conduct 0.1.14

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0c9b3822ec5762a6ba425318b04d4ef94fb03a26
+  data.tar.gz: 7d0cb343c896041219c9af3d2d8134a960768679
+SHA512:
+  metadata.gz: d531afe236c05a3c67807d40214f87476c1b68f87688c89a12893955f7119c3c1d9c8c79c7acf7b76df298519072f977dcb4d5418be084cdfae598cf380063b0
+  data.tar.gz: 38e593631fab7e38528b586c24fce7fd72fb6e52e1ade4473868dcff69ddbd25523f0eaff3c7ed23e8d0b66a18ca5726ada1fa82634f7432fb1016b41cfcd146

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Bryan Goines
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,91 @@
+Conduct - A lightweight authorization
+---
+
+This is work in progress. README will be updated/improved when this is completed.
+
+
+### Examples:
+
+**app/abilities/post_ability.rb**
+
+```ruby
+module PostAbility
+
+  include Conduct
+
+  can :write, Post do |post|
+    current_user.present? && post.new_record?
+  end
+
+  can :read, Post do |post|
+    post.user == current_user
+  end
+
+end
+
+```
+
+**app/abilities/ability.rb**
+
+```ruby
+class Ability
+
+  include Conduct
+
+  define_action create: [:new, :create]
+  define_action read:   [:index, :show]
+  define_action update: [:edit, :update]
+  define_action delete: [:destroy]
+
+  define_action manage: [:create, :read, :update, :delete]
+
+  can :manage, :all do
+    current_user.present? && current_user.admin?
+  end
+
+  include PostAbility
+
+  can :comment, Post, :create_comment?
+
+  can :create, Comment, do |comment|
+    false
+  end
+
+  def create_comment?(post)
+    can? :create, post.comments.new
+  end
+
+end
+
+```
+
+**app/controllers/posts_controller.rb**
+
+```ruby
+class PostsController < ApplicationController
+  before_filter :authorize_ability! only: [:new, :create]
+
+  def index
+    if authorize_ability
+      @posts = @user.posts
+    else
+      @posts = @user.posts.public
+    end
+  end
+
+  def edit
+    redirect_to root_url unless can?(:update, @post)
+  end
+
+  ...
+
+end
+```
+
+**app/views/posts/index.html.erb**
+
+```ruby
+<% if can?(:create, @post) %>
+  <%= link_to "New Post", new_post_path %>
+<% end %>
+```

data/lib/conduct.rb

@@ -0,0 +1,132 @@
+$LOAD_PATH.unshift 'lib'
+
+unless defined?(ActiveSupport)
+  require 'active_support/concern'
+  require 'active_support/core_ext/array'
+end
+
+require 'conduct/rule'
+
+module Conduct
+  extend ActiveSupport::Concern
+
+  module ClassMethods
+
+    attr_accessor :current_user
+
+    def current_user
+      @@current_user
+    end
+
+    def current_user=(user)
+      @@current_user = user
+    end
+
+    def rules
+      @@rules ||= {}
+    end
+
+    def actions
+      @@actions ||= {}
+    end
+
+    def define_action(*args)
+      options = args.extract_options!
+      options.each do |key, value|
+        actions[key] = value
+      end
+    end
+
+    def can(action, subject, *args, &block)
+      options = args.extract_options!
+      block = args.pop if args.last.kind_of?(Proc)
+      if defined_action_exists?(action)
+        collection = fetch_action_from_collection(action)
+        collection.each { |name| define_rule(name, subject, options, &block) }
+      end
+      define_rule(action, subject, options, &block)
+    end
+
+    private
+
+    def define_rule(action, subject, options, &block)
+      if defined_action_exists?(action)
+        add_rule_for_defined_action(action, subject, options, &block)
+      end
+      if action.is_a?(Array)
+        action.each do |name|
+          rule = Rule.new(name, subject, options, &block)
+          add_rule(rule.name, rule)
+        end
+      else
+        rule = Rule.new(action, subject, options, &block)
+        add_rule(rule.name, rule)
+      end
+    end
+
+    def add_rule(name, rule)
+      rules[name] = rule unless rule_exists?(rule.name)
+    end
+
+    def add_rule_for_defined_action(action, subject, options, &block)
+      collection = fetch_action_from_collection(action)
+      collection.each do |name|
+        rule = Rule.new(name, subject, options, &block)
+        add_rule(rule.name, rule)
+      end
+    end
+
+    def rule_exists?(name)
+      rules[name].present?
+    end
+
+    def defined_action_exists?(action)
+      actions[action].present?
+    end
+
+    def fetch_action_from_collection(action)
+      list = actions[action]
+      fail 'Please define action as collection' unless list.is_a?(Array)
+      list
+    end
+
+  end
+
+  attr_reader :current_user
+
+  def initialize(user)
+    @current_user = self.class.current_user = user
+  end
+
+  def rules
+    @rules ||= self.class.rules
+  end
+
+  def can?(action, subject, options = {})
+    name = build_name_for(action, subject)
+    rule = rules[name] || rules["#{action}_all"]
+    return false unless rule
+    rule.result(subject, options)
+  end
+
+  def cannot?(*args)
+    !can?(*args)
+  end
+
+  private
+
+  def build_name_for(action, subject)
+    subject = find_class(subject)
+    "#{action}_#{subject.to_s.downcase}"
+  end
+
+  def find_class(subject)
+    return subject.model_name if subject.respond_to?(:model_name)
+    return subject.class.model_name if subject.class.respond_to?(:model_name)
+    return find_class(subject.first) if subject.is_a?(Array)
+    subject.is_a?(Class) ? subject : subject.class
+  end
+
+end
+
+require 'conduct/rails' if defined?(Rails)

data/lib/conduct/rails.rb

@@ -0,0 +1,53 @@
+module Conduct
+  module Rails
+    module Helpers
+
+      def ability_object(user)
+        @ability ||= Ability.new(user)
+      end
+
+      def current_ability
+        @ability ||= Ability.new(current_user)
+      end
+
+      def can?(*args)
+        current_ability.can?(*args)
+      end
+
+      def cannot?(*args)
+        current_ability.cannot?(*args)
+      end
+
+      # if authorize_ability
+      #   @posts = current_user.posts
+      # else
+      #   @posts = @user.posts.public
+      # end
+      def authorize_ability
+        return unless defined?(controller_name) || params[:action].present?
+        klass = _classify_controller_name
+        current_ability.can?(params[:action], klass.new)
+      end
+
+      # before_action :authorize_ability!
+      def authorize_ability!
+        fail 'Access Denied' unless authorize_ability
+      end
+
+      private
+
+      def _classify_controller_name
+        controller_name.classify.constantize
+      end
+
+    end
+  end
+end
+
+if defined?(ActionController::Base)
+  ActionController::Base.class_eval do
+    include Conduct::Rails::Helpers
+    helper_method :can?, :cannot?, :current_ability, :ability_object
+    hide_action :authorize_ability, :authorize_ability!
+  end
+end

data/lib/conduct/rule.rb

@@ -0,0 +1,35 @@
+module Conduct
+  class Rule
+
+    attr_accessor :action, :subject, :options, :block
+    attr_reader :name, :value
+
+    def initialize(action, subject, options = {}, &block)
+      @action     = action
+      @subject    = subject
+      @options    = options
+      @block      = block
+      @value      = nil
+      @name       = "#{action}_#{subject.to_s.downcase}"
+    end
+
+    def result(object, opts = {})
+      if object.respond_to?(:to_a)
+        @value = object.to_a.all? { |obj| block_call(obj, opts) }
+      else
+        @value = block_call(object, opts)
+      end
+      fail 'Result value is not a boolean type' unless boolean_value?
+      @value
+    end
+
+    def block_call(obj, opts = {})
+      opts.any? ? block.call(obj, opts) : block.call(obj)
+    end
+
+    def boolean_value?
+      value.kind_of?(TrueClass) || value.kind_of?(FalseClass)
+    end
+
+  end
+end

data/lib/conduct/version.rb

@@ -0,0 +1,3 @@
+module Conduct
+  VERSION = '0.1.14'
+end

data/lib/generators/conduct/ability/ability_generator.rb

@@ -0,0 +1,22 @@
+module Conduct
+  module Generators
+    class AbilityGenerator < ::Rails::Generators::NamedBase
+      source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
+
+      hook_for :orm
+
+      desc "Create a new ability"
+
+      def create_ability
+        template 'ability_module.rb', File.join('app/abilities', class_path, "#{file_name}_ability.rb")
+        inject_into_file 'app/abilities/ability.rb', after: "include Conduct\n" do
+          "\n  include #{class_name}Activity\n"
+        end
+
+      end
+
+
+
+    end
+  end
+end

data/lib/generators/conduct/ability/templates/ability_module.rb

@@ -0,0 +1,9 @@
+module <%= class_name %>Ability
+
+  include Conduct
+
+  can :manage, <%= class_name %> do |<%= class_name.downcase %>|
+    false
+  end
+
+end

data/lib/generators/conduct/install/install_generator.rb

@@ -0,0 +1,14 @@
+module Conduct
+  module Generators
+    class InstallGenerator < ::Rails::Generators::Base
+      source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
+
+      desc "Creates an ability to your application"
+
+      def copy_ability
+        template 'ability.rb', 'app/abilities/ability.rb'
+      end
+
+    end
+  end
+end

data/lib/generators/conduct/install/templates/ability.rb

@@ -0,0 +1,20 @@
+class Ability
+
+  include Conduct
+
+  define_action create: [:new, :create]
+  define_action read:   [:index, :show]
+  define_action update: [:edit, :update]
+  define_action delete: [:destroy]
+
+  define_action manage: [:create, :read, :update, :delete]
+
+
+  can :manage, :all do
+  #  current_user.admin?
+    false
+  end
+
+  #include ExampleAbility
+
+end

metadata

@@ -0,0 +1,66 @@
+--- !ruby/object:Gem::Specification
+name: conduct
+version: !ruby/object:Gem::Version
+  version: 0.1.14
+platform: ruby
+authors:
+- Bryan Goines
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-05-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email: bryann83@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/conduct.rb
+- lib/conduct/rails.rb
+- lib/conduct/rule.rb
+- lib/conduct/version.rb
+- lib/generators/conduct/ability/ability_generator.rb
+- lib/generators/conduct/ability/templates/ability_module.rb
+- lib/generators/conduct/install/install_generator.rb
+- lib/generators/conduct/install/templates/ability.rb
+homepage: https://github.com/bry4n/conduct
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Simple authorization
+test_files: []