permiso 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.md +3 -0
- data/Gemfile +0 -1
- data/README.md +21 -1
- data/lib/permiso/version.rb +1 -1
- data/lib/permiso.rb +8 -5
- data/spec/lib/permiso_spec.rb +13 -1
- data/spec/spec.rake +0 -16
- data/spec/spec_helper.rb +3 -10
- metadata +21 -30
data/CHANGELOG.md
ADDED
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -6,6 +6,17 @@ is a lightweight gem for defining and veryfying permissions, or in other words c
|
|
6
6
|
|
7
7
|
Define a class with your abilities, you can name it whatever you want, but Ability is a nice name I borrowed from [cancan](https://github.com/ryanb/cancan).
|
8
8
|
|
9
|
+
## Installation
|
10
|
+
Choose your weapon, via command line
|
11
|
+
|
12
|
+
gem install permiso
|
13
|
+
|
14
|
+
in a `Gemfile`
|
15
|
+
|
16
|
+
gem 'permiso' # latest stable
|
17
|
+
gem 'permiso', :git => 'git://github.com/pzol/permiso.git' # for the bleeding edge
|
18
|
+
|
19
|
+
|
9
20
|
## Permiso helper methods
|
10
21
|
|
11
22
|
* **role**: defines what a named role can do
|
@@ -54,6 +65,11 @@ Checking is (almost) the same as in the prior example:
|
|
54
65
|
ability = Ability.new(booking)
|
55
66
|
ability.can? :admin, :cancel
|
56
67
|
|
68
|
+
Multiple roles are also supported:
|
69
|
+
|
70
|
+
ability = Ability.new(booking)
|
71
|
+
ability.can? [:admin, :user], :cancel
|
72
|
+
|
57
73
|
In this case, only the admin can cancel the booking, if the status is book_confirmed.
|
58
74
|
|
59
75
|
I use dependency injection, to bring in an object on which I conduct test, in this case the booking.
|
@@ -64,7 +80,7 @@ For that I define a helper
|
|
64
80
|
MyWebApp.helpers do
|
65
81
|
def can(action)
|
66
82
|
ability = Ability.new(@booking)
|
67
|
-
ability.can? current_user.
|
83
|
+
ability.can? current_user.roles, action
|
68
84
|
end
|
69
85
|
end
|
70
86
|
|
@@ -74,3 +90,7 @@ which then allows me to use this in my `haml` file:
|
|
74
90
|
%a{ :href => '/cancel' }
|
75
91
|
|
76
92
|
|
93
|
+
## TODO
|
94
|
+
* blocks for #can (defining)
|
95
|
+
* role priorities?
|
96
|
+
|
data/lib/permiso/version.rb
CHANGED
data/lib/permiso.rb
CHANGED
@@ -8,7 +8,7 @@ module Permiso
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def rules
|
11
|
-
@
|
11
|
+
@rules ||= {}
|
12
12
|
end
|
13
13
|
|
14
14
|
def can(ability, subject=nil)
|
@@ -25,8 +25,9 @@ module Permiso
|
|
25
25
|
rules[name] = block
|
26
26
|
end
|
27
27
|
|
28
|
-
def can?(
|
29
|
-
|
28
|
+
def can?(user_roles, action, args={})
|
29
|
+
user_roles = [user_roles] unless user_roles.kind_of? Array
|
30
|
+
return false unless user_roles.detect {|r| role_can?(r, action) }
|
30
31
|
rule_allows?(action)
|
31
32
|
end
|
32
33
|
|
@@ -42,8 +43,10 @@ module Permiso
|
|
42
43
|
end
|
43
44
|
|
44
45
|
def inspect
|
45
|
-
|
46
|
-
|
46
|
+
out = {}
|
47
|
+
roles.each {|role, abilities| out[:roles] ||= [] << {role => abilities}}
|
48
|
+
rules.keys.each {|rule| out[:rules] ||= [] << rule }
|
49
|
+
out
|
47
50
|
end
|
48
51
|
end
|
49
52
|
end
|
data/spec/lib/permiso_spec.rb
CHANGED
@@ -2,7 +2,7 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe Permiso do
|
4
4
|
before(:all) do
|
5
|
-
@user = {:role =>
|
5
|
+
@user = {:role => [:admin, :user]}
|
6
6
|
@booking = { 'ref_anixe' => '6666', 'status' => 'book_confirmed' }
|
7
7
|
end
|
8
8
|
|
@@ -17,6 +17,10 @@ describe Permiso do
|
|
17
17
|
can :create
|
18
18
|
end
|
19
19
|
|
20
|
+
role :user do
|
21
|
+
can :read
|
22
|
+
end
|
23
|
+
|
20
24
|
rule :cancel do
|
21
25
|
@booking['status'] == 'book_confirmed'
|
22
26
|
end
|
@@ -26,8 +30,16 @@ describe Permiso do
|
|
26
30
|
|
27
31
|
it 'should allow, when role is defined' do
|
28
32
|
ability = AbilityTest.new(@booking)
|
33
|
+
p ability
|
29
34
|
ability.can?(:admin, :cancel).should be_true
|
30
35
|
ability.can?(:admin, :create).should be_true
|
36
|
+
ability.can?(:user, :read).should be_true
|
37
|
+
end
|
38
|
+
|
39
|
+
it 'should allow, when there are multiple roles and at least one is allowed' do
|
40
|
+
ability = AbilityTest.new(@booking)
|
41
|
+
ability.can?([:user, :admin], :read).should be_true
|
42
|
+
ability.can?([:anybody, :else], :read).should be_false
|
31
43
|
end
|
32
44
|
|
33
45
|
it 'should NOT allow, when role is NOT defined' do
|
data/spec/spec.rake
CHANGED
@@ -4,19 +4,3 @@ RSpec::Core::RakeTask.new(:spec) do |t|
|
|
4
4
|
t.pattern = "./spec/**/*_spec.rb"
|
5
5
|
# Put spec opts in a file named .rspec in root
|
6
6
|
end
|
7
|
-
|
8
|
-
namespace :spork do
|
9
|
-
desc "start spork in background"
|
10
|
-
task :start do
|
11
|
-
sh %{spork &}
|
12
|
-
end
|
13
|
-
|
14
|
-
desc "stop spork"
|
15
|
-
task :stop do
|
16
|
-
Process.kill(:TERM, `ps -ef | grep spork | grep -v grep | awk '{ print $2 }'`.to_i)
|
17
|
-
end
|
18
|
-
|
19
|
-
desc "restart spork"
|
20
|
-
task :restart => [:stop, :start]
|
21
|
-
end
|
22
|
-
|
data/spec/spec_helper.rb
CHANGED
@@ -1,12 +1,5 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
Bundler.require(:default, :test)
|
5
|
-
end
|
6
|
-
|
7
|
-
Spork.each_run do
|
8
|
-
# This code will be run each time you run your specs.
|
9
|
-
end
|
10
|
-
|
1
|
+
require 'bundler'
|
2
|
+
Bundler.setup
|
3
|
+
Bundler.require(:default, :test)
|
11
4
|
|
12
5
|
Dir[File.expand_path("../factories/*.rb", __FILE__)].each { |f| require f }
|
metadata
CHANGED
@@ -1,31 +1,26 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: permiso
|
3
|
-
version: !ruby/object:Gem::Version
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.2.0
|
4
5
|
prerelease:
|
5
|
-
version: 0.1.1
|
6
6
|
platform: ruby
|
7
|
-
authors:
|
7
|
+
authors:
|
8
8
|
- Piotr Zolnierek
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
|
13
|
-
date: 2011-07-12 00:00:00 +02:00
|
14
|
-
default_executable:
|
12
|
+
date: 2011-08-17 00:00:00.000000000Z
|
15
13
|
dependencies: []
|
16
|
-
|
17
14
|
description: see README.md
|
18
|
-
email:
|
15
|
+
email:
|
19
16
|
- pzolnierek@gmail.com
|
20
17
|
executables: []
|
21
|
-
|
22
18
|
extensions: []
|
23
|
-
|
24
19
|
extra_rdoc_files: []
|
25
|
-
|
26
|
-
files:
|
20
|
+
files:
|
27
21
|
- .gitignore
|
28
22
|
- .rspec
|
23
|
+
- CHANGELOG.md
|
29
24
|
- Gemfile
|
30
25
|
- README.md
|
31
26
|
- Rakefile
|
@@ -35,35 +30,31 @@ files:
|
|
35
30
|
- spec/lib/permiso_spec.rb
|
36
31
|
- spec/spec.rake
|
37
32
|
- spec/spec_helper.rb
|
38
|
-
has_rdoc: true
|
39
33
|
homepage: https://github.com/pzol/permiso
|
40
34
|
licenses: []
|
41
|
-
|
42
35
|
post_install_message:
|
43
36
|
rdoc_options: []
|
44
|
-
|
45
|
-
require_paths:
|
37
|
+
require_paths:
|
46
38
|
- lib
|
47
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
39
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
48
40
|
none: false
|
49
|
-
requirements:
|
50
|
-
- -
|
51
|
-
- !ruby/object:Gem::Version
|
52
|
-
version:
|
53
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
41
|
+
requirements:
|
42
|
+
- - ! '>='
|
43
|
+
- !ruby/object:Gem::Version
|
44
|
+
version: '0'
|
45
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
54
46
|
none: false
|
55
|
-
requirements:
|
56
|
-
- -
|
57
|
-
- !ruby/object:Gem::Version
|
58
|
-
version:
|
47
|
+
requirements:
|
48
|
+
- - ! '>='
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: '0'
|
59
51
|
requirements: []
|
60
|
-
|
61
52
|
rubyforge_project: permiso
|
62
|
-
rubygems_version: 1.6
|
53
|
+
rubygems_version: 1.8.6
|
63
54
|
signing_key:
|
64
55
|
specification_version: 3
|
65
56
|
summary: A lightweight gem for checking permissions
|
66
|
-
test_files:
|
57
|
+
test_files:
|
67
58
|
- spec/lib/permiso_spec.rb
|
68
59
|
- spec/spec.rake
|
69
60
|
- spec/spec_helper.rb
|