RubyGems - rbacanable - Versions diffs - 0.2 - Mend

rbacanable 0.2

Files changed (17) hide show

data/lib/canable.rb ADDED Viewed

@@ -0,0 +1,191 @@
+module Canable
+  Version = '0.2'
+  # Module that holds all the can_action? methods.
+  module Cans; end
+  # Module that holds all the [method]able_by? methods.
+  module Ables; end
+  # Module that is included by a role implementation
+  module Role
+    include Cans # each role has a distinct set of responses to all the can_action? methods
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+    # These are applied to the actual Role module 'instance' that includes this (Canable::Role) module
+    module ClassMethods
+      # Each role has a default query response, found in this variable
+      attr_accessor :_default_response
+      # Called when another Role imeplementation module tries to inherit an existing Role implementation
+      # Notice this method isn't self.included, this method becomes self.included on the module including this (Canable::Role) module
+      # This is nesscary to emulate inhertance of the default response and any other variables in the future
+      def included(base)
+        base._default_response = self._default_response
+      end
+      # Called when an Actor decides its role and extends itself (an instance) with a Role implementation
+      # Creates the default instance methods for an Actor and persists the can_action? response default down
+      def extended(base)
+        base.extend(RoleEnabledCanInstanceMethods)
+        this_role = self # can't use self inside the instance eval
+        base.instance_eval { @_canable_role = this_role }
+      end
+      # Methods given to an instance of an Actor
+      module RoleEnabledCanInstanceMethods
+        def _canable_default # the role default response
+          @_canable_role._default_response
+        end
+      end
+      # ----------------------
+      # Role building DSL
+      # ----------------------
+      def default_response(val)
+        self._default_response = val
+      end
+    end
+  end
+  module Actor
+    attr_accessor :canable_included_role
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+    module ClassMethods
+      attr_accessor :canable_default_role
+      attr_accessor :canable_role_attribute
+      # ---------------
+      # RBAC Actor building DSL
+      # ---------------
+      def default_role(role)
+        self.canable_default_role = role
+      end
+      def role_attribute(attribute)
+        self.canable_role_attribute = attribute
+      end
+    end
+    def initialize(*args)
+      super(*args)
+      self.__initialize_canable_role
+      self
+    end
+    def __initialize_canable_role
+      attribute = self.class.canable_role_attribute
+      attribute ||= :@role
+      role_constant = self.instance_variable_get(attribute)
+      if role_constant == nil
+        default_role = self.class.canable_default_role
+        self.act(default_role) unless default_role == nil
+      else
+        self.act(role_constant)
+      end
+    end
+    # Sets the role of this actor by including a role module
+    def act(role)
+      self.canable_included_role = role
+      if(role.respond_to?(:included))
+        self.extend role
+      else
+        self.extend Canable::Roles.const_get((role.to_s.capitalize+"Role").intern)
+      end
+    end
+  end
+  # Holds all the different roles that an actor may assume
+  module Roles
+    # Make one default role that is false for everything
+    module Role
+      include Canable::Role
+      default_response false
+    end
+  end
+  # Module that holds all the enforce_[action]_permission methods for use in controllers.
+  module Enforcers
+    def self.included(controller)
+      controller.class_eval do
+        Canable.actions.each do |can, able|
+          delegate      "can_#{can}?", :to => :current_user
+          helper_method "can_#{can}?" if controller.respond_to?(:helper_method)
+          hide_action   "can_#{can}?" if controller.respond_to?(:hide_action)
+        end
+      end
+    end
+  end
+  # Exception that gets raised when permissions are broken for whatever reason.
+  class Transgression < StandardError; end
+  # Default actions to an empty hash.
+  @actions = {}
+  # Returns hash of actions that have been added.
+  #   {:view => :viewable, ...}
+  def self.actions
+    @actions
+  end
+  # Adds an action to actions and the correct methods to can and able modules.
+  #
+  #   @param [Symbol] can_method The name of the can_[action]? method.
+  #   @param [Symbol] resource_method The name of the [resource_method]_by? method.
+  def self.add(can, able)
+    @actions[can] = able
+    add_can_method(can)
+    add_able_method(can, able)
+    add_enforcer_method(can)
+  end
+  private
+    def self.add_can_method(can)
+      Cans.module_eval <<-EOM
+        def can_#{can}?(resource)
+          method = ("can_#{can}_"+resource.class.name.gsub(/::/,"_").downcase+"?").intern
+          if self.respond_to?(method, true)
+            self.send method, resource
+          elsif self.respond_to?(:_canable_default)
+            self._canable_default
+          else
+            false
+          end
+        end
+      EOM
+    end
+    def self.add_able_method(can, able)
+      Ables.module_eval <<-EOM
+        def #{able}_by?(actor)
+          return false if actor.blank?
+          actor.can_#{can}?(self)
+        end
+      EOM
+    end
+    def self.add_enforcer_method(can)
+      Enforcers.module_eval <<-EOM
+        def enforce_#{can}_permission(resource)
+          raise Canable::Transgression unless can_#{can}?(resource)
+        end
+        private :enforce_#{can}_permission
+      EOM
+    end
+end
+Canable.add(:view,    :viewable)
+Canable.add(:create,  :creatable)
+Canable.add(:update,  :updatable)
+Canable.add(:destroy, :destroyable)

data/specs.watchr ADDED Viewed

@@ -0,0 +1,47 @@
+def growl(title, msg, img)
+  %x{growlnotify -m #{ msg.inspect} -t #{title.inspect} --image ~/.watchr/#{img}.png}
+end
+def form_growl_message(str)
+  results = str.split("\n").last
+  if results =~ /[1-9]\s(failure|error)s?/
+    growl "Test Results", "#{results}", "fail"
+  elsif results != ""
+    growl "Test Results", "#{results}", "pass"
+  end
+end
+def run(cmd)
+  puts(cmd)
+  output = ""
+  IO.popen(cmd) do |com|
+    com.each_char do |c|
+      print c
+      output << c
+      $stdout.flush
+    end
+  end
+  form_growl_message output
+end
+def run_test_file(file)
+  run %Q(ruby -I"lib:test" -rubygems #{file})
+end
+def run_all_tests
+  run "rake test"
+end
+watch('test/helper\.rb') { system('clear'); run_all_tests }
+watch('test/test_.*\.rb') { |m| system('clear'); run_test_file(m[0]) }
+watch('lib/.*') { |m| system('clear'); run_all_tests }
+# Ctrl-\
+Signal.trap('QUIT') do
+  puts " --- Running all tests ---\n\n"
+  run_all_tests
+end
+# Ctrl-C
+Signal.trap('INT') { abort("\n") }

data/test/helper.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'test/unit'
+require 'rubygems'
+gem 'mocha', '0.9.8'
+gem 'shoulda', '2.10.3'
+gem 'activesupport', '2.3.5'
+require 'mocha'
+require 'shoulda'
+require 'active_support'
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'canable'
+class Test::Unit::TestCase
+end
+def Doc(name=nil, &block)
+  klass = Class.new do
+    if name
+      class_eval "def self.name; '#{name}' end"
+      class_eval "def self.to_s; '#{name}' end"
+    end
+  end
+  klass.class_eval(&block) if block_given?
+  klass
+end
+test_dir = File.expand_path(File.dirname(__FILE__) + '/../tmp')
+FileUtils.mkdir_p(test_dir) unless File.exist?(test_dir)

data/test/test_ables.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require 'helper'
+class AblesTest < Test::Unit::TestCase
+  context "Class with Canable::Ables included" do
+    setup do
+      klass = Doc do
+        include Canable::Ables
+      end
+      @resource = klass.new
+      @user     = mock('user')
+    end
+    context "viewable_by?" do
+       should "be false if user cannot view" do
+         user = mock('user', :can_view? => false)
+         assert ! @resource.viewable_by?(user)
+       end
+       should "be true if user can view" do
+         user = mock('user', :can_view? => true)
+         assert @resource.viewable_by?(user)
+       end
+       should "be false if resource is blank" do
+         assert ! @resource.viewable_by?(nil)
+         assert ! @resource.viewable_by?('')
+       end
+    end
+     context "creatable_by?" do
+        should "be false if user cannot create" do
+          user = mock('user', :can_create? => false)
+          assert ! @resource.creatable_by?(user)
+        end
+        should "be true if user can create" do
+          user = mock('user', :can_create? => true)
+          assert @resource.creatable_by?(user)
+        end
+        should "be false if resource is blank" do
+          assert ! @resource.creatable_by?(nil)
+          assert ! @resource.creatable_by?('')
+        end
+      end
+      context "updatable_by?" do
+         should "be false if user cannot update" do
+           user = mock('user', :can_update? => false)
+           assert ! @resource.updatable_by?(user)
+         end
+         should "be true if user can update" do
+           user = mock('user', :can_update? => true)
+           assert @resource.updatable_by?(user)
+         end
+         should "be false if resource is blank" do
+           assert ! @resource.updatable_by?(nil)
+           assert ! @resource.updatable_by?('')
+         end
+       end
+       context "destroyable_by?" do
+          should "be false if user cannot destroy" do
+            user = mock('user', :can_destroy? => false)
+            assert ! @resource.destroyable_by?(user)
+          end
+          should "be true if user can destroy" do
+            user = mock('user', :can_destroy? => true)
+            assert @resource.destroyable_by?(user)
+          end
+          should "be false if resource is blank" do
+            assert ! @resource.destroyable_by?(nil)
+            assert ! @resource.destroyable_by?('')
+          end
+        end
+  end
+end

data/test/test_canable.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require 'helper'
+class TestCanable < Test::Unit::TestCase
+  context "Canable" do
+    should "have view action by default" do
+      assert_equal :viewable, Canable.actions[:view]
+    end
+    should "have create action by default" do
+      assert_equal :creatable, Canable.actions[:create]
+    end
+    should "have update action by default" do
+      assert_equal :updatable, Canable.actions[:update]
+    end
+    should "have destroy action by default" do
+      assert_equal :destroyable, Canable.actions[:destroy]
+    end
+    should "be able to add another action" do
+      Canable.add(:publish, :publishable)
+      assert_equal :publishable, Canable.actions[:publish]
+    end
+  end
+end

data/test/test_cans.rb ADDED Viewed

@@ -0,0 +1,51 @@
+require 'helper'
+class CansTest < Test::Unit::TestCase
+  context "Class with Canable::Cans included" do
+    setup do
+      klass = Class.new do
+        include Canable::Cans
+      end
+      @user = klass.new
+      @resource = mock('resource')
+    end
+    should "default viewable_by? to false" do
+      assert ! @user.can_view?(@resource)
+    end
+    should "default creatable_by? to false" do
+      assert ! @user.can_create?(@resource)
+    end
+    should "default updatable_by? to false" do
+      assert ! @user.can_update?(@resource)
+    end
+    should "default destroyable_by? to false" do
+      assert ! @user.can_destroy?(@resource)
+    end
+  end
+  context "Class that overrides a can method" do
+    setup do
+      klass = Doc do
+        include Canable::Cans
+        def can_view?(resource)
+          resource.owner == 'John'
+        end
+      end
+      @user = klass.new
+      @johns     = mock('resource', :owner => 'John')
+      @steves    = mock('resource', :owner => 'Steve')
+    end
+    should "use the overriden method and default to false" do
+      assert @user.can_view?(@johns)
+      assert ! @user.can_view?(@steves)
+    end
+  end
+end

data/test/test_enforcers.rb ADDED Viewed

@@ -0,0 +1,32 @@
+require 'helper'
+class EnforcersTest < Test::Unit::TestCase
+  context "Including Canable::Enforcers in a class" do
+    setup do
+      klass = Class.new do
+        include Canable::Enforcers
+        attr_accessor :current_user, :article
+        def show
+          enforce_view_permission(article)
+        end
+      end
+      @article                 = mock('article')
+      @user                    = mock('user')
+      @controller              = klass.new
+      @controller.article      = @article
+      @controller.current_user = @user
+    end
+    should "not raise error if can" do
+      @user.expects(:can_view?).with(@article).returns(true)
+      assert_nothing_raised { @controller.show }
+    end
+    should "raise error if cannot" do
+      @user.expects(:can_view?).with(@article).returns(false)
+      assert_raises(Canable::Transgression) { @controller.show }
+    end
+  end
+end