hydra-access-controls 5.3.0 → 5.4.0.pre1

data/lib/hydra/ability.rb

@@ -19,19 +19,24 @@ module Hydra::Ability
     Hydra.config[:user_model] ?  Hydra.config[:user_model].constantize : ::User
   end
 
+  attr_reader :current_user, :session
+
   def initialize(user, session=nil)
-    @user = user || Hydra::Ability.user_class.new # guest user (not logged in)
+    @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
+    @user = @current_user # just in case someone was using this in an override. Just don't.
     @session = session
     hydra_default_permissions()
   end
 
   ## You can override this method if you are using a different AuthZ (such as LDAP)
-  def user_groups(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to user_groups, use the instance_variables", caller()) if user || session
+  def user_groups(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to user_groups, use the instance_variables", caller()) if deprecated_user || deprecated_session
 
     return @user_groups if @user_groups
-    @user_groups = RoleMapper.roles(@user.user_key) + default_user_groups
-    @user_groups << 'registered' unless (@user.new_record? || @user_groups.include?('registered'))
+    
+    @user_groups = default_user_groups
+    @user_groups |= current_user.groups if current_user and current_user.respond_to? :groups
+    @user_groups |= ['registered'] unless current_user.new_record?
     @user_groups
   end
 
@@ -42,21 +47,21 @@ module Hydra::Ability
   
 
   # Requires no arguments, but accepts 2 arguments for backwards compatibility
-  def hydra_default_permissions(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to hydra_default_permissions, use the instance_variables", caller()) if user || session
+  def hydra_default_permissions(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to hydra_default_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
     logger.debug("Usergroups are " + user_groups.inspect)
     self.ability_logic.each do |method|
       send(method)
     end
   end
 
-  def create_permissions(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to create_permissions, use the instance_variables", caller()) if user || session
+  def create_permissions(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to create_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
     can :create, :all if user_groups.include? 'registered'
   end
 
-  def edit_permissions(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to edit_permissions, use the instance_variables", caller()) if user || session
+  def edit_permissions(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to edit_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
     can [:edit, :update, :destroy], String do |pid|
       test_edit(pid)
     end 
@@ -71,8 +76,8 @@ module Hydra::Ability
     end       
   end
 
-  def read_permissions(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to read_permissions, use the instance_variables", caller()) if user || session
+  def read_permissions(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to read_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
     can :read, String do |pid|
       test_read(pid)
     end
@@ -89,8 +94,8 @@ module Hydra::Ability
 
 
   ## Override custom permissions in your own app to add more permissions beyond what is defined by default.
-  def custom_permissions(user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to custom_permissions, use the instance_variables", caller()) if user || session
+  def custom_permissions(deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to custom_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
   end
   
   protected
@@ -102,22 +107,22 @@ module Hydra::Ability
   end
 
 
-  def test_edit(pid, user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to test_edit, use the instance_variables", caller()) if user || session
+  def test_edit(pid, deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to test_edit, use the instance_variables", caller()) if deprecated_user || deprecated_session
     permissions_doc(pid)
-    logger.debug("[CANCAN] Checking edit permissions for user: #{@user.user_key} with groups: #{user_groups.inspect}")
+    logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
     group_intersection = user_groups & edit_groups
-    result = !group_intersection.empty? || edit_persons.include?(@user.user_key)
+    result = !group_intersection.empty? || edit_persons.include?(current_user.user_key)
     logger.debug("[CANCAN] decision: #{result}")
     result
   end   
   
-  def test_read(pid, user=nil, session=nil)
-    ActiveSupport::Deprecation.warn("No need to pass user or session to test_read, use the instance_variables", caller()) if user || session
+  def test_read(pid, deprecated_user=nil, deprecated_session=nil)
+    ActiveSupport::Deprecation.warn("No need to pass user or session to test_read, use the instance_variables", caller()) if deprecated_user || deprecated_session
     permissions_doc(pid)
-    logger.debug("[CANCAN] Checking edit permissions for user: #{@user.user_key} with groups: #{user_groups.inspect}")
+    logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
     group_intersection = user_groups & read_groups
-    result = !group_intersection.empty? || read_persons.include?(@user.user_key)
+    result = !group_intersection.empty? || read_persons.include?(current_user.user_key)
     logger.debug("[CANCAN] decision: #{result}")
     result
   end 

data/lib/hydra/user.rb

@@ -13,6 +13,10 @@ module Hydra::User
   def user_key
     send(Devise.authentication_keys.first)
   end
+
+  def groups
+    RoleMapper.roles(user_key)
+  end
   
   module ClassMethods
     # This method should find User objects using the user_key you've chosen.

metadata

@@ -1,8 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: hydra-access-controls
 version: !ruby/object:Gem::Version
-  version: 5.3.0
-  prerelease: 
+  version: 5.4.0.pre1
+  prerelease: 6
 platform: ruby
 authors:
 - Chris Beer
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-01-18 00:00:00.000000000 Z
+date: 2013-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -186,15 +186,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ! '>='
+  - - ! '>'
     - !ruby/object:Gem::Version
-      version: '0'
-      segments:
-      - 0
-      hash: -2784704934018708392
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: Access controls for project hydra