cantango 0.9.3.2 → 0.9.4

data/lib/cantango/configuration/models.rb

@@ -1,6 +1,8 @@
 module CanTango
   class Configuration
     class Models
+      autoload_modules :Generic, :ActiveRecord, :DataMapper, :MongoMapper, :Mongoid
+
       include Singleton
       include ClassExt
 
@@ -18,12 +20,35 @@ module CanTango
         end
       end
 
+      def exclude *names
+        @excluded = names.flatten.select_labels
+      end
+
+      def excluded
+        @excluded ||= []
+      end
+
       def available_models
-        ar_models.map(&:name)
+       all_models - excluded.map {|m| m.to_s.camelize}
+      end
+
+      protected
+
+      def all_models
+        CanTango.config.orms.inject([]) do |result, orm|
+          result << adapter_for(orm).models.map(&:name)
+          result
+        end.flatten.compact
       end
 
       private
 
+
+
+      def adapter_for orm
+        "CanTango::Configuration::Models::#{orm.to_s.camlize}".constantize.new
+      end
+
       def try_model model_string
         model = try_class(model_string.singularize) || try_class(model_string) 
         raise "No model #{model_string} defined!" if !model
@@ -33,7 +58,7 @@ module CanTango
       def grep reg_exp
         available_models.grep reg_exp
       end
- 
+
       def ar_models
         # Sugar-high #to_strings didn't work here!
         ActiveRecord::Base.descendants

data/lib/cantango/configuration/permits.rb

@@ -4,6 +4,7 @@ module CanTango
       include Singleton
 
       attr_reader :accounts
+      attr_writer :enabled_types
 
       def enabled_types
         @enabled_types || available_types
@@ -102,7 +103,7 @@ module CanTango
       end
 
       def key_for subject
-        subject.kind_of?(CanTango::Ability) ? key_maker.create_for(subject) : key_maker.new(subject)
+        subject.respond_to?(:subject) ? key_maker.create_for(subject) : key_maker.new(subject)
       end
 
       def key_maker

data/lib/cantango/configuration.rb

@@ -35,6 +35,10 @@ module CanTango
       }
     end
 
+    def debug!
+      debug.set :on
+    end
+
     # Turn on all engines and enable compile adapter 
     # i.e compilation of rules via sourcify
     def enable_defaults!
@@ -42,6 +46,15 @@ module CanTango
       adapters.use :compiler
     end
 
+    def enable_helpers *names
+      names = names.to_symbols
+      enable_rest_helper if names.include? :rest
+    end
+
+    def enable_rest_helper
+      ApplicationController.send :include, CanTango::Rails::Helpers::RestHelper
+    end
+
     def clear!
       CanTango::Configuration.components.each do |c|
         comp = send(c)
@@ -67,6 +80,7 @@ module CanTango
       engine
     end
 
+    attr_accessor :orms
     attr_writer :localhost_list
 
     def localhost_list

data/lib/cantango/engine.rb

@@ -4,12 +4,14 @@ module CanTango
 
     attr_reader :ability
 
+    delegate :session, :user, :subject, :candidate, :cached?, :to => :ability
+
     def initialize ability
       @ability = ability
     end
 
     def execute!
-      # raise NotImplementedError
+      raise NotImplementedError
     end
 
     def engine_name
@@ -23,31 +25,15 @@ module CanTango
     end
 
     def valid_cache_mode?
-      modes.include?(:cache) && cache_mode?
+      modes.include?(:cache) && cached?
     end
 
     def valid_no_cache_mode?
-      modes.include?(:no_cache) && !cache_mode?
+      modes.include?(:no_cache) && !cached?
     end
 
     def modes
       CanTango.config.engine(engine_name.to_sym).modes
     end
-
-    def cache_mode?
-      ability.cached?
-    end
-
-    def user
-      ability.user
-    end
-
-    def subject
-      ability.subject
-    end
-
-    def candidate
-      ability.candidate
-    end
   end
 end

data/lib/cantango/model/scope.rb

@@ -14,10 +14,11 @@ module CanTango::Model
       include CanTango::Api::User::Ability
 
 
-      attr_reader :actions, :clazz
+      attr_reader :actions, :mode, :clazz
 
-      def initialize clazz, *actions
+      def initialize clazz, mode, *actions
         @clazz = clazz
+        @mode = mode
         @actions = actions.flatten
       end
 
@@ -33,17 +34,26 @@ module CanTango::Model
       protected
 
       def check ability
+        puts ability.rules.inspect
         clazz.all.select do |obj|
-          actions.all? do |action|
-            ability.can? action.to_sym, obj
+         actions.all? do |action|
+            ability.send mode_action, action.to_sym, obj
           end
         end
       end
+
+      def mode_action
+        "#{mode}?"
+      end
     end
 
     module ClassMethods
       def allowed_to *actions
-        CanTango::Model::Scope::AllowedActions.new self, *actions
+        CanTango::Model::Scope::AllowedActions.new self, :can, *actions
+      end
+
+      def not_allowed_to *actions
+        CanTango::Model::Scope::AllowedActions.new self, :cannot, *actions
       end
 
       CanTango::Model::Scope.rest_actions.each do |action|
@@ -51,6 +61,10 @@ module CanTango::Model
         define_method :"#{meth_name}_by" do |user|
           all.select {|obj| obj.user_ability(user).can? action.to_sym, obj }
         end
+
+        define_method :"not_#{meth_name}_by" do |user|
+          all.select {|obj| obj.user_ability(user).cannot? action.to_sym, obj }
+        end
       end
     end
   end

data/lib/cantango/permission_engine/collector.rb

@@ -1,9 +1,12 @@
 module CanTango
   class PermissionEngine < Engine
     class Collector
+      include CanTango::Helpers::Debug
+
       attr_reader :ability, :permissions, :type
 
       def initialize ability, permissions, type
+        debug "Collecting #{type} permissions"
         @ability = ability
         @permissions = permissions
         @type = type

data/lib/cantango/permission_engine/evaluator.rb

@@ -1,6 +1,8 @@
 module CanTango
   class PermissionEngine < Engine
     class Evaluator
+      include CanTango::Helpers::Debug
+
       attr_reader :ability, :rule
 
       include CanTango::Rules
@@ -12,6 +14,9 @@ module CanTango
       end
 
       def evaluate! user
+        debug "Evaluating rule:"
+        debug rule.can
+        debug rule.cannot
         @user = user
         instance_eval rule.can if rule.can?
         instance_eval rule.cannot if rule.cannot?

data/lib/cantango/permission_engine/factory.rb

@@ -1,6 +1,8 @@
 module CanTango
   class PermissionEngine < Engine
     class Factory
+      include CanTango::Helpers::Debug
+
       attr_accessor :ability
 
       # creates the factory for the ability
@@ -11,6 +13,7 @@ module CanTango
       end
 
       def build!
+        debug "building permissions"
         @evaluators ||= permission_types.inject([]) do |res, type|
           res << collector(type).build
           res

data/lib/cantango/permission_engine/loader/permissions.rb

@@ -6,17 +6,16 @@ module CanTango
 
         def initialize file_name
           @file_name = file_name
-          
           load!
         end
 
         def load_from_hash hash
           return if hash.empty?
           hash.each do |type, groups|
-            permissions[type] ||= {}                   
-            
-            next if groups.nil?           
-            
+            permissions[type] ||= {}
+
+            next if groups.nil?
+
             groups.each do |group, rules|
               parser.parse(group, rules) do |permission|
                 permissions[type][permission.name] = permission
@@ -46,13 +45,13 @@ module CanTango
 
           define_method(:"#{type}_compiled_permissions") do
             type_permissions = send(:"#{type}_permissions")
-            
+
             return Hashie::Mash.new if !type_permissions || type_permissions.empty?
-            
+
             compiled_sum = send(:"#{type}_permissions").inject({}) do |compiled_sum, (actor, permission)|
               compiled_sum.merge(permission.to_compiled_hash)
             end
-            
+
             Hashie::Mash.new(compiled_sum)
           end
         end

data/lib/cantango/permission_engine/store.rb

@@ -21,7 +21,6 @@ module CanTango
       def save! permissions
         raise NotImplementedError
       end
-
     end
   end
 end

data/lib/cantango/permission_engine/yaml_store.rb

@@ -3,7 +3,7 @@ require 'yaml'
 module CanTango
   class PermissionEngine < Engine
     class YamlStore < Store
-      attr_reader :path
+      attr_reader :path, :last_load_time
 
       # for a YamlStore, the name is the name of the yml file
       # options: extension, path
@@ -14,16 +14,27 @@ module CanTango
 
       def load!
         loader.load!
+        @last_load_time = Time.now
       end
 
       def load_from_hash hash
         loader.load_from_hash hash
       end
 
-      # @stanislaw: don't like this, because what if loader#load! will be called
-      # twice during object's (YamlStore.new) life time!
+      # return cached permissions if file has not changed since last load
+      # otherwise load permissions again to reflect changes!
       def permissions
-        @permissions ||= loader.permissions
+        return @permissions if changed?
+        @permissions = loader.permissions
+      end
+
+      def changed?
+        return true if !last_load_time
+        last_modify_time <= last_load_time
+      end
+
+      def last_modify_time
+        File.mtime(file_path)
       end
 
       CanTango.config.permission_engine.types.each do |type|

data/lib/cantango/permission_engine.rb

@@ -4,13 +4,15 @@ module CanTango
     autoload_modules :Factory, :Loader, :Parser, :Permission
     autoload_modules :RulesParser, :Store, :YamlStore, :Statements, :Statement
 
+    include CanTango::Ability::Executor
+    include CanTango::Ability::RoleHelpers
+    include CanTango::Ability::UserHelpers
+
     def initialize ability
       super
     end
 
-    def execute!
-      return if !valid?
-      debug "Permission Engine executing..."
+    def permit_rules
       permissions.each do |permission|
         permission.evaluate! user
       end
@@ -21,6 +23,7 @@ module CanTango
     end
 
     def valid?
+      puts "valid_mode? #{valid_mode?} #{modes} #{cached?}"
       return false if !valid_mode?
       permissions.empty? ? invalid : true
     end
@@ -31,13 +34,27 @@ module CanTango
 
     protected
 
+    alias_method :cache_key, :engine_name
+
+    def start_execute
+      debug "Permission Engine executing..."
+    end
+
+    def end_execute
+      debug "Done Permission Engine"
+    end
+
     def invalid
       debug "No permissions found!"
       false
     end
 
     def permission_factory
-      @permission_factory ||= CanTango::PermissionEngine::Factory.new ability
+      @permission_factory ||= CanTango::PermissionEngine::Factory.new self
+    end
+
+    def changed?
+      permission_factory.store.changed?
     end
   end
 end

data/lib/cantango/permit_engine/factory.rb

@@ -17,13 +17,19 @@ module CanTango
         permits
       end
 
+      # return hash of permits built, keyed by name of builder
       def permits
-        @permits ||= builders.inject([]) do |permits, builder|
+        @permits ||= builders.inject({}) do |permits, builder|
           debug "++ Permit Builder: #{builder_class builder}"
           built_permits = permits_built_with(builder)
-          debug "== Permits built: #{built_permits.size}"
-          permits = permits + built_permits if built_permits
-        end.flatten
+
+          if built_permits
+            debug "== Permits built: #{built_permits.size}"
+            permits[builder] = built_permits
+          end
+
+          permits
+        end
       end
 
       def permits_built_with builder

data/lib/cantango/permit_engine.rb

@@ -3,21 +3,26 @@ module CanTango
     autoload_modules :Builder, :Compatibility, :Executor
     autoload_modules :Factory, :Finder, :Loaders, :Util, :RoleMatcher
 
+    include CanTango::Ability::Executor
+    include CanTango::Ability::RoleHelpers
+    include CanTango::Ability::UserHelpers
+
     def initialize ability
       super
     end
 
-    def execute!
-      return if !valid?
-      debug "Permit Engine executing..."
-
-      # CanTango.config.permits.clear_executed! # should there be an option clear before each execution?
-      permits.each do |permit|
-        CanTango.config.permits.was_executed(permit, ability) if CanTango.config.debug.on?
-        break if permit.execute == :break
+    def permit_rules
+      # push result of each permit type execution into main ability rules array
+      permits.each_pair do |type, permits|
+        perm_rules = executor(type, permits).execute!
+        rules << perm_rules if !perm_rules.blank?
       end
     end
 
+    def executor type, permits
+      CanTango::Permits::Executor.new self, type, permits
+    end
+
     def engine_name
       :permit
     end
@@ -40,13 +45,38 @@ module CanTango
 
     protected
 
+    alias_method :cache_key, :engine_name
+
+    def start_execute
+      debug "Permit Engine executing..."
+    end
+
+    def end_execute
+      debug "Done Permit Engine"
+    end
+
     def invalid
       debug "No permits found!"
       false
     end
 
     def permit_factory
-      @permit_factory ||= CanTango::PermitEngine::Factory.new ability
+      @permit_factory ||= CanTango::PermitEngine::Factory.new self
+    end
+
+    def key_method_names
+      permits.keys.map {|type| key type }.compact
+    end
+
+    def key type
+      case type
+      when :role
+        roles_list_meth
+      when :role_group
+        role_groups_list_meth
+      else
+        nil
+      end
     end
   end
 end

data/lib/cantango/permits/account_permit/builder.rb

@@ -8,15 +8,19 @@ module CanTango
         # @return [Array<RoleGroupPermit::Base>] the role permits built for this ability
         def build
           return [] if !user_account
-          puts debug_msg if CanTango.debug?          
+          puts debug_msg if CanTango.debug?
           [permit].compact
         end
 
+        def name
+          :account
+        end
+
         protected
 
         def debug_msg
           permit ? "Building AccountPermit for #{user_account}, permit: #{permit}" : "Not building any AccountPermit"
-        end 
+        end
 
         def permit
           create_permit(user_account.class.to_s)

data/lib/cantango/{user_ac_engine → permits}/executor.rb

@@ -2,44 +2,24 @@
 # which can be cached under some key and later reused
 #
 module CanTango
-  class UserAcEngine < Engine
+  module Permits
     class Executor
-      include CanTango::Ability::CacheHelpers
+      include CanTango::Ability::Executor
 
-      attr_reader :ability, :permits
+      attr_reader :ability, :permit_type, :permits
 
-      delegate :session, :user, :subject, :cached?, :to => :ability
-
-      def initialize ability, permit_type, permissions
-        @ability        = ability
-        @permissions    = permissions
+      def initialize ability, permit_type, permits
+        @ability      = ability
+        @permit_type  = permit_type
+        @permits      = permits
       end
 
-      def cache_key
-        :user_ac
-      end
-
-      def rules
-        @rules ||= []
-      end
-
-      def clear_rules!
-        @rules ||= []
-      end
+      alias_method :cache_key, :permit_type
 
       def cache
         @cache ||= CanTango::Ability::Cache.new self, :cache_key => cache_key, :key_method_names => key_method_names
       end
 
-      def execute!
-        return if cached_rules?
-
-        clear_rules!
-        permit_rules
-
-        cache_rules!
-      end
-
       def permit_rules
         # TODO: somehow type specific caching of result of permits!
         permits.each do |permit|
@@ -50,10 +30,28 @@ module CanTango
 
       protected
 
+      def valid?
+        true
+      end
+
+      def start_execute
+        debug "Execute #{permit_type} permits"
+      end
+
+      def end_execute
+        debug "Done #{permit_type} permits"
+      end
+
       def key_method_names
-        [:permissions_hash]
+        case permit_type
+        when :role
+          [roles_list_meth]
+        when :role_group
+          [role_groups_list_meth]
+        else
+          []
+        end
       end
     end
   end
 end
-

data/lib/cantango/permits/permit/class_methods.rb

@@ -0,0 +1,21 @@
+module CanTango
+  module Permits
+    class Permit
+      module ClassMethods
+        def first_name clazz
+          clazz.to_s.gsub(/^([A-Za-z]+).*/, '\1').underscore.to_sym # first part of class name
+        end
+
+        def type
+          :abstract
+        end
+
+        def account_name clazz
+          return nil if clazz.name == clazz.name.demodulize
+          clazz.name.gsub(/::.*/,'').gsub(/(.*)Permits/, '\1').underscore.to_sym
+        end
+      end
+    end
+  end
+end
+