stasi 0.1.0 → 0.1.2

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    stasi (0.1.0)
+    stasi (0.1.1)
       dsl_eval (>= 0.0.2)
 
 GEM

data/README.md

@@ -1,4 +1,4 @@
-# Stasi
+# Stasi [![Build Status](https://secure.travis-ci.org/VonD/stasi.png)](http://travis-ci.org/VonD/stasi)
 
 A small authorization library inspired by CanCan
 
@@ -30,7 +30,7 @@ Robotnik::Authorization::Law.define do
   end
   
   status :admin do
-    can :edit, Post, if: Proc.new{ |post| post.editable }
+    can :edit, Post, if: Proc.new{ |post| post.editable? }
     can :destroy, Post
   end
   
@@ -49,7 +49,14 @@ The `can` method takes two arguments : an action name as a symbol, and a resourc
 * a class, eg. `Post`
 * a symbol, eg. `:commentable`. The authorization will be applied if `@post.commentable` returns `true`. This method can take one argument, in which case, the user object will be passed to it.
 
-Optionnally, the `can` method can take a hash with conditions (hash keys can be `if` and `unless`, values can be Proc. The resource tested will be yielded).
+When checking permission, you can pass an `:as` option to provide the right resource. As the gem in ORM agnostic, this can be useful when checking on a collection :
+
+```ruby
+# if you defined the ability as : can :read, Post
+current_user.can? :read, Post.published, as: Post
+```
+
+Optionnally, the `can` method can take a hash with conditions (hash keys can be `if` and `unless`, values can be Proc, or a symbol on which will be called `to_proc`. The resource tested will be yielded).
 Finally, the `can` method can take a block, in which case the `can?` method will return the return value of the block. This is useful when defining abilities on collections :
 
 ```ruby
@@ -62,7 +69,7 @@ The `cannot` method takes only two arguments : the action name, and the resource
 
 ## Milestones
 
+* reload config in dev mode in rails
 * yield user to blocks and procs in defining abilities
-* pass symbol or proc to `:if` and `:unless` conditions
 * alias actions :manage, :all, :read => [:index, :show], :create => [:new, :create], …
 * load specific permissions from db

data/Rakefile

@@ -1,6 +1,8 @@
 require "bundler/gem_tasks"
 require 'rake/testtask'
 
+task :default => :test
+
 Rake::TestTask.new do |t|
   t.libs << 'test'
   t.pattern = "test/*_test.rb"

data/lib/stasi/authorization/status.rb

@@ -26,8 +26,8 @@ module Robotnik
                     action_condition.call(resource)
                   else
                     deliberation = true
-                    deliberation = deliberation && action_condition[:if].call(resource) if action_condition.has_key?(:if)
-                    deliberation = deliberation && (! action_condition[:unless].call(resource)) if deliberation && action_condition.has_key?(:unless)
+                    deliberation = deliberation && action_condition[:if].to_proc.call(resource) if action_condition.has_key?(:if)
+                    deliberation = deliberation && (! action_condition[:unless].to_proc.call(resource)) if deliberation && action_condition.has_key?(:unless)
                     deliberation
                   end
               end
@@ -37,6 +37,7 @@ module Robotnik
         end
         
         def self.matches? rule_condition, resource, options
+          return true if options.has_key?(:as) && options[:as] == rule_condition
           rule_condition = rule_condition.to_proc if rule_condition.respond_to?(:to_proc)
           begin
             rule_condition === resource

data/test/status_test.rb

@@ -3,6 +3,14 @@ require 'test_helper'
 class StatusTest < ActiveSupport::TestCase
   
   Book = Class.new
+  Book.class_eval do
+    def method_returning_true
+      true
+    end
+    def method_returning_false
+      false
+    end
+  end
   
   def setup
     @status = Robotnik::Authorization::Status.new
@@ -32,7 +40,7 @@ class StatusTest < ActiveSupport::TestCase
     assert_equal true, @status.instance_variable_get('@rules')[Book][:read]
   end
   
-  test "it defines authorization with if and unless options" do
+  test "it defines authorization with if and unless options and a Proc" do
     Post = Struct.new :name
     assertions = [true, false, false, true, false, true, false, false]
     [[true, nil], [nil, true], [false, nil], [nil, false], [true, true], [true, false], [false, true], [false, false]].each_with_index do |conditions, i|
@@ -51,6 +59,24 @@ class StatusTest < ActiveSupport::TestCase
     end
   end
   
+  test "it defines authorization with if and unless options and a symbol" do
+    assertions = [true, false, false, true, false, true, false, false]
+    [[true, nil], [nil, true], [false, nil], [nil, false], [true, true], [true, false], [false, true], [false, false]].each_with_index do |conditions, i|
+      conditions_hash = {}
+      [:if, :unless].each_with_index do |operator, j|
+        unless conditions[j].nil?
+          if conditions[j]
+            conditions_hash[operator] = :method_returning_true
+          else
+            conditions_hash[operator] = :method_returning_false
+          end
+        end
+      end
+      @status.can :read, Book, conditions_hash
+      assert_equal assertions[i], @status.can?(:read, Book.new)
+    end
+  end
+  
   test "it defines authorizations with a block" do
     Book.class_eval do
       attr_accessor :collection
@@ -110,5 +136,11 @@ class StatusTest < ActiveSupport::TestCase
     @status.can :read, :taggable
     assert @status.can? :read, o
   end
+  
+  test "it overrides the matching condition when :as option is present" do
+    @status.can :read, Fixnum
+    refute @status.can? :read, Object.new
+    assert @status.can? :read, Object.new, as: Fixnum
+  end
 
 end

metadata

@@ -2,7 +2,7 @@
 name: stasi
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.1.0
+  version: 0.1.2
 platform: ruby
 authors:
 - Paul Vonderscher