active_admin_role 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +12 -0
- data/.rspec +2 -0
- data/.rubocop.yml +17 -0
- data/.ruby-style.yml +242 -0
- data/.travis.yml +5 -0
- data/Appraisals +12 -0
- data/Gemfile +24 -0
- data/LICENSE.txt +21 -0
- data/README.md +79 -0
- data/Rakefile +7 -0
- data/active_admin_role.gemspec +21 -0
- data/app/models/active_admin/managed_resource.rb +64 -0
- data/app/models/active_admin/permission.rb +59 -0
- data/config/locales/en.yml +40 -0
- data/config/locales/ja.yml +37 -0
- data/gemfiles/.bundle/config +2 -0
- data/gemfiles/rails42.gemfile +26 -0
- data/gemfiles/rails50.gemfile +27 -0
- data/lib/active_admin_role/active_admin/dsl.rb +24 -0
- data/lib/active_admin_role/active_admin/resource_controller.rb +21 -0
- data/lib/active_admin_role/can_can/ability.rb +15 -0
- data/lib/active_admin_role/config.rb +17 -0
- data/lib/active_admin_role/engine.rb +15 -0
- data/lib/active_admin_role/manageable_resource.rb +44 -0
- data/lib/active_admin_role/model.rb +7 -0
- data/lib/active_admin_role/role_based_authorizable.rb +45 -0
- data/lib/active_admin_role/version.rb +3 -0
- data/lib/active_admin_role.rb +21 -0
- data/lib/generators/active_admin_role/USAGE +9 -0
- data/lib/generators/active_admin_role/helper.rb +64 -0
- data/lib/generators/active_admin_role/install_generator.rb +54 -0
- data/lib/generators/active_admin_role/templates/admin/permission.rb +71 -0
- data/lib/generators/active_admin_role/templates/initializer.rb +18 -0
- data/lib/generators/active_admin_role/templates/migration/add_role_to_admin_users.rb +5 -0
- data/lib/generators/active_admin_role/templates/migration/create_active_admin_managed_resources.rb +13 -0
- data/lib/generators/active_admin_role/templates/migration/create_active_admin_permissions.rb +13 -0
- data/lib/generators/active_admin_role/templates/model/ability.rb +17 -0
- data/tasks/test.rake +10 -0
- metadata +110 -0
@@ -0,0 +1,26 @@
|
|
1
|
+
# This file was generated by Appraisal
|
2
|
+
|
3
|
+
source "https://rubygems.org"
|
4
|
+
|
5
|
+
gem "rails", "~> 4.2.0"
|
6
|
+
gem "activeadmin", "1.0.0.pre4"
|
7
|
+
gem "devise", "~> 4.2.0"
|
8
|
+
gem "pry"
|
9
|
+
gem "appraisal"
|
10
|
+
|
11
|
+
group :development do
|
12
|
+
gem "bundler", "~> 1.13.0"
|
13
|
+
gem "rake", "~> 10.0"
|
14
|
+
gem "rubocop", "~> 0.40.0"
|
15
|
+
end
|
16
|
+
|
17
|
+
group :test do
|
18
|
+
gem "capybara"
|
19
|
+
gem "rspec-rails"
|
20
|
+
gem "database_cleaner"
|
21
|
+
gem "shoulda-matchers"
|
22
|
+
gem "sqlite3", :platforms => :mri
|
23
|
+
gem "poltergeist"
|
24
|
+
end
|
25
|
+
|
26
|
+
gemspec :path => "../"
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# This file was generated by Appraisal
|
2
|
+
|
3
|
+
source "https://rubygems.org"
|
4
|
+
|
5
|
+
gem "rails", "~> 5.0.0"
|
6
|
+
gem "activeadmin", :github => "activeadmin/activeadmin"
|
7
|
+
gem "devise", "~> 4.2.0"
|
8
|
+
gem "pry"
|
9
|
+
gem "appraisal"
|
10
|
+
gem "inherited_resources", :github => "activeadmin/inherited_resources"
|
11
|
+
|
12
|
+
group :development do
|
13
|
+
gem "bundler", "~> 1.13.0"
|
14
|
+
gem "rake", "~> 10.0"
|
15
|
+
gem "rubocop", "~> 0.40.0"
|
16
|
+
end
|
17
|
+
|
18
|
+
group :test do
|
19
|
+
gem "capybara"
|
20
|
+
gem "rspec-rails"
|
21
|
+
gem "database_cleaner"
|
22
|
+
gem "shoulda-matchers"
|
23
|
+
gem "sqlite3", :platforms => :mri
|
24
|
+
gem "poltergeist"
|
25
|
+
end
|
26
|
+
|
27
|
+
gemspec :path => "../"
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
module ActiveAdmin
|
3
|
+
module DSL
|
4
|
+
def role_changeable
|
5
|
+
scope(:all, default: true)
|
6
|
+
|
7
|
+
controller.resource_class.roles.each_key(&method(:scope))
|
8
|
+
|
9
|
+
controller.resource_class.roles.each_key do |role|
|
10
|
+
batch_action "assign as #{role}" do |ids|
|
11
|
+
formatted_ids = ids - [current_admin_user.id.to_s]
|
12
|
+
resource_class.where(id: formatted_ids).update_all(role: resource_class.roles[role])
|
13
|
+
|
14
|
+
if Rails::VERSION::MAJOR >= 5
|
15
|
+
redirect_back fallback_location: admin_root_url, notice: t("views.admin_user.notice.assigned", role: role)
|
16
|
+
else
|
17
|
+
redirect_to :back, notice: t("views.admin_user.notice.assigned", role: role)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
module ActiveAdmin
|
3
|
+
module ResourceController
|
4
|
+
def self.included(klass)
|
5
|
+
klass.class_eval do
|
6
|
+
if Rails::VERSION::MAJOR >= 4
|
7
|
+
before_action :authorize_access_resource!, except: %i(index new create show edit update destroy)
|
8
|
+
else
|
9
|
+
before_filter :authorize_access_resource!, except: %i(index new create show edit update destroy)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
private
|
15
|
+
|
16
|
+
def authorize_access_resource!
|
17
|
+
authorize_resource!(active_admin_config.resource_class)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
module CanCan
|
3
|
+
module Ability
|
4
|
+
private
|
5
|
+
|
6
|
+
def register_role_based_abilities(user)
|
7
|
+
return if user.guest_user?
|
8
|
+
|
9
|
+
(::ActiveAdmin::Permission.indexed_cache[user.role] || []).select(&:active?).each do |permission|
|
10
|
+
send(*permission.to_condition)
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
class Config
|
3
|
+
attr_accessor :roles, :super_user_roles, :guest_user_roles, :user_class_name, :default_state
|
4
|
+
|
5
|
+
def initialize
|
6
|
+
@roles = { guest: 0, support: 1, staff: 2, manager: 3, admin: 99 }
|
7
|
+
@guest_user_roles = [:guest]
|
8
|
+
@super_user_roles = [:admin]
|
9
|
+
@user_class_name = "AdminUser"
|
10
|
+
@default_state = :cannot
|
11
|
+
end
|
12
|
+
|
13
|
+
def default_state=(value)
|
14
|
+
@default_state = value.to_s == "can" ? :can : :cannot
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require "rails/engine"
|
2
|
+
|
3
|
+
module ActiveAdminRole
|
4
|
+
class Engine < ::Rails::Engine
|
5
|
+
initializer "active_admin_role" do
|
6
|
+
ActiveSupport.on_load :active_record do
|
7
|
+
ActiveRecord::Base.send :extend, ::ActiveAdminRole::Model
|
8
|
+
end
|
9
|
+
|
10
|
+
ActiveSupport.on_load :after_initialize do
|
11
|
+
::ActiveAdmin::ResourceController.send :include, ::ActiveAdminRole::ActiveAdmin::ResourceController
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require "set"
|
2
|
+
|
3
|
+
module ActiveAdminRole
|
4
|
+
class ManageableResource
|
5
|
+
def call
|
6
|
+
::ActiveAdmin.application.namespaces[:admin].resources.inject([]) do |result, resource|
|
7
|
+
class_name = resource.controller.resource_class.to_s
|
8
|
+
name = resource.resource_name.name
|
9
|
+
actions = collect_defined_actions(resource)
|
10
|
+
|
11
|
+
result += eval_actions(actions).map do |action|
|
12
|
+
{ class_name: class_name, name: name, action: action }
|
13
|
+
end
|
14
|
+
|
15
|
+
result
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def collect_defined_actions(resource)
|
22
|
+
if resource.respond_to?(:defined_actions)
|
23
|
+
defined_actions = resource.defined_actions
|
24
|
+
member_actions = resource.member_actions.map(&:name)
|
25
|
+
collection_actions = resource.collection_actions.map(&:name)
|
26
|
+
batch_actions = resource.batch_actions_enabled? ? [:batch_action] : []
|
27
|
+
|
28
|
+
defined_actions | member_actions | member_actions | collection_actions | batch_actions
|
29
|
+
else
|
30
|
+
resource.page_actions.map(&:name) | [:index]
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def eval_actions(actions)
|
35
|
+
actions.inject(Set.new) do |result, action|
|
36
|
+
result << (actions_dictionary[action] || action).to_s
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def actions_dictionary
|
41
|
+
@_actions_dictionary ||= ::ActiveAdmin::BaseController::Authorization::ACTIONS_DICTIONARY.dup
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
module RoleBasedAuthorizable
|
3
|
+
def self.included(klass)
|
4
|
+
klass.class_eval do
|
5
|
+
extend ClassMethods
|
6
|
+
|
7
|
+
enum role: config.roles
|
8
|
+
delegate :super_user_roles, :guest_user_roles, to: :class
|
9
|
+
validates :role, presence: true
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def super_user?
|
14
|
+
role.in?(super_user_roles)
|
15
|
+
end
|
16
|
+
|
17
|
+
def guest_user?
|
18
|
+
role.in?(guest_user_roles)
|
19
|
+
end
|
20
|
+
|
21
|
+
module ClassMethods
|
22
|
+
def manageable_roles
|
23
|
+
@_manageable_roles ||= roles.except(*manageless_roles)
|
24
|
+
end
|
25
|
+
|
26
|
+
def super_user_roles
|
27
|
+
@_super_user_roles ||= config.super_user_roles.try(:map, &:to_s) || []
|
28
|
+
end
|
29
|
+
|
30
|
+
def guest_user_roles
|
31
|
+
@_guest_users ||= config.guest_user_roles.try(:map, &:to_s) || []
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def manageless_roles
|
37
|
+
(super_user_roles + guest_user_roles).flatten.compact
|
38
|
+
end
|
39
|
+
|
40
|
+
def config
|
41
|
+
::ActiveAdminRole.config
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require "active_admin"
|
2
|
+
require "active_admin_role/active_admin/dsl"
|
3
|
+
require "active_admin_role/active_admin/resource_controller"
|
4
|
+
require "active_admin_role/can_can/ability"
|
5
|
+
require "active_admin_role/config"
|
6
|
+
require "active_admin_role/engine"
|
7
|
+
require "active_admin_role/manageable_resource"
|
8
|
+
require "active_admin_role/model"
|
9
|
+
require "active_admin_role/role_based_authorizable"
|
10
|
+
|
11
|
+
module ActiveAdminRole
|
12
|
+
def self.configure
|
13
|
+
yield(config)
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.config
|
17
|
+
@_config ||= Config.new
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
::ActiveAdmin::DSL.send :include, ActiveAdminRole::ActiveAdmin::DSL
|
@@ -0,0 +1,9 @@
|
|
1
|
+
Description:
|
2
|
+
Generates the necessary files to get you up and running with ActiveAdminRole gem
|
3
|
+
|
4
|
+
Examples:
|
5
|
+
rails generate active_admin_role:install
|
6
|
+
|
7
|
+
This will generate the core migration file, the initializer file and the 'AdminUser' model class.
|
8
|
+
|
9
|
+
rails generate active_admin_role:install --model User
|
@@ -0,0 +1,64 @@
|
|
1
|
+
module ActiveAdminRole
|
2
|
+
module Generators
|
3
|
+
module Helper
|
4
|
+
def self.included(klass)
|
5
|
+
klass.send :extend, ClassMethods
|
6
|
+
end
|
7
|
+
|
8
|
+
private
|
9
|
+
|
10
|
+
def model_class_name
|
11
|
+
options[:model] ? options[:model].classify : "AdminUser"
|
12
|
+
end
|
13
|
+
|
14
|
+
def model_file_path
|
15
|
+
model_name.underscore
|
16
|
+
end
|
17
|
+
|
18
|
+
def model_path
|
19
|
+
@model_path ||= File.join("app", "models", "#{model_file_path}.rb")
|
20
|
+
end
|
21
|
+
|
22
|
+
def namespace
|
23
|
+
Rails::Generators.namespace if Rails::Generators.respond_to?(:namespace)
|
24
|
+
end
|
25
|
+
|
26
|
+
def namespaced?
|
27
|
+
!!namespace
|
28
|
+
end
|
29
|
+
|
30
|
+
def model_name
|
31
|
+
if namespaced?
|
32
|
+
[namespace.to_s] + [model_class_name]
|
33
|
+
else
|
34
|
+
[model_class_name]
|
35
|
+
end.join("::")
|
36
|
+
end
|
37
|
+
|
38
|
+
def inject_into_model
|
39
|
+
indents = " " * (namespaced? ? 2 : 1)
|
40
|
+
inject_into_class model_path, model_class_name, "#{indents}role_based_authorizable\n"
|
41
|
+
end
|
42
|
+
|
43
|
+
def migration_class_name
|
44
|
+
if Rails::VERSION::MAJOR >= 5
|
45
|
+
"ActiveRecord::Migration[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
|
46
|
+
else
|
47
|
+
"ActiveRecord::Migration"
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
module ClassMethods
|
52
|
+
# Define the next_migration_number method (necessary for the migration_template method to work)
|
53
|
+
def next_migration_number(dirname)
|
54
|
+
if ActiveRecord::Base.timestamped_migrations
|
55
|
+
sleep 1 # make sure each time we get a different timestamp
|
56
|
+
Time.new.utc.strftime("%Y%m%d%H%M%S")
|
57
|
+
else
|
58
|
+
format("%.3d", (current_migration_number(dirname) + 1))
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
require "rails/generators/migration"
|
2
|
+
require "generators/active_admin_role/helper"
|
3
|
+
|
4
|
+
module ActiveAdminRole
|
5
|
+
module Generators
|
6
|
+
class InstallGenerator < ::Rails::Generators::Base
|
7
|
+
include Rails::Generators::Migration
|
8
|
+
include ActiveAdminRole::Generators::Helper
|
9
|
+
|
10
|
+
source_root File.expand_path("../templates", __FILE__)
|
11
|
+
|
12
|
+
class_option :model, optional: true,
|
13
|
+
type: :string,
|
14
|
+
banner: "model",
|
15
|
+
desc: "Specify the model class name if you will use anything other than `AdminUser`",
|
16
|
+
default: "AdminUser"
|
17
|
+
|
18
|
+
def copy_initializer_file
|
19
|
+
template "initializer.rb", "config/initializers/active_admin_role.rb"
|
20
|
+
end
|
21
|
+
|
22
|
+
def configure_model
|
23
|
+
generate :"active_admin:install #{model_class_name}" unless model_class_name.safe_constantize
|
24
|
+
inject_into_model
|
25
|
+
end
|
26
|
+
|
27
|
+
def copy_migration_files
|
28
|
+
migration_template "migration/add_role_to_admin_users.rb", "db/migrate/add_role_to_#{model_class_name.tableize}.rb", migration_class_name: migration_class_name
|
29
|
+
migration_template "migration/create_active_admin_managed_resources.rb", "db/migrate/create_active_admin_managed_resources.rb", migration_class_name: migration_class_name
|
30
|
+
migration_template "migration/create_active_admin_permissions.rb", "db/migrate/create_active_admin_permissions.rb", migration_class_name: migration_class_name
|
31
|
+
end
|
32
|
+
|
33
|
+
def copy_model_file
|
34
|
+
template "model/ability.rb", "app/models/ability.rb"
|
35
|
+
end
|
36
|
+
|
37
|
+
def configure_active_admin
|
38
|
+
gsub_file "config/initializers/active_admin.rb",
|
39
|
+
"# config.authorization_adapter = ActiveAdmin::CanCanAdapter",
|
40
|
+
"config.authorization_adapter = ActiveAdmin::CanCanAdapter"
|
41
|
+
end
|
42
|
+
|
43
|
+
def copy_admin_permission_file
|
44
|
+
template "admin/permission.rb", "app/admin/permission.rb"
|
45
|
+
end
|
46
|
+
|
47
|
+
def configure_admin_user_file
|
48
|
+
inject_into_file "app/admin/#{model_file_path}.rb",
|
49
|
+
" role_changeable\n",
|
50
|
+
after: "ActiveAdmin.register #{model_class_name} do\n"
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
ActiveAdmin.register ::ActiveAdmin::Permission, as: "Permission" do
|
2
|
+
actions :index
|
3
|
+
|
4
|
+
filter :state, as: :select, collection: controller.resource_class.states
|
5
|
+
|
6
|
+
filter :managed_resource_action_equals, as: :select,
|
7
|
+
label: ::ActiveAdmin::ManagedResource.human_attribute_name(:action),
|
8
|
+
<%- if Rails::VERSION::MAJOR >= 5 -%>
|
9
|
+
collection: -> { ::ActiveAdmin::ManagedResource.distinct.order(:action).pluck(:action) }
|
10
|
+
<%- else -%>
|
11
|
+
collection: -> { ::ActiveAdmin::ManagedResource.uniq.order(:action).pluck(:action) }
|
12
|
+
<%- end -%>
|
13
|
+
|
14
|
+
filter :managed_resource_name_equals, as: :select,
|
15
|
+
label: ::ActiveAdmin::ManagedResource.human_attribute_name(:name),
|
16
|
+
<%- if Rails::VERSION::MAJOR >= 5 -%>
|
17
|
+
collection: -> { ::ActiveAdmin::ManagedResource.distinct.pluck(:name).sort }
|
18
|
+
<%- else -%>
|
19
|
+
collection: -> { ::ActiveAdmin::ManagedResource.uniq.pluck(:name).sort }
|
20
|
+
<%- end -%>
|
21
|
+
|
22
|
+
filter :managed_resource_class_name_equals, as: :select,
|
23
|
+
label: ::ActiveAdmin::ManagedResource.human_attribute_name(:class_name),
|
24
|
+
<%- if Rails::VERSION::MAJOR >= 5 -%>
|
25
|
+
collection: -> { ::ActiveAdmin::ManagedResource.distinct.order(:class_name).pluck(:class_name) }
|
26
|
+
<%- else -%>
|
27
|
+
collection: -> { ::ActiveAdmin::ManagedResource.uniq.order(:class_name).pluck(:class_name) }
|
28
|
+
<%- end -%>
|
29
|
+
|
30
|
+
scope :all, default: true
|
31
|
+
|
32
|
+
controller.resource_class.manageable_roles.each_key(&method(:scope))
|
33
|
+
|
34
|
+
controller.resource_class.states.each_key do |state|
|
35
|
+
batch_action state do |ids|
|
36
|
+
resource_class.clear_cache
|
37
|
+
resource_class.where(id: ids).update_all(state: resource_class.states[state])
|
38
|
+
<%- if Rails::VERSION::MAJOR >= 5 -%>
|
39
|
+
redirect_back fallback_location: admin_root_url, notice: t("views.permission.notice.state_changed", state: state)
|
40
|
+
<%- else -%>
|
41
|
+
redirect_to :back, notice: t("views.permission.notice.state_changed", state: state)
|
42
|
+
<%- end -%>
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
collection_action :reload, method: :post do
|
47
|
+
::ActiveAdmin::ManagedResource.reload
|
48
|
+
<%- if Rails::VERSION::MAJOR >= 5 -%>
|
49
|
+
redirect_back(fallback_location: admin_root_url, notice: t("views.permission.notice.reloaded"))
|
50
|
+
<%- else -%>
|
51
|
+
redirect_to :back, notice: t("views.permission.notice.reloaded")
|
52
|
+
<%- end -%>
|
53
|
+
end
|
54
|
+
|
55
|
+
action_item :reload do
|
56
|
+
link_to t("views.permission.action_item.reload"), reload_admin_permissions_path, method: :post
|
57
|
+
end
|
58
|
+
|
59
|
+
includes :managed_resource
|
60
|
+
|
61
|
+
index do
|
62
|
+
selectable_column
|
63
|
+
column :role
|
64
|
+
column(:state) do |record|
|
65
|
+
status_tag(record.state, record.can? ? :ok : nil)
|
66
|
+
end
|
67
|
+
column :action
|
68
|
+
column :name
|
69
|
+
column :class_name
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
ActiveAdminRole.configure do |config|
|
2
|
+
# [Required:Hash]
|
3
|
+
# == Role | default: { guest: 0, support: 1, staff: 2, manager: 3, admin: 99 }
|
4
|
+
config.roles = { guest: 0, support: 1, staff: 2, manager: 3, admin: 99 }
|
5
|
+
|
6
|
+
# [Optional:Array]
|
7
|
+
# == Special roles which don't need to manage on database
|
8
|
+
config.super_user_roles = [:admin]
|
9
|
+
config.guest_user_roles = [:guest]
|
10
|
+
|
11
|
+
# [Optional:String]
|
12
|
+
# == User class name | default: 'AdminUser'
|
13
|
+
config.user_class_name = "<%= model_class_name %>"
|
14
|
+
|
15
|
+
# [Optional:Symbol]
|
16
|
+
# == Default permission | default: :cannot
|
17
|
+
config.default_state = :cannot
|
18
|
+
end
|
data/lib/generators/active_admin_role/templates/migration/create_active_admin_managed_resources.rb
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
class CreateActiveAdminManagedResources < <%= migration_class_name %>
|
2
|
+
def change
|
3
|
+
create_table :active_admin_managed_resources do |t|
|
4
|
+
t.string :class_name, null: false
|
5
|
+
t.string :action, null: false
|
6
|
+
t.string :name
|
7
|
+
|
8
|
+
t.timestamp null: false
|
9
|
+
end
|
10
|
+
|
11
|
+
add_index :active_admin_managed_resources, [:class_name, :action, :name], unique: true, name: "active_admin_managed_resources_index"
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
class CreateActiveAdminPermissions < <%= migration_class_name %>
|
2
|
+
def change
|
3
|
+
create_table :active_admin_permissions do |t|
|
4
|
+
t.integer :managed_resource_id, null: false
|
5
|
+
t.integer :role, null: false, limit: 1, default: 0
|
6
|
+
t.integer :state, null: false, limit: 1, default: 0
|
7
|
+
|
8
|
+
t.timestamp null: false
|
9
|
+
end
|
10
|
+
|
11
|
+
add_index :active_admin_permissions, [:managed_resource_id, :role], unique: true, name: "active_admin_permissions_index"
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class Ability
|
2
|
+
include CanCan::Ability
|
3
|
+
include ActiveAdminRole::CanCan::Ability
|
4
|
+
|
5
|
+
def initialize(user)
|
6
|
+
user ||= <%= model_class_name %>.new
|
7
|
+
|
8
|
+
if user.super_user?
|
9
|
+
can :manage, :all
|
10
|
+
else
|
11
|
+
register_role_based_abilities(user)
|
12
|
+
end
|
13
|
+
|
14
|
+
# NOTE: Everyone can read the page of Permission Deny
|
15
|
+
can :read, ActiveAdmin::Page, name: "Dashboard"
|
16
|
+
end
|
17
|
+
end
|
data/tasks/test.rake
ADDED
@@ -0,0 +1,10 @@
|
|
1
|
+
desc "Creates a test rails app for the specs to run against"
|
2
|
+
task :setup do
|
3
|
+
require "rails/version"
|
4
|
+
system("mkdir spec/rails") unless File.exist?("spec/rails")
|
5
|
+
system "bundle exec rails new spec/rails/rails-#{Rails::VERSION::STRING} -m spec/support/rails_template.rb --skip-spring --skip-turbolinks"
|
6
|
+
end
|
7
|
+
|
8
|
+
require "rspec/core/rake_task"
|
9
|
+
RSpec::Core::RakeTask.new(:spec)
|
10
|
+
task default: :spec
|
metadata
ADDED
@@ -0,0 +1,110 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: active_admin_role
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Yoshiyuki Hirano
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-11-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: activeadmin
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 1.0.0.pre4
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 1.0.0.pre4
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: cancancan
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 1.15.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 1.15.0
|
41
|
+
description: Role based authorization with CanCanCan for Active Admin
|
42
|
+
email:
|
43
|
+
- yhirano@me.com
|
44
|
+
executables: []
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- ".gitignore"
|
49
|
+
- ".rspec"
|
50
|
+
- ".rubocop.yml"
|
51
|
+
- ".ruby-style.yml"
|
52
|
+
- ".travis.yml"
|
53
|
+
- Appraisals
|
54
|
+
- Gemfile
|
55
|
+
- LICENSE.txt
|
56
|
+
- README.md
|
57
|
+
- Rakefile
|
58
|
+
- active_admin_role.gemspec
|
59
|
+
- app/models/active_admin/managed_resource.rb
|
60
|
+
- app/models/active_admin/permission.rb
|
61
|
+
- config/locales/en.yml
|
62
|
+
- config/locales/ja.yml
|
63
|
+
- gemfiles/.bundle/config
|
64
|
+
- gemfiles/rails42.gemfile
|
65
|
+
- gemfiles/rails50.gemfile
|
66
|
+
- lib/active_admin_role.rb
|
67
|
+
- lib/active_admin_role/active_admin/dsl.rb
|
68
|
+
- lib/active_admin_role/active_admin/resource_controller.rb
|
69
|
+
- lib/active_admin_role/can_can/ability.rb
|
70
|
+
- lib/active_admin_role/config.rb
|
71
|
+
- lib/active_admin_role/engine.rb
|
72
|
+
- lib/active_admin_role/manageable_resource.rb
|
73
|
+
- lib/active_admin_role/model.rb
|
74
|
+
- lib/active_admin_role/role_based_authorizable.rb
|
75
|
+
- lib/active_admin_role/version.rb
|
76
|
+
- lib/generators/active_admin_role/USAGE
|
77
|
+
- lib/generators/active_admin_role/helper.rb
|
78
|
+
- lib/generators/active_admin_role/install_generator.rb
|
79
|
+
- lib/generators/active_admin_role/templates/admin/permission.rb
|
80
|
+
- lib/generators/active_admin_role/templates/initializer.rb
|
81
|
+
- lib/generators/active_admin_role/templates/migration/add_role_to_admin_users.rb
|
82
|
+
- lib/generators/active_admin_role/templates/migration/create_active_admin_managed_resources.rb
|
83
|
+
- lib/generators/active_admin_role/templates/migration/create_active_admin_permissions.rb
|
84
|
+
- lib/generators/active_admin_role/templates/model/ability.rb
|
85
|
+
- tasks/test.rake
|
86
|
+
homepage: https://github.com/yhirano55/active_admin_role
|
87
|
+
licenses:
|
88
|
+
- MIT
|
89
|
+
metadata: {}
|
90
|
+
post_install_message:
|
91
|
+
rdoc_options: []
|
92
|
+
require_paths:
|
93
|
+
- lib
|
94
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
95
|
+
requirements:
|
96
|
+
- - ">="
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: 2.1.0
|
99
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
requirements: []
|
105
|
+
rubyforge_project:
|
106
|
+
rubygems_version: 2.5.2
|
107
|
+
signing_key:
|
108
|
+
specification_version: 4
|
109
|
+
summary: Role based authorization with CanCanCan for Active Admin
|
110
|
+
test_files: []
|