consent 0.4.2 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4cfaa01c1cf6ece41d10032df322ad2441d19ff78888b8f6821e2d149a7ee2bd
-  data.tar.gz: 343ac5abc8e4a49bdd04f4ec2ea998ab6408fb83cd0a9b2a54ddb750bc3c494d
+  metadata.gz: 66e7e1705d61760713253718eabda896ffa49f25ea6e1a9a6c4fc1a188730cfb
+  data.tar.gz: 4dc120c6f1e89a3cb612a62cf9fdbac565e51b9fabe9d04a68c64c3d9a8fd193
 SHA512:
-  metadata.gz: 4723a478ad632b41223aeb185dc681edf454fc7879a22c7c7267ab2e4ad53e02a44d71c1d73732c792e7c25a921545a35669695a6536f8317d430c0066121f77
-  data.tar.gz: 6bebde1fc871b955daeb0af93547221a91551f8bda579f8986257663fdcee5175d1b318225adb1483c0e3852485185bb85d86a9ed6c2f71378c3a3e8dcc10459
+  metadata.gz: 9ca74d2788b689711966b38e11ce4b857009064d1fce59c2b5335adc437c1b20a9298acb61a0e71cf3aac2eef1f13f6b8b06570014938ef757374b6a4f98b9c4
+  data.tar.gz: 9d4e6cf5d18d0671c9aade10a33933cc93b0cb704c623d6705332de55a1a02b3952b01fdee9d357a1c0ba9f37d570910ac1fe54614087cd88c94d3d890b5761d

data/.gitignore

@@ -7,3 +7,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+/consent-*.gem

data/.rubocop.yml

@@ -0,0 +1 @@
+inherit_from: .rubocop_todo.yml

data/.rubocop_todo.yml

@@ -0,0 +1,21 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2019-11-20 02:06:29 -0300 using RuboCop version 0.65.0.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 5
+# Configuration parameters: CountComments, ExcludedMethods.
+# ExcludedMethods: refine
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/consent/rspec.rb'
+
+# Offense count: 9
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'

data/.travis.yml

@@ -1,9 +1,14 @@
 sudo: false
 language: ruby
 rvm:
-- 2.2.2
-- 2.5.0
+- 2.5.8
+- 2.6.6
+- 2.7.2
+- 3.0.0
 before_install: gem install bundler -v 1.17.3
+script:
+  - bundle exec rubocop
+  - bundle exec rspec
 deploy:
   provider: rubygems
   api_key:
@@ -12,3 +17,4 @@ deploy:
   on:
     tags: true
     repo: powerhome/consent
+    ruby: 2.6.6

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # Specify your gem's dependencies in consent.gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright Power Home Remodeling Group, LLC
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -18,21 +18,21 @@ Or install it yourself as:
 
 ## What is Consent
 
-Consent makes defining permissions easier by providing a clean, concise DSL for authorization so that all abilities do not have to be in your `Ability`
+Consent makes defining permissions easier by providing a clean, concise DSL for authorization
+so that all abilities do not have to be in your `Ability`
 class.
 
-Consent takes application permissions and models them so that permissions are organized and can be defined granularly. It does so using the
-following models:
+Consent takes application permissions and models them so that permissions are organized and can
+be defined granularly. It does so using the following models:
 
 * View: A collection of objects limited by a given condition.
 * Action: An action performed on top of the objects limited by the view. For example, one user could only `:view` something, while another could `:manage` it.
 * Subject: Holds the scope of the actions.
-* Permission: What is given to the user. Combines a subject, an action and
-a view.
+* Permission: The combination of a subject, an action, and a view (or full-access).
 
 ## What Consent Is Not
 
-Consent isn't a tool to enforce permissions -- it is intended to be used with CanCanCan and is only to make permissions more easily readable and definable.
+Consent isn't a tool to enforce permissions -- it supports CanCan(Can) for that goal.
 
 ## Subject
 
@@ -50,7 +50,8 @@ Consent.define Project, 'Our Projects' do
 end
 ```
 
-The scope is the action that's being performed on the subject. It can be anything, but will typically be an ActiveRecord class, a `:symbol`, or a PORO.
+The scope is the action that's being performed on the subject. It can be anything, but will
+typically be an ActiveRecord class, a `:symbol`, or a PORO.
 
 For instance:
 
@@ -62,16 +63,15 @@ end
 
 ## Views
 
-Views are the rules that limit the access to actions. For instance,
-a user may see a `Project` from his department, but not from others. That rule
-could be enforced with a `:department` view, defined like this:
+Views are the rules that limit access to actions. For instance, a user may see a `Project`
+from his department, but not from others. You can enforce it with a `:department` view,
+as in the examples below:
 
 ### Hash Conditions
 
-This is probably the most commonly used and is useful, for example,
-when the view can be defined using a where condition in an ActiveRecord context.
-It follows a match condition and will return all objects that meet the criteria
-and is based off a boolean:
+Probably the most commonly used. When the view can be defined using a `where` scope in
+an ActiveRecord context. It follows a match condition and will return all objects that meet
+the criteria:
 
 ```ruby
 Consent.define Project, 'Projects' do
@@ -81,22 +81,21 @@ Consent.define Project, 'Projects' do
 end
 ```
 
-Although hash conditions (matching object's attributes) are recommended,
-the constraints can be anything you want. Since Consent does not enforce the
-rules, those rules are directly given to CanCan. Following [CanCan rules](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities%3A-Best-Practice)
+Although hash conditions (matching object's attributes) are recommended, the constraints can
+be anything you want. Since Consent does not enforce the rules, those rules are directly given
+to CanCan. Following [CanCan rules](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities%3A-Best-Practice)
 for defining abilities is recommended.
 
 ### Object Conditions
 
-If you're not matching for equal values, then you would need to use an object
-condition, which matches data based off a range.
+If you're not matching for equal values, then you would need to use an object condition.
 
-If you already have an object and want to check to see whether the user has
-permission to view that specific object, you would use object conditions.
+If you already have an object and want to check to see whether the user has permission to view
+that specific object, you would use object conditions.
 
-If your needs can't be satisfied by hash conditions, it is recommended that a
-second condition is given for constraining object instances. For example, if you
-want to restrict a view for smaller volume projects:
+If your needs can't be satisfied by hash conditions, it is recommended that a second condition
+is given for constraining object instances. For example, if you want to restrict a view for smaller
+volume projects:
 
 ```ruby
 Consent.define Project, 'Projects' do
@@ -111,7 +110,7 @@ end
 ```
 
 For object conditions, the latter argument will be the referred object, while the
-former will be the context given to the [Permission](#permission) (also check
+first will be the context given to the [Permission](#permission) (also check
 [CanCan integration](#cancan-integration)).
 
 ## Action
@@ -161,73 +160,81 @@ end
 
 ## Permission
 
-A permission is what is consented to the user. It is the *permission* to perform
+A permission is what is consented to the user. It consentment to perform
 an *action* on a limited *view* of the *subject*. It marries the three concepts
 to consent an access to the user.
 
-A permission is not specified by the user, it is calculated from a permissions
-hash owned by a `User`, or a `Role` on an application.
+## CanCan Integration
 
-The permissions hash looks like the following:
+Consent provides a CanCan ability (Consent::Ability) to integrate your
+permissions with frameworks like Rails. To use it with Rails check out the
+example at [Ability for Other Users](https://github.com/CanCanCommunity/cancancan/wiki/Ability-for-Other-Users)
+on CanCanCan's wiki.
+
+In the ability you define the scope of the permissions. This is typically a
+user:
 
 ```ruby
-{
-  project: {
-    read: 'department',
-    approve: 'small_volumes'
-  }
-}
+Consent::Ability.new(user)
 ```
 
-In other words:
+You'd more commonly define a subclass of `Consent::Ability`, and consent access
+to the user by calling `consent`:
 
 ```ruby
-{
-  <subject>: {
-    <action>: <view>
-  }
-}
+class MyAbility < Consent::Ability
+  def initialize(user)
+    super user
+
+    consent :read, Project, :department
+  end
+end
 ```
 
-### Full Access
+You can also consent full access by not specifying the view:
 
-Full (unrestricted by views) access is granted when view is `'1'`, `true` or
-`'true'`. For instance:
+```ruby
+  consent :read, Project
+```
 
-In other words:
+If you have a somehow manageable permission, you can consent them in batch in your ability:
 
 ```ruby
-{
-  projects: {
-    approve: true
-  }
-}
+class MyAbility < Consent::Ability
+  def initialize(user)
+    super user
+
+    user.permissions.each do |permission|
+      consent permission.action, permission.subject, permission.view
+    end
+  end
+end
 ```
 
-## CanCan Integration
+Consenting the same permission multiple times is handled as a Union by CanCanCan:
 
-Consent provides a CanCan ability (Consent::Ability) to integrate your
-permissions with frameworks like Rails. To use it with Rails check out the
-example at [Ability for Other Users](https://github.com/CanCanCommunity/cancancan/wiki/Ability-for-Other-Users)
-on CanCanCan's wiki.
+```ruby
+class MyAbility < Consent::Ability
+  def initialize(user)
+    super user
 
-In the ability you define the scope of the permissions. This is typically an
-user:
+    consent :read, Project, :department
+    consent :read, Project, :future_projects
+  end
+end
 
-```ruby
-Consent::Ability.new(user.permissions, user)
-```
+user = User.new(department_id: 13)
+ability = MyAbility.new(user)
 
-The first parameter given to the ability is the permissions hash, seen at
-[Permission](#permission). The following parameters are the permission context.
-These parameters are given directly to the condition blocks defined by the views
-in the exact same order, so it's up to you to define what your context is.
+Project.accessible_by(ability, :read).to_sql
+=> SELECT * FROM projects WHERE ((department_id = 13) OR (starts_at > '2021-04-06'))
+```
 
 ## Rails Integration
 
 Consent is integrated into Rails with `Consent::Railtie`. To define where
 your permission files will be, use `config.consent.path`. This defaults to
-`app/permissions/` to conform to Rails' standards.
+`#{Rails.root}/app/permissions/` to conform to Rails' standards.
 
 ## Development
 

data/Rakefile

@@ -1,6 +1,8 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/bin/console

@@ -1,7 +1,8 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
-require "bundler/setup"
-require "consent"
+require 'bundler/setup'
+require 'consent'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +11,5 @@ require "consent"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start

data/consent.gemspec

@@ -1,5 +1,6 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'consent/version'
 
@@ -12,14 +13,16 @@ Gem::Specification.new do |spec|
   spec.summary       = 'Consent'
   spec.description   = 'Consent'
 
+  spec.licenses = ['MIT']
+
   spec.files = `git ls-files`.split.reject do |file|
     file =~ /^(test|spec|features)/
   end
   spec.require_paths = ['lib']
 
-  spec.add_development_dependency 'activesupport', '>= 4.1.11'
+  spec.add_development_dependency 'bundler', '>= 1.17.3'
   spec.add_development_dependency 'cancancan', '~> 1.15.0'
-  spec.add_development_dependency 'bundler', '~> 1.17.3'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'rubocop', '~> 0.65.0'
 end

data/lib/consent.rb

@@ -1,30 +1,48 @@
+# frozen_string_literal: true
+
 require 'consent/version'
 require 'consent/subject'
 require 'consent/view'
 require 'consent/action'
 require 'consent/dsl'
 require 'consent/permission'
-require 'consent/permissions'
 require 'consent/ability' if defined?(CanCan)
 require 'consent/railtie' if defined?(Rails)
 
+# Consent makes defining permissions easier by providing a clean,
+# concise DSL for authorization so that all abilities do not have
+# to be in your `Ability` class.
 module Consent
-  FULL_ACCESS = %w(1 true).freeze
-
+  # Default views available to every permission
+  #
+  # i.e.:
+  #  Defining a view with no conditions:
+  #  Consent.default_views[:all] = Consent::View.new(:all, "All")
+  #
+  # @return [Hash<Symbol,Consent::View>]
   def self.default_views
     @default_views ||= {}
   end
 
+  # Subjects defined in Consent
+  #
+  # @return [Array<Consent::Subject>]
   def self.subjects
     @subjects ||= []
   end
 
+  # Finds all subjects defined with the given key
+  #
+  # @return [Array<Consent::Subject>]
   def self.find_subjects(subject_key)
     @subjects.find_all do |subject|
       subject.key.eql?(subject_key)
     end
   end
 
+  # Finds an action within a subject context
+  #
+  # @return [Consent::Action,nil]
   def self.find_action(subject_key, action_key)
     Consent.find_subjects(subject_key)
            .map(&:actions).flatten
@@ -33,18 +51,36 @@ module Consent
            end
   end
 
+  # Finds a view within a subject context
+  #
+  # @return [Consent::View,nil]
   def self.find_view(subject_key, view_key)
     views = Consent.find_subjects(subject_key)
-                   .map{|subject| subject.views}
+                   .map(&:views)
                    .reduce({}, &:merge)
     views[view_key]
   end
 
-  def self.load_subjects!(paths)
-    permission_files = paths.map { |dir| dir.join('*.rb') }
-    Dir[*permission_files].each(&Kernel.method(:load))
+  # Loads all permission (ruby) files from the given directory
+  # and using the given mechanism (default: :require)
+  #
+  # @param paths [Array<String,#to_s>] paths where the ruby files are located
+  # @param mechanism [:require,:load] mechanism to load the files
+  def self.load_subjects!(paths, mechanism = :require)
+    permission_files = paths.map { |dir| File.join(dir, '*.rb') }
+    Dir[*permission_files].each(&Kernel.method(mechanism))
   end
 
+  # Defines a subject with the given key, label and options
+  #
+  # i.e:
+  #   Consent.define :users, "User management" do
+  #     view :department, "Same department only" do |user|
+  #       { department_id: user.department_id }
+  #     end
+  #     action :read, "Can view users"
+  #     action :update, "Can edit existing user", views: :department
+  #   end
   def self.define(key, label, options = {}, &block)
     defaults = options.fetch(:defaults, {})
     subjects << Subject.new(key, label).tap do |subject|
@@ -52,6 +88,9 @@ module Consent
     end
   end
 
+  # Maps a permissions hash to a Consent::Permissions
+  #
+  # @return [Consent::Permissions]
   def self.permissions(permissions)
     Permissions.new(permissions)
   end

data/lib/consent/ability.rb

@@ -1,12 +1,39 @@
+# frozen_string_literal: true
+
 module Consent
+  # Defines a CanCan(Can)::Ability class based on a permissions hash
   class Ability
     include CanCan::Ability
 
-    def initialize(permissions, *args)
-      Consent.permissions(permissions).each do |permission|
-        conditions = permission.conditions(*args)
-        object_conditions = permission.object_conditions(*args)
-        can permission.action_key, permission.subject_key, conditions, &object_conditions
+    def initialize(*args, apply_defaults: true)
+      @context = *args
+      apply_defaults! if apply_defaults
+    end
+
+    def consent(permission: nil, subject: nil, action: nil, view: nil)
+      permission ||= Permission.new(subject, action, view)
+      return unless permission.valid?
+
+      can(
+        permission.action_key, permission.subject_key,
+        permission.conditions(*@context),
+        &permission.object_conditions(*@context)
+      )
+    end
+
+    private
+
+    def apply_defaults!
+      Consent.subjects.each do |subject|
+        subject.actions.each do |action|
+          next unless action.default_view
+
+          consent(
+            subject: subject.key,
+            action: action.key,
+            view: action.default_view
+          )
+        end
       end
     end
   end

data/lib/consent/action.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Consent
-  class Action
+  class Action # :nodoc:
     attr_reader :key, :label, :options
 
     def initialize(key, label, options = {})

data/lib/consent/dsl.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Consent
-  class DSL
+  class DSL # :nodoc:
     attr_reader :subject
 
     def initialize(subject, defaults)
@@ -11,13 +13,13 @@ module Consent
       DSL.build(@subject, @defaults.merge(new_defaults), &block)
     end
 
-    # rubocop:disable Link/UnusedBlockArgument, Link/Eval
+    # rubocop:disable Lint/UnusedBlockArgument, Security/Eval
     def eval_view(key, label, collection_conditions)
       view key, label do |user|
         eval(collection_conditions)
       end
     end
-    # rubocop:enable Link/UnusedBlockArgument, Link/Eval
+    # rubocop:enable Lint/UnusedBlockArgument, Security/Eval
 
     def view(key, label, instance = nil, collection = nil, &block)
       collection ||= block

data/lib/consent/permission.rb

@@ -1,29 +1,30 @@
+# frozen_string_literal: true
+
 module Consent
-  class Permission
-    def initialize(subject, action, view = nil)
-      @subject = subject
-      @action = action
-      @view = view
-    end
+  class Permission # :nodoc:
+    attr_reader :subject_key, :action_key, :view_key, :view
 
-    def subject_key
-      @subject.key
+    def initialize(subject_key, action_key, view_key = nil)
+      @subject_key = subject_key
+      @action_key = action_key
+      @view_key = view_key
+      @view = Consent.find_view(subject_key, view_key) if view_key
     end
 
-    def action_key
-      @action.key
+    def action
+      @action ||= Consent.find_action(subject_key, action_key)
     end
 
-    def view_key
-      @view && @view.key
+    def valid?
+      action && (@view_key.nil? == @view.nil?)
     end
 
     def conditions(*args)
-      @view && @view.conditions(*args)
+      @view.nil? ? nil : @view.conditions(*args)
     end
 
     def object_conditions(*args)
-      @view && @view.object_conditions(*args)
+      @view.nil? ? nil : @view.object_conditions(*args)
     end
   end
 end

data/lib/consent/railtie.rb

@@ -1,19 +1,26 @@
+# frozen_string_literal: true
+
+require 'consent/reloader'
+
 module Consent
   # Plugs consent permission load to the Rails class loading cycle
   class Railtie < Rails::Railtie
-    config.before_configuration do
-      default_path = Rails.root.join('app', 'permissions')
-      config.consent = Struct.new(:paths).new([default_path])
+    config.before_configuration do |app|
+      default_path = app.root.join('app', 'permissions')
+      config.consent = Consent::Reloader.new(
+        default_path,
+        ActiveSupport::Dependencies.mechanism
+      )
     end
 
-    config.to_prepare do
-      Consent.subjects.clear
-      Consent.load_subjects! Rails.application.config.consent.paths
+    config.after_initialize do |app|
+      app.config.consent.execute
     end
 
-    config.after_initialize do
-      permissions_paths = config.consent.paths.map(&:to_s)
-      ActiveSupport::Dependencies.autoload_paths -= permissions_paths
+    initializer 'initialize consent permissions reloading' do |app|
+      app.reloaders << config.consent
+      ActiveSupport::Dependencies.autoload_paths -= config.consent.paths
+      config.to_prepare { app.config.consent.execute }
     end
   end
 end

data/lib/consent/reloader.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Consent
+  # Rails file reloader to detect permission changes and apply them to consent
+  class Reloader
+    attr_reader :paths
+    delegate :updated?, :execute, :execute_if_updated, to: :updater
+
+    def initialize(default_path, mechanism)
+      @paths = [default_path]
+      @mechanism = mechanism
+    end
+
+    private
+
+    def reload!
+      Consent.subjects.clear
+      Consent.load_subjects! paths, @mechanism
+    end
+
+    def updater
+      @updater ||= ActiveSupport::FileUpdateChecker.new([], globs) { reload! }
+    end
+
+    def globs
+      pairs = paths.map { |path| [path.to_s, %w[rb]] }
+      Hash[pairs]
+    end
+  end
+end

data/lib/consent/rspec.rb

@@ -1,6 +1,33 @@
+# frozen_string_literal: true
+
 require 'consent'
 
 module Consent
+  # RSpec helpers for consent. Given permissions are loaded,
+  # gives you the ability of defining permission specs like
+  #
+  # Given "users" permissions
+  # Consent.define :users, "User management" do
+  #   view :department, "Same department only" do |user|
+  #     { department_id: user.department_id }
+  #   end
+  #   action :read, "Can view users"
+  #   action :update, "Can edit existing user", views: :department
+  # end
+  #
+  # RSpec.describe "User permissions" do
+  #   include Consent::Rspec
+  #   let(:user) { double(department_id: 15) }
+  #
+  #   it do
+  #     is_expected.to consent_view(:department, department_id: 15).to(user)
+  #   end
+  #   it { is_expected.to consent_action(:read) }
+  #   it { is_expected.to consent_action(:update).with_views(:department) }
+  # end
+  #
+  # Find more examples at:
+  # https://github.com/powerhome/consent
   module Rspec
     extend RSpec::Matchers::DSL
 
@@ -11,17 +38,25 @@ module Consent
 
       match do |subject_key|
         action = Consent.find_action(subject_key, action_key)
-        action && @views ? action.view_keys.sort.eql?(@views.sort) : !action.nil?
+        if action && @views
+          values_match?(action.view_keys.sort, @views.sort)
+        else
+          !action.nil?
+        end
       end
 
       failure_message do |subject_key|
         action = Consent.find_action(subject_key, action_key)
-        message = "expected %s (%s) to provide action %s" % [
-          subject_key.to_s, subject.class, action_key
-        ]
+        message = format(
+          'expected %<skey>s (%<sclass>s) to provide action %<action>s',
+          skey: subject_key.to_s, sclass: subject.class, action: action_key
+        )
 
         if action && @views
-          '%s with views %s, but actual views are %p' % [message, @views, action.view_keys]
+          format(
+            '%<message>s with views %<views>s, but actual views are %<keys>p',
+            message: message, views: @views, keys: action.view_keys
+          )
         else
           message
         end
@@ -35,21 +70,36 @@ module Consent
 
       match do |subject_key|
         view = Consent.find_view(subject_key, view_key)
-        conditions ? view.try(:conditions, *@context).eql?(conditions) : !view.nil?
+        if conditions
+          view&.conditions(*@context).eql?(conditions)
+        else
+          !view.nil?
+        end
       end
 
       failure_message do |subject_key|
         view = Consent.find_view(subject_key, view_key)
-        message = "expected %s (%s) to provide view %s with %p, but" % [
-          subject_key.to_s, subject.class, view_key, conditions
-        ]
+        message = format(
+          'expected %<skey>s (%<sclass>s) to provide view %<view>s with` \
+          `%<conditions>p, but',
+          skey: subject_key.to_s, sclass: subject.class,
+          view: view_key, conditions: conditions
+        )
 
         if view && conditions
           actual_conditions = view.conditions(*@context)
-          '%s conditions are %p' % [message, actual_conditions]
+          format(
+            '%<message>s conditions are %<conditions>p',
+            message: message, conditions: actual_conditions
+          )
         else
-          actual_views = Consent.find_subjects(subject_key).map(&:views).map(&:keys).flatten
-          '%s available views are %p' % [message, actual_views]
+          actual_views = Consent.find_subjects(subject_key)
+                                .map(&:views)
+                                .map(&:keys).flatten
+          format(
+            '%<message>s available views are %<views>p',
+            message: message, views: actual_views
+          )
         end
       end
     end

data/lib/consent/subject.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Consent
-  class Subject
+  class Subject # :nodoc:
     attr_reader :key, :label, :actions, :views
 
     def initialize(key, label)
@@ -8,14 +10,5 @@ module Consent
       @actions = []
       @views = Consent.default_views.clone
     end
-
-    def permission_key
-      ActiveSupport::Inflector.underscore(@key.to_s).to_sym
-    end
-
-    def view_for(action, key)
-      view = @views.keys & action.view_keys & [key]
-      @views[view.first] || @views[action.default_view]
-    end
   end
 end

data/lib/consent/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Consent
-  VERSION = '0.4.2'.freeze
+  VERSION = '1.0.0'
 end

data/lib/consent/view.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Consent
-  class View
+  class View # :nodoc:
     attr_reader :key, :label
 
     def initialize(key, label, instance = nil, collection = nil)
@@ -11,11 +13,13 @@ module Consent
 
     def conditions(*args)
       return @collection unless @collection.respond_to?(:call)
+
       @collection.call(*args)
     end
 
     def object_conditions(*args)
       return @instance unless @instance.respond_to?(:curry)
+
       @instance.curry[*args]
     end
   end

data/lib/generators/consent/permissions_generator.rb

@@ -1,14 +1,21 @@
+# frozen_string_literal: true
+
 module Consent
-  class PermissionsGenerator < Rails::Generators::NamedBase
-    source_root File.expand_path('../templates', __FILE__)
+  class PermissionsGenerator < Rails::Generators::NamedBase # :nodoc:
+    source_root File.expand_path('templates', __dir__)
     argument :description, type: :string, required: false
 
     def create_permissions
-      template "permissions.rb.erb", "app/permissions/#{file_path}.rb", assigns: {
-        description: description
-      }
+      template(
+        'permissions.rb.erb',
+        "app/permissions/#{file_path}.rb",
+        assigns: { description: description }
+      )
 
-      template "permissions_spec.rb.erb", "spec/permissions/#{file_path}_spec.rb"
+      template(
+        'permissions_spec.rb.erb',
+        "spec/permissions/#{file_path}_spec.rb"
+      )
     end
   end
 end

data/renovate.json

@@ -0,0 +1,5 @@
+{
+  "extends": [
+    "config:base"
+  ]
+}

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: consent
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 1.0.0
 platform: ruby
 authors:
 - Carlos Palhares
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-28 00:00:00.000000000 Z
+date: 2021-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.1.11
+        version: 1.17.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.1.11
+        version: 1.17.3
 - !ruby/object:Gem::Dependency
   name: cancancan
   requirement: !ruby/object:Gem::Requirement
@@ -39,47 +39,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 1.15.0
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.17.3
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.17.3
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 0.65.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 0.65.0
 description: Consent
 email:
 - chjunior@gmail.com
@@ -89,9 +89,12 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".ruby-version"
 - ".travis.yml"
 - Gemfile
+- LICENSE
 - README.md
 - Rakefile
 - TODO.md
@@ -103,8 +106,8 @@ files:
 - lib/consent/action.rb
 - lib/consent/dsl.rb
 - lib/consent/permission.rb
-- lib/consent/permissions.rb
 - lib/consent/railtie.rb
+- lib/consent/reloader.rb
 - lib/consent/rspec.rb
 - lib/consent/subject.rb
 - lib/consent/version.rb
@@ -112,8 +115,10 @@ files:
 - lib/generators/consent/permissions_generator.rb
 - lib/generators/consent/templates/permissions.rb.erb
 - lib/generators/consent/templates/permissions_spec.rb.erb
+- renovate.json
 homepage: 
-licenses: []
+licenses:
+- MIT
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -130,8 +135,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.3
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Consent

data/lib/consent/permissions.rb

@@ -1,37 +0,0 @@
-module Consent
-  class Permissions
-    include Enumerable
-
-    def initialize(permissions)
-      @permissions = permissions
-    end
-
-    def each(&block)
-      Consent.subjects.each do |subject|
-        subject.actions.map do |action|
-          map_permission subject, action
-        end.compact.each(&block)
-      end
-    end
-
-    private
-
-    def map_permission(subject, action)
-      subject_key = subject.permission_key
-      actions = @permissions[subject_key] || @permissions[subject_key.to_s]
-      view = actions && (actions[action.key] || actions[action.key.to_s])
-      full(subject, action, view) || partial(subject, action, view)
-    end
-
-    def full(subject, action, view_key)
-      return unless Consent::FULL_ACCESS.include?(view_key.to_s.strip)
-      Permission.new(subject, action)
-    end
-
-    def partial(subject, action, view_key)
-      view = subject.view_for(action, view_key.to_s.to_sym)
-      return if view.nil?
-      Permission.new(subject, action, view)
-    end
-  end
-end