credentials 1.0.1 → 2.0.0

data/.gitignore

@@ -0,0 +1,2 @@
+credentials-*.gem
+coverage

data/Rakefile

@@ -1,20 +1 @@
-require 'rake'
-require 'spec/rake/spectask'
-require 'rcov/rcovtask'
-
-desc 'Default: run specs.'
-task :default => :spec
-
-desc 'Run the specs'
-Spec::Rake::SpecTask.new(:spec) do |t|
-  t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
-  t.spec_files = FileList['spec/**/*_spec.rb']
-end
-
-desc 'Output test coverage of plugin.'
-Rcov::RcovTask.new(:rcov) do |rcov|
-  rcov.pattern    = 'spec/**/*_spec.rb'
-  rcov.output_dir = 'rcov'
-  rcov.verbose    = true
-  rcov.rcov_opts << '--exclude "test_app/config/*"'
-end
+Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].sort.each { |ext| load ext }

data/VERSION

@@ -0,0 +1 @@
+2.0.0

data/credentials.gemspec

@@ -0,0 +1,69 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{credentials}
+  s.version = "2.0.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Matt Powell"]
+  s.date = %q{2009-11-11}
+  s.description = %q{A generic actor/resource permission framework based on rules, not objects.}
+  s.email = %q{fauxparse@gmail.com.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.rdoc"
+  ]
+  s.files = [
+    ".gitignore",
+     "History.txt",
+     "LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "credentials.gemspec",
+     "init.rb",
+     "install.rb",
+     "lib/credentials.rb",
+     "lib/credentials/allow_rule.rb",
+     "lib/credentials/deny_rule.rb",
+     "lib/credentials/object_extensions.rb",
+     "lib/credentials/rule.rb",
+     "lib/credentials/rulebook.rb",
+     "spec/.gitignore",
+     "spec/credentials_spec.rb",
+     "spec/domain.rb",
+     "spec/rule_spec.rb",
+     "spec/rulebook_spec.rb",
+     "spec/spec_helper.rb",
+     "tasks/gems.rake",
+     "tasks/spec.rake",
+     "tasks/stats.rake",
+     "uninstall.rb"
+  ]
+  s.homepage = %q{http://github.com/fauxparse/credentials}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{A generic actor/resource permission framework based on rules, not objects.}
+  s.test_files = [
+    "spec/credentials_spec.rb",
+     "spec/domain.rb",
+     "spec/rule_spec.rb",
+     "spec/rulebook_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end
+

data/lib/credentials/allow_rule.rb

@@ -0,0 +1,7 @@
+module Credentials
+  class AllowRule < Rule
+    def allow?(*args)
+      self.match?(*args)
+    end
+  end
+end

data/lib/credentials/deny_rule.rb

@@ -0,0 +1,7 @@
+module Credentials
+  class DenyRule < Rule
+    def deny?(*args)
+      self.match?(*args)
+    end
+  end
+end

data/lib/credentials/object_extensions.rb

@@ -0,0 +1,38 @@
+module Credentials
+  module ObjectExtensions #:nodoc
+    module ClassMethods
+      def credentials(options = nil)
+        @credentials ||= Credentials::Rulebook.new(self)
+        if block_given?
+          @credentials.options.merge!(options) unless options.nil?
+          yield @credentials
+        else
+          raise ArgumentError, "you can only set options with a block" unless options.nil?
+        end
+        @credentials
+      end
+      
+      def inherited_with_credentials(child_class) #:nodoc
+        inherited_without_credentials(child_class) if child_class.respond_to? :inherited_without_credentials
+        child_class.instance_variable_set("@credentials", Rulebook.for(child_class))
+      end
+    end
+    
+    module InstanceMethods
+      def can?(*args)
+        self.class.credentials.allow? self, *args
+      end
+      alias_method :able_to?, :can?
+    end
+    
+    def self.included(receiver) #:nodoc
+      receiver.extend         ClassMethods
+      receiver.send :include, InstanceMethods
+      
+      class << receiver
+        alias_method :inherited_without_credentials, :inherited if respond_to? :inherited
+        alias_method :inherited, :inherited_with_credentials
+      end
+    end
+  end
+end

data/lib/credentials/rule.rb

@@ -0,0 +1,44 @@
+module Credentials
+  class Rule
+    attr_accessor :parameters
+    attr_accessor :options
+    
+    def initialize(*args)
+      self.options = args.last.is_a?(Hash) ? args.pop : {}
+      self.parameters = args
+    end
+    
+    def arity
+      parameters.length
+    end
+    
+    def match?(*args)
+      return false unless arity == args.length
+      
+      parameters.zip(args).each do |expected, actual|
+        return false unless expected === actual
+      end
+      result = true
+      result = result && evaluate_condition(options[:if], :|, *args) unless options[:if].nil?
+      result = result && !evaluate_condition(options[:unless], :&, *args) unless options[:unless].nil?
+      result
+    end
+    
+    def evaluate_condition(conditions, op, *args)
+      receiver = args.shift
+      args.reject! { |arg| arg.is_a? Symbol }
+      Array(conditions).inject(op == :| ? false : true) do |memo, condition|
+        memo = memo.send op, case condition
+        when Symbol
+          return false unless receiver.respond_to? condition
+          !!receiver.send(condition, *args[0, receiver.method(condition).arity])
+        when Proc
+          raise ArgumentError, "wrong number of arguments to condition (#{args.size} to #{condition.arity})" unless args.size + 1 == condition.arity
+          !!condition.call(receiver, *args)
+        else
+          raise ArgumentError, "invalid :if or :unless option (expected Symbol or Proc, or array thereof; got #{condition.class})"
+        end
+      end
+    end
+  end
+end

data/lib/credentials/rulebook.rb

@@ -1,27 +1,64 @@
+require "credentials/rule"
+require "credentials/allow_rule"
+require "credentials/deny_rule"
+
 module Credentials
   class Rulebook
-    attr_reader :rules
+    attr_accessor :klass
+    attr_accessor :options
+    attr_accessor :rules
     
-    def initialize(klass, rules = [])
-      @rules = rules
-      @klass = klass
+    DEFAULT_OPTIONS = {
+      :default => :deny
+    }.freeze
+    
+    def initialize(klass)
+      self.klass = klass
+      @rules = []
+      @options = {}
+    end
+
+    def self.for(klass)
+      rulebook = new(klass)
+      if superclass && superclass.respond_to?(:credentials)
+        rulebook.rules = superclass.credentials.rules.dup
+      end
+      rulebook
+    end
+
+    def empty?
+      rules.empty?
+    end
+    
+    def can(*args)
+      self.rules << AllowRule.new(klass, *args)
     end
     
-    def can(verb, *args)
-      @rules << Credentials::Rules::Can.new(@klass, verb, *args)
+    def cannot(*args)
+      self.rules << DenyRule.new(klass, *args)
     end
     
-    def cannot(verb, *args)
-      @rules << Credentials::Rules::Cannot.new(@klass, verb, *args)
+    def default
+      options[:default] && options[:default].to_sym
     end
     
-    def can?(actor, verb, *args)
-      result = @klass.credential_options[:allow_by_default] || false
-      @rules.each do |rule|
-        result = true if rule.allow?(actor, verb, *args)
-        result = false if rule.deny?(actor, verb, *args)
+    def allow?(*args)
+      allowed = allow_rules.inject(false) { |memo, rule| memo || rule.allow?(*args) }
+      denied = deny_rules.inject(false) { |memo, rule| memo || rule.deny?(*args) }
+      
+      if default == :allow
+        allowed or !denied
+      else
+        allowed and !denied
       end
-      result
+    end
+    
+    def allow_rules
+      rules.select { |rule| rule.respond_to? :allow? }
+    end
+    
+    def deny_rules
+      rules.select { |rule| rule.respond_to? :deny? }
     end
   end
-end
+end

data/lib/credentials.rb

@@ -1,9 +1,4 @@
-require "credentials/actor"
 require "credentials/rulebook"
-require "credentials/class_methods"
-require "credentials/inflector"
-require "credentials/rules/rule"
-Dir.glob(File.dirname(__FILE__) + "/credentials/rules/*.rb").each { |f| require f }
-Dir.glob(File.dirname(__FILE__) + "/credentials/support/*.rb").each { |f| require f } unless defined?(ActiveSupport)
+require "credentials/object_extensions"
 
-Object.send :extend, Credentials::ClassMethods
+Object.send :include, Credentials::ObjectExtensions

data/spec/credentials_spec.rb

@@ -0,0 +1,99 @@
+require File.dirname(__FILE__) + '/spec_helper'
+require "time"
+
+describe Animal do
+  before :each do
+    @sheep = Animal.new("Sheep")
+    @cow = Animal.new("Cow")
+  end
+
+  it "should not be able to eat other animals" do
+    @sheep.should_not be_able_to :eat, @cow
+  end
+  
+  it "shouldn't be able to do anything without explicit permission" do
+    @cow.should_not be_able_to :jump, "Moon"
+  end
+end
+
+describe Carnivore do
+  before :each do
+    @antelope = Prey.new("Antelope")
+    @toucan = Bird.new("Toucan")
+  end
+  
+  describe "(lazy)" do
+    before :each do
+      @lion = Carnivore.new("Lion")
+    end
+
+    it "should not be able to eat another animal" do
+      @lion.should_not be_able_to :eat, @antelope
+    end
+  end
+  
+  describe "(hungry)" do
+    before :each do
+      @lion = Carnivore.new("Lion", true)
+    end
+
+    it "should be able to eat another animal" do
+      @lion.should be_able_to :eat, @antelope
+    end
+    
+    it "should not be able to eat a bird" do
+      @lion.should_not be_able_to :eat, @toucan
+    end
+  end
+  
+  describe "(fast)" do
+    before :each do
+      @lion = Carnivore.new("Lion", false, true)
+    end
+
+    it "should not be able to eat another animal" do
+      @lion.should_not be_able_to :eat, @antelope
+    end
+    
+    it "should not be able to eat a bird" do
+      @lion.should_not be_able_to :eat, @toucan
+    end
+  end
+  
+  describe "(hungry AND fast)" do
+    before :each do
+      @lion = Carnivore.new("Lion", true, true)
+    end
+
+    it "should be able to eat another animal" do
+      @lion.should be_able_to :eat, @antelope
+    end
+    
+    it "should be able to eat a bird" do
+      @lion.should be_able_to :eat, @toucan
+    end
+  end
+end
+
+describe Man do
+  before :each do
+    @man = Man.new
+  end
+  
+  it "should be able to do anything it wants" do
+    @man.should be_able_to :do_a_cartwheel
+    @man.should be_able_to :eat, "ice cream"
+    @man.should be_able_to :stay, :up, :past, Time.parse("10:00")
+  end
+end
+
+describe WhiteMan do
+  before :each do
+    @white_man = WhiteMan.new
+  end
+  
+  it "can't jump (sorry)" do
+    @white_man.should_not be_able_to :jump
+  end
+end
+

data/spec/domain.rb

@@ -0,0 +1,46 @@
+class Animal < Struct.new(:species, :hungry, :fast)
+  credentials do |animal|
+  end
+  
+  def edible?
+    false
+  end
+  
+  def hungry?
+    !!hungry
+  end
+  
+  def fast?
+    !!fast
+  end
+  
+  alias :to_s :species
+end
+
+class Prey < Animal
+  def edible?; true; end
+end
+
+class Bird < Prey
+  
+end
+
+class Carnivore < Animal
+  credentials do |carnivore|
+    carnivore.can :eat, Animal, :if => lambda { |predator, prey| prey.edible? }
+    carnivore.cannot :eat, Animal, :unless => :hungry?
+    carnivore.cannot :eat, Bird, :unless => [ :hungry?, :fast? ]
+  end
+end
+
+class Man < Animal
+  credentials :default => :allow do |man|
+
+  end
+end
+
+class WhiteMan < Man
+  credentials :default => :allow do |white_man|
+    white_man.cannot :jump
+  end
+end

data/spec/rule_spec.rb

@@ -0,0 +1,43 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Credentials::AllowRule do
+  it "should have the correct arity" do
+    Credentials::AllowRule.new(Animal, :jump).arity.should == 2
+  end
+  
+  it "should match the simple case" do
+    antelope = Prey.new("antelope")
+    Credentials::AllowRule.new(Animal, :jump).allow?(antelope, :jump).should == true
+  end
+  
+  it "should match the subject, verb, object case" do
+    antelope = Prey.new("antelope")
+    lion = Carnivore.new("lion")
+    Credentials::AllowRule.new(Carnivore, :eat, Prey).allow?(lion, :eat, antelope).should == true
+  end
+  
+  it "should throw an error when it gets bad arguments" do
+    lambda {
+      lion = Carnivore.new("lion")
+      rule = Credentials::AllowRule.new(Animal, :jump, :if => Date.civil(2010, 4, 1))
+      rule.match?(lion, :jump)
+    }.should raise_error(ArgumentError)
+  end
+end
+
+describe Credentials::DenyRule do
+  it "should have the correct arity" do
+    Credentials::DenyRule.new(Animal, :jump).arity.should == 2
+  end
+  
+  it "should match the simple case" do
+    elephant = Prey.new("elephant")
+    Credentials::DenyRule.new(Animal, :jump).deny?(elephant, :jump).should == true
+  end
+  
+  it "should match the subject, verb, object case" do
+    antelope = Prey.new("antelope")
+    lion = Carnivore.new("lion")
+    Credentials::DenyRule.new(Carnivore, :eat, Prey).deny?(lion, :eat, antelope).should == true
+  end
+end

data/spec/rulebook_spec.rb

@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Credentials::Rulebook do
+  it "should duplicate on inheritance" do
+    Animal.credentials.should_not == Carnivore.credentials
+    Animal.credentials.rules.should_not == Carnivore.credentials.rules
+    Animal.credentials.should be_empty
+    Carnivore.credentials.should_not be_empty
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,5 @@
+$: << File.dirname(__FILE__) + "/../lib"
+require "credentials"
+require "spec"
+
+require File.join(File.dirname(__FILE__), "domain.rb")

data/tasks/gems.rake

@@ -0,0 +1,17 @@
+require 'rubygems'  
+require 'rake'  
+  
+begin  
+  require 'jeweler'  
+  Jeweler::Tasks.new do |gemspec|  
+    gemspec.name = "credentials"  
+    gemspec.summary = "A generic actor/resource permission framework based on rules, not objects."  
+    gemspec.description = "A generic actor/resource permission framework based on rules, not objects."  
+    gemspec.email = "fauxparse@gmail.com.com"  
+    gemspec.homepage = "http://github.com/fauxparse/credentials"  
+    gemspec.authors = ["Matt Powell"]  
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError  
+  puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"  
+end  

data/tasks/spec.rake

@@ -0,0 +1,45 @@
+# Don't load rspec if running "rake gems:*"
+unless ARGV.any? {|a| a =~ /^gems/}
+
+begin
+  require 'spec/rake/spectask'
+rescue MissingSourceFile
+  module Spec
+    module Rake
+      class SpecTask
+        def initialize(name)
+          task name do
+            raise <<-MSG
+
+#{"*" * 80}
+*  You are trying to run an rspec rake task defined in
+*  #{__FILE__},
+*  but rspec cannot be found.
+#{"*" * 80}
+MSG
+          end
+        end
+      end
+    end
+  end
+end
+
+task :default => :spec
+
+desc "Run all specs in spec directory (excluding plugin specs)"
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
+  t.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+namespace :spec do
+  desc "Run all specs in spec directory with RCov"
+  Spec::Rake::SpecTask.new(:rcov) do |t|
+    t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
+    t.spec_files = FileList['spec/**/*_spec.rb']
+    t.rcov = true
+    t.rcov_opts = ['--text-report --exclude "spec/*"']
+  end
+end
+
+end

data/tasks/stats.rake

@@ -0,0 +1,117 @@
+STATS_DIRECTORIES = [
+  %w(Libraries lib/),
+  %w(Specs     spec)
+].collect { |name, dir| [ name, File.dirname(__FILE__) + "/../#{dir}" ] }.select { |name, dir| File.directory?(dir) }
+
+desc "Report code statistics (KLOCs, etc) from the plugin"
+task :stats do
+  CodeStatistics.new(*STATS_DIRECTORIES).to_s
+end
+
+class CodeStatistics #:nodoc:
+
+  TEST_TYPES = %w(Units Functionals Unit\ tests Functional\ tests Integration\ tests Specs)
+
+  def initialize(*pairs)
+    @pairs      = pairs
+    @statistics = calculate_statistics
+    @total      = calculate_total if pairs.length > 1
+  end
+
+  def to_s
+    print_header
+    @pairs.each { |pair| print_line(pair.first, @statistics[pair.first]) }
+    print_splitter
+  
+    if @total
+      print_line("Total", @total)
+      print_splitter
+    end
+
+    print_code_test_stats
+  end
+
+private
+  def calculate_statistics
+    @pairs.inject({}) { |stats, pair| stats[pair.first] = calculate_directory_statistics(pair.last); stats }
+  end
+
+  def calculate_directory_statistics(directory, pattern = /.*\.rb$/)
+    stats = { "lines" => 0, "codelines" => 0, "classes" => 0, "methods" => 0 }
+
+    Dir.foreach(directory) do |file_name| 
+      if File.stat(directory + "/" + file_name).directory? and (/^\./ !~ file_name)
+        newstats = calculate_directory_statistics(directory + "/" + file_name, pattern)
+        stats.each { |k, v| stats[k] += newstats[k] }
+      end
+
+      next unless file_name =~ pattern
+
+      f = File.open(directory + "/" + file_name)
+
+      while line = f.gets
+        stats["lines"]     += 1
+        stats["classes"]   += 1 if line =~ /class [A-Z]/
+        stats["methods"]   += 1 if line =~ /def [a-z]/
+        stats["codelines"] += 1 unless line =~ /^\s*$/ || line =~ /^\s*#/
+      end
+    end
+
+    stats
+  end
+
+  def calculate_total
+    total = { "lines" => 0, "codelines" => 0, "classes" => 0, "methods" => 0 }
+    @statistics.each_value { |pair| pair.each { |k, v| total[k] += v } }
+    total
+  end
+
+  def calculate_code
+    code_loc = 0
+    @statistics.each { |k, v| code_loc += v['codelines'] unless TEST_TYPES.include? k }
+    code_loc
+  end
+
+  def calculate_tests
+    test_loc = 0
+    @statistics.each { |k, v| test_loc += v['codelines'] if TEST_TYPES.include? k }
+    test_loc
+  end
+
+  def print_header
+    print_splitter
+    puts "| Name                 | Lines |   LOC | Classes | Methods | M/C | LOC/M |"
+    print_splitter
+  end
+
+  def print_splitter
+    puts "+----------------------+-------+-------+---------+---------+-----+-------+"
+  end
+
+  def print_line(name, statistics)
+    m_over_c   = (statistics["methods"] / statistics["classes"])   rescue m_over_c = 0
+    loc_over_m = (statistics["codelines"] / statistics["methods"]) - 2 rescue loc_over_m = 0
+
+    start = if TEST_TYPES.include? name
+      "| #{name.ljust(20)} "
+    else
+      "| #{name.ljust(20)} " 
+    end
+
+    puts start + 
+         "| #{statistics["lines"].to_s.rjust(5)} " +
+         "| #{statistics["codelines"].to_s.rjust(5)} " +
+         "| #{statistics["classes"].to_s.rjust(7)} " +
+         "| #{statistics["methods"].to_s.rjust(7)} " +
+         "| #{m_over_c.to_s.rjust(3)} " +
+         "| #{loc_over_m.to_s.rjust(5)} |"
+  end
+
+  def print_code_test_stats
+    code  = calculate_code
+    tests = calculate_tests
+
+    puts "  Code LOC: #{code}     Test LOC: #{tests}     Code to Test Ratio: 1:#{sprintf("%.1f", tests.to_f/code)}"
+    puts ""
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: credentials
 version: !ruby/object:Gem::Version 
-  version: 1.0.1
+  version: 2.0.0
 platform: ruby
 authors: 
 - Matt Powell
@@ -9,36 +9,44 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-04-23 00:00:00 +12:00
+date: 2009-11-11 00:00:00 +13:00
 default_executable: 
 dependencies: []
 
-description: Credentials is a generic actor/resource permission framework based on rules, not objects.
-email: fauxparse@gmail.com
+description: A generic actor/resource permission framework based on rules, not objects.
+email: fauxparse@gmail.com.com
 executables: []
 
 extensions: []
 
-extra_rdoc_files: []
-
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
 files: 
-- generators/credentials/credentials_generator.rb
-- generators/credentials/USAGE
+- .gitignore
 - History.txt
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- credentials.gemspec
 - init.rb
 - install.rb
-- lib/credentials/actor.rb
-- lib/credentials/class_methods.rb
-- lib/credentials/inflector.rb
-- lib/credentials/rulebook.rb
-- lib/credentials/rules/can.rb
-- lib/credentials/rules/cannot.rb
-- lib/credentials/rules/rule.rb
 - lib/credentials.rb
-- LICENSE
-- Manifest.txt
-- Rakefile
-- README.rdoc
+- lib/credentials/allow_rule.rb
+- lib/credentials/deny_rule.rb
+- lib/credentials/object_extensions.rb
+- lib/credentials/rule.rb
+- lib/credentials/rulebook.rb
+- spec/.gitignore
+- spec/credentials_spec.rb
+- spec/domain.rb
+- spec/rule_spec.rb
+- spec/rulebook_spec.rb
+- spec/spec_helper.rb
+- tasks/gems.rake
+- tasks/spec.rake
+- tasks/stats.rake
 - uninstall.rb
 has_rdoc: true
 homepage: http://github.com/fauxparse/credentials
@@ -46,7 +54,6 @@ licenses: []
 
 post_install_message: 
 rdoc_options: 
-- --inline-source
 - --charset=UTF-8
 require_paths: 
 - lib
@@ -64,10 +71,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   version: 
 requirements: []
 
-rubyforge_project: credentials
+rubyforge_project: 
 rubygems_version: 1.3.5
 signing_key: 
 specification_version: 3
-summary: Credentials is a generic actor/resource permission framework based on rules, not objects.
-test_files: []
-
+summary: A generic actor/resource permission framework based on rules, not objects.
+test_files: 
+- spec/credentials_spec.rb
+- spec/domain.rb
+- spec/rule_spec.rb
+- spec/rulebook_spec.rb
+- spec/spec_helper.rb

data/Manifest.txt

@@ -1,107 +0,0 @@
-credentials.gemspec
-generators/credentials/credentials_generator.rb
-generators/credentials/USAGE
-History.txt
-init.rb
-install.rb
-lib/credentials/actor.rb
-lib/credentials/class_methods.rb
-lib/credentials/inflector.rb
-lib/credentials/rulebook.rb
-lib/credentials/rules/can.rb
-lib/credentials/rules/cannot.rb
-lib/credentials/rules/rule.rb
-lib/credentials.rb
-LICENSE
-Manifest.txt
-Rakefile
-README.rdoc
-uninstall.rb
-tt@Yavin:credentials[master]$ find . -type f | grep -v ".git"./credentials.gemspec
-generators/credentials/credentials_generator.rb
-generators/credentials/USAGE
-History.txt
-init.rb
-install.rb
-lib/credentials/actor.rb
-lib/credentials/class_methods.rb
-lib/credentials/inflector.rb
-lib/credentials/rulebook.rb
-lib/credentials/rules/can.rb
-lib/credentials/rules/cannot.rb
-lib/credentials/rules/rule.rb
-lib/credentials.rb
-LICENSE
-Manifest.txt
-Rakefile
-README.rdoc
-spec/credentials_spec.rb
-spec/debug.log
-spec/inflector_spec.rb
-spec/spec_helper.rb
-spec/test_app/app/controllers/application.rb
-spec/test_app/app/models/group.rb
-spec/test_app/app/models/headmaster.rb
-spec/test_app/app/models/house.rb
-spec/test_app/app/models/school.rb
-spec/test_app/app/models/student.rb
-spec/test_app/app/models/teacher.rb
-spec/test_app/app/models/user.rb
-spec/test_app/config/boot.rb
-spec/test_app/config/database.yml
-spec/test_app/config/environment.rb
-spec/test_app/config/environments/development.rb
-spec/test_app/config/environments/production.rb
-spec/test_app/config/environments/test.rb
-spec/test_app/config/initializers/inflections.rb
-spec/test_app/config/initializers/mime_types.rb
-spec/test_app/config/initializers/new_rails_defaults.rb
-spec/test_app/config/locales/en.yml
-spec/test_app/config/routes.rb
-spec/test_app/db/development.sqlite3
-spec/test_app/db/migrate/20081128211345_create_users.rb
-spec/test_app/db/migrate/20081128213041_create_groups.rb
-spec/test_app/db/migrate/20081129031929_create_students.rb
-spec/test_app/db/migrate/20081129101832_create_schools.rb
-spec/test_app/db/migrate/20081129105013_create_houses.rb
-spec/test_app/db/schema.rb
-spec/test_app/db/test.sqlite3
-spec/test_app/lib/tasks/rspec.rake
-spec/test_app/log/test.log
-spec/test_app/Rakefile
-spec/test_app/README
-spec/test_app/script/about
-spec/test_app/script/autospec
-spec/test_app/script/console
-spec/test_app/script/dbconsole
-spec/test_app/script/destroy
-spec/test_app/script/generate
-spec/test_app/script/performance/benchmarker
-spec/test_app/script/performance/profiler
-spec/test_app/script/performance/request
-spec/test_app/script/plugin
-spec/test_app/script/process/inspector
-spec/test_app/script/process/reaper
-spec/test_app/script/process/spawner
-spec/test_app/script/runner
-spec/test_app/script/server
-spec/test_app/script/spec
-spec/test_app/script/spec_server
-spec/test_app/spec/fixtures/groups.yml
-spec/test_app/spec/fixtures/houses.yml
-spec/test_app/spec/fixtures/schools.yml
-spec/test_app/spec/fixtures/users.yml
-spec/test_app/spec/models/group_spec.rb
-spec/test_app/spec/models/headmaster_spec.rb
-spec/test_app/spec/models/house_spec.rb
-spec/test_app/spec/models/school_spec.rb
-spec/test_app/spec/models/student_spec.rb
-spec/test_app/spec/models/teacher_spec.rb
-spec/test_app/spec/models/user_spec.rb
-spec/test_app/spec/rcov.opts
-spec/test_app/spec/spec.opts
-spec/test_app/spec/spec_helper.rb
-spec/test_app/stories/all.rb
-spec/test_app/stories/helper.rb
-spec/test_app/vendor/plugins/credentials/init.rb
-uninstall.rb

data/generators/credentials/USAGE

@@ -1,8 +0,0 @@
-Description:
-    Explain the generator
-
-Example:
-    ./script/generate credentials Thing
-
-    This will create:
-        what/will/it/create

data/generators/credentials/credentials_generator.rb

@@ -1,8 +0,0 @@
-class CredentialsGenerator < Rails::Generator::NamedBase
-  def manifest
-    record do |m|
-      # m.directory "lib"
-      # m.template 'README', "README"
-    end
-  end
-end

data/lib/credentials/actor.rb

@@ -1,57 +0,0 @@
-module Credentials
-  module Actor
-    def self.included(base) #:nodoc:
-      base.send :extend, ClassMethods
-    end
-    
-    # Returns true if the receiver has permission to perform the action ‘<tt>verb</tt>’ with the given <tt>args</tt>.
-    def can?(verb, *args)
-      self.class.can?(self, verb, *args)
-    end
-    alias_method :able_to?, :can?
-
-    module ClassMethods
-      # Returns true if the given <tt>actor</tt> has permission to perform the action ‘<tt>verb</tt>’ with the given <tt>args</tt>.
-      def can?(actor, verb, *args)
-        rulebook.can?(actor, verb, *args) ||
-        can_by_association?(actor, verb, *args) ||
-        can_by_actor_group?(actor, verb, *args)
-      end
-      
-      # Returns true if any magic methods give the requested permission.
-      # For example, <tt>by_association?(user, :edit, post)</tt> would try the following (in order):
-      # * <tt>user.is_editor_of?(post)</tt>
-      # * <tt>user.is_editor_for?(post)</tt>
-      # * <tt>user.is_editor_on?(post)</tt>
-      # * <tt>user.is_editor_at?(post)</tt>
-      # * <tt>user.is_editor_in?(post)</tt>
-      # * <tt>post.editor == user</tt>
-      # * <tt>post.editors.include?(user)</tt>
-      def can_by_association?(actor, verb, *args)
-        return false unless args.size == 1
-        noun = verb.to_s.actorize
-        object = args.first
-        %w(of for on at in).each do |prep|
-          return true if actor.respond_to?(method = "is_#{noun}_#{prep}?".to_sym) and actor.send(method, object)
-        end
-        return true if object.respond_to?(method = noun.to_sym) and object.send(method) == actor
-        return true if object.respond_to?(method = noun.pluralize.to_sym) and object.send(method).include?(actor)
-        false
-      end
-      
-      # Returns true if the actor belongs to any groups that have the requested permission.
-      def can_by_actor_group?(actor, verb, *args)
-        groups_for(actor).any? { |group| group.respond_to?(:can?) && group.can?(verb, *args) }
-      end
-
-      # Returns a list of the groups the user belongs to, according to the <tt>:groups</tt> option to <tt>has_credentials</tt>.
-      def groups_for(actor)
-        case true
-        when !credential_options[:groups].blank? then Array(credential_options[:groups]).map(&:to_sym).collect { |g| actor.send(g) }.flatten.uniq
-        when actor.respond_to?(:groups) then actor.groups.flatten.uniq
-        else []
-        end
-      end
-    end
-  end
-end

data/lib/credentials/class_methods.rb

@@ -1,25 +0,0 @@
-module Credentials
-  module ClassMethods
-    # Defines the set of credentials common to members of a class.
-    def credentials(options = {}, &block)
-      unless included_modules.include? Actor
-        class_inheritable_reader :rulebook
-        class_inheritable_reader :credential_options
-        include Actor
-      end
-      write_inheritable_attribute :credential_options, merge_credential_options(read_inheritable_attribute(:credential_options), options)
-      old_rulebook = read_inheritable_attribute(:rulebook)
-      write_inheritable_attribute :rulebook, Rulebook.new(self, old_rulebook ? old_rulebook.rules : [])
-      yield rulebook if block_given?
-    end
-    
-  protected
-    # Merges the set of options inherited from a parent class (if any)
-    def merge_credential_options(a, b)
-      a ||= {}
-      b ||= {}
-      a[:groups] = (Array(a[:groups]) + Array(b.delete(:groups))).uniq if b[:groups]
-      a.merge(b)
-    end
-  end
-end

data/lib/credentials/inflector.rb

@@ -1,133 +0,0 @@
-require "singleton"
-
-module Credentials
-  module Inflector
-    extend self
-    
-    class Inflections
-      include Singleton
-      
-      attr_reader :actors
-
-      def actors
-        @actors ||= []
-      end
-
-      def actor(rule, replacement)
-        actors.insert 0, [ rule, replacement ]
-      end
-      
-      unless defined?(ActiveSupport)
-        attr_reader :plurals, :singulars, :uncountables
-        
-        def initialize
-          @plurals, @singulars, @uncountables = [], [], []
-        end
-        
-        def plurals
-          @plurals ||= []
-        end
-        
-        def plural(rule, replacement)
-          plurals.insert 0, [ rule, replacement ]
-        end
-        def plural(rule, replacement)
-          @uncountables.delete(rule) if rule.is_a?(String)
-          @uncountables.delete(replacement)
-          @plurals.insert(0, [rule, replacement])
-        end
-
-        def singular(rule, replacement)
-          @uncountables.delete(rule) if rule.is_a?(String)
-          @uncountables.delete(replacement)
-          @singulars.insert(0, [rule, replacement])
-        end
-
-        def irregular(singular, plural)
-          @uncountables.delete(singular)
-          @uncountables.delete(plural)
-          if singular[0,1].upcase == plural[0,1].upcase
-            plural(Regexp.new("(#{singular[0,1]})#{singular[1..-1]}$", "i"), '\1' + plural[1..-1])
-            singular(Regexp.new("(#{plural[0,1]})#{plural[1..-1]}$", "i"), '\1' + singular[1..-1])
-          else
-            plural(Regexp.new("#{singular[0,1].upcase}(?i)#{singular[1..-1]}$"), plural[0,1].upcase + plural[1..-1])
-            plural(Regexp.new("#{singular[0,1].downcase}(?i)#{singular[1..-1]}$"), plural[0,1].downcase + plural[1..-1])
-            singular(Regexp.new("#{plural[0,1].upcase}(?i)#{plural[1..-1]}$"), singular[0,1].upcase + singular[1..-1])
-            singular(Regexp.new("#{plural[0,1].downcase}(?i)#{plural[1..-1]}$"), singular[0,1].downcase + singular[1..-1])
-          end
-        end
-
-        def uncountable(*words)
-          (@uncountables << words).flatten!
-        end
-      end
-    end
-    
-    def inflections
-      if block_given?
-        yield Inflections.instance
-      else
-        Inflections.instance
-      end
-    end
-    
-    def actorize(word)
-      result = word.to_s.dup
-      inflections.actors.each { |(rule, replacement)| break if result.gsub!(rule, replacement) } unless result.empty?
-      result
-    end
-    
-    unless defined?(ActiveSupport)
-      def pluralize(word)
-        result = word.to_s.dup
-
-        if word.empty? || inflections.uncountables.include?(result.downcase)
-          result
-        else
-          inflections.plurals.each { |(rule, replacement)| break if result.gsub!(rule, replacement) }
-          result
-        end
-      end
-
-      def singularize(word)
-        result = word.to_s.dup
-
-        if inflections.uncountables.include?(result.downcase)
-          result
-        else
-          inflections.singulars.each { |(rule, replacement)| break if result.gsub!(rule, replacement) }
-          result
-        end
-      end
-    end
-  end
-  
-  module StringExtensions
-    def actorize
-      Credentials::Inflector.actorize(self)
-    end
-    
-    unless defined?(ActiveSupport)
-      def pluralize
-        Credentials::Inflector.pluralize(self)
-      end
-      
-      def singularize
-        Credentials::Inflector.singularize(self)
-      end
-    end
-  end
-end
-
-String.send :include, Credentials::StringExtensions
-
-Credentials::Inflector.inflections do |inflect|
-  inflect.actor(/$/, 'er')
-  inflect.actor(/e$/, 'er')
-  inflect.actor(/ate$/, 'ator')
-  inflect.actor(/([^aeiou])([aeiou])([^aeioux])$/, '\1\2\3\3er')
-  inflect.actor(/ct$/, 'ctor')
-  inflect.actor(/^(improvi[sz])e$/, '\1or')
-  inflect.actor(/^(authori)[sz]e$/, '\1ty')
-  inflect.actor(/^administer$/, 'administrator')
-end

data/lib/credentials/rules/can.rb

@@ -1,6 +0,0 @@
-module Credentials
-  module Rules
-    class Can < Rule
-    end
-  end
-end

data/lib/credentials/rules/cannot.rb

@@ -1,20 +0,0 @@
-module Credentials
-  module Rules
-    class Cannot < Can
-      def allow?(actor, verb, *args)
-        return false unless match? actor, verb, *args
-        result = false
-        result ||= evaluate(@options[:unless], actor, *args) if @options[:unless]
-        result
-      end
-    
-      def deny?(actor, verb, *args)
-        return false unless match? actor, verb, *args
-        result = true
-        result &&= evaluate(@options[:if], actor, *args) if @options[:if]
-        result &&= !evaluate(@options[:unless], actor, *args) if @options[:unless]
-        result
-      end
-    end
-  end
-end

data/lib/credentials/rules/rule.rb

@@ -1,46 +0,0 @@
-module Credentials
-  module Rules
-    class Rule
-      attr_accessor :verb
-      attr_accessor :options
-    
-      def initialize(klass, verb, *args)
-        @klass = klass
-        @verb = verb.to_sym
-        @options = args.last.is_a?(Hash) ? args.pop : {}
-        @pattern = Array(args)
-      end
-
-      def match?(actor, verb, *args)
-        return false unless actor == @klass or actor.is_a?(@klass)
-        return false unless @verb == :any or @verb == verb.to_sym
-        return false unless args.size == @pattern.size
-        @pattern.zip(args).each { |pattern, arg| return false unless !pattern.is_a?(Class) or arg == pattern or arg.is_a?(pattern) }
-      end
-    
-      def allow?(actor, verb, *args)
-        return false unless match? actor, verb, *args
-        result = true
-        result &&= evaluate(@options[:if], actor, *args) if @options[:if]
-        result &&= !evaluate(@options[:unless], actor, *args) if @options[:unless]
-        result
-      end
-    
-      def deny?(actor, verb, *args)
-        return false unless match? actor, verb, *args
-        result = false
-        result ||= evaluate(@options[:unless], actor, *args) if @options[:unless]
-        result
-      end
-    
-    protected
-      def evaluate(fn, actor, *args)
-        case fn
-        when Proc           then fn.call(actor, *args)
-        when Symbol, String then actor.send(fn.to_sym, *args)
-        else raise ArgumentError, "expected a proc or a symbol"
-        end
-      end
-    end
-  end
-end