0
@@ -1,6 +1,5 @@
0
 TO DO
0
 + Added namespacing to @options instance variable to prevent possible name clashes
0
-+ Add generator for role.rb model and migration
0
 + Add test generator instead of handling tests in test apps
0
 + Add support for groups
0
 + Extend coverage to models. Look at Bruce Perens's ModelSecurity and access with_scope
0
@@ -8,6 +7,11 @@ TO DO
0
 
0
 CHANGES (from most recent to oldest)
0
 
0
+* Add generator for role model and migration, e.g., "script/generate role_model Role".
0
+  Role model must be called "Role" at this time. More general naming as a TO DO.
0
+
0
+* Removed simple_roles_table to simplify plugin.
0
+
0
 * Moved all files in Authorization namespace into /publishare subdirectory
0
   to reduce danger of clashes in load path [nod to Michael Schuerig].
0
 

0
@@ -12,7 +12,7 @@ will play nicely with them as long as some simple requirements are met:
0
 
0
 1. User objects are available that implement a <tt>has_role?(role, authorizable_object = nil)</tt> method. This requirement can be easily handled by using <tt>acts_as_authorized_user</tt> in the User-like class.
0
    
0
-2. If you want to use "role of :model" authorization expressions, like "owner of :resource" or "eligible for :award", then your models with roles must implement an <tt>accepts_role?(role, user)</tt> method. This requirement can be handled by using <tt>acts_as_authorizable</tt> in the model class.
0
+2. If you want to use "role of model" authorization expressions, like "owner of resource" or "eligible for :award", then your models with roles must implement an <tt>accepts_role?(role, user)</tt> method. This requirement can be handled by using <tt>acts_as_authorizable</tt> in the model class.
0
    
0
 The authorization plugin provides the following:
0
 * A simple way of checking authorization at either the class or instance method level using #permit and #permit?
0
@@ -98,7 +98,7 @@ in Authorization::Base::Parser.
0
 
0
 * If a specified role has no "of <model>" designation, we assume it is a user role (i.e., the model is the user-like object). 
0
 * If an "of model" designation is given but no "model" key/value is supplied in the hash, we check if an instance variable @model if it's available.
0
-* If the model has no preceding colon, we assume it's a class and query <tt>Model#self.accepts_role?</tt> (the class method) for the permission. (Currently only available in ObjectRolesTable mixin.)
0
+* If the model is capitalized, we assume it's a class and query <tt>Model#self.accepts_role?</tt> (the class method) for the permission. (Currently only available in ObjectRolesTable mixin.)
0
 
0
 For each role, a query is sent to the appropriate model object.
0
 
0
@@ -236,15 +236,15 @@ constant DEFAULT_REDIRECTION_HASH in authorization.rb and can be overriden in yo
0
 
0
 === Conventions
0
 
0
-Roles specified without the "of :model" designation:
0
+Roles specified without the "of model" designation:
0
 
0
 1. We see if there is a <tt>current_user</tt> method available that will return a user object. This method can be overridden with the <tt>:user</tt> hash.
0
 2. Once a user object is determined, we pass the role to <tt>user.has_role?</tt> and expect a true return value if the user has the given role.
0
 
0
-Roles specified with "of :model" designation:
0
+Roles specified with "of model" designation:
0
 
0
-1. We attempt to query an object in the options hash that has a matching key. Example: <tt>permit "knight for :justice", :justice => @abstract_idea</tt>
0
-2. If there is no object with a matching key, we see if there's a matching instance variable. Example: @meeting defined before we use <tt>permit "moderator of :meeting"</tt>
0
+1. We attempt to query an object in the options hash that has a matching key. Example: <tt>permit "knight for justice", :justice => @abstract_idea</tt>
0
+2. If there is no object with a matching key, we see if there's a matching instance variable. Example: @meeting defined before we use <tt>permit "moderator of meeting"</tt>
0
 3. Once the model object is determined, we pass the role and user (determined in the manner above) to <tt>model.accepts_role?</tt>
0
 
0
 === More information

0
@@ -20,16 +20,8 @@ case AUTHORIZATION_MIXIN
0
       Authorization::HardwiredRoles::UserExtensions, 
0
       Authorization::HardwiredRoles::ModelExtensions 
0
     )
0
-  when "simple roles"
0
-    require File.dirname(__FILE__) + '/lib/publishare/simple_roles_table'
0
-    require File.dirname(__FILE__) + '/lib/publishare/role.rb'
0
-    ActiveRecord::Base.send( :include, 
0
-      Authorization::SimpleRolesTable::UserExtensions, 
0
-      Authorization::SimpleRolesTable::ModelExtensions 
0
-    )
0
   when "object roles"
0
     require File.dirname(__FILE__) + '/lib/publishare/object_roles_table'
0
-    require File.dirname(__FILE__) + '/lib/publishare/role.rb'
0
     ActiveRecord::Base.send( :include, 
0
       Authorization::ObjectRolesTable::UserExtensions, 
0
       Authorization::ObjectRolesTable::ModelExtensions

0
@@ -1,26 +1,6 @@
0
 require File.dirname(__FILE__) + '/exceptions'
0
 require File.dirname(__FILE__) + '/identity'
0
 
0
-# In order to use this mixin, you'll need the following:
0
-# 1. A Role class with proper associations (habtm to User-like class)
0
-# 2. Database tables that support the roles. A sample migration is
0
-#    supplied below
0
-#
0
-# create_table "roles_users", :id => false, :force => true  do |t|
0
-#   t.column :user_id,          :integer
0
-#   t.column :role_id,          :integer
0
-#   t.column :created_at,       :datetime
0
-#   t.column :updated_at,       :datetime
0
-# end
0
-# 
0
-# create_table "roles", :force => true do |t|
0
-#   t.column :name,               :string, :limit => 40
0
-#   t.column :authorizable_type,  :string, :limit => 30
0
-#   t.column :authorizable_id,    :integer
0
-#   t.column :created_at,         :datetime
0
-#   t.column :updated_at,         :datetime
0
-# end
0
- 
0
 module Authorization
0
   module ObjectRolesTable
0