cantango 0.9.3.2 → 0.9.4

data/lib/cantango/permits/permit/execute.rb

@@ -0,0 +1,81 @@
+module CanTango
+  module Permits
+    class Permit
+      module Execute
+        # executes the permit
+        def execute
+          return if disabled?
+          debug "Execute Permit: #{self}"
+          executor.execute!
+          ability_sync!
+        end
+
+        # In a specific Role based Permit you can use
+        #   def permit? user, options = {}
+        #     return if !super(user, :in_role)
+        #     ... permission logic follows
+        #
+        # This will call the Permit::Base#permit? instance method (the method below)
+        # It will only return true if the user matches the role of the Permit class and the
+        # options passed in is set to :in_role
+        #
+        # If these confitions are not met, it will return false and thus the outer permit 
+        # will not run the permission logic to follow
+        #
+        # Normally super for #permit? should not be called except for this case, 
+        # or if subclassing another Permit than Permit::Base
+        #
+        def permit?
+          cached? ? cached_rules : non_cached_rules
+          run_rule_methods
+        end
+
+        def run_rule_methods
+          static_rules
+          permit_rules
+          dynamic_rules
+        end
+
+        def non_cached_rules
+          include_non_cached if defined?(self.class::NonCached)
+        end
+
+        def cached_rules
+          include_cached if defined?(self.class::Cached)
+        end
+
+        def include_non_cached
+          self.class.send :include, self.class::NonCached
+        end
+
+        def include_cached
+          self.class.send :include, self.class::Cached
+        end
+
+        # return the executor used to execute the permit
+        def executor
+          @executor ||= case self.class.name
+          when /System/
+            then CanTango::PermitEngine::Executor::System.new self
+          else
+            CanTango::PermitEngine::Executor::Base.new self
+          end
+        end
+
+        # This method will contain the actual rules
+        # can be implemented in the subclass
+
+        def permit_rules
+        end
+
+        def static_rules
+        end
+
+        def dynamic_rules
+        end
+      end
+    end
+  end
+end
+
+

data/lib/cantango/permits/permit/license.rb

@@ -0,0 +1,26 @@
+module CanTango
+  module Permits
+    class Permit
+      module License
+        def licenses *names
+          names.to_strings.each do |name|
+            try_license name
+          end
+        end
+
+        protected
+
+        def try_license name
+          module_name = "#{name.camelize}License"
+          clazz = module_name.constantize
+          clazz.new(self).license_rules
+        rescue NameError
+          raise "License #{module_name} is not defined"
+        rescue
+          raise "License #{clazz} could not be enforced using #{self.inspect}"
+        end
+      end
+    end
+  end
+end
+

data/lib/cantango/permits/permit.rb

@@ -1,43 +1,36 @@
-require 'sugar-high/array'
-
 # The permit base class for both Role Permits and Role Group Permits
 # Should contain all common logic
 module CanTango
   module Permits
     class Permit
-      attr_reader :ability
+      autoload_modules :Execute, :License, :ClassMethods
+
+      include CanTango::Helpers::Debug
+      include CanTango::Rules # also makes a Permit a subclass of CanCan::Ability
+      include CanTango::Api::Attributes
+
+      include Execute
+      include License
+      extend ClassMethods
 
       # strategy is used to control the owns strategy (see rules.rb)
-      attr_reader :strategy, :disabled
+      attr_reader :ability, :strategy, :disabled
 
-      include CanTango::Api::Attributes
+      delegate :cached?, :options, :subject, :user, :user_account, :to => :ability
 
       # creates the permit
       def initialize ability
         @ability  = ability
       end
 
-      def self.first_name clazz
-        clazz.to_s.gsub(/^([A-Za-z]+).*/, '\1').underscore.to_sym # first part of class name
-      end
-
-      def self.type
-        :abstract
-      end
-
-      def self.account_name clazz
-        return nil if clazz.name == clazz.name.demodulize
-        clazz.name.gsub(/::.*/,'').gsub(/(.*)Permits/, '\1').underscore.to_sym
-      end
-
-      def cached?
-        ability.cached?
-      end
-
       def permit_type
         self.class.type
       end
 
+      def ability_rules
+        ability.send :rules
+      end
+
       def disable!
         @disabled = true
       end
@@ -46,14 +39,6 @@ module CanTango
         @disabled || config_disabled?
       end
 
-      # executes the permit
-      def execute
-        return if disabled?
-        puts "Execute Permit: #{self}" if CanTango.debug?
-        executor.execute!
-        ability_sync!
-      end
-
       def valid_for? subject
         raise NotImplementedError
       end
@@ -66,10 +51,6 @@ module CanTango
         config.models.by_reg_exp reg_exp
       end
 
-      def options
-        ability.options
-      end
-
      CanTango::Api::Options.options_list.each do |obj|
        class_eval %{
           def #{obj}
@@ -86,129 +67,29 @@ module CanTango
         !localhost?
       end
 
-      def subject
-        ability.subject
-      end
-
-      def user
-        ability.user
-      end
-
-      def user_account
-        ability.user_account
-      end
-
-      def ability_rules
-        ability.send(:rules)
-      end
-
       def ability_sync!
         ability_rules << (rules - ability_rules)
         ability_rules.flatten!
       end
 
-      # In a specific Role based Permit you can use
-      #   def permit? user, options = {}
-      #     return if !super(user, :in_role)
-      #     ... permission logic follows
-      #
-      # This will call the Permit::Base#permit? instance method (the method below)
-      # It will only return true if the user matches the role of the Permit class and the
-      # options passed in is set to :in_role
-      #
-      # If these confitions are not met, it will return false and thus the outer permit 
-      # will not run the permission logic to follow
-      #
-      # Normally super for #permit? should not be called except for this case, 
-      # or if subclassing another Permit than Permit::Base
-      #
-      def permit?
-        cached? ? cached_rules : non_cached_rules
-        run_rule_methods
-      end
-
-      def run_rule_methods
-        static_rules
-        permit_rules
-        dynamic_rules
-      end
-
-      def non_cached_rules
-        include_non_cached if defined?(self.class::NonCached)
-     end
-
-      def cached_rules
-        include_cached if defined?(self.class::Cached)
-      end
-
-      def include_non_cached
-        self.class.send :include, self.class::NonCached
-      end
-
-      def include_cached
-        self.class.send :include, self.class::Cached
-      end
-
-      def licenses *names
-        names.to_strings.each do |name|
-          try_license name
-        end
-      end
-
-      include CanTango::Rules # also makes a Permit a subclass of CanCan::Ability
-
       protected
 
+      include CanTango::PermitEngine::Util
+      include CanTango::PermitEngine::Compatibility
+      include CanTango::PermitEngine::RoleMatcher
+
       def config_disabled?
         (CanTango.config.permits.disabled[permit_type] || []).include?(permit_name.to_s)
       end
 
-      def try_license name
-        module_name = "#{name.camelize}License"
-        clazz = module_name.constantize
-        clazz.new(self).license_rules
-      rescue NameError
-        raise "License #{module_name} is not defined"
-      rescue
-        raise "License #{clazz} could not be enforced using #{self.inspect}"
-      end
-
-      # This method will contain the actual rules
-      # can be implemented in the subclass
-
-      def permit_rules
-      end
-
-      def static_rules
-      end
-
-      def dynamic_rules
-      end
-
-      #include CanTango::PermitEngine::Cache
-      include CanTango::PermitEngine::Util
-      include CanTango::PermitEngine::Compatibility
-
       def strategy
         @strategy ||= options[:strategy] || CanTango::Ability.strategy || :default
       end
 
-      include CanTango::PermitEngine::RoleMatcher
-
       def any_role_match?
         role_match?(subject) || role_group_match?(subject)
       end
 
-      # return the executor used to execute the permit
-      def executor
-        @executor ||= case self.class.name
-        when /System/
-          then CanTango::PermitEngine::Executor::System.new self
-        else
-          CanTango::PermitEngine::Executor::Base.new self
-        end
-      end
-
       def config
         CanTango.config
       end

data/lib/cantango/permits/role_group_permit/builder.rb

@@ -18,7 +18,11 @@ module CanTango
             puts "Not building any RoleGroupPermits since no role groups are roles that are members of a role group could be found for the permission candidate" if CanTango.debug?
             return []
           end
-       end
+        end
+
+        def name
+          :role_group
+        end
 
         def valid? role_group
           return true if !role_groups_filter?

data/lib/cantango/permits/role_group_permit.rb

@@ -19,7 +19,7 @@ module CanTango
       def permit_name
         self.class.role_group_name self.class
       end
-      
+
       alias_method :role_group, :permit_name
 
       # creates the permit
@@ -45,11 +45,11 @@ module CanTango
       def permit?
         super
       end
- 
+
       def valid_for? subject
         in_role_group? subject
       end
-      
+
       protected
 
       include CanTango::Helpers::RoleMethods

data/lib/cantango/permits/role_permit/builder.rb

@@ -16,6 +16,10 @@ module CanTango
           end.compact
         end
 
+        def name
+          :role
+        end
+
         protected
 
         def valid? role

data/lib/cantango/permits/user_permit/builder.rb

@@ -11,11 +11,15 @@ module CanTango
           [permit].compact
         end
 
+        def name
+          :user
+        end
+
         protected
 
         def debug_msg
           permit ? "Building UserPermit for #{user}, permit: #{permit}" : "Not building any UserPermit"
-        end 
+        end
 
         def permit
           @permit ||= create_permit(user.class.to_s)

data/lib/cantango/permits/user_permit.rb

@@ -63,7 +63,7 @@ module CanTango
 
       # TODO
       def permit_user
-        permit_name 
+        permit_name
       end
     end
   end

data/lib/cantango/permits.rb

@@ -1,5 +1,6 @@
 module CanTango
   module Permits
+    autoload_modules :Executor
     autoload_modules :License, :Permit
     autoload_modules :RoleGroupPermit, :RolePermit
     autoload_modules :UserPermit, :AccountPermit

data/lib/cantango/rails/engine.rb

@@ -2,7 +2,6 @@ module CanTango
   # Include helpers in the given scope to AC and AV.
   # "Borrowed" from devise
   def self.include_helpers(scope)
-    
     # Seems like the order of initializers is important! ActiveRecord should go first!
     ActiveSupport.on_load(:active_record) do
       RailsAutoLoader.load_models! if CanTango.config.autoload.models?
@@ -15,11 +14,9 @@ module CanTango
     ActiveSupport.on_load(:action_view) do
       include scope::Rails::Helpers::ViewHelper
     end
-
   end
 
   class RailsEngine < ::Rails::Engine
- 
     initializer "cantango.helpers" do
       CanTango.include_helpers(CanTango)
 

data/lib/cantango/rails/helpers/base_helper.rb

@@ -4,7 +4,7 @@ module CanTango
       module BaseHelper
         def self.included(base)
           include_apis(base)
-          base.send :include, CanTango::Rails::Helpers::RestHelper
+          # base.send :include, CanTango::Rails::Helpers::RestHelper
           base.extend ClassMethods
         end
 

data/lib/cantango/rails/helpers/rest_helper.rb

@@ -1,7 +1,7 @@
 module CanTango::Rails::Helpers::RestHelper
   CanTango.config.models.available_models.each do |model|
     class_eval %{
-      def delete_#{model}_path obj, options = {}
+      def delete_#{model.to_s.underscore}_path obj, options = {}
         #{model}_path obj, {:method => 'delete'}.merge(options)
       end
     }

data/lib/cantango/rules/adaptor/active_record.rb

@@ -2,10 +2,7 @@ module CanTango
   module Rules
     module Adaptor
       module ActiveRecord
-        include CanTango::Rules::Adaptor::Generic
-
-        # Some AR specific rules ...
-        #
+        include CanTango::Rules::Adaptor::Relational
       end
     end
   end

data/lib/cantango/rules/adaptor/data_mapper.rb

@@ -0,0 +1,11 @@
+module CanTango
+  module Rules
+    module Adaptor
+      module DataMapper
+        include CanTango::Rules::Adaptor::Relational
+      end
+    end
+  end
+end
+
+

data/lib/cantango/rules/adaptor/mongo.rb

@@ -0,0 +1,19 @@
+module CanTango
+  module Rules
+    module Adaptor
+      module Mongo
+        #include CanTango::Rules::Adaptor::Generic
+        # using #in on Hash (Mongoid query)
+        def include_condition attribute, user_scope
+          { attribute.to_sym.in => user_scope.send(attribute) }
+        end
+
+        def attribute_condition attribute, user_scope
+          { attribute.to_sym => user_scope.send(attribute) }
+        end
+      end
+    end
+  end
+end
+
+

data/lib/cantango/rules/adaptor/mongo_mapper.rb

@@ -0,0 +1,10 @@
+module CanTango
+  module Rules
+    module Adaptor
+      module MongoMapper
+        include module CanTango::Rules::Adaptor::Mongo
+      end
+    end
+  end
+end
+

data/lib/cantango/rules/adaptor/mongoid.rb

@@ -2,11 +2,7 @@ module CanTango
   module Rules
     module Adaptor
       module Mongoid
-        #include CanTango::Rules::Adaptor::Generic
-        # using #in on Hash (Mongoid query)
-        def list_include
-          { scope_key.in => user_scope.send(attribute) }
-        end
+        include module CanTango::Rules::Adaptor::Mongo
       end
     end
   end

data/lib/cantango/rules/adaptor/relational.rb

@@ -0,0 +1,13 @@
+module CanTango
+  module Rules
+    module Adaptor
+      module Relational
+        def attribute_condition attribute, user_scope
+          { attribute.to_sym => user_scope.send(attribute) }
+        end
+        alias_method :include_condition, :attribute_condition
+      end
+    end
+  end
+end
+

data/lib/cantango/rules/adaptor.rb

@@ -1,29 +1,34 @@
 module CanTango
   module Rules
     module Adaptor
-      autoload_modules :Generic
-      autoload_modules :ActiveRecord, :Mongoid
+      autoload_modules :Generic, :Relational, :Mongo
+      autoload_modules :ActiveRecord, :DataMapper, :Mongoid, :MongoMapper
 
       # include adaptor depending on which ORM the object inherits from or includes
       def use_adaptor! base, object
         orm_map.each_pair do |orm, const|
           begin
-            adaptor_class = const.constantize
-            base.class.send(:include, adaptor(orm)) if object.kind_of?(adaptor_class)
-          rescue 
+            base.class.send :include, get_adapter(object, const.constantize, orm)
+          rescue
             next
           end
         end
       end
 
-      def adaptor orm
+      def get_adapter object, adaptor_class, orm
+        object.kind_of?(adaptor_class) ? adaptor_for(orm) : adaptor_for(:generic)
+      end
+
+      def adaptor_for orm
         "CanTango::Rules::Adaptor::#{orm.to_s.camelize}".constantize
       end
 
       def orm_map
         {
           :active_record => "ActiveRecord::Base",
-          :mongoid => "Mongoid::Document"
+          :data_mapper => "DataMapper::Resource",
+          :mongoid => "Mongoid::Document",
+          :mongo_mapper => "MongoMapper::Document"
         }
       end
     end

data/lib/cantango/rules/user_relation.rb

@@ -50,7 +50,7 @@ module CanTango
       end
 
       def rules
-        ability.send :rules # FIXME !?
+        ability.send :rules
       end
 
       def plural_attribute
@@ -62,7 +62,6 @@ module CanTango
           raise "#{model} has no :#{attribute} or :#{plural_attribute} defined" if !model.new.respond_to?(attribute) && !model.new.respond_to?(plural_attribute)
         end
       end
-
     end
   end
 end

data/lib/cantango/user_ac_engine.rb

@@ -1,20 +1,20 @@
 module CanTango
   class UserAcEngine < Engine
-    autoload_modules :Executor
+    include CanTango::Ability::Executor
+    include CanTango::Ability::RoleHelpers
+    include CanTango::Ability::UserHelpers
 
     def initialize ability
       super
     end
 
-    def execute!
-      return if !valid?
-      debug "User AC Engine executing..."
-
+    def permit_rules
       permissions.each do |permission|
         ability.can permission.action.to_sym, permission.thing_type.constantize do |thing|
           thing.nil? || permission.thing_id.nil? || permission.thing_id == thing.id
         end
       end
+      rules << ability_rules if !ability_rules.blank?
     end
 
     def valid?
@@ -28,12 +28,30 @@ module CanTango
 
     protected
 
+    def ability_rules
+      ability.send(:rules)
+    end
+
+    alias_method :cache_key, :engine_name
+
+    def key_method_names
+      [:permissions_hash]
+    end
+
+    def start_execute
+      debug "User AC Engine executing..."
+    end
+
+    def end_execute
+      debug "Done User AC Engine"
+    end
+
     def permissions
-      candidate.respond_to?(:permissions) ? candidate.permissions : []
+      candidate.respond_to?(:all_permissions) ? candidate.all_permissions : []
     end
 
     def invalid
-      debug "No permissions for #{candidate} found!"
+      debug "No permissions for #{candidate} found for #all_permissions call"
       false
     end
   end

data/lib/cantango.rb

@@ -1,6 +1,8 @@
 require 'cantango/rails/railtie' if defined?(Rails)
 require 'cantango/rails/engine' if defined?(Rails)
 require 'cancan'
+require 'active_support' # for Delegate module
+require 'active_support/core_ext/module/delegation'
 require 'cantango/cancan/rule'
 require 'sugar-high/array'
 require 'sugar-high/blank'