rolify 3.1.0 → 3.2.0.rc2

data/.gitignore

@@ -3,5 +3,6 @@
 Gemfile.lock
 pkg/*
 tmp/*
-logs/*
+log*/*
 .rbx/*
+.rspec

data/.travis.yml

@@ -1,10 +1,8 @@
 rvm:
-    - 1.8.7
     - 1.9.3
     - ruby-head
-    - rbx
-    - jruby
-    - ree
+    - rbx-19mode
+    - jruby-19mode
 
 env:
     - ADAPTER=active_record

data/CHANGELOG.rdoc

@@ -1,3 +1,20 @@
+= 3.2 (unreleased yet)
+* <b>DEPRECATION NOTICE:</b>Ruby 1.8 support dropped ! Mongoid 3.0 only supports MRI 1.9.3, and HEAD, and JRuby 1.6.0+ in 1.9 mode
+* removed <tt>dynamic_shortcuts</tt> arguments from the generator
+  * to use dynamic shortcuts feature when you're using ActiveRecord, you have to enable it _after_ running rake db:migrate as it relies on the roles table
+* support for Mongoid 3.x (thanks to @Leonas)
+* new class methods on the User class to find users depending on roles they have
+* added scopes to Role class to be able to fetch global, class scoped and instance scoped roles for a specific user
+* deletions of n-n relation are unreliable with Mongoid. Removing ids instead (thanks to @nfo)
+* <tt>has_role?</tt> method now supports new instance (i.e. record not saved in the database yet) (thanks to @demental)
+* added association callbacks <tt>(before|after)_add</tt>, <tt>(before|after)_remove</tt> on <tt>rolify</tt> method (thanks to @shekibobo)
+* added ability to pass an array of roles to <tt>Resource.with_role()</tt>, aliased by <tt>Resource.with_roles()</tt> (thanks to @lukes)
+* added option to have roles be destroyed by default if parent resource is destroyed (thanks to @treydock)
+* better edge cases covering in the specs
+* fixed a bug regarding the loading order of the railtie when using Mongoid ORM and other gems using initializer files (thanks to @stigi)
+* fixed double quote syntax when using MySQL
+* documentation improvement
+
 = 3.1 (Apr 6, 2012)
 * Mongoid adapter optimization
 * adapter code refactoring

data/README.md

@@ -13,9 +13,10 @@ This library was intended to be used with [CanCan](https://github.com/ryanb/canc
 
 ## Requirements
 
-* >= Rails 3.1
-* ActiveRecord ORM <b>or</b> Mongoid
-* supports ruby 1.8/1.9, REE, JRuby and Rubinius
+* Rails >= 3.1
+* ActiveRecord >= 3.1 <b>or</b> Mongoid >= 3.0
+* supports ruby 1.9, JRuby 1.6.0+ (in 1.9 mode) and Rubinius 2.0.0dev (in 1.9 mode)
+* support of ruby 1.8 has been dropped due to Mongoid 3.0 that only supports 1.9 new hash syntax
 
 ## Installation
 
@@ -54,7 +55,41 @@ Let's migrate !
   rake db:migrate
 ```
 
-### 3. Add a role to a user
+### 3.1 Configure your user model
+
+This gem adds the `rolify` method to your User class. You can also specify optional callbacks* on the user for when roles are added or removed:
+
+```ruby
+  class User < ActiveRecord::Base
+    rolify :before_add => :before_add_method
+
+    def :before_add_method(role)
+      # do something before it gets added
+    end
+  end
+```
+
+The `rolify` method accepts the following callback* options:
+
+- `before_add`
+- `after_add`
+- `before_remove`
+- `after_remove`
+
+*PLEASE NOTE: callbacks are currently only supported using ActiveRecord ORM. Mongoid will support association callbacks in its 3.1 release (Mongoid current version is 3.0.x)
+
+### 3.2 Configure your resource models
+
+In the resource models you want to apply roles on, just add ``resourcify`` method.
+For example, on this ActiveRecord class:
+
+```ruby
+class Forum < ActiveRecord::Base
+  resourcify
+end
+```
+
+### 4. Add a role to a user
 
 To define a global role:
 
@@ -79,7 +114,7 @@ To define a role scoped to a resource class
 
 That's it !
 
-### 4. Check roles
+### 5. Role queries
 
 To check if a user has a global role: 
 
@@ -125,7 +160,7 @@ A global role overrides resource role request:
   => true
 ```
 
-### 5. Resource roles querying 
+### 6. Resource roles querying 
 
 Starting from rolify 3.0, you can search roles on instance level or class level resources.
 
@@ -160,6 +195,7 @@ Starting from rolify 3.0, you can search roles on instance level or class level
 * [Wiki](https://github.com/EppO/rolify/wiki)
 * [Usage](https://github.com/EppO/rolify/wiki/Usage): all the available commands
 * [Tutorial](https://github.com/EppO/rolify/wiki/Tutorial): how to use [rolify](http://eppo.github.com/rolify) with [Devise](https://github.com/plataformatec/devise) and [CanCan](https://github.com/ryanb/cancan).
+* [Amazing tutorial](http://railsapps.github.com/tutorial-rails-bootstrap-devise-cancan.html) provided by [RailsApps](http://railsapps.github.com/)
 
 ## Questions or Problems?
 

data/lib/generators/rolify/role/role_generator.rb

@@ -9,14 +9,14 @@ module Rolify
       argument :role_cname, :type => :string, :default => "Role"
       argument :user_cname, :type => :string, :default => "User"
       argument :orm_adapter, :type => :string, :default => "active_record"
-      class_option :dynamic_shortcuts, :type => :boolean, :default => false
+      #class_option :dynamic_shortcuts, :type => :boolean, :default => false
 
       desc "Generates a model with the given NAME and a migration file."
 
       def generate_role
         template "role-#{orm_adapter}.rb", "app/models/#{role_cname.underscore}.rb"
-        inject_into_class(model_path, user_cname.camelize) do
-          "\trolify" + (role_cname == "Role" ? "" : ":role_cname => '#{role_cname.camelize}'") + "\n"
+        inject_into_file(model_path, :after => inject_rolify_method) do
+          "  rolify" + (role_cname == "Role" ? "" : " :role_cname => '#{role_cname.camelize}'") + "\n"
         end
       end
 
@@ -36,6 +36,14 @@ module Rolify
       def show_readme
         readme "README-#{orm_adapter}" if behavior == :invoke
       end
+      
+      def inject_rolify_method
+        if orm_adapter == "active_record"
+          /class #{user_cname.camelize}\n|class #{user_cname.camelize} .*\n/
+        else
+          /include Mongoid::Document\n|include Mongoid::Document .*\n/
+        end
+      end
     end
   end
 end

data/lib/generators/rolify/role/templates/initializer.rb

@@ -3,5 +3,6 @@ Rolify.configure do |config|
   <%= "# " if orm_adapter == "active_record" %>config.use_mongoid
   
   # Dynamic shortcuts for User class (user.is_admin? like methods). Default is: false
-  <%= "# " if !options[:dynamic_shortcuts] %>config.use_dynamic_shortcuts
+  # Enable this feature _after_ running rake db:migrate as it relies on the roles table
+  # config.use_dynamic_shortcuts
 end

data/lib/generators/rolify/role/templates/role-active_record.rb

@@ -1,4 +1,6 @@
 class <%= role_cname.camelize %> < ActiveRecord::Base
   has_and_belongs_to_many :<%= user_cname.tableize %>, :join_table => :<%= "#{user_cname.tableize}_#{role_cname.tableize}" %>
   belongs_to :resource, :polymorphic => true
+  
+  scopify
 end

data/lib/generators/rolify/role/templates/role-mongoid.rb

@@ -5,13 +5,15 @@ class <%= role_cname.camelize %>
   belongs_to :resource, :polymorphic => true
   
   field :name, :type => String
-  index :name, unique: true
-  index(
-    [
-      [:name, Mongo::ASCENDING],
-      [:resource_type, Mongo::ASCENDING],
-      [:resource_id, Mongo::ASCENDING]
-    ],
-    unique: true
-  )
+  index({ :name => 1 }, { :unique => true })
+
+
+  index({
+    :name => 1,
+    :resource_type => 1,
+    :resource_id => 1
+  },
+  { :unique => true})
+  
+  scopify
 end

data/lib/rolify.rb

@@ -11,12 +11,16 @@ module Rolify
 
   attr_accessor :role_cname, :adapter
 
-  def rolify(options = { :role_cname => 'Role' })
+  def rolify(options = {})
     include Role
     extend Dynamic if Rolify.dynamic_shortcuts
     
+    options.reverse_merge!({:role_cname => 'Role'})
+
     rolify_options = { :class_name => options[:role_cname].camelize }
     rolify_options.merge!({ :join_table => "#{self.to_s.tableize}_#{options[:role_cname].tableize}" }) if Rolify.orm == "active_record"
+    rolify_options.merge!(options.select{ |k,v| [:before_add, :after_add, :before_remove, :after_remove].include? k.to_sym }) if Rolify.orm == "active_record"
+
     has_and_belongs_to_many :roles, rolify_options
 
     self.adapter = Rolify::Adapter::Base.create("role_adapter", options[:role_cname], self.name)
@@ -25,18 +29,22 @@ module Rolify
     load_dynamic_methods if Rolify.dynamic_shortcuts
   end
 
-  def resourcify(options = { :role_cname => 'Role' })
+  def resourcify(options = { :role_cname => 'Role', :dependent => :destroy })
     include Resource
     
-    resourcify_options = { :class_name => options[:role_cname].camelize }
-    resourcify_options.merge!({ :as => :resource })
+    resourcify_options = { :class_name => options[:role_cname].camelize, :as => :resource, :dependent => options[:dependent] }
     has_many :roles, resourcify_options
     
     self.adapter = Rolify::Adapter::Base.create("resource_adapter", options[:role_cname], self.name)
     self.role_cname = options[:role_cname]
   end
   
+  def scopify
+    require "rolify/adapters/#{Rolify.orm}/scopes.rb"
+    extend Rolify::Adapter::Scopes 
+  end
+  
   def role_class
     self.role_cname.constantize
   end
-end
+end

data/lib/rolify/adapters/active_record/resource_adapter.rb

@@ -4,13 +4,20 @@ module Rolify
   module Adapter   
     class ResourceAdapter < ResourceAdapterBase
       def resources_find(roles_table, relation, role_name)
-        resources = relation.joins("INNER JOIN \"#{roles_table}\" ON \"#{roles_table}\".\"resource_type\" = '#{relation.to_s}'")
-        resources = resources.where("#{roles_table}.name = ? AND #{roles_table}.resource_type = ?", role_name, relation.to_s)
+        resources = relation.joins("INNER JOIN #{quote(roles_table)} ON #{quote(roles_table)}.resource_type = '#{relation.to_s}'")
+        resources = resources.where("#{quote(roles_table)}.name IN (?) AND #{quote(roles_table)}.resource_type = ?", Array(role_name), relation.to_s)
         resources
       end
 
-      def in(relation, roles)
-        relation.where("#{role_class.to_s.tableize}.id IN (?) AND ((resource_id = #{relation.table_name}.id) OR (resource_id IS NULL))", roles)
+      def in(relation, user, role_names)
+        roles = user.roles.where(:name => role_names)
+        relation.where("#{quote(role_class.to_s.tableize)}.id IN (?) AND ((resource_id = #{quote(relation.table_name)}.id) OR (resource_id IS NULL))", roles)
+      end
+      
+      private
+      
+      def quote(column)
+         ActiveRecord::Base.connection.quote_column_name column
       end
     end
   end

data/lib/rolify/adapters/active_record/role_adapter.rb

@@ -32,6 +32,13 @@ module Rolify
       def exists?(relation, column)
         relation.where("#{column} IS NOT NULL")
       end
+      
+      def scope(relation, conditions)
+        query = relation.scoped
+        query = query.joins(:roles)
+        query = where(query, conditions)
+        query
+      end
 
       private
 
@@ -54,15 +61,15 @@ module Rolify
       end
 
       def build_query(role, resource = nil)
-        return [ "name = ?", [ role ] ] if resource == :any
-        query = "((name = ?) AND (resource_type IS NULL) AND (resource_id IS NULL))"
+        return [ "#{role_table}.name = ?", [ role ] ] if resource == :any
+        query = "((#{role_table}.name = ?) AND (#{role_table}.resource_type IS NULL) AND (#{role_table}.resource_id IS NULL))"
         values = [ role ]
         if resource
           query.insert(0, "(")
-          query += " OR ((name = ?) AND (resource_type = ?) AND (resource_id IS NULL))" 
+          query += " OR ((#{role_table}.name = ?) AND (#{role_table}.resource_type = ?) AND (#{role_table}.resource_id IS NULL))" 
           values << role << (resource.is_a?(Class) ? resource.to_s : resource.class.name)
           if !resource.is_a? Class
-            query += " OR ((name = ?) AND (resource_type = ?) AND (resource_id = ?))" 
+            query += " OR ((#{role_table}.name = ?) AND (#{role_table}.resource_type = ?) AND (#{role_table}.resource_id = ?))" 
             values << role << resource.class.name << resource.id
           end
           query += ")"

data/lib/rolify/adapters/active_record/scopes.rb

@@ -0,0 +1,27 @@
+module Rolify
+  module Adapter
+    module Scopes
+      def global
+        where(:resource_type => nil, :resource_id => nil)
+      end
+      
+      def class_scoped(resource_type = nil)
+        where_conditions = "resource_type IS NOT NULL AND resource_id IS NULL"
+        where_conditions = [ "resource_type = ? AND resource_id IS NULL", resource_type.name ] if resource_type
+        where(where_conditions)
+      end
+      
+      def instance_scoped(resource_type = nil)
+        where_conditions = "resource_type IS NOT NULL AND resource_id IS NOT NULL"
+        if resource_type
+          if resource_type.is_a? Class
+            where_conditions = [ "resource_type = ? AND resource_id IS NOT NULL", resource_type.name ]
+          else
+            where_conditions = [ "resource_type = ? AND resource_id = ?", resource_type.class.name, resource_type.id ]
+          end
+        end
+        where(where_conditions)
+      end
+    end
+  end
+end

data/lib/rolify/adapters/base.rb

@@ -14,8 +14,13 @@ module Rolify
         @user_cname.constantize
       end
       
+      def role_table
+        @role_cname.tableize
+      end
+      
       def self.create(adapter, role_cname, user_cname)
         load "rolify/adapters/#{Rolify.orm}/#{adapter}.rb"
+        load "rolify/adapters/#{Rolify.orm}/scopes.rb"
         Rolify::Adapter.const_get(adapter.camelize.to_sym).new(role_cname, user_cname)
       end
     end

data/lib/rolify/adapters/mongoid/resource_adapter.rb

@@ -4,16 +4,20 @@ module Rolify
   module Adapter  
     class ResourceAdapter < ResourceAdapterBase
       def resources_find(roles_table, relation, role_name)
-        roles = roles_table.classify.constantize.where(:name => role_name, :resource_type => relation.to_s)
+        roles = roles_table.classify.constantize.where(:name.in => Array(role_name), :resource_type => relation.to_s)
         resources = []
         roles.each do |role|
-          return relation.all if role.resource_id.nil?
-          resources << role.resource
+          if role.resource_id.nil?
+            resources += relation.all
+          else
+            resources << role.resource
+          end
         end
-        resources
+        resources.uniq
       end
 
-      def in(resources, roles)
+      def in(resources, user, role_names)
+        roles = user.roles.where(:name.in => Array(role_names))
         return [] if resources.empty? || roles.empty?
         resources.delete_if { |resource| (resource.applied_roles & roles).empty? }
         resources

data/lib/rolify/adapters/mongoid/role_adapter.rb

@@ -24,8 +24,13 @@ module Rolify
         roles.merge!({ :resource_id => resource.id }) if resource && !resource.is_a?(Class)
         roles_to_remove = relation.roles.where(roles)
         roles_to_remove.each do |role|
-          relation.roles.delete(role)
-          role.reload
+          # Deletion in n-n relations is unreliable. Sometimes it works, sometimes not. 
+          # So, this does not work all the time: `relation.roles.delete(role)`
+          # @see http://stackoverflow.com/questions/9132596/rails3-mongoid-many-to-many-relation-and-delete-operation
+          # We instead remove ids from the Role object and the relation object.
+          relation.role_ids.delete(role.id)
+          role.send((user_class.to_s.underscore + '_ids').to_sym).delete(relation.id)
+
           role.destroy if role.send(user_class.to_s.tableize.to_sym).empty?
         end
       end
@@ -33,6 +38,13 @@ module Rolify
       def exists?(relation, column)
         relation.where(column.to_sym.ne => nil)
       end
+      
+      def scope(relation, conditions)
+        roles = where(role_class, conditions).map { |role| role.id }
+        return [] if roles.size.zero?
+        query = relation.any_in(:role_ids => roles)
+        query
+      end
 
       private
 

data/lib/rolify/adapters/mongoid/scopes.rb

@@ -0,0 +1,27 @@
+module Rolify
+  module Adapter
+    module Scopes
+      def global
+        where(:resource_type => nil, :resource_id => nil)
+      end
+      
+      def class_scoped(resource_type = nil)
+        where_conditions = { :resource_type.ne => nil, :resource_id => nil }
+        where_conditions = { :resource_type => resource_type.name, :resource_id => nil } if resource_type
+        where(where_conditions)
+      end
+      
+      def instance_scoped(resource_type = nil)
+        where_conditions = { :resource_type.ne => nil, :resource_id.ne => nil }
+        if resource_type
+          if resource_type.is_a? Class
+            where_conditions = { :resource_type => resource_type.name, :resource_id.ne => nil }
+          else
+            where_conditions = { :resource_type => resource_type.class.name, :resource_id => resource_type.id }
+          end
+        end
+        where(where_conditions)
+      end
+    end
+  end
+end

data/lib/rolify/finders.rb

@@ -0,0 +1,39 @@
+module Rolify
+  module Finders
+    def with_role(role_name, resource = nil)
+      self.adapter.scope(self, :name => role_name, :resource => resource)
+    end
+
+    def with_all_roles(*args)
+      users = []
+      args.each do |arg|
+        if arg.is_a? Hash
+          users_to_add = self.with_role(arg[:name], arg[:resource])
+        elsif arg.is_a?(String) || arg.is_a?(Symbol)
+          users_to_add = self.with_role(arg)
+        else
+          raise ArgumentError, "Invalid argument type: only hash or string or symbol allowed"
+        end
+        users = users_to_add if users.empty?
+        users &= users_to_add
+        return [] if users.empty?
+      end
+      users
+    end
+
+    def with_any_role(*args)
+      users = []
+      args.each do |arg|
+        if arg.is_a? Hash
+          users_to_add = self.with_role(arg[:name], arg[:resource])
+        elsif arg.is_a?(String) || arg.is_a?(Symbol)
+          users_to_add = self.with_role(arg)
+        else
+          raise ArgumentError, "Invalid argument type: only hash or string or symbol allowed"
+        end
+        users += users_to_add
+      end
+      users.uniq
+    end
+  end
+end