cantango 0.8.9.5 → 0.9.3.2

data/lib/cantango/configuration/permits.rb

@@ -17,7 +17,7 @@ module CanTango
       def disable_types *types
         @enabled_types = available_types - types.flatten
       end
-      alias_method :disable, :disable_types      
+      alias_method :disable, :disable_types
 
       def enable_all_types!
         @enabled_types = available_types

data/lib/cantango/configuration/role_groups.rb

@@ -1,9 +1,8 @@
 module CanTango
   class Configuration
     class RoleGroups < RoleRegistry
-      
       include Singleton
-      
+
       def default_has_method
         :in_role_group?
       end

data/lib/cantango/configuration/user_accounts.rb

@@ -1,6 +1,6 @@
 module CanTango
   class Configuration
-    class UserAccounts < Registry
+    class UserAccounts < CandidateRegistry
       include Singleton
     end
   end

data/lib/cantango/configuration/users.rb

@@ -1,6 +1,6 @@
 module CanTango
   class Configuration
-    class Users < Registry
+    class Users < CandidateRegistry
       include Singleton
     end
   end

data/lib/cantango/engine.rb

@@ -1,5 +1,7 @@
 module CanTango
   class Engine
+    include CanTango::Helpers::Debug
+
     attr_reader :ability
 
     def initialize ability
@@ -9,5 +11,43 @@ module CanTango
     def execute!
       # raise NotImplementedError
     end
+
+    def engine_name
+      raise NotImplementedError
+    end
+
+    protected
+
+    def valid_mode?
+      valid_cache_mode? || valid_no_cache_mode?
+    end
+
+    def valid_cache_mode?
+      modes.include?(:cache) && cache_mode?
+    end
+
+    def valid_no_cache_mode?
+      modes.include?(:no_cache) && !cache_mode?
+    end
+
+    def modes
+      CanTango.config.engine(engine_name.to_sym).modes
+    end
+
+    def cache_mode?
+      ability.cached?
+    end
+
+    def user
+      ability.user
+    end
+
+    def subject
+      ability.subject
+    end
+
+    def candidate
+      ability.candidate
+    end
   end
 end

data/lib/cantango/helpers.rb

@@ -1,5 +1,5 @@
 module CanTango
   module Helpers
-    autoload_modules :RoleMethods
+    autoload_modules :RoleMethods, :Debug
   end
 end

data/lib/cantango/helpers/debug.rb

@@ -0,0 +1,9 @@
+module CanTango
+  module Helpers
+    module Debug
+      def debug msg
+        puts msg if CanTango.debug?
+      end
+    end
+  end
+end

data/lib/cantango/model.rb

@@ -0,0 +1,6 @@
+module CanTango
+  module Model
+    autoload_modules :Filter, :Scope
+  end
+end
+

data/lib/cantango/model/filter.rb

@@ -0,0 +1,102 @@
+module CanTango::Model
+  module Filter
+    def self.included(base)
+      base.send :include, CanTango::Api::User::Ability
+      base.extend ClassMethods
+    end
+
+    def self.clean_meth_name meth_name
+      postfix = (meth_name =~ /\!$/) ? '!' : ''
+      postfix = (meth_name =~ /\?$/) ? '?' : postfix
+      postfix = "_by#{postfix}"
+      meth_name.to_s.sub(/[\!|\?]$/, '') + postfix
+    end
+
+    def self.normalize_args args
+      args = args.kind_of?(Symbol) ? [args] : args
+      args.map(&:to_s).map{|a| a == 'ARGS' ? '*args' : a}
+    end
+
+    module ClassMethods
+      def tango_filter *method_names
+        method_names.flatten.each do |name|
+          case name
+          when String, Symbol
+            case name.to_sym
+            when :REST, :MANAGE
+              tango_filter :create => :OPTS, :create! => :OPTS, :update_attributes => :OPTS, :update_attributes! => :OPTS
+              tango_filter :destroy, :destroy!
+            when :CREATE, :NEW
+              tango_filter :create => :OPTS, :create! => :OPTS
+            when :UPDATE, :EDIT
+              tango_filter :update_attributes => :OPTS, :update_attributes! => :OPTS
+            when :DELETE, :DESTROY
+              tango_filter :destroy, :destroy!
+            else
+              meth_name = name.to_s
+              method_name = CanTango::Model::Filter.clean_meth_name meth_name
+              define_method :"#{method_name}" do |user|
+                send(name) if user_ability(user).can? meth_name.to_sym, self
+              end
+            end
+          when Hash
+            base = self
+            name.each_pair do |meth_name, args|
+              norm_args = CanTango::Model::Filter.normalize_args args
+              args = norm_args.map{|a| a == 'OPTS' ? 'options = {}' : a}.join(',')
+              args_call = norm_args.map{|a| a == 'OPTS' ? 'options' : a}.join(',')
+
+              method_name = CanTango::Model::Filter.clean_meth_name meth_name
+
+              base.class_eval %{
+                def #{method_name} the_user, #{args}
+                  send(:#{meth_name}, #{args_call}) if user_ability(the_user).can? :#{meth_name}, self
+                end
+              }
+            end
+          end
+        end
+      end # def
+
+      def tango_account_filter *method_names
+        method_names.flatten.each do |name|
+          case name
+          when String, Symbol
+            case name.to_sym
+            when :REST, :MANAGE
+              tango_account_filter :create => :OPTS, :create! => :OPTS, :update_attributes => :OPTS, :update_attributes! => :OPTS
+              tango_account_filter :destroy, :destroy!
+            when :CREATE, :NEW
+              tango_account_filter :create => :OPTS, :create! => :OPTS
+            when :UPDATE, :EDIT
+              tango_account_filter :update_attributes => :OPTS, :update_attributes! => :OPTS
+            when :DELETE, :DESTROY
+              tango_account_filter :destroy, :destroy!
+            else
+              meth_name = name.to_s
+              method_name = CanTango::Model::Filter.clean_meth_name meth_name
+              define_method :"#{method_name}" do |user|
+                send(name) if account_ability(user).can? meth_name.to_sym, self
+              end
+            end
+          when Hash
+            base = self
+            name.each_pair do |meth_name, args|
+              norm_args = CanTango::Model::Filter.normalize_args args
+              args = norm_args.map{|a| a == 'OPTS' ? 'options = {}' : a}.join(',')
+              args_call = norm_args.map{|a| a == 'OPTS' ? 'options' : a}.join(',')
+
+              method_name = CanTango::Model::Filter.clean_meth_name meth_name
+
+              base.class_eval %{
+                def #{method_name} the_user, #{args}
+                  send(:#{meth_name}, #{args_call}) if account_ability(the_user).can? :#{meth_name}, self
+                end
+              }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cantango/model/scope.rb

@@ -0,0 +1,57 @@
+module CanTango::Model
+  module Scope
+    def self.included(base)
+      base.send :include, CanTango::Api::User::Ability
+      base.extend CanTango::Api::User::Ability
+      base.extend ClassMethods
+    end
+
+    def self.rest_actions
+      [:read, :access, :write, :manage, :edit, :create, :delete]
+    end
+
+    class AllowedActions
+      include CanTango::Api::User::Ability
+
+
+      attr_reader :actions, :clazz
+
+      def initialize clazz, *actions
+        @clazz = clazz
+        @actions = actions.flatten
+      end
+
+      def by_user user
+        check user_ability(user)
+      end
+      alias_method :by, :by_user
+
+      def by_account account
+        check account_ability(account)
+      end
+
+      protected
+
+      def check ability
+        clazz.all.select do |obj|
+          actions.all? do |action|
+            ability.can? action.to_sym, obj
+          end
+        end
+      end
+    end
+
+    module ClassMethods
+      def allowed_to *actions
+        CanTango::Model::Scope::AllowedActions.new self, *actions
+      end
+
+      CanTango::Model::Scope.rest_actions.each do |action|
+        meth_name = action.to_s.sub(/e$/, '') << "able"
+        define_method :"#{meth_name}_by" do |user|
+          all.select {|obj| obj.user_ability(user).can? action.to_sym, obj }
+        end
+      end
+    end
+  end
+end

data/lib/cantango/permission_engine.rb

@@ -9,20 +9,31 @@ module CanTango
     end
 
     def execute!
-      puts "Permission Engine executing..." if CanTango.config.debug.on?
+      return if !valid?
+      debug "Permission Engine executing..."
       permissions.each do |permission|
         permission.evaluate! user
       end
     end
 
+    def engine_name
+      :permission
+    end
+
+    def valid?
+      return false if !valid_mode?
+      permissions.empty? ? invalid : true
+    end
+
     def permissions
       permission_factory.build!
     end
 
     protected
 
-    def user
-      ability.user
+    def invalid
+      debug "No permissions found!"
+      false
     end
 
     def permission_factory

data/lib/cantango/permission_engine/loader/base.rb

@@ -4,7 +4,7 @@ module CanTango
       class Base
         attr_accessor :file_name
 
-        def self.inherited(subclass)
+        def self.inherited subclass
           subclass.extend ClassMethods
         end
 
@@ -12,11 +12,6 @@ module CanTango
           raise NotImplementedError
         end
 
-        def file_name= file
-          raise "Couldn't find permissions file: #{file}. Either disable Permission engine or add this file." if file.nil? || !File.file?(file)
-          @file_name = file
-        end
-
         def yml_content
           YAML.load_file(file_name)
         rescue

data/lib/cantango/permission_engine/loader/permissions.rb

@@ -5,36 +5,28 @@ module CanTango
         attr_accessor :permissions
 
         def initialize file_name
-          self.file_name = file_name
+          @file_name = file_name
+          
           load!
         end
 
         def load_from_hash hash
           return if hash.empty?
           hash.each do |type, groups|
+            permissions[type] ||= {}                   
+            
+            next if groups.nil?           
+            
             groups.each do |group, rules|
-              permissions[type] ||= {}
               parser.parse(group, rules) do |permission|
                 permissions[type][permission.name] = permission
               end
             end
           end
-        rescue => e
-          raise "PermissionsLoader Error: The permissions for the file #{file_name} could not be loaded - cause was #{e}"
         end
 
         def load!
-          return if yml_content.empty?
-          yml_content.each do |type, groups|
-            (permissions[type] = {} # This is for having fx empty users: section 
-             next) if groups.nil?   #
-            groups.each do |group, rules|
-              permissions[type] ||= {}
-              parser.parse(group, rules) do |permission|
-                permissions[type][permission.name] = permission
-              end
-            end
-          end
+          load_from_hash yml_content
         rescue => e
           raise "PermissionsLoader Error: The permissions for the file #{file_name} could not be loaded - cause was #{e}"
         end
@@ -54,15 +46,17 @@ module CanTango
 
           define_method(:"#{type}_compiled_permissions") do
             type_permissions = send(:"#{type}_permissions")
+            
             return Hashie::Mash.new if !type_permissions || type_permissions.empty?
+            
             compiled_sum = send(:"#{type}_permissions").inject({}) do |compiled_sum, (actor, permission)|
               compiled_sum.merge(permission.to_compiled_hash)
             end
+            
             Hashie::Mash.new(compiled_sum)
           end
         end
 
-        include ClassMethods
       end
     end
   end

data/lib/cantango/permission_engine/store.rb

@@ -14,18 +14,12 @@ module CanTango
         end
       end
 
-      def self.create name, options = {}
-        self.new name, options
-      end
-
       def load!
         raise NotImplementedError
       end
 
       def save! permissions
-        permissions.each do |permission|
-          store permission
-        end
+        raise NotImplementedError
       end
 
     end

data/lib/cantango/permission_engine/yaml_store.rb

@@ -12,10 +12,6 @@ module CanTango
         super
       end
 
-      def self.create name, options = {}
-        super
-      end
-
       def load!
         loader.load!
       end
@@ -32,7 +28,7 @@ module CanTango
 
       CanTango.config.permission_engine.types.each do |type|
         define_method(:"#{type}_permissions") do
-          loader.send(:"#{type}_permissions")
+          loader.send(:"#{type}_permissions") || {}
         end
 
         define_method(:"#{type}_permissions_rules") do
@@ -51,10 +47,7 @@ module CanTango
 
         # @stanislaw: this needs revision!
 
-        define_method(:"#{type}_rules") do
-          #cache(":#{type}") || 
-          send(:"#{type}_compiled_permissions")
-        end
+        alias_method :"#{type}_rules", :"#{type}_compiled_permissions"
       end
 
       def save! perms = nil
@@ -65,7 +58,7 @@ module CanTango
         end
       end
 
-      def save_permissions(perms)
+      def save_permissions perms
         load_from_hash perms
       end