dry-ability 0.0.1

data/lib/dry/ability/inherited_resource.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require "dry/ability/controller/resource"
+
+module Dry
+  module Ability
+    # For use with Inherited Resources
+    class InheritedResource < Controller::Resource # :nodoc:
+      def load_resource_instance
+        if parent?
+          @controller.send :association_chain
+          @controller.instance_variable_get(:"@#{instance_name}")
+        elsif new_actions.include?(@action_name)
+          resource = @controller.send :build_resource
+          assign_attributes(resource)
+        else
+          @controller.send :resource
+        end
+      end
+
+      def resource_base
+        @controller.send :end_of_association_chain
+      end
+    end
+  end
+end

data/lib/dry/ability/key.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Dry
+  module Ability
+    class Key < String
+      COERC = F[:coerc_key].to_proc.freeze
+      private_constant :COERC
+
+      attr_reader :nsed
+      alias_method :namespaced, :nsed
+
+      def initialize(key, nsfn)
+        string = COERC[key]
+        @nsed = nsfn[string].freeze
+        super(string)
+      end
+    end
+  end
+end

data/lib/dry/ability/resource_mediator.rb

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+
+require "dry/initializer"
+require "dry/ability/t"
+
+module Dry
+  module Ability
+    class ResourceMediator
+      include Initializer[undefined: false].define -> do
+        defaults = {
+          nil:  proc { nil },
+          false: proc { false },
+          with:  -> (input, type) {  (type.default? ? type.value : [type.member.value]) | type[input]  }
+        }.freeze
+        t = { **(t = {
+          bool:         T['params.bool'],
+          string:       T['params.string'],
+          symbol:       T['params.symbol'],
+          array:        T['array'] << Array.method(:wrap),
+          set:          T.Constructor(Set)
+        }), **{
+          symbols:      t[:array].of(T['params.symbol']),
+          symbols_with: -> (*list) { t[:symbols].default(list.freeze) << defaults[:with] }
+        }}.freeze
+
+        param :name,     t[:symbol]
+        param :path,     t[:string]
+        param :sequence, t[:set] << t[:symbols]
+
+        with_options optional: true do |free|
+          free.option :parent, T['bool']
+
+          free.option :class, T['false'] | t[:string], default: proc { @name.to_s.classify }, as: :class_name
+
+          free.option :shallow,   t[:bool], default:  defaults[:false]
+
+          free.option :singleton, t[:bool], default:  defaults[:false]
+
+          free.option :find_by,             t[:symbol]
+
+          free.option :params_method,       t[:symbol]
+
+          free.option :through,             t[:symbol]
+        end
+
+
+
+        option :parent_action,       t[:symbol], default: proc { :show }
+
+        option :instance_name,       t[:symbol], default: proc { @name }
+
+        option :collection_name,     t[:symbol], default:  proc { @name.to_s.pluralize }
+
+        option :through_association, t[:symbol], default: proc { collection_name }
+
+        option :id_param, t[:symbol], default: proc { parent? ? :"#@name\_id" : :id }, as: :id_param_key
+
+        collection_type = t[:symbols_with][:index]
+        option :collection, collection_type, default: proc { collection_type[] }, as: :collection_actions
+
+        new_type = t[:symbols_with][:new, :create]
+        option :new, new_type, default: proc { new_type[] }, as: :new_actions
+
+        save_type = t[:symbols_with][:create, :update]
+        option :save, save_type, default: proc { save_type[] }, as: :save_actions
+      end
+
+      alias_method :parent?,   :parent
+      alias_method :shallow?,  :shallow
+      alias_method :singleton?, :singleton
+
+      def before(controller)
+        resource_class(controller).new(self, controller).call
+      end
+
+      def resource_class(controller)
+        if defined?(::InheritedResources) && controller.is_a?(::InheritedResources::Actions)
+          InheritedResource
+        else
+          ControllerResource
+        end
+      end
+
+      def member_action?(action_name, params)
+        @new_actions.include?(action_name) || singleton? ||
+          ((params[:id] || params[@id_param_key]) && !@collection_actions.include?(action_name))
+      end
+
+      def collection_action?(action_name, *)
+        @collection_actions.include?(action_name)
+      end
+    end
+  end
+end

data/lib/dry/ability/rule.rb

@@ -0,0 +1,141 @@
+# frozen_string_literal: true
+
+require "dry/initializer"
+require "dry/ability/t"
+require "dry/ability/rule_interface"
+
+module Dry
+  module Ability
+    class Rule
+      include Initializer[undefined: false].define -> do
+        param :actions,  T::Actions,  reader: :private
+        param :subjects, T::Subjects, reader: :private
+        option :inverse, T['bool'],   reader: :private
+        option :constraints, T::Hash.map(T['params.symbol'], T['any']), default: -> { {} }
+        option :filter,  T::Callable, optional: true
+        option :scope,   T::Callable, optional: true
+        option :explicit_scope, T['bool'], default: -> { true }
+      end
+
+      include RuleInterface
+
+      def call(account, object)
+        if filter?
+          filter.(account, object)
+        else
+          @constraints.blank? || run_constraints(account, object, @constraints)
+        end ^ @inverse
+      end
+
+      def attributes_for(account, object)
+        @constraints.blank? ? {} : F[:eval_values, [account, object]][@constraints]
+      end
+
+      def scope_for(account, subject)
+        relation = if scope?
+          @scope.arity > 1 ? @scope[account, subject] : @scope[account]
+        else
+          T::Queriable[subject].all
+        end
+        unless @explicit_scope
+          attrs = attributes_for(account, subject)
+          relation = relation.where(attrs) unless attrs.blank?
+        end
+        relation
+      end
+
+      def filter?
+        !@filter.nil?
+      end
+
+      def scope?
+        !@scope.nil?
+      end
+
+      def accessible?
+        scope? || !@explicit_scope
+      end
+
+      def register_to(_rules)
+        unless defined?(@_registered)
+          @subjects.each do |subject|
+            _rules.namespace(subject) do |_subject|
+              @actions.each do |action|
+                key = _subject.send(:namespaced, action)
+                pred = _rules._container.delete(key)&.call
+                rules_or = pred | self if pred
+                _subject.register action, (rules_or || self)
+              end
+            end
+          end
+          @_registered = true
+        end
+      end
+
+      def |(other)
+        Or.new([self, other])
+      end
+
+      class Or
+        include Dry::Initializer[undefined: false].define -> do
+          param :items, T.Array(T.Instance(Rule))
+        end
+
+        include RuleInterface
+
+        def call(account, object)
+          items.reduce(false) do |result, rule|
+            result || rule[account, object]
+          end
+        end
+
+        def attributes_for(account, object)
+          items.reduce({}) do |result, rule|
+            result.deep_merge!(rule.attributes_for(rule, object)); result
+          end
+        end
+
+        def scope_for(account, subject)
+          base_relations = items.map { |rule| rule.scope_for(account, subject) }
+          condit = base_relations.map { |r| r.except(:joins) }.reduce(:or)
+          merged = base_relations.map { |r| r.except(:where) }.reduce(:merge)
+          merged.merge(condit)
+        end
+
+        def accessible?
+          true
+        end
+
+        def |(other)
+          self.class.new([*items, other])
+        end
+      end
+
+      private
+
+      def run_constraints(account, object, dict)
+        case object when Class, Symbol
+          true
+        else
+          dict.reduce(true) do |pred, (key, value)|
+            pred && call_constraint(account, object, key, value)
+          end
+        end
+      end
+
+      def call_constraint(account, object, key, constraint)
+        value = object.public_send(key)
+        case constraint
+        when Array
+          constraint.include?(value)
+        when Hash
+          run_constraints(account, value, constraint)
+        when Proc
+          constraint.arity > 1 ? constraint.(account, value) : value == constraint.(account)
+        else
+          value == constraint
+        end
+      end
+    end
+  end
+end

data/lib/dry/ability/rule_interface.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Dry
+  module Ability
+    module RuleInterface
+      def call(account, object)
+        raise NotImplementedError
+      end
+
+      def [](account, object)
+        call(account, object)
+      end
+
+      def |(other)
+        raise NotImplementedError
+      end
+
+      def attributes_for(account)
+        raise NotImplementedError
+      end
+
+      def scope_for(account)
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/dry/ability/rules_builder.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+require "dry/initializer"
+require "dry/ability/t"
+require "dry/ability/f"
+require "dry/ability/rule"
+require "dry/ability/container"
+
+module Dry
+  module Ability
+    # Creates a container with ability rules and provides DSL to define them.
+    class RulesBuilder
+      include Initializer[undefined: false].define -> do
+        option :_container, T.Instance(Container), default: proc { Container.new }, optional: true
+      end
+
+      # Registers mappings
+      #
+      # @example
+      #
+      #   map :action,  :read   => %i(index show)
+      #   map :subject, :public => %w(Post Like Comment)
+      #
+      def map(kind, dict)
+        kind = T::ActionOrSubject[kind]
+        dict = T::RulesMapping[dict]
+
+        @_container.namespace(:mappings) do |_mappings|
+          _mappings.namespace(kind) do |_action_or_subject|
+            dict.each do |mapped, list|
+              list.sort.each do |original|
+                key = _action_or_subject.send(:namespaced, original)
+                pred = Array.wrap(@_container._container.delete(key)&.call)
+                pred << mapped unless pred.include?(mapped)
+                _action_or_subject.register(original, pred)
+              end
+            end
+          end
+        end
+      end
+
+      # Shorthand of <tt>map :action, dict</tt>
+      def map_action(dict)
+        map :action, dict
+      end
+
+      # Shorthand of <tt>map :subject, dict</tt>
+      #
+      # @exmaple
+      #
+      #   map_subject :public => %w(Post Like Comment)
+      def map_subject(dict)
+        map :subject, dict
+      end
+
+      # Registers rule in the calculated key
+      #
+      # @example
+      #
+      #   can :read, :public
+      def can(actions, subjects, filter: nil, scope: nil, inverse: false, explicit_scope: true, **constraints, &block)
+        @_container.namespace(:rules) do |_rules|
+          Rule.new(actions, subjects,
+            constraints: constraints,
+            filter:      (filter || block&.to_proc),
+            scope:       scope,
+            inverse:     inverse,
+            explicit_scope: explicit_scope
+          ).register_to(_rules)
+        end
+      end
+
+      # @see #can(*args, **options, &block)
+      def cannot(*args, **options, &block)
+        can(*args, **options, inverse: true, &block)
+      end
+
+      # Generates module, which, after being included into a class, registers singleton
+      # instance variable <tt>@_container</tt> as reference to the composed container of rules.
+      def mixin
+        @mixin ||= Module.new.tap do |mod|
+          container = @_container.freeze
+          mod.define_singleton_method :included do |base|
+            base.instance_variable_set(:@_container, container)
+            super(base)
+          end
+          mod
+        end
+      end
+    end
+  end
+end

data/lib/dry/ability/t.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require "dry/types"
+
+module Dry
+  module Ability
+    # T is for Types
+    module T
+      extend Types::BuilderMethods
+
+      def self.[](*args, &block)
+        Types[*args, &block]
+      end
+
+      def self.Key(input)
+        case input
+        when String, Symbol, Module, Class; input.to_s
+        else Key(input.class)
+        end
+      end
+
+      def self.WrappedArray(type)
+        Array(type) << ArrayWrap
+      end
+
+      ArrayWrap       = Array.method(:wrap)
+
+      CoercKey        = Types['string'] << method(:Key)
+
+      Actions         = WrappedArray(Types['params.symbol'])
+
+      Subjects        = WrappedArray(CoercKey)
+
+      Hash            = Types['hash']
+
+      ActionOrSubject = Types['symbol'].enum(:action, :subject)
+
+      RulesMapping    = Hash.map(CoercKey, Subjects)
+
+      Callable        = Interface(:call)
+
+      Queriable       = Interface(:where)
+    end
+  end
+end