permissable 0.0.3 → 0.1.0

data/VERSION

@@ -1 +1 @@
-0.0.3
+0.1.0

data/lib/permissable/member.rb

@@ -4,94 +4,51 @@ module Permissable
     
     def self.included(base)      
       base.send :include, InstanceMethods
-      member_klass = (base.permissable_by_association) ? base.permissable_by_association.to_s.classify.constantize : base
-      member_klass.class_eval do 
-        has_many :permissions, :as => :member, :conditions => { :member_type => "#{self.to_s}" }
-      end
-      base.send :include, ((base.permissable_by_association) ? AssociatedMethods : MemberMethods)
+      base.send :attr_protected, :member_identifier
     end
-    
+     
     # This module includes methods that should exist on ALL members.
     module InstanceMethods
       
-      # When a member is initialized, its definitions are eager-loaded to cut down on database queries.
-      # Once loaded all of the permission definitions are cached into the @permission_definitions variable.
-      attr_accessor :permission_definitions
-      
-      # Can this member perform the requested action?
+      # The can? method returns a boolen value specifying whether or not this member can perform the specific method on resource
       def can?(method, resource)
-        method = method.to_s       
-        permissions.for_resource(resource).with_permission_to(method).exists?
-      end
-      
-      # Set a permission
-      def can!(methods, resource)
-        methods = [methods].flatten.uniq
-        
-        members.each do |member|
-          methods.each do |perm|
-            next if resource.permissions.for_member(member).with_permission_to(perm).exists?
-            new_permission = Permission.new({ :permission_type => method.to_s })
-            new_permission.member   = m
-            new_permission.resource = resource
-            new_permission.save 
-          end
-        end        
-      end
-      
-      def cannot?(methods, resource)
-        !can?(methods, resource)
-      end
-      
-      def cannot!(methods, resources)
-        methods  = [methods].flatten.uniq
-        existing = permissions.for_resource(resource).with_permission_to(methods).all.collect{ |perm| perm.id }.uniq
-        Permission.destroy(existing)
-      end
-      
-      def permissions_for(resource)
-        permissions.for_resource(resource).all.collect{ |p| p.permission_type.to_sym }.uniq
-      end
-      
-      def permissions_for?(resource)
-        !permissions_for(resource).empty?
+        permissions_for(resource, method).exists?
       end
       
-      private
+      # Alias to can? to get the inverse.
+      def cannot?(method, resource); !can?(method, resource); end
       
-      def get_const(resource)
-        resource.class.to_s.classify.constantize
-      end
-            
-    end
-    
-    # This module gets included on member classes that are permissable directly.
-    module MemberMethods
-      alias_attribute :member_id, :id
-      def members; [self]; end
-    end
-    
-    # This module gets included on member classes that are permissable with an association.
-    module AssociatedMethods
-      
-      attr_reader :permissions
-      attr_reader :member_id
-      
-      def permissions
-        return @permissions unless @permissions.nil?
-        @permissions = Permission.where(:member_id => member_id, :member_type => association.to_s)
-      end
       
-      def association
-        permissable_by_association.to_s.classify.constantize
+      # This sets the member information for our permission lookup based on the current resource scope.
+      # These attributes correspond to the correct member_id and member_type in our permissions table.
+      def member_identifier(scope)
+        
+        @member_identifier ||= {}
+        # The scope should be the classname of a resource we are getting identifiers for
+        scope = scope.to_s.classify
+        
+        return @member_identifier[scope] unless @member_identifier[scope].nil?
+        return { :member_id => self.id, :member_type => self.class.to_s } unless permissable_associations.has_key?(scope)
+        
+        assoc_key = permissable_associations[scope]
+        assoc     = send "#{assoc_key}".to_sym
+        
+        @member_identifier[scope] = { :member_id => (assoc.is_a?(Array) ? assoc.collect{ |a| a.id } : assoc.id ), :member_type => assoc_key.to_s.classify }
+        
       end
+          
+      # Provide an instance method to our associations
+      def permissable_associations; self.class.permissable_associations; end
       
-      def member_id
-        @member_id || association.all.collect{ |a| a.attributes['id'] }
-      end
+      private 
       
-      def members
-        association.all
+      # Looks up permissions for a particular resource.
+      def permissions_for(resource, methods = nil)
+        scope  = resource.class.to_s.classify
+        return self.permissions unless permissable_associations.has_key?(scope)
+        relation = Permission.where(member_identifier(scope)).for_resource(resource)
+        relation = relation.with_permission_to(methods) unless methods.nil?
+        relation
       end
       
     end

data/lib/permissable/permission.rb

@@ -3,28 +3,19 @@ class Permission < ActiveRecord::Base
   belongs_to :resource, :polymorphic => true
   
   class << self
-    def for_member(member)
-      member = flatten(member)
-      where(:member_id => member[:ids], :member_type => member[:types])
-    end
     
     def for_resource(resource)
       resource = flatten(resource)
-      where(:resource_id => resource[:ids], :resource_type => resource[:types])
-    end
-    
-    def for_member_and_resource(member, resource)
-      for_member(member).for_resource(resource)
+      where(resource)
     end
     
-    def with_permission_to(perm)
-      perm = perm.is_a?(Array) ? perm.collect{ |p| p.to_s } : perm.to_s
-      where(:permission_type => perm)
+    def with_permission_to(methods)
+      where(:permission_type => [methods].flatten.uniq.collect{ |m| m.to_s.downcase })
     end
     
     def flatten(obj)
-      return { :ids => obj, :types => obj.class.to_s } unless obj.is_a?(Array)
-      { :ids => obj.collect{ |o| o.id }, :types => obj.collect{ |o| o.class.to_s } }
+      return { :resource_id => obj, :resource_type => obj.class.to_s } unless obj.is_a?(Array)
+      { :resource_id => obj.collect{ |o| o.id }, :resource_type => obj.collect{ |o| o.class.to_s } }
     end
     
   end

data/lib/permissable/resource.rb

@@ -3,19 +3,8 @@ module Permissable
   module Resource
     
     def self.included(base)
-      base.class_eval{ has_many(:permissions, :as => :resource, :conditions => { :resource_type => "#{self.to_s}" }) }
-      base.extend(ClassMethods)
     end
-    
-    module ClassMethods
-      private 
-      def set_permissions!(permission_list)
-        class_inheritable_accessor :permissable_methods
-        write_inheritable_attribute(:permissable_methods, []) if permissable_methods.nil?
-        permissable_methods.concat permission_list.uniq.flatten
-      end
-    end
-    
+        
   end
   
 end

data/lib/permissable.rb

@@ -3,13 +3,10 @@
 # License:: MIT License (http://www.opensource.org/licenses/mit-license.php)
 #
 # Permissable creates the ability to add a permissions system to "resources" based on a "member".
-# It allows you to define a member using the +permissable+ method:
+# It allows you to define a member using the +has_permissions_for+ method:
 #
 #  class User < ActiveRecord::Base
-#    permissable do |configure|
-#      configure.permission_for :read, :posts, :categories
-#      configure.permission_for [:read, :write, :moderate], :comments
-#    end
+#    has_permissions_for [:section, :category, :entry], :to => [:read, :write, :moderate]
 #  end
 #
 # Permissable uses a single "permissions" table (and subsuquently a Permission model), with a polymorphic relationship
@@ -32,7 +29,7 @@ module Permissable
     class PermissableError < StandardError
     end
     
-    class PermissionNotDefined < PermissableError
+    class PermissionNotDefined < PermissableError      
     end
     
     class ResourceNotPermissable < PermissableError
@@ -40,45 +37,65 @@ module Permissable
     
     module ClassMethods
       
-      # +permissable+ gives the class its called on the ability to effect various permission states on the resources
-      # it specifies. It accepts an options hash and a block. The following options are supported:
+      # +has_permissions_for+ gives the class its called on the ability to effect various permission states on the resources
+      # it specifies. It requires two parameters, a resource or array of resources to add permissions to, and an options
+      # hash with instructions of how to handle the permissions.
+      # The options hash consists of the following keys, but only the :to key is required.
       #
-      # * with: This is an association of the primary member class. This allows you to use an association to determine
-      #   which permissions are available. One example of this would be to assign permission to Roles of a User class.
-      #   In this case, when doing lookups, it will use the permissions assigned to each Role the user belongs to.
-      #   The with option accepts the association in the same manner as you would define it in active record.
-      #   ie: has_many roles would be: :with => :roles. belongs_to role would be :with => :role
-      def permissable(options = {})
+      # * +to+: This is a permission or array of permissions allowed. You can use any number of values
+      #   and those values can be whatever you want. You must include at least one.
+      #
+      # * +through+: Allows you to scope permissions through one of the member's associations. For example, if your member is
+      #   a User, and that user has_many Roles, you could set permissions :through => :roles. When looking up permissions
+      #   Permissable will use the association instead of the main member object. This also applies to setting permissions.
+      #   NOTE: The :through option uses the same value as your assocation. If the association is a has_many, the value will be
+      #   plural. Likewise belongs_to or has_one associations will be singular. The best way to think of this is that the 
+      #   :through attribute would be exactly the same as the method you would call on your model to find its associations.
+      #
+      def has_permissions_for(resources, options = {})
+        raise Permissable::PermissionNotDefined, "has_permissions_for missing the :to option." unless options.has_key?(:to) and !options[:to].empty?
         
-        write_inheritable_attribute :permissable_by_association, (options[:with] || false)
-        class_inheritable_reader :permissable_by_association
+        write_inheritable_attribute(:permissable_associations, {}) if permissable_associations.nil?
+        resources = [resources].flatten
         
-        write_inheritable_attribute :has_permissions_for, []
-        class_inheritable_accessor :has_permissions_for
-
-        # The class that called permissable becomes a member.
+        resources.each do |resource| 
+          resource = resource.to_s.classify          
+          
+          # If there is an association on these resources, add those to our associations attribute
+          # so our classes and sub classes will know about it.
+          if options.has_key?(:through)
+            
+            permissable_associations[resource] = options[:through]
+            assoc = options[:through].to_s.classify.constantize
+            
+            # Our association also creates a has_many association on our permissions table.
+            assoc.class_eval do
+              has_many(:permissions, :as => :member, :conditions => { :member_type => "#{self.to_s}" }) unless respond_to? :permissions
+            end
+                        
+          end
+          
+          # Setup a has_many association of permissions on our resource.
+          resource.constantize.class_eval do 
+            include Permissable::Resource
+            has_many(:permissions, :as => :resource, :conditions => { :resource_type => "#{self.to_s}" }) unless respond_to? :permissions
+          end
+          
+        end
+        
+        # This class becomes a member to resources.
         include Permissable::Member
         
-        # Yield the permissions block to add permissions.
-        yield self
+        # Members create a has_many association on permissions as a member.
+        has_many(:permissions, :as => :member, :conditions => { :member_type => "#{self.to_s}" }) unless respond_to? :permissions
         
-      end
+      end 
       
-      # +permission_for+ is called via the permissable block
-      def permission_for(methods, *resources)
-        
-        methods = [methods].flatten
-        
-        # Add each resource to the member class' permissions list.
-        has_permissions_for.concat(resources).flatten.uniq
-        
-        resources.uniq.each do |resource|          
-          #Include the Resource module to each resource class.
-          resource.to_s.classify.constantize.class_eval{ include Permissable::Resource }
-          resource.to_s.classify.constantize.send :set_permissions!, methods
-        end
-        
-      end   
+      # Each time has_permissions_for is called, different associations may exist.
+      # This provides a way to store and update them all as necessary.
+      def permissable_associations
+        read_inheritable_attribute(:permissable_associations)
+      end  
          
     end    
 end

data/permissable.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{permissable}
-  s.version = "0.0.3"
+  s.version = "0.1.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Brent Kirby"]
-  s.date = %q{2010-07-25}
+  s.date = %q{2010-07-26}
   s.description = %q{Permissable lets you set a number of 'permissions' to your database models. By assigning 'members' to 'resources' (models) you can specify various permission states.}
   s.email = %q{brent@kurbmedia.com}
   s.extra_rdoc_files = [
@@ -28,6 +28,7 @@ Gem::Specification.new do |s|
      "lib/permissable/member.rb",
      "lib/permissable/permission.rb",
      "lib/permissable/resource.rb",
+     "permissable-0.0.3.gem",
      "permissable.gemspec",
      "test/helper.rb",
      "test/test_permissable.rb"

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: permissable
 version: !ruby/object:Gem::Version 
-  hash: 25
+  hash: 27
   prerelease: false
   segments: 
   - 0
+  - 1
   - 0
-  - 3
-  version: 0.0.3
+  version: 0.1.0
 platform: ruby
 authors: 
 - Brent Kirby
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-25 00:00:00 -04:00
+date: 2010-07-26 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -53,6 +53,7 @@ files:
 - lib/permissable/member.rb
 - lib/permissable/permission.rb
 - lib/permissable/resource.rb
+- permissable-0.0.3.gem
 - permissable.gemspec
 - test/helper.rb
 - test/test_permissable.rb