Skip to content

Commit

Permalink
add can_grant_permissions_to relations from object to subject
Browse files Browse the repository at this point in the history
  • Loading branch information
@Floppy
Floppy committed Aug 29, 2024
1 parent 1412918 commit 866d43d
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 0 deletions.
19 changes: 19 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,25 @@ user.permitted_documents.with_permission ["viewer", "editor"]
```

The inverse relationship is also possible by specifying `can_grant_permissions_to` on objects:

```
class Document < ApplicationRecord
include Caber::Object
can_grant_permissions_to User
end
document.permitted_users
# => all users with any permission
document.permitted_users.with_permission "viewer"
# => all users with viewer permission
document.permitted_users.with_permission ["viewer", "editor"]
# => all users with viewer or editor permission
```

## Development

After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests.
Expand Down
5 changes: 5 additions & 0 deletions app/models/concerns/caber/object.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,12 @@ module Caber::Object
extend ActiveSupport::Concern

included do
has_many :caber_relations, as: :object, class_name: "Caber::Relation"
scope :with_permission, ->(permission) { where("caber_relations.permission": permission) }

def self.can_grant_permissions_to(model)
has_many :"permitted_#{model.name.pluralize.parameterize}", through: :caber_relations, source: :subject, source_type: model.name
end
end

def grant_permission_to(permission, subject)
Expand Down
1 change: 1 addition & 0 deletions app/models/concerns/caber/subject.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ module Caber::Subject

included do
has_many :caber_relations, as: :subject, class_name: "Caber::Relation"
scope :with_permission, ->(permission) { where("caber_relations.permission": permission) }

def self.can_have_permissions_on(model)
has_many :"permitted_#{model.name.pluralize.parameterize}", through: :caber_relations, source: :object, source_type: model.name
Expand Down
2 changes: 2 additions & 0 deletions spec/dummy/app/models/document.rb
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
class Document < ApplicationRecord
include Caber::Object

can_grant_permissions_to User
end
12 changes: 12 additions & 0 deletions spec/models/caber/relation_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,14 @@
it "gives Alice a list of objects she can view" do
expect(alice.permitted_documents.with_permission("viewer")).to include object
end

it "includes Alice in a list of permitted users for the object" do
expect(object.permitted_users).to include alice
end

it "includes Alice in a list of users with viewer permission for the object" do
expect(object.permitted_users.with_permission("viewer")).to include alice
end
end

context "with multiple objects" do
Expand Down Expand Up @@ -75,6 +83,10 @@
it "gives Alice a list of objects she can view or own" do
expect(alice.permitted_documents.with_permission(["viewer", "owner"])).to include object
end

it "includes Alice in a list of users with viewer or owner permission for the object" do
expect(object.permitted_users.with_permission(["viewer", "owner"])).to include alice
end
end

context "when anyone can view a object" do
Expand Down

0 comments on commit 866d43d

Please sign in to comment.