RubyGems - rbacanable - Versions diffs - 0.2 - Mend

rbacanable 0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

data/lib/canable.rb ADDED Viewed

@@ -0,0 +1,191 @@
+module Canable
+  Version = '0.2'
+  # Module that holds all the can_action? methods.
+  module Cans; end
+  # Module that holds all the [method]able_by? methods.
+  module Ables; end
+  # Module that is included by a role implementation
+  module Role
+    include Cans # each role has a distinct set of responses to all the can_action? methods
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+    # These are applied to the actual Role module 'instance' that includes this (Canable::Role) module
+    module ClassMethods
+      # Each role has a default query response, found in this variable
+      attr_accessor :_default_response
+      # Called when another Role imeplementation module tries to inherit an existing Role implementation
+      # Notice this method isn't self.included, this method becomes self.included on the module including this (Canable::Role) module
+      # This is nesscary to emulate inhertance of the default response and any other variables in the future
+      def included(base)
+        base._default_response = self._default_response
+      end
+      # Called when an Actor decides its role and extends itself (an instance) with a Role implementation
+      # Creates the default instance methods for an Actor and persists the can_action? response default down
+      def extended(base)
+        base.extend(RoleEnabledCanInstanceMethods)
+        this_role = self # can't use self inside the instance eval
+        base.instance_eval { @_canable_role = this_role }
+      end
+      # Methods given to an instance of an Actor
+      module RoleEnabledCanInstanceMethods
+        def _canable_default # the role default response
+          @_canable_role._default_response
+        end
+      end
+      # ----------------------
+      # Role building DSL
+      # ----------------------
+      def default_response(val)
+        self._default_response = val
+      end
+    end
+  end
+  module Actor
+    attr_accessor :canable_included_role
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+    module ClassMethods
+      attr_accessor :canable_default_role
+      attr_accessor :canable_role_attribute
+      # ---------------
+      # RBAC Actor building DSL
+      # ---------------
+      def default_role(role)
+        self.canable_default_role = role
+      end
+      def role_attribute(attribute)
+        self.canable_role_attribute = attribute
+      end
+    end
+    def initialize(*args)
+      super(*args)
+      self.__initialize_canable_role
+      self
+    end
+    def __initialize_canable_role
+      attribute = self.class.canable_role_attribute
+      attribute ||= :@role
+      role_constant = self.instance_variable_get(attribute)
+      if role_constant == nil
+        default_role = self.class.canable_default_role
+        self.act(default_role) unless default_role == nil
+      else
+        self.act(role_constant)
+      end
+    end
+    # Sets the role of this actor by including a role module
+    def act(role)
+      self.canable_included_role = role
+      if(role.respond_to?(:included))
+        self.extend role
+      else
+        self.extend Canable::Roles.const_get((role.to_s.capitalize+"Role").intern)
+      end
+    end
+  end
+  # Holds all the different roles that an actor may assume
+  module Roles
+    # Make one default role that is false for everything
+    module Role
+      include Canable::Role
+      default_response false
+    end
+  end
+  # Module that holds all the enforce_[action]_permission methods for use in controllers.
+  module Enforcers
+    def self.included(controller)
+      controller.class_eval do
+        Canable.actions.each do |can, able|
+          delegate      "can_#{can}?", :to => :current_user
+          helper_method "can_#{can}?" if controller.respond_to?(:helper_method)
+          hide_action   "can_#{can}?" if controller.respond_to?(:hide_action)
+        end
+      end
+    end
+  end
+  # Exception that gets raised when permissions are broken for whatever reason.
+  class Transgression < StandardError; end
+  # Default actions to an empty hash.
+  @actions = {}
+  # Returns hash of actions that have been added.
+  #   {:view => :viewable, ...}
+  def self.actions
+    @actions
+  end
+  # Adds an action to actions and the correct methods to can and able modules.
+  #
+  #   @param [Symbol] can_method The name of the can_[action]? method.
+  #   @param [Symbol] resource_method The name of the [resource_method]_by? method.
+  def self.add(can, able)
+    @actions[can] = able
+    add_can_method(can)
+    add_able_method(can, able)
+    add_enforcer_method(can)
+  end
+  private
+    def self.add_can_method(can)
+      Cans.module_eval <<-EOM
+        def can_#{can}?(resource)
+          method = ("can_#{can}_"+resource.class.name.gsub(/::/,"_").downcase+"?").intern
+          if self.respond_to?(method, true)
+            self.send method, resource
+          elsif self.respond_to?(:_canable_default)
+            self._canable_default
+          else
+            false
+          end
+        end
+      EOM
+    end
+    def self.add_able_method(can, able)
+      Ables.module_eval <<-EOM
+        def #{able}_by?(actor)
+          return false if actor.blank?
+          actor.can_#{can}?(self)
+        end
+      EOM
+    end
+    def self.add_enforcer_method(can)
+      Enforcers.module_eval <<-EOM
+        def enforce_#{can}_permission(resource)
+          raise Canable::Transgression unless can_#{can}?(resource)
+        end
+        private :enforce_#{can}_permission
+      EOM
+    end
+end
+Canable.add(:view,    :viewable)
+Canable.add(:create,  :creatable)
+Canable.add(:update,  :updatable)
+Canable.add(:destroy, :destroyable)

data/specs.watchr ADDED Viewed

@@ -0,0 +1,47 @@
+def growl(title, msg, img)
+  %x{growlnotify -m #{ msg.inspect} -t #{title.inspect} --image ~/.watchr/#{img}.png}
+end
+def form_growl_message(str)
+  results = str.split("\n").last
+  if results =~ /[1-9]\s(failure|error)s?/
+    growl "Test Results", "#{results}", "fail"
+  elsif results != ""
+    growl "Test Results", "#{results}", "pass"
+  end
+end
+def run(cmd)
+  puts(cmd)
+  output = ""
+  IO.popen(cmd) do |com|
+    com.each_char do |c|
+      print c
+      output << c
+      $stdout.flush
+    end
+  end
+  form_growl_message output
+end
+def run_test_file(file)
+  run %Q(ruby -I"lib:test" -rubygems #{file})
+end
+def run_all_tests
+  run "rake test"
+end
+watch('test/helper\.rb') { system('clear'); run_all_tests }
+watch('test/test_.*\.rb') { |m| system('clear'); run_test_file(m[0]) }
+watch('lib/.*') { |m| system('clear'); run_all_tests }
+# Ctrl-\
+Signal.trap('QUIT') do
+  puts " --- Running all tests ---\n\n"
+  run_all_tests
+end
+# Ctrl-C
+Signal.trap('INT') { abort("\n") }

data/test/helper.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'test/unit'
+require 'rubygems'
+gem 'mocha', '0.9.8'
+gem 'shoulda', '2.10.3'
+gem 'activesupport', '2.3.5'
+require 'mocha'
+require 'shoulda'
+require 'active_support'
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'canable'
+class Test::Unit::TestCase
+end
+def Doc(name=nil, &block)
+  klass = Class.new do
+    if name
+      class_eval "def self.name; '#{name}' end"
+      class_eval "def self.to_s; '#{name}' end"
+    end
+  end
+  klass.class_eval(&block) if block_given?
+  klass
+end
+test_dir = File.expand_path(File.dirname(__FILE__) + '/../tmp')
+FileUtils.mkdir_p(test_dir) unless File.exist?(test_dir)

data/test/test_ables.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require 'helper'
+class AblesTest < Test::Unit::TestCase
+  context "Class with Canable::Ables included" do
+    setup do
+      klass = Doc do
+        include Canable::Ables
+      end
+      @resource = klass.new
+      @user     = mock('user')
+    end
+    context "viewable_by?" do
+       should "be false if user cannot view" do
+         user = mock('user', :can_view? => false)
+         assert ! @resource.viewable_by?(user)
+       end
+       should "be true if user can view" do
+         user = mock('user', :can_view? => true)
+         assert @resource.viewable_by?(user)
+       end
+       should "be false if resource is blank" do
+         assert ! @resource.viewable_by?(nil)
+         assert ! @resource.viewable_by?('')
+       end
+    end
+     context "creatable_by?" do
+        should "be false if user cannot create" do
+          user = mock('user', :can_create? => false)
+          assert ! @resource.creatable_by?(user)
+        end
+        should "be true if user can create" do
+          user = mock('user', :can_create? => true)
+          assert @resource.creatable_by?(user)
+        end
+        should "be false if resource is blank" do
+          assert ! @resource.creatable_by?(nil)
+          assert ! @resource.creatable_by?('')
+        end
+      end
+      context "updatable_by?" do
+         should "be false if user cannot update" do
+           user = mock('user', :can_update? => false)
+           assert ! @resource.updatable_by?(user)
+         end
+         should "be true if user can update" do
+           user = mock('user', :can_update? => true)
+           assert @resource.updatable_by?(user)
+         end
+         should "be false if resource is blank" do
+           assert ! @resource.updatable_by?(nil)
+           assert ! @resource.updatable_by?('')
+         end
+       end
+       context "destroyable_by?" do
+          should "be false if user cannot destroy" do
+            user = mock('user', :can_destroy? => false)
+            assert ! @resource.destroyable_by?(user)
+          end
+          should "be true if user can destroy" do
+            user = mock('user', :can_destroy? => true)
+            assert @resource.destroyable_by?(user)
+          end
+          should "be false if resource is blank" do
+            assert ! @resource.destroyable_by?(nil)
+            assert ! @resource.destroyable_by?('')
+          end
+        end
+  end
+end

data/test/test_canable.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require 'helper'
+class TestCanable < Test::Unit::TestCase
+  context "Canable" do
+    should "have view action by default" do
+      assert_equal :viewable, Canable.actions[:view]
+    end
+    should "have create action by default" do
+      assert_equal :creatable, Canable.actions[:create]
+    end
+    should "have update action by default" do
+      assert_equal :updatable, Canable.actions[:update]
+    end
+    should "have destroy action by default" do
+      assert_equal :destroyable, Canable.actions[:destroy]
+    end
+    should "be able to add another action" do
+      Canable.add(:publish, :publishable)
+      assert_equal :publishable, Canable.actions[:publish]
+    end
+  end
+end

data/test/test_cans.rb ADDED Viewed

@@ -0,0 +1,51 @@
+require 'helper'
+class CansTest < Test::Unit::TestCase
+  context "Class with Canable::Cans included" do
+    setup do
+      klass = Class.new do
+        include Canable::Cans
+      end
+      @user = klass.new
+      @resource = mock('resource')
+    end
+    should "default viewable_by? to false" do
+      assert ! @user.can_view?(@resource)
+    end
+    should "default creatable_by? to false" do
+      assert ! @user.can_create?(@resource)
+    end
+    should "default updatable_by? to false" do
+      assert ! @user.can_update?(@resource)
+    end
+    should "default destroyable_by? to false" do
+      assert ! @user.can_destroy?(@resource)
+    end
+  end
+  context "Class that overrides a can method" do
+    setup do
+      klass = Doc do
+        include Canable::Cans
+        def can_view?(resource)
+          resource.owner == 'John'
+        end
+      end
+      @user = klass.new
+      @johns     = mock('resource', :owner => 'John')
+      @steves    = mock('resource', :owner => 'Steve')
+    end
+    should "use the overriden method and default to false" do
+      assert @user.can_view?(@johns)
+      assert ! @user.can_view?(@steves)
+    end
+  end
+end

data/test/test_enforcers.rb ADDED Viewed

@@ -0,0 +1,32 @@
+require 'helper'
+class EnforcersTest < Test::Unit::TestCase
+  context "Including Canable::Enforcers in a class" do
+    setup do
+      klass = Class.new do
+        include Canable::Enforcers
+        attr_accessor :current_user, :article
+        def show
+          enforce_view_permission(article)
+        end
+      end
+      @article                 = mock('article')
+      @user                    = mock('user')
+      @controller              = klass.new
+      @controller.article      = @article
+      @controller.current_user = @user
+    end
+    should "not raise error if can" do
+      @user.expects(:can_view?).with(@article).returns(true)
+      assert_nothing_raised { @controller.show }
+    end
+    should "raise error if cannot" do
+      @user.expects(:can_view?).with(@article).returns(false)
+      assert_raises(Canable::Transgression) { @controller.show }
+    end
+  end
+end