access-granted 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.travis.yml +3 -1
- data/CHANGELOG.md +8 -2
- data/README.md +11 -11
- data/access-granted.gemspec +1 -1
- data/benchmarks/README.md +14 -14
- data/lib/access-granted.rb +1 -11
- data/lib/access-granted/railtie.rb +19 -0
- data/spec/permission_spec.rb +2 -2
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 0ce9cfd4d0c980f5f3ba545fa4f2691897b80698fd6fe665c6b29ff226131774
|
|
4
|
+
data.tar.gz: 82802d1c59a69c201f5f9bfd73de5f17e82e47d8532ca22682a4cef140bada80
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7e050411bc42573ce3da74a78672974f4cf589e97c5c320a2774093a4c659bd95302f49796fa1f7ec785a36b93823684c4942b828de675fa24d696bc14a1fb89
|
|
7
|
+
data.tar.gz: '0119c97744988a5c1aea30e5e1e14606cbb53a78c448e2b57d94cc2d7ebcdc0b0ab5220ff7a2672e6c1d56a8ce710f58a20625e288e6d9a4bef069ca1acff56b'
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,9 +1,15 @@
|
|
|
1
|
+
# 1.3.0
|
|
2
|
+
|
|
3
|
+
- Drop support for Ruby 1.9.3, it might still work but we are no longer testing against it.
|
|
4
|
+
- Start testing against Rubies 2.3-2.5 in CI
|
|
5
|
+
- Move Rails integration into Railties, this fixes some load order issues ([PR #45](https://github.com/chaps-io/access-granted/pull/45)), thanks [jraqula](https://github.com/jraqula)!
|
|
6
|
+
|
|
1
7
|
# 1.2.0
|
|
2
8
|
|
|
3
9
|
- Cache whole blocks of identical permissions when one of them is checked.
|
|
4
10
|
For example, assuming we have a given permissions set:
|
|
5
11
|
|
|
6
|
-
```
|
|
12
|
+
```ruby
|
|
7
13
|
can [:update, :destroy, :archive], Post do |post, user|
|
|
8
14
|
post.user_id == user.id
|
|
9
15
|
end
|
|
@@ -11,7 +17,7 @@
|
|
|
11
17
|
|
|
12
18
|
When resolving one of them like this:
|
|
13
19
|
|
|
14
|
-
```
|
|
20
|
+
```ruby
|
|
15
21
|
can? :update, @post
|
|
16
22
|
```
|
|
17
23
|
|
data/README.md
CHANGED
|
@@ -31,26 +31,26 @@ AccessGranted is meant as a replacement for CanCan to solve major problems:
|
|
|
31
31
|
|
|
32
32
|
1. Performance
|
|
33
33
|
|
|
34
|
-
|
|
35
|
-
|
|
34
|
+
On average AccessGranted is **20 times faster** in resolving identical permissions and takes less memory.
|
|
35
|
+
See [benchmarks](https://github.com/chaps-io/access-granted/blob/master/benchmarks).
|
|
36
36
|
|
|
37
37
|
2. Roles
|
|
38
38
|
|
|
39
|
-
|
|
39
|
+
Adds support for roles, so no more `if`s and `else`s in your Policy file. This makes it extremely easy to maintain and read the code.
|
|
40
40
|
|
|
41
41
|
3. Whitelists
|
|
42
42
|
|
|
43
|
-
|
|
44
|
-
|
|
43
|
+
This means that you define what the user can do, which results in clean, readable policies regardless of application complexity.
|
|
44
|
+
You don't have to worry about juggling `can`s and `cannot`s in a very convoluted way!
|
|
45
45
|
|
|
46
|
-
|
|
46
|
+
_Note_: `cannot` is still available, but has a very specifc use. See [Usage](#usage) below.
|
|
47
47
|
|
|
48
48
|
4. Framework agnostic
|
|
49
49
|
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
50
|
+
Permissions can work on basically any object and AccessGranted is framework-agnostic,
|
|
51
|
+
but it has Rails support out of the box. :)
|
|
52
|
+
It does not depend on any libraries, pure and clean Ruby code. Guaranteed to always work,
|
|
53
|
+
even when software around changes.
|
|
54
54
|
|
|
55
55
|
## Usage
|
|
56
56
|
|
|
@@ -280,7 +280,7 @@ or with `cannot?`:
|
|
|
280
280
|
|
|
281
281
|
```ruby
|
|
282
282
|
policy.cannot?(:create, Post) #=> false
|
|
283
|
-
policy.cannot?(:update, @
|
|
283
|
+
policy.cannot?(:update, @post) #=> true
|
|
284
284
|
```
|
|
285
285
|
|
|
286
286
|
## Common examples
|
data/access-granted.gemspec
CHANGED
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "access-granted"
|
|
7
|
-
spec.version = "1.
|
|
7
|
+
spec.version = "1.3.0"
|
|
8
8
|
spec.authors = ["Piotrek Okoński"]
|
|
9
9
|
spec.email = ["piotrek@okonski.org"]
|
|
10
10
|
spec.description = %q{Role based authorization gem}
|
data/benchmarks/README.md
CHANGED
|
@@ -1,24 +1,24 @@
|
|
|
1
1
|
# Benchmark results
|
|
2
2
|
|
|
3
|
-
Benchmarks ran on Ubuntu
|
|
3
|
+
Benchmarks ran on Ubuntu 17.04 64bit, i7 6700k @ 4.0Ghz, 32 GB RAM with Ruby 2.3.
|
|
4
4
|
|
|
5
5
|
## permissions.rb
|
|
6
6
|
|
|
7
7
|
This benchmark runs `can?` method for the 3 user roles for 20 seconds each, for both CanCan and AccessGranted.
|
|
8
8
|
|
|
9
9
|
```
|
|
10
|
+
Warming up --------------------------------------
|
|
11
|
+
ag-admin 158.815k i/100ms
|
|
12
|
+
ag-moderator 161.055k i/100ms
|
|
13
|
+
ag-user 161.670k i/100ms
|
|
14
|
+
cancan-admin 14.865k i/100ms
|
|
15
|
+
cancan-moderator 13.181k i/100ms
|
|
16
|
+
cancan-user 18.907k i/100ms
|
|
10
17
|
Calculating -------------------------------------
|
|
11
|
-
ag-admin
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
cancan-user
|
|
17
|
-
-------------------------------------------------
|
|
18
|
-
ag-admin 283.174k (± 1.1%) i/s - 5.682M
|
|
19
|
-
cancan-admin 160.450k (± 1.0%) i/s - 3.217M
|
|
20
|
-
ag-moderator 301.290k (± 1.1%) i/s - 6.029M
|
|
21
|
-
cancan-moderator 134.591k (± 1.3%) i/s - 2.698M
|
|
22
|
-
ag-user 353.259k (± 0.9%) i/s - 7.086M
|
|
23
|
-
cancan-user 198.579k (± 1.6%) i/s - 3.979M
|
|
18
|
+
ag-admin 2.141M (± 3.9%) i/s - 10.799M in 5.052573s
|
|
19
|
+
ag-moderator 2.180M (± 2.1%) i/s - 10.952M in 5.025727s
|
|
20
|
+
ag-user 2.206M (± 0.4%) i/s - 11.155M in 5.056550s
|
|
21
|
+
cancan-admin 158.288k (± 2.4%) i/s - 802.710k in 5.074299s
|
|
22
|
+
cancan-moderator 142.573k (± 2.1%) i/s - 724.955k in 5.087277s
|
|
23
|
+
cancan-user 204.783k (± 2.2%) i/s - 1.040M in 5.080488s
|
|
24
24
|
```
|
data/lib/access-granted.rb
CHANGED
|
@@ -3,19 +3,9 @@ require "access-granted/policy"
|
|
|
3
3
|
require "access-granted/permission"
|
|
4
4
|
require "access-granted/role"
|
|
5
5
|
require "access-granted/rails/controller_methods"
|
|
6
|
+
require "access-granted/railtie" if defined?(Rails)
|
|
6
7
|
|
|
7
8
|
module AccessGranted
|
|
8
9
|
|
|
9
10
|
end
|
|
10
11
|
|
|
11
|
-
if defined? ActionController::Base
|
|
12
|
-
ActionController::Base.class_eval do
|
|
13
|
-
include AccessGranted::Rails::ControllerMethods
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
if defined? ActionController::API
|
|
18
|
-
ActionController::API.class_eval do
|
|
19
|
-
include AccessGranted::Rails::ControllerMethods
|
|
20
|
-
end
|
|
21
|
-
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'rails/railtie'
|
|
2
|
+
|
|
3
|
+
module AccessGranted
|
|
4
|
+
class Railtie < ::Rails::Railtie
|
|
5
|
+
initializer :access_granted do
|
|
6
|
+
if defined? ActionController::Base
|
|
7
|
+
ActionController::Base.class_eval do
|
|
8
|
+
include AccessGranted::Rails::ControllerMethods
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
if defined? ActionController::API
|
|
13
|
+
ActionController::API.class_eval do
|
|
14
|
+
include AccessGranted::Rails::ControllerMethods
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
data/spec/permission_spec.rb
CHANGED
|
@@ -7,13 +7,13 @@ describe AccessGranted::Permission do
|
|
|
7
7
|
|
|
8
8
|
it "matches proc conditions when true" do
|
|
9
9
|
sub = double("Element", published?: true)
|
|
10
|
-
perm = subject.new(true, :read, sub, nil, {}, proc {true})
|
|
10
|
+
perm = subject.new(true, :read, sub, nil, {}, [], proc {true})
|
|
11
11
|
expect(perm.matches_conditions?(sub)).to eq(true)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
it "does not match proc conditions false" do
|
|
15
15
|
sub = double("Element", published?: true)
|
|
16
|
-
perm = subject.new(true, :read, sub, nil, {}, proc {false})
|
|
16
|
+
perm = subject.new(true, :read, sub, nil, {}, [], proc {false})
|
|
17
17
|
expect(perm.matches_conditions?(sub)).to eq(false)
|
|
18
18
|
end
|
|
19
19
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: access-granted
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Piotrek Okoński
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-04-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -62,6 +62,7 @@ files:
|
|
|
62
62
|
- lib/access-granted/permission.rb
|
|
63
63
|
- lib/access-granted/policy.rb
|
|
64
64
|
- lib/access-granted/rails/controller_methods.rb
|
|
65
|
+
- lib/access-granted/railtie.rb
|
|
65
66
|
- lib/access-granted/role.rb
|
|
66
67
|
- lib/generators/access_granted/policy_generator.rb
|
|
67
68
|
- lib/generators/templates/access_policy.rb
|
|
@@ -90,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
90
91
|
version: '0'
|
|
91
92
|
requirements: []
|
|
92
93
|
rubyforge_project:
|
|
93
|
-
rubygems_version: 2.
|
|
94
|
+
rubygems_version: 2.7.6
|
|
94
95
|
signing_key:
|
|
95
96
|
specification_version: 4
|
|
96
97
|
summary: Elegant whitelist and role based authorization with ability to prioritize
|