social_stream 0.1.7 → 0.2.0

data/Gemfile.lock

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    social_stream (0.1.6)
-      atd-ancestry
+    social_stream (0.1.7)
+      atd-ancestry (= 1.3.0)
       cancan (~> 1.4.0)
       devise (~> 1.1.3)
       foreigner (~> 0.9.1)
@@ -11,43 +11,43 @@ PATH
       nested_set (~> 1.5.3)
       paperclip (~> 2.3.4)
       stringex (~> 1.2.0)
+      will_paginate (~> 2.3.15)
 
 GEM
   remote: http://rubygems.org/
   specs:
     abstract (1.0.0)
-    actionmailer (3.0.1)
-      actionpack (= 3.0.1)
-      mail (~> 2.2.5)
-    actionpack (3.0.1)
-      activemodel (= 3.0.1)
-      activesupport (= 3.0.1)
+    actionmailer (3.0.3)
+      actionpack (= 3.0.3)
+      mail (~> 2.2.9)
+    actionpack (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
       builder (~> 2.1.2)
       erubis (~> 2.6.6)
-      i18n (~> 0.4.1)
+      i18n (~> 0.4)
       rack (~> 1.2.1)
-      rack-mount (~> 0.6.12)
-      rack-test (~> 0.5.4)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.6)
       tzinfo (~> 0.3.23)
-    activemodel (3.0.1)
-      activesupport (= 3.0.1)
+    activemodel (3.0.3)
+      activesupport (= 3.0.3)
       builder (~> 2.1.2)
-      i18n (~> 0.4.1)
-    activerecord (3.0.1)
-      activemodel (= 3.0.1)
-      activesupport (= 3.0.1)
-      arel (~> 1.0.0)
+      i18n (~> 0.4)
+    activerecord (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      arel (~> 2.0.2)
       tzinfo (~> 0.3.23)
-    activeresource (3.0.1)
-      activemodel (= 3.0.1)
-      activesupport (= 3.0.1)
-    activesupport (3.0.1)
-    arel (1.0.1)
-      activesupport (~> 3.0.0)
+    activeresource (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+    activesupport (3.0.3)
+    arel (2.0.3)
     atd-ancestry (1.3.0)
     bcrypt-ruby (2.1.2)
     builder (2.1.2)
-    cancan (1.4.0)
+    cancan (1.4.1)
     capybara (0.3.9)
       culerity (>= 0.2.4)
       mime-types (>= 1.16)
@@ -69,6 +69,7 @@ GEM
     ffi (0.6.3)
       rake (>= 0.8.7)
     foreigner (0.9.1)
+    forgery (0.3.6)
     has_scope (0.5.0)
     i18n (0.4.2)
     inherited_resources (1.1.2)
@@ -79,16 +80,16 @@ GEM
       thor (~> 0.14.4)
     json_pure (1.4.6)
     linecache (0.43)
-    mail (2.2.9)
+    mail (2.2.10)
       activesupport (>= 2.3.6)
       i18n (~> 0.4.1)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.16)
-    nested_set (1.5.3)
+    nested_set (1.5.4)
       activerecord (>= 3.0.0)
       railties (>= 3.0.0)
-    nokogiri (1.4.3.1)
+    nokogiri (1.4.4)
     paperclip (2.3.5)
       activerecord
       activesupport
@@ -98,19 +99,19 @@ GEM
       rack (>= 1.0.0)
     rack-test (0.5.6)
       rack (>= 1.0)
-    rails (3.0.1)
-      actionmailer (= 3.0.1)
-      actionpack (= 3.0.1)
-      activerecord (= 3.0.1)
-      activeresource (= 3.0.1)
-      activesupport (= 3.0.1)
-      bundler (~> 1.0.0)
-      railties (= 3.0.1)
-    railties (3.0.1)
-      actionpack (= 3.0.1)
-      activesupport (= 3.0.1)
-      rake (>= 0.8.4)
-      thor (~> 0.14.0)
+    rails (3.0.3)
+      actionmailer (= 3.0.3)
+      actionpack (= 3.0.3)
+      activerecord (= 3.0.3)
+      activeresource (= 3.0.3)
+      activesupport (= 3.0.3)
+      bundler (~> 1.0)
+      railties (= 3.0.3)
+    railties (3.0.3)
+      actionpack (= 3.0.3)
+      activesupport (= 3.0.3)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
     rake (0.8.7)
     responders (0.6.2)
     rspec (2.0.1)
@@ -139,29 +140,32 @@ GEM
     sqlite3-ruby (1.3.2)
     stringex (1.2.0)
     thor (0.14.4)
-    treetop (1.4.8)
+    treetop (1.4.9)
       polyglot (>= 0.3.1)
     tzinfo (0.3.23)
     warden (0.10.7)
       rack (>= 1.0.0)
+    will_paginate (2.3.15)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  atd-ancestry
+  atd-ancestry (= 1.3.0)
   cancan (~> 1.4.0)
   capybara (~> 0.3.9)
   devise (~> 1.1.3)
   factory_girl (~> 1.3.2)
   foreigner (~> 0.9.1)
+  forgery (~> 0.3.6)
   inherited_resources (~> 1.1.2)
   jquery-rails (~> 0.2.5)
   nested_set (~> 1.5.3)
   paperclip (~> 2.3.4)
-  rails (~> 3.0.1)
+  rails (~> 3.0.3)
   rspec-rails (~> 2.0.0)
   ruby-debug (~> 0.10.3)
   social_stream!
   sqlite3-ruby
   stringex (~> 1.2.0)
+  will_paginate (~> 2.3.15)

data/app/controllers/ties_controller.rb

@@ -5,5 +5,6 @@ class TiesController < InheritedResources::Base
 
   def suggestion
     @tie = current_user.suggestion
+    render :layout  => false
   end
 end

data/app/models/ability.rb

@@ -0,0 +1,2 @@
+class Ability < SocialStream::Ability
+end

data/app/models/actor.rb

@@ -9,7 +9,7 @@ class Actor < ActiveRecord::Base
   has_attached_file :logo,
                     :styles => { :tie => "30x30>",
                                  :actor => '35x35>',
-                                 :profile => '94x65' },
+                                 :profile => '94x94' },
                     :default_url => "/images/:attachment/:style/:subtype_class.png"
 
   has_many :sent_ties,
@@ -142,7 +142,7 @@ class Actor < ActiveRecord::Base
 
   # All the ties this actor has with subject that support activities
   def active_ties_to(subject)
-    sent_ties.received_by(subject).active
+    sent_ties.received_by(subject).allowed(self, 'create', 'activity')
   end
 
   def pending_ties
@@ -159,16 +159,15 @@ class Actor < ActiveRecord::Base
   # The set of activities in the wall of this actor, includes all the activities
   # from the ties the actor has access to
   #
-  # TODO: ties, authorization
   def wall
-    Activity.wall ties
+    Activity.wall Tie.allowed(self, 'read', 'activity')
   end
 
   # The set of activities in the wall profile of this actor, includes the activities
-  # from the ties of this actor
-  # TODO: authorization
-  def wall_profile
-    Activity.wall ties
+  # from the ties of this actor that can be read by user
+  #
+  def wall_profile(user)
+    Activity.wall ties.allowed(user, 'read', 'activity')
   end
 end
 

data/app/models/permission.rb

@@ -1,4 +1,84 @@
 class Permission < ActiveRecord::Base
   has_many :relation_permissions, :dependent => :destroy
   has_many :relations, :through => :relation_permissions
+
+  ParameterConditions = {
+    :table => {
+      'tie' =>
+        "ties_as.sender_id = ties.sender_id AND ties_as.receiver_id = ties.receiver_id AND ties_as.relation_id = ties.relation_id",
+      'weak_set' =>
+        "ties_as.sender_id = ties.sender_id AND ties_as.receiver_id = ties.receiver_id AND relations.lft BETWEEN relations_as.lft AND relations_as.rgt",
+      'inverse_weak_set' =>
+        "ties_as.sender_id = ties.receiver_id AND ties_as.receiver_id = ties.sender_id AND relations.inverse_id = relations_inverse.id AND relations_inverse.lft BETWEEN relations_as.lft AND relations_as.rgt",
+      'group_set' =>
+        "ties_as.receiver_id = ties.receiver_id AND ties_as.relation_id = ties.relation_id",
+      'inverse_group_set' =>
+        "ties_as.sender_id = ties.receiver_id AND ties_as.relation_id = relations.inverse_id",
+      'weak_group_set' =>
+        "ties_as.receiver_id = ties.receiver_id AND relations.lft BETWEEN relations_as.lft AND relations_as.rgt",
+      'inverse_weak_group_set' =>
+        "ties_as.sender_id = ties.receiver_id AND relations.inverse_id = relations_inverse.id AND relations_inverse.lft BETWEEN relations_as.lft AND relations_as.rgt"
+    },
+    :arel => {
+      'tie' => lambda { |as, t|
+        # The same sender, receiver and relation
+        as[:sender_id].eq(t.sender_id).and(
+          as[:receiver_id].eq(t.receiver_id)).and(
+          as[:relation_id].eq(t.relation_id))
+      },
+      'weak_set' => lambda { |as, t|
+        # The same sender and receiver, but a stronger or equal relation
+        as[:sender_id].eq(t.sender_id).and(
+          as[:receiver_id].eq(t.receiver_id)).and(
+          as[:relation_id].in(t.relation.stronger_or_equal.map(&:id)))
+      },
+      'inverse_weak_set' => lambda { |as, t|
+        # Senders and receivers interchanged, with a stronger or equal relation of the inverse
+        as[:sender_id].eq(t.receiver_id).and(
+          as[:receiver_id].eq(t.sender_id)).and(
+          as[:relation_id].in(Array(t.relation.inverse.try(:stronger_or_equal)).map(&:id)))
+      },
+      'group_set' => lambda { |as, t|
+        # The same receiver and relation
+        as[:receiver_id].eq(t.receiver_id).and(
+          as[:relation_id].eq(t.relation_id))
+      },
+      'inverse_group_set' => lambda { |as, t|
+        # Senders to the common receiver in the same relation
+        as[:sender_id].eq(t.receiver_id).and(
+          as[:relation_id].eq(t.relation.inverse_id))
+      },
+      'weak_group_set' => lambda { |as, t|
+        # The same receiver with stronger or equal relations
+        as[:receiver_id].eq(t.receiver_id).and(
+          as[:relation_id].in(t.relation.stronger_or_equal.map(&:id)))
+      },
+      'inverse_weak_group_set' => lambda { |as, t|
+        # Senders to the common receiver with stronger or equal relations
+        as[:sender_id].eq(t.receiver_id).and(
+          as[:relation_id].in(Array(t.relation.inverse.try(:stronger_or_equal)).map(&:id)))
+      }
+    }
+  }
+
+  class << self
+    def parameter_conditions(tie = nil)
+      if tie.present?
+        ParameterConditions[:arel].inject([]) { |conditions, h|
+          # Add the condition 'permissions.parameter = key'
+          # to all arel ParameterConditions
+          conditions <<
+            h.last.call(Tie.arel_table, tie).and(arel_table[:parameter].eq(h.first))
+        }.inject(nil){ |result, pc|
+          # Join all ParameterConditions with OR
+          result.nil? ? pc : result.or(pc)
+        }
+      else
+        ParameterConditions[:table].inject([]){ |result, pc|
+          result <<
+            sanitize_sql([ "#{ pc.last } AND permissions.parameter = ?", pc.first ])
+        }.join(" OR ")
+      end
+    end
+  end
 end

data/app/models/relation.rb

@@ -25,11 +25,7 @@
 # sends a friendship_request to B. A is granting the friend relation with B, that is,
 # friendship_request grants friend relation.
 #
-# == Active relations
-# Those relations whose ties support activities. The default scope define active
-# relations as those that do not grant other relations, those that are not invitations
-# or requests.
-#
+
 class Relation < ActiveRecord::Base
   acts_as_nested_set
 
@@ -44,7 +40,6 @@ class Relation < ActiveRecord::Base
 
   scope :reflexive, where(:reflexive => true)
   scope :request, where('relations.granted_id IS NOT NULL')
-  scope :active, where(:granted_id => nil)
 
   has_many :relation_permissions, :dependent => :destroy
   has_many :permissions, :through => :relation_permissions

data/app/models/tie.rb

@@ -64,7 +64,6 @@ class Tie < ActiveRecord::Base
   }
 
   scope :pending, includes(:relation) & Relation.request
-  scope :active, includes(:relation) & Relation.active
 
   scope :inverse, lambda { |t|
     sent_by(t.receiver).
@@ -117,65 +116,58 @@ class Tie < ActiveRecord::Base
     relation_set(:relations => r).first
   end
 
-  # Access Control
+  # The inverse tie
+  def inverse
+    Tie.inverse(self).first
+  end
 
+  # Access Control
+  
   scope :with_permissions, lambda { |action, object|
-    includes(:relation => :permissions).
+    joins(:relation => :permissions).
       where('permissions.action' => action).
       where('permissions.object' => object)
   }
 
-  scope :parameterized, lambda { |tie|
-    where(tie_conditions(tie).
-          or(weak_set_conditions(tie)).
-          or(group_set_conditions(tie)).
-          or(weak_group_set_conditions(tie)))
-  }
-
+  # Given a given permission (action, object), the access_set are the set of ties that grant that permission.
   scope :access_set, lambda { |tie, action, object|
     with_permissions(action, object).
-      parameterized(tie)
+      where(Permission.parameter_conditions(tie))
+  }
+
+  scope :allowed_set, lambda { |action, object|
+    query = 
+      select("DISTINCT ties.*").
+        from("ties INNER JOIN relations ON relations.id = ties.relation_id, ties as ties_as INNER JOIN relations AS relations_as ON relations_as.id = ties_as.relation_id INNER JOIN relation_permissions ON relations_as.id = relation_permissions.relation_id INNER JOIN permissions ON permissions.id = relation_permissions.permission_id, relations as relations_inverse").
+        where("permissions.action = ?", action).
+        where("permissions.object = ?", object)
+
+    conds = Permission.parameter_conditions
+    # FIXME: Patch to support public activities
+    if action == 'read' && object == 'activity'
+      conds = sanitize_sql([ "( #{ conds } ) OR relations.name = ?", "public" ])
+    end
+
+    query.where(conds)
+  }
+
+  scope :allowed, lambda { |actor, action, object|
+    allowed_set(action, object).
+      where("ties_as.receiver_id" => Actor_id(actor))
   }
 
+  def access_set(action, object)
+    self.class.access_set(self, action, object)
+  end
 
   def permissions(user, action, object)
-    self.class.
-      sent_by(user).
-      access_set(self, action, object)
+    access_set(action, object).received_by(user)
   end
 
   def permission?(user, action, object)
     permissions(user, action, object).any?
   end
 
-  class << self
-    def tie_conditions(t)
-      arel_table[:sender_id].eq(t.sender_id).and(
-        arel_table[:receiver_id].eq(t.receiver_id)).and(
-        arel_table[:relation_id].eq(t.relation_id)).and(
-        Permission.arel_table[:parameter].eq('tie'))
-    end
-
-    def weak_set_conditions(t)
-      arel_table[:sender_id].eq(t.sender_id).and(
-        arel_table[:receiver_id].eq(t.receiver_id)).and(
-        arel_table[:relation_id].in(t.relation.stronger_or_equal.all)).and(
-        Permission.arel_table[:parameter].eq('weak_set'))
-    end
-
-    def group_set_conditions(t)
-      arel_table[:receiver_id].eq(t.receiver_id).and(
-        arel_table[:relation_id].eq(t.relation_id)).and(
-        Permission.arel_table[:parameter].eq('group_set'))
-    end
-
-    def weak_group_set_conditions(t)
-      arel_table[:receiver_id].eq(t.receiver_id).and(
-        arel_table[:relation_id].in(t.relation.stronger_or_equal.all)).and(
-        Permission.arel_table[:parameter].eq('weak_group_set'))
-    end
-  end
-
   private
 
   # Before validation callback

data/app/views/activities/_child.html.erb

@@ -1,7 +1,6 @@
 <%= div_for activity, :class => "subactivity" do %>
   <div class="actor_logo_subactivity">
-    <%= link_to image_tag(activity.sender_subject.logo.url(),
-                          :size => "30x30",
+    <%= link_to image_tag(activity.sender_subject.logo.url(:actor),
                           :alt => activity.sender_subject.name),
                  activity.sender_subject %>
   </div>