cantango 0.8.7 → 0.8.8

data/README.textile

@@ -35,13 +35,12 @@ Run bundler in a terminal/console from the folder of your Gemfile (root folder o
 
 @$ bundle@
 
-h2. Update Oct 5, 2011
+h2. Update Oct 6, 2011
 
-Version *0.8.7* has been released.
+Version *0.8.8* has been released.
 
-* Enhanced Permits and Engines debugging. 
-
-Now you can easily track which engines and permits are executed and which permits granted or declined certain abilities
+* Fixed some bugs when using :user and :account permits
+* Enhanced Permits debugging so you can now track the execution flow of the Permits engine. 
 
 h2. Quickstart
 

data/VERSION

@@ -1 +1 @@
-0.8.7
+0.8.8

data/cantango.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = "cantango"
-  s.version = "0.8.7"
+  s.version = "0.8.8"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Kristian Mandrup", "Stanislaw Pankevich"]
-  s.date = "2011-10-05"
+  s.date = "2011-10-06"
   s.description = "Define your permission rules as role- or role group specific permits.\nIntegrates well with multiple Devise user acounts.\nIncludes rules caching.\nStore permissions in yaml file or key-value store"
   s.email = "kmandrup@gmail.com, s.pankevich@gmail.com"
   s.extra_rdoc_files = [

data/lib/cantango.rb

@@ -40,6 +40,10 @@ module CanTango
     def debug!
       config.debug.set :on
     end
+
+    def debug?
+      config.debug.on?
+    end
   end
 end
 

data/lib/cantango/configuration/hash_registry.rb

@@ -32,12 +32,12 @@ module CanTango
 
       def [] label
         raise "Must be a label" if !label.kind_of_label?
-        registered[label]
+        registered[label.to_s]
       end
 
       def []= label, value
         raise "Must be a label" if !label.kind_of_label?
-        registered[label] = value
+        registered[label.to_s] = value
       end
 
       def register hash
@@ -56,7 +56,6 @@ module CanTango
       def default= hash
         @default = Hashie::Mash.new hash
       end
-
     end
   end
 end

data/lib/cantango/configuration/permit_registry.rb

@@ -9,6 +9,21 @@ module CanTango
         }
       end
 
+      def registered_for type, name = nil        
+        name ? registered_by(type)[name.to_s] : registered_by(type)
+      end
+
+      def registered_by type
+        send(type).registered
+      end
+
+      def all
+        [user, account, role, role_group]
+      end
+
+      def show_all
+        all.map(&:registered)
+      end
     end
   end
 end

data/lib/cantango/configuration/permits.rb

@@ -19,7 +19,9 @@ module CanTango
 
       def register_permit_class(permit_name, permit_clazz, permit_type, account_name)
         registry = account_name ? self.send(account_name.to_sym) : self
+        puts "Registering #{permit_type} permit: #{permit_name} of class #{permit_clazz}" if CanTango.debug?
         registry.send(permit_type)[permit_name] = permit_clazz
+        puts registry.send(permit_type).inspect if CanTango.debug?
       end
 
       def allowed candidate, actions, subjects, *extra_args

data/lib/cantango/permission_engine/loader/base.rb

@@ -13,12 +13,14 @@ module CanTango
         end
 
         def file_name= file
-          raise "Couldn't find permissions file: #{file}" if file.nil? || !File.file?(file)
+          raise "Couldn't find permissions file: #{file}. Either disable Permission engine or add this file." if file.nil? || !File.file?(file)
           @file_name = file
         end
 
         def yml_content
           YAML.load_file(file_name)
+        rescue
+          raise "Couldn't load permissions file: #{file_name}. Either disable Permission engine or add this file."
         end
 
         module ClassMethods

data/lib/cantango/permit_engine.rb

@@ -8,7 +8,10 @@ module CanTango
     end
 
     def execute!
-      puts "Permit Engine executing..." if CanTango.config.debug.on?
+      if CanTango.config.debug.on?
+        puts "Permit Engine executing..." 
+        puts "No permits found!" if permits.empty?
+      end
       # CanTango.config.permits.clear_executed! # should there be an option clear before each execution?
       permits.each do |permit|
         CanTango.config.permits.was_executed(permit, ability) if CanTango.config.debug.on?

data/lib/cantango/permit_engine/builder/base.rb

@@ -1,6 +1,8 @@
 module CanTango
   class PermitEngine < Engine
     module Builder
+      class CreatePermitError < StandardError; end;
+
       class Base
         attr_accessor :ability
 
@@ -21,7 +23,7 @@ module CanTango
           self.class.to_s.gsub(/::Builder/, '').constantize
         end
 
-        # Tries to create a new permit for the given role
+        # Tries to create a new permit for the given name
         # If no permit Class can be found, it should return nil
         # @param [Symbol] the name
         # @return the permit Class or nil if not found
@@ -29,12 +31,13 @@ module CanTango
           begin
             permit_clazz(name).new ability
           rescue RuntimeError => e
-            #raise "Error instantiating Permit instance for role #{role}, cause #{e}"
+            # puts "Error instantiating Permit instance for #{name}, cause: #{e}" if CanTango.debug?
             nil
           end
         end
 
         def permit_clazz name
+          puts "Permit Finder: #{finder}" if CanTango.debug?
           finder.new(subject, name).get_permit
         end
 

data/lib/cantango/permit_engine/builder/special_permits.rb

@@ -3,6 +3,7 @@ module CanTango
     module Builder
       class SpecialPermits < Base
         def build
+          puts "Building special permits"
           special_permits.map{|role| create_permit(role)}.compact
         end
 

data/lib/cantango/permit_engine/executor/abstract.rb

@@ -18,6 +18,10 @@ module CanTango
 
         protected
 
+        def valid_for? subject
+          permit.valid_for?(subject) if permit
+        end
+
         def options
           permit.options
         end

data/lib/cantango/permit_engine/executor/base.rb

@@ -4,46 +4,13 @@ module CanTango
       class Base < Abstract
         # execute the permit
         def execute!
-          role_execution
-          #role_group_execution
-        end
-
-        # only execute the permit if the user has the role of the permit or is for any role      
-        def role_execution
-          permit? if permit_for_user_role? || permit_for_user_group?
-        end
-
-        def permit_for_user_role?
-          subject_in_role? || role == :any
-        end
-
-        def role_group_execution
-          # could also use #user.is_member_of?
-          permit? if permit_for_user_group?
-        end
-
-        def permit_for_user_group?
-          subject_in_role_group? || false
+          valid_for?(subject) ? permit? : not_candidate_permit
         end
 
         protected
 
-        def subject_in_role?
-          return subject.send(has_role_meth, role) if subject.respond_to? has_role_meth
-          return subject.send(roles_list_meth).include? role if subject.respond_to? roles_list_meth
-          false
-        end
-
-        def subject_in_role_group?
-          return subject.send(has_role_group_meth, role) if subject.respond_to? has_role_group_meth
-          return subject.send(role_groups_list_meth).include? role if subject.respond_to? role_groups_list_meth
-          false
-        end
-
-        include CanTango::Helpers::RoleMethods
-
-        def role
-          permit.role
+        def not_candidate_permit
+          puts "Permit #{permit} is not valid for #{subject}" if CanTango.debug?
         end
       end
     end

data/lib/cantango/permit_engine/factory.rb

@@ -1,7 +1,7 @@
 module CanTango
   class PermitEngine < Engine
     class Factory
-      attr_accessor :ability, :builders
+      attr_accessor :ability
 
       # creates the factory for the ability
       # note that the ability contains the roles and role groups of the user (or account)
@@ -11,10 +11,21 @@ module CanTango
       end
 
       def build!
-        @builders ||= builders.inject([]) do |res, builder|
-          res << create_builder(builder).build
-          res
-        end.flatten.compact
+        puts "PermitEngine Factory: No permits could be built" if permits.empty? && CanTango.debug?
+        permits
+      end
+
+      def permits
+        @permits ||= builders.inject([]) do |permits, builder|
+          puts "++ Permit Builder: #{builder_class builder}"
+          built_permits = permits_built_with(builder)
+          puts "== Permits built: #{built_permits.size}"
+          permits = permits + built_permits if built_permits
+        end.flatten
+      end
+
+      def permits_built_with builder
+        create_builder(builder).build
       end
 
       def create_builder builder

data/lib/cantango/permit_engine/finder.rb

@@ -6,7 +6,7 @@ module CanTango
 
       def initialize user_account, name
         @user_account = user_account
-        @name = name
+        @name = name.to_s.underscore.to_sym
       end
 
       def get_permit
@@ -17,37 +17,62 @@ module CanTango
       protected
 
       def find_error
-        "Permit for #{type} #{name} could not be loaded. Define either class: #{account_permit_class} or #{permit_class}"
+        "Permit for #{type} #{name} could not be loaded. Define class: #{permit_class} (or wrapped in account scope)"
       end
 
       def retrieve_permit
-        @found_permit ||= [account_permit(name), permit(name)].compact.first
+        @found_permit ||= permits_to_try.first
+      end
+
+      def permits_to_try
+        [account_permit, permit].compact
       end
 
-      def account_permit name
-        
         # TODO: User/Account cases should be handled somehow following is just interim measure
+      def account_permit
         return nil if !user_account.class.name =~ /Account/
-        account_permits_for_account.send(type).registered[name]
+        found = account_permits_by(type)[name]
+        debug_msg account_permit_msg(found)
+        found
       rescue
         nil
       end
 
-      def permit name
-        permits.send(type).registered[name]
+      def account_permit_msg found
+        found.nil? ? "no account permits found for #{name}" : "account permits registered for name: #{name} -> #{found}"
       end
 
-      def permits
-        CanTango.config.permits
+      def permit
+        found = registered_permits.registered_for type, name
+        debug_msg permit_msg(found)
+        found        
+      end
+
+      def debug_msg msg
+        puts msg if CanTango.debug?
+      end
+
+      def permit_msg found
+        found.nil? ? "no permits found for #{name}" : "permits registered for name: #{name} -> #{found}"
       end
 
-      # TODO: make proper account touching
+      def account_permits_by type
+        account_permits_for_account.registered_for(type)
+      end
+
+      def permits_by type
+        registered_permits.registered_for(type)
+      end
+
+      def registered_permits
+        CanTango.config.permits
+      end
 
       def account_permits_for_account
-        account_permits.send(account)
+        registered_account_permits.send(account)
       end
 
-      def account_permits
+      def registered_account_permits
         CanTango.config.permits
       end
 

data/lib/cantango/permits/account_permit.rb

@@ -44,8 +44,27 @@ module CanTango
       def permit?
         super
       end
-    end
 
+      def valid_for? subject
+        debug_invalid if CanTango.debug? && !(subject_name == account_name)
+        subject_name == account_name
+      end
+
+      protected
+
+      def debug_invalid
+        puts "Not a valid permit for subject: (account class) #{subject_account} != #{permit_account} (permit account)"
+      end
+
+      def subject_name
+        nm = subject.class.name.sub(/.*(Account)$/, '')
+        nm.underscore.to_sym
+      end
+
+      def account_name
+        self.class.account_type_name(self.class)
+      end
+    end
   end
 end
 

data/lib/cantango/permits/account_permit/builder.rb

@@ -8,8 +8,18 @@ module CanTango
         # @return [Array<RoleGroupPermit::Base>] the role permits built for this ability
         def build
           return [] if !user_account
-          # raise NoAvailableRoles, "no available roles are defined" if available_roles.empty?
-          [] << create_permit(user_account.class.to_s)
+          puts debug_msg if CanTango.debug?          
+          [permit].compact
+        end
+
+        protected
+
+        def debug_msg
+          permit ? "Building AccountPermit for #{user_account}, permit: #{permit}" : "Not building any AccountPermit"
+        end 
+
+        def permit
+          create_permit(user_account.class.to_s)
         end
       end
     end

data/lib/cantango/permits/permit.rb

@@ -21,7 +21,6 @@ module CanTango
         clazz.to_s.gsub(/^([A-Za-z]+).*/, '\1').underscore.to_sym # first part of class name
       end
 
-
       def self.account_name clazz
         return nil if clazz.name == clazz.name.demodulize
         clazz.name.gsub(/::.*/,'').gsub(/(.*)Permits/, '\1').underscore.to_sym
@@ -34,11 +33,14 @@ module CanTango
         ability_sync!
       end
 
+      def valid_for? subject
+        raise NotImplementedError
+      end
+
       def category label
         config.models.by_category label
       end
 
-
       def any reg_exp
         config.models.by_reg_exp reg_exp
       end

data/lib/cantango/permits/role_group_permit.rb

@@ -44,6 +44,19 @@ module CanTango
         super
       end
  
+      def valid_for? subject
+        in_role_group? subject
+      end
+      
+      protected
+
+      include CanTango::Helpers::RoleMethods
+
+      def in_role_group? subject
+        return subject.send(has_role_group_meth, role) if subject.respond_to? has_role_group_meth
+        return subject.send(role_groups_list_meth).include? role if subject.respond_to? role_groups_list_meth
+        false
+      end 
     end
   end
 end

data/lib/cantango/permits/role_group_permit/builder.rb

@@ -8,8 +8,13 @@ module CanTango
         # builds a list of Permits for each role group of the current ability user (or account)
         # @return [Array<RoleGroupPermit::Base>] the role group permits built for this ability
         def build
-          # raise NoAvailableRoleGroups, "no available roles groups are defined" if available_role_groups.empty?
+          if roles.empty?
+            puts "Not building any RoleGroupPermit" if CanTango.debug?
+            return [] if role_groups.empty?
+          end
+      
           role_groups.inject([]) do |permits, role_group|
+            puts "Building RoleGroupPermit for #{role_group}" if CanTango.debug?
             (permits << create_permit(role_group)) if valid?(role_group)
             permits
           end.compact

data/lib/cantango/permits/role_permit.rb

@@ -44,7 +44,20 @@ module CanTango
       def permit?
         super
       end
-    end
 
+      def valid_for? subject
+        in_role? subject
+      end
+      
+      protected
+
+      include CanTango::Helpers::RoleMethods
+
+      def in_role? subject
+        return subject.send(has_role_meth, role) if subject.respond_to? has_role_meth
+        return subject.send(roles_list_meth).include? role if subject.respond_to? roles_list_meth
+        false
+      end
+    end
   end
 end

data/lib/cantango/permits/role_permit/builder.rb

@@ -5,7 +5,12 @@ module CanTango
         # builds a list of Permits for each role of the current ability user (or account)
         # @return [Array<RoleGroupPermit::Base>] the role permits built for this ability
         def build
+          if roles.empty?
+            puts "Not building any RolePermit" if CanTango.debug?
+            return [] if roles.empty?
+          end
           roles.inject([]) do |permits, role|
+            puts "Building RolePermit for #{role}" if CanTango.debug?
             (permits << create_permit(role)) if valid?(role.to_sym)
             permits
           end.compact

data/lib/cantango/permits/user_permit.rb

@@ -45,8 +45,26 @@ module CanTango
       def permit?
         super
       end
-    end
 
+      def valid_for? subject
+        debug_invalid if CanTango.debug? && !(subject_user == permit_user)
+        subject_user == permit_user
+      end
+
+      protected
+
+      def debug_invalid
+        puts "Not a valid permit for subject: (user class) #{subject_user} != #{permit_user} (permit user)"
+      end
+
+      def subject_user
+        subject.class.name.underscore.to_sym
+      end
+
+      def permit_user
+        self.class.user_type_name(self.class)
+      end
+    end
   end
 end
 

data/lib/cantango/permits/user_permit/builder.rb

@@ -5,10 +5,20 @@ module CanTango
         # class NoAvailableRoles < StandardError; end
 
         # builds a list of Permits for each role of the current ability user (or account)
-        # @return [Array<RoleGroupPermit::Base>] the role permits built for this ability
+        # @return [Array<Permit::Base>] the role permits built for this ability
         def build
-          # raise NoAvailableRoles, "no available roles are defined" if available_roles.empty?
-          [] << create_permit(user.class.to_s)
+          puts debug_msg if CanTango.debug?
+          [permit].compact
+        end
+
+        protected
+
+        def debug_msg
+          permit ? "Building UserPermit for #{user}, permit: #{permit}" : "Not building any UserPermit"
+        end 
+
+        def permit
+          @permit ||= create_permit(user.class.to_s)
         end
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cantango
 version: !ruby/object:Gem::Version
-  version: 0.8.7
+  version: 0.8.8
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-10-05 00:00:00.000000000Z
+date: 2011-10-06 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2156522760 !ruby/object:Gem::Requirement
+  requirement: &2155232980 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,10 +22,10 @@ dependencies:
         version: 3.0.1
   type: :runtime
   prerelease: false
-  version_requirements: *2156522760
+  version_requirements: *2155232980
 - !ruby/object:Gem::Dependency
   name: cancan
-  requirement: &2156521480 !ruby/object:Gem::Requirement
+  requirement: &2155230180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -33,10 +33,10 @@ dependencies:
         version: '1.4'
   type: :runtime
   prerelease: false
-  version_requirements: *2156521480
+  version_requirements: *2155230180
 - !ruby/object:Gem::Dependency
   name: sugar-high
-  requirement: &2156520860 !ruby/object:Gem::Requirement
+  requirement: &2155228180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -44,10 +44,10 @@ dependencies:
         version: 0.6.0
   type: :runtime
   prerelease: false
-  version_requirements: *2156520860
+  version_requirements: *2155228180
 - !ruby/object:Gem::Dependency
   name: sweetloader
-  requirement: &2156520260 !ruby/object:Gem::Requirement
+  requirement: &2155225700 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -55,10 +55,10 @@ dependencies:
         version: 0.1.0
   type: :runtime
   prerelease: false
-  version_requirements: *2156520260
+  version_requirements: *2155225700
 - !ruby/object:Gem::Dependency
   name: hashie
-  requirement: &2156519760 !ruby/object:Gem::Requirement
+  requirement: &2155224820 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -66,10 +66,10 @@ dependencies:
         version: '0.4'
   type: :runtime
   prerelease: false
-  version_requirements: *2156519760
+  version_requirements: *2155224820
 - !ruby/object:Gem::Dependency
   name: rspec-rails
-  requirement: &2156519280 !ruby/object:Gem::Requirement
+  requirement: &2155223860 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -77,10 +77,10 @@ dependencies:
         version: 2.6.1
   type: :development
   prerelease: false
-  version_requirements: *2156519280
+  version_requirements: *2155223860
 - !ruby/object:Gem::Dependency
   name: forgery
-  requirement: &2156518640 !ruby/object:Gem::Requirement
+  requirement: &2155222500 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -88,10 +88,10 @@ dependencies:
         version: '0.3'
   type: :development
   prerelease: false
-  version_requirements: *2156518640
+  version_requirements: *2155222500
 - !ruby/object:Gem::Dependency
   name: factory_girl
-  requirement: &2156518140 !ruby/object:Gem::Requirement
+  requirement: &2155220720 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -99,10 +99,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156518140
+  version_requirements: *2155220720
 - !ruby/object:Gem::Dependency
   name: sqlite3
-  requirement: &2156517640 !ruby/object:Gem::Requirement
+  requirement: &2155219360 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -110,10 +110,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156517640
+  version_requirements: *2155219360
 - !ruby/object:Gem::Dependency
   name: sourcify
-  requirement: &2156516960 !ruby/object:Gem::Requirement
+  requirement: &2155217480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -121,10 +121,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156516960
+  version_requirements: *2155217480
 - !ruby/object:Gem::Dependency
   name: dkastner-moneta
-  requirement: &2156516480 !ruby/object:Gem::Requirement
+  requirement: &2155216560 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -132,10 +132,10 @@ dependencies:
         version: '1.0'
   type: :development
   prerelease: false
-  version_requirements: *2156516480
+  version_requirements: *2155216560
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2156516000 !ruby/object:Gem::Requirement
+  requirement: &2155215080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -143,10 +143,10 @@ dependencies:
         version: 2.4.0
   type: :development
   prerelease: false
-  version_requirements: *2156516000
+  version_requirements: *2155215080
 - !ruby/object:Gem::Dependency
   name: jeweler
-  requirement: &2156515440 !ruby/object:Gem::Requirement
+  requirement: &2155213680 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -154,10 +154,10 @@ dependencies:
         version: 1.6.4
   type: :development
   prerelease: false
-  version_requirements: *2156515440
+  version_requirements: *2155213680
 - !ruby/object:Gem::Dependency
   name: bundler
-  requirement: &2156514780 !ruby/object:Gem::Requirement
+  requirement: &2155211640 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -165,10 +165,10 @@ dependencies:
         version: 1.0.1
   type: :development
   prerelease: false
-  version_requirements: *2156514780
+  version_requirements: *2155211640
 - !ruby/object:Gem::Dependency
   name: rdoc
-  requirement: &2156514300 !ruby/object:Gem::Requirement
+  requirement: &2155209840 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -176,7 +176,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2156514300
+  version_requirements: *2155209840
 description: ! 'Define your permission rules as role- or role group specific permits.
 
   Integrates well with multiple Devise user acounts.
@@ -822,7 +822,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1292324301236027620
+      hash: 4099714977896474782
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements: