permiso 0.1.1

data/.gitignore

@@ -0,0 +1,6 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+README.html
+

data/.rspec

@@ -0,0 +1,3 @@
+--color
+--format documentation
+--drb

data/Gemfile

@@ -0,0 +1,10 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in permiso.gemspec
+gemspec
+
+
+group :test do
+  gem 'spork'
+  gem 'rspec'
+end

data/README.md

@@ -0,0 +1,76 @@
+CSS: http://hotx.resfinity.com/css/readme.css
+
+# Permiso
+is a lightweight gem for defining and veryfying permissions, or in other words checking authorization.
+
+
+Define a class with your abilities, you can name it whatever you want, but Ability is a nice name I borrowed from [cancan](https://github.com/ryanb/cancan).
+
+## Permiso helper methods
+
+* **role**: defines what a named role can do
+* **rule**: defines additional checks which must be met in order 
+
+## The easy example
+
+    class Ability
+      include Permiso::Ability
+      
+      def initialize
+        role :admin do
+          can :delete
+        end
+      end
+    end
+
+Checking now is easy:
+
+    ability = Ability.new
+    ability.can? :admin, :delete
+
+## Example with rules
+A more complex example with rules and a domain object injected
+
+    class Ability
+      include Permiso::Ability
+
+      def initialize(booking)
+        @booking = booking
+
+        role :admin do
+          can :cancel
+          can :create
+        end
+
+        rule :cancel do
+          @booking.status == 'book_confirmed'
+        end
+      end
+
+    end
+
+Checking is (almost) the same as in the prior example:
+
+    ability = Ability.new(booking)
+    ability.can? :admin, :cancel
+
+In this case, only the admin can cancel the booking, if the status is book_confirmed.
+
+I use dependency injection, to bring in an object on which I conduct test, in this case the booking.
+
+## Using in Padrino
+For that I define a helper
+
+    MyWebApp.helpers do
+      def can(action)
+        ability = Ability.new(@booking)
+        ability.can? current_user.role, action
+      end
+    end
+
+which then allows me to use this in my `haml` file:
+
+    - if can :cancel
+      %a{ :href => '/cancel' }
+
+

data/Rakefile

@@ -0,0 +1,3 @@
+require 'bundler/gem_tasks'
+
+Dir["**/*.rake"].each {|ext| load ext}

data/lib/permiso/version.rb

@@ -0,0 +1,3 @@
+module Permiso
+  VERSION = "0.1.1"
+end

data/lib/permiso.rb

@@ -0,0 +1,49 @@
+require "permiso/version"
+
+module Permiso
+  module Ability
+
+    def roles
+      @roles ||= {}
+    end
+
+    def rules
+      @ruls ||= {}
+    end
+
+    def can(ability, subject=nil)
+      r = roles[@current_role] ||= []
+      r << ability
+    end
+
+    def role(name, &block)
+      @current_role = name
+      block.call
+    end
+
+    def rule(name, &block)
+      rules[name] = block
+    end
+
+    def can?(role, action, args={})
+      return false unless role_can?(role, action)
+      rule_allows?(action)
+    end
+
+    def rule_allows?(action)
+      rule = rules[action]
+      return true if rule.nil?
+      rule.call
+    end
+
+    def role_can?(role, action)
+      allowed_actions = roles[role]
+      allowed_actions && allowed_actions.include?(action)
+    end
+
+    def inspect
+      roles.each {|role, abilities| puts "#{role} can #{abilities.inspect}"}
+      rules.each {|rule| puts "rule #{rule}" }
+    end
+  end
+end

data/permiso.gemspec

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "permiso/version"
+
+Gem::Specification.new do |s|
+  s.name        = "permiso"
+  s.version     = Permiso::VERSION
+  s.authors     = ["Piotr Zolnierek"]
+  s.email       = ["pzolnierek@gmail.com"]
+  s.homepage    = "https://github.com/pzol/permiso"
+  s.summary     = %q{A lightweight gem for checking permissions}
+  s.description = %q{see README.md}
+
+  s.rubyforge_project = "permiso"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

data/spec/lib/permiso_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe Permiso do
+  before(:all) do
+    @user = {:role => 'admin'}
+    @booking = { 'ref_anixe' => '6666', 'status' => 'book_confirmed' }
+  end
+
+  class AbilityTest
+    include Permiso::Ability
+
+    def initialize(booking)
+      @booking = booking
+
+      role :admin do
+        can :cancel
+        can :create
+      end
+
+      rule :cancel do
+        @booking['status'] == 'book_confirmed'
+      end
+    end
+
+  end
+
+  it 'should allow, when role is defined' do
+    ability = AbilityTest.new(@booking)
+    ability.can?(:admin, :cancel).should be_true
+    ability.can?(:admin, :create).should be_true
+  end
+
+  it 'should NOT allow, when role is NOT defined' do
+    ability = AbilityTest.new(@booking)
+    ability.can?(:anybody, :cancel).should be_false
+  end
+
+end

data/spec/spec.rake

@@ -0,0 +1,22 @@
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec) do |t|
+  t.pattern = "./spec/**/*_spec.rb"
+  # Put spec opts in a file named .rspec in root
+end
+
+namespace :spork do
+ desc "start spork in background"
+ task :start do
+   sh %{spork &}
+ end
+
+ desc "stop spork"
+ task :stop do
+   Process.kill(:TERM, `ps -ef | grep spork | grep -v grep | awk '{ print $2 }'`.to_i)
+ end
+
+ desc "restart spork"
+ task :restart => [:stop, :start]
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,12 @@
+Spork.prefork do
+  require 'bundler'
+  Bundler.setup
+  Bundler.require(:default, :test)
+end
+
+Spork.each_run do
+  # This code will be run each time you run your specs.
+end
+
+
+Dir[File.expand_path("../factories/*.rb", __FILE__)].each { |f| require f }

metadata

@@ -0,0 +1,69 @@
+--- !ruby/object:Gem::Specification 
+name: permiso
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.1.1
+platform: ruby
+authors: 
+- Piotr Zolnierek
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-07-12 00:00:00 +02:00
+default_executable: 
+dependencies: []
+
+description: see README.md
+email: 
+- pzolnierek@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rspec
+- Gemfile
+- README.md
+- Rakefile
+- lib/permiso.rb
+- lib/permiso/version.rb
+- permiso.gemspec
+- spec/lib/permiso_spec.rb
+- spec/spec.rake
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: https://github.com/pzol/permiso
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: permiso
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: A lightweight gem for checking permissions
+test_files: 
+- spec/lib/permiso_spec.rb
+- spec/spec.rake
+- spec/spec_helper.rb