers.rb +15 -0
  135. data/lib/cantango/rspec.rb +1 -0
  136. data/lib/cantango/rspec/config.rb +9 -0
  137. data/lib/cantango/rspec/matchers.rb +9 -0
  138. data/lib/cantango/rspec/matchers/be_allowed_to.rb +26 -0
  139. data/lib/cantango/rspec/matchers/have_license.rb +11 -0
  140. data/lib/cantango/rspec/matchers/have_license_class.rb +14 -0
  141. data/lib/cantango/rspec/matchers/have_license_file.rb +82 -0
  142. data/lib/cantango/rules.rb +23 -0
  143. data/lib/cantango/rules/adaptor.rb +32 -0
  144. data/lib/cantango/rules/adaptor/active_record.rb +13 -0
  145. data/lib/cantango/rules/adaptor/generic.rb +16 -0
  146. data/lib/cantango/rules/adaptor/mongoid.rb +13 -0
  147. data/lib/cantango/rules/dsl.rb +24 -0
  148. data/lib/cantango/rules/rule_class.rb +11 -0
  149. data/lib/cantango/rules/scope.rb +24 -0
  150. data/lib/cantango/rules/user_relation.rb +68 -0
  151. data/lib/cantango/users.rb +5 -0
  152. data/lib/cantango/users/macros.rb +9 -0
  153. data/lib/cantango/users/masquerade.rb +22 -0
  154. data/lib/cantango/users/masquerade/session_active_user.rb +18 -0
  155. data/lib/cantango/users/user.rb +30 -0
  156. data/lib/cantango/users/user_account.rb +23 -0
  157. data/lib/generators/cantango/base.rb +52 -0
  158. data/lib/generators/cantango/license/license_generator.rb +34 -0
  159. data/lib/generators/cantango/license/templates/license.erb +10 -0
  160. data/lib/generators/cantango/license_base.rb +15 -0
  161. data/lib/generators/cantango/licenses/licenses_generator.rb +31 -0
  162. data/lib/generators/cantango/permit_generator.rb +36 -0
  163. data/lib/generators/cantango/role_permit/role_permit_generator.rb +42 -0
  164. data/lib/generators/cantango/role_permit/templates/account_permit.erb +4 -0
  165. data/lib/generators/cantango/role_permit/templates/role_group_permit.erb +14 -0
  166. data/lib/generators/cantango/role_permit/templates/role_permit.erb +13 -0
  167. data/lib/generators/cantango/role_permits/role_permits_generator.rb +127 -0
  168. data/spec/Note_on_licenses.textile +44 -0
  169. data/spec/Refactor_into_engines.textile +115 -0
  170. data/spec/TODO +7 -0
  171. data/spec/active_record/AR_README.textile +20 -0
  172. data/spec/active_record/config_helper.rb +108 -0
  173. data/spec/active_record/db/database.yml +4 -0
  174. data/spec/active_record/helper/ar_config.rb +19 -0
  175. data/spec/active_record/helper/permits_config.rb +12 -0
  176. data/spec/active_record/helper/rails_config.rb +6 -0
  177. data/spec/active_record/helper/rspec_config.rb +20 -0
  178. data/spec/active_record/migrations/001_create_user.rb +14 -0
  179. data/spec/active_record/migrations/002_create_comment.rb +13 -0
  180. data/spec/active_record/migrations/003_create_post.rb +13 -0
  181. data/spec/active_record/migrations/004_create_article.rb +13 -0
  182. data/spec/active_record/migrations/005_create_account.rb +13 -0
  183. data/spec/active_record/migrations/006_create_todo.rb +12 -0
  184. data/spec/active_record/migrations/007_create_user_todos.rb +13 -0
  185. data/spec/active_record/scenarios/SCENARIOS README.textile +19 -0
  186. data/spec/active_record/scenarios/engines/permission_engine/cantango_permissions.yml +63 -0
  187. data/spec/active_record/scenarios/engines/permission_engine/categories.yml +6 -0
  188. data/spec/active_record/scenarios/engines/permission_engine/tango_permission_yml_spec.rb +77 -0
  189. data/spec/active_record/scenarios/engines/permission_engine/users.rb +88 -0
  190. data/spec/active_record/scenarios/engines/permit_engine/licenses_spec.rb +37 -0
  191. data/spec/active_record/scenarios/engines/permit_engine/role_groups_permits_spec.rb +35 -0
  192. data/spec/active_record/scenarios/guest_user_admin/admin_user_spec.rb +19 -0
  193. data/spec/active_record/scenarios/guest_user_admin/docs/GUEST_ADMIN_USER_SCENARIO.textile +20 -0
  194. data/spec/active_record/scenarios/guest_user_admin/editor_spec.rb +19 -0
  195. data/spec/active_record/scenarios/guest_user_admin/guest_user_spec.rb +16 -0
  196. data/spec/active_record/scenarios/guest_user_admin/user_having_user_and_editor_roles_spec.rb +19 -0
  197. data/spec/active_record/scenarios/guest_user_admin/user_spec.rb +32 -0
  198. data/spec/active_record/scenarios/masquerading/masquerading_for_admin_account_spec.rb +41 -0
  199. data/spec/active_record/scenarios/masquerading/masquerading_for_admin_user_spec.rb +38 -0
  200. data/spec/active_record/scenarios/shared/api.rb +4 -0
  201. data/spec/active_record/scenarios/shared/can_tango.rb +2 -0
  202. data/spec/active_record/scenarios/shared/examples/user_accounts.rb +47 -0
  203. data/spec/active_record/scenarios/shared/examples/users.rb +85 -0
  204. data/spec/active_record/scenarios/shared/licenses/musicians_license.rb +12 -0
  205. data/spec/active_record/scenarios/shared/models/items.rb +26 -0
  206. data/spec/active_record/scenarios/shared/models/todo.rb +4 -0
  207. data/spec/active_record/scenarios/shared/models/user_todo.rb +4 -0
  208. data/spec/active_record/scenarios/shared/models/users.rb +46 -0
  209. data/spec/active_record/scenarios/shared/permits/PERMITS README.textile +3 -0
  210. data/spec/active_record/scenarios/shared/permits/account_permits/admin_account_permit.rb +30 -0
  211. data/spec/active_record/scenarios/shared/permits/account_permits/guest_account_permit.rb +16 -0
  212. data/spec/active_record/scenarios/shared/permits/account_permits/user_account_permit.rb +46 -0
  213. data/spec/active_record/scenarios/shared/permits/role/admin_permit.rb +11 -0
  214. data/spec/active_record/scenarios/shared/permits/role/editor_permit.rb +42 -0
  215. data/spec/active_record/scenarios/shared/permits/role/guest_permit.rb +26 -0
  216. data/spec/active_record/scenarios/shared/permits/role/super_admin_permit.rb +9 -0
  217. data/spec/active_record/scenarios/shared/permits/role/user_permit.rb +49 -0
  218. data/spec/active_record/scenarios/shared/permits/role_group/bloggers_permit.rb +8 -0
  219. data/spec/active_record/scenarios/shared/permits/role_group/musicians_permit.rb +9 -0
  220. data/spec/active_record/scenarios/shared/permits/special/any_role_permit.rb +10 -0
  221. data/spec/active_record/scenarios/shared/permits/special/system_role_permit.rb +10 -0
  222. data/spec/active_record/scenarios/user_accounts/admin_account_spec.rb +34 -0
  223. data/spec/active_record/scenarios/user_accounts/config/account_permits.yml +0 -0
  224. data/spec/active_record/scenarios/user_accounts/docs/USER_ACCOUNTS_SCENARIO.textile +20 -0
  225. data/spec/active_record/scenarios/user_accounts/docs/basic_rules_spec_possible_samples.txt +84 -0
  226. data/spec/active_record/scenarios/user_accounts/guest_account_spec.rb +34 -0
  227. data/spec/active_record/scenarios/user_accounts/helpers.rb +5 -0
  228. data/spec/active_record/scenarios/user_accounts/helpers/account_setup.rb +41 -0
  229. data/spec/active_record/scenarios/user_accounts/helpers/user_factory.rb +19 -0
  230. data/spec/active_record/scenarios/user_accounts/permits/admin_account_permit.rb +28 -0
  231. data/spec/active_record/scenarios/user_accounts/permits/guest_account_permit.rb +14 -0
  232. data/spec/active_record/scenarios/user_accounts/permits/user_account_permit.rb +43 -0
  233. data/spec/active_record/scenarios/user_accounts/user_account_spec.rb +36 -0
  234. data/spec/active_record/spec_helper.rb +19 -0
  235. data/spec/cantango/README.textile +3 -0
  236. data/spec/cantango/ability/cache/compiler_spec.rb +45 -0
  237. data/spec/cantango/ability/cache/session_cache_spec.rb +11 -0
  238. data/spec/cantango/ability/cache_spec.rb +107 -0
  239. data/spec/cantango/ability_filters_spec.rb +128 -0
  240. data/spec/cantango/ability_spec.rb +74 -0
  241. data/spec/cantango/api/current_user_accounts.rb +14 -0
  242. data/spec/cantango/api/current_users.rb +10 -0
  243. data/spec/cantango/api/user/ability_api_spec.rb +44 -0
  244. data/spec/cantango/api/user/can_api_spec.rb +109 -0
  245. data/spec/cantango/api/user/scope_api_spec.rb +65 -0
  246. data/spec/cantango/api/user_account/ability_api_spec.rb +29 -0
  247. data/spec/cantango/api/user_account/can_api_spec.rb +82 -0
  248. data/spec/cantango/api/user_account/scope_api_spec.rb +0 -0
  249. data/spec/cantango/api/user_account_api_spec.rb +0 -0
  250. data/spec/cantango/api/user_api_spec.rb +0 -0
  251. data/spec/cantango/configuration/ability_spec.rb +13 -0
  252. data/spec/cantango/configuration/autoload_spec.rb +53 -0
  253. data/spec/cantango/configuration/categories_spec.rb +60 -0
  254. data/spec/cantango/configuration/engines/cache_spec.rb +19 -0
  255. data/spec/cantango/configuration/engines/engine_shared.rb +22 -0
  256. data/spec/cantango/configuration/engines/permission_spec.rb +31 -0
  257. data/spec/cantango/configuration/engines/permit_spec.rb +16 -0
  258. data/spec/cantango/configuration/engines/store_engine_shared.rb +16 -0
  259. data/spec/cantango/configuration/engines/store_shared.rb +36 -0
  260. data/spec/cantango/configuration/engines_spec.rb +41 -0
  261. data/spec/cantango/configuration/factory_spec.rb +20 -0
  262. data/spec/cantango/configuration/guest/find_guest_default_way_spec.rb +33 -0
  263. data/spec/cantango/configuration/guest_spec.rb +62 -0
  264. data/spec/cantango/configuration/hash_registry_spec.rb +17 -0
  265. data/spec/cantango/configuration/registry_spec.rb +17 -0
  266. data/spec/cantango/configuration/role_groups_spec.rb +15 -0
  267. data/spec/cantango/configuration/roles_spec.rb +16 -0
  268. data/spec/cantango/configuration/shared/factory_ex.rb +40 -0
  269. data/spec/cantango/configuration/shared/hash_registry_ex.rb +65 -0
  270. data/spec/cantango/configuration/shared/registry_ex.rb +39 -0
  271. data/spec/cantango/configuration/shared/role_registry_ex.rb +22 -0
  272. data/spec/cantango/configuration/user_account_spec.rb +26 -0
  273. data/spec/cantango/configuration/user_spec.rb +46 -0
  274. data/spec/cantango/configuration_spec.rb +42 -0
  275. data/spec/cantango/license/save_license_spec.rb +24 -0
  276. data/spec/cantango/models/items.rb +12 -0
  277. data/spec/cantango/models/users.rb +13 -0
  278. data/spec/cantango/moneta_spec.rb +31 -0
  279. data/spec/cantango/parser/categories_spec.rb +0 -0
  280. data/spec/cantango/parser/permissions_spec.rb +0 -0
  281. data/spec/cantango/permission_engine/PERMISSION_STORE.textile +75 -0
  282. data/spec/cantango/permission_engine/categories_store_spec.rb +10 -0
  283. data/spec/cantango/permission_engine/compiler_spec.rb +32 -0
  284. data/spec/cantango/permission_engine/loader/categories_spec.rb +19 -0
  285. data/spec/cantango/permission_engine/loader/permissions/cantango_permissions_loader.rb +27 -0
  286. data/spec/cantango/permission_engine/loader/permissions/shared.rb +9 -0
  287. data/spec/cantango/permission_engine/moneta_store_spec.rb +0 -0
  288. data/spec/cantango/permission_engine/parser_spec.rb +39 -0
  289. data/spec/cantango/permission_engine/permission_spec.rb +35 -0
  290. data/spec/cantango/permission_engine/permission_store_spec.rb +10 -0
  291. data/spec/cantango/permission_engine/shared_examples.rb +22 -0
  292. data/spec/cantango/permission_engine/store_spec.rb +8 -0
  293. data/spec/cantango/permission_engine/user_permission_store_spec.rb +12 -0
  294. data/spec/cantango/permission_engine/yaml_store_spec.rb +83 -0
  295. data/spec/cantango/permit_engine/account_permit_spec.rb +47 -0
  296. data/spec/cantango/permit_engine/builder/role_group_permits_spec.rb +63 -0
  297. data/spec/cantango/permit_engine/builder/role_permits_spec.rb +58 -0
  298. data/spec/cantango/permit_engine/builder/special_permits_spec.rb +42 -0
  299. data/spec/cantango/permit_engine/executor/system_spec.rb +61 -0
  300. data/spec/cantango/permit_engine/factory_spec.rb +50 -0
  301. data/spec/cantango/permit_engine/finder_spec.rb +70 -0
  302. data/spec/cantango/permit_engine/permit/permit_static_and_dynamic_rules_spec.rb +74 -0
  303. data/spec/cantango/permit_engine/role_group_permit_spec.rb +43 -0
  304. data/spec/cantango/permit_engine/role_permit_spec.rb +44 -0
  305. data/spec/cantango/permit_engine/user_permit_spec.rb +41 -0
  306. data/spec/cantango/rules_spec.rb +55 -0
  307. data/spec/devise-dummy/Rakefile +7 -0
  308. data/spec/devise-dummy/app/controllers/accounts_controller.rb +25 -0
  309. data/spec/devise-dummy/app/controllers/application_controller.rb +3 -0
  310. data/spec/devise-dummy/app/controllers/articles_controller.rb +48 -0
  311. data/spec/devise-dummy/app/controllers/comments_controller.rb +40 -0
  312. data/spec/devise-dummy/app/controllers/concertos_controller.rb +49 -0
  313. data/spec/devise-dummy/app/controllers/main_controller.rb +8 -0
  314. data/spec/devise-dummy/app/controllers/posts_controller.rb +49 -0
  315. data/spec/devise-dummy/app/controllers/users_controller.rb +25 -0
  316. data/spec/devise-dummy/app/helpers/application_helper.rb +2 -0
  317. data/spec/devise-dummy/app/models/account_setup.rb +41 -0
  318. data/spec/devise-dummy/app/models/admin.rb +11 -0
  319. data/spec/devise-dummy/app/models/article.rb +6 -0
  320. data/spec/devise-dummy/app/models/comment.rb +5 -0
  321. data/spec/devise-dummy/app/models/concerto.rb +6 -0
  322. data/spec/devise-dummy/app/models/guest.rb +34 -0
  323. data/spec/devise-dummy/app/models/improvisation.rb +2 -0
  324. data/spec/devise-dummy/app/models/post.rb +5 -0
  325. data/spec/devise-dummy/app/models/song.rb +3 -0
  326. data/spec/devise-dummy/app/models/tune.rb +3 -0
  327. data/spec/devise-dummy/app/models/user.rb +22 -0
  328. data/spec/devise-dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
  329. data/spec/devise-dummy/app/permits/licenses/bloggers_license.rb +12 -0
  330. data/spec/devise-dummy/app/permits/licenses/musicians_license.rb +13 -0
  331. data/spec/devise-dummy/app/permits/role_groups/editor_permit.rb +13 -0
  332. data/spec/devise-dummy/app/permits/roles/admin_permit.rb +12 -0
  333. data/spec/devise-dummy/app/permits/roles/guest_permit.rb +12 -0
  334. data/spec/devise-dummy/app/permits/roles/user_permit.rb +14 -0
  335. data/spec/devise-dummy/app/views/articles/admin.html.haml +20 -0
  336. data/spec/devise-dummy/app/views/articles/admin_account.html.haml +20 -0
  337. data/spec/devise-dummy/app/views/articles/guest.html.haml +20 -0
  338. data/spec/devise-dummy/app/views/articles/index.html.haml +23 -0
  339. data/spec/devise-dummy/app/views/articles/show.html.haml +10 -0
  340. data/spec/devise-dummy/app/views/comments/guest.html.haml +20 -0
  341. data/spec/devise-dummy/app/views/comments/index.html.haml +20 -0
  342. data/spec/devise-dummy/app/views/concertos/admin.html.haml +19 -0
  343. data/spec/devise-dummy/app/views/concertos/admin_account.html.haml +20 -0
  344. data/spec/devise-dummy/app/views/concertos/guest.html.haml +20 -0
  345. data/spec/devise-dummy/app/views/concertos/index.html.haml +19 -0
  346. data/spec/devise-dummy/app/views/concertos/show.html.haml +10 -0
  347. data/spec/devise-dummy/app/views/devise/confirmations/new.html.erb +12 -0
  348. data/spec/devise-dummy/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  349. data/spec/devise-dummy/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  350. data/spec/devise-dummy/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  351. data/spec/devise-dummy/app/views/devise/passwords/edit.html.erb +16 -0
  352. data/spec/devise-dummy/app/views/devise/passwords/new.html.erb +12 -0
  353. data/spec/devise-dummy/app/views/devise/registrations/edit.html.erb +25 -0
  354. data/spec/devise-dummy/app/views/devise/registrations/new.html.erb +18 -0
  355. data/spec/devise-dummy/app/views/devise/sessions/new.html.erb +17 -0
  356. data/spec/devise-dummy/app/views/devise/shared/_links.erb +25 -0
  357. data/spec/devise-dummy/app/views/devise/unlocks/new.html.erb +12 -0
  358. data/spec/devise-dummy/app/views/layouts/application.html.erb +14 -0
  359. data/spec/devise-dummy/app/views/main/index.html.haml +1 -0
  360. data/spec/devise-dummy/app/views/posts/admin.html.haml +20 -0
  361. data/spec/devise-dummy/app/views/posts/admin_account.html.haml +20 -0
  362. data/spec/devise-dummy/app/views/posts/guest.html.haml +20 -0
  363. data/spec/devise-dummy/app/views/posts/index.html.haml +19 -0
  364. data/spec/devise-dummy/app/views/posts/show.html.haml +11 -0
  365. data/spec/devise-dummy/app/views/users/admin.html.haml +19 -0
  366. data/spec/devise-dummy/app/views/users/admin_account.html.haml +19 -0
  367. data/spec/devise-dummy/app/views/users/guest.html.haml +19 -0
  368. data/spec/devise-dummy/app/views/users/index.html.haml +19 -0
  369. data/spec/devise-dummy/app/views/users/show.html.haml +11 -0
  370. data/spec/devise-dummy/config.ru +4 -0
  371. data/spec/devise-dummy/config/application.rb +46 -0
  372. data/spec/devise-dummy/config/boot.rb +10 -0
  373. data/spec/devise-dummy/config/cantango_permissions.yml +50 -0
  374. data/spec/devise-dummy/config/categories.yml +10 -0
  375. data/spec/devise-dummy/config/database.yml +22 -0
  376. data/spec/devise-dummy/config/environment.rb +5 -0
  377. data/spec/devise-dummy/config/environments/development.rb +26 -0
  378. data/spec/devise-dummy/config/environments/production.rb +49 -0
  379. data/spec/devise-dummy/config/environments/test.rb +35 -0
  380. data/spec/devise-dummy/config/initializers/backtrace_silencers.rb +7 -0
  381. data/spec/devise-dummy/config/initializers/cantango.rb +8 -0
  382. data/spec/devise-dummy/config/initializers/devise.rb +204 -0
  383. data/spec/devise-dummy/config/initializers/inflections.rb +10 -0
  384. data/spec/devise-dummy/config/initializers/mime_types.rb +5 -0
  385. data/spec/devise-dummy/config/initializers/secret_token.rb +7 -0
  386. data/spec/devise-dummy/config/initializers/session_store.rb +8 -0
  387. data/spec/devise-dummy/config/initializers/simple_roles.rb +42 -0
  388. data/spec/devise-dummy/config/locales/devise.en.yml +53 -0
  389. data/spec/devise-dummy/config/locales/en.yml +5 -0
  390. data/spec/devise-dummy/config/routes.rb +88 -0
  391. data/spec/devise-dummy/db/migrate/002_create_comment.rb +13 -0
  392. data/spec/devise-dummy/db/migrate/003_create_post.rb +14 -0
  393. data/spec/devise-dummy/db/migrate/004_create_article.rb +14 -0
  394. data/spec/devise-dummy/db/migrate/005_create_account.rb +13 -0
  395. data/spec/devise-dummy/db/migrate/006_create_concerto.rb +14 -0
  396. data/spec/devise-dummy/db/migrate/007_devise_create_users.rb +31 -0
  397. data/spec/devise-dummy/db/schema.rb +75 -0
  398. data/spec/devise-dummy/db/seeds.rb +5 -0
  399. data/spec/devise-dummy/db/users.txt +7 -0
  400. data/spec/devise-dummy/public/404.html +26 -0
  401. data/spec/devise-dummy/public/422.html +26 -0
  402. data/spec/devise-dummy/public/500.html +26 -0
  403. data/spec/devise-dummy/public/favicon.ico +0 -0
  404. data/spec/devise-dummy/public/javascripts/application.js +2 -0
  405. data/spec/devise-dummy/public/javascripts/controls.js +965 -0
  406. data/spec/devise-dummy/public/javascripts/dragdrop.js +974 -0
  407. data/spec/devise-dummy/public/javascripts/effects.js +1123 -0
  408. data/spec/devise-dummy/public/javascripts/prototype.js +6001 -0
  409. data/spec/devise-dummy/public/javascripts/rails.js +191 -0
  410. data/spec/devise-dummy/public/stylesheets/.gitkeep +0 -0
  411. data/spec/devise-dummy/script/rails +6 -0
  412. data/spec/devise-dummy_spec_helper.rb +41 -0
  413. data/spec/devise-integration/concerto_spec.rb +80 -0
  414. data/spec/dummy/Rakefile +7 -0
  415. data/spec/dummy/app/controllers/accounts_controller.rb +23 -0
  416. data/spec/dummy/app/controllers/application_controller.rb +3 -0
  417. data/spec/dummy/app/controllers/articles_controller.rb +55 -0
  418. data/spec/dummy/app/controllers/comments_controller.rb +38 -0
  419. data/spec/dummy/app/controllers/concertos_controller.rb +43 -0
  420. data/spec/dummy/app/controllers/main_controller.rb +8 -0
  421. data/spec/dummy/app/controllers/posts_controller.rb +47 -0
  422. data/spec/dummy/app/controllers/sessions_controller.rb +16 -0
  423. data/spec/dummy/app/controllers/users_controller.rb +23 -0
  424. data/spec/dummy/app/helpers/application_helper.rb +37 -0
  425. data/spec/dummy/app/models/account_setup.rb +41 -0
  426. data/spec/dummy/app/models/admin.rb +4 -0
  427. data/spec/dummy/app/models/article.rb +6 -0
  428. data/spec/dummy/app/models/comment.rb +5 -0
  429. data/spec/dummy/app/models/concerto.rb +6 -0
  430. data/spec/dummy/app/models/guest.rb +27 -0
  431. data/spec/dummy/app/models/improvisation.rb +2 -0
  432. data/spec/dummy/app/models/post.rb +5 -0
  433. data/spec/dummy/app/models/song.rb +3 -0
  434. data/spec/dummy/app/models/tune.rb +3 -0
  435. data/spec/dummy/app/models/user.rb +12 -0
  436. data/spec/dummy/app/permits/accounts/admin/roles/editor_permit.rb +15 -0
  437. data/spec/dummy/app/permits/licenses/bloggers_license.rb +12 -0
  438. data/spec/dummy/app/permits/licenses/musicians_license.rb +13 -0
  439. data/spec/dummy/app/permits/role_groups/editor_permit.rb +13 -0
  440. data/spec/dummy/app/permits/roles/admin_permit.rb +12 -0
  441. data/spec/dummy/app/permits/roles/guest_permit.rb +12 -0
  442. data/spec/dummy/app/permits/roles/user_permit.rb +18 -0
  443. data/spec/dummy/app/views/articles/admin.html.haml +20 -0
  444. data/spec/dummy/app/views/articles/admin_account.html.haml +20 -0
  445. data/spec/dummy/app/views/articles/guest.html.haml +20 -0
  446. data/spec/dummy/app/views/articles/index.html.haml +23 -0
  447. data/spec/dummy/app/views/articles/show.html.haml +10 -0
  448. data/spec/dummy/app/views/comments/guest.html.haml +20 -0
  449. data/spec/dummy/app/views/comments/index.html.haml +20 -0
  450. data/spec/dummy/app/views/concertos/admin.html.haml +20 -0
  451. data/spec/dummy/app/views/concertos/admin_account.html.haml +20 -0
  452. data/spec/dummy/app/views/concertos/guest.html.haml +20 -0
  453. data/spec/dummy/app/views/concertos/index.html.haml +19 -0
  454. data/spec/dummy/app/views/concertos/show.html.haml +10 -0
  455. data/spec/dummy/app/views/layouts/application.html.erb +14 -0
  456. data/spec/dummy/app/views/main/index.html.haml +1 -0
  457. data/spec/dummy/app/views/posts/admin.html.haml +20 -0
  458. data/spec/dummy/app/views/posts/admin_account.html.haml +20 -0
  459. data/spec/dummy/app/views/posts/guest.html.haml +20 -0
  460. data/spec/dummy/app/views/posts/index.html.haml +19 -0
  461. data/spec/dummy/app/views/posts/show.html.haml +11 -0
  462. data/spec/dummy/app/views/users/admin.html.haml +19 -0
  463. data/spec/dummy/app/views/users/admin_account.html.haml +19 -0
  464. data/spec/dummy/app/views/users/guest.html.haml +19 -0
  465. data/spec/dummy/app/views/users/index.html.haml +19 -0
  466. data/spec/dummy/app/views/users/show.html.haml +11 -0
  467. data/spec/dummy/config.ru +4 -0
  468. data/spec/dummy/config/application.rb +43 -0
  469. data/spec/dummy/config/boot.rb +10 -0
  470. data/spec/dummy/config/cantango_permissions.yml +50 -0
  471. data/spec/dummy/config/categories.yml +10 -0
  472. data/spec/dummy/config/database.yml +22 -0
  473. data/spec/dummy/config/environment.rb +5 -0
  474. data/spec/dummy/config/environments/development.rb +26 -0
  475. data/spec/dummy/config/environments/production.rb +49 -0
  476. data/spec/dummy/config/environments/test.rb +35 -0
  477. data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
  478. data/spec/dummy/config/initializers/cantango.rb +5 -0
  479. data/spec/dummy/config/initializers/inflections.rb +10 -0
  480. data/spec/dummy/config/initializers/mime_types.rb +5 -0
  481. data/spec/dummy/config/initializers/secret_token.rb +7 -0
  482. data/spec/dummy/config/initializers/session_store.rb +8 -0
  483. data/spec/dummy/config/initializers/simple_roles.rb +44 -0
  484. data/spec/dummy/config/locales/en.yml +5 -0
  485. data/spec/dummy/config/routes.rb +84 -0
  486. data/spec/dummy/db/migrate/001_create_user.rb +16 -0
  487. data/spec/dummy/db/migrate/002_create_comment.rb +13 -0
  488. data/spec/dummy/db/migrate/003_create_post.rb +14 -0
  489. data/spec/dummy/db/migrate/004_create_article.rb +14 -0
  490. data/spec/dummy/db/migrate/005_create_account.rb +13 -0
  491. data/spec/dummy/db/migrate/006_create_concerto.rb +14 -0
  492. data/spec/dummy/public/404.html +26 -0
  493. data/spec/dummy/public/422.html +26 -0
  494. data/spec/dummy/public/500.html +26 -0
  495. data/spec/dummy/public/favicon.ico +0 -0
  496. data/spec/dummy/public/javascripts/application.js +2 -0
  497. data/spec/dummy/public/javascripts/controls.js +965 -0
  498. data/spec/dummy/public/javascripts/dragdrop.js +974 -0
  499. data/spec/dummy/public/javascripts/effects.js +1123 -0
  500. data/spec/dummy/public/javascripts/prototype.js +6001 -0
  501. data/spec/dummy/public/javascripts/rails.js +191 -0
  502. data/spec/dummy/public/stylesheets/.gitkeep +0 -0
  503. data/spec/dummy/script/rails +6 -0
  504. data/spec/dummy/tmp/pids/server.pid +1 -0
  505. data/spec/dummy_spec_helper.rb +43 -0
  506. data/spec/entire_suite_spec.rb +15 -0
  507. data/spec/factories.rb +8 -0
  508. data/spec/fixtures/config/cantango_permissions.yml +48 -0
  509. data/spec/fixtures/config/categories.yml +6 -0
  510. data/spec/fixtures/config/evaluator_fixtures.yml +18 -0
  511. data/spec/fixtures/config/licenses.yml +4 -0
  512. data/spec/fixtures/config/permissions.yml +19 -0
  513. data/spec/fixtures/config/role_group.yml +4 -0
  514. data/spec/fixtures/config/roles.yml +4 -0
  515. data/spec/fixtures/config/user_permissions.yml +8 -0
  516. data/spec/fixtures/models.rb +2 -0
  517. data/spec/fixtures/models/items.rb +8 -0
  518. data/spec/fixtures/models/simple_roles.rb +44 -0
  519. data/spec/fixtures/models/user.rb +22 -0
  520. data/spec/fixtures/models/user_account.rb +21 -0
  521. data/spec/fixtures/tango_fixtures.rb +29 -0
  522. data/spec/generators/cantango/account_role_permit_generator_spec.rb +35 -0
  523. data/spec/generators/cantango/account_role_permits_generator_spec.rb +59 -0
  524. data/spec/generators/cantango/license_generator_spec.rb +33 -0
  525. data/spec/generators/cantango/licenses_generator_spec.rb +58 -0
  526. data/spec/generators/cantango/role_permit_generator_spec.rb +35 -0
  527. data/spec/generators/cantango/role_permits_generator_spec.rb +58 -0
  528. data/spec/helpers/dummy_app_ability.rb +26 -0
  529. data/spec/integration/Design_notes.textile +30 -0
  530. data/spec/integration/admin_user/masquerade_spec.rb +22 -0
  531. data/spec/integration/cache_using_moneta_spec.rb +46 -0
  532. data/spec/integration/cache_using_session_spec.rb +46 -0
  533. data/spec/integration/main_spec.rb +16 -0
  534. data/spec/integration/performance/ability_initialize_performance.rb +54 -0
  535. data/spec/integration/performance/cache_performance.rb +31 -0
  536. data/spec/integration/performance/can_performance.rb +54 -0
  537. data/spec/integration/performance/helpers/ability.rb +44 -0
  538. data/spec/integration/performance/helpers/ability_api.rb +44 -0
  539. data/spec/integration/performance/helpers/ability_raw.rb +8 -0
  540. data/spec/integration/performance/helpers/cache.rb +37 -0
  541. data/spec/integration/performance/helpers/rules.rb +12 -0
  542. data/spec/integration/performance/integral_performance_caching_disabled.rb +33 -0
  543. data/spec/integration/performance/integral_performance_caching_enabled.rb +33 -0
  544. data/spec/integration/performance/raw_performance.rb +11 -0
  545. data/spec/integration/user/articles_spec.rb +39 -0
  546. data/spec/integration/user/concerto_spec.rb +39 -0
  547. data/spec/note_on_caching_and_dynamic.textile +114 -0
  548. data/spec/path_helper.rb +9 -0
  549. data/spec/simple_roles.rb +46 -0
  550. data/spec/spec_helper.rb +22 -0
  551. data/wiki/ability/initialize.markdown +45 -0
  552. data/wiki/api/user/api.markdown +88 -0
  553. data/wiki/api/user_account/api.markdown +88 -0
  554. data/wiki/config/ability.markdown +18 -0
  555. data/wiki/config/autoload.markdown +31 -0
  556. data/wiki/config/guest.markdown +49 -0
  557. data/wiki/config/models_registration.markdown +16 -0
  558. data/wiki/config/role_groups.markdown +1 -0
  559. data/wiki/config/roles.markdown +1 -0
  560. data/wiki/engines/cache/config.markdown +31 -0
  561. data/wiki/engines/cache/session_store.markdown +0 -0
  562. data/wiki/engines/cache/store.markdown +6 -0
  563. data/wiki/engines/permissions/categories.markdown +33 -0
  564. data/wiki/engines/permissions/config.markdown +60 -0
  565. data/wiki/engines/permissions/moneta_store.markdown +0 -0
  566. data/wiki/engines/permissions/store.markdown +0 -0
  567. data/wiki/engines/permissions/yaml_store.markdown +0 -0
  568. data/wiki/engines/permits/config.markdown +0 -0
  569. data/wiki/engines/permits/licenses.markdown +0 -0
  570. data/wiki/engines/permits/role_groups.markdown +0 -0
  571. data/wiki/engines/permits/roles.markdown +0 -0
  572. data/wiki/engines/permits/user_accounts.markdown +0 -0
  573. data/wiki/feature_list.markdown +39 -0
  574. data/wiki/rules_caching.markdown +17 -0
  575. data/wiki/users/masquerading.markdown +29 -0
  576. data/wiki/when_to_use.markdown +64 -0
  577. data/wiki/why_to_use.markdown +11 -0
  578. metadata +788 -0
data/wiki/config/ability.markdown ADDED
@@ -0,0 +1,18 @@
1
+ You can configure your own Ability factory.
2
+
3
+ ```ruby
4
+
5
+ class MyCustomAbility < CanTango::Ability
6
+ def initialize name, options = {}
7
+ # super
8
+ # custom logic
9
+ end
10
+ end
11
+
12
+ Cantango.configure.ability do |ability|
13
+ ability.factory Proc.new{|name, options| MyCustomAbility.new name, options }
14
+ end
15
+ ```
16
+
17
+ This feature is currently also used for performance testing of Cantango!
18
+
data/wiki/config/autoload.markdown ADDED
@@ -0,0 +1,31 @@
1
+ Cantango is by default setup to autoload the following:
2
+
3
+ * Models (app/models)
4
+ * Permits (app/permits)
5
+
6
+ The autoloading is performed as part of the Cantango Rails engine initialization.
7
+
8
+ To configure autoloading:
9
+
10
+ ```ruby
11
+ Cantango.configure.autoload do |load|
12
+ load.models :off
13
+ load.permits :on
14
+ end
15
+ ```
16
+
17
+ ## Models autoloading
18
+
19
+ Models are autoloaded in order to be sure that the Cantango class macros such as `#tango_user` are executed
20
+ and thus that User and Account modesl are registered with Cantango.
21
+
22
+ If you don't wont to autoload the models for performance or other
23
+ reasons, you can alternatively register the models directly (see [Models
24
+ registration]]).
25
+
26
+ ## Permits autoloading
27
+
28
+ Permits autoloading is done so as to ensure they are made available to
29
+ CanTango::Ability. If you want full control over which Permits are
30
+ loaded when, you can disable this feature.
31
+
data/wiki/config/guest.markdown ADDED
@@ -0,0 +1,49 @@
1
+ CanTango operates with the concepts of a Guest user and a Guest account.
2
+
3
+ ## Guest user
4
+
5
+ In case the `curent_xxx_` method does't return a valid user, Cantango will attempt to return
6
+ a guest user according to configuration and conventions.
7
+
8
+ If Cantango has not been configured with specific Guest user configuration, it will see if the User model
9
+ is available. If so, it will call `#guest` on it (if method available).
10
+
11
+ ## Configuration
12
+
13
+ Cantango should be configured with how to retrieve (or create) such a guest user via:
14
+
15
+ `CanTango::Configuration.guest.user obj`
16
+
17
+ The `obj` argument can be either:
18
+
19
+ * User instance
20
+ * A procedure in the form of a lambda or Proc
21
+ * A block
22
+
23
+ The Guest user should normally have restricted permission rules, mostly only :read access.
24
+ We recommend setting the Guest permission rules to: `can :read, :all` and refine from there.
25
+
26
+ ## Guest user account
27
+
28
+ In case the `curent_xxx_account` method does't return a valid user account, Cantango will attempt to return
29
+ a guest user account according to configuration and conventions.
30
+
31
+ If Cantango has not been configured with specific Guest user account configuration, it will
32
+ see if the UserAccount model is available.
33
+ If so, it will call `#guest` on it (if method available).
34
+
35
+ ## Configuration
36
+
37
+ Cantango should be configured with how to retrieve (or create) such a guest user via:
38
+
39
+ `CanTango::Configuration.guest.account obj`
40
+
41
+ The `obj` argument can be either:
42
+
43
+ * UserAccount instance
44
+ * A procedure in the form of a lambda or Proc
45
+ * A block
46
+
47
+ The Guest user account should usually be setup to have a guest user only.
48
+
49
+
data/wiki/config/models_registration.markdown ADDED
@@ -0,0 +1,16 @@
1
+ CanTango is by default setup to [[autoload models and permits]].
2
+
3
+ If you don't want to enable models autoloading but have them remain
4
+ lazy-loaded as is the Rails 3 defult, you have to register the core
5
+ models used by Cantango.
6
+
7
+ In Cantango, registration is done through a Registry like this:
8
+
9
+ ```ruby
10
+ Cantango.configure do |config|
11
+ config.users.register :user, :admin
12
+ config.user_accounts.register :user, :admin
13
+ end
14
+ ```
15
+
16
+
data/wiki/config/role_groups.markdown ADDED
@@ -0,0 +1 @@
1
+ Currently not used
data/wiki/config/roles.markdown ADDED
@@ -0,0 +1 @@
1
+ Currently not used
data/wiki/engines/cache/config.markdown ADDED
@@ -0,0 +1,31 @@
1
+ The Cantango Cache engine is used to cache rules between requests. It will be referenced here as the 'rules cache'.
2
+
3
+ The rules cache needs a store to store the rules. Cantango is setup to
4
+ use a Session store by default. The session store is internally setup to
5
+ wrap a Moneta memory store.
6
+
7
+ To configure the cache store for the rules cache:
8
+
9
+ ```ruby
10
+ Cantango.configure do |config|
11
+ config.cache.store do |store|
12
+ store.default Cantango::Cache::MonetaCache
13
+ store.default_type :redis
14
+ store.options = {:port => 5032}
15
+ end
16
+ end
17
+ ```
18
+
19
+ Alternatively you can define your own Cache store factory:
20
+
21
+ ```ruby
22
+ Cantango.configure do |config|
23
+ config.cache.store do |store|
24
+ store.factory Proc.new {|name, options| MyFantasticCache.new name, {:awesome_power => true}.merge(options) }
25
+ end
26
+ end
27
+ ```
28
+
29
+
30
+
31
+
data/wiki/engines/cache/session_store.markdown ADDED
File without changes
data/wiki/engines/cache/store.markdown ADDED
@@ -0,0 +1,6 @@
1
+ ## Marshalling
2
+
3
+ ### Procs
4
+
5
+ Procs are marshalled via the 'sourcify' gem, that handle converting a
6
+ proc to and from a source code string.
data/wiki/engines/permissions/categories.markdown ADDED
@@ -0,0 +1,33 @@
1
+ Cantango comes with the concept of Categories of models. This is useful
2
+ when a group of models logically belong to gether and can be grouped as
3
+ one named category. You can then reference these category from your
4
+ permissions.
5
+
6
+ Example categories Yaml file:
7
+
8
+ ```yaml
9
+ another_articles:
10
+ [Post, Article]
11
+ articles:
12
+ [Article, Post, Comment]
13
+ user_models:
14
+ [Admin, Guest, User]
15
+ ``
16
+
17
+ The categories can be referenced using the special '^' (pointer) as a prefix.
18
+
19
+ Note: In the near future you will also be able to reference categories from
20
+ Permit classes.
21
+
22
+ Example of Using Cateogry pointers in permissions file:
23
+
24
+ ```yaml
25
+ roles:
26
+ user:
27
+ can:
28
+ read:
29
+ - ^articles
30
+ - Post
31
+ ```
32
+
33
+ The "^articles" point to the articles Category from the Categories file ;)
data/wiki/engines/permissions/config.markdown ADDED
@@ -0,0 +1,60 @@
1
+ Permissions can be defined in a permissions store. A permission store
2
+ should store the following sets:
3
+
4
+ * roles
5
+ * role groups
6
+ * licenses
7
+ * users
8
+
9
+ A typical permission store is a simple Yaml file, using the following structure:
10
+
11
+ ```yaml
12
+ roles:
13
+ admin:
14
+ can:
15
+ manage:
16
+ - all
17
+ user:
18
+ can:
19
+ read:
20
+ - ^articles
21
+ - Post
22
+ write:
23
+ - Comment
24
+ cannot:
25
+ write:
26
+ - Article
27
+ role_groups:
28
+ bloggers:
29
+ can:
30
+ read:
31
+ - Article
32
+ - Comment
33
+ cannot:
34
+ write:
35
+ - Article
36
+ - Post
37
+ editors:
38
+ can:
39
+ read:
40
+ - Article
41
+ - Comment
42
+ cannot:
43
+ write:
44
+ - Article
45
+ - Post
46
+ licenses:
47
+ editors:
48
+ can:
49
+ manage:
50
+ - all
51
+ users:
52
+ stan@theman.com:
53
+ can:
54
+ manage:
55
+ - all
56
+ kris@thewiz.dk:
57
+ cannot:
58
+ read:
59
+ - Book
60
+
data/wiki/engines/permissions/moneta_store.markdown ADDED
File without changes
data/wiki/engines/permissions/store.markdown ADDED
File without changes
data/wiki/engines/permissions/yaml_store.markdown ADDED
File without changes
data/wiki/engines/permits/config.markdown ADDED
File without changes
data/wiki/engines/permits/licenses.markdown ADDED
File without changes
data/wiki/engines/permits/role_groups.markdown ADDED
File without changes
data/wiki/engines/permits/roles.markdown ADDED
File without changes
data/wiki/engines/permits/user_accounts.markdown ADDED
File without changes
data/wiki/feature_list.markdown ADDED
@@ -0,0 +1,39 @@
1
+ Cantango currently comes with the following features:
2
+
3
+ * [[Engines]]
4
+ * [[Cache engine]]
5
+ * [[Permissions engine]]
6
+ * [[Permits engine]]
7
+
8
+ * [[Rules cache]]
9
+ * [[Session cache]]
10
+ * [[Moneta cache]]
11
+
12
+ * [[Rules store]]
13
+ * [[Yaml store]]
14
+ * [[Moneta store]] (incomplete)
15
+
16
+ * [[Permissions]]
17
+ * [[Role Permits]]
18
+ * [[RoleGroup Permits]]
19
+ * [[Licenses]]
20
+
21
+ [[Masquerading]]
22
+ * [[User masquerading]]
23
+ * [[User Account masquerading]]
24
+
25
+ [[Configuration]]
26
+ * [[Guest user account]]
27
+ * [[Guest user]]
28
+ * [[Autoloading]]
29
+ * [[Engines config]]
30
+
31
+ [[Integrations]]
32
+ * [[CanCan integration]]
33
+ * [[Devise integration]]
34
+ * [[Rails 3 integration]]
35
+
36
+ The following features are currently planned for the future:
37
+ * Role Filters
38
+ * Domain differentiation on rules
39
+ * Customize Ability#initialize process flow via registration of :before and :after hooks
data/wiki/rules_caching.markdown ADDED
@@ -0,0 +1,17 @@
1
+ The Cantango Cache engine is used to cache rules between requests. The
2
+ [[Cantango Ability]] receives a candidate and an options hash.
3
+
4
+ If caching is enabled, caching proceeds as follows:
5
+
6
+ 1. Cache key is generated for candidate
7
+ 2. Rules are generated
8
+ 3. Rules are stored in Caching store for the cache key
9
+ 4. In subsequent requests with same key, rules are retrieved from cache
10
+
11
+ ## Cache key
12
+
13
+ A cache key is generated for the candidate in order to ensure that the
14
+ rules are cached for that exact candidate and not reused for another
15
+ candidate.
16
+
17
+
data/wiki/users/masquerading.markdown ADDED
@@ -0,0 +1,29 @@
1
+ Maquerading is the concept of one user acting as though he/she was
2
+ another user. In Cantango we enhance this to also be possible to
3
+ masquerade account login if needed.
4
+
5
+ In order to masquerade, you simply do:
6
+
7
+ ```ruby
8
+ user.masquerade_as other_user
9
+ ```
10
+
11
+ If you are using the 'friendly_id' gem, you can even do:
12
+
13
+ ```ruby
14
+ admin_user.masquerade_as 'stanislaw'
15
+ ```
16
+
17
+ This requires that you have configured your user model with a friendly id, in this case `username`.
18
+
19
+ ## Masquerading accounts
20
+
21
+ Account masquerading allows a user to act as if he is logged into
22
+ another account.
23
+
24
+ ```ruby
25
+ admin_account.masquerade_as normal_account
26
+ ```
27
+
28
+
29
+
data/wiki/when_to_use.markdown ADDED
@@ -0,0 +1,64 @@
1
+ Choosing the right access control system is an important decission in
2
+ any project. The following is an attempt at an objective guide to help
3
+ you make the right decission.
4
+
5
+ It is important to stress, that it is never recommended to choose an
6
+ overly complex solution to handle simple requirements.
7
+ In many simple access control scenarios, a simple access control system
8
+ will do just fine and even allow for greater flexibility!
9
+
10
+ ## When to use CanCan
11
+
12
+ CanCan is useful to use on its own when:
13
+
14
+ * Access rule requirements are simple
15
+ * There are few roles (and/or role groups)
16
+ * A few can? statements in critical views and controllers
17
+ * Access is mostly controlled on the controller REST method level
18
+ * Guest user logic is simple
19
+ * You have a simple User model class and a #current_user method that
20
+ works for all logged in users.
21
+
22
+ If this fits with your requirements, by all means start off with just
23
+ CanCan. It should be pretty easy to upgrade to CanTango if you need to
24
+ in the future.
25
+
26
+ ## When to use CanTango
27
+
28
+ If you find that your requirements go beyond what CanCan can satisfy out
29
+ of the box without too much tweaking on your own part, CanTango just
30
+ might be the solution you are looking for.
31
+
32
+ Complexity and fine control
33
+ * Access rule requirements are somewhat complex
34
+ * Access must be controlled on a more fine grained level
35
+
36
+ Users
37
+ * You have multiple types of users, fx User, Guest and Admin
38
+ * There are more than a few roles (and/or role groups)
39
+
40
+ Performance
41
+ * Access control should be fast, you need caching of permits for each user
42
+ * Users not logged in should be granted a Guest user instance
43
+
44
+ User accounts:
45
+ * Your app has multiple User accounts, one for each sub-app
46
+ * Access control logic can differ for each account
47
+ * A user can be logged into one or more accounts simultaneously
48
+ * Some users are allowed to masquerade as other users
49
+ * Some users are allowed to masquerade as if logged into a
50
+ different account
51
+
52
+ Administration
53
+ * Access control (permisssions) should be maintained in logical
54
+ containers, on a per-role or role group basis
55
+ * Access control should be maintained and administrated in a permission
56
+ store, fx a Yaml file
57
+
58
+ If more than a few items on this list reflect your requirements, give
59
+ CanTango a chance!
60
+
61
+ If your requirements go beyond this, create your own extension or even
62
+ better help enhance CanTango directly!
63
+
64
+ Have FUN! Let's Tango!
data/wiki/why_to_use.markdown ADDED
@@ -0,0 +1,11 @@
1
+ Why use Cantango?
2
+
3
+ * Performance (rules caching)
4
+ * Partition permission rules into seperate classes for each role and
5
+ role group
6
+ * Reuse of permission rules using inheritance and licenses (mixins)
7
+ * Maintain and administrate permissions in a rules store, fx a Yaml file
8
+ * Masquerading of users and accounts
9
+ * Guest users and Gues account integration
10
+ * Designed for devise integration, with support for multiple devise
11
+ users `#current_user`, `#current_admin` etc.