id_please 0.3.3 → 0.4.0

data/README.rdoc

@@ -10,11 +10,11 @@ User and Groups can be the subject of a role by assigning them.. Each role has a
 
 One specified name for roles is privileged (by default "Member"). If a subject is assigned to be a "Member" of another group, then when the subject is checked for whether it has a role, it checks both itself and all parent groups for whether it passes.
 
-User: acts_as_authorization_subject
-Group: acts_as_authorization_group
-Assignment: acts_as_authorization_assignment
-Role: acts_as_authorization_role
-Object (can have roles): acts_as_authorization_object
+* User: acts_as_authorization_subject
+* Group: acts_as_authorization_group
+* Assignment: acts_as_authorization_assignment
+* Role: acts_as_authorization_role
+* Object (can have roles): acts_as_authorization_object
 
 
 By default, users can belong to groups, and those groups can have groups as well. This makes the checking db-query intensive (n+1 queries, where n is the number of level of parent groups for the current user). While these queries are quick, you can disable groups (and group nesting), to cut down on this. (currently not fully tested, use at own risk.)

data/VERSION

@@ -1 +1 @@
-0.3.3
+0.4.0

data/id_please.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{id_please}
-  s.version = "0.3.3"
+  s.version = "0.4.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["James Stuart"]

data/lib/id_please/model_extensions/for_group.rb

@@ -1,19 +1,47 @@
 module IdPlease
   module ModelExtensions
     module ForGroup
+
       def children(*args)
         options = args.extract_options!
-        all_children = _auth_assign_class.role_name_eq(_auth_group_role).role_authorizable_eq(self).all(:include => :subject).collect(&:subject)
-      
-        if _auth_nested_groups == true && options[:nested] != false
-          all_children.select { |child| child._auth_is_group == true }.each do |child|
-            all_children << child.children
+        roles = options[:roles] || [_auth_group_role]
+        view = options[:view] || :subjects
+        
+        role_hash = {}
+        subject_hash = {}
+        
+        assignments = if roles == :any
+          _auth_assign_class.role_authorizable_eq(self).all(:include => [:subject, :role])          
+        else
+          _auth_assign_class.role_name_eq(*roles.collect(&:to_s)).role_authorizable_eq(self).all(:include => [:subject, :role])
+        end
+        
+        assignments.each do |a|
+          name, subject  = a.role.name.to_sym, a.subject
+          role_hash.has_key?(name) ? role_hash[name] << subject : role_hash[name] = [subject]
+          subject_hash.has_key?(subject) ? subject_hash[subject] << name : subject_hash[subject] = [name]
+          
+          if _auth_nested_groups == true && options[:nested] != false && subject._auth_is_group == true
+            children = subject.children
+            role_hash[name] |= children
+            children.each { |child| subject_hash.has_key?(child) ? subject_hash[child] << name : subject_hash[child] = [name]}
           end
         end
       
-        all_children.flatten.uniq
+        case view
+        when :subjects
+          subject_hash.keys
+        when :subject_hash
+          subject_hash
+        when :roles
+          role_hash.keys
+        when :role_hash
+          role_hash
+        end
+    
       end
       
+      
       def has_role!(role_name, object = nil)
         if object && object.kind_of?(self.class) && role_name.to_s == _auth_group_role && self.children.include?(object)
           raise "Attempt to make circular membership loop"