credentials 2.3.1 → 2.4.0

data/HISTORY

@@ -1,4 +1,14 @@
-=== 2.2.3 / 2009-11-27
+=== 2.4.0 / 2010-01-25
+
+* Implemented Foo.metaclass.credentials { |foo| ... } to allow
+  declaration of credentials per instance. This is nice for
+  implementing RBA.
+
+=== 2.3.1 / 2009-12-17
+
+* Minor bug fix (Class !== Class)
+
+=== 2.3.0 / 2009-12-16
 
 * Add support for prepositions.
 

data/VERSION

@@ -1 +1 @@
-2.3.1
+2.4.0

data/credentials.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{credentials}
-  s.version = "2.3.1"
+  s.version = "2.4.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Matt Powell"]
-  s.date = %q{2009-12-17}
+  s.date = %q{2010-01-25}
   s.description = %q{A generic actor/resource permission framework based on rules, not objects.}
   s.email = %q{fauxparse@gmail.com.com}
   s.extra_rdoc_files = [

data/lib/credentials/extensions/object.rb

@@ -52,9 +52,15 @@ module Credentials
     
       # Returns true if the receiver has access to the specified resource or action.
       def can?(*args)
-        self.class.credentials.allow? self, *args
+        metaclass.credentials.allow?(self, *args)
       end
       alias_method :able_to?, :can?
+      
+      def metaclass
+        class << self
+          self
+        end
+      end
 
       def self.included(receiver) #:nodoc:
         receiver.extend ClassMethods

data/lib/credentials/rule.rb

@@ -81,7 +81,7 @@ module Credentials
           return false unless receiver.respond_to? condition
           !!receiver.send(condition, *args[0, receiver.method(condition).arity])
         when Proc
-          raise ArgumentError, "wrong number of arguments to condition (#{args.size} to #{condition.arity})" unless args.size + 1 == condition.arity
+          raise ArgumentError, "wrong number of arguments to condition (#{args.size + 1} to #{condition.arity})" unless args.size + 1 == condition.arity
           !!condition.call(receiver, *args)
         else
           raise ArgumentError, "invalid :if or :unless option (expected Symbol or Proc, or array thereof; got #{condition.class})"

data/lib/credentials/rulebook.rb

@@ -11,6 +11,7 @@ module Credentials
     attr_accessor :klass
     attr_accessor :options
     attr_accessor :rules
+    attr_reader :superklass_rulebook
     
     DEFAULT_OPTIONS = {
       :default => :deny
@@ -18,23 +19,28 @@ module Credentials
     
     def initialize(klass)
       self.klass = klass
-      @rules = if klass.superclass.respond_to?(:credentials) && !klass.superclass.credentials.empty?
-        klass.superclass.credentials.rules.dup
+      superklass = if klass.to_s =~ /^#<Class:#<([\w_]+)/ # there must be a better way
+        $1.constantize
       else
-        []
+        klass.superclass
+      end
+
+      @rules = []
+      if superklass == Object
+        @superklass_rulebook = nil
+        @options = {}
+      else
+        @superklass_rulebook = superklass.credentials
+        @options = superklass_rulebook.options.dup
       end
-      @options = {}
     end
 
     # Creates a Rulebook for the given class.
     # Should not be called directly: instead,
     # use +class.credentials+ (q.v.).
     def self.for(klass)
-      rulebook = new(klass)
-      if superclass && superclass.respond_to?(:credentials)
-        rulebook.rules = superclass.credentials.rules.dup
-      end
-      rulebook
+      @rulebooks ||= {}
+      @rulebooks[klass] ||= new(klass)
     end
 
     # Returns +true+ if there are no rules defined in this Rulebook.
@@ -199,11 +205,13 @@ module Credentials
     
     # Subset of rules that grant permission by exposing an +allow?+ method.
     def allow_rules
+      @allow_rules ||= (superklass_rulebook ? superklass_rulebook.allow_rules : []) + 
       rules.select { |rule| rule.respond_to? :allow? }
     end
     
     # Subset of rules that deny permission by exposing an +deny?+ method.
     def deny_rules
+      @deny_rules ||= (superklass_rulebook ? superklass_rulebook.deny_rules : []) + 
       rules.select { |rule| rule.respond_to? :deny? }
     end
   end

data/spec/rulebook_spec.rb

@@ -9,4 +9,19 @@ describe Credentials::Rulebook do
     Animal.credentials.should_not == Carnivore.credentials
     Animal.credentials.rules.should_not == Carnivore.credentials.rules
   end
+  
+  describe "created for an instance" do
+    before :all do
+      @penguin = Bird.new("Penguin")
+      @penguin.metaclass.credentials do |penguin|
+        penguin.can :swim
+      end
+      @emu = Bird.new("Emu")
+    end
+    
+    it "should grant permissions only for that instance" do
+      @penguin.should be_able_to(:swim)
+      @emu.should_not be_able_to(:swim)
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: credentials
 version: !ruby/object:Gem::Version 
-  version: 2.3.1
+  version: 2.4.0
 platform: ruby
 authors: 
 - Matt Powell
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-12-17 00:00:00 +13:00
+date: 2010-01-25 00:00:00 +13:00
 default_executable: 
 dependencies: []