rails-canhaz 0.4.1 → 1.0.0

data/README.md

@@ -81,13 +81,24 @@ artice.subjects_with_permission(User, :read) # Will return all the users hat are
 
 user.cannot!(:read, article)
 
+# Version 1.0.0 introduces global permissions :
+
+user.can?(:haz_cheezburgers) # false
+
+user.can!(:haz_cheezburgers)
+
+user.can?(:haz_cheezburgers) # true
+
 ```
 
 ## Changelog
-
+* 1.0.0 (hurray !):
+  * Removing can and cannot deprecated functions (renamed to can! and cannot!)
+  * Adding global permissions for subjects
+* 0.4.1 :
+  * Adding a rails migration generator thanks to [Awea](http://github.com/Awea)
 * 0.4.0 :
   * Aliasing can to can! and deprecating can
   * Aliasing cannot to cannot! and deprecating cannot
-
 * 0.3.0 :
   * Removing rights from the database before destroying a subject or object model

data/lib/rails-canhaz/canhaz_permission.rb

@@ -7,18 +7,21 @@ class CanHazPermission < ActiveRecord::Base
   # Gets the permission row between two objects
   #
   # @param subject [ActiveRecord::Base] The subject
-  # @param object [ActiveRecord::Base] The object
+  # @param object [ActiveRecord::Base, nil] The object. Can be nil if it is a global permission that does not target an object
   # @param permission [String, Symbol] The permission identifier
   # @return [CanHazPermission, nil] The corresponding permission if found or nil
-  def self.find_permission(subject, object, permission)
+  def self.find_permission(subject, object = nil, permission)
     raise NotACanHazSubject unless subject.canhaz_subject?
-    raise NotACanHazObject unless object.canhaz_object?
+    raise NotACanHazObject unless (object.nil? || object.canhaz_object?)
+
+    object_type = object.nil? ? nil : object.class.to_s
+    object_id = object.nil? ? nil : object.id
 
     results = CanHazPermission.where(
       :csubject_id      => subject.id,
       :csubject_type    => subject.class.to_s,
-      :cobject_id       => object.id,
-      :cobject_type     => object.class.to_s,
+      :cobject_id       => object_id,
+      :cobject_type     => object_type,
       :permission_name  => permission
     )
     results.first

data/lib/rails-canhaz/extensions_subject.rb

@@ -2,26 +2,23 @@ module CanHaz
   module ModelExtensions
     module Subject
 
-      # Alias for {#can!}
-      #
-      # @deprecated Please use {#can!} instead
-      def can(permission, object)
-        warn "[DEPRECATION] can is deprecated and will be removed in a future release, please use `can!` instead"
-        self.can!(permission, object)
-      end
-
       # Creates a permission on a given object
       #
       # @param permission [String, Symbol] The identifier of the permission
-      # @param object [ActiveRecord::Base] The model on which the permission is effective
+      # @param object [ActiveRecord::Base, nil] The model on which the permission is effective
+      #   Can be nil if it is a global permission that does not target an object
       # @return [Bool] True if the role was successfully created, false if it was already present
-      def can!(permission, object)
-        raise Exceptions::NotACanHazObject unless object.canhaz_object?
+      def can!(permission, object = nil)
+        raise Exceptions::NotACanHazObject unless (object.nil? || object.canhaz_object?)
+
+        object_type = object.nil? ? nil : object.class.to_s
+        object_id = object.nil? ? nil : object.id
+
         CanHazPermission.new({
           :csubject_id       => self.id,
           :csubject_type     => self.class.to_s,
-          :cobject_type      => object.class.to_s,
-          :cobject_id        => object.id,
+          :cobject_type      => object_type,
+          :cobject_id        => object_id,
           :permission_name  => permission
           }).save
       end
@@ -29,27 +26,20 @@ module CanHaz
       # Checks if the subject has a given permission on a given object
       #
       # @param permission [String, Symbol] The identifier of the permission
-      # @param object [ActiveRecord::Base] The model we are testing the permission on
+      # @param object [ActiveRecord::Base, nil] The model we are testing the permission on
+      #   Can be nil if it is a global permission that does not target an object
       # @return [Bool] True if the user has the given permission, false otherwise
-      def can?(permission, object)
-        raise Exceptions::NotACanHazObject unless object.canhaz_object?
+      def can?(permission, object = nil)
+        raise Exceptions::NotACanHazObject unless (object.nil? || object.canhaz_object?)
         CanHazPermission.find_permission(self, object, permission) != nil
       end
 
-      # Alias for {#cannot!}
-      #
-      # @deprecated Please use {#cannot!} instead
-      def cannot(permission, object)
-        warn "[DEPRECATION] cannot is deprecated and will be removed in a future release, please use `cannot!` instead"
-        self.cannot!(permission, object)
-      end
-
       # Removes a permission on a given object
       #
       # @param permission [String, Symbol] The identifier of the permission
-      # @param object [ActiveRecord::Base] The model on which the permission is effective
+      # @param object [ActiveRecord::Base, nil] The model on which the permission is effective. Can be nil if it is a global permission that does not target an object
       # @return [Bool] True if the role was successfully removed, false if it did not exist
-      def cannot!(permission, object)
+      def cannot!(permission, object = nil)
         permission = CanHazPermission.find_permission(self, object, permission)
         return false if permission.nil?
         permission.destroy and return true
@@ -59,9 +49,9 @@ module CanHaz
       # Acts as a proxy of !subject.can?(permission, object)
       #
       # @param permission [String, Symbol] The identifier of the permission
-      # @param object [ActiveRecord::Base] The model we are testing the permission on
+      # @param object [ActiveRecord::Base] The model we are testing the permission on. Can be nil if it is a global permission that does not target an object
       # @return [Bool] True if the user has not the given permission, false otherwise
-      def cannot?(permission, object)
+      def cannot?(permission, object = nil)
         !self.can?(permission, object)
       end
 

data/rails-canhaz.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
   s.name        = 'rails-canhaz'
-  s.version     = '0.4.1'
-  s.date        = '2012-05-31'
+  s.version     = '1.0.0'
+  s.date        = '2012-06-05'
   s.summary     = "A simple gem for managing permissions between rails models"
   s.description = "A simple gem for managing permissions between rails models"
   s.authors     = ["Adrien Siami (Intrepidd)"]

data/test/test_canhaz.rb

@@ -248,5 +248,21 @@ class CanHazTest < Test::Unit::TestCase
     assert CanHazPermission.find_by_cobject_id(id).nil?
   end
 
+  def test_global_permissions
+
+    s = SubjectModel.new
+    s.save
+
+    assert_equal false, s.can?(:foo)
+
+    assert_equal true, s.can!(:foo)
+
+    assert_equal true, s.can?(:foo)
+
+    s.cannot!(:foo)
+
+    assert_equal false, s.can?(:foo)
+  end
+
 end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails-canhaz
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 1.0.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-05-31 00:00:00.000000000 Z
+date: 2012-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -74,9 +74,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: A simple gem for managing permissions between rails models
 test_files: []
-has_rdoc: