access-granted 1.3.0 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +23 -1
- data/access-granted.gemspec +1 -1
- data/lib/access-granted/exceptions.rb +7 -1
- data/lib/access-granted/policy.rb +1 -1
- data/spec/controller_methods_spec.rb +5 -1
- data/spec/policy_spec.rb +5 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7691e3b04d61e828a960869add4c89b2fcbbb0ff61449ae9a722f1170c776775
|
|
4
|
+
data.tar.gz: 3d802b85887e1e23027819cf14b2bd4ebb9d9bc4aef62f294bd8dedc1dc98457
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 929211bc395469276092ed2303d5d4bf117161e9df3602cfea3d4caf67ea29516fca0473eb24e8e5326921d042ab8d534eef7a27e9ccdd727b29fd129f7cc622
|
|
7
|
+
data.tar.gz: d60b8f9c3824c28952daf0a84ee4bd534ec44cc7ef6f183949eb83538b015b2a80b155ee8f91ba6484d620041c2143a4ca9ce7d46c7ef71280b56f25d744821d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
# 1.3.1
|
|
2
|
+
|
|
3
|
+
- Add information about action and subject when raising AccessDenied exception ([PR #45](https://github.com/chaps-io/access-granted/pull/46)), thanks [jraqula](https://github.com/jraqula)!
|
|
4
|
+
|
|
1
5
|
# 1.3.0
|
|
2
6
|
|
|
3
7
|
- Drop support for Ruby 1.9.3, it might still work but we are no longer testing against it.
|
data/README.md
CHANGED
|
@@ -19,7 +19,9 @@ Run the bundle command to install it. Then run the generator:
|
|
|
19
19
|
|
|
20
20
|
Add the `policies` (and `roles` if you're using it to split up your roles into files) directories to your autoload paths in `application.rb`:
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
```ruby
|
|
23
|
+
config.autoload_paths += %W(#{config.root}/app/policies #{config.root}/app/roles)
|
|
24
|
+
```
|
|
23
25
|
|
|
24
26
|
### Supported Ruby versions
|
|
25
27
|
|
|
@@ -210,6 +212,26 @@ class ApplicationController < ActionController::Base
|
|
|
210
212
|
end
|
|
211
213
|
```
|
|
212
214
|
|
|
215
|
+
You can also extract the action and subject which raised the error,
|
|
216
|
+
if you want to handle authorization errors differently for some cases:
|
|
217
|
+
```ruby
|
|
218
|
+
rescue_from "AccessGranted::AccessDenied" do |exception|
|
|
219
|
+
status = case exception.action
|
|
220
|
+
when :read # invocation like `authorize! :read, @something`
|
|
221
|
+
403
|
|
222
|
+
else
|
|
223
|
+
404
|
|
224
|
+
end
|
|
225
|
+
|
|
226
|
+
body = case exception.subject
|
|
227
|
+
when Post # invocation like `authorize! @some_action, Post`
|
|
228
|
+
"failed to access a post"
|
|
229
|
+
else
|
|
230
|
+
"failed to access something else"
|
|
231
|
+
end
|
|
232
|
+
end
|
|
233
|
+
```
|
|
234
|
+
|
|
213
235
|
#### Checking permissions in controllers
|
|
214
236
|
|
|
215
237
|
To check if the user has a permission to perform an action, use the `can?` and `cannot?` methods.
|
data/access-granted.gemspec
CHANGED
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "access-granted"
|
|
7
|
-
spec.version = "1.3.
|
|
7
|
+
spec.version = "1.3.1"
|
|
8
8
|
spec.authors = ["Piotrek Okoński"]
|
|
9
9
|
spec.email = ["piotrek@okonski.org"]
|
|
10
10
|
spec.description = %q{Role based authorization gem}
|
|
@@ -3,5 +3,11 @@ module AccessGranted
|
|
|
3
3
|
|
|
4
4
|
class DuplicatePermission < Error; end;
|
|
5
5
|
class DuplicateRole < Error; end;
|
|
6
|
-
class AccessDenied < Error
|
|
6
|
+
class AccessDenied < Error
|
|
7
|
+
attr_reader :action, :subject
|
|
8
|
+
def initialize(action = nil, subject = nil)
|
|
9
|
+
@action = action
|
|
10
|
+
@subject = subject
|
|
11
|
+
end
|
|
12
|
+
end
|
|
7
13
|
end
|
|
@@ -21,7 +21,11 @@ describe AccessGranted::Rails::ControllerMethods do
|
|
|
21
21
|
|
|
22
22
|
describe "#authorize!" do
|
|
23
23
|
it "raises exception when authorization fails" do
|
|
24
|
-
expect { @controller.authorize!(:read, String) }.to raise_error
|
|
24
|
+
expect { @controller.authorize!(:read, String) }.to raise_error do |err|
|
|
25
|
+
expect(err).to be_a(AccessGranted::AccessDenied)
|
|
26
|
+
expect(err.action).to eq(:read)
|
|
27
|
+
expect(err.subject).to eq(String)
|
|
28
|
+
end
|
|
25
29
|
end
|
|
26
30
|
|
|
27
31
|
it "returns subject if authorization succeeds" do
|
data/spec/policy_spec.rb
CHANGED
|
@@ -136,7 +136,11 @@ describe AccessGranted::Policy do
|
|
|
136
136
|
end
|
|
137
137
|
|
|
138
138
|
it "raises AccessDenied if action is not allowed" do
|
|
139
|
-
expect { klass.new(@member).authorize!(:create, Integer) }.to raise_error
|
|
139
|
+
expect { klass.new(@member).authorize!(:create, Integer) }.to raise_error do |err|
|
|
140
|
+
expect(err).to be_a(AccessGranted::AccessDenied)
|
|
141
|
+
expect(err.action).to eq(:create)
|
|
142
|
+
expect(err.subject).to eq(Integer)
|
|
143
|
+
end
|
|
140
144
|
end
|
|
141
145
|
|
|
142
146
|
it "returns the subject if allowed" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: access-granted
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.
|
|
4
|
+
version: 1.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Piotrek Okoński
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-04-
|
|
11
|
+
date: 2018-04-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|