protector 0.3.2 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 548944803f26efdf8c5d027636507a7cde1ae2af
-  data.tar.gz: 47db9641369c7abd7e94a77c42965a7f21d4bfe3
+  metadata.gz: 96fab27725783cc22165b845a9c4064f116dbe35
+  data.tar.gz: 7a8dbdbffefcb27380c5c9ff0972a9a2704c1be6
 SHA512:
-  metadata.gz: d72997d51f020a5fb084f946d217e48cffb94e3e52d56ebcfdcae2f8aef1d66371c5fdbb3c9710d4beec6475a025c7f56cf1d89a23eae504f8ad7368ea64a5dd
-  data.tar.gz: 63d81d5f539f4159cce19aafdd1f2e32e90e6b8ead2ca051a15644ebcd75ac2d316dcd6f0979f37635dec4dbc0d18cf89ab5ec88578c63ed185e675c7088ded6
+  metadata.gz: 82c3d96e96ad45313add53cb1ef48fb7fa3df78bac3a8566c820a2f3db1a7bbe63fa216685780cf813ad80fd9678d583acd921a8a8a50f56253d2685241ae32c
+  data.tar.gz: df173a15749af23f7be5e38cf163aa613f42e8750ae2e9fe61a423b3deec66676e9c13c42043775c4539e53572f81f9ce0211fd1fcb2a5517179feed6631ec93

data/README.md

@@ -15,7 +15,12 @@ We are working hard to extend the list with:
 
   * [Mongoid](http://mongoid.org/en/mongoid/index.html)
   * [ROM](https://github.com/rom-rb/rom)
-  * [DataMapper](http://datamapper.org/) (its undead so it might be skipped)
+
+## Compatibility
+
+Protector is an extension and therefore hides deeply inside your ORM library making itself compatible to the most gems you use. Sometimes however, you might need additional integration to take the best from it:
+
+  * [Protector::SimpleForm](https://github.com/deversus/protector-simple_form)
 
 ## Basics
 
@@ -55,13 +60,15 @@ class Article < ActiveRecord::Base          # Fields: title, text, user_id, hidd
 end
 ```
 
+Inside your model, you can have several `protect` calls that will get merged. Using this you can move basic rules to a separate module to keep code DRY.
+
 Now that we have ACL described we can enable it as easy as:
 
 ```ruby
 article.restrict!(current_user)    # Assuming article is an instance of Article
 ```
 
-Now if `current_user` is a guest we will get `nil` from `article.text`. At the same time we will get validation error if we pass any fields but title, text and user_id (equal to our own id) on creation.
+If `current_user` is a guest we will get `nil` from `article.text`. At the same time we will get validation error if we pass any fields but title, text and user_id (equal to our own id) on creation.
 
 To make model unsafe again call:
 
@@ -196,14 +203,10 @@ Protector::Adapters::ActiveRecord.activate!
 
 Where "ActiveRecord" is the adapter you are about to use. It can be "Sequel", "DataMapper", "Mongoid".
 
-## Contributing
+## Maintainers
 
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+* Boris Staal, [@inossidabile](http://staal.io)
 
-## LICENSE
+## License
 
 It is free software, and may be redistributed under the terms of MIT license.

data/gemfiles/AR_3.2.gemfile.lock

@@ -10,7 +10,7 @@ GIT
 PATH
   remote: /Users/inossidabile/Repos/protector
   specs:
-    protector (0.3.2)
+    protector (0.3.3)
       activesupport
       i18n
 

data/gemfiles/AR_4.gemfile.lock

@@ -6,7 +6,7 @@ GIT
 PATH
   remote: /Users/inossidabile/Repos/protector
   specs:
-    protector (0.3.2)
+    protector (0.3.3)
       activesupport
       i18n
 

data/gemfiles/Sequel.gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: /Users/inossidabile/Repos/protector
   specs:
-    protector (0.3.2)
+    protector (0.3.3)
       activesupport
       i18n
 

data/lib/protector/adapters/active_record/base.rb

@@ -31,7 +31,7 @@ module Protector
             super
           end
 
-          if Gem::Version.new(::ActiveRecord::VERSION::STRING) < Gem::Version.new('4.0.0')
+          unless Protector::Adapters::ActiveRecord.modern?
             def self.restrict!(subject)
               scoped.restrict!(subject)
             end

data/lib/protector/adapters/active_record/relation.rb

@@ -114,7 +114,7 @@ module Protector
 
                 # AR 4 has awfull inconsistency when it comes to method `all`
                 # We have to mimic base class behaviour for relation we get from `unscoped`
-                if Gem::Version.new(::ActiveRecord::VERSION::STRING) >= Gem::Version.new('4.0.0')
+                if Protector::Adapters::ActiveRecord.modern?
                   class <<unscoped
                     def all
                       self

data/lib/protector/adapters/active_record.rb

@@ -9,6 +9,8 @@ module Protector
     module ActiveRecord
       # YIP YIP! Monkey-Patch the ActiveRecord.
       def self.activate!
+        return false unless defined?(::ActiveRecord)
+
         ::ActiveRecord::Base.send :include, Protector::Adapters::ActiveRecord::Base
         ::ActiveRecord::Relation.send :include, Protector::Adapters::ActiveRecord::Relation
         ::ActiveRecord::Associations::SingularAssociation.send :include, Protector::Adapters::ActiveRecord::Association
@@ -16,6 +18,23 @@ module Protector
         ::ActiveRecord::Associations::Preloader.send :include, Protector::Adapters::ActiveRecord::Preloader
         ::ActiveRecord::Associations::Preloader::Association.send :include, Protector::Adapters::ActiveRecord::Preloader::Association
       end
+
+      def self.modern?
+        Gem::Version.new(::ActiveRecord::VERSION::STRING) >= Gem::Version.new('4.0.0')
+      end
+
+      def self.is?(instance)
+        instance.is_a?(::ActiveRecord::Relation) ||
+        (instance.is_a?(Class) && instance < ActiveRecord::Base)
+      end
+
+      def self.nullify(relation)
+        if modern?
+          relation.none
+        else
+          relation.where("1=0")
+        end
+      end
     end
   end
 end

data/lib/protector/adapters/sequel/model.rb

@@ -91,11 +91,13 @@ module Protector
 
         # This is used whenever we fetch data
         def _associated_dataset(*args)
+          return super unless protector_subject?
           super.restrict!(protector_subject)
         end
 
         # This is used whenever we call counters and existance checkers
         def _dataset(*args)
+          return super unless protector_subject?
           super.restrict!(protector_subject)
         end
       end

data/lib/protector/adapters/sequel.rb

@@ -8,10 +8,21 @@ module Protector
     module Sequel
       # YIP YIP! Monkey-Patch the Sequel.
       def self.activate!
+        return false unless defined?(::Sequel)
+
         ::Sequel::Model.send :include, Protector::Adapters::Sequel::Model
         ::Sequel::Dataset.send :include, Protector::Adapters::Sequel::Dataset
         ::Sequel::Model::Associations::EagerGraphLoader.send :include, Protector::Adapters::Sequel::EagerGraphLoader
       end
+
+      def self.is?(instance)
+        instance.kind_of?(::Sequel::Dataset) ||
+        (instance.kind_of?(Class) && instance < ::Sequel::Model)
+      end
+
+      def self.nullify(relation)
+        relation.where("1=0")
+      end
     end
   end
 end

data/lib/protector/dsl.rb

@@ -61,7 +61,11 @@ module Protector
         def relation
           return false unless scoped?
 
-          @relation ||= @model.instance_eval(&@scope_proc)
+          unless @relation
+            @relation = @model.instance_eval(&@scope_proc)
+          end
+
+          @relation
         end
 
         # Enables action for given fields.

data/lib/protector/version.rb

@@ -1,4 +1,4 @@
 module Protector
   # Gem version
-  VERSION = "0.3.2"
+  VERSION = "0.3.3"
 end

data/lib/protector.rb

@@ -8,16 +8,27 @@ require "protector/adapters/sequel"
 
 I18n.load_path += Dir[File.expand_path File.join('..', 'locales', '*.yml'), File.dirname(__FILE__)]
 
-Protector::Adapters::ActiveRecord.activate! if defined?(ActiveRecord)
-Protector::Adapters::Sequel.activate! if defined?(Sequel)
-
 module Protector
+  class << self
+    ADAPTERS = [
+      Protector::Adapters::ActiveRecord,
+      Protector::Adapters::Sequel
+    ]
+
+    attr_accessor :paranoid
 
-  # Allows executing any code having Protector globally disabled
-  def self.insecurely(&block)
-    Thread.current[:protector_disabled] = true
-    yield
-  ensure
-    Thread.current[:protector_disabled] = false
+    # Allows executing any code having Protector globally disabled
+    def insecurely(&block)
+      Thread.current[:protector_disabled] = true
+      yield
+    ensure
+      Thread.current[:protector_disabled] = false
+    end
+
+    def activate!
+      ADAPTERS.each{|adapter| adapter.activate!}
+    end
   end
-end
+end
+
+Protector.activate!

data/spec/lib/adapters/active_record_spec.rb

@@ -37,6 +37,13 @@ if defined?(ActiveRecord)
       Fluffy.all.each{|f| Loony.create! fluffy_id: f.id, string: 'zomgstring' }
     end
 
+    describe Protector::Adapters::ActiveRecord do
+      it "finds out whether object is AR relation" do
+        Protector::Adapters::ActiveRecord.is?(Dummy).should == true
+        Protector::Adapters::ActiveRecord.is?(Dummy.every).should == true
+      end
+    end
+
     #
     # Model instance
     #

data/spec/lib/adapters/sequel_spec.rb

@@ -37,6 +37,14 @@ if defined?(Sequel)
       Fluffy.all.each{|f| Loony.create fluffy_id: f.id, string: 'zomgstring' }
     end
 
+    describe Protector::Adapters::Sequel do
+      it "finds out whether object is Sequel relation" do
+        Protector::Adapters::Sequel.is?(Dummy).should == true
+        Protector::Adapters::Sequel.is?(Dummy.where).should == true
+      end
+    end
+
+
     #
     # Model instance
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: protector
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.3.3
 platform: ruby
 authors:
 - Boris Staal
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-06 00:00:00.000000000 Z
+date: 2013-07-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport