simon_says 0.1.5 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: def24394416cde084dfc11e6bf8c8490c16f64ad
-  data.tar.gz: b41bf2b8ba3dec59f38232e1fd95d837f6a9dd59
+  metadata.gz: eb74ffaa3fbf69fbab2c3534393df41d91f8fccd
+  data.tar.gz: 8c96349d0aa76b9617b095cb17a4e91d05bd3829
 SHA512:
-  metadata.gz: c92b127087300e5d13aa60808ff5477d3f7d8c525c6fd39ffd3c2627fe7d3b8d939cbbc786d9a1fc74607c01b480f62293a55428ff9cf26346a83c7a43db3b79
-  data.tar.gz: d93d82ad00d4e97caf4ba5e52c3ac7e073cfce70395590f775b8438bd6b48a097e8ab333cc3d9f63279f8f23e0ef849ef3506b9c91b9fe2cfbd73e4c4c553384
+  metadata.gz: 71da79481390650b93d0045f379206ed05a1882de58afdb603a88f7996ce717e9fd46941ece13ac926d5901411e9435731760d0d3511194f90df0bf32efe6920
+  data.tar.gz: 0c8e4ff2fcc7a0932d0a794e48fb3382c3d083d65b0cf53a326adcbaf2e2e1d23a919354b3c81682b24ce5ca229580da29460dc25f51e26b09534059dd27d6c8

data/.travis.yml

@@ -2,6 +2,7 @@ language: ruby
 cache: bundler
 install: bundle install --jobs=3 --retry=3
 rvm:
-  - "2.3.1"
+  - "2.3.3"
+  - "2.4.0"
 script:
   - bundle exec rake test

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at mikeycgto@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

data/Gemfile

@@ -1,7 +1,5 @@
 source 'https://rubygems.org'
-ruby '2.3.1'
 
-# Specify your gem's dependencies in auth_lib.gemspec
 gemspec
 
 group :development do
@@ -12,7 +10,3 @@ group :development do
   gem 'guard'
   gem 'guard-minitest', "2.3.2"
 end
-
-group :test do
-  gem "codeclimate-test-reporter", require: false
-end

data/README.md

@@ -3,11 +3,195 @@
 ![SimonSays
 Logo](https://raw.githubusercontent.com/SimplyBuilt/SimonSays/master/SimonSays.png)
 
-This gem is a simple, declarative, role-based access control system for Rails that
-works great with devise! Take a look at the [website](http://simonsays.onsimplybuilt.com) or
-[docs](http://www.rubydoc.info/github/SimplyBuilt/SimonSays/) for more details!
+This gem is a simple, declarative, role-based access control system for
+Rails that works great with devise! Take a look at the
+[docs](http://www.rubydoc.info/github/SimplyBuilt/SimonSays/) for more
+details.
 
-![Build Status](https://travis-ci.org/SimplyBuilt/SimonSays.svg)
+[![Travis Build Status](https://travis-ci.org/SimplyBuilt/SimonSays.svg)](https://travis-ci.org/SimplyBuilt/SimonSays)
+[![Gem Version](https://badge.fury.io/rb/simon_says.svg)](https://badge.fury.io/rb/simon_says)
+[![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](./LICENSE)
+
+## About
+
+A ruby gem for simple, declarative, role-based access control system for
+[Rails](https://github.com/rails/rails) that works great with
+[Devise](https://github.com/plataformatec/devise)! Take a look at the
+[docs](http://www.rubydoc.info/github/SimplyBuilt/SimonSays/) for more
+details!
+
+### Installation
+
+SimonSays can be installed via your Gemfile or using Ruby gems directly.
+
+```ruby
+gem 'simon_says'
+```
+
+### Usage
+
+SimonSays consists of two parts:
+
+1. A [Roleable](#roleable) concern provides a way to define access roles
+   on a given resource, such as User or on join through model.
+2. An [Authorizer](#authorizer) concern which provides a lightweight,
+   declarative API to controllers for finding and authorizing these
+   resources in relation to an already authenticated resource, like a
+   User or Admin.
+
+#### Roleable
+
+First, we need to define some roles. Generally speaking roles will exist
+on either "User" models or on relationship models (such as a through
+model linking a User to another resource). Roles are stored as an
+integer and [bitmasking](https://en.wikipedia.org/wiki/Mask_(computing))
+is used to determine authorization logic. When using `Roleable` you need
+to add a `roles_mask` column to the model.
+
+For example:
+
+```ruby
+class User < ActiveRecord::Base
+  include SimonSays::Roleable
+
+  has_roles :add, :edit, :delete
+end
+
+# > User.new.roles
+# => []
+
+# > u = User.new(roles: %i[add edit])
+#
+# > u.roles
+# => [:add, :edit]
+# > u.has_add?
+# => true
+# > u.has_delete?
+# => false
+```
+
+The attribute name can be customized by using the `:as` option as seen
+here in the Admin model:
+
+```ruby
+class Admin < ActiveRecord::Base
+  include SimonSays::Roleable
+
+  has_roles :design, :support, :moderator, as: :access
+end
+
+# > Admin.new.access
+# => []
+
+# > Admin.new(access: :support).access
+# => [:support]
+```
+
+We can also use `has_roles` to define roles on a join through model
+which is used to associate a User with a resource.
+
+```ruby
+
+class Membership < ActiveRecord::Base
+  include SimonSays::Roleable
+
+  belongs_to :user
+  belongs_to :document
+
+  has_roles :download, :edit, :delete,
+end
+
+# > Membership.new(roles: Membership::ROLES).roles
+# => [:download, :edit, :delete]
+```
+
+It is useful to note the dynamically generated `has_` methods as shown
+in the User model as well the `ROLES` constant which is used in the
+Membership example. Take a look at the [roleable source
+code](https://github.com/SimplyBuilt/SimonSays/blob/master/lib/simon_says/roleable.rb)
+to see how features are dynamically generated when using `has_roles`.
+
+#### Authorizer
+
+The `Authorizer` concern provides several methods that can be used within
+your controllers in declarative manner.
+
+Please note, certain assumptions are made with `Authorizer`. Building
+upon the above User and Admin model examples, `Authorizer` would assume
+there is a `current_user` and `current_admin` method. If these models
+correspond to devise scopes this would be the case by default.
+Additionally there would need to be an `authenticate_user!` and
+`authenticate_admin!` methods, which devise provides as well.
+
+Eventually, we would like to see better customization around the
+authentication aspects. This library is intended to solve the problem of
+authorization and access control. It is not an authentication library.
+
+In general, the `Authorizer` concern provides four core declarative methods
+to be used in controllers. All of these methods accept the `:only` and
+`:except` options which end up being used in a `before_action` callback.
+
+- `authenticate(scope, opts): Declarative convenience method to setup
+  authenticate `before_action`
+- `find_resource(resource, opts)`: Declarative method to find a resource
+  and assign it to an instance variable
+- `authorize_resource(resource, *roles)`: Authorize resource for given
+  roles
+- `find_and_authorize(resource, *roles)`: Find a resource and then try
+  authorize it for the given roles
+
+When find resources, the `default_authorization_scope` is used. It can
+be customized on a per-controller basis. For example:
+
+```ruby
+class ApplicationController < ActionController::Base
+  include SimonSays::Authorizer
+
+  self.default_authorization_scope = :current_user
+end
+```
+
+To authorize resources against a given role, we use either `authorize`
+or `find_and_authorize`. For example, consider this
+`DocumentsController` which uses an authenticated `User` resource and a
+`Membership` through model:
+
+```ruby
+class DocumentsController < ApplicationController
+  authenticate :user
+
+  find_and_authorize :documents, :edit, through: :memberships, only: [:edit, :update]
+  find_and_authorize :documents, :delete, through: :memberships, only: :destroy
+end
+```
+
+This controller will find Document resources and assign them to the
+`@document` instance variable. For the `:edit` and `:update` actions,
+it'll require membership with an `:edit` role. For the `:destroy` method, a
+memberships with the `:delete` role is required. It is possible for a
+given User to have both, one, or neither of those roles.
+
+The `find_resource` method may raise an `ActiveRecord::RecordNotFound`
+exception. The `authorize` method may raise a
+`SimonSays::Authorizer::Denied` exception if there is insufficient role
+access. As a result, the `find_and_authorize` method may raise either
+exception.
+
+We can also use a different authorization scope by via the `:from`
+option for `find_resource` and `find_and_authorize`. For example:
+
+```ruby
+class ReportsController < ApplicationController
+  authorize_resource :admin, :support
+
+  find_resource :report, from: :current_admin, except: [:index, :new, :create]
+end
+```
+
+Please refer to the
+[docs](http://www.rubydoc.info/github/SimplyBuilt/SimonSays/SimonSays/Authorizer/ClassMethods)
+for more information on the various declarative methods provided by the
+`Authorizer`.
 
 ## Contributing
 

data/lib/simon_says/version.rb

@@ -1,3 +1,3 @@
 module SimonSays
-  VERSION = '0.1.5'
+  VERSION = '0.1.6'
 end

data/simon_says.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "activesupport", ">= 4.0", "< 5.1"
+  spec.add_dependency "activesupport", ">= 4.0"
 
   spec.add_development_dependency "bundler", "~> 1.9"
   spec.add_development_dependency "rake", "~> 10.0"

data/test/test_helper.rb

@@ -1,6 +1,3 @@
-require "codeclimate-test-reporter"
-CodeClimate::TestReporter.start
-
 require 'mocha/mini_test'
 
 $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: simon_says
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: ruby
 authors:
 - Michael Coyne
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-24 00:00:00.000000000 Z
+date: 2017-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -19,9 +19,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '5.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,9 +26,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '4.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '5.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -119,11 +113,11 @@ files:
 - ".gitignore"
 - ".gitpublish"
 - ".travis.yml"
+- CODE_OF_CONDUCT.md
 - Gemfile
 - Guardfile
 - LICENSE.txt
 - README.md
-- ROADMAP.md
 - Rakefile
 - SimonSays.png
 - lib/simon_says.rb
@@ -240,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Light-weight, declarative authorization and access control for Rails

data/ROADMAP.md

@@ -1,9 +0,0 @@
-# SimonSays Road Map
-
-## v2
-
-- Customization of authentication methods
-  - Currently we sort of assume you're using devise
-- More expressive `find_and_authorize` syntax
-- Add a way of authorizing against ALL roles not just any role
-- `grep -r TODO .`