granular_permissions 0.0.0

data/fixture_rails_root/public/javascripts/rails.js

@@ -0,0 +1,175 @@
+(function() {
+  // Technique from Juriy Zaytsev
+  // http://thinkweb2.com/projects/prototype/detecting-event-support-without-browser-sniffing/
+  function isEventSupported(eventName) {
+    var el = document.createElement('div');
+    eventName = 'on' + eventName;
+    var isSupported = (eventName in el);
+    if (!isSupported) {
+      el.setAttribute(eventName, 'return;');
+      isSupported = typeof el[eventName] == 'function';
+    }
+    el = null;
+    return isSupported;
+  }
+
+  function isForm(element) {
+    return Object.isElement(element) && element.nodeName.toUpperCase() == 'FORM'
+  }
+
+  function isInput(element) {
+    if (Object.isElement(element)) {
+      var name = element.nodeName.toUpperCase()
+      return name == 'INPUT' || name == 'SELECT' || name == 'TEXTAREA'
+    }
+    else return false
+  }
+
+  var submitBubbles = isEventSupported('submit'),
+      changeBubbles = isEventSupported('change')
+
+  if (!submitBubbles || !changeBubbles) {
+    // augment the Event.Handler class to observe custom events when needed
+    Event.Handler.prototype.initialize = Event.Handler.prototype.initialize.wrap(
+      function(init, element, eventName, selector, callback) {
+        init(element, eventName, selector, callback)
+        // is the handler being attached to an element that doesn't support this event?
+        if ( (!submitBubbles && this.eventName == 'submit' && !isForm(this.element)) ||
+             (!changeBubbles && this.eventName == 'change' && !isInput(this.element)) ) {
+          // "submit" => "emulated:submit"
+          this.eventName = 'emulated:' + this.eventName
+        }
+      }
+    )
+  }
+
+  if (!submitBubbles) {
+    // discover forms on the page by observing focus events which always bubble
+    document.on('focusin', 'form', function(focusEvent, form) {
+      // special handler for the real "submit" event (one-time operation)
+      if (!form.retrieve('emulated:submit')) {
+        form.on('submit', function(submitEvent) {
+          var emulated = form.fire('emulated:submit', submitEvent, true)
+          // if custom event received preventDefault, cancel the real one too
+          if (emulated.returnValue === false) submitEvent.preventDefault()
+        })
+        form.store('emulated:submit', true)
+      }
+    })
+  }
+
+  if (!changeBubbles) {
+    // discover form inputs on the page
+    document.on('focusin', 'input, select, texarea', function(focusEvent, input) {
+      // special handler for real "change" events
+      if (!input.retrieve('emulated:change')) {
+        input.on('change', function(changeEvent) {
+          input.fire('emulated:change', changeEvent, true)
+        })
+        input.store('emulated:change', true)
+      }
+    })
+  }
+
+  function handleRemote(element) {
+    var method, url, params;
+
+    var event = element.fire("ajax:before");
+    if (event.stopped) return false;
+
+    if (element.tagName.toLowerCase() === 'form') {
+      method = element.readAttribute('method') || 'post';
+      url    = element.readAttribute('action');
+      params = element.serialize();
+    } else {
+      method = element.readAttribute('data-method') || 'get';
+      url    = element.readAttribute('href');
+      params = {};
+    }
+
+    new Ajax.Request(url, {
+      method: method,
+      parameters: params,
+      evalScripts: true,
+
+      onComplete:    function(request) { element.fire("ajax:complete", request); },
+      onSuccess:     function(request) { element.fire("ajax:success",  request); },
+      onFailure:     function(request) { element.fire("ajax:failure",  request); }
+    });
+
+    element.fire("ajax:after");
+  }
+
+  function handleMethod(element) {
+    var method = element.readAttribute('data-method'),
+        url = element.readAttribute('href'),
+        csrf_param = $$('meta[name=csrf-param]')[0],
+        csrf_token = $$('meta[name=csrf-token]')[0];
+
+    var form = new Element('form', { method: "POST", action: url, style: "display: none;" });
+    element.parentNode.insert(form);
+
+    if (method !== 'post') {
+      var field = new Element('input', { type: 'hidden', name: '_method', value: method });
+      form.insert(field);
+    }
+
+    if (csrf_param) {
+      var param = csrf_param.readAttribute('content'),
+          token = csrf_token.readAttribute('content'),
+          field = new Element('input', { type: 'hidden', name: param, value: token });
+      form.insert(field);
+    }
+
+    form.submit();
+  }
+
+
+  document.on("click", "*[data-confirm]", function(event, element) {
+    var message = element.readAttribute('data-confirm');
+    if (!confirm(message)) event.stop();
+  });
+
+  document.on("click", "a[data-remote]", function(event, element) {
+    if (event.stopped) return;
+    handleRemote(element);
+    event.stop();
+  });
+
+  document.on("click", "a[data-method]", function(event, element) {
+    if (event.stopped) return;
+    handleMethod(element);
+    event.stop();
+  });
+
+  document.on("submit", function(event) {
+    var element = event.findElement(),
+        message = element.readAttribute('data-confirm');
+    if (message && !confirm(message)) {
+      event.stop();
+      return false;
+    }
+
+    var inputs = element.select("input[type=submit][data-disable-with]");
+    inputs.each(function(input) {
+      input.disabled = true;
+      input.writeAttribute('data-original-value', input.value);
+      input.value = input.readAttribute('data-disable-with');
+    });
+
+    var element = event.findElement("form[data-remote]");
+    if (element) {
+      handleRemote(element);
+      event.stop();
+    }
+  });
+
+  document.on("ajax:after", "form", function(event, element) {
+    var inputs = element.select("input[type=submit][disabled=true][data-disable-with]");
+    inputs.each(function(input) {
+      input.value = input.readAttribute('data-original-value');
+      input.removeAttribute('data-original-value');
+      input.disabled = false;
+    });
+  });
+})();

data/fixture_rails_root/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/fixture_rails_root/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/fixture_rails_root/test/performance/browsing_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+require 'rails/performance_test_help'
+
+# Profiling results for each test method are written to tmp/performance.
+class BrowsingTest < ActionDispatch::PerformanceTest
+  def test_homepage
+    get '/'
+  end
+end

data/fixture_rails_root/test/test_helper.rb

@@ -0,0 +1,13 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path('../../config/environment', __FILE__)
+require 'rails/test_help'
+
+class ActiveSupport::TestCase
+  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherit this setting
+  fixtures :all
+
+  # Add more helper methods to be used by all tests here...
+end

data/granular_permissions.gemspec

@@ -0,0 +1,122 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{granular_permissions}
+  s.version = "0.0.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Bernardo Telles"]
+  s.date = %q{2010-11-05}
+  s.description = %q{engine that allows users to specify really tiny permissions levels}
+  s.email = %q{btelles@gmail.com}
+  s.extra_rdoc_files = [
+    "README"
+  ]
+  s.files = [
+    ".bundle/config",
+     ".config/cucumber.yml",
+     ".gitignore",
+     ".rvmrc",
+     "Gemfile",
+     "Gemfile.lock",
+     "MIT-LICENSE",
+     "README",
+     "Rakefile",
+     "VERSION",
+     "features/step_definitions/bernie_steps.rb",
+     "features/step_definitions/mislav_steps.rb",
+     "features/step_definitions/web_steps.rb",
+     "features/support/blueprints.rb",
+     "features/support/debug.log",
+     "features/support/env.rb",
+     "features/support/models.rb",
+     "features/support/paths.rb",
+     "fixture_rails_root/.gitignore",
+     "fixture_rails_root/Gemfile",
+     "fixture_rails_root/Gemfile.lock",
+     "fixture_rails_root/README",
+     "fixture_rails_root/Rakefile",
+     "fixture_rails_root/app/controllers/application_controller.rb",
+     "fixture_rails_root/app/helpers/application_helper.rb",
+     "fixture_rails_root/app/views/layouts/application.html.erb",
+     "fixture_rails_root/config.ru",
+     "fixture_rails_root/config/application.rb",
+     "fixture_rails_root/config/boot.rb",
+     "fixture_rails_root/config/database.yml",
+     "fixture_rails_root/config/environment.rb",
+     "fixture_rails_root/config/environments/development.rb",
+     "fixture_rails_root/config/environments/production.rb",
+     "fixture_rails_root/config/environments/test.rb",
+     "fixture_rails_root/config/initializers/backtrace_silencers.rb",
+     "fixture_rails_root/config/initializers/inflections.rb",
+     "fixture_rails_root/config/initializers/mime_types.rb",
+     "fixture_rails_root/config/initializers/reporter.rb",
+     "fixture_rails_root/config/initializers/secret_token.rb",
+     "fixture_rails_root/config/initializers/session_store.rb",
+     "fixture_rails_root/config/locales/en.yml",
+     "fixture_rails_root/config/routes.rb",
+     "fixture_rails_root/db/schema.rb",
+     "fixture_rails_root/db/seeds.rb",
+     "fixture_rails_root/doc/README_FOR_APP",
+     "fixture_rails_root/lib/tasks/.gitkeep",
+     "fixture_rails_root/public/404.html",
+     "fixture_rails_root/public/422.html",
+     "fixture_rails_root/public/500.html",
+     "fixture_rails_root/public/favicon.ico",
+     "fixture_rails_root/public/images/rails.png",
+     "fixture_rails_root/public/index.html",
+     "fixture_rails_root/public/javascripts/application.js",
+     "fixture_rails_root/public/javascripts/controls.js",
+     "fixture_rails_root/public/javascripts/dragdrop.js",
+     "fixture_rails_root/public/javascripts/effects.js",
+     "fixture_rails_root/public/javascripts/prototype.js",
+     "fixture_rails_root/public/javascripts/rails.js",
+     "fixture_rails_root/public/robots.txt",
+     "fixture_rails_root/public/stylesheets/.gitkeep",
+     "fixture_rails_root/script/rails",
+     "fixture_rails_root/test/performance/browsing_test.rb",
+     "fixture_rails_root/test/test_helper.rb",
+     "granular_permissions.gemspec",
+     "init.rb",
+     "install.rb",
+     "lib/flag_shih_tzu.rb",
+     "lib/generators/USAGE",
+     "lib/generators/granular_permissions_generator.rb",
+     "lib/granular_permissions.rb",
+     "spec/database.yml",
+     "spec/db/granular_permissions_plugin.sqlite3.db",
+     "spec/schema.rb",
+     "spec/spec_helper.rb",
+     "spec/support/blueprints.rb",
+     "spec/support/models.rb",
+     "uninstall.rb"
+  ]
+  s.homepage = %q{http://github.com/btelles/granular_permissions}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{engine that allows users to specify really tiny permissions levels}
+  s.test_files = [
+    "spec/support/blueprints.rb",
+     "spec/support/models.rb",
+     "spec/spec_helper.rb",
+     "spec/schema.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, ["= 2.0.1"])
+    else
+      s.add_dependency(%q<rspec>, ["= 2.0.1"])
+    end
+  else
+    s.add_dependency(%q<rspec>, ["= 2.0.1"])
+  end
+end
+

data/init.rb

@@ -0,0 +1 @@
+# Include hook code here

data/install.rb

@@ -0,0 +1 @@
+# Install hook code here

data/lib/flag_shih_tzu.rb

@@ -0,0 +1,210 @@
+module FlagShihTzu
+  TRUE_VALUES = [true, 1, '1', 't', 'T', 'true', 'TRUE'] # taken from ActiveRecord::ConnectionAdapters::Column
+  DEFAULT_COLUMN_NAME = 'flags'
+
+  def self.included(base)
+    base.extend(ClassMethods)
+  end
+
+  class IncorrectFlagColumnException < Exception; end
+  class NoSuchFlagQueryModeException < Exception; end
+  class NoSuchFlagException < Exception; end
+
+  module ClassMethods
+    def has_flags(*args)
+      flag_hash, opts = parse_options(*args)
+      opts = {
+        :named_scopes => true,
+        :column => DEFAULT_COLUMN_NAME,
+        :flag_query_mode => :in_list
+      }.update(opts)
+      colmn = opts[:column]
+
+      return unless check_flag_column(colmn)
+
+      # options are stored in a class level hash and apply per-column
+      class_inheritable_hash :flag_options
+      write_inheritable_attribute(:flag_options, {}) if flag_options.nil?
+      flag_options[colmn] = opts
+
+      # the mappings are stored in this class level hash and apply per-column
+      class_inheritable_hash :flag_mapping
+      write_inheritable_attribute(:flag_mapping, {}) if flag_mapping.nil?
+      flag_mapping[colmn] ||= {}
+
+      flag_hash.each do |flag_key, flag_name|
+        raise ArgumentError, "has_flags: flag keys should be positive integers, and #{flag_key} is not" unless is_valid_flag_key(flag_key)
+        raise ArgumentError, "has_flags: flag names should be symbols, and #{flag_name} is not" unless is_valid_flag_name(flag_name)
+        next if flag_mapping[colmn][flag_name] & (1 << (flag_key - 1)) # next if already methods defined by flagshitzu
+        raise ArgumentError, "has_flags: flag name #{flag_name} already defined, please choose different name" if method_defined?(flag_name)
+
+        flag_mapping[colmn][flag_name] = 1 << (flag_key - 1)
+
+        class_eval <<-EVAL
+          def #{flag_name}
+            flag_enabled?(:#{flag_name}, '#{colmn}')
+          end
+
+          def #{flag_name}?
+            flag_enabled?(:#{flag_name}, '#{colmn}')
+          end
+
+          def #{flag_name}=(value)
+            FlagShihTzu::TRUE_VALUES.include?(value) ? enable_flag(:#{flag_name}, '#{colmn}') : disable_flag(:#{flag_name}, '#{colmn}')
+          end
+
+          def self.#{flag_name}_condition(options = {})
+            sql_condition_for_flag(:#{flag_name}, '#{colmn}', true, options[:table_alias] || self.table_name)
+          end
+
+          def self.not_#{flag_name}_condition
+            sql_condition_for_flag(:#{flag_name}, '#{colmn}', false)
+          end
+        EVAL
+
+        # Define the named scopes if the user wants them and AR supports it
+        if flag_options[colmn][:named_scopes] && respond_to?(named_scope_method)
+          class_eval <<-EVAL
+            #{named_scope_method} :#{flag_name}, lambda { { :conditions => #{flag_name}_condition } }
+            #{named_scope_method} :not_#{flag_name}, lambda { { :conditions => not_#{flag_name}_condition } }
+          EVAL
+        end
+      end
+
+    end
+
+    def check_flag(flag, colmn)
+      raise ArgumentError, "Column name '#{colmn}' for flag '#{flag}' is not a string" unless colmn.is_a?(String)
+      raise ArgumentError, "Invalid flag '#{flag}'" if flag_mapping[colmn].nil? || !flag_mapping[colmn].include?(flag)
+    end
+
+    private
+
+      def parse_options(*args)
+        options = args.shift
+        if args.size >= 1
+          add_options = args.shift
+        else
+          add_options = options.keys.select {|key| !key.is_a?(Fixnum)}.inject({}) do |hash, key|
+            hash[key] = options.delete(key)
+            hash
+          end
+        end
+        return options, add_options
+      end
+
+      def check_flag_column(colmn, table_name = self.table_name)
+        # If you aren't using ActiveRecord (eg. you are outside rails) then do not fail here
+        # If you are using ActiveRecord then you only want to check for the table if the table exists so it won't fail pre-migration
+        has_ar = !!defined?(ActiveRecord) && self.respond_to?(:descends_from_active_record?)
+        # Supposedly Rails 2.3 takes care of this, but this precaution is needed for backwards compatibility
+        has_table = has_ar ? ActiveRecord::Base.connection.tables.include?(table_name) : true
+
+        logger.warn("Error: Table '#{table_name}' doesn't exist") and return false unless has_table
+
+        if !has_ar || (has_ar && has_table)
+          if found_column = columns.find {|column| column.name == colmn}
+            raise IncorrectFlagColumnException, "Warning: Column '#{colmn}'must be of type integer in order to use FlagShihTzu" unless found_column.type == :integer
+          else
+            # Do not raise an exception since the migration to add the flags column might still be pending
+            logger.warn("Warning: Table '#{table_name}' must have an integer column named '#{colmn}' in order to use FlagShihTzu") and return false
+          end
+        end
+
+        true
+      end
+
+      def sql_condition_for_flag(flag, colmn, enabled = true, table_name = self.table_name)
+        check_flag(flag, colmn)
+
+        if flag_options[colmn][:flag_query_mode] == :bit_operator
+          # use & bit operator directly in the SQL query.
+          # This has the drawback of not using an index on the flags colum.
+          "(#{table_name}.#{colmn} & #{flag_mapping[colmn][flag]} = #{enabled ? flag_mapping[colmn][flag] : 0})"
+        elsif flag_options[colmn][:flag_query_mode] == :in_list
+          # use IN() operator in the SQL query.
+          # This has the drawback of becoming a big query when you have lots of flags.
+          neg = enabled ? "" : "not "
+          "(#{table_name}.#{colmn} #{neg}in (#{sql_in_for_flag(flag, colmn).join(',')}))"
+        else
+          raise NoSuchFlagQueryModeException
+        end
+      end
+
+      # returns an array of integers suitable for a SQL IN statement.
+      def sql_in_for_flag(flag, colmn)
+        val = flag_mapping[colmn][flag]
+        num = 2 ** flag_mapping[flag_options[colmn][:column]].length
+        (1..num).select {|i| i & val == val}
+      end
+
+      def is_valid_flag_key(flag_key)
+        flag_key > 0 && flag_key == flag_key.to_i
+      end
+
+      def is_valid_flag_name(flag_name)
+        flag_name.is_a?(Symbol)
+      end
+
+      # Returns the correct method to create a named scope.
+      # Use to prevent deprecation notices on Rails 3 when using +named_scope+ instead of +scope+.
+      def named_scope_method
+        # Can't use respond_to because both AR 2 and 3 respond to both +scope+ and +named_scope+.
+        ActiveRecord::VERSION::MAJOR == 2 ? :named_scope : :scope
+      end
+  end
+
+  # Performs the bitwise operation so the flag will return +true+.
+  def enable_flag(flag, colmn = nil)
+    colmn = determine_flag_colmn_for(flag) if colmn.nil?
+    self.class.check_flag(flag, colmn)
+
+    set_flags(self.flags(colmn) | self.class.flag_mapping[colmn][flag], colmn)
+  end
+
+  # Performs the bitwise operation so the flag will return +false+.
+  def disable_flag(flag, colmn = nil)
+    colmn = determine_flag_colmn_for(flag) if colmn.nil?
+    self.class.check_flag(flag, colmn)
+
+    set_flags(self.flags(colmn) & ~self.class.flag_mapping[colmn][flag], colmn)
+  end
+
+  def flag_enabled?(flag, colmn = nil)
+    colmn = determine_flag_colmn_for(flag) if colmn.nil?
+    self.class.check_flag(flag, colmn)
+
+    get_bit_for(flag, colmn) == 0 ? false : true
+  end
+
+  def flag_disabled?(flag, colmn = nil)
+    colmn = determine_flag_colmn_for(flag) if colmn.nil?
+    self.class.check_flag(flag, colmn)
+
+    !flag_enabled?(flag, colmn)
+  end
+
+  def flags(colmn = DEFAULT_COLUMN_NAME)
+    self[colmn] || 0
+  end
+
+  def set_flags(value, colmn)
+    self[colmn] = value
+  end
+
+  private
+
+    def get_bit_for(flag, colmn)
+      self.flags(colmn) & self.class.flag_mapping[colmn][flag]
+    end
+
+    def determine_flag_colmn_for(flag)
+      return DEFAULT_COLUMN_NAME if self.class.flag_mapping.nil?
+      self.class.flag_mapping.each_pair do |colmn, mapping|
+        return colmn if mapping.include?(flag)
+      end
+      raise NoSuchFlagException.new("determine_flag_colmn_for: Couldn't determine column for your flags!")
+    end
+
+end
+