kant 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8aeeefb188062978e189623f81d217b7988ed158
+  data.tar.gz: b658a15f162e5a88a2f576394ae12398102084aa
+SHA512:
+  metadata.gz: c034e6d3971a058076c5eed08aefad7adc4620d51a09e59dc790c19bcff21cfc0762b70d8fbbc2b8f769722df251714684a9fd3ebcf6f174fc2cbcbe5de5d15d
+  data.tar.gz: d4c6c7e75190b3064383d344900f36ba6d8164ba971b2113af64ddde0365272c7b31ac78155c601afb7a88be3d082e9c5ce525eef2c463bf36d1de00d9654003

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in kant.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Mark Przepiora
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,406 @@
+# Kant v0.0.2
+
+Kant is a tiny authorization library for your Ruby (especially Rails and/or
+ActiveRecord) projects.
+
+## Overview
+
+### What Kant does NOT do:
+
+- Add a scope to every single ActiveRecord model in your application.
+- Add any magic methods to your controllers that fetch your data for you, or
+  make any assumptions about how you want to do this.
+- Force you to redefine your authorization logic on every single request.
+- Depend on Rails/ActiveRecord--but if you do use these, there's a tiny bit of
+  magic available to you if you want to use it.
+
+### What Kant does:
+
+- Very little.
+- Allows you to pick and choose how much of it you want to use.
+- Defines a simple interface (two methods) that your `AccessControl` class
+  should implement.
+- Provides two simple access control classes (`NoAccess` and `AllAccess`) you
+  might want to use for unauthenticated users and admins respectively.
+- For typical use cases, Kant gives you a `PolicyAccess` class which allows you
+  to split up your authorization logic into various `FooPolicy` classes, one
+  for each of your models. This class uses a minimal amount of magic to work
+  with `ActiveRecord` models out of the box, but you can extend it easily to
+  use any other ORM.
+- Provides a module you can include in your Rails controllers which gives you
+  an interface very similar to the one you might be used to if you are
+  currently using CanCanCan.
+
+### Kant's philosophy
+
+There are two broad classes of actions you probably need to authorize in your
+application:
+
+1. Single-record access: namely, can a user perform an action on a given
+   record? (Yes or No).
+2. Record index access of some sort: namely, give me a list of the records the
+   user is allowed to access.
+
+An `AccessControl` class (you might know this as an `Ability` class in CanCan)
+is any plain-old Ruby class that is instantiated with a single argument (your
+user object), and implements two methods: (1) `can?(action, object)`, which
+returns true or false for any action and object (typically a symbol and a
+record), and (2) `accessible(action, scope)` which takes an action and a scope
+of some kind (typically an ActiveRecord scope) and returns a new scope of which
+records the user is allowed to access.
+
+Everything else in Kant is either a very simple API on top of this interface to
+make your life easier when using it in a typical Rails app, or an
+implementation of an access control class which might work well in a typical
+Rails app. However, you can use as little or as much of Kant as you want, and
+it certainly doesn't require Rails at all.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'kant', require: false
+```
+
+And then execute:
+
+    $ bundle
+
+## Usage
+
+### Controller Mixin
+
+Kant provides a `Kant::ControllerMixin` module that you can include in your
+ApplicationController if you wish. It adds a couple of methods:
+
+- A `current_access_control` method, which simply returns
+  `AccessControl.new(current_user)` (a class which are you are expected to
+  provide). You can override this if you need to, for example, choose which
+  access control class to use based on the current user's role. See the source
+  code for an example.
+- It delegtes `can?(...)` and `accessible(...)` to `current_access_control`.
+- It adds an `authorize!(...)` method, which delegates to `can?(...)`, being a
+  no-op if `can?` returns true, but raising a `Kant::AccessDenied` exception if
+  `can?` returns false.
+
+Be sure to require what you need! Example:
+
+```ruby
+require 'kant/controller_mixin'
+
+class ApplicationController < ActionController::Base
+  include Kant::ControllerMixin
+
+  # ...
+end
+```
+
+### Basic All or Nothing Access Controls
+
+If you are using ActiveRecord, Kant provides `Kant::AllAccess` and
+`Kant::NoAccess` which you can use for your admins and unauthenticated users
+respectively.
+
+`AllAccess` returns true for every `can?` query, and returns `scope.all` for
+every `accessible` query. In other words, everything is permitted.
+
+`NoAccess` returns false for every `can?` query, and returns `scope.none` for
+every `accessible` query, denying all access.
+
+### Policy-based Access Controls
+
+While you could implement your own access control class from scratch, you
+probably just have a typical Rails app in which you just want to implement
+per-model, and per-action authorization logic. For this, there's
+`Kant::PolicyAccess`.
+
+This is the only part of Kant that contains magic, and assumes you are using
+ActiveRecord, but we'll explain the magic entirely with an example:
+
+When a `PolicyAccess` is queried with `can?(:update, foo)`, where `foo` is an
+instance of a class named `Foo`, it will look for a class/module named
+`FooPolicy`, and a class method on it called `can_update?(record, user)`. It
+simply delegates to this function.
+
+For example,
+
+```ruby
+module FooPolicy
+  def self.can_update?(foo, user)
+    foo.owner_id == user.id
+  end
+end
+```
+
+If either `FooPolicy` does not exist, or if `can_update?` is undefined, `can?`
+will simply return false.
+
+When a `PolicyAccess` is queried with `accessible(:read, Foo)` where `Foo` is
+an ActiveRecord model class (or a scope of that model), Kant will again look
+for `FooPolicy`, this time with an instance method called
+`readable(scope, user)`, which will be called with `readable(Foo, user)`.
+
+If either the class or method doesn't exist, `Foo.none` will be returned.
+
+For example,
+
+```ruby
+module FooPolicy
+  def self.readable(foos, user)
+    foos.where(owner_id: user.id)
+  end
+end
+```
+
+There is one added bonus to keep in mind. If your policy class implements
+`readable` but not `can_read?`, and if `PolicyAccess` is queried with
+`can?(:read, foo)`, then it will return,
+
+```ruby
+FooPolicy.readable(Foo, user).where(id: foo.id).any?
+```
+
+Therefore, you can typically implement just a scope policy for an action and
+let the single-object policy be generated automatically. You may want to
+implement (in this example) `can_read?(...)` anyway, since you can avoid an
+extra SQL query by simply comparing `foo.owner_id == user.id`. However, in
+real-world apps, authorizing an action often requires executing a query of some
+sort anyway, so it's your choice.
+
+Since scope and object policies are just methods, you can alias them. No magic
+required. For example,
+
+```ruby
+module FooPolicy
+  def self.can_read?(foo, user)
+    foo.owner_id == user.id
+  end
+
+  class << self
+    alias_method :can_update?, :can_read?
+    alias_method :can_destroy?, :can_read?
+  end
+end
+```
+
+## Okay Practices
+
+### Controller Params
+
+This isn't enforced by Kant at all, but you could define your allowed
+controller params inside your policy classes. For example:
+
+```ruby
+module FooPolicy
+  # ...
+
+  def self.create_params(params)
+    params.require(:foo).permit(:name)
+  end
+end
+
+class FoosController < ApplicationController
+  def create_params
+    FooPolicy.create_params(params)
+  end
+end
+```
+
+### Create and Update Policies
+
+For defining your `can_create?` and `can_update?` policies, it's probably a
+good idea to perform the following order of actions in your controllers:
+
+```ruby
+foo.assign_attributes(update_params)
+authorize! :update, foo
+foo.save!
+```
+
+This way, in your `can_update?` policy you can check foo's `#changes`, etc.,
+methods to see what was changed in case a user might only be allowed to modify
+some fields but not others, or only make certain kinds of changes.
+
+### DRYing Up Your Controllers
+
+You might be worried about missing out on CanCan's magical controller methods
+that fetch and authorize your records for you.
+
+But why not instead just define a method like this in `ApplicationController`?
+
+```ruby
+def find_and_authorize(model_class, id, action)
+  record = model_class.find(id)
+  authorize! action, record
+  record
+end
+```
+
+Now you can just,
+
+```ruby
+foo = find_and_authorize(Foo, params[:id], :read)
+```
+
+You could define something analogous for updating and creating records,
+
+```ruby
+def authorize_and_create(model_class, params)
+  record = model_class.new(params)
+  authorize! :create, record
+  [record.save, record]
+end
+```
+
+And in your actions use,
+
+```ruby
+success, foo = authorize_and_create(Foo, create_params)
+
+if success
+  # ...
+else
+  # ...
+end
+```
+
+## Complete-ish Example
+
+```ruby
+# config/application.rb
+# ...
+  config.autoload_paths += %W(#{config.root}/authorization)
+# ...
+
+# app/controllers/application_controller.rb
+require 'kant/all'
+
+class ApplicationController < ActionController::Base
+  include Kant::ControllerMixin
+
+  def current_access_control
+    if !current_user
+      Kant::NoAccess.new(nil)
+    elsif current_user.admin?
+      Kant::AllAccess.new(nil)
+    else
+      Kant::PolicyAccess.new(current_user, policies_module: Policies)
+    end
+  end
+end
+
+# app/authorization/policies/foo_policy.rb
+module Policies
+  module FooPolicy
+    def self.readable(foos, user)
+      foos.where(user_id: user.id)
+    end
+  end
+end
+
+# app/controllers/foos_controller.rb
+class FoosController < ApplicationController
+  def index
+    foos = accessible(:read, Foo)
+    render json: foos
+  end
+
+  def show
+    foo = Foo.find(params[:id])
+    authorize! :read, foo
+    render json: foo
+  end
+end
+```
+
+## RSpec
+
+Kant has RSpec matchers if you want to use them. Example:
+
+```ruby
+# spec_helper.rb
+require 'kant/rspec/matchers'
+
+# foo_spec.rb
+describe Foo
+  it "bars" do
+    # ... some setup ...
+    access_control = AccessControl.new(user)
+    expect(access_control).to be_able_to(:read, foo)
+  end
+end
+```
+
+## But is it good?
+
+It's small, simple, and it works. I use it in production. So maybe?
+
+## Why should I use this instead of CanCan?
+
+First of all, this library is tiny.
+
+```bash
+$ cat lib/kant/**/*.rb | wc -l
+212
+```
+
+And this includes the RSpec matcher definition which you won't even use in
+production. Excluding that, Kant is about 170 lines of code.
+
+Compare this to CanCanCan:
+
+```bash
+$ cat lib/**/*.rb | wc -l
+1849
+```
+
+Also, it's fast:
+
+**Warning: Do not trust these benchmarks. Perform your own measurements on your
+own application.**
+
+A problem with CanCan as your application grows is that it expects you to
+define *all* of your abilities upon initialization, even if the request only
+checks a single one. This is fine if you only have a couple of models, or if
+your scopes are simple, but if your application has a couple dozen models, this
+can translate into a significant overhead.
+
+Here is a simple benchmark I executed on production when we still used CanCan:
+
+```ruby
+require 'benchmark'
+u = User.first
+
+puts Benchmark.measure {
+  10000.times { Ability.new(u) }
+}
+# => 48.510000   0.990000  49.500000 ( 70.699697)
+```
+
+That's almost 50 seconds of CPU time simply to instantiate 10,000 objects.
+
+Here is the benchmark from the application after it was refactored to use Kant:
+
+```ruby
+require 'benchmark'
+u = User.first
+
+puts Benchmark.measure {
+  10000.times { AccessControl.new(u) }
+}
+# => 0.060000   0.010000   0.070000 (  0.169156)
+```
+
+That's a *slight* difference. For us, this translates into a savings of roughly
+50 seconds of CPU time for every 10,000 requests.
+
+**Perform your own benchmarks.**
+
+## Contributing
+
+1. Fork it ( https://github.com/markprzepiora/kant/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/kant.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'kant/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "kant"
+  spec.version       = Kant::VERSION
+  spec.authors       = ["Mark Przepiora"]
+  spec.email         = ["mark.przepiora@gmail.com"]
+  spec.summary       = %q{A tiny, non-magical authorization library}
+  spec.description   = %q{Kant is a tiny authorization library for your Ruby (especially Rails and/or ActiveRecord) projects.}
+  spec.homepage      = "https://github.com/markprzepiora/kant"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.1.0"
+  spec.add_development_dependency "with_model", "~> 1.2.1"
+  spec.add_development_dependency "sqlite3", "~> 1.3.10"
+  spec.add_development_dependency "activerecord", ">= 3.2"
+end

data/lib/kant/access_denied.rb

@@ -0,0 +1,4 @@
+module Kant
+  class AccessDenied < StandardError
+  end
+end

data/lib/kant/all.rb

@@ -0,0 +1,4 @@
+require 'kant/all_access'
+require 'kant/no_access'
+require 'kant/policy_access'
+require 'kant/controller_mixin'

data/lib/kant/all_access.rb

@@ -0,0 +1,14 @@
+module Kant
+  class AllAccess
+    def initialize(user)
+    end
+
+    def can?(action, object)
+      true
+    end
+
+    def accessible(action, scope)
+      scope.all
+    end
+  end
+end

data/lib/kant/controller_mixin.rb

@@ -0,0 +1,45 @@
+require 'kant/access_denied'
+
+module Kant
+  module ControllerMixin
+    # By default, Kant expects an AccessControl class to exist. Override this
+    # method if you need more complicated logic here. A typical implementation
+    # might be:
+    #
+    #   def current_access_control
+    #     @current_access_control ||=
+    #       if !current_user
+    #         Kant::NoAccess.new(nil)
+    #       elsif current_user.admin?
+    #         Kant::AllAccess.new(current_user)
+    #       else
+    #         AccessControl.new(current_user)
+    #       end
+    #   end
+    def current_access_control
+      @current_access_control ||= AccessControl.new(current_user)
+    end
+
+    private
+
+    # Delegates to current_access_control
+    def can?(*args)
+      current_access_control.can?(*args)
+    end
+
+    # Delegates to current_access_control
+    def accessible(*args)
+      current_access_control.accessible(*args)
+    end
+
+    # If `can?(action, object)` is true, then this is a no-op. If on the other
+    # hand that value is false, this raises a Kant::AccessDenied exception.
+    def authorize!(action, object)
+      if can?(action, object)
+        true
+      else
+        raise Kant::AccessDenied, "You are not permitted to #{action} this record."
+      end
+    end
+  end
+end

data/lib/kant/no_access.rb

@@ -0,0 +1,14 @@
+module Kant
+  class NoAccess
+    def initialize(user)
+    end
+
+    def can?(action, object)
+      false
+    end
+
+    def accessible(action, scope)
+      scope.none
+    end
+  end
+end

data/lib/kant/policy_access.rb

@@ -0,0 +1,69 @@
+require 'kant/resolvers/active_record'
+
+module Kant
+  class PolicyAccess
+    include Kant::Resolvers::ActiveRecord
+
+    attr_accessor :user
+
+    def initialize(user, policies_module: nil)
+      @user = user
+      @policies_module = policies_module || Kernel
+    end
+
+    # Delegates to an appropriate Policy module. For example,
+    #
+    #   Ability.new(user).can?(:read, Foo.first)
+    #
+    # will return
+    #
+    #   FooPolicy.can_read?(Foo.first, user)
+    def can?(action, object)
+      method_eh     = "can_#{action}?"
+      abilities     = resolve_object(object)
+      _scope_method = scope_method(abilities, action)
+      model_class   = object.class
+
+      if abilities.respond_to?(method_eh)
+        abilities.send(method_eh, object, user)
+      elsif _scope_method && object.id
+        abilities.send(_scope_method, model_class, user).where(id: object.id).any?
+      else
+        false
+      end
+    end
+
+    # Example:
+    #
+    #   ability.accessible(:read, Content)
+    #   # => a Content scope
+    def accessible(action, scope)
+      abilities = resolve_scope(scope)
+      _scope_method = scope_method(abilities, action)
+
+      if _scope_method
+        abilities.send(_scope_method, scope, user)
+      else
+        scope.none
+      end
+    end
+
+    private
+
+    def scope_method(abilities, action)
+      regular_name = "#{action}able"
+      alternate_name = begin
+        first, *rest = action.to_s.split('_')
+        "#{first}able_#{rest.join('_')}"
+      end
+
+      if abilities.respond_to?(regular_name)
+        regular_name
+      elsif abilities.respond_to?(alternate_name)
+        alternate_name
+      else
+        nil
+      end
+    end
+  end
+end

data/lib/kant/resolvers/active_record.rb

@@ -0,0 +1,30 @@
+module Kant
+  module Resolvers
+    module ActiveRecord
+      private
+
+      attr_reader :policies_module
+
+      def resolve_object(object_or_class)
+        klass =
+          if object_or_class.is_a?(Class)
+            object_or_class
+          else
+            object_or_class.class
+          end
+
+        resolve(klass.name)
+      end
+
+      def resolve_scope(scope)
+        resolve(scope.all.model.name)
+      end
+
+      def resolve(name)
+        policies_module.const_get("#{name}Policy")
+      rescue NameError
+        nil
+      end
+    end
+  end
+end

data/lib/kant/rspec/matchers.rb

@@ -0,0 +1,29 @@
+# These matchers are taken directly from CanCanCan:
+# https://github.com/CanCanCommunity/cancancan/blob/develop/lib/cancan/matchers.rb
+
+rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec'  # for RSpec 1 compatability
+
+if rspec_module == 'RSpec'
+  require 'rspec/core'
+  require 'rspec/expectations'
+end
+
+Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
+  match do |ability|
+    ability.can?(*args)
+  end
+
+  # Check that RSpec is < 2.99
+  if !respond_to?(:failure_message) && respond_to?(:failure_message_for_should)
+    alias :failure_message :failure_message_for_should
+    alias :failure_message_when_negated :failure_message_for_should_not
+  end
+
+  failure_message do |ability|
+    "expected to be able to #{args.map(&:inspect).join(" ")}"
+  end
+
+  failure_message_when_negated do |ability|
+    "expected not to be able to #{args.map(&:inspect).join(" ")}"
+  end
+end

data/lib/kant/version.rb

@@ -0,0 +1,3 @@
+module Kant
+  VERSION = "0.0.2"
+end

data/lib/kant.rb

@@ -0,0 +1,5 @@
+require "kant/version"
+
+module Kant
+  # Your code goes here...
+end

data/spec/kant/all_access_spec.rb

@@ -0,0 +1,20 @@
+require 'spec_helper'
+require 'kant/all_access'
+
+describe Kant::AllAccess do
+  let(:user) { double("user") }
+  subject(:all_access) { Kant::AllAccess.new(user) }
+
+  it "it can do anything" do
+    foo = double("foo")
+
+    expect(all_access).to be_able_to(:bar, foo)
+  end
+
+  it "it has access to everything" do
+    scope = double("scope")
+    expect(scope).to receive(:all).and_return(scope)
+
+    expect(all_access.accessible(:foo, scope)).to eq(scope)
+  end
+end

data/spec/kant/integration_spec.rb

@@ -0,0 +1,6 @@
+require 'spec_helper'
+require 'kant/all_access'
+
+describe Kant do
+  setup_models
+end

data/spec/kant/no_access_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper'
+require 'kant/no_access'
+
+describe Kant::NoAccess do
+  let(:user) { double("user") }
+  subject(:no_access) { Kant::NoAccess.new(user) }
+
+  it "it can't do anything" do
+    foo = double("foo")
+
+    expect(no_access).not_to be_able_to(:bar, foo)
+  end
+
+  it "it has access to nothing" do
+    scope = double("scope")
+    none = double("none")
+    expect(scope).to receive(:none).and_return(none)
+
+    expect(no_access.accessible(:foo, scope)).to eq(none)
+  end
+end

data/spec/kant/policy_access_spec.rb

@@ -0,0 +1,155 @@
+require 'spec_helper'
+require 'kant/policy_access'
+
+describe Kant::PolicyAccess do
+  setup_models
+
+  describe "#can?" do
+    let(:user) { User.create!(email: 'foo@bar.com') }
+    subject(:policy_access) { Kant::PolicyAccess.new(user) }
+
+    it "uses FooPolicy to authorize Foos" do
+      todo = Todo.create
+      bell = double("bell")
+      expect(bell).to receive(:ring).with(todo, user).and_return(nil)
+
+      # module TodoPolicy
+      #   def self.can_tickle?(todo, user)
+      #     bell.ring(todo, user)
+      #     "foo"
+      #   end
+      # end
+      todo_policy = Class.new do
+        define_singleton_method(:can_tickle?) do |todo, user|
+          bell.ring(todo, user)
+          "foo"
+        end
+      end
+
+      stub_const("TodoPolicy", todo_policy)
+
+      expect(policy_access.can?(:tickle, todo)).to eq("foo")
+      expect(policy_access.can?(:read, todo)).to eq(false)
+    end
+
+    it "uses FooPolicy to authorize Foo itself" do
+      bell = double("bell")
+      expect(bell).to receive(:ring).with(Todo, user).and_return(nil)
+
+      # module TodoPolicy
+      #   def self.can_tickle?(todo, user)
+      #     bell.ring(todo, user)
+      #     "foo"
+      #   end
+      # end
+      todo_policy = Class.new do
+        define_singleton_method(:can_tickle?) do |todo, user|
+          bell.ring(todo, user)
+          "foo"
+        end
+      end
+
+      stub_const("TodoPolicy", todo_policy)
+
+      expect(policy_access.can?(:tickle, Todo)).to eq("foo")
+    end
+
+    it "returns false for an undefined action" do
+      todo = Todo.create
+      stub_const("TodoPolicy", Class.new)
+
+      expect(policy_access.can?(:tickle, todo)).to eq(false)
+    end
+
+    it "returns false if FooPolicy does not exist" do
+      todo = Todo.create
+      expect(policy_access.can?(:tickle, todo)).to eq(false)
+    end
+
+    it "uses an *able scope method if no can_*? method exists" do
+      # module TodoPolicy
+      #   def self.readable(todos, user)
+      #     todos.where(completed: true)
+      #   end
+      # end
+      todo_policy = Class.new do
+        define_singleton_method(:readable) do |todos, user|
+          todos.where(completed: true)
+        end
+      end
+
+      stub_const("TodoPolicy", todo_policy)
+
+      complete_todo = Todo.create!(completed: true)
+      incomplete_todo = Todo.create!(completed: false)
+
+      expect(policy_access).to be_able_to(:read, complete_todo)
+      expect(policy_access).not_to be_able_to(:read, incomplete_todo)
+
+      expect(policy_access).not_to be_able_to(:tickle, complete_todo)
+      expect(policy_access).not_to be_able_to(:tickle, incomplete_todo)
+    end
+  end
+
+  describe "#accessible" do
+    let(:user) { User.create!(email: 'foo@bar.com') }
+    subject(:policy_access) { Kant::PolicyAccess.new(user) }
+
+    it "delegates to a Policy module" do
+      # module TodoPolicy
+      #   def self.readable(todos, user)
+      #     todos.where(completed: true)
+      #   end
+      # end
+      todo_policy = Class.new do
+        define_singleton_method(:readable) do |todos, user|
+          todos.where(completed: true)
+        end
+      end
+
+      stub_const("TodoPolicy", todo_policy)
+
+      complete_todo = Todo.create!(completed: true)
+      incomplete_todo = Todo.create!(completed: false)
+
+      expect(policy_access.accessible(:read, Todo)).to eq([complete_todo])
+      expect(policy_access.accessible(:read, Todo.where(completed: false))).to eq([])
+    end
+
+    it "returns an empty scope when no scope method is defined" do
+      stub_const("TodoPolicy", Class.new)
+
+      complete_todo = Todo.create!(completed: true)
+      incomplete_todo = Todo.create!(completed: false)
+
+      expect(policy_access.accessible(:read, Todo)).to eq(Todo.none)
+    end
+  end
+
+  describe "the policies_module option in initializer" do
+    let(:user) { User.create!(email: 'foo@bar.com') }
+
+    it "can be specified to namespace policies" do
+      # module Policies::TodoPolicy
+      #   def self.readable(todos, user)
+      #     todos.where(completed: true)
+      #   end
+      # end
+      todo_policy = Class.new do
+        define_singleton_method(:readable) do |todos, user|
+          todos.where(completed: true)
+        end
+      end
+
+      stub_const("Policies", Module.new)
+      stub_const("Policies::TodoPolicy", todo_policy)
+
+      policy_access = Kant::PolicyAccess.new(user, policies_module: Policies)
+
+      complete_todo = Todo.create!(completed: true)
+      incomplete_todo = Todo.create!(completed: false)
+
+      expect(policy_access.accessible(:read, Todo)).to eq([complete_todo])
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,87 @@
+require 'rubygems'
+require 'bundler/setup'
+
+require 'active_record'
+require 'sqlite3'
+require 'with_model'
+require 'kant/rspec/matchers'
+require 'kant'
+
+ActiveRecord::Base.establish_connection adapter: "sqlite3", database: ":memory:"
+
+RSpec.configure do |config|
+  config.extend WithModel
+end
+
+def setup_models
+  with_model :User do
+    table do |t|
+      t.string "email"
+    end
+
+    model do
+      has_many :projects_as_owner,
+               :class_name => 'Project',
+               :foreign_key => :owner_id,
+               :inverse_of => :owner
+
+      has_many :authored_todos,
+               :foreign_key => :author_id,
+               :inverse_of => :author,
+               :class_name => 'Todo'
+
+      has_and_belongs_to_many :projects_as_developer,
+                              :class_name => 'Project',
+                              :join_table => 'project_developers'
+    end
+  end
+
+  with_model :Project do
+    table do |t|
+      t.string   "name"
+      t.integer  "owner_id"
+      t.datetime "created_at", :null => false
+      t.datetime "updated_at", :null => false
+    end
+
+    model do
+      belongs_to :owner,
+                 :class_name => 'User',
+                 :inverse_of => :projects_as_owner
+
+      has_many :todos,
+               :inverse_of => :project
+
+      has_and_belongs_to_many :developers,
+                              :class_name => 'User',
+                              :join_table => 'project_developers'
+    end
+  end
+
+  with_table "project_developers", :id => false do |t|
+    t.integer "user_id",    :null => false
+    t.integer "project_id", :null => false
+  end
+
+  with_model :Todo do
+    table do |t|
+      t.string   "name"
+      t.string   "type"
+      t.boolean  "completed"
+      t.integer  "suggested_by_id"
+      t.integer  "author_id"
+      t.integer  "project_id"
+      t.datetime "created_at", :null => false
+      t.datetime "updated_at", :null => false
+    end
+
+    model do
+      belongs_to :project,
+                 :inverse_of => :todos
+
+      belongs_to :author,
+                 :inverse_of => :authored_todos,
+                 :class_name => 'User'
+    end
+  end
+end

metadata

@@ -0,0 +1,155 @@
+--- !ruby/object:Gem::Specification
+name: kant
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Mark Przepiora
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-01-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+- !ruby/object:Gem::Dependency
+  name: with_model
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.10
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.3.10
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.2'
+description: Kant is a tiny authorization library for your Ruby (especially Rails
+  and/or ActiveRecord) projects.
+email:
+- mark.przepiora@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- kant.gemspec
+- lib/kant.rb
+- lib/kant/access_denied.rb
+- lib/kant/all.rb
+- lib/kant/all_access.rb
+- lib/kant/controller_mixin.rb
+- lib/kant/no_access.rb
+- lib/kant/policy_access.rb
+- lib/kant/resolvers/active_record.rb
+- lib/kant/rspec/matchers.rb
+- lib/kant/version.rb
+- spec/kant/all_access_spec.rb
+- spec/kant/integration_spec.rb
+- spec/kant/no_access_spec.rb
+- spec/kant/policy_access_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/markprzepiora/kant
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A tiny, non-magical authorization library
+test_files:
+- spec/kant/all_access_spec.rb
+- spec/kant/integration_spec.rb
+- spec/kant/no_access_spec.rb
+- spec/kant/policy_access_spec.rb
+- spec/spec_helper.rb