dancan 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: dede25a9938f3deb15f4217853872762430b8fa8
+  data.tar.gz: add105fa36577552a22d54eeabc88965737b22d7
+SHA512:
+  metadata.gz: 8995b5fed456408d3a0618c42f9d959273830c55c2f160db06f908c68ee164f678526b24e12591ffc8478592fa3832e61a88cb78cc68c46164949f3d57c2ab39
+  data.tar.gz: 245559b6978b19c3a41fd615ed4485461210bab140774688ae4cc8db30a035f70135de1f05cb0a4627dc1d3feb7156196ad825ffeb27f6346dd23190a4b99b1b

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+bin

data/.travis.yml

@@ -0,0 +1,7 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1.0
+  - jruby-19mode
+  - rbx-2

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,25 @@
+Copyright (c) 2012 Daniel K
+
+Majority of credit goes to Pundit of Elabs as code was built off of Pundit:
+https://github.com/elabs/pundit
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,96 @@
+
+#Dancan
+
+## Installation
+
+Include 'dancan' in your Gemfile
+
+``` ruby
+gem 'dancan'
+```
+
+Include Dancan in your application controller:
+
+``` ruby
+class ApplicationController < ActionController::Base
+  include Dancan
+  protect_from_forgery
+
+  def self.restrict_access(roles, options=nil)
+    if options 
+      before_filter(options) { restrict_access( :roles, roles) }
+    else
+      before_filter { restrict_access( :roles, roles) }
+    end
+  end
+
+end
+```
+ 
+## Policies
+
+In app/policies/role_policy.rb 
+
+``` ruby
+class RolePolicy < Struct.new(:current_admin, :roles)
+  attr_reader :current_admin, :roles
+  
+  def initialize(current_admin, policy)
+    @current_admin = current_admin
+  end
+
+  def customer_care
+    @current_admin.has_any_role?(:customer_care)
+  end
+
+  def culinary_ops
+    @current_admin.has_any_role?(:culinary_ops)
+  end
+
+  def fulfillment_ops
+    @current_admin.has_any_role?(:fulfillment_ops)
+  end
+
+end
+```
+
+##Controller
+
+In your controller, call restrict_access with an optional second parameter unless you want to restrict the entire controller
+
+``` ruby
+# restricts access only su action to customer_care and fulfillment_ops
+  restrict_access [:customer_care, :fulfillment_ops] , :only => [:su]
+
+# restricts access everything except su action to customer_care and fulfillment_ops 
+  restrict_access [:customer_care, :fulfillment_ops] , :except => [:su] 
+  
+# restricts access entire controller to customer_care and fulfillment_ops
+  restrict_access [:customer_care, :fulfillment_ops] 
+```
+
+## Rescuing a denied Authorization in Rails
+
+Dancan raises a `Dancan::NotAuthorizedError` you can
+rescue_from in your `ApplicationController`. You can customize the `user_not_authorized`
+method in every controller.
+
+```ruby
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+  include Dancan
+
+  rescue_from Dancan::NotAuthorizedError, with: :user_not_authorized
+
+  private
+
+  def user_not_authorized
+    flash[:alert] = "Access Denied."
+    redirect_to(request.referrer || root_path)
+  end
+end
+```
+
+# License
+
+Licensed under the MIT license, see the separate LICENSE.txt file.

data/Rakefile

@@ -0,0 +1,2 @@
+require 'rubygems'
+require 'bundler/gem_tasks'

data/dancan.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'dancan/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "dancan"
+  gem.version       = Dancan::VERSION
+  gem.authors       = ["Daniel K"]
+  gem.email         = ["dank@example.com"]
+  gem.description   = %q{Object oriented authorization for Rails applications}
+  gem.summary       = %q{OO authorization for Rails}
+  gem.homepage      = "https://github.com/2011dkang1/dancan"
+  gem.license       = "MIT"
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency "activesupport", ">= 3.0.0"
+  gem.add_development_dependency "activemodel", ">= 3.0.0"
+  gem.add_development_dependency "bundler", "~> 1.3"
+  gem.add_development_dependency "pry"   
+end

data/lib/dancan.rb

@@ -0,0 +1,74 @@
+require "dancan/version"
+require "dancan/policy_finder"
+require "active_support/concern"
+require "active_support/core_ext/string/inflections"
+require "active_support/core_ext/object/blank"
+require "active_support/core_ext/module/introspection"
+require "active_support/dependencies/autoload"
+
+module Dancan
+  class NotAuthorizedError < StandardError
+    attr_accessor :roles, :record, :policy
+  end
+  class AuthorizationNotPerformedError < StandardError; end
+  class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
+  class NotDefinedError < StandardError; end
+
+  extend ActiveSupport::Concern
+
+  class << self
+
+    def policy(user, record)
+      policy = PolicyFinder.new(record).policy
+      policy.new(user, record) if policy
+    end
+
+    def policy!(user, record)
+      PolicyFinder.new(record).policy!.new(user, record)
+    end
+  end
+
+  included do
+    if respond_to?(:helper_method)
+      helper_method :policy
+      helper_method :dancan_admin
+    end
+    if respond_to?(:hide_action)
+      hide_action :policy
+      hide_action :policies
+      hide_action :restrict_access
+      hide_action :dancan_admin
+    end
+  end
+
+  def restrict_access(record, permitted_roles=nil)
+    
+    
+    roles = permitted_roles
+    policy = policy(record)
+    unless roles.map().any? { |role| policy.public_send(role) }
+      error = NotAuthorizedError.new("#{record} does not have not roles: #{roles.to_s}")
+      error.roles, error.record, error.policy = roles.to_s, record, policy
+
+      raise error
+    end
+
+    true
+  end
+
+  def policy(record)
+    policies[record] ||= Dancan.policy!(dancan_admin, record)
+  end
+
+  def policies
+    @_dancan_policies ||= {}
+  end
+
+  def dancan_admin
+    current_admin
+  end
+
+end
+
+
+

data/lib/dancan/policy_finder.rb

@@ -0,0 +1,44 @@
+module Dancan
+  class PolicyFinder
+    attr_reader :object
+
+    def initialize(object)
+      @object = object
+    end
+
+    def policy
+      klass = find
+      klass = klass.constantize if klass.is_a?(String)
+      klass
+    rescue NameError
+      nil
+    end
+
+    def policy!
+      policy or raise NotDefinedError, "unable to find policy #{find} for #{object}"
+    end
+
+  private
+
+    def find
+      if object.respond_to?(:policy_class)
+        object.policy_class
+      elsif object.class.respond_to?(:policy_class)
+        object.class.policy_class
+      else
+        klass = if object.respond_to?(:model_name)
+          object.model_name
+        elsif object.class.respond_to?(:model_name)
+          object.class.model_name
+        elsif object.is_a?(Class)
+          object
+        elsif object.is_a?(Symbol)
+          object.to_s.classify
+        else
+          object.class
+        end
+        "#{klass}Policy"
+      end
+    end
+  end
+end

data/lib/dancan/version.rb

@@ -0,0 +1,3 @@
+module Dancan
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification
+name: dancan
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Daniel K
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Object oriented authorization for Rails applications
+email:
+- dank@example.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- dancan.gemspec
+- lib/dancan.rb
+- lib/dancan/policy_finder.rb
+- lib/dancan/version.rb
+homepage: https://github.com/2011dkang1/dancan
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: OO authorization for Rails
+test_files: []
+has_rdoc: