i_am_i_can 3.0.0pre → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -1
- data/README.md +46 -23
- data/i_am_i_can.gemspec +3 -2
- data/lib/generators/i_am_i_can/setup_generator.rb +53 -16
- data/lib/generators/i_am_i_can/templates/initializers/i_am_i_can.erb +8 -0
- data/lib/generators/i_am_i_can/templates/migrations/i_am_i_can.erb +78 -0
- data/lib/generators/i_am_i_can/templates/models/permission.erb +9 -2
- data/lib/generators/i_am_i_can/templates/models/role.erb +15 -4
- data/lib/generators/i_am_i_can/templates/models/role_group.erb +12 -5
- data/lib/i_am_i_can/configs/config.rb +32 -0
- data/lib/i_am_i_can/configs/configs.rb +29 -0
- data/lib/i_am_i_can/configurable.rb +28 -0
- data/lib/i_am_i_can/dynamic_generate.rb +95 -0
- data/lib/i_am_i_can/permission/assignment.rb +3 -18
- data/lib/i_am_i_can/permission/definition.rb +1 -21
- data/lib/i_am_i_can/permission/helpers.rb +35 -8
- data/lib/i_am_i_can/permission.rb +50 -50
- data/lib/i_am_i_can/reflection.rb +25 -0
- data/lib/i_am_i_can/resource.rb +29 -0
- data/lib/i_am_i_can/role/assignment.rb +2 -16
- data/lib/i_am_i_can/role/definition.rb +4 -46
- data/lib/i_am_i_can/role/helpers.rb +43 -5
- data/lib/i_am_i_can/role.rb +17 -0
- data/lib/i_am_i_can/subject/permission_querying.rb +4 -4
- data/lib/i_am_i_can/subject.rb +24 -0
- data/lib/i_am_i_can/version.rb +1 -1
- data/lib/i_am_i_can.rb +52 -35
- metadata +32 -12
- data/lib/generators/i_am_i_can/templates/migrations/add_to_subject.erb +0 -5
- data/lib/generators/i_am_i_can/templates/migrations/permission.erb +0 -15
- data/lib/generators/i_am_i_can/templates/migrations/role.erb +0 -13
- data/lib/generators/i_am_i_can/templates/migrations/role_group.erb +0 -14
- data/lib/i_am_i_can/config.rb +0 -14
data/lib/i_am_i_can.rb
CHANGED
|
@@ -3,52 +3,67 @@ require 'active_support/core_ext/object/inclusion'
|
|
|
3
3
|
require 'active_support/core_ext/hash/deep_merge'
|
|
4
4
|
|
|
5
5
|
require 'i_am_i_can/version'
|
|
6
|
-
require 'i_am_i_can/
|
|
7
|
-
require 'i_am_i_can/
|
|
8
|
-
require 'i_am_i_can/
|
|
6
|
+
require 'i_am_i_can/configurable'
|
|
7
|
+
require 'i_am_i_can/reflection'
|
|
8
|
+
require 'i_am_i_can/dynamic_generate'
|
|
9
|
+
require 'i_am_i_can/role'
|
|
9
10
|
require 'i_am_i_can/permission'
|
|
10
|
-
require 'i_am_i_can/
|
|
11
|
-
require 'i_am_i_can/
|
|
12
|
-
require 'i_am_i_can/subject/role_querying'
|
|
13
|
-
require 'i_am_i_can/subject/permission_querying'
|
|
11
|
+
require 'i_am_i_can/subject'
|
|
12
|
+
require 'i_am_i_can/resource'
|
|
14
13
|
|
|
15
14
|
module IAmICan
|
|
16
|
-
def
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
extend IAmICan::Role::Definition
|
|
31
|
-
include IAmICan::Role::Assignment
|
|
32
|
-
include IAmICan::Subject::RoleQuerying
|
|
33
|
-
|
|
34
|
-
permission_model.extend IAmICan::Permission
|
|
35
|
-
role_model.extend IAmICan::Permission::Definition
|
|
36
|
-
role_model.include IAmICan::Permission::Assignment
|
|
37
|
-
role_group_model&.extend IAmICan::Permission::Definition
|
|
38
|
-
role_group_model&.include IAmICan::Permission::Assignment
|
|
39
|
-
self.include IAmICan::Subject::PermissionQuerying
|
|
15
|
+
def act_as_subject
|
|
16
|
+
i_am_i_can.act = :subject
|
|
17
|
+
include Subject
|
|
18
|
+
|
|
19
|
+
extend Role::Definition
|
|
20
|
+
include Role::Assignment
|
|
21
|
+
include Subject::RoleQuerying
|
|
22
|
+
include Subject::PermissionQuerying
|
|
23
|
+
|
|
24
|
+
include Reflection
|
|
25
|
+
instance_exec(%i[ role ], &DynamicGenerate.scopes)
|
|
26
|
+
instance_exec(&DynamicGenerate.class_reflections)
|
|
27
|
+
instance_exec(%i[ role ], &DynamicGenerate.assignment_helpers)
|
|
40
28
|
end
|
|
41
29
|
|
|
42
30
|
def act_as_role
|
|
43
|
-
|
|
31
|
+
i_am_i_can.act = :role
|
|
32
|
+
include Role
|
|
33
|
+
|
|
34
|
+
extend Permission::Definition
|
|
35
|
+
include Permission::Assignment
|
|
36
|
+
|
|
37
|
+
include Reflection
|
|
38
|
+
instance_exec(%i[ subject role_group permission ], &DynamicGenerate.scopes)
|
|
39
|
+
instance_exec(&DynamicGenerate.class_reflections)
|
|
40
|
+
instance_exec(%i[ permission ], &DynamicGenerate.assignment_helpers)
|
|
44
41
|
end
|
|
45
42
|
|
|
46
43
|
def act_as_role_group
|
|
47
|
-
|
|
44
|
+
i_am_i_can.act = :role_group
|
|
45
|
+
include Role
|
|
46
|
+
|
|
47
|
+
extend Permission::Definition
|
|
48
|
+
include Permission::Assignment
|
|
49
|
+
|
|
50
|
+
include Reflection
|
|
51
|
+
instance_exec(%i[ permission role ], &DynamicGenerate.scopes)
|
|
52
|
+
instance_exec(&DynamicGenerate.class_reflections)
|
|
53
|
+
instance_exec(%i[ role permission ], &DynamicGenerate.assignment_helpers)
|
|
48
54
|
end
|
|
49
55
|
|
|
50
56
|
def act_as_permission
|
|
51
|
-
|
|
57
|
+
i_am_i_can.act = :permission
|
|
58
|
+
include Permission
|
|
59
|
+
|
|
60
|
+
include Reflection
|
|
61
|
+
instance_exec(%i[ role role_group ], &DynamicGenerate.scopes)
|
|
62
|
+
instance_exec(&DynamicGenerate.class_reflections)
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def act_as_allowed_resource
|
|
66
|
+
include Resource
|
|
52
67
|
end
|
|
53
68
|
|
|
54
69
|
class Error < StandardError; end
|
|
@@ -56,4 +71,6 @@ module IAmICan
|
|
|
56
71
|
class InsufficientPermission < Error; end
|
|
57
72
|
end
|
|
58
73
|
|
|
59
|
-
ActiveRecord::Base.
|
|
74
|
+
ActiveRecord::Base.include IAmICan::Configurable
|
|
75
|
+
ActiveRecord::Base.extend IAmICan
|
|
76
|
+
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: i_am_i_can
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- zhandao
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -80,6 +80,20 @@ dependencies:
|
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0'
|
|
83
|
+
- !ruby/object:Gem::Dependency
|
|
84
|
+
name: pg
|
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
|
86
|
+
requirements:
|
|
87
|
+
- - ">="
|
|
88
|
+
- !ruby/object:Gem::Version
|
|
89
|
+
version: '0'
|
|
90
|
+
type: :development
|
|
91
|
+
prerelease: false
|
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
93
|
+
requirements:
|
|
94
|
+
- - ">="
|
|
95
|
+
- !ruby/object:Gem::Version
|
|
96
|
+
version: '0'
|
|
83
97
|
- !ruby/object:Gem::Dependency
|
|
84
98
|
name: simplecov
|
|
85
99
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -150,8 +164,8 @@ dependencies:
|
|
|
150
164
|
- - ">="
|
|
151
165
|
- !ruby/object:Gem::Version
|
|
152
166
|
version: '0'
|
|
153
|
-
description: Concise and Natural DSL for `Subject - Role(Role Group)
|
|
154
|
-
Management.
|
|
167
|
+
description: "(RBAC like) Concise and Natural DSL for `Subject - Role(Role Group)
|
|
168
|
+
- Permission - Resource` Management."
|
|
155
169
|
email:
|
|
156
170
|
- x@skippingcat.com
|
|
157
171
|
executables: []
|
|
@@ -174,23 +188,28 @@ files:
|
|
|
174
188
|
- bin/setup
|
|
175
189
|
- i_am_i_can.gemspec
|
|
176
190
|
- lib/generators/i_am_i_can/setup_generator.rb
|
|
177
|
-
- lib/generators/i_am_i_can/templates/
|
|
178
|
-
- lib/generators/i_am_i_can/templates/migrations/
|
|
179
|
-
- lib/generators/i_am_i_can/templates/migrations/role.erb
|
|
180
|
-
- lib/generators/i_am_i_can/templates/migrations/role_group.erb
|
|
191
|
+
- lib/generators/i_am_i_can/templates/initializers/i_am_i_can.erb
|
|
192
|
+
- lib/generators/i_am_i_can/templates/migrations/i_am_i_can.erb
|
|
181
193
|
- lib/generators/i_am_i_can/templates/models/permission.erb
|
|
182
194
|
- lib/generators/i_am_i_can/templates/models/role.erb
|
|
183
195
|
- lib/generators/i_am_i_can/templates/models/role_group.erb
|
|
184
196
|
- lib/i_am_i_can.rb
|
|
185
|
-
- lib/i_am_i_can/config.rb
|
|
197
|
+
- lib/i_am_i_can/configs/config.rb
|
|
198
|
+
- lib/i_am_i_can/configs/configs.rb
|
|
199
|
+
- lib/i_am_i_can/configurable.rb
|
|
200
|
+
- lib/i_am_i_can/dynamic_generate.rb
|
|
186
201
|
- lib/i_am_i_can/permission.rb
|
|
187
202
|
- lib/i_am_i_can/permission/assignment.rb
|
|
188
203
|
- lib/i_am_i_can/permission/definition.rb
|
|
189
204
|
- lib/i_am_i_can/permission/helpers.rb
|
|
190
205
|
- lib/i_am_i_can/permission/p_array.rb
|
|
206
|
+
- lib/i_am_i_can/reflection.rb
|
|
207
|
+
- lib/i_am_i_can/resource.rb
|
|
208
|
+
- lib/i_am_i_can/role.rb
|
|
191
209
|
- lib/i_am_i_can/role/assignment.rb
|
|
192
210
|
- lib/i_am_i_can/role/definition.rb
|
|
193
211
|
- lib/i_am_i_can/role/helpers.rb
|
|
212
|
+
- lib/i_am_i_can/subject.rb
|
|
194
213
|
- lib/i_am_i_can/subject/permission_querying.rb
|
|
195
214
|
- lib/i_am_i_can/subject/role_querying.rb
|
|
196
215
|
- lib/i_am_i_can/version.rb
|
|
@@ -209,13 +228,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
209
228
|
version: '0'
|
|
210
229
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
211
230
|
requirements:
|
|
212
|
-
- - "
|
|
231
|
+
- - ">="
|
|
213
232
|
- !ruby/object:Gem::Version
|
|
214
|
-
version:
|
|
233
|
+
version: '0'
|
|
215
234
|
requirements: []
|
|
216
235
|
rubyforge_project:
|
|
217
236
|
rubygems_version: 2.6.12
|
|
218
237
|
signing_key:
|
|
219
238
|
specification_version: 4
|
|
220
|
-
summary: Concise and Natural DSL for `Subject - Role(Role Group) - Permission
|
|
239
|
+
summary: "(RBAC like) Concise and Natural DSL for `Subject - Role(Role Group) - Permission
|
|
240
|
+
- Resource` Management."
|
|
221
241
|
test_files: []
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
class IAmICanCreate<%= "#{name.underscore}_permissions".camelize %> < ActiveRecord::Migration::Current
|
|
2
|
-
def change
|
|
3
|
-
create_table :<%= "#{name.underscore}_permissions" %>, force: :cascade do |t|
|
|
4
|
-
t.string :pred, null: false
|
|
5
|
-
t.string :obj_type
|
|
6
|
-
t.integer :obj_id
|
|
7
|
-
t.string :desc
|
|
8
|
-
|
|
9
|
-
t.timestamps
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
add_index :<%= "#{name.underscore}_permissions" %>, %i[pred obj_type obj_id],
|
|
13
|
-
unique: true, name: 'permission_unique_index', using: :btree
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
class IAmICanCreate<%= "#{name.underscore}_roles".camelize %> < ActiveRecord::Migration::Current
|
|
2
|
-
def change
|
|
3
|
-
create_table :<%= "#{name.underscore}_roles" %>, force: :cascade do |t|
|
|
4
|
-
t.string :name, null: false
|
|
5
|
-
t.integer :permission_ids, array: true, default: [ ]
|
|
6
|
-
t.string :desc
|
|
7
|
-
|
|
8
|
-
t.timestamps
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
add_index :<%= "#{name.underscore}_roles" %>, :name, unique: true, name: 'role_unique_index', using: :btree
|
|
12
|
-
end
|
|
13
|
-
end
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
class IAmICanCreate<%= "#{name.underscore}_role_groups".camelize %> < ActiveRecord::Migration::Current
|
|
2
|
-
def change
|
|
3
|
-
create_table :<%= "#{name.underscore}_role_groups" %>, force: :cascade do |t|
|
|
4
|
-
t.string :name, null: false
|
|
5
|
-
t.integer :member_ids, array: true, default: [ ]
|
|
6
|
-
t.integer :permission_ids, array: true, default: [ ]
|
|
7
|
-
t.string :desc
|
|
8
|
-
|
|
9
|
-
t.timestamps
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
add_index :<%= "#{name.underscore}_role_groups" %>, :name, unique: true, name: 'role_group_unique_index', using: :btree
|
|
13
|
-
end
|
|
14
|
-
end
|
data/lib/i_am_i_can/config.rb
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
module IAmICan
|
|
2
|
-
class Config
|
|
3
|
-
attr_accessor :subject_model, :role_model, :role_group_model, :permission_model,
|
|
4
|
-
:auto_define_before, :strict_mode, :without_group, :default_save
|
|
5
|
-
|
|
6
|
-
def initialize(**options)
|
|
7
|
-
self.auto_define_before = false
|
|
8
|
-
self.strict_mode = false
|
|
9
|
-
self.without_group = false
|
|
10
|
-
self.default_save = true
|
|
11
|
-
options.each { |(key, val)| self.send("#{key}=", val) }
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
end
|