mongoid_acl 0.0.3 → 0.1.0

data/README.md

@@ -4,7 +4,11 @@ mongoid_acl allows you to easily add access control lists to your Mongoid::Docum
 
 Installation
 ------------
-To install add the following line to your gemfile (requires recent version of bundler)
+To install add the following line to your gemfile 
+
+    gem 'mongoid_acl'
+
+If you're living on the edge and are using bundler 1.1, try the master branch
 
     gem 'mongoid_acl', :hg => 'https://bitbucket.org/nielsv/mongoid_acl'
 

data/lib/mongoid_acl/methods.rb

@@ -36,37 +36,73 @@ module Mongoid
         # quickly add read permission for this actor
         # @param [String] identifier of the actor
         # @return [Boolean] 
-        def can_read!(identifier)
-          self.add_permission_for(Mongoid::ACL::READ_PERM,identifier)
+        def grant_read!(identifier)
+          self.grant_permission_to(Mongoid::ACL::READ_PERM,identifier)
         end
       
         # quickly add update permission for this actor
         # @param [String] identifier of the actor
         # @return [Boolean] 
-        def can_update!(identifier)
-          self.add_permission_for(Mongoid::ACL::UPDATE_PERM,identifier)
+        def grant_update!(identifier)
+          self.grant_permission_to(Mongoid::ACL::UPDATE_PERM,identifier)
         end
       
         # quickly add destroy permission for this actor
         # @param [String] identifier of the actor
         # @return [Boolean] 
-        def can_destroy!(identifier)
-          self.add_permission_for(Mongoid::ACL::DESTROY_PERM,identifier)
+        def grant_destroy!(identifier)
+          self.grant_permission_to(Mongoid::ACL::DESTROY_PERM,identifier)
         end
       
             
         # quickly add read,update and destroy permission for this actor
         # @param [String] identifier of the actor
         # @return [Boolean] 
-        def can_manage!(identifier)
-          self.add_permission_for([Mongoid::ACL::READ_PERM,Mongoid::ACL::UPDATE_PERM,Mongoid::ACL::DESTROY_PERM],identifier)
+        def grant_manage!(identifier)
+          self.grant_permission_to([Mongoid::ACL::READ_PERM,Mongoid::ACL::UPDATE_PERM,Mongoid::ACL::DESTROY_PERM],identifier)
         end
       
+        # quickly remove read permission for this actor
+        # @param [String] identifier of the actor
+        # @return [Boolean] 
+        def revoke_read(identifier)
+          self.revoke_permission_for(Mongoid::ACL::READ_PERM,identifier)
+        end
+      
+        # quickly remove update permission for this actor
+        # @param [String] identifier of the actor
+        # @return [Boolean] 
+        def revoke_update!(identifier)
+          self.revoke_permission_for(Mongoid::ACL::UPDATE_PERM,identifier)
+        end
+      
+        # quickly remove destroy permission for this actor
+        # @param [String] identifier of the actor
+        # @return [Boolean] 
+        def revoke_destroy!(identifier)
+          self.revoke_permission_for(Mongoid::ACL::DESTROY_PERM,identifier)
+        end
+      
+            
+        # quickly remove read,update and destroy permission for this actor
+        # @param [String] identifier of the actor
+        # @return [Boolean] 
+        def revoke_manage!(identifier)
+          self.revoke_permission_for([Mongoid::ACL::READ_PERM,Mongoid::ACL::UPDATE_PERM,Mongoid::ACL::DESTROY_PERM],identifier)
+        end
+      
+        
+        # quickly remove all permissions
+        # @return [Boolean] 
+        def revoke_all_permissions
+          self.collection.update({"_id" => self.id}, {"$unset" => {"acls"=>1} })
+        end
+        
         # add identifier(s) to the given permission(s) in the acl list of this object
         # @param [Array,String] permission
         # @param [Array,String] identifier
         # @returns [Boolean]
-        def add_permission_for(permission,identifier)
+        def grant_permission_to(permission,identifier)
           if identifier.kind_of?(Array)
             identifier = {"$each" => identifier}
           end
@@ -79,7 +115,24 @@ module Mongoid
           return self.collection.update({"_id" => self.id}, {"$addToSet" => hash_map })
         end
       
+        # revoke identifier(s) from the given permission(s) in the acl list of this object
+        # @param [Array,String] permission
+        # @param [Array,String] identifier
+        # @returns [Boolean]
+        def revoke_permission_for(permission,identifier)
+          if !identifier.respond_to?('each')
+            identifier = [identifier]
+          end
+          if permission.kind_of?(Array)
+            hash_map = Hash.new
+            permission.each{ |p| hash_map["acls.#{p}"] = identifier}
+          else
+            hash_map = {"acls.#{permission}" => identifier}
+          end
+          return self.collection.update({"_id" => self.id}, {"$pullAll" => hash_map })
+        end
       
+        
         def has_permission_for(permission,identifier)
           return false if self.acls.nil?
           self.acls[permission].include?(PUBLIC_IDENTIFIER) || self.acls[permission].include?(identifier)

data/lib/mongoid_acl/version.rb

@@ -1,5 +1,5 @@
 module Mongoid
   module ACL
-    VERSION = '0.0.3'
+    VERSION = '0.1.0'
   end
 end

data/spec/mongoid_acl/acl_spec.rb

@@ -18,7 +18,7 @@ describe Mongoid::ACL do
   end
   context 'user1 can manage post1' do
     before :all do
-      @post1.can_manage!(@user1.id)
+      @post1.grant_manage!(@user1.id)
       @post1 = Post.find(@post1.id)
     end
     
@@ -41,5 +41,24 @@ describe Mongoid::ACL do
       @post1.can_manage?(@user2.id).should == false
     end
   end
+  
+  context 'user1 has manage rights revoked' do
+    before :all do
+      @post1.revoke_manage!(@user1.id)
+      @post1 = Post.find(@post1.id)
+
+    end
+    
+    it 'should have an empty acl list' do
+      @post1.acls.should == { 
+        Mongoid::ACL::READ_PERM => [],
+        Mongoid::ACL::UPDATE_PERM => [],
+        Mongoid::ACL::DESTROY_PERM => []
+      }
+    end
+    it 'should not allow user1 to manage post1' do
+      @post1.can_manage?(@user1.id).should == false
+    end
+  end
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mongoid_acl
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.1.0
   prerelease: 
 platform: ruby
 authors:
@@ -13,7 +13,7 @@ date: 2011-12-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2152720440 !ruby/object:Gem::Requirement
+  requirement: &2152144440 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: '2.5'
   type: :development
   prerelease: false
-  version_requirements: *2152720440
+  version_requirements: *2152144440
 - !ruby/object:Gem::Dependency
   name: mongoid
-  requirement: &2152719420 !ruby/object:Gem::Requirement
+  requirement: &2152143880 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -32,10 +32,10 @@ dependencies:
         version: '2.2'
   type: :development
   prerelease: false
-  version_requirements: *2152719420
+  version_requirements: *2152143880
 - !ruby/object:Gem::Dependency
   name: bson_ext
-  requirement: &2152718760 !ruby/object:Gem::Requirement
+  requirement: &2152143340 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -43,10 +43,10 @@ dependencies:
         version: '1.3'
   type: :development
   prerelease: false
-  version_requirements: *2152718760
+  version_requirements: *2152143340
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &2152718140 !ruby/object:Gem::Requirement
+  requirement: &2152142960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,7 +54,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2152718140
+  version_requirements: *2152142960
 description: Add basic Access Control Lists to Mongoid documents. Optimized for speed
   by using only ONE request to MongoDB to validate, update, and retrieve updated data.
 email: progster@gmail.com