From 166b2e29bb139708fc1a1d4d821c4daebbe925e1 Mon Sep 17 00:00:00 2001
From: Kosuke Tanabe <nabeta@fastmail.fm>
Date: Tue, 20 Jan 2015 18:59:26 +0900
Subject: [PATCH 1/2] added policy file

---
 .../inter_library_loans_controller.rb         | 16 ++++++--
 app/models/enju_inter_library_loan/ability.rb | 14 -------
 app/policies/inter_library_loan_policy.rb     | 10 ++++-
 enju_inter_library_loan.gemspec               | 10 +++--
 .../inter_library_loans_controller_spec.rb    | 12 +++---
 .../app/controllers/application_controller.rb |  1 +
 spec/dummy/app/policies/admin_policy.rb       | 27 ------------
 spec/dummy/app/policies/application_policy.rb | 41 -------------------
 spec/dummy/config/initializers/resque.rb      |  3 ++
 9 files changed, 38 insertions(+), 96 deletions(-)
 delete mode 100644 app/models/enju_inter_library_loan/ability.rb
 delete mode 100644 spec/dummy/app/policies/admin_policy.rb
 delete mode 100644 spec/dummy/app/policies/application_policy.rb
 create mode 100644 spec/dummy/config/initializers/resque.rb

diff --git a/app/controllers/inter_library_loans_controller.rb b/app/controllers/inter_library_loans_controller.rb
index 3b7401c..7104171 100644
--- a/app/controllers/inter_library_loans_controller.rb
+++ b/app/controllers/inter_library_loans_controller.rb
@@ -1,7 +1,8 @@
 class InterLibraryLoansController < ApplicationController
-  load_and_authorize_resource
-  before_filter :get_item
-  before_filter :store_page, :only => :index
+  before_action :set_inter_library_loan, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :get_item
+  before_action :store_page, :only => :index
 
   # GET /inter_library_loans
   # GET /inter_library_loans.json
@@ -120,6 +121,15 @@ def destroy
   end
 
   private
+  def set_inter_library_loan
+    @inter_library_loan = InterLibraryLoan.find(params[:id])
+    authorize @inter_library_loan
+  end
+
+  def check_policy
+    authorize InterLibraryLoan
+  end
+
   def inter_library_loan_params
     params.require(:inter_library_loan).permit(:item_id, :borrowing_library_id)
   end
diff --git a/app/models/enju_inter_library_loan/ability.rb b/app/models/enju_inter_library_loan/ability.rb
deleted file mode 100644
index 047d5a5..0000000
--- a/app/models/enju_inter_library_loan/ability.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-module EnjuInterLibraryLoan
-  class Ability
-    include CanCan::Ability
-
-    def initialize(user, ip_address = nil)
-      case user.try(:role).try(:name)
-      when 'Administrator'
-        can :manage, InterLibraryLoan
-      when 'Librarian'
-        can :manage, InterLibraryLoan
-      end
-    end
-  end
-end
diff --git a/app/policies/inter_library_loan_policy.rb b/app/policies/inter_library_loan_policy.rb
index 07dc601..04ccc5e 100644
--- a/app/policies/inter_library_loan_policy.rb
+++ b/app/policies/inter_library_loan_policy.rb
@@ -1,4 +1,12 @@
-class InterLibraryLoanPolicy < AdminPolicy
+class InterLibraryLoanPolicy < ApplicationPolicy
+  def index?
+    user.try(:has_role?, 'Librarian')
+  end
+
+  def show?
+    user.try(:has_role?, 'Librarian')
+  end
+
   def create?
     user.try(:has_role?, 'Librarian')
   end
diff --git a/enju_inter_library_loan.gemspec b/enju_inter_library_loan.gemspec
index 6f9ef4d..25ecaf2 100644
--- a/enju_inter_library_loan.gemspec
+++ b/enju_inter_library_loan.gemspec
@@ -16,8 +16,8 @@ Gem::Specification.new do |s|
   s.files = Dir["{app,config,db,lib}/**/*"] + ["MIT-LICENSE", "Rakefile", "README.rdoc"]
   s.test_files = Dir["spec/**/*"] - Dir["spec/dummy/log/*"] - Dir["spec/dummy/solr/{data,pids,default,development,test}/*"] - Dir["spec/dummy/tmp/*"]
 
-  #s.add_dependency "enju_biblio", "~> 0.1.0.pre63"
-  #s.add_dependency "enju_library", "~> 0.1.0.pre39"
+  #s.add_dependency "enju_biblio", "~> 0.2.0.pre1"
+  #s.add_dependency "enju_library", "~> 0.2.0.pre1"
   s.add_dependency "statesman", "~> 1.1"
 
   s.add_development_dependency "sqlite3"
@@ -27,8 +27,10 @@ Gem::Specification.new do |s|
   s.add_development_dependency "factory_girl_rails"
   s.add_development_dependency "sunspot_solr", "~> 2.1"
   s.add_development_dependency "sunspot-rails-tester"
-  #s.add_development_dependency "enju_leaf", "~> 1.1.0.rc16"
-  #s.add_development_dependency "enju_circulation", "~> 0.1.0.pre41"
+  #s.add_development_dependency "enju_leaf", "~> 1.2.0.pre1"
+  #s.add_development_dependency "enju_circulation", "~> 0.2.0.pre1"
   s.add_development_dependency "simplecov"
   s.add_development_dependency "annotate"
+  s.add_development_dependency "redis-rails"
+  s.add_development_dependency "resque-scheduler", "~> 3.1"
 end
diff --git a/spec/controllers/inter_library_loans_controller_spec.rb b/spec/controllers/inter_library_loans_controller_spec.rb
index 1bd0c2d..aa74e41 100644
--- a/spec/controllers/inter_library_loans_controller_spec.rb
+++ b/spec/controllers/inter_library_loans_controller_spec.rb
@@ -33,16 +33,16 @@
         sign_in FactoryGirl.create(:user)
       end
 
-      it "assigns empty as @inter_library_loans" do
+      it "assigns nil as @inter_library_loans" do
         get :index
-        assigns(:inter_library_loans).should be_empty
+        assigns(:inter_library_loans).should be_nil
       end
     end
 
     describe "When not logged in" do
-      it "assigns empty as @inter_library_loans" do
+      it "assigns nil as @inter_library_loans" do
         get :index
-        assigns(:inter_library_loans).should be_empty
+        assigns(:inter_library_loans).should be_nil
       end
     end
   end
@@ -123,7 +123,7 @@
 
       it "should not assign the requested inter_library_loan as @inter_library_loan" do
         get :new
-        assigns(:inter_library_loan).should_not be_valid
+        assigns(:inter_library_loan).should be_nil
         response.should be_forbidden
       end
     end
@@ -131,7 +131,7 @@
     describe "When not logged in" do
       it "should not assign the requested inter_library_loan as @inter_library_loan" do
         get :new
-        assigns(:inter_library_loan).should_not be_valid
+        assigns(:inter_library_loan).should be_nil
         response.should redirect_to(new_user_session_url)
       end
     end
diff --git a/spec/dummy/app/controllers/application_controller.rb b/spec/dummy/app/controllers/application_controller.rb
index 638dec6..30f98dd 100644
--- a/spec/dummy/app/controllers/application_controller.rb
+++ b/spec/dummy/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::Base
+  include Pundit
   protect_from_forgery
 
   enju_leaf
diff --git a/spec/dummy/app/policies/admin_policy.rb b/spec/dummy/app/policies/admin_policy.rb
deleted file mode 100644
index 57a0ac7..0000000
--- a/spec/dummy/app/policies/admin_policy.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-class AdminPolicy < ApplicationPolicy
-  class Scope < Struct.new(:user, :scope)
-    def resolve
-      scope.all
-    end
-  end
-
-  def index?
-    user.try(:has_role?, 'Librarian')
-  end
-
-  def show?
-    user.try(:has_role?, 'Librarian')
-  end
-
-  def create?
-    false
-  end
-
-  def update?
-    user.try(:has_role?, 'Administrator')
-  end
-
-  def destroy?
-    false
-  end
-end
diff --git a/spec/dummy/app/policies/application_policy.rb b/spec/dummy/app/policies/application_policy.rb
deleted file mode 100644
index 21f1796..0000000
--- a/spec/dummy/app/policies/application_policy.rb
+++ /dev/null
@@ -1,41 +0,0 @@
-class ApplicationPolicy
-  attr_reader :user, :record
-
-  def initialize(user, record)
-    @user = user
-    @record = record
-  end
-
-  def index?
-    false
-  end
-
-  def show?
-    scope.where(:id => record.id).exists?
-  end
-
-  def create?
-    false
-  end
-
-  def new?
-    create?
-  end
-
-  def update?
-    false
-  end
-
-  def edit?
-    update?
-  end
-
-  def destroy?
-    false
-  end
-
-  def scope
-    Pundit.policy_scope!(user, record.class)
-  end
-end
-
diff --git a/spec/dummy/config/initializers/resque.rb b/spec/dummy/config/initializers/resque.rb
new file mode 100644
index 0000000..e70c3bd
--- /dev/null
+++ b/spec/dummy/config/initializers/resque.rb
@@ -0,0 +1,3 @@
+require 'resque/server'
+require 'resque/scheduler/server'
+Resque.after_fork = Proc.new { ActiveRecord::Base.establish_connection }

From 80d4b80ee9596dc1c9d88449ae9f21fc4e84941f Mon Sep 17 00:00:00 2001
From: Kosuke Tanabe <nabeta@fastmail.fm>
Date: Tue, 20 Jan 2015 19:13:03 +0900
Subject: [PATCH 2/2] replaced "can?" helper

---
 app/views/inter_library_loans/index.html.erb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/inter_library_loans/index.html.erb b/app/views/inter_library_loans/index.html.erb
index d6e06e1..1fa48d2 100644
--- a/app/views/inter_library_loans/index.html.erb
+++ b/app/views/inter_library_loans/index.html.erb
@@ -26,7 +26,7 @@
       <%= l(inter_library_loan.shipped_at) if inter_library_loan.shipped_at -%><br />
       <%= l(inter_library_loan.received_at) if inter_library_loan.received_at -%>
     </td>
-    <%- if can? :destroy, inter_library_loan -%>
+    <%- if policy(inter_library_loan).destroy? -%>
       <td>
         <%= link_to t('page.show'), inter_library_loan -%>
         <%= link_to t('page.edit'), edit_inter_library_loan_path(inter_library_loan) -%>
@@ -43,7 +43,7 @@
 
 <div id="submenu" class="ui-corner-all ui-widget-content">
   <ul>
-    <%- if can? :create, InterLibraryLoan -%>
+    <%- if policy(InterLibraryLoan).create? -%>
       <li><%= link_to t('page.new', :model => t('activerecord.models.inter_library_loan')), new_inter_library_loan_path -%></li>
     <%- end -%>
   </ul>