i_am_i_can 3.0.0pre → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8a7c648cdb9a60d42ca538e28735070ef9644325
-  data.tar.gz: 4a5ee5a0a56967049baeeddafc944fe6fc548479
+  metadata.gz: 2cda6740e5fdc39a1bf281df8ec61425d001171a
+  data.tar.gz: 263b17f70ce6ff0fdfdfff8338a85b798e43b500
 SHA512:
-  metadata.gz: f684f54b656c925ff293706fec374eee0592b7ad91df3502e4fa031255f17f96cac95c22c8ee9e0426786453539ec6d26400b6fb8c9afe11d10dfa1b306d4343
-  data.tar.gz: a855e8ebc30a47548b42be4f43ef07d4ec90816418369962e9562b3e773e878c7a2c748501911c41f77d891cd4f85562ec5491a7dec7c44e699510954c8c9bba
+  metadata.gz: b6d4f29d6565b394bce3d01ddab46f2532d307b093318b5a9cc01e8ce1746edbc3dbe0616403a9a1ab96b05403ac02b933fb90c0f089d99e0746d9efb1040897
+  data.tar.gz: a545727532511dbb469b0057b5160764442896f9c10d0705a43ce13b40b1bb4c55d3b40be3579449804b653a904cbf5e48ecbcbb6d38472f0ff8bde4d6f45497

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    i_am_i_can (3.0.0pre)
+    i_am_i_can (3.0.0)
       activerecord
       activesupport
       railties
@@ -53,6 +53,7 @@ GEM
     minitest (5.11.3)
     nokogiri (1.8.4)
       mini_portile2 (~> 2.3.0)
+    pg (1.0.0)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
@@ -109,6 +110,7 @@ DEPENDENCIES
   bundler (~> 1.16)
   database_cleaner
   i_am_i_can!
+  pg
   pry
   rake (~> 10.0)
   rspec (~> 3.0)

data/README.md

@@ -1,10 +1,11 @@
 # IAmICan
 
+[![Gem Version](https://badge.fury.io/rb/i_am_i_can.svg)](https://badge.fury.io/rb/i_am_i_can)
 [![Build Status](https://travis-ci.org/zhandao/i_am_i_can.svg?branch=master)](https://travis-ci.org/zhandao/i_am_i_can)
 [![Maintainability](https://api.codeclimate.com/v1/badges/27b664da01b6cc7180e3/maintainability)](https://codeclimate.com/github/zhandao/i_am_i_can/maintainability)
 [![Test Coverage](https://api.codeclimate.com/v1/badges/27b664da01b6cc7180e3/test_coverage)](https://codeclimate.com/github/zhandao/i_am_i_can/test_coverage)
 
-Concise and Natural DSL for `Subject - Role(Role Group) - Permission` Management.
+Concise and Natural DSL for `Subject - Role(Role Group) - Permission - Resource` Management (RBAC like).
 
 ```ruby
 # our Subject is People, and subject is he:
@@ -45,21 +46,32 @@ he.can? :perform, :magic # => true
 # Cancel Assignment
 he.falls_from :admin
 Roles.which(name: :coder).cannot :fly
+
+# Get allowed resources:
+Resource.that_allow(user).to(:manage) # => Active::Relation
 ```
 
 ## Concepts and Overview
 
 ### Definition and uniqueness of nouns
 
+0. Subject
+    - Someone who can be assigned roles, and who has permissions through the assigned roles.
+    - See wiki [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control)
 1. Role
-    - definition: TODO
-    - uniqueness: by `name`
-1. Role Group
-    - definition: TODO
-    - uniqueness: by `name`
-1. Permission
-    - definition: TODO
-    - uniqueness: by `predicate + object` (name)
+    - A job function that groups a series of permissions according to a certain dimension.
+    - Also see wiki [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control)
+    - Uniquely identified by `name`
+2. Role Group
+    - A group of roles that may have the same permissions.
+    - Uniquely identified by `name`
+3. Permission
+    - An action, or an approval of a mode of access to a resource
+    - Also see wiki [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control)
+    - Uniquely identified by `predicate( + object)` (name),
+      or we can say, `action( + resource)`
+4. Resource
+    - Polymorphic association with permissions
 
 
 ### In one word:
@@ -90,13 +102,13 @@ Roles.which(name: :coder).cannot :fly
     - the role or permission you want to assign **MUST** be defined before
     - option :auto_define_before (before assignment) you may need in some cases
     - class methods, like: `UserRoleGroup.have_permission :fly`
-    
+
 **Definition => Assignment => Querying**
-    
+
 ### Two Concepts of this gem
 
-1. Stored (save in database)
-2. Local (variable value)
+1. Stored (save in database) TODO
+2. Local (variable value) TODO
 
 [Feature List: needs you](https://github.com/zhandao/i_am_i_can/issues/2)
 
@@ -107,33 +119,40 @@ Roles.which(name: :coder).cannot :fly
     ```ruby
     gem 'i_am_i_can'
     ```
-    
+
 2. Generate migrations and models by your subject name:
     
     ```bash
     rails g i_am_i_can:setup <subject_name>
     ```
-    
+
     For example, if your subject name is `user`, it will generate
     model `UserRole`, `UserRoleGroup` and `UserPermission`
-    
-3. run `rails db:migrate`
 
-4. enable it in your subject model, like:
+3. Add the code returned by the generator to your subject model, like:
 
     ```ruby
     class User
-      act_as_i_am_i_can
+      has_and_belongs_to_many :stored_roles,
+                              join_table: 'users_and_user_roles', foreign_key: 'user_role_id', class_name: 'UserRole', association_foreign_key: 'user_id'
+   
+      act_as_subject
     end
     ```
-    
-    [here](#options) is some options you can pass to the declaration.
-    
+
+    [here](#config-options) is some options you can pass to the declaration.
+
+4. Run `rails db:migrate`
+
 That's all!
 
 ## Usage
 
-### Options
+### Customization
+
+1. association names TODO
+
+### Config Options
 
 TODO
 
@@ -423,6 +442,10 @@ user.is? :master # => true
 user.can? :read, :book # => true
 ```
 
+#### I. Resource Querying
+
+TODO
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/i_am_i_can.gemspec

@@ -9,8 +9,8 @@ Gem::Specification.new do |spec|
   spec.authors       = ["zhandao"]
   spec.email         = ["x@skippingcat.com"]
 
-  spec.summary       = 'Concise and Natural DSL for `Subject - Role(Role Group) - Permission` Management.'
-  spec.description   = 'Concise and Natural DSL for `Subject - Role(Role Group) - Permission` Management.'
+  spec.summary       = '(RBAC like) Concise and Natural DSL for `Subject - Role(Role Group) - Permission - Resource` Management.'
+  spec.description   = '(RBAC like) Concise and Natural DSL for `Subject - Role(Role Group) - Permission - Resource` Management.'
   spec.homepage      = 'https://github.com/zhandao/i_am_i_can'
   spec.license       = 'MIT'
 
@@ -26,6 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency 'rspec-rails'
   spec.add_development_dependency 'database_cleaner'
+  spec.add_development_dependency 'pg'
   spec.add_development_dependency 'simplecov'
   spec.add_development_dependency 'pry'
 

data/lib/generators/i_am_i_can/setup_generator.rb

@@ -12,45 +12,82 @@ module IAmICan
 
       source_root File.expand_path('../templates', __FILE__)
 
+      # TODO: more readable tips
       def questions
         @ii_opts = { }
-        unless yes?('Do you want to use role group?')
+        role_class = ask("Do you want to change the class name of the role model (defaults to [#{name_c}Role])? Press Enter or input your name:")
+        @ii_opts[:role_class] = role_class.blank? ? "#{name_c}Role" : role_class
+        pms_class = ask("Do you want to change the class name of the permission model (defaults to [#{name_c}Permission])? Press Enter or input your name:")
+        @ii_opts[:permission_class] = pms_class.blank? ? "#{name_c}Permission" : pms_class
+        if yes?('Do you want to use role group? y (default) / n')
+           group_class = ask("Do you want to change the class name of the role_group model (defaults to [#{name_c}RoleGroup])? Press Enter or input your name:")
+           @ii_opts[:role_group_class] = group_class.blank? ? "#{name_c}RoleGroup" : group_class
+        else
           @ii_opts[:without_group] = true
         end
-        unless yes?('Do yo want it to save role and permission to database by default?')
+
+        unless yes?('Do yo want it to save role and permission to database by default? y (default) / n')
           @ii_opts[:default_save] = false
         end
-        if yes?('Do you want it to raise error when you are doing wrong definition or assignment?')
+        # if @ii_opts[:default_save] != false && yes?('Don\'t you need **local** definition and assignment feature? y / n (default)')
+        #   TODO
+        # end
+        if yes?('Do you want it to raise error when you are doing wrong definition or assignment? y / n (default)')
           @ii_opts[:strict_mode] = true
         end
-        if yes?('Do you want it to define the role/permission which is not defined when assigning to subject?')
+        if yes?('Do you want it to auto define the role/permission which is not defined when assigning to subject? y / n (default)')
           @ii_opts[:auto_define_before] = true
         end
       end
 
       def setup_migrations
-        dest_prefix = 'db/migrate/i_am_i_can_'
-        migration_template 'migrations/add_to_subject.erb', "#{dest_prefix}add_role_ids_to_#{name.underscore}.rb"
-        migration_template 'migrations/role.erb', "#{dest_prefix}create_#{name.underscore}_roles.rb"
-        migration_template 'migrations/role_group.erb', "#{dest_prefix}create_#{name.underscore}_role_groups.rb" unless @ii_opts[:without_group]
-        migration_template 'migrations/permission.erb', "#{dest_prefix}create_#{name.underscore}_permissions.rb"
+        migration_template 'migrations/i_am_i_can.erb', "db/migrate/#{name_u}_am_#{name_u}_can.rb"
+      end
+
+      def setup_initializer
+        template 'initializers/i_am_i_can.erb', "config/initializers/#{name_u}_am_#{name_u}_can.rb"
       end
 
       def setup_models
-        template 'models/role.erb', "app/models/#{name.underscore}_role.rb"
-        template 'models/role_group.erb', "app/models/#{name.underscore}_role_group.rb" unless @ii_opts[:without_group]
-        template 'models/permission.erb', "app/models/#{name.underscore}_permission.rb"
+        template 'models/role.erb', "app/models/#{role_u}.rb"
+        template 'models/role_group.erb', "app/models/#{group_u}.rb" unless @ii_opts[:without_group]
+        template 'models/permission.erb', "app/models/#{permission_u}.rb"
       end
 
-      def tip
-        options = ' ' + @ii_opts.to_s[2..-2].gsub('=>', ': ').gsub(', :', ', ') if @ii_opts.keys.present?
-        puts 'Please add this line to your subject model:'.green
-        puts "    act_as_i_am_i_can#{options}".green
+      def tips
+        puts "    Add the code below to #{name_c}:".green
+        puts <<~TIPS
+          has_and_belongs_to_many :stored_roles,
+                                  join_table: '#{subj_role_tb}', foreign_key: '#{role_u}_id', class_name: '#{role_c}', association_foreign_key: '#{name_u}_id'
+
+          act_as_subject
+        TIPS
       end
 
       def self.next_migration_number(dirname)
         ActiveRecord::Generators::Base.next_migration_number(dirname)
       end
+
+      def name_c; name.camelize end
+      def name_u; name.underscore end
+      def name_up; name_u.pluralize end
+
+      def role_c; @ii_opts[:role_class] end
+      def role_u; @ii_opts[:role_class].underscore end
+      def role_up; @ii_opts[:role_class].underscore.pluralize end
+
+      def group_c; @ii_opts[:role_group_class] end
+      def group_u; @ii_opts[:role_group_class]&.underscore end
+      def group_up; @ii_opts[:role_group_class]&.underscore&.pluralize end
+
+      def permission_c; @ii_opts[:permission_class] end
+      def permission_u; @ii_opts[:permission_class].underscore end
+      def permission_up; @ii_opts[:permission_class].underscore.pluralize end
+
+      def subj_role_tb; name_up + '_and_' + role_up end
+      def group_role_tb; group_up + '_and_' + role_up end
+      def role_pms_tb; role_up + '_and_' + permission_up end
+      def group_pms_tb; group_up + '_and_' + permission_up end
     end
   end
 end

data/lib/generators/i_am_i_can/templates/initializers/i_am_i_can.erb

@@ -0,0 +1,8 @@
+IAmICan::Configs.set_for(subject: '<%= name_c %>',
+                         role: '<%= @ii_opts[:role_class] %>',
+                         permission: '<%= @ii_opts[:permission_class] %>'<% unless @ii_opts[:without_group] %>,
+                         role_group: '<%= @ii_opts[:role_group_class] %>'<% end %>) do |config|
+<% @ii_opts.except(:role_class, :permission_class, :role_group_class).each do |k, v| %>
+  <%= "config.#{k} = " %><%= v %>
+<% end %>
+end

data/lib/generators/i_am_i_can/templates/migrations/i_am_i_can.erb

@@ -0,0 +1,78 @@
+class <%= name_c %>Am<%= name_c %>Can < ActiveRecord::Migration::Current
+  def change
+    create_table :<%= role_up %>, force: :cascade do |t|
+      t.string  :name, null: false
+      t.string  :desc
+
+      t.timestamps
+    end
+
+    add_index :<%= role_up %>, :name,
+              unique: true, name: '<%= role_up %>_unique_index', using: :btree
+<% unless @ii_opts[:without_group] %>
+    create_table :<%= group_up %>, force: :cascade do |t|
+      t.string  :name, null: false
+      t.string  :desc
+
+      t.timestamps
+    end
+
+    add_index :<%= group_up %>, :name,
+              unique: true, name: '<%= group_up %>_unique_index', using: :btree
+<% end %>
+    create_table :<%= permission_up %>, force: :cascade do |t|
+      t.string  :pred,     null: false
+      t.string  :obj_type
+      t.integer :obj_id
+      t.string  :desc
+
+      t.timestamps
+    end
+
+    add_index :<%= permission_up %>, %i[ pred obj_type obj_id ],
+              unique: true, name: '<%= permission_up %>_unique_index', using: :btree
+
+    create_table :<%= subj_role_tb %>, id: false, force: :cascade do |t|
+      t.belongs_to :<%= name_u %>, null: false#, index: false
+      t.belongs_to :<%= role_u %>, null: false#, index: false
+    end
+
+    # add_index :<%= subj_role_tb %>, :<%= name_u %>_id, name: ':<%= subj_role_tb %>_index1'
+    # add_index :<%= subj_role_tb %>, :<%= role_u %>_id, name: ':<%= subj_role_tb %>_index2'
+    add_index :<%= subj_role_tb %>, [ :<%= name_u %>_id, :<%= role_u %>_id ],
+              unique: true, name: '<%= subj_role_tb %>_uniq_index'
+<% unless @ii_opts[:without_group] %>
+    create_table :<%= group_role_tb %>, id: false, force: :cascade do |t|
+      t.belongs_to :<%= group_u %>, null: false#, index: false
+      t.belongs_to :<%= role_u %>, null: false#, index: false
+    end
+
+    # add_index :<%= group_role_tb %>, :<%= group_u %>_id, name: '<%= group_role_tb %>_index1'
+    # add_index :<%= group_role_tb %>, :<%= role_u %>_id, name: '<%= group_role_tb %>_index2'
+    add_index :<%= group_role_tb %>, [ :<%= group_u %>_id, :<%= role_u %>_id ],
+              unique: true, name: '<%= group_role_tb %>_uniq_index'
+
+<% end %>
+    create_table :<%= role_pms_tb %>, id: false, force: :cascade do |t|
+      t.belongs_to :<%= role_u %>, null: false#, index: false
+      t.belongs_to :<%= permission_u %>, null: false#, index: false
+    end
+
+    # add_index :<%= role_pms_tb %>, :<%= role_u %>_id, name: '<%= role_pms_tb %>_index1'
+    # add_index :<%= role_pms_tb %>, :<%= permission_u %>_id, name: '<%= role_pms_tb %>_index2'
+    add_index :<%= role_pms_tb %>, [ :<%= role_u %>_id, :<%= permission_u %>_id ],
+              unique: true, name: '<%= role_pms_tb %>_uniq_index'
+<% unless @ii_opts[:without_group] %>
+    create_table :<%= group_pms_tb %>, id: false, force: :cascade do |t|
+      t.belongs_to :<%= group_u %>, null: false#, index: false
+      t.belongs_to :<%= permission_u %>, null: false#, index: false
+    end
+
+    # add_index :<%= group_pms_tb %>, :<%= group_u %>_id, name: '<%= group_pms_tb %>_index1'
+    # add_index :<%= group_pms_tb %>, :<%= permission_u %>_id, name: '<%= group_pms_tb %>_index2'
+    add_index :<%= group_pms_tb %>, [ :<%= group_u %>_id, :<%= permission_u %>_id ],
+              unique: true, name: '<%= group_pms_tb %>_uniq_index'
+
+<% end %>
+  end
+end

data/lib/generators/i_am_i_can/templates/models/permission.erb

@@ -1,4 +1,11 @@
-class <%= name.camelize %>Permission < ActiveRecord::Base
+class <%= permission_c %> < ActiveRecord::Base
+  has_and_belongs_to_many :related_roles,
+                          join_table: '<%= role_pms_tb %>', foreign_key: :<%= role_u %>_id, class_name: '<%= role_c %>', association_foreign_key: :<%= permission_u %>_id
+<% unless @ii_opts[:without_group] %>
+  has_and_belongs_to_many :related_role_groups,
+                          join_table: '<%= group_pms_tb %>', foreign_key: :<%= group_u %>_id, class_name: '<%= group_c %>', association_foreign_key: :<%= permission_u %>_id
+<% end %>
+  act_as_permission
 end
 
 __END__
@@ -8,4 +15,4 @@ __END__
   integer :obj_id
   string  :desc
 
-  index %i[pred obj_type obj_id], unique: true, name: 'permission_unique_index'
+  index %i[ pred obj_type obj_id ], unique: true

data/lib/generators/i_am_i_can/templates/models/role.erb

@@ -1,10 +1,21 @@
-class <%= name.camelize %>Role < ActiveRecord::Base
+class <%= role_c %> < ActiveRecord::Base
+  has_and_belongs_to_many :related_users,
+                          join_table: '<%= subj_role_tb %>', foreign_key: :<%= name_u %>_id, class_name: '<%= name_c %>', association_foreign_key: :<%= role_u %>_id
+<% unless @ii_opts[:without_group] %>
+  has_and_belongs_to_many :related_stored_groups,
+                          join_table: '<%= group_role_tb %>', foreign_key: :<%= group_u %>_id, class_name: '<%= group_c %>', association_foreign_key: :<%= role_u %>_id
+<% end %>
+  has_and_belongs_to_many :stored_permissions,
+                          join_table: '<%= role_pms_tb %>', foreign_key: :<%= permission_u %>_id, class_name: '<%= permission_c %>', association_foreign_key: :<%= role_u %>_id
+
+  act_as_role
+
+  # default_scope { with_stored_permissions }
 end
 
 __END__
 
-  string  :name,           null: false
-  integer :permission_ids, array: true, default: [ ]
+  string  :name, null: false
   string  :desc
 
-  index :name, unique: true, name: 'role_unique_index'
+  index :name, unique: true

data/lib/generators/i_am_i_can/templates/models/role_group.erb

@@ -1,11 +1,18 @@
-class <%= name.camelize %>RoleGroup < ActiveRecord::Base
+class RoleGroup < ActiveRecord::Base
+  has_and_belongs_to_many :stored_permissions,
+                          join_table: '<%= group_pms_tb %>', foreign_key: :<%= permission_u %>_id, class_name: '<%= permission_c %>', association_foreign_key: :<%= group_u %>_id
+
+  has_and_belongs_to_many :members,
+                          join_table: '<%= group_role_tb %>', foreign_key: :<%= role_u %>_id, class_name: '<%= role_c %>', association_foreign_key: :<%= group_u %>_id
+
+  act_as_role_group
+
+  # default_scope { with_members.with_stored_permissions) }
 end
 
 __END__
 
-  string  :name,           null: false
-  integer :member_ids,     array: true, default: [ ]
-  integer :permission_ids, array: true, default: [ ]
+  string  :name, null: false
   string  :desc
 
-  index :name, unique: true, name: 'role_group_unique_index'
+  index :name, unique: true

data/lib/i_am_i_can/configs/config.rb

@@ -0,0 +1,32 @@
+module IAmICan
+  module Configs
+    class Config
+      attr_accessor :subject_class, :role_class, :role_group_class, :permission_class,
+                    :auto_define_before, :strict_mode, :without_group, :default_save, :act
+
+      def initialize(*classes)
+        self.subject_class, self.role_class, self.permission_class, self.role_group_class = classes
+        self.auto_define_before = false
+        self.strict_mode = false
+        self.without_group = false
+        self.default_save = true
+      end
+
+      def subject_model
+        @subject_model ||= subject_class.constantize
+      end
+
+      def role_model
+        @role_model ||= role_class.constantize
+      end
+
+      def role_group_model
+        @role_group_model ||= role_group_class.constantize rescue nil
+      end
+
+      def permission_model
+        @permission_model ||= permission_class.constantize
+      end
+    end
+  end
+end

data/lib/i_am_i_can/configs/configs.rb

@@ -0,0 +1,29 @@
+require 'i_am_i_can/configs/config'
+
+module IAmICan
+  module Configs
+    cattr_accessor :configs do
+      { }
+    end
+
+    def self.set_for(subject:, role:, permission:, role_group: nil, &block)
+      config = Config.new(subject, role, permission, role_group)
+      config.instance_eval(&block)
+      configs.merge!(
+          subject => config.dup,
+          role => config.dup,
+          permission => config.dup,
+      )
+      configs.merge!(role_group => config.dup) if role_group
+      config
+    end
+
+    def self.get(class_name)
+      configs[class_name]
+    end
+
+    def self.take
+      configs.values.first
+    end
+  end
+end

data/lib/i_am_i_can/configurable.rb

@@ -0,0 +1,28 @@
+require 'i_am_i_can/configs/configs'
+
+module IAmICan
+  module Configurable
+    extend ActiveSupport::Concern
+
+    class_methods do
+      def i_am_i_can
+        Configs.get(self.name)
+      end
+
+      def _reflect_of(key)
+        _name = i_am_i_can.send("#{key}_class")
+        reflections.each do |name, reflection|
+          return name if reflection.class_name == _name
+        end; nil
+      end
+    end
+
+    included do
+      def i_am_i_can
+        Configs.get(self.class.name)
+      end
+
+      delegate :_reflect_of, to: self
+    end
+  end
+end

data/lib/i_am_i_can/dynamic_generate.rb

@@ -0,0 +1,95 @@
+module IAmICan
+  module DynamicGenerate
+    extend self
+
+    def scopes
+      # Generate scopes of each specified i_am_i_can association
+      #
+      # scope :with_stored_roles, -> { includes(:stored_roles) }
+      #
+      proc do |keys|
+        keys.each do |k|
+          scope :"with_#{_reflect_of(k)}", ->  { includes(_reflect_of(k)) }
+        end
+      end
+    end
+
+    def class_reflections
+      # Extend each associated querying to a class method that returns ActiveRecord::Relation
+      #
+      # Suppose: in UserRole model,
+      #   has_and_belongs_to_many :related_users
+      #
+      # It will do like this:
+      #   def self.related_users
+      #     i_am_i_can.subject_model.with_stored_roles.where(user_roles: { id: self.ids })
+      #   end
+      #
+      # Usage:
+      #   UserRole.all.related_users
+      #
+      proc do
+        %w[ subject role role_group permission ].each do |k|
+          next unless _reflect_of(k)
+          define_singleton_method _reflect_of(k) do
+            model = i_am_i_can.send("#{k}_model")
+            raise NoMethodError unless (reflect_name = model._reflect_of(i_am_i_can.act))
+            model.send("with_#{reflect_name}").where(
+                self.name.underscore.pluralize => { id: self.ids }
+            )
+          end
+        end
+      end
+    end
+
+    def assignment_helpers
+      # Generate 4 methods for each Content of Assignment
+      #
+      # Example for a subject model called User, which `has_and_belongs_to_many :stored_roles`.
+      # You call this proc by given contents [:role], then:
+      #
+      # 1. stored_roles_add
+      #   Add roles to a user instance
+      #
+      # 2. stored_roles_add
+      #   Remove roles to a user instance
+      #
+      # 3. stored_role_names
+      #   Get names of stored_roles of a user instance
+      #
+      # 4. self.stored_role_names
+      #   Get names of stored_roles of User ActiveRecord::Relation
+      #
+      proc do |contents|
+        contents.each do |content|
+          # TODO: refactoring
+          define_method "#{_reflect_of(content)}_add" do |locate_vals = nil, check_size: nil, **condition|
+            condition = { name: locate_vals } if locate_vals
+            assoc = send("_#{content.to_s.pluralize}")
+            records = i_am_i_can.send("#{content}_model").where(condition).where.not(id: assoc.ids)
+            # will return false if it does nothing
+            return false if records.blank? || (check_size && records.count != check_size)
+            assoc << records
+          end
+
+          define_method "#{_reflect_of(content)}_rmv" do |locate_vals = nil, check_size: nil, **condition|
+            condition = { name: locate_vals } if locate_vals
+            assoc = send("_#{content.to_s.pluralize}")
+            records = i_am_i_can.send("#{content}_model").where(id: assoc.ids, **condition)
+            # will return false if it does nothing
+            return false if records.blank? || (check_size && records.count != check_size)
+            assoc.destroy(records)
+          end
+
+          define_method "#{_reflect_of(content).to_s.singularize}_names" do
+            send("_#{content.to_s.pluralize}").map(&:name).map(&:to_sym)
+          end
+
+          define_singleton_method "#{_reflect_of(content).to_s.singularize}_names" do
+            all.flat_map { |user| user.send("#{_reflect_of(content).to_s.singularize}_name") }.uniq
+          end
+        end
+      end
+    end
+  end
+end