copper 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4c57e369367d36662be3a0317e3ee6cabc8c238f
+  data.tar.gz: ba75d48b50adffbaf75a0504da75de196a135ca2
+SHA512:
+  metadata.gz: 09ba2b239b044fbd225fa29474059127d0bd670f8325cfc6c3c458900bd5dcb86b746c22d297208d56238205bfa208fa19d5330e9bf2e0119dcf675a90e49f83
+  data.tar.gz: 0bbe1ffa142e1cc39fe3c9344f8877e9aedd99171bfc7f1e5fdc78e430b8d777c63cd19021acc91f6c6af7955948935bc3463fdf7ef1ec3d280484da9097943e

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in copper.gemspec
+gemspec
+
+gem 'byebug'

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 John D'Agostino
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,81 @@
+# Copper
+
+User Permissions and Policies. Named after the aussie word for police officer (https://www.youtube.com/watch?v=tKNOgX-u8ao)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'copper'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install copper
+
+## Permission module and Policies
+
+Cancancan provides an Ability class to control permissions but it is limited in its ability to define
+more specific controls around certain permissions. So we introduce the Permission module and Policies.
+
+You can create your own Permission class (say an ActiveRecord model) which stores permissions (specifically
+the `object_type` and `action_name`.
+
+For example:
+
+    class Permission < ActiveRecord::Base
+      include Copper::Permission
+    end
+
+    Permission.create(
+      object_type: 'User',
+      action_name: 'manage',
+      description: 'Allow management of users'
+    )
+
+Modify your cancancan Ability class as follows (or similar, the key is applying the permissions to the ability):
+
+    def initialize(user)
+      if user.is_admin?
+        can :manage, :all
+      else
+        user.permissions.each do |permission|
+          permission.apply_to(self)
+        end
+      end
+    end
+
+From here everything will work as normal, BUT lets say you want to limit the managing of users to a certain group.
+You could create a policy:
+
+    class UserPolicy
+      def initialize(ability)
+        @ability = ability
+      end
+
+      def apply!
+        @ability.can(:manage, User, group_id: groups.pluck(:id))
+      end
+
+      def groups
+        @ability.user.groups
+      end
+    end
+
+This policy is called a Type Policy as it applies to any action taken on that Type. You can also define Action Policies
+which will overide the type policy for the given action.
+
+    class DestroyUserPolicy
+      # ...destroy specific logic
+    end
+
+## Contributing
+
+1. Fork it ( http://github.com/jobready/copper/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/copper.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'copper/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "copper"
+  spec.version       = Copper::VERSION
+  spec.authors       = ["John D'Agostino", "Dan Draper"]
+  spec.email         = ["john.dagostino@gmail.com", "dan@codercan.co"]
+  spec.summary       = %q{Roles / Permissions / User switching for Rails}
+  spec.description   = %q{Roles, Permissions, User switching}
+  spec.homepage      = "http://github.com/jobready/copper"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "activesupport", ">= 4.0"
+end

data/lib/copper.rb

@@ -0,0 +1,6 @@
+require 'active_support/core_ext/string'
+require "copper/version"
+require "copper/permission"
+
+module Copper
+end

data/lib/copper/permission.rb

@@ -0,0 +1,48 @@
+module Copper::Permission
+  
+  class Naming
+    def self.action_class_name(type, action)
+      [action.camelize, type, 'Policy'].join
+    end
+
+    def self.class_name(type)
+      [type, 'Policy'].join
+    end
+  end
+
+  # @return true if there is a Policy class specific to the action available to complement the permission
+  def has_action_policy?
+    self.class.const_defined?(Naming.action_class_name(object_type, action_name))
+  end
+
+  # @return true if there is a Policy class for the type available to complement the permission
+  def has_type_policy?
+    self.class.const_defined?(Naming.class_name(object_type))
+  end
+
+  # The Policy class for the specific action if one is present
+  # @raise NameError if none present
+  def policy_action_class
+    Naming.action_class_name(object_type, action_name).constantize
+  end
+
+  # The Policy class for the type if one is present
+  # (Only used if there is no specific action class)
+  # @raise NameError if none present
+  def policy_type_class
+    Naming.class_name(object_type).constantize
+  end
+
+  # Apply this permission to the ability, directly via cancan
+  # or via the Policy object if one is available
+  #
+  def apply_to(ability)
+    if has_action_policy?
+      policy_action_class.new(ability).apply!
+    elsif has_type_policy?
+      policy_type_class.new(ability).apply!
+    else
+      ability.can(action_name.to_sym, object_type.constantize)
+    end
+  end
+end

data/lib/copper/version.rb

@@ -0,0 +1,3 @@
+module Copper
+  VERSION = "0.1.1"
+end

data/lib/generators/copper/copper.rb

@@ -0,0 +1,32 @@
+module Conpper
+  module Generators
+    class CopperGenerator < Rails::Generators::NamedBase
+      Rails::Generators::ResourceHelpers
+
+      source_root File.expand_path('../templates', __FILE__)
+      argument :user_cname, :type => :string, :default => "User"
+
+      namespace :copper
+      hook_for :orm, :required => true
+
+      desc "Generates a model with the given NAME and a migration file."
+
+      def self.start(args, config)
+        user_cname = args.size > 1 ? args[1] : "User"
+        args.insert(1, user_cname) # 0 being the view name
+        super
+      end
+
+      def inject_user_class
+        invoke "copper:user", [ user_cname, class_name ], :orm => options.orm
+      end
+
+      def show_readme
+        if behavior == :invoke
+          readme "README"
+        end
+      end
+    end
+  end
+end
+

data/lib/generators/copper/templates/permission.rb

@@ -0,0 +1,4 @@
+class Permission < ActiveRecord::Base
+  include Copper::Permission
+end
+

data/spec/copper/permission_spec.rb

@@ -0,0 +1,113 @@
+require 'spec_helper'
+
+describe Copper::Permission do
+  class ManageUserPolicy; end
+  class DeleteTaskPolicy; end
+  class TaskPolicy; end
+
+  class Permission
+    include Copper::Permission
+  end
+
+  let(:permission) { Permission.new }
+
+  describe 'has_action_policy?' do
+
+    describe 'where there is only a policy for one action on the object' do
+      context 'for the specific action' do
+        before do
+          allow(permission).to receive(:action_name).and_return('manage')
+          allow(permission).to receive(:object_type).and_return('User')
+        end
+
+        specify 'that there is a policy available' do
+          expect(permission).to have_action_policy
+        end
+      end
+
+      context 'for any other action' do
+        before do
+          allow(permission).to receive(:action_name).and_return('create')
+          allow(permission).to receive(:object_type).and_return('User')
+        end
+
+        specify 'that there is NO policy available' do
+          expect(permission).to_not have_action_policy
+        end
+      end
+    end
+  end
+
+  describe 'has_type_policy?' do
+    describe 'when there is a fallback policy' do
+      context 'for any action' do
+        before do
+          allow(permission).to receive(:action_name).and_return('create')
+          allow(permission).to receive(:object_type).and_return('Task')
+        end
+
+        specify 'that there is a policy available' do
+          expect(permission).to have_type_policy
+        end
+      end
+    end
+  end
+
+  describe '#apply_to' do
+    let(:action_class)    { double(:action_class) }
+    let(:type_class)      { double(:type_class) }
+    let(:action_instance) { double(:action_instance) }
+    let(:type_instance)   { double(:type_instance) }
+    let(:ability)         { double(:ability) }
+
+    before do
+      allow(permission).to receive(:policy_action_class).and_return(action_class)
+      allow(permission).to receive(:policy_type_class).and_return(type_class)
+    end
+
+    context 'the permission has an action policy' do
+      before do
+        allow(permission).to receive(:has_action_policy?).and_return(true)
+      end
+
+      specify do
+        expect(action_class).to receive(:new).with(ability).and_return(action_instance)
+        expect(action_instance).to receive(:apply!)
+        expect(type_class).to_not receive(:new)
+        expect(ability).to_not receive(:can)
+        permission.apply_to(ability)
+      end
+    end
+
+    context 'the permission has a type policy' do
+      before do
+        allow(permission).to receive(:has_action_policy?).and_return(false)
+        allow(permission).to receive(:has_type_policy?).and_return(true)
+      end
+
+      specify do
+        expect(action_class).to_not receive(:new)
+        expect(type_class).to receive(:new).with(ability).and_return(type_instance)
+        expect(type_instance).to receive(:apply!)
+        expect(ability).to_not receive(:can)
+        permission.apply_to(ability)
+      end
+    end
+
+    context 'the permission has no policies defined' do
+      before do
+        allow(permission).to receive(:has_action_policy?).and_return(false)
+        allow(permission).to receive(:has_type_policy?).and_return(false)
+        allow(permission).to receive(:action_name).and_return('action')
+        allow(permission).to receive(:object_type).and_return('Object')
+      end
+
+      specify do
+        expect(action_class).to_not receive(:new)
+        expect(type_class).to_not receive(:new)
+        expect(ability).to receive(:can).with(:action, Object)
+        permission.apply_to(ability)
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,81 @@
+require 'byebug'
+require File.dirname(__FILE__) + '/../lib/copper'
+
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause this
+# file to always be loaded, without a need to explicitly require it in any files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, make a
+# separate helper file that requires this one and then use it only in the specs
+# that actually need it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+# The settings below are suggested to provide a good initial experience
+# with RSpec, but feel free to customize to your heart's content.
+=begin
+  # These two settings work together to allow you to limit a spec run
+  # to individual examples or groups you care about by tagging them with
+  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
+  # get run.
+  config.filter_run :focus
+  config.run_all_when_everything_filtered = true
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # Enable only the newer, non-monkey-patching expect syntax.
+    # For more details, see:
+    #   - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
+    expectations.syntax = :expect
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Enable only the newer, non-monkey-patching expect syntax.
+    # For more details, see:
+    #   - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+    mocks.syntax = :expect
+
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended.
+    mocks.verify_partial_doubles = true
+  end
+=end
+end

metadata

@@ -0,0 +1,117 @@
+--- !ruby/object:Gem::Specification
+name: copper
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- John D'Agostino
+- Dan Draper
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-08-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+description: Roles, Permissions, User switching
+email:
+- john.dagostino@gmail.com
+- dan@codercan.co
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- copper.gemspec
+- lib/copper.rb
+- lib/copper/permission.rb
+- lib/copper/version.rb
+- lib/generators/copper/copper.rb
+- lib/generators/copper/templates/permission.rb
+- spec/copper/permission_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/jobready/copper
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Roles / Permissions / User switching for Rails
+test_files:
+- spec/copper/permission_spec.rb
+- spec/spec_helper.rb