i_am_i_can 3.0.1 → 4.0.0

data/lib/i_am_i_can/role/definition.rb

@@ -1,58 +1,28 @@
-require 'i_am_i_can/role/helpers'
-
 module IAmICan
   module Role
     module Definition
-      include Helpers::Cls
-
-      def have_role *names, desc: nil, save: i_am_i_can.default_save, which_can: [ ], obj: nil
-        failed_items, preds = [ ], which_can
-
-        names.each do |name|
-          description = desc || name.to_s.humanize
-          if save
-            next failed_items << name unless _to_store_role(name, desc: description)
-            i_am_i_can.role_model.which(name: name).can *preds, obj: obj, auto_define_before: true, strict_mode: true if which_can.present?
-          else
-            next failed_items << name if defined_local_roles.key?(name)
-            defined_local_roles[name] ||= { desc: description, permissions: [ ] }
-            local_role_which(name: name, can: preds, obj: obj, auto_define_before: true, strict_mode: true) if which_can.present?
-          end
-        end
-
-        _role_definition_result(names, failed_items)
-      end
-
-      alias have_roles have_role
-      alias has_role   have_role
-      alias has_roles  have_role
-
-      def declare_role *names, **options
-        have_role *names, save: false, **options
-      end
-
-      alias declare_roles has_role
+      def have_role *roles, which_can: [ ], obj: nil
+        return unless roles.first.class.in?([ Symbol, String ])
+        roles.map!(&:to_sym) ; i = i_am_i_can
+        definition = _create_roles(roles.map { |role| { name: role } })
 
-      def group_roles *members, by_name:, which_can: [ ], obj: nil
-        raise Error, 'Some of members have not been defined' unless (members - defined_stored_role_names).empty?
-        raise Error, "Given name #{by_name} has been used by a role" if i_am_i_can.role_model.exists?(name: by_name)
-        i_am_i_can.role_group_model.find_or_create_by!(name: by_name).members_add(members)
+        Role.modeling(roles, i).each { |r| r.can *which_can, obj: obj, auto_definition: true } if which_can.present?
+        ResultOf.roles definition, i, given: roles
       end
 
-      alias group_role   group_roles
-      alias groups_role  group_roles
-      alias groups_roles group_roles
-
-      def have_and_group_roles *members, by_name:
-        has_roles *members
-        group_roles *members, by_name: by_name
-      end
+      %i[ have_roles has_role has_roles ].each { |aname| alias_method aname, :have_role }
+    end
 
-      alias has_and_groups_roles have_and_group_roles
+    def self.modeling(objs, i_am_i_can)
+      return objs if objs.first.is_a?(i_am_i_can.role_model)
+      objs.map { |obj| i_am_i_can.role_model.where(name: obj).first_or_initialize }
+    end
 
-      def self.extended(kls)
-        kls.delegate :defined_local_roles, :defined_stored_roles, :defined_roles, to: kls
-      end
+    def self.extract(param_roles, i_am_i_can)
+      roles = param_roles.group_by(&:class)
+      instances = roles[i_am_i_can.role_model] || []
+      names = roles.values_at(Symbol, String).flatten.compact.uniq.map(&:to_sym)
+      [ instances, names ]
     end
   end
 end

data/lib/i_am_i_can/role.rb

@@ -1,5 +1,7 @@
 require 'i_am_i_can/role/definition'
 require 'i_am_i_can/role/assignment'
+require 'i_am_i_can/role_group/definition'
+require 'i_am_i_can/role_group/assignment'
 
 module IAmICan
   module Role
@@ -9,9 +11,21 @@ module IAmICan
       def which(name:, **conditions)
         find_by!(name: name, **conditions)
       end
+
+      def names
+        self.pluck(:name).map(&:to_sym)
+      end
     end
 
     included do
+      # def attributes
+      #   super.symbolize_keys
+      # end
+
+      # `can? :manage, User` / `can? :manage, obj: User`
+      def can? action, o = nil, obj: o
+        _permissions.matched?(action, obj)
+      end
     end
   end
 end

data/lib/i_am_i_can/role_group/assignment.rb

@@ -0,0 +1,6 @@
+module IAmICan
+  module RoleGroup
+    module Assignment
+    end
+  end
+end

data/lib/i_am_i_can/role_group/definition.rb

@@ -0,0 +1,25 @@
+module IAmICan
+  module RoleGroup
+    module Definition
+      def group_roles *members, by_name:, which_can: [ ], obj: nil
+        group = (i = i_am_i_can).role_group_model.where(name: by_name).first_or_create
+        instances, names = Role.extract(members, i)
+        assignment = group._members_exec(:assignment, instances, name: names)
+        ResultOf.members assignment, i, given: [instances, names]
+      end
+
+      %i[ group_role groups_role groups_roles ].each { |aname| alias_method aname, :group_roles }
+
+      def remove_roles *members, from: nil
+        # TODO
+      end
+
+      def have_and_group_roles *members, by_name:
+        have_roles *members
+        group_roles *members, by_name: by_name
+      end
+
+      alias has_and_groups_roles have_and_group_roles
+    end
+  end
+end

data/lib/i_am_i_can/subject/permission_querying.rb

@@ -1,68 +1,56 @@
 module IAmICan
   module Subject
     module PermissionQuerying
-      def can? pred, obj0 = nil, obj: nil, without_group: false
-        obj = obj0 || obj
-        return true if temporarily_can?(pred, obj)
-        return true if stored_can?(pred, obj)
-        group_can?(pred, obj, without_group)
+      # TODO: without: :group
+      def can? action, o = nil, obj: o, without_group: false
+        temporarily_can?(action, obj) ||
+            stored_can?(action, obj) ||
+            group_can?(action, obj, without_group)
       end
 
-      def cannot? pred, obj0 = nil, obj: nil
-        !can? pred, obj0, obj: obj
+      def cannot? action, o = nil, obj: o
+        !can? action, obj
       end
 
-      def can! pred, obj0 = nil, obj: nil
-        raise InsufficientPermission if cannot? pred, obj0, obj: obj
+      def can! action, o = nil, obj: o
+        raise InsufficientPermission if cannot? action, obj
         true
       end
 
-      def can_each? preds, obj0 = nil, obj: nil
-        preds.each { |pred| return false if cannot? pred, obj0, obj: obj } && true
+      def can_one_of? actions, o = nil, obj: o
+        can? actions, obj
       end
 
-      alias can_every? can_each?
-
-      def can_each! preds, obj0 = nil, obj: nil
-        preds.each { |pred| can! pred, obj0, obj: obj } && true
-      end
-
-      alias can_every! can_each!
-
-      def can_one_of? preds, obj0 = nil, obj: nil
-        preds.each { |pred| return true if can? pred, obj0, obj: obj } && false
-      end
-
-      def can_one_of! preds, obj0 = nil, obj: nil
-        raise InsufficientPermission unless can_one_of? preds, obj0, obj: obj
+      def can_one_of! actions, o = nil, obj: o
+        raise InsufficientPermission unless can_one_of? actions, obj
         true
       end
 
-      def temporarily_can? pred, obj
-        i_am_i_can.permission_model.matched?(pred: pred, obj: obj, in: permissions_of_local_roles)
+      def can_each? actions, o = nil, obj: o
+        # TODO: using `matched_all?`
+        actions.each { |action| return false if cannot? action, obj } && true
       end
 
-      alias locally_can? temporarily_can?
+      alias can_every? can_each?
 
-      def stored_can? pred, obj
-        i_am_i_can.permission_model.matched?(pred: pred, obj: obj, in: permissions_of_stored_roles)
+      def can_each! actions, o = nil, obj: o
+        actions.each { |action| can! action, obj } && true
       end
 
-      def group_can? pred, obj, without_group = false
-        return false if without_group || i_am_i_can.without_group
-        i_am_i_can.permission_model.matched?(pred: pred, obj: obj, in: permissions_of_role_groups)
-      end
+      alias can_every! can_each!
 
-      def permissions_of_stored_roles
-        stored_roles.stored_permissions.map(&:name)
+      def temporarily_can? action, obj
+        return false if temporary_roles.blank?
+        valid_temporary_roles._permissions.matched?(action, obj)
       end
 
-      def permissions_of_role_groups
-        stored_roles.related_role_groups.stored_permissions.map(&:name)
+      def stored_can? action, obj
+        _roles._permissions.matched?(action, obj)
       end
 
-      def permissions_of_local_roles
-        local_roles.map { |(name, info)| info[:permissions] }.flatten.uniq
+      def group_can? action, obj, without_group = false
+        return false if without_group || i_am_i_can.without_group
+        _roles._role_groups._permissions.matched?(action, obj)
       end
     end
   end

data/lib/i_am_i_can/subject/role_querying.rb

@@ -4,8 +4,8 @@ module IAmICan
 
       # === Role Querying ===
 
-      def is? role
-        role.to_sym.in?(local_role_names) || role.to_sym.in?(stored_role_names)
+      def is? role_name
+        roles.find_by(name: role_name).present?
       end
 
       alias is_role?  is?
@@ -23,8 +23,8 @@ module IAmICan
       alias is_role!  is!
       alias has_role! is!
 
-      def is_one_of? *roles
-        roles.each { |role| return true if is? role } && false
+      def is_one_of? *role_names
+        roles.where(name: role_names).present?
       end
 
       alias is_one_of_roles? is_one_of?
@@ -35,8 +35,8 @@ module IAmICan
 
       alias is_one_of_roles! is_one_of!
 
-      def is_every? *roles
-        roles.each { |role| return false if isnt? role } && true
+      def is_every? *role_names
+        roles.where(name: role_names).count == role_names.count
       end
 
       alias is_every_role_in? is_every?
@@ -50,8 +50,8 @@ module IAmICan
       # === Group Querying ===
 
       def is_in_role_group? name
-        group_members = self.class.members_of_role_group(name)
-        (roles & group_members).present?
+        group_members = i_am_i_can.role_group_model.find_by!(name: name)._roles.names
+        (roles.names & group_members).present?
       end
 
       alias in_role_group? is_in_role_group?

data/lib/i_am_i_can/subject.rb

@@ -6,16 +6,6 @@ module IAmICan
     extend ActiveSupport::Concern
 
     class_methods do
-      # permission assignment locally for local role
-      # User.local_role_which(name: :admin, can: :fly)
-      #   same effect to: UserRole.new(name: :admin).temporarily_can :fly
-      def local_role_which(name:, can:, obj: nil, **options)
-        i_am_i_can.role_model.new(name: name).temporarily_can *Array(can), obj: obj, **options
-      end
-
-      def members_of_role_group name
-        i_am_i_can.role_group_model.find_by!(name: name).member_names.sort
-      end
     end
 
     included do

data/lib/i_am_i_can/support/association_class_methods.rb

@@ -0,0 +1,43 @@
+module IAmICan
+  module Association_ClassMethods
+    def has_many_temporary_roles(name: nil)
+      define_method :temporary_roles do
+        @temporary_roles ||= [ ]
+      end
+      #
+      alias_method name, :temporary_roles if name
+
+      define_method :valid_temporary_roles do
+        i_am_i_can.role_model.where(id: temporary_roles.map(&:id))
+      end
+
+      raise "Do not set the role association name to `roles` in #{self.class.name} model" if respond_to?(:roles)
+      define_method :roles do
+        ids = (temporary_roles.map(&:id) + _roles.ids).uniq
+        i_am_i_can.role_model.where(id: ids)
+      end
+
+      define_method :temporary_role_names do
+        temporary_roles.map(&:name).map(&:to_sym)
+      end
+      #
+      alias_method "#{name.to_s.singularize}_names", :temporary_role_names if name
+
+      define_method :_temporary_roles_add do |names|
+        names -= temporary_role_names
+        temporary_roles.concat(roles = i_am_i_can.role_model.where(name: names))
+        roles.names
+      end
+
+      define_method :_temporary_roles_rmv do |names|
+        (names & temporary_role_names).each do |n|
+          temporary_roles.reject! { |i| i.name.to_sym == n }
+        end
+      end
+
+      define_method :_temporary_roles_exec do |action = :assignment, names|
+        send('_temporary_roles_' + (action == :assignment ? 'add' : 'rmv'), names)
+      end
+    end
+  end
+end

data/lib/i_am_i_can/{configurable.rb → support/configurable.rb}

@@ -8,13 +8,6 @@ module IAmICan
       def i_am_i_can
         Configs.get(self.name)
       end
-
-      def _reflect_of(key)
-        _name = i_am_i_can.send("#{key}_class")
-        reflections.each do |name, reflection|
-          return name if reflection.class_name == _name
-        end; nil
-      end
     end
 
     included do

data/lib/i_am_i_can/support/reflection.rb

@@ -0,0 +1,36 @@
+module IAmICan
+  module Reflection
+    extend ActiveSupport::Concern
+
+    class_methods do
+      def _reflect_of(key)
+        _name = i_am_i_can.send("#{key}_class")
+        reflections.each do |name, reflection|
+          return name if reflection.class_name == _name
+        end; nil
+      end
+
+      %w[ subjects roles role_groups permissions ].each do |k|
+        # User.__roles => 'stored_roles'
+        define_method "__#{k}" do
+          instance_variable_get(:"@__#{k}") or
+              instance_variable_set(:"@__#{k}", _reflect_of(k.singularize))
+        end
+
+        # User.all._roles == User.all.stored_roles
+        define_method "_#{k}" do
+          send(send("__#{k}")) rescue (raise NoMethodError)
+        end
+      end
+    end
+
+    included do
+      # user._roles => Association CollectionProxy, same as: `user.stored_roles`
+      %w[ subjects roles role_groups permissions ].each do |k|
+        define_method "_#{k}" do
+          send(self.class.send("__#{k}")) rescue (raise NoMethodError)
+        end
+      end
+    end
+  end
+end

data/lib/i_am_i_can/version.rb

@@ -1,3 +1,3 @@
 module IAmICan
-  VERSION = '3.0.1'
+  VERSION = '4.0.0'
 end

data/lib/i_am_i_can.rb

@@ -3,9 +3,11 @@ require 'active_support/core_ext/object/inclusion'
 require 'active_support/core_ext/hash/deep_merge'
 
 require 'i_am_i_can/version'
-require 'i_am_i_can/configurable'
-require 'i_am_i_can/reflection'
-require 'i_am_i_can/dynamic_generate'
+require 'i_am_i_can/support/association_class_methods'
+require 'i_am_i_can/support/configurable'
+require 'i_am_i_can/support/reflection'
+require 'i_am_i_can/helpers/result_of'
+require 'i_am_i_can/helpers/dynamic'
 require 'i_am_i_can/role'
 require 'i_am_i_can/permission'
 require 'i_am_i_can/subject'
@@ -18,13 +20,15 @@ module IAmICan
 
     extend  Role::Definition
     include Role::Assignment
+    extend  RoleGroup::Definition
     include Subject::RoleQuerying
     include Subject::PermissionQuerying
 
     include Reflection
-    instance_exec(%i[ role ], &DynamicGenerate.scopes)
-    instance_exec(&DynamicGenerate.class_reflections)
-    instance_exec(%i[ role ], &DynamicGenerate.assignment_helpers)
+    instance_exec(%i[ role ], &Dynamic.scopes)
+    instance_exec(&Dynamic.class_reflections)
+    instance_exec(%w[ role ], &Dynamic.assignment_helpers)
+    instance_exec(%w[ role ], &Dynamic.definition_helpers)
   end
 
   def acts_as_role
@@ -35,22 +39,31 @@ module IAmICan
     include Permission::Assignment
 
     include Reflection
-    instance_exec(%i[ subject role_group permission ], &DynamicGenerate.scopes)
-    instance_exec(&DynamicGenerate.class_reflections)
-    instance_exec(%i[ permission ], &DynamicGenerate.assignment_helpers)
+    instance_exec(%i[ subject role_group permission ], &Dynamic.scopes)
+    instance_exec(&Dynamic.class_reflections)
+    instance_exec(%w[ permission ], &Dynamic.assignment_helpers)
+    instance_exec(%w[ permission ], &Dynamic.definition_helpers)
+
+    before_create { self.remarks ||= name.to_s.humanize }
+    validates :name, uniqueness: true
   end
 
   def acts_as_role_group
     i_am_i_can.act = :role_group
     include Role
+    # include RoleGroup
 
     extend  Permission::Definition
     include Permission::Assignment
 
     include Reflection
-    instance_exec(%i[ permission role ], &DynamicGenerate.scopes)
-    instance_exec(&DynamicGenerate.class_reflections)
-    instance_exec(%i[ role permission ], &DynamicGenerate.assignment_helpers)
+    instance_exec(%i[ permission role ], &Dynamic.scopes)
+    instance_exec(&Dynamic.class_reflections)
+    instance_exec(%w[ role permission ], &Dynamic.assignment_helpers)
+    instance_exec(%w[ permission ], &Dynamic.definition_helpers)
+
+    before_create { self.remarks ||= name.to_s.humanize }
+    validates :name, uniqueness: true
   end
 
   def acts_as_permission
@@ -58,19 +71,23 @@ module IAmICan
     include Permission
 
     include Reflection
-    instance_exec(%i[ role role_group ], &DynamicGenerate.scopes)
-    instance_exec(&DynamicGenerate.class_reflections)
+    instance_exec(%i[ role role_group ], &Dynamic.scopes)
+    instance_exec(&Dynamic.class_reflections)
+
+    before_create { self.remarks ||= name.to_s.humanize }
+    validates :action, uniqueness: { scope: %i[ obj_type obj_id ] }
   end
 
   def acts_as_allowed_resource
     include Resource
   end
 
-  class Error < StandardError;          end
-  class VerificationFailed < Error;     end
+  class Error                  < StandardError;  end
+  class VerificationFailed     < Error; end
   class InsufficientPermission < Error; end
 end
 
 ActiveRecord::Base.include IAmICan::Configurable
+ActiveRecord::Base.extend  IAmICan::Association_ClassMethods
 ActiveRecord::Base.extend  IAmICan
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: i_am_i_can
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 4.0.0
 platform: ruby
 authors:
 - zhandao
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-10-24 00:00:00.000000000 Z
+date: 2018-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -180,7 +180,6 @@ files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -196,22 +195,23 @@ files:
 - lib/i_am_i_can.rb
 - lib/i_am_i_can/configs/config.rb
 - lib/i_am_i_can/configs/configs.rb
-- lib/i_am_i_can/configurable.rb
-- lib/i_am_i_can/dynamic_generate.rb
+- lib/i_am_i_can/helpers/dynamic.rb
+- lib/i_am_i_can/helpers/result_of.rb
 - lib/i_am_i_can/permission.rb
 - lib/i_am_i_can/permission/assignment.rb
 - lib/i_am_i_can/permission/definition.rb
-- lib/i_am_i_can/permission/helpers.rb
-- lib/i_am_i_can/permission/p_array.rb
-- lib/i_am_i_can/reflection.rb
 - lib/i_am_i_can/resource.rb
 - lib/i_am_i_can/role.rb
 - lib/i_am_i_can/role/assignment.rb
 - lib/i_am_i_can/role/definition.rb
-- lib/i_am_i_can/role/helpers.rb
+- lib/i_am_i_can/role_group/assignment.rb
+- lib/i_am_i_can/role_group/definition.rb
 - lib/i_am_i_can/subject.rb
 - lib/i_am_i_can/subject/permission_querying.rb
 - lib/i_am_i_can/subject/role_querying.rb
+- lib/i_am_i_can/support/association_class_methods.rb
+- lib/i_am_i_can/support/configurable.rb
+- lib/i_am_i_can/support/reflection.rb
 - lib/i_am_i_can/version.rb
 homepage: https://github.com/zhandao/i_am_i_can
 licenses:

data/Gemfile.lock

@@ -1,121 +0,0 @@
-PATH
-  remote: .
-  specs:
-    i_am_i_can (3.0.1)
-      activerecord
-      activesupport
-      railties
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actionpack (5.2.1)
-      actionview (= 5.2.1)
-      activesupport (= 5.2.1)
-      rack (~> 2.0)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.1)
-      activesupport (= 5.2.1)
-      builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activemodel (5.2.1)
-      activesupport (= 5.2.1)
-    activerecord (5.2.1)
-      activemodel (= 5.2.1)
-      activesupport (= 5.2.1)
-      arel (>= 9.0)
-    activesupport (5.2.1)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    arel (9.0.0)
-    builder (3.2.3)
-    coderay (1.1.2)
-    concurrent-ruby (1.0.5)
-    crass (1.0.4)
-    database_cleaner (1.7.0)
-    diff-lcs (1.3)
-    docile (1.3.0)
-    erubi (1.7.1)
-    i18n (1.1.0)
-      concurrent-ruby (~> 1.0)
-    json (2.1.0)
-    loofah (2.2.2)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    method_source (0.9.0)
-    mini_portile2 (2.3.0)
-    minitest (5.11.3)
-    nokogiri (1.8.4)
-      mini_portile2 (~> 2.3.0)
-    pg (1.0.0)
-    pry (0.11.3)
-      coderay (~> 1.1.0)
-      method_source (~> 0.9.0)
-    rack (2.0.5)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.4)
-      loofah (~> 2.2, >= 2.2.2)
-    railties (5.2.1)
-      actionpack (= 5.2.1)
-      activesupport (= 5.2.1)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.19.0, < 2.0)
-    rake (10.5.0)
-    rspec (3.7.0)
-      rspec-core (~> 3.7.0)
-      rspec-expectations (~> 3.7.0)
-      rspec-mocks (~> 3.7.0)
-    rspec-core (3.7.1)
-      rspec-support (~> 3.7.0)
-    rspec-expectations (3.7.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
-    rspec-mocks (3.7.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
-    rspec-rails (3.7.2)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 3.7.0)
-      rspec-expectations (~> 3.7.0)
-      rspec-mocks (~> 3.7.0)
-      rspec-support (~> 3.7.0)
-    rspec-support (3.7.1)
-    simplecov (0.16.1)
-      docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    thor (0.20.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.5)
-      thread_safe (~> 0.1)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 1.16)
-  database_cleaner
-  i_am_i_can!
-  pg
-  pry
-  rake (~> 10.0)
-  rspec (~> 3.0)
-  rspec-rails
-  simplecov
-
-BUNDLED WITH
-   1.16.6