fibman 2.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b57c1d03d4c61992edcbd96b4d10b52790b5f090
+  data.tar.gz: 1acde7737f7b0dffe4fd8670615d20d1892b12e9
+SHA512:
+  metadata.gz: 0626124586074c74cbc5dba0e71984afd9267259256aaf0a682536e796c835bde87534851c85de29333050cfd8369ccc6a04d9e1cd8e46fad7d3d3fe1cf70694
+  data.tar.gz: 1533db7379c16fe4feeab3335db101a0ebe06c2ea27b2eeb1af3a897c5aeedd99b7d7c91b8771b85ca3f31b92480fbf4ebe336e1a09b20e2868f39a801aacfa1

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/.rubocop.yml

@@ -0,0 +1,35 @@
+###########################
+# Configuration for rubocop
+# in .rubocop.yml 
+# Most of these are disabling existing cops, primarily
+# due to a smattering of different styles and loose
+# guidlines for contributions.
+#
+# Any of these may be changed.
+AllCops:
+  Exclude:
+    - 'examples/*.rb'
+
+Style/SpaceInsideBlockBraces:
+  Enabled: false
+
+Metrics/ClassLength:
+  Enabled: false
+
+Metrics/LineLength:
+  Max: 200
+
+Metrics/MethodLength:
+  Max: 20
+
+Style/SignalException:
+  Enabled: false
+
+Style/StringLiterals:
+  Enabled: false
+
+Style/AsciiComments:
+  Enabled: false
+
+Metrics/AbcSize:
+  Enabled: false

data/.simplecov

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+if ENV["COVERAGE"]
+  SimpleCov.profiles.define 'fib' do
+    add_filter "/vendor/"
+
+    add_group 'Libraries', 'lib'
+  end
+
+
+  SimpleCov.start "request_pool" 
+  puts "required simplecov"
+end
+
+# require 'request_pool'

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2017 Warrenoo
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,181 @@
+# Fibman
+[<img src="https://fury-badge.herokuapp.com/rb/fibman.png" alt="Gem Version" />](http://badge.fury.io/rb/fibman)
+
+[Fibman](https://github.com/Warrenoo/fibman) 是提供系统权限管理验证的模块
+
+
+## 功能
+
+- 支持持久化对象权限
+- 定义多种权限维度, 高自由度的权限验证
+- 快速定义权限管理对象，注入完善的管理模块
+- 支持对象间权限依赖关系的拓展
+- 支持权限与权限间的绑定
+- 全方位的权限校验支持
+- 支持单系统多权限模块的组织结构
+
+## 安装
+
+添加到 Gemfile:
+
+    gem 'fibman', '~> 2.0'
+
+并运行 `bundle install` 命令。
+
+## 开始
+
+### 1. 初始化一个权限模块
+
+Fibman.new 作为创建权限管理系统的入口，需要定义一个名称和唯一的key
+
+Fibman 初始化后可以进行权限的定义与管理
+
+可以在一个系统中定义多个Fibman对象，分别定义不同的权限类型，并管理不同的模块
+
+```ruby
+demo_fib = Fibman.new(:demo, "权限系统示例")
+```
+
+### 2. 配置持久化连接
+
+Fibman 使用 Redis 提供数据持久化服务，所以需要配置 redis 的连接对象，默认使用`gem redis-rb`中的api
+
+```
+demo_fib.configure { |c| c.redis = Redis.current }
+```
+
+### 3. 权限定义
+
+在Fibman中，支持三种权限维度的设定
+
+- URL    设定某个URL
+- KEY    设定某个自定义Key
+- ACTION MVC框架中，设定Controller层具体Action
+
+通过调用`build`方法构建当前权限系统的权限集
+
+使用`add`方法来定义权限集
+
+每个权限集可以包含若干具体的权限维度，创建权限集后会默认包含一个和权限集key相同的KEY类型权限，主要用来进行权限集查询。
+
+权限集与权限集直接可以进行绑定。当A权限集绑定了B权限集，目标对象拥有A权限集时，则默认也拥有B权限集。绑定关系可设定多个。
+
+```
+demo_fib.build do
+  # 通过参数定义
+  # action 定义action类权限
+  # url 定义url类权限
+  # key 定义key类权限
+  # bind 绑定其他权限集
+  # display 是否公开
+  add :permission1, "Permission1",
+    action: [[DemoController, :index]],
+    url: ["demo/list", "demo/topic"],
+    key: [:permission1_key1, :permission1_key2],
+    bind: :permission2,
+    display: true
+
+  # 或者
+  # 通过proc定义
+  add :permission1, "Permission1" do
+    def_action DemoController, :show do |user, request|
+      # 扩展权限验证，额外进行权限判断
+      user.demo.id == request.params[:id]
+    end
+
+    def_url "demo/list" do |user, request|
+      # True or False
+    end
+
+    def_key :permission1_key1 do |user, obj|
+      # obj为进行key判断时自定义传入的对象类型
+    end
+
+    # 开关是否公开
+    display_on
+    # or
+    display_off
+
+    # 绑定其他权限集
+    bind_permission :permission2
+  end
+end
+```
+
+### 4. 设定权限管理目标模块
+
+该功能当前只支持Rails框架
+
+在需要被管理的ActiveRecord::Base子类中调用`fib_targeter! :demo`指定该类属于之前定义的权限系统。
+
+```ruby
+class Role < ActiveRecord::Base
+  fib_targeter! :demo
+end
+
+class User < ActiveRecord::Base
+  belongs_to :role
+
+  # 指定该类的权限继承于某一关系对象, 需要该对象的类也定义了`fib_targeter! :demo`
+  # 如没有指定inherit，默认继承于demo_fib, 权限范围为全部权限集
+  fib_targeter! :demo, inherit: :role
+end
+```
+
+然后当前类对象便可以进行权限管理
+```ruby
+u = User.first
+
+u.permissions               # 获取权限
+u.permissions_info          # 获取权限信息 [[:key, :name]]
+u.permissions_scope         # 获取权限范围
+u.save_permissions          # 保存当前权限
+u.create_permissions(*keys) # 通过传入的keys创建权限，保存
+u.new_permissions(*keys)    # 通过传入的keys创建权限，不保存
+u.add_permissions(*keys)    # 添加权限，保存
+u.del_permissions(*keys)    # 删除权限，保存
+u.clear_permissions         # 清空权限，保存
+```
+
+### 5. 设定权限验证入口
+
+该功能当前只支持Rails框架
+
+在需要对权限进行验证的ActionController::Base子类中调用`fib_controller! :demo`指定从该入口进行权限验证
+
+所有通过该入口进入的请求都会对`current_user`进行权限系统验证。请确保在该Controller中可以调用`current_user`方法
+
+```ruby
+class DemoController < ActionController::Base
+  fib_controller! :demo
+
+  def current_user
+    # 查找当前用户的方法
+  end
+end
+```
+
+### 6. 权限验证说明
+
+如果当前请求的action和url并未在权限系统中定义，则会默认通过验证，并提示当前请求权限未被定义
+
+如果当前请求的action和url已定义但当前用户不拥有该权限，则返回401
+
+对于key类型的权限，提供了一组dsl方法进行验证
+
+```erb
+<% if can?(:permission1_key2) && can?(:permission1_key1, obj) %>
+  <p>1</p>
+<% elsif cannot? :permission1 %>
+  <p>2</p>
+<% end %>
+```
+
+## TODO
+
+- 优化查询
+
+## BUG?
+
+如果发现任何问题欢迎[提交Issue](https://github.com/Warrenoo/fibman/issues)或者Fork项目并创建Pull Requests
+

data/Rakefile

@@ -0,0 +1,35 @@
+#!/usr/bin/env rake
+
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks.'
+end
+
+# === Bundler ===
+
+Bundler::GemHelper.install_tasks
+
+# === RSpec ===
+
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new :spec
+
+# === RuboCop ===
+
+require 'rubocop/rake_task'
+
+RuboCop::RakeTask.new(:rubocop) do |task|
+  task.requires << 'rubocop-rspec'
+
+  # Don't abort Rake on failure.
+  task.fail_on_error = false
+end
+
+# === Configuration ===
+
+# Run all specs and RuboCop as default task.
+task default: [:spec, :rubocop]
+
+task test: [:spec, :rubocop]

data/fibman.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'fibman/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'fibman'
+  spec.version       = Fibman::VERSION
+  spec.authors       = ['Warrenoo']
+  spec.email         = ['541991a@gmail.com']
+  spec.summary       = '权限管理'
+  spec.description   = '多模块持久化权限管理系统'
+  spec.license       = 'MIT'
+  spec.homepage       = 'https://github.com/Warrenoo/fib'
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'activesupport', '~> 0'
+
+  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rubocop', '~> 0'
+
+  spec.add_development_dependency 'rspec', '~> 0'
+  spec.add_development_dependency 'rubocop-rspec', '~> 0'
+  spec.add_development_dependency 'simplecov', '~> 0'
+end

data/lib/fibman/additions/container_addition.rb

@@ -0,0 +1,35 @@
+module Fibman
+  module Additions
+    module ContainerAddition
+      extend ActiveSupport::Concern
+
+      included do
+        class_attribute :__fib_container, instance_writer: false
+        class_attribute :__fib_inherit, instance_writer: false
+      end
+
+      def fib_container
+        self.class.fib_container
+      end
+
+      def fib_inherit
+        if __fib_inherit && respond_to?(__fib_inherit) && (obj=send(__fib_inherit))
+          obj
+        else
+          fib_container
+        end
+      end
+
+      class_methods do
+        def fib_container
+          return unless __fib_container
+          self.__fib_container = __fib_container.is_a?(Fibman::Container) ? __fib_container : (Fibman.ls.find { |c| c.key == __fib_container } || __fib_container)
+        end
+
+        def fib_container= key
+          self.__fib_container = key
+        end
+      end
+    end
+  end
+end

data/lib/fibman/additions/dsl_addition.rb

@@ -0,0 +1,24 @@
+module Fibman
+  module Additions
+    module ControllerDslAddition
+      extend ActiveSupport::Concern
+      class_methods do
+        def fib_controller! key
+          include Fibman::Additions::RailsControllerAddition
+          self.fib_container = key
+        end
+      end
+    end
+
+    module TargeterDslAddition
+      extend ActiveSupport::Concern
+      class_methods do
+        def fib_targeter! key, options={}
+          include Fibman::Additions::TargeterAddition
+          self.fib_container = key
+          self.__fib_inherit = options[:inherit] if options[:inherit]
+        end
+      end
+    end
+  end
+end

data/lib/fibman/additions/rails_controller_addition.rb

@@ -0,0 +1,67 @@
+module Fibman
+  module Additions
+    module RailsControllerAddition
+      extend ActiveSupport::Concern
+      include Fibman::Additions::ContainerAddition
+
+      included do
+        before_action :fib_include_validation
+        helper_method :can?, :cannot?
+
+        delegate :permissions, to: :current_user
+
+        rescue_from Fibman::UnPassPermissionValidation, with: :handle_fib_permission_error
+      end
+
+      def can? key, obj=nil
+        key_element = permissions.find_key(key)
+        key_element.present? && key_element.pass_condition?(current_user, obj)
+      end
+
+      def cannot? key, obj=nil
+        !can?(key, obj)
+      end
+
+      private
+
+      def handle_fib_permission_error
+        render status: 401, plain: "No permission" and return
+      end
+
+      # 验证url权限
+      def fib_url_validation
+        url_element = permissions.find_url(request.path)
+
+        unless url_element && url_element.pass_condition?(current_user, request)
+          raise Fibman::UnPassPermissionValidation
+        end
+      end
+
+      # 验证action权限
+      def fib_action_validation
+        controller = self.class.name
+        action = self.action_name
+
+        action_element = permissions.find_action(controller, action)
+
+        unless action_element && action_element.pass_condition?(current_user, request)
+          raise Fibman::UnPassPermissionValidation
+        end
+      end
+
+      # 如果该请求访问未在权限系统中设置
+      # 通过并提示
+      def fib_include_validation
+        has_action = fib_container.permissions.find_action(self.class.name, self.action_name).present?
+        has_url = fib_container.permissions.find_url(request.path).present?
+
+        fib_action_validation if has_action
+        fib_url_validation if has_url
+
+        unless has_action || has_url
+          # TODO 进行提示 策略待定
+        end
+      end
+    end
+  end
+end

data/lib/fibman/additions/targeter_addition.rb

@@ -0,0 +1,64 @@
+module Fibman
+  module Additions
+    module TargeterAddition
+      extend ActiveSupport::Concern
+      include Fibman::Additions::ContainerAddition
+
+      delegate :permissions_info, to: :permissions
+
+      # 最终权限来源自于权限范围与持久化权限的并集
+      def permissions
+        @permissions ||= permissions_scope & (get_persistence_permissions || Fibman::PermissionsCollection.new)
+      end
+
+      def permissions_scope
+        fib_inherit.permissions
+      end
+
+      def save_permissions
+        fib_container.fpa.save fib_redis_key, permissions.keys
+      end
+
+      def create_permissions *permission_keys
+        clear_permissions
+        new_permissions permission_keys
+        save_permissions
+      end
+
+      def new_permissions *permission_keys
+        permission_keys = [permission_keys].flatten
+        @permissions = fib_container.permissions.extract_by_keys permission_keys
+      end
+
+      def add_permissions *permission_keys
+        new_permissions = fib_container.permissions.extract_by_keys permission_keys
+        @permissions += new_permissions
+        save_permissions
+      end
+
+      def del_permissions *permission_keys
+        del_permissions = fib_container.permissions.extract_by_keys permission_keys
+        @permissions -= del_permissions
+        save_permissions
+      end
+
+      def clear_permissions
+        fib_container.fpa.clear fib_redis_key
+        @permissions = nil
+      end
+
+      def get_persistence_permissions
+        fib_container.restore_permissions(fib_redis_key)
+      end
+
+      def fib_redis_key
+        "Fibman:#{fib_container.key}:#{self.class.name}:#{fib_identify}"
+      end
+
+      def fib_identify
+        raise UnSetTargeterIdentify, "Please rewrite [fib_identify] method and set only sign in #{self.class.name}" unless respond_to? :id
+        id
+      end
+    end
+  end
+end

data/lib/fibman/config.rb

@@ -0,0 +1,9 @@
+module Fibman
+  class Config
+    attr_accessor :redis
+
+    def configure
+      yield(self)
+    end
+  end
+end

data/lib/fibman/container.rb

@@ -0,0 +1,48 @@
+module Fibman
+  class Container
+    extend Forwardable
+
+    attr_accessor :name, :key, :permissions, :config, :fpa
+
+    def_delegator :permissions, :permissions_info
+    def_delegator :config, :configure, :config_configure
+
+    cattr_accessor(:containers) { [] }
+
+    def initialize key, name
+      @key = key
+      @name = name
+      @permissions = Fibman::PermissionsCollection.new
+      @config = Fibman::Config.new
+      @fpa = Fibman::Fpa.new
+
+      @permissions.container = self
+      self.class.containers << self
+    end
+
+    def configure &block
+      config_configure &block
+      loading!
+    end
+
+    def loading!
+      load_fpa
+    end
+
+    def load_fpa
+      fpa.redis = config.redis
+    end
+
+    def build &block
+      permissions.instance_exec &block
+    end
+
+    def restore_permissions redis_key
+      return unless keys = fpa.get(redis_key)
+      permissions.extract_by_keys keys
+    end
+
+    class << self; alias_method :ls, :containers; end
+  end
+end
+

data/lib/fibman/element.rb

@@ -0,0 +1,37 @@
+module Fibman
+  class Element
+    attr_reader :type, :core, :condition, :permission_key
+    TYPE = %w(key action url).freeze
+
+    def initialize type, core, condition=->(*args){}
+      raise UnValidElementType, "current type -> #{type}, type need in (#{TYPE.join(", ")})!" unless TYPE.include? type
+      @type = type
+      @core = core
+      raise ParameterIsNotValid, "Condition must belong to Proc!" unless condition.nil? || condition.is_a?(Proc)
+      @condition = condition || ->(*args){}
+    end
+
+    def set_permission permission
+      @permission_key = permission.is_a?(Fibman::Permission) ? permission.key : permission
+    end
+
+    def pass_condition? *args
+      return true if condition.nil?
+      condition[*args] != false
+    end
+
+    class << self
+      def create_key key, &block
+        new "key", key, block
+      end
+
+      def create_action controller, action, &block
+        new "action", {controller: controller.to_s, action: action.to_s}, block
+      end
+
+      def create_url url, &block
+        new "url", url, block
+      end
+    end
+  end
+end

data/lib/fibman/element_package.rb

@@ -0,0 +1,123 @@
+# Element对象集合
+# 将element的三种type拆分存储
+# keys: key类型element hash
+# actions: action类型element {controller_name: hash}
+# urls: url类型element 以'/'分割的字典树
+# 使用lazy_build方式生成keys actions urls，只在查询时构建
+# mutex 为 true 时需要重新build
+module Fibman
+  class ElementPackage
+    attr_reader :keys, :actions, :urls, :origin_elements, :mutex
+
+    def initialize elements=[]
+
+      @keys = {}
+      @actions = {}
+      @urls = Fibman::Trie.new('.', nil)
+      @origin_elements = elements.group_by{ |e| e.type }
+
+      rebuild
+    end
+
+    def set element
+      raise ParameterIsNotValid, "param must be Element" unless element.is_a?(Fibman::Element)
+
+      origin_elements[element.type] ||= []
+      origin_elements[element.type] |= [element]
+
+      rebuild
+    end
+
+    alias_method :<<, :set
+
+    def mset *elements
+      elements.flatten.each do |e|
+        next unless e.is_a?(Fibman::Element)
+        set e
+      end
+    end
+
+    alias_method :append, :mset
+
+    def + package
+      self.class.new (origin_elements.values.flatten + package.origin_elements.values.flatten).uniq
+    end
+
+    def find_key k
+      lazy_build
+      keys[k.to_sym]
+    end
+
+    def find_action controller, action
+      lazy_build
+      actions&.dig(controller.to_s, action.to_s)
+    end
+
+    def find_url url
+      lazy_build
+      urls&.dig(*url.gsub(/^\/|\/$/, "").split(/\//))
+    end
+
+    def build
+      build_keys
+      build_actions
+      build_urls
+    end
+
+    def lazy_build
+      return if !mutex
+
+      build
+      finish_build
+    end
+
+    def finish_build
+      @mutex = false
+    end
+
+    def rebuild
+      @mutex = true
+    end
+
+    private
+
+    def build_keys
+      return unless origin_elements.has_key? 'key'
+
+      origin_elements['key'].each { |e| keys[e.core] = e }
+    end
+
+    def build_actions
+      return unless origin_elements.has_key? 'action'
+
+      origin_elements['action'].each do |e|
+        next unless e.core.is_a? Hash
+
+        key = e.core[:controller].to_s
+        actions[key] ||= {}
+        actions[key][e.core[:action].to_s] = e
+      end
+    end
+
+    def build_urls
+      return unless origin_elements.has_key? 'url'
+
+      origin_elements['url'].each do |e|
+        next unless e.core.is_a? String
+
+        # 过滤首尾 / 并以 / 分割
+        split_url = e.core.gsub(/^\/|\/$/, "").split(/\//)
+        split_url.each_with_index.reduce(urls) do |i, (j, index)|
+          t = i.add_sub j, (index == split_url.size - 1 ? e : nil)
+          t
+        end
+      end
+    end
+
+    class << self
+      def merge *packages
+        new (packages.reduce([]) { |a, e| a + e.origin_elements.values.flatten }).uniq
+      end
+    end
+  end
+end

data/lib/fibman/error.rb

@@ -0,0 +1,12 @@
+module Fibman
+  class UnValidElementType < RuntimeError; end
+  class UnDefinedModel < RuntimeError; end
+  class MissParameter < RuntimeError; end
+  class ParameterIsNotValid < RuntimeError; end
+  class RoleIsNotFind < RuntimeError; end
+  class UserClassIsNotFind < RuntimeError; end
+  class PermissionIsNotFind < RuntimeError; end
+  class RpaIsNotHandle < RuntimeError; end
+  class UnPassPermissionValidation < RuntimeError; end
+  class UnSetTargeterIdentify < RuntimeError; end
+end

data/lib/fibman/fpa.rb

@@ -0,0 +1,23 @@
+# Fibman Persistence Adapter
+module Fibman
+  class Fpa
+    attr_accessor :redis
+
+    def initialize redis=nil
+      @redis = redis
+    end
+
+    def save redis_key, content
+      redis.sadd redis_key, content
+    end
+
+    def get redis_key
+      return nil unless redis.exists(redis_key)
+      redis.smembers(redis_key).map(&:to_sym)
+    end
+
+    def clear redis_key
+      redis.del redis_key
+    end
+  end
+end

data/lib/fibman/permission.rb

@@ -0,0 +1,63 @@
+# Permission Particle
+module Fibman
+  class Permission
+    extend Forwardable
+
+    attr_reader :key, :name, :package, :bind, :display
+    attr_accessor :container
+
+    def_delegators :package, :append
+
+    def initialize key, options={}
+      @key = key.to_sym
+      @name = options[:name] || key.to_s
+      @package = options[:package] || Fibman::ElementPackage.new
+      @bind = options[:bind] || []
+      @display = options.key?(:display) ? options[:display] : true
+    end
+
+    def bind_packages
+      return [] unless bind.present? || container.present?
+
+      packages = []
+      bind.each do |b|
+        p = container.permissions.permissions[b]
+        next unless p.present?
+        packages << p.package
+        packages << p.bind_packages
+      end
+      packages.flatten
+    end
+
+    def def_action controller, action, &block
+      @package << Fibman::Element.create_action(controller, action, &block)
+    end
+
+    def def_url url, &block
+      @package << Fibman::Element.create_url(url, &block)
+    end
+
+    def def_key key, &block
+      @package << Fibman::Element.create_key(key, &block)
+    end
+
+    def display_on
+      @display = true
+    end
+
+    def display_off
+      @display = false
+    end
+
+    def bind_permission *permission_keys
+      @bind << permission_keys.flatten.map(&:to_sym)
+      @bind.flatten!.uniq!
+    end
+
+    def inject_elements_permission
+      package.origin_elements.values.flatten.each do |e|
+        e.set_permission self
+      end
+    end
+  end
+end

data/lib/fibman/permissions_collection.rb

@@ -0,0 +1,135 @@
+module Fibman
+  class PermissionsCollection
+    extend Forwardable
+
+    attr_reader :permissions, :package
+    attr_accessor :container
+
+    # 通过package 快速查询权限
+    def_delegators :package, :find_key, :find_url, :find_action
+
+    def initialize
+      @permissions = {}
+      @package = Fibman::ElementPackage.new
+    end
+
+    def permissions_info
+      permissions.values.select { |v| v.display }
+        .map { |v| [v.key, v.name] }
+    end
+
+    def keys
+      permissions.keys
+    end
+
+    def set permission
+      raise ParameterIsNotValid, "set method can't accept expect permission object" unless permission.is_a?(Fibman::Permission)
+      raise ParameterIsNotValid, "permission key #{permission.key} is exist" if permissions.has_key? permission.key
+
+      mset permission
+    end
+
+    alias_method :<<, :set
+
+    def mset *permissions
+      permissions.flatten.each do |p|
+        next unless p.is_a?(Fibman::Permission)
+        @permissions[p.key] = p
+      end
+      build_package
+    end
+
+    alias_method :append, :mset
+
+    def empty?
+      permissions.keys.size == 0
+    end
+
+    def permission_packages
+      (permissions.values.map(&:package) + permissions.values.map(&:bind_packages)).flatten.uniq
+    end
+
+    def build_package
+      @package = Fibman::ElementPackage.merge *permission_packages
+    end
+
+    def + permission_collection
+      raise ParameterIsNotValid, "must be permission_collection" unless permission_collection.is_a?(Fibman::PermissionsCollection)
+
+      current_permission_values = permissions.values
+      build_new { append *(current_permission_values | permission_collection.permissions.values).flatten }
+    end
+
+    alias_method :|, :+
+
+    def - permission_collection
+      raise ParameterIsNotValid, "must be permission_collection" unless permission_collection.is_a?(Fibman::PermissionsCollection)
+
+      current_permission_values = permissions.values
+      build_new { append *(current_permission_values - permission_collection.permissions.values).flatten }
+    end
+
+    def & permission_collection
+      raise ParameterIsNotValid, "must be permission_collection" unless permission_collection.is_a?(Fibman::PermissionsCollection)
+
+      current_permission_values = permissions.values
+      build_new { append *(current_permission_values & permission_collection.permissions.values).flatten }
+    end
+
+    def extract_by_keys keys
+      Fibman::PermissionsCollection.build_by_permissions select_permissions_by_keys(keys)
+    end
+
+    def select_permissions_by_keys keys
+      permissions.select { |k, v| keys.include? k }.values
+    end
+
+    def build_new &block
+      self.class.new.tap { |n| n.instance_exec(&block) if block_given? }
+    end
+
+    def add key, name="", options={}, &block
+      return unless key.present?
+
+      keys = [options[:key] || []].flatten
+      urls = [options[:url] || []].flatten
+      bind = [options[:bind] || []].flatten
+      actions = options[:action] || []
+      display = options[:display] if options.key? :display
+
+      # 构建权限对象
+      permission = Fibman::Permission.new key, name: name
+
+      # 默认创建一个与permission key相同的element key类型
+      permission.append Fibman::Element.create_key key
+      permission.append keys.map{ |k| Fibman::Element.create_key k }
+
+      permission.append urls.map{ |u| Fibman::Element.create_url u }
+      permission.append actions.map{ |a|
+        controller = a.shift
+        a.map { |action| Fibman::Element.create_action controller, action }
+      }.flatten
+
+      permission.bind_permission bind
+      display ? permission.display_on : permission.display_off unless display.nil?
+
+      # 执行自定义闭包
+      permission.instance_exec &block if block_given?
+
+      # 设置elements所属permission
+      permission.inject_elements_permission
+      permission.container = container
+
+      # 将该权限放入集合
+      set permission
+    end
+
+
+    class << self
+      def build_by_permissions permissions
+        return unless permissions.is_a? Array
+        new.tap { |p| p.append(*permissions) }
+      end
+    end
+  end
+end

data/lib/fibman/railtie.rb

@@ -0,0 +1,13 @@
+module Fibman
+  class Railtie < Rails::Railtie
+    initializer "fibman.initialize_dsl" do
+      ActiveSupport.on_load(:action_controller) do
+        include Fibman::Additions::ControllerDslAddition
+      end
+
+      ActiveSupport.on_load(:active_record) do
+        include Fibman::Additions::TargeterDslAddition
+      end
+    end
+  end
+end

data/lib/fibman/trie.rb

@@ -0,0 +1,30 @@
+module Fibman
+  class Trie
+    attr_accessor :key, :data, :subnode
+
+    def initialize key, data, subnode={}
+      @key = key
+      @data = data
+      @subnode = subnode
+    end
+
+    def dig *node_key
+      return nil unless node_key.is_a? Array
+
+      if node_key.size < 1
+        return data
+      end
+
+      current_key = node_key.first
+      node_key.shift
+
+      subnode.has_key?(current_key) ? subnode[current_key]&.dig(*node_key) : nil
+    end
+
+    def add_sub key, node
+      t = Trie.new key, node
+      subnode[key] = t
+      t
+    end
+  end
+end

data/lib/fibman/version.rb

@@ -0,0 +1,4 @@
+# 版本
+module Fibman
+  VERSION = "2.0.0".freeze
+end

data/lib/fibman.rb

@@ -0,0 +1,26 @@
+require "forwardable"
+require "active_support/all"
+
+require "fibman/railtie" if defined? Rails
+
+require "fibman/config"
+require "fibman/container"
+require "fibman/element"
+require "fibman/element_package"
+require "fibman/error"
+require "fibman/fpa"
+require "fibman/handle_sub"
+require "fibman/permission"
+require "fibman/permissions_collection"
+require "fibman/trie"
+require "fibman/version"
+
+require "fibman/additions/container_addition"
+require "fibman/additions/targeter_addition"
+require "fibman/additions/rails_controller_addition"
+require "fibman/additions/dsl_addition"
+
+module Fibman
+  extend SingleForwardable
+  def_delegators Fibman::Container, :new, :ls
+end

metadata

@@ -0,0 +1,165 @@
+--- !ruby/object:Gem::Specification
+name: fibman
+version: !ruby/object:Gem::Version
+  version: 2.0.0
+platform: ruby
+authors:
+- Warrenoo
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 多模块持久化权限管理系统
+email:
+- 541991a@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- ".simplecov"
+- LICENSE.txt
+- README.md
+- Rakefile
+- fibman.gemspec
+- lib/fibman.rb
+- lib/fibman/additions/container_addition.rb
+- lib/fibman/additions/dsl_addition.rb
+- lib/fibman/additions/rails_controller_addition.rb
+- lib/fibman/additions/targeter_addition.rb
+- lib/fibman/config.rb
+- lib/fibman/container.rb
+- lib/fibman/element.rb
+- lib/fibman/element_package.rb
+- lib/fibman/error.rb
+- lib/fibman/fpa.rb
+- lib/fibman/permission.rb
+- lib/fibman/permissions_collection.rb
+- lib/fibman/railtie.rb
+- lib/fibman/trie.rb
+- lib/fibman/version.rb
+homepage: https://github.com/Warrenoo/fib
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: 权限管理
+test_files: []