access-granted 1.3.0 → 1.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +23 -1
- data/access-granted.gemspec +1 -1
- data/lib/access-granted/exceptions.rb +7 -1
- data/lib/access-granted/policy.rb +1 -1
- data/spec/controller_methods_spec.rb +5 -1
- data/spec/policy_spec.rb +5 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7691e3b04d61e828a960869add4c89b2fcbbb0ff61449ae9a722f1170c776775
|
|
4
|
+
data.tar.gz: 3d802b85887e1e23027819cf14b2bd4ebb9d9bc4aef62f294bd8dedc1dc98457
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 929211bc395469276092ed2303d5d4bf117161e9df3602cfea3d4caf67ea29516fca0473eb24e8e5326921d042ab8d534eef7a27e9ccdd727b29fd129f7cc622
|
|
7
|
+
data.tar.gz: d60b8f9c3824c28952daf0a84ee4bd534ec44cc7ef6f183949eb83538b015b2a80b155ee8f91ba6484d620041c2143a4ca9ce7d46c7ef71280b56f25d744821d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
# 1.3.1
|
|
2
|
+
|
|
3
|
+
- Add information about action and subject when raising AccessDenied exception ([PR #45](https://github.com/chaps-io/access-granted/pull/46)), thanks [jraqula](https://github.com/jraqula)!
|
|
4
|
+
|
|
1
5
|
# 1.3.0
|
|
2
6
|
|
|
3
7
|
- Drop support for Ruby 1.9.3, it might still work but we are no longer testing against it.
|
data/README.md
CHANGED
|
@@ -19,7 +19,9 @@ Run the bundle command to install it. Then run the generator:
|
|
|
19
19
|
|
|
20
20
|
Add the `policies` (and `roles` if you're using it to split up your roles into files) directories to your autoload paths in `application.rb`:
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
```ruby
|
|
23
|
+
config.autoload_paths += %W(#{config.root}/app/policies #{config.root}/app/roles)
|
|
24
|
+
```
|
|
23
25
|
|
|
24
26
|
### Supported Ruby versions
|
|
25
27
|
|
|
@@ -210,6 +212,26 @@ class ApplicationController < ActionController::Base
|
|
|
210
212
|
end
|
|
211
213
|
```
|
|
212
214
|
|
|
215
|
+
You can also extract the action and subject which raised the error,
|
|
216
|
+
if you want to handle authorization errors differently for some cases:
|
|
217
|
+
```ruby
|
|
218
|
+
rescue_from "AccessGranted::AccessDenied" do |exception|
|
|
219
|
+
status = case exception.action
|
|
220
|
+
when :read # invocation like `authorize! :read, @something`
|
|
221
|
+
403
|
|
222
|
+
else
|
|
223
|
+
404
|
|
224
|
+
end
|
|
225
|
+
|
|
226
|
+
body = case exception.subject
|
|
227
|
+
when Post # invocation like `authorize! @some_action, Post`
|
|
228
|
+
"failed to access a post"
|
|
229
|
+
else
|
|
230
|
+
"failed to access something else"
|
|
231
|
+
end
|
|
232
|
+
end
|
|
233
|
+
```
|
|
234
|
+
|
|
213
235
|
#### Checking permissions in controllers
|
|
214
236
|
|
|
215
237
|
To check if the user has a permission to perform an action, use the `can?` and `cannot?` methods.
|
data/access-granted.gemspec
CHANGED
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "access-granted"
|
|
7
|
-
spec.version = "1.3.
|
|
7
|
+
spec.version = "1.3.1"
|
|
8
8
|
spec.authors = ["Piotrek Okoński"]
|
|
9
9
|
spec.email = ["piotrek@okonski.org"]
|
|
10
10
|
spec.description = %q{Role based authorization gem}
|
|
@@ -3,5 +3,11 @@ module AccessGranted
|
|
|
3
3
|
|
|
4
4
|
class DuplicatePermission < Error; end;
|
|
5
5
|
class DuplicateRole < Error; end;
|
|
6
|
-
class AccessDenied < Error
|
|
6
|
+
class AccessDenied < Error
|
|
7
|
+
attr_reader :action, :subject
|
|
8
|
+
def initialize(action = nil, subject = nil)
|
|
9
|
+
@action = action
|
|
10
|
+
@subject = subject
|
|
11
|
+
end
|
|
12
|
+
end
|
|
7
13
|
end
|
|
@@ -21,7 +21,11 @@ describe AccessGranted::Rails::ControllerMethods do
|
|
|
21
21
|
|
|
22
22
|
describe "#authorize!" do
|
|
23
23
|
it "raises exception when authorization fails" do
|
|
24
|
-
expect { @controller.authorize!(:read, String) }.to raise_error
|
|
24
|
+
expect { @controller.authorize!(:read, String) }.to raise_error do |err|
|
|
25
|
+
expect(err).to be_a(AccessGranted::AccessDenied)
|
|
26
|
+
expect(err.action).to eq(:read)
|
|
27
|
+
expect(err.subject).to eq(String)
|
|
28
|
+
end
|
|
25
29
|
end
|
|
26
30
|
|
|
27
31
|
it "returns subject if authorization succeeds" do
|
data/spec/policy_spec.rb
CHANGED
|
@@ -136,7 +136,11 @@ describe AccessGranted::Policy do
|
|
|
136
136
|
end
|
|
137
137
|
|
|
138
138
|
it "raises AccessDenied if action is not allowed" do
|
|
139
|
-
expect { klass.new(@member).authorize!(:create, Integer) }.to raise_error
|
|
139
|
+
expect { klass.new(@member).authorize!(:create, Integer) }.to raise_error do |err|
|
|
140
|
+
expect(err).to be_a(AccessGranted::AccessDenied)
|
|
141
|
+
expect(err.action).to eq(:create)
|
|
142
|
+
expect(err.subject).to eq(Integer)
|
|
143
|
+
end
|
|
140
144
|
end
|
|
141
145
|
|
|
142
146
|
it "returns the subject if allowed" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: access-granted
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.
|
|
4
|
+
version: 1.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Piotrek Okoński
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-04-
|
|
11
|
+
date: 2018-04-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|