added strict param. Now you can check roles only that you set without super roles

Author: Александр Дмитриев

.gitignore

@@ -8,3 +8,4 @@ coverage/*
 log*/*
 .rbx/*
 .rspec
+*.swp

lib/rolify.rb

@@ -8,7 +8,7 @@
 module Rolify
   extend Configure
 
-  attr_accessor :role_cname, :adapter, :resource_adapter, :role_join_table_name, :role_table_name
+  attr_accessor :role_cname, :adapter, :resource_adapter, :role_join_table_name, :role_table_name, :strict_rolify
   @@resource_types = []
 
   def rolify(options = {})
@@ -31,6 +31,9 @@ def rolify(options = {})
 
     self.adapter = Rolify::Adapter::Base.create("role_adapter", self.role_cname, self.name)
     load_dynamic_methods if Rolify.dynamic_shortcuts
+
+    #use strict roles
+    self.strict_rolify = true if options[:strict]
   end
 
   def adapter
@@ -70,4 +73,5 @@ def role_class
   def self.resource_types
     @@resource_types
   end
+
 end

lib/rolify/adapters/active_record/role_adapter.rb

@@ -8,6 +8,16 @@ def where(relation, *args)
         relation.where(conditions, *values)
       end
 
+      def where_strict(relation, args)
+        resource = if args[:resource].is_a?(Class)
+                     {class: args[:resource].to_s, id: nil}
+                   else
+                     {class: args[:resource].class.name, id: args[:resource].id}
+                   end
+
+        relation.where(:name => args[:name], :resource_type => resource[:class], :resource_id => resource[:id])
+      end
+
       def find_or_create_by(role_name, resource_type = nil, resource_id = nil)
         role_class.where(:name => role_name, :resource_type => resource_type, :resource_id => resource_id).first_or_create
       end

lib/rolify/adapters/mongoid/role_adapter.rb

@@ -8,6 +8,16 @@ def where(relation, *args)
         relation.any_of(*conditions)
       end
 
+      def where_strict(relation, args)
+        resource = if args[:resource].is_a?(Class)
+                     {class: args[:resource].to_s, id: nil}
+                   else
+                     {class: args[:resource].class.name, id: args[:resource].id}
+                   end
+
+         self.role_class.where(:name => args[:name], :resource_type => resource[:class], :resource_id => resource[:id])
+      end
+
       def find_or_create_by(role_name, resource_type = nil, resource_id = nil)
         self.role_class.find_or_create_by(:name => role_name,
                                           :resource_type => resource_type,

lib/rolify/role.rb

@@ -23,6 +23,8 @@ def add_role(role_name, resource = nil)
     alias_method :grant, :add_role
 
     def has_role?(role_name, resource = nil)
+      return has_strict_role?(role_name, resource) if self.class.strict_rolify and resource
+
       if new_record?
         role_array = self.roles.detect { |r|
           r.name.to_s == role_name.to_s &&
@@ -38,6 +40,10 @@ def has_role?(role_name, resource = nil)
       role_array != []
     end
 
+    def has_strict_role?(role_name, resource)
+      self.class.adapter.where_strict(self.roles, name: role_name, resource: resource).any?
+    end
+
     def has_all_roles?(*args)
       args.each do |arg|
         if arg.is_a? Hash

spec/rolify/resource_spec.rb

@@ -528,11 +528,37 @@
     end
   end
 
+
   describe '.resource_types' do
 
     it 'include all models that call resourcify' do
       Rolify.resource_types.should include("HumanResource", "Forum", "Group",
                                           "Team", "Organization")
     end
   end
+
+
+  describe "#strict" do
+    context "strict user" do
+      before do
+        @strict_user = StrictUser.first
+        @strict_user.add_role(:forum, Forum.first)
+        @strict_user.add_role(:forum, Forum)
+      end
+
+      subject { Forum.first }
+
+      it "should return only strict forum" do
+        @strict_user.has_role?(:forum, Forum.first).should be true
+      end
+
+      it "should return false on strict another forum" do
+        @strict_user.has_role?(:forum, Forum.last).should be false
+      end
+
+      it "should return true if user has role on Forum model" do
+        @strict_user.has_role?(:forum, Forum).should be true
+      end
+    end
+  end
 end

spec/support/adapters/active_record.rb

@@ -18,6 +18,11 @@ class Role < ActiveRecord::Base
   extend Rolify::Adapter::Scopes
 end
 
+# Strict user and role classes
+class StrictUser < ActiveRecord::Base
+  rolify strict: true
+end
+
 # Resourcifed and rolifed at the same time
 class HumanResource < ActiveRecord::Base
   resourcify :resources

spec/support/adapters/mongoid.rb

@@ -18,6 +18,14 @@ class User
   field :login, :type => String
 end
 
+# Standard user and role classes
+class StrictUser
+  include Mongoid::Document
+  rolify strict: true
+
+  field :login, :type => String
+end
+
 class Role
   include Mongoid::Document
   has_and_belongs_to_many :users
@@ -148,4 +156,4 @@ class Organization
 
 class Company < Organization
 
-end
+end

spec/support/data.rb

@@ -1,7 +1,7 @@
 # Users
-[ User, Customer, Admin::Moderator ].each do |user|
+[ User, Customer, Admin::Moderator, StrictUser ].each do |user|
   user.destroy_all
-  
+
   user.create(:login => "admin")
   user.create(:login => "moderator")
   user.create(:login => "god")

spec/support/schema.rb

@@ -10,7 +10,7 @@
     end
   end
 
-  [ :users, :human_resources, :customers, :admin_moderators ].each do |table|
+  [ :users, :human_resources, :customers, :admin_moderators, :strict_users ].each do |table|
     create_table(table) do |t|
       t.string :login
     end
@@ -21,6 +21,11 @@
     t.references :role
   end
 
+  create_table(:strict_users_roles, :id => false) do |t|
+    t.references :strict_user
+    t.references :role
+  end
+
   create_table(:human_resources_roles, :id => false) do |t|
     t.references :human_resource
     t.references :role