trust 0.5.1 → 0.6.0

data/README.md

@@ -17,6 +17,7 @@ Well, we used [DeclarativeAuthorization](http://github.com/stffn/declarative_aut
 * Support for inheritance in the permissions model
 * Natural code evaluation in the permission declarations, i.e. you understand completely what is going on, because the implementation is done the way you implement condifitions in rails for validations and alike.
 * Automatic loading of instances and parents in controller
+* Mongoid support
 
 ### What is not supported in Trust
 
@@ -24,7 +25,6 @@ Well, we used [DeclarativeAuthorization](http://github.com/stffn/declarative_aut
 
 ### Currently not supported, but may be in the future
 
-* Support for devise. However you may easily implement this by overriding one method in your controller.
 * cannot and cannot? expressions.
 
 # Install and Setup
@@ -241,4 +241,11 @@ def set_user
 end
 ```
 
+## Devise integration
 
+If you have your ```ApplicationController``` as the trustee you will need to reverse this in devise that inherits the ```ApplicationController```.
+Add this to your devise initializer:
+
+``` Ruby
+DeviseController.trustee :off
+```

data/lib/trust.rb

@@ -34,6 +34,17 @@ require 'trust/controller'
 class ActionController::Base
   include Trust::Controller
 end
-class ActiveRecord::Base
-  include Trust::ActiveRecord
+if defined?(ActiveRecord)
+  class ActiveRecord::Base
+    include Trust::ActiveRecord
+  end
+end
+# always, as it may not exists yet
+module Mongoid
+  module Document
+    include Trust::ActiveRecord
+    def Document.included(base)
+      base.send(:extend,Trust::ActiveRecord::ClassMethods)
+    end
+  end
 end

data/lib/trust/version.rb

@@ -23,5 +23,5 @@
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 module Trust
-  VERSION = "0.5.1"
+  VERSION = "0.6.0"
 end

data/test/dummy/app/controllers/clients_controller.rb

@@ -37,8 +37,6 @@ class ClientsController < ApplicationController
   # GET /clients/1
   # GET /clients/1.json
   def show
-    @client = Client.find(params[:id])
-
     respond_to do |format|
       format.html # show.html.erb
       format.json { render json: @client }
@@ -48,24 +46,15 @@ class ClientsController < ApplicationController
   # GET /clients/new
   # GET /clients/new.json
   def new
-    @client = Client.new
-
     respond_to do |format|
       format.html # new.html.erb
       format.json { render json: @client }
     end
   end
 
-  # GET /clients/1/edit
-  def edit
-    @client = Client.find(params[:id])
-  end
-
   # POST /clients
   # POST /clients.json
   def create
-    @client = Client.new(params[:client])
-
     respond_to do |format|
       if @client.save
         format.html { redirect_to @client, notice: 'Client was successfully created.' }
@@ -80,8 +69,6 @@ class ClientsController < ApplicationController
   # PUT /clients/1
   # PUT /clients/1.json
   def update
-    @client = Client.find(params[:id])
-
     respond_to do |format|
       if @client.update_attributes(params[:client])
         format.html { redirect_to @client, notice: 'Client was successfully updated.' }

data/test/dummy/app/controllers/mongo_accounts_controller.rb

@@ -0,0 +1,100 @@
+# Copyright (c) 2012 Bingo Entreprenøren AS
+# Copyright (c) 2012 Teknobingo Scandinavia AS
+# Copyright (c) 2012 Knut I. Stenmark
+# Copyright (c) 2012 Patrick Hanevold
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+class MongoAccountsController < ApplicationController
+
+  belongs_to :mongo_client
+
+  # GET /clients/1/accounts
+  # GET /clients/1/accounts.json
+  def index
+    @mongo_accounts = resource.relation.all
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: @mongo_accounts }
+    end
+  end
+
+  # GET /clients/1/accounts/1
+  # GET /clients/1/accounts/1.json
+  def show
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render json: @mongo_account }
+    end
+  end
+
+  # GET /clients/1/accounts/new
+  # GET /clients/1/accounts/new.json
+  def new
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render json: @mongo_account }
+    end
+  end
+
+  # GET /clients/1/accounts/1/edit
+  def edit
+  end
+
+  # POST /clients/1/accounts
+  # POST /clients/1/accounts.json
+  def create
+    respond_to do |format|
+      if @mongo_account.save
+        format.html { redirect_to mongo_client_mongo_account_path(@mongo_account.mongo_client,@mongo_account), notice: 'Account was successfully created.' }
+        format.json { render json: @mongo_account, status: :created, location: @mongo_account }
+      else
+        format.html { render action: "new" }
+        format.json { render json: @mongo_account.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PUT /clients/1/accounts/1
+  # PUT /clients/1/accounts/1.json
+  def update
+    respond_to do |format|
+      if @mongo_account.update_attributes(params[:mongo_account])
+        format.html { redirect_to mongo_client_mongo_account_path(@mongo_account), notice: 'Account was successfully updated.' }
+        format.json { head :no_content }
+      else
+        format.html { render action: "edit" }
+        format.json { render json: @mongo_account.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /clients/1/accounts/1
+  # DELETE /clients/1/accounts/1.json
+  def destroy
+    @mongo_account.destroy
+
+    respond_to do |format|
+      format.html { redirect_to mongo_client_mongo_accounts_url }
+      format.json { head :no_content }
+    end
+  end
+end

data/test/dummy/app/controllers/mongo_clients_controller.rb

@@ -0,0 +1,94 @@
+# Copyright (c) 2012 Bingo Entreprenøren AS
+# Copyright (c) 2012 Teknobingo Scandinavia AS
+# Copyright (c) 2012 Knut I. Stenmark
+# Copyright (c) 2012 Patrick Hanevold
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+class MongoClientsController < ApplicationController
+  # GET /clients
+  # GET /clients.json
+  def index
+    @mongo_clients = MongoClient.all
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: @mongo_clients }
+    end
+  end
+
+  # GET /clients/1
+  # GET /clients/1.json
+  def show
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render json: @mongo_client }
+    end
+  end
+
+  # GET /clients/new
+  # GET /clients/new.json
+  def new
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render json: @mongo_client }
+    end
+  end
+
+  # POST /clients
+  # POST /clients.json
+  def create
+    respond_to do |format|
+      if @mongo_client.save
+        format.html { redirect_to @mongo_client, notice: 'MongoClient was successfully created.' }
+        format.json { render json: @mongo_client, status: :created, location: @client }
+      else
+        format.html { render action: "new" }
+        format.json { render json: @mongo_client.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PUT /clients/1
+  # PUT /clients/1.json
+  def update
+    respond_to do |format|
+      if @mongo_client.update_attributes(params[:mongo_client])
+        format.html { redirect_to @mongo_client, notice: 'Client was successfully updated.' }
+        format.json { head :no_content }
+      else
+        format.html { render action: "edit" }
+        format.json { render json: @mongo_client.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /clients/1
+  # DELETE /clients/1.json
+  def destroy
+    @mongo_client = MongoClient.find(params[:id])
+    @mongo_client.destroy
+
+    respond_to do |format|
+      format.html { redirect_to mongo_clients_url }
+      format.json { head :no_content }
+    end
+  end
+end

data/test/dummy/app/models/mongo_account.rb

@@ -0,0 +1,42 @@
+# Copyright (c) 2012 Bingo Entreprenøren AS
+# Copyright (c) 2012 Teknobingo Scandinavia AS
+# Copyright (c) 2012 Knut I. Stenmark
+# Copyright (c) 2012 Patrick Hanevold
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+class MongoAccount
+  include Mongoid::Document
+
+  belongs_to :mongo_client
+  field :name,          type: String
+  field :client_id,     type: Integer
+  field :created_by_id, type: Integer
+
+  before_create :set_owner
+
+  def set_owner
+    self.created_by_id = User.current.id
+  end
+
+  def created_by
+    User.find_by_id(self.created_by_id)
+  end
+end

data/test/dummy/app/models/mongo_client.rb

@@ -0,0 +1,41 @@
+# Copyright (c) 2012 Bingo Entreprenøren AS
+# Copyright (c) 2012 Teknobingo Scandinavia AS
+# Copyright (c) 2012 Knut I. Stenmark
+# Copyright (c) 2012 Patrick Hanevold
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+class MongoClient
+  include Mongoid::Document
+
+  has_many :mongo_accounts
+  field :name,          type: String
+  field :accountant_id, type: Integer
+
+  before_create :set_accountant
+
+  def set_accountant
+    self.accountant_id = User.current.id
+  end
+
+  def accountant
+    User.find_by_id(self.accountant_id)
+  end
+end

data/test/dummy/app/models/permissions.rb

@@ -42,6 +42,9 @@ module Permissions
     role :accountant, can(:manage)
     role all, can(:read)
   end
+
+  class MongoClient < Client
+  end
   
   class Account < Default
     role :accountant do
@@ -57,6 +60,20 @@ module Permissions
     end
   end
 
+  class MongoAccount < Default
+    role :accountant do
+      can :create, :if => :associated_with_client?
+      can :update, :if => :creator?
+    end
+    role :department_manager, :accountant do
+      can :create, :if => lambda { parent && parent.accountant == :superspecial }
+    end
+    
+    def associated_with_client?
+      parent && parent.is_a?(::MongoClient) && parent.accountant == user.name
+    end
+  end
+
   class Account::Credit < Account
     role :guest do
       can :create, :if => lambda { user.name == 'wife'}

data/test/dummy/app/views/mongo_accounts/_form.html.erb

@@ -0,0 +1,46 @@
+<%
+# Copyright (c) 2012 Bingo Entreprenøren AS
+# Copyright (c) 2012 Teknobingo Scandinavia AS
+# Copyright (c) 2012 Knut I. Stenmark
+# Copyright (c) 2012 Patrick Hanevold
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+%>
+<%= form_for(@mongo_account, :url => mongo_client_mongo_accounts_path(@mongo_client)) do |f| %>
+  <% if @mongo_account.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@mongo_account.errors.count, "error") %> prohibited this account from being saved:</h2>
+
+      <ul>
+      <% @mongo_account.errors.full_messages.each do |msg| %>
+        <li><%= msg %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <%= f.label :name %><br />
+    <%= f.text_field :name %>
+  </div>
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>