thwart 0.0.3 → 0.0.4

data/.gitignore

@@ -20,5 +20,6 @@ tmtags
 coverage
 rdoc
 pkg
+.bundle
 
 ## PROJECT::SPECIFIC

data/Gemfile

@@ -0,0 +1,6 @@
+source :gemcutter
+gem "activesupport", "~> 3.0.rc1"
+gem "i18n"
+group :development do
+  gem 'rspec', '~> 2.0.0.beta.20'
+end

data/Rakefile

@@ -1,6 +1,6 @@
 require 'rubygems'
 require 'rake'
-
+require 'bundler'
 begin
   require 'jeweler'
   Jeweler::Tasks.new do |gem|
@@ -10,8 +10,7 @@ begin
     gem.email = "harry@skylightlabs.ca"
     gem.homepage = "http://github.com/hornairs/thwart"
     gem.authors = ["Harry Brundage"]
-    gem.add_development_dependency "rspec", ">= 2.0.0.beta19"
-    gem.add_dependency "activesupport", ">= 3.0.rc1"
+    gem.add_bundler_dependencies
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end
   Jeweler::GemcutterTasks.new

data/VERSION

@@ -1 +1 @@
-0.0.2
+0.0.4

data/lib/thwart.rb

@@ -1,4 +1,5 @@
 require 'active_support'
+require 'active_support/ruby/shim'
 require 'active_support/callbacks'
 require 'active_support/core_ext/module/attribute_accessors'
 require "active_support/core_ext/module/delegation"
@@ -30,23 +31,23 @@ module Thwart
   # autoload :Dsl, 'thwart/dsl'
   
   # The default can => able methods for CRUD
-  CrudActions = {:create => :creatable, :show => :shoew, :update => :updatable, :destroy => :destroyable}
+  CrudActions = {:create => :creatable, :show => :showable, :update => :updatable, :destroy => :destroyable}
   
   Actions       = ActionsStore.new
+  Actionables   = ActionGroupBuilder.new(Actions)
   Roles         = RoleRegistry.new
   
   class << self
-    attr_reader :actionables_dsl, :role_dsl
-    attr_accessor :default_query_response, :role_registry, :actor_must_play_role, :all_classes_are_resources
+    attr_reader :role_dsl
+    attr_accessor :default_query_response, :role_registry, :actor_must_play_role, :all_classes_are_resources, :log_query_path, :last_query_path
     delegate :create_action, :to => "Thwart::Actions"
-    delegate :create_action_group, :to => :actionables_dsl
+    delegate :create_action_group, :to => "Thwart::Actionables"
     delegate :create_role, :to => :role_dsl
     delegate :query, :to => "Thwart::Roles"
     
     def configure(&block)
       # Create builder DSLs for this configuration block
-      @actionables_dsl = ActionGroupBuilder.new(Actions)
-      @role_dsl = RoleBuilder.new(@actionables_dsl)
+      @role_dsl = RoleBuilder.new(Actionables)
       Roles.monitor_builder(@role_dsl)
       
       # Configure
@@ -55,13 +56,15 @@ module Thwart
       dsl.evaluate(self, &block)
       
       # Unset and stop monitoring builder DSLs so they can be GC'd
-      @actionables_dsl = nil
       @role_dsl = nil
       Roles.monitor_builder(nil)
       self
     end
   end
+  self.log_query_path = false
   
   class MissingAttributeError < StandardError; end
   class NoPermissionError < StandardError; end
-end
+end
+
+require 'thwart/rails' if defined?(Rails)

data/lib/thwart/action_group_builder.rb

@@ -37,7 +37,6 @@ module Thwart
       
       return name.map{|n| resolve_action_group(n)}.flatten.uniq if name.respond_to?(:map)
       return self.actionables[name].flatten.uniq if self.actionables.include?(name)
-      puts self.actionables
       raise Thwart::ActionOrGroupNotFoundError, "Action or group #{name} could not be found!"
     end
     

data/lib/thwart/actions_store.rb

@@ -29,7 +29,8 @@ module Thwart
     #
     #   @param [Symbol] able_method The name of the [action-able]_by? method.  
     def can_from_able(able)
-      self.actions.key(able.to_sym)
+      pair = self.actions.find {|k, v| v == able}
+      pair.first if pair
     end
 
     # Adds an action to actions and the correct methods to can and able modules.

data/lib/thwart/canable.rb

@@ -2,12 +2,12 @@ module Thwart
   # Module in which the can_[action]? methods hang out
   module Cans   
   
-    def respond_to?(name)
-      return true if Thwart::Actions.find_can(name) != false
+    def respond_to?(*args)
+      return true if Thwart::Actions.find_can(args.first) != false
       super
     end
   
-    def method_missing(name, *args)
+    def method_missing(name, *args, &block)
       can = Thwart::Actions.find_can(name)
       return Thwart.query(self, args.first, can) if args.length == 1 && !!can
       super
@@ -16,12 +16,12 @@ module Thwart
 
   # Module in which the [action]able_by? methods hang out
   module Ables
-    def respond_to?(name)
-      return true if Thwart::Actions.find_able(name) != false
+    def respond_to?(*args)
+      return true if Thwart::Actions.find_able(args.first) != false
       super
     end
   
-    def method_missing(name, *args)
+    def method_missing(name, *args, &block)
       able = Thwart::Actions.find_able(name)
       return Thwart.query(args.first, self, Thwart::Actions.can_from_able(able)) if args.length == 1 && !!able
       super

data/lib/thwart/dsl.rb

@@ -13,16 +13,15 @@ module Thwart
     def evaluate(a_target, &block)
       self.target = a_target
       self.method_map = target.public_methods.inject({}) do |acc, m| 
-        key = m.to_s.gsub("=", "").intern
+        key = m.to_s.gsub(/=$/, "").to_sym
         acc[key] = m if acc[key].nil? || m != key
         acc 
       end.merge(self.extra_methods)
-      
       self.instance_eval(&block)
       self.target
     end
     
-    def respond_to?(name)
+    def respond_to?(name, other = false)
       if @all
         return target.respond_to?(name)
       else

data/lib/thwart/enforcer.rb

@@ -1,12 +1,17 @@
 module Thwart
   module Enforcer
-    def thwart_access(resource)
+    def thwart_access(resource, action = nil)
+      if action.blank?
+        raise ArgumentError, "thwart_access needs an action or the params hash to have an [:action] to enforce." if !self.respond_to?(:params) || !self.params.respond_to?(:[]) || self.params[:action].nil?
+        action = params[:action] 
+      end
+      action = action.to_sym
       raise ArgumentError, "Thwart needs a current_user method to enforce permissions." unless self.respond_to?(:current_user)
-      raise ArgumentError, "Thwart needs the params hash to have an [:action] to enforce." if params.nil? || params[:action].nil?
-      raise ArgumentError, "Unknown action #{params[:action]} to enforce" unless Thwart::Actions.has_can?(params[:action])
+      
+      raise ArgumentError, "Unknown action #{action} to enforce" unless Thwart::Actions.has_can?(action)
 
-      unless Thwart.query(current_user, resource, params[:action])
-        raise Thwart::NoPermissionError, "User #{current_user} doesn't have permission to #{params[:action]} #{resource}."
+      unless Thwart.query(current_user, resource, action)
+        raise Thwart::NoPermissionError, "User #{current_user} doesn't have permission to #{action} #{resource}."
       else
         true
       end

data/lib/thwart/rails.rb

@@ -0,0 +1,5 @@
+require 'thwart'
+class ActiveRecord::Base
+  include Thwart::Resource
+end
+Thwart::Actions.add_crud!

data/lib/thwart/resource.rb

@@ -6,11 +6,20 @@ module Thwart::Resource
     base.extend ClassMethods
   end
   
+  def thwart_name
+    self.class.thwart_name
+  end
+  
   module ClassMethods
     attr_accessor :thwart_name
     
+    def thwart_name
+      return nil unless @thwarted
+      return @thwart_name unless @thwart_name.nil?      
+      ActiveSupport::Inflector.singularize(self.table_name).to_sym if self.respond_to?(:table_name)
+    end
     def thwart_access(&block) 
-      self.thwart_name = ActiveSupport::Inflector.singularize(self.table_name) if self.respond_to?(:table_name)
+      @thwarted = true
       
       # Set up DSL using dsl helper
       if block_given? 

data/lib/thwart/role.rb

@@ -21,10 +21,9 @@ module Thwart
     def query(actor, resource, action) 
       @query_result_found = false
       resp = nil
-
       if self.responses.has_key?(action)
         # Find the resource scope response if it exists {:view => {:foo => bool}}
-        resp = self.resource_response(self.responses[action], resource) if !found? 
+        resp = self.resource_response(self.responses[action], self.find_resource_name(resource)) if !found? 
         # Find the action scope response if it exists {:view => bool}
         resp = self.action_response(action) if !found?
       end
@@ -34,14 +33,14 @@ module Thwart
       # Call it if it is a proc
       resp = resp.call(actor, resource, action) if resp.respond_to?(:call) 
 
-      return resp
+      resp
     end
     
-    def resource_response(resources, resource)
+    def resource_response(resources, name)
       # Return the resource scoped response if it exists
       if resources.respond_to?(:[]) && resources.respond_to?(:include?) 
-        if resources.include?(resource)
-          return found!(resources[resource])
+        if resources.include?(name)
+          return found!(resources[name])
         elsif resources.include?(:_other)
           return found!(resources[:_other])
         end
@@ -58,6 +57,17 @@ module Thwart
       nil
     end
     
+    def find_resource_name(resource)
+      return resource if resource.is_a?(Symbol)
+      r ||= resource.thwart_name if resource.respond_to?(:thwart_name)
+      if resource.class != Class
+        r ||= resource.class.thwart_name if resource.class.respond_to?(:thwart_name)
+        r ||= resource.class.name.downcase if Thwart.all_classes_are_resources
+      end
+      r = r.to_sym if r.respond_to?(:to_sym)
+      r
+    end
+    
     private
     
     def found!(response)

data/lib/thwart/role_builder.rb

@@ -95,7 +95,7 @@ module Thwart
       @current_response = old
     end
 
-    def respond_to?(name)
+    def respond_to?(name,  other = false)
       return true if self.actionables.has_key?(name)
       super
     end

data/lib/thwart/role_registry.rb

@@ -13,19 +13,36 @@ module Thwart
       @roles << role
     end
     
-    def query(actor, resource, action)
+    def query(actor, resource, action)    
       role = self.find_actor_role(actor)
-      resource = self.find_resource_identifier(resource)
+      if Thwart.log_query_path
+        Thwart.last_query_path = [] 
+        Thwart.last_query_path.push({:actor => actor, :resource => resource, :action => action})
+        name = resource.thwart_name if resource.respond_to?(:thwart_name)
+        name ||= resource
+        Thwart.last_query_path.push({:actor_role => role.name, :resource_name => resource})
+      end
+      
       if role.nil? || !self.has_role?(role) 
         raise MissingRoleError, "Role #{role} could not be found in the registry!" if Thwart.actor_must_play_role
       else
         q = [role]
         while r = q.shift
           resp = r.query(actor, resource, action)
-          if resp != nil 
+          
+          if Thwart.log_query_path
+            Thwart.last_query_path.push("Querying #{r.name}")
+            Thwart.last_query_path.push(r)
+            Thwart.last_query_path.push("Response: #{resp}")
+          end
+          
+          if resp != nil
             return resp # positive/negative response from the role, a rule governs the role on this query
           else
-            q = q | r.parents # add this roles parents to the query queue
+            q = q | r.parents.map do |a| 
+              a = self.find_role(a) if a.is_a?(Symbol)
+              a 
+            end # add this roles parents to the query queue
           end
         end
       end
@@ -39,19 +56,8 @@ module Thwart
   
     def find_actor_role(actor)
       r = actor.thwart_role if actor.respond_to?(:thwart_role)
-      r ||= r.to_sym if r.respond_to?(:to_sym)
-      if r.is_a?(Symbol)
-        r = self.roles.find {|a| a.name == r}
-      end
-      r
-    end
-  
-    def find_resource_identifier(resource)
-      r ||= resource.thwart_name if resource.respond_to?(:thwart_name)
-      if resource.class != Class
-        r ||= resource.class.thwart_name if resource.class.respond_to?(:thwart_name)
-        r ||= resource.class.name.downcase.to_sym if Thwart.all_classes_are_resources
-      end
+      r = r.to_sym if r.respond_to?(:to_sym)
+      r = find_role(r) if r.is_a?(Symbol)
       r
     end
   
@@ -71,5 +77,9 @@ module Thwart
       end
       @role_creator = role_creator
     end
+    
+    def find_role(name)
+      self.roles.find {|a| a.name == name}
+    end
   end
 end

data/spec/actions_store_spec.rb

@@ -50,13 +50,13 @@ describe Thwart::ActionsStore do
     it "should have C for create" do
       @actions.has_can?(:create).should == true
     end
-    it "should have R for ...er... view" do
-      @actions.has_can?(:view).should == true
+    it "should have R for .. er ... show" do
+      @actions.has_can?(:show).should == true
     end
     it "should have U for update" do
       @actions.has_can?(:update).should == true
     end
-    it "should have D for delete" do
+    it "should have D for destroy" do
       @actions.has_can?(:destroy).should == true
     end
   end

data/spec/dsl_spec.rb

@@ -45,7 +45,7 @@ describe Thwart::Dsl do
   describe "with method_missing defined on the target" do
     before do
       target_class = Class.new do
-        def respond_to?(name)
+        def respond_to?(name,  other = false)
           return true if [:test1, :test2].include?(name)
           super
         end

data/spec/enforcer_spec.rb

@@ -1,17 +1,45 @@
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
 
-
+def enforced_controller(&block) 
+  class_with_module(Thwart::Enforcer, &block)
+end
 describe Thwart::Enforcer do
+  before do
+    Thwart::Actions.stub(:has_can? => true)
+    @controller_klass = enforced_controller do
+      def current_user
+        :user
+      end
+    end
+    @r = double("resource")
+  end
+  
   context "access enforcment" do
     it "should need the current user method defined on the controller" do
-      lambda { instance_with_module(Thwart::Enforcer).thwart_access }.should raise_error(ArgumentError)
+      lambda { enforced_controller.new.thwart_access }.should raise_error(ArgumentError)
+    end
+    it "should need either the params hash or be passed action key" do
+      i = @controller_klass.new
+      lambda { i.thwart_access(@r) }.should raise_error(ArgumentError)
+      lambda { i.thwart_access(@r, :some_action) }.should_not raise_error(ArgumentError)
+
+      i2 = @controller_klass.new
+      i2.should_receive(:params).at_least(:once).and_return({:action => :an_action})
+      lambda { i2.thwart_access(@r) }.should_not raise_error(ArgumentError)
+    end
+
+    it "should thwart access by raising an error if the user doesn't have permission" do
+      Thwart.stub(:query => false)
+      lambda { @controller_klass.new.thwart_access(@r, :an_action) }.should raise_error(Thwart::NoPermissionError)
+    end
+    it "should return true if the user does have permission" do
+      Thwart.stub(:query => true)
+      lambda { @controller_klass.new.thwart_access(@r, :an_action) }.should_not raise_error(Thwart::NoPermissionError)
     end
-    it "should need the params hash to have an action key" do
-      class_with_module(Thwart::Enforcer)
-      lambda { @controller.thwart_access }.should raise_error(ArgumentError)
+    it "should convert string actions" do
+      Thwart.stub(:query => true)
+      lambda { @controller_klass.new.thwart_access(@r, "an_action") }.should_not raise_error(Thwart::NoPermissionError)
     end
-    it "should need the params[:actions] to be a recognized action"
-    it "should thwart access by raising an error if the user doesn't have permission"
-    it "should return true if the user does have permission"
+    
   end
 end

data/spec/resource_spec.rb

@@ -11,7 +11,7 @@ describe Thwart::Resource do
     end
     
     it "should have set its own name" do
-      @resource.class.thwart_name.should == "generic"
+      @resource.class.thwart_name.should == :generic
     end
   end
   

data/spec/role_registry_spec.rb

@@ -49,35 +49,15 @@ describe Thwart::RoleRegistry do
       actor = double("Actor", :thwart_role => :role1)
       @registry.find_actor_role(actor).should == @role
     end
+    it "should convert strings to roles" do
+      actor = double("Actor", :thwart_role => "role1")
+      @registry.find_actor_role(actor).should == @role
+    end
     it "should find nil for symbols pointing to non registered roles " do
       actor = double("Actor", :thwart_role => :role2)
       @registry.find_actor_role(actor).should == nil
     end
   end
-  context "resource finding" do
-    it "should find nil for nil" do
-      @registry.find_resource_identifier(nil).should == nil
-    end
-    it "should find using the thwart_name attribute" do
-      resource = double("Resource", :thwart_name => :balls)
-      @registry.find_resource_identifier(resource).should == :balls
-    end
-    it "should find using the class thwart_name attribute" do
-      klass = Class.new do
-        def thwart_name
-          :balls
-        end
-      end
-      @registry.find_resource_identifier(klass.new).should == :balls
-    end
-    it "should find using the class name if the gem wide setting is set" do
-      Thwart.all_classes_are_resources = true
-      class Bollocks; end
-      @registry.find_resource_identifier(Bollocks.new).should == :bollocks
-      Thwart.all_classes_are_resources = false
-    end
-    
-  end
   context "querying" do
     it "should return the default if the role can't be found and the gem wide setting is set" do
       Thwart.actor_must_play_role = false
@@ -110,6 +90,14 @@ describe Thwart::RoleRegistry do
         @registry.query(actor_with_role(@role1), nil, nil).should == false
       end
       
+      it "should log the query path if the gem wide setting is set" do
+        Thwart.stub(:log_query_path => true)
+        a = actor_with_role(@role1)
+        @registry.query(a, nil, nil)
+        Thwart.last_query_path.should == [
+          {:actor => a, :resource => nil, :action => nil}, {:actor_role => :role1, :resource_name => nil}, "Querying role1", @role1, "Response: false"]
+      end
+      
       it "should query the parents in a breadth first order if the role query is unsuccessful" do 
         @role3.should_receive(:parents)
         @registry.query(actor_with_role(@role3), nil, nil).should == true # this ensures role2 is checked before role1

data/spec/role_spec.rb

@@ -24,7 +24,32 @@ describe Thwart::Role do
     @role.parents += [:a, :c]
     @role.parents.should == [:a, :b, :c]
   end
-  
+  context "resource finding" do
+    before do
+      @role = instance_with_role_definition
+    end
+    it "should find nil for nil" do
+      @role.find_resource_name(nil).should == nil
+    end
+    it "should find using the thwart_name attribute" do
+      resource = double("Resource", :thwart_name => :balls)
+      @role.find_resource_name(resource).should == :balls
+    end
+    it "should find using the class thwart_name attribute" do
+      klass = Class.new do
+        def thwart_name
+          "balls"
+        end
+      end
+      @role.find_resource_name(klass.new).should == :balls
+    end
+    it "should find using the class name if the gem wide setting is set" do
+      Thwart.all_classes_are_resources = true
+      class Bollocks; end
+      @role.find_resource_name(Bollocks.new).should == :bollocks
+      Thwart.all_classes_are_resources = false
+    end
+  end
   context "with simple responses set" do
     before do
       @role = instance_with_role_definition do

data/spec/spec_helper.rb

@@ -1,3 +1,7 @@
+require 'rubygems'
+require 'bundler'
+Bundler.setup
+
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 require 'thwart'
@@ -32,14 +36,16 @@ def generic_model(name=nil, &block)
   klass
 end
 
-def class_with_module(mod)
-  Class.new do
+def class_with_module(mod, &block)
+  klass = Class.new do
     include mod
   end
+  klass.class_eval(&block) if block_given?
+  klass
 end
 
-def instance_with_module(mod)
-  class_with_module(mod).new
+def instance_with_module(mod, &block)
+  class_with_module(mod, &block).new
 end
 
 def instance_with_role_definition(&block)

data/spec/thwart_spec.rb

@@ -45,10 +45,8 @@ describe Thwart do
       end
     end
     it "should create new action groups" do
-      actionables = double("actionables")
-      Thwart::ActionGroupBuilder.should_receive(:new).and_return(actionables)
-      actionables.should_receive(:create_action_group).with(:manage)
-      actionables.should_receive(:create_action_group).with(:inspect, [])
+      Thwart::Actionables.should_receive(:create_action_group).with(:manage)
+      Thwart::Actionables.should_receive(:create_action_group).with(:inspect, [])
       Thwart.configure do
         action_group :manage
         action_group :inspect, []

data/thwart.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{thwart}
-  s.version = "0.0.3"
+  s.version = "0.0.4"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Harry Brundage"]
@@ -19,6 +19,7 @@ Gem::Specification.new do |s|
   s.files = [
     ".document",
      ".gitignore",
+     "Gemfile",
      "LICENSE",
      "README.rdoc",
      "Rakefile",
@@ -33,6 +34,7 @@ Gem::Specification.new do |s|
      "lib/thwart/canable.rb",
      "lib/thwart/dsl.rb",
      "lib/thwart/enforcer.rb",
+     "lib/thwart/rails.rb",
      "lib/thwart/resource.rb",
      "lib/thwart/role.rb",
      "lib/thwart/role_builder.rb",
@@ -70,8 +72,7 @@ Gem::Specification.new do |s|
      "spec/spec_helper.rb",
      "spec/thwart_spec.rb",
      "examples/a_complete_example.rb",
-     "examples/example_helper.rb",
-     "examples/testing.rb"
+     "examples/example_helper.rb"
   ]
 
   if s.respond_to? :specification_version then

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: thwart
 version: !ruby/object:Gem::Version 
-  hash: 25
+  hash: 23
   prerelease: false
   segments: 
   - 0
   - 0
-  - 3
-  version: 0.0.3
+  - 4
+  version: 0.0.4
 platform: ruby
 authors: 
 - Harry Brundage
@@ -78,6 +78,7 @@ extra_rdoc_files:
 files: 
 - .document
 - .gitignore
+- Gemfile
 - LICENSE
 - README.rdoc
 - Rakefile
@@ -92,6 +93,7 @@ files:
 - lib/thwart/canable.rb
 - lib/thwart/dsl.rb
 - lib/thwart/enforcer.rb
+- lib/thwart/rails.rb
 - lib/thwart/resource.rb
 - lib/thwart/role.rb
 - lib/thwart/role_builder.rb
@@ -109,7 +111,6 @@ files:
 - spec/spec_helper.rb
 - spec/thwart_spec.rb
 - thwart.gemspec
-- examples/testing.rb
 has_rdoc: true
 homepage: http://github.com/hornairs/thwart
 licenses: []
@@ -159,4 +160,3 @@ test_files:
 - spec/thwart_spec.rb
 - examples/a_complete_example.rb
 - examples/example_helper.rb
-- examples/testing.rb

data/examples/testing.rb

@@ -1,21 +0,0 @@
-#require File.expand_path(File.dirname(__FILE__) + '/example_helper')
-
-
-class User
-  # include Thwart::Actor
-  # thwart_access do
-  #   role_method :role
-  # end
-  attr_accessor :name, :role
-  def initialize(n, r)
-    self.name = n
-    self.role = r
-  end
-end
-user = User.new('Bob', :employee)
-map = user.public_methods.inject({}) do |acc, m| 
-  debugger if m.to_s.gsub(/=$/, "") == ""
-  key = m.to_s.gsub(/=$/, "").to_sym
-  acc[key] = m if acc[key].nil? || m != key
-  acc 
-end