accessible_for 0.3.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.markdown +4 -4
- data/lib/accessible_for.rb +7 -10
- data/lib/mass_assignment_backport.rb +1 -1
- data/test/accessible_for_test.rb +2 -2
- metadata +2 -2
data/README.markdown
CHANGED
|
@@ -37,11 +37,11 @@ accessible_for API (to avoid name conflicts).
|
|
|
37
37
|
# and specify a single value instead of an array
|
|
38
38
|
accessible_for :manager => :promotion
|
|
39
39
|
|
|
40
|
-
# If that's not DRY enough can compose access lists from other roles
|
|
41
|
-
# using the class method
|
|
40
|
+
# If that's not DRY enough you can compose access lists from other roles
|
|
41
|
+
# using the class method accessible_by
|
|
42
42
|
accessible_for :common => [ :filling, :topping ]
|
|
43
|
-
accessible_for :customer =>
|
|
44
|
-
accessible_for :manager =>
|
|
43
|
+
accessible_for :customer => accessible_by(:common) + [ :rating ]
|
|
44
|
+
accessible_for :manager => accessible_by(:common) + [ :price, :promotion ]
|
|
45
45
|
|
|
46
46
|
def update
|
|
47
47
|
Taco.find(params[:id]).update_attributes!(taco_params)
|
data/lib/accessible_for.rb
CHANGED
|
@@ -1,37 +1,34 @@
|
|
|
1
1
|
require 'mass_assignment_backport'
|
|
2
2
|
|
|
3
3
|
module AccessibleFor
|
|
4
|
-
VERSION = "0.
|
|
4
|
+
VERSION = "0.4.0"
|
|
5
5
|
|
|
6
6
|
def self.included(mod)
|
|
7
7
|
mod.extend ClassMethods
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
module ClassMethods
|
|
11
|
-
attr_accessor :
|
|
11
|
+
attr_accessor :_accessible_by
|
|
12
12
|
|
|
13
13
|
def accessible_for params
|
|
14
14
|
params.each do |role, attrs|
|
|
15
|
-
self.
|
|
15
|
+
self._accessible_by ||= {}
|
|
16
16
|
[role].flatten.each do |name|
|
|
17
|
-
self.
|
|
17
|
+
self._accessible_by[name] = accessible_by(name) + [attrs].flatten
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
end
|
|
21
21
|
|
|
22
|
-
def
|
|
23
|
-
|
|
22
|
+
def accessible_by role
|
|
23
|
+
_accessible_by && _accessible_by[role] || []
|
|
24
24
|
end
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sanitize_for role, values
|
|
28
28
|
return nil if values.nil?
|
|
29
|
-
if !self.class._accessible_attributes || self.class._accessible_attributes[role].nil?
|
|
30
|
-
return {}
|
|
31
|
-
end
|
|
32
29
|
result = block_given? ? nil : {}
|
|
33
30
|
values.each do |k, v|
|
|
34
|
-
if self.class.
|
|
31
|
+
if self.class.accessible_by(role).include?(k.to_sym)
|
|
35
32
|
if block_given?
|
|
36
33
|
yield k, v
|
|
37
34
|
else
|
data/test/accessible_for_test.rb
CHANGED
|
@@ -3,7 +3,7 @@ require 'accessible_for'
|
|
|
3
3
|
class AccessibleForTest < MiniTest::Unit::TestCase
|
|
4
4
|
include AccessibleFor
|
|
5
5
|
accessible_for :default => :topping
|
|
6
|
-
accessible_for :manager =>
|
|
6
|
+
accessible_for :manager => accessible_by(:default) + [:price]
|
|
7
7
|
|
|
8
8
|
def test_nil_params
|
|
9
9
|
assert_nil sanitize_for(:default, nil)
|
|
@@ -33,7 +33,7 @@ class AccessibleForTest < MiniTest::Unit::TestCase
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
class UnspecifiedTest
|
|
36
|
-
include
|
|
36
|
+
include AccessibleFor
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def test_unspecified_strips_values
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: accessible_for
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-03-
|
|
12
|
+
date: 2012-03-08 00:00:00.000000000Z
|
|
13
13
|
dependencies: []
|
|
14
14
|
description: ! " This is a simple mass-assignment security module loosely based
|
|
15
15
|
on\n ActiveModel::MassAssignmentSecurity. It attempts to steal the good ideas\n
|