kan 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d21ee95936ea431cd541add761806729598ee02d
-  data.tar.gz: 3af71fe7b9a1e7b76d1e41955356d7c88fc2220b
+  metadata.gz: 4b05a0ee35f96b6d7cf1860821bbb9377ce6865d
+  data.tar.gz: 2c95160455b028aeddc5888a39659f61a2fef75e
 SHA512:
-  metadata.gz: 51068bae77f496f2c4411540d2a99d5a30dcf12203cec91d5664760fd1e75f52f1c89efe7c65c61f5df428abea926874250a3a68e117a573016572583aa2fe79
-  data.tar.gz: 168764d5406fceb5806388dff893d52fa5f41ba8c49445540140dfc962afbebe421f0eae5d1c0491654cf0814192346ba0317c941fa105b019dd67244013b14b
+  metadata.gz: e2d8dc36dfdfebf3da5f453824cc94b46f478346963d10d1d92c23873045cb2efb94debd260d5192e3233931236d09e80ede00b60e75e61b88b189e34fa55dc1
+  data.tar.gz: bc672426e146ad132e7339dd780c171e8da22ce350b70d9fc54a6bd1c1f9a5505faa64f5009c01d20036fab86ab37f19396b034314c2f4bb92d7f98aa76702c9

data/.travis.yml

@@ -1,5 +1,13 @@
 sudo: false
 language: ruby
+cache: bundler
 rvm:
+  - 2.1.10
+  - 2.2.7
+  - 2.3.4
   - 2.4.1
-before_install: gem install bundler -v 1.16.0
+  - 2.5.0
+
+before_install:
+  - gem install bundler -v 1.16.0
+  - gem update --system

data/CHANGELOG.md

@@ -0,0 +1,7 @@
+## HEAD
+
+## v0.2
+
+* Add logger support (@valikos) #7
+* Integrate CI (@davydovanton)
+* Implement roles support (@davydovanton)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    kan (0.1.0)
+    kan (0.2.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,6 +1,21 @@
 # Kan
+[![Build Status](https://travis-ci.org/davydovanton/kan.svg?branch=master)](https://travis-ci.org/davydovanton/kan)
 
-Simple fundctional authorization library for ruby. Inspired by [transproc](https://github.com/solnic/transproc)
+Simple functional authorization library for ruby. Inspired by [transproc](https://github.com/solnic/transproc) and [dry project](http://dry-rb.org)
+
+## Table of context
+
+* [Installation](#installation)
+* [Usage](#usage)
+  * [Register abilities](#register-abilities)
+  * [Check abilities](#check-abilities)
+    * [Default ability block](#default-ability-block)
+    * [List of abilities](#list-of-abilities)
+  * [Roles](#roles)
+  * [Dry-auto\_inject](#dry-auto_inject)
+* [Contributing](#contributing)
+* [License](#license)
+* [Code of Conduct](#code-of-conduct)
 
 ## Installation
 
@@ -20,6 +35,8 @@ Or install it yourself as:
 
 ## Usage
 
+### Register abilities
+
 ```ruby
 class Post::Abilities
   include Kan::Abilities
@@ -28,8 +45,11 @@ class Post::Abilities
   register 'edit' { |user, post| user.id == post.user_id }
   register 'delete' { |_, _| false }
 end
+```
+
+Also, you can register more than one ability in one place and use string or symbol keys:
 
-# register more than one ability in one place
+```ruby
 class Post::AdminAbilities
   include Kan::Abilities
 
@@ -46,38 +66,146 @@ class Comments::Abilities
     user.id == comment.user_id && comment.created_at < Time.now + TEN_MINUTES
   end
 end
+```
 
+### Check abilities
+
+```ruby
 abilities = Kan::Application.new(
   post: Post::Abilities.new,
-  comment: Comments::Abilities.new,
+  comment: Comments::Abilities.new
 )
 
 abilities['post.read'].call(current_user, post) # => true
 abilities['post.delete'].call(current_user, post) # => false
-
 abilities['comment.delete'].call(current_user, post) # => false
+```
+
+#### Default ability block
 
-# Default ability eq `proc { true }`
+By default Kan use `proc { true }` as a default ability block:
+
+```ruby
 abilities['comment.invalid'].call(current_user, post) # => true
+```
+
+But you can rewrite it
 
-# But you can rewrite default ability block
+```ruby
 admin_abilities = Kan::Application.new(
-  post: Post::AdminAbilities.new(default_ability_block: proc { false}),
+  post: Post::AdminAbilities.new(default_ability_block: proc { false }),
   comment: Comments::Abilities.new,
 )
 
-admin_abilities['post.delete'].call(current_user, post) # => false
-admin_abilities['post.delete'].call(admin_user, post) # => true
+admin_abilities['post.delete'].call(current_user, post)  # => false
+admin_abilities['post.delete'].call(admin_user, post)    # => true
 admin_abilities['post.invalid'].call(current_user, post) # => false
+```
 
+#### List of abilities
+You can provide array of abilities for each scope and Kan will return `true` if at least one ability return `true`:
+
+```ruby
 global_abilities = Kan::Application.new(
   post: [Post::Abilities.new, Post::AdminAbilities.new],
-  comment: Comments::Abilities.new,
+  comment: Comments::Abilities.new
 )
 
 global_abilities['post.edit'].call(current_user, post) # => false
-global_abilities['post.edit'].call(owner_user, post) # => true
-global_abilities['post.edit'].call(admin_user, post) # => true
+global_abilities['post.edit'].call(owner_user, post)   # => true
+global_abilities['post.edit'].call(admin_user, post)   # => true
+```
+
+### Roles
+Kan provide simple role system. For this you need to define role block in each abilities classes:
+```ruby
+module Post
+  class AnonymousAbilities
+    include Kan::Abilities
+
+    role :anonymous do |user, _|
+      user.id.nil?
+    end
+
+    register(:read, :edit, :delete) { false }
+  end
+
+  class BaseAbilities
+    include Kan::Abilities
+
+    role :all do |_, _|
+      true
+    end
+
+    register(:read) { |_, _| true }
+    register(:edit, :delete) { |user, post| false }
+  end
+
+
+  class AuthorAbilities
+    include Kan::Abilities
+
+    role :author do |user, post|
+      user.id == post.author_id
+    end
+
+    register(:read, :edit) { |_, _| true }
+    register(:delete) { |_, _| false }
+  end
+
+  class AdminAbilities
+    include Kan::Abilities
+
+    role :admin do |user, _|
+      user.admin?
+    end
+
+    register :read, :edit, :delete { |_, _| true }
+  end
+end
+```
+
+After that initialize Kan application object and call it with payload:
+```ruby
+abilities = Kan::Application.new(
+  post: [Post::AnonymousAbilities.new, Post::BaseAbilities.new, Post::AuthorAbilities.new, Post::AdminAbilities.new],
+  comment: Comments::Abilities.new
+)
+
+abilities['post.read'].call(anonymous, post) # => false
+abilities['post.read'].call(regular, post)   # => true
+abilities['post.read'].call(author, post)    # => true
+abilities['post.read'].call(admin, post)     # => true
+
+abilities['post.edit'].call(anonymous, post) # => false
+abilities['post.edit'].call(regular, post)   # => false
+abilities['post.edit'].call(author, post)    # => true
+abilities['post.edit'].call(admin, post)     # => true
+
+abilities['post.delete'].call(anonymous, post) # => false
+abilities['post.delete'].call(regular, post)   # => false
+abilities['post.delete'].call(author, post)    # => false
+abilities['post.delete'].call(admin, post)     # => true
+```
+
+### Logger support
+By default kan support default ruby logger (`Logger.new` class). For setup custom logger you can use `logger` option for each abilities instances:
+```ruby
+abilities = Kan::Application.new(
+  comment: Comments::Abilities.new(logger: MyCustomLogger.new)
+)
+```
+
+And call it from ability block:
+```ruby
+class AnonymousAbilities
+  include Kan::Abilities
+
+  register(:read, :edit, :delete) do
+    logger.info 'Anonymous ability checked'
+    false
+  end
+end
 ```
 
 ### Dry-auto\_inject
@@ -105,10 +233,18 @@ UpdateOperation.new(ability_checker: ->(*) { false })
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/davydovanton/kan. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
+### How to instal the project
+Just clone repository and call:
+
+```
+$ bundle install
+$ bundle exec rspec
+```
+
 ## License
 
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
 
 ## Code of Conduct
 
-Everyone interacting in the Kan project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/kan/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the Kan project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/davydovanton/kan/blob/master/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -1,10 +1,12 @@
 require "bundler/gem_tasks"
 require "rake/testtask"
 
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
+begin
+  require 'rspec/core/rake_task'
+
+  RSpec::Core::RakeTask.new(:spec)
 
-task :default => :test
+  task default: :spec
+rescue LoadError
+  # no rspec available
+end

data/lib/kan.rb

@@ -1,3 +1,4 @@
+require 'kan/abilities_list'
 require 'kan/application'
 require 'kan/abilities'
 require 'kan/version'

data/lib/kan/abilities.rb

@@ -1,3 +1,5 @@
+require 'logger'
+
 module Kan
   module Abilities
     def self.included(base)
@@ -5,11 +7,31 @@ module Kan
     end
 
     module ClassMethods
+      DEFAULT_ROLE_NAME = :base
+      DEFAULT_ROLE_BLOCK = proc { true }
+
       def register(*abilities, &block)
         @ability_list ||= {}
         abilities.each { |ability| @ability_list[ability.to_sym] = block }
       end
 
+      def role(role_name, &block)
+        @role_name = role_name
+        @role_block = block
+      end
+
+      def role_name
+        @role_name || DEFAULT_ROLE_NAME
+      end
+
+      def role_block
+        @role_block || DEFAULT_ROLE_BLOCK
+      end
+
+      def valid_role?(*args)
+        role_block.call(*args)
+      end
+
       def ability_list
         @ability_list || {}
       end
@@ -17,12 +39,16 @@ module Kan
 
     DEFAULT_ABILITY_BLOCK = proc { true }
 
+    attr_reader :logger
+
     def initialize(options = {})
       @options = options
+      @logger = @options.fetch(:logger, Logger.new(STDOUT))
     end
 
     def ability(name)
-      self.class.ability_list[name.to_sym] || @options[:default_ability_block] || DEFAULT_ABILITY_BLOCK
+      rule = self.class.ability_list[name.to_sym] || @options[:default_ability_block] || DEFAULT_ABILITY_BLOCK
+      lambda { |*args| instance_exec(args, &rule) }
     end
   end
 end

data/lib/kan/abilities_list.rb

@@ -0,0 +1,14 @@
+module Kan
+  class AbilitiesList
+    def initialize(name, list)
+      @name = name
+      @list = list
+    end
+
+    def call(*payload)
+      @list
+        .select { |abilities| abilities.class.valid_role?(*payload) }
+        .any? { |abilities| abilities.ability(@name).call(*payload) }
+    end
+  end
+end

data/lib/kan/application.rb

@@ -6,7 +6,17 @@ module Kan
 
     def [](ability)
       scope, ability_name = ability.split('.')
-      @scopes[scope.to_sym].ability(ability_name)
+
+      abilities = Array(@scopes[scope.to_sym])
+      raise_scope_error(scope) if abilities.empty?
+
+      AbilitiesList.new(ability_name, abilities)
+    end
+
+    private
+
+    def raise_scope_error(scope)
+      raise ArgumentError.new("Invalid scope #{scope}")
     end
   end
 end

data/lib/kan/version.rb

@@ -1,3 +1,3 @@
 module Kan
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kan
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Anton Davydov
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-01-09 00:00:00.000000000 Z
+date: 2018-01-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -76,6 +76,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - Gemfile.lock
@@ -85,6 +86,7 @@ files:
 - kan.gemspec
 - lib/kan.rb
 - lib/kan/abilities.rb
+- lib/kan/abilities_list.rb
 - lib/kan/application.rb
 - lib/kan/version.rb
 homepage: https://github.com/davydovanton/kan