active_admin_role 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/.rubocop.yml +16 -13
- data/.rubocop_todo.yml +23 -0
- data/.travis.yml +12 -3
- data/Appraisals +8 -9
- data/Gemfile +13 -10
- data/README.md +8 -4
- data/Rakefile +32 -3
- data/active_admin_role.gemspec +4 -3
- data/app/models/active_admin/manageable_resource.rb +51 -0
- data/app/models/active_admin/managed_resource.rb +5 -42
- data/app/models/active_admin/permission.rb +12 -17
- data/app/models/active_admin/permission_reloader.rb +47 -0
- data/app/models/active_admin_role/can_can/ability.rb +17 -0
- data/app/models/active_admin_role/dsl.rb +7 -0
- data/app/models/active_admin_role/role_based_authorizable.rb +43 -0
- data/gemfiles/{rails42.gemfile → 5.0.gemfile} +11 -11
- data/gemfiles/5.1.gemfile +26 -0
- data/gemfiles/5.2.gemfile +26 -0
- data/lib/active_admin_role.rb +3 -10
- data/lib/active_admin_role/active_admin/dsl.rb +1 -2
- data/lib/active_admin_role/active_admin/resource_controller.rb +11 -11
- data/lib/active_admin_role/config.rb +3 -2
- data/lib/active_admin_role/engine.rb +5 -2
- data/lib/active_admin_role/version.rb +1 -1
- data/lib/generators/active_admin_role/helper.rb +41 -41
- data/lib/generators/active_admin_role/install_generator.rb +16 -13
- data/lib/generators/active_admin_role/templates/admin/{permission.rb → permissions.tt} +1 -1
- data/lib/generators/active_admin_role/templates/{initializer.rb → initializer.tt} +0 -0
- data/lib/generators/active_admin_role/templates/migration/{add_role_to_admin_users.rb → add_role_to_admin_users.tt} +0 -0
- data/lib/generators/active_admin_role/templates/migration/{create_active_admin_managed_resources.rb → create_active_admin_managed_resources.tt} +0 -0
- data/lib/generators/active_admin_role/templates/migration/{create_active_admin_permissions.rb → create_active_admin_permissions.tt} +0 -0
- data/lib/generators/active_admin_role/templates/model/{ability.rb → ability.tt} +0 -0
- metadata +35 -21
- data/.ruby-style.yml +0 -242
- data/gemfiles/.bundle/config +0 -2
- data/gemfiles/rails50.gemfile +0 -27
- data/lib/active_admin_role/can_can/ability.rb +0 -15
- data/lib/active_admin_role/manageable_resource.rb +0 -45
- data/lib/active_admin_role/model.rb +0 -7
- data/lib/active_admin_role/role_based_authorizable.rb +0 -45
- data/tasks/test.rake +0 -10
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
module ActiveAdminRole
|
|
2
|
+
module CanCan
|
|
3
|
+
module Ability
|
|
4
|
+
extend ActiveSupport::Concern
|
|
5
|
+
|
|
6
|
+
private
|
|
7
|
+
|
|
8
|
+
def register_role_based_abilities(user)
|
|
9
|
+
return if user.guest_user?
|
|
10
|
+
|
|
11
|
+
(::ActiveAdmin::Permission.indexed_cache[user.role] || []).select(&:active?).each do |permission|
|
|
12
|
+
send(*permission.to_condition)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
module ActiveAdminRole
|
|
2
|
+
module RoleBasedAuthorizable
|
|
3
|
+
extend ActiveSupport::Concern
|
|
4
|
+
|
|
5
|
+
included do
|
|
6
|
+
enum role: config.roles
|
|
7
|
+
delegate :super_user_roles, :guest_user_roles, to: :class
|
|
8
|
+
validates :role, presence: true
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def super_user?
|
|
12
|
+
role.in?(super_user_roles)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def guest_user?
|
|
16
|
+
role.in?(guest_user_roles)
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
class_methods do
|
|
20
|
+
def manageable_roles
|
|
21
|
+
@manageable_roles ||= roles.except(*manageless_roles)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def super_user_roles
|
|
25
|
+
@super_user_roles ||= config.super_user_roles.try(:map, &:to_s) || []
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def guest_user_roles
|
|
29
|
+
@guest_user_roles ||= config.guest_user_roles.try(:map, &:to_s) || []
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
private
|
|
33
|
+
|
|
34
|
+
def manageless_roles
|
|
35
|
+
(super_user_roles + guest_user_roles).flatten.compact
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def config
|
|
39
|
+
::ActiveAdminRole.config
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
@@ -2,25 +2,25 @@
|
|
|
2
2
|
|
|
3
3
|
source "https://rubygems.org"
|
|
4
4
|
|
|
5
|
-
gem "rails", "~> 4.2.0"
|
|
6
|
-
gem "activeadmin", "1.0.0.pre4"
|
|
7
|
-
gem "devise", "~> 4.2.0"
|
|
8
|
-
gem "pry"
|
|
9
5
|
gem "appraisal"
|
|
6
|
+
gem "devise"
|
|
7
|
+
gem "jquery-ui-rails", "~> 4.2.1"
|
|
8
|
+
gem "rails", "~> 5.0.0"
|
|
9
|
+
|
|
10
|
+
group :development, :test do
|
|
11
|
+
gem "sqlite3", platforms: :mri
|
|
12
|
+
end
|
|
10
13
|
|
|
11
14
|
group :development do
|
|
12
|
-
gem "
|
|
13
|
-
gem "rake", "~> 10.0"
|
|
14
|
-
gem "rubocop", "~> 0.40.0"
|
|
15
|
+
gem "onkcop", require: false
|
|
15
16
|
end
|
|
16
17
|
|
|
17
18
|
group :test do
|
|
18
19
|
gem "capybara"
|
|
19
|
-
gem "rspec-rails"
|
|
20
20
|
gem "database_cleaner"
|
|
21
|
-
gem "shoulda-matchers"
|
|
22
|
-
gem "sqlite3", :platforms => :mri
|
|
23
21
|
gem "poltergeist"
|
|
22
|
+
gem "rspec-rails"
|
|
23
|
+
gem "shoulda-matchers"
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
gemspec :
|
|
26
|
+
gemspec path: "../"
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# This file was generated by Appraisal
|
|
2
|
+
|
|
3
|
+
source "https://rubygems.org"
|
|
4
|
+
|
|
5
|
+
gem "appraisal"
|
|
6
|
+
gem "devise"
|
|
7
|
+
gem "jquery-ui-rails", "~> 4.2.1"
|
|
8
|
+
gem "rails", "~> 5.1.0"
|
|
9
|
+
|
|
10
|
+
group :development, :test do
|
|
11
|
+
gem "sqlite3", platforms: :mri
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
group :development do
|
|
15
|
+
gem "onkcop", require: false
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
group :test do
|
|
19
|
+
gem "capybara"
|
|
20
|
+
gem "database_cleaner"
|
|
21
|
+
gem "poltergeist"
|
|
22
|
+
gem "rspec-rails"
|
|
23
|
+
gem "shoulda-matchers"
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
gemspec path: "../"
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# This file was generated by Appraisal
|
|
2
|
+
|
|
3
|
+
source "https://rubygems.org"
|
|
4
|
+
|
|
5
|
+
gem "appraisal"
|
|
6
|
+
gem "devise"
|
|
7
|
+
gem "jquery-ui-rails", "~> 4.2.1"
|
|
8
|
+
gem "rails", "~> 5.2.0.rc2"
|
|
9
|
+
|
|
10
|
+
group :development, :test do
|
|
11
|
+
gem "sqlite3", platforms: :mri
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
group :development do
|
|
15
|
+
gem "onkcop", require: false
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
group :test do
|
|
19
|
+
gem "capybara"
|
|
20
|
+
gem "database_cleaner"
|
|
21
|
+
gem "poltergeist"
|
|
22
|
+
gem "rspec-rails"
|
|
23
|
+
gem "shoulda-matchers"
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
gemspec path: "../"
|
data/lib/active_admin_role.rb
CHANGED
|
@@ -1,12 +1,4 @@
|
|
|
1
1
|
require "active_admin"
|
|
2
|
-
require "active_admin_role/active_admin/dsl"
|
|
3
|
-
require "active_admin_role/active_admin/resource_controller"
|
|
4
|
-
require "active_admin_role/can_can/ability"
|
|
5
|
-
require "active_admin_role/config"
|
|
6
|
-
require "active_admin_role/engine"
|
|
7
|
-
require "active_admin_role/manageable_resource"
|
|
8
|
-
require "active_admin_role/model"
|
|
9
|
-
require "active_admin_role/role_based_authorizable"
|
|
10
2
|
|
|
11
3
|
module ActiveAdminRole
|
|
12
4
|
def self.configure
|
|
@@ -14,8 +6,9 @@ module ActiveAdminRole
|
|
|
14
6
|
end
|
|
15
7
|
|
|
16
8
|
def self.config
|
|
17
|
-
@
|
|
9
|
+
@config ||= Config.new
|
|
18
10
|
end
|
|
19
11
|
end
|
|
20
12
|
|
|
21
|
-
|
|
13
|
+
require "active_admin_role/config"
|
|
14
|
+
require "active_admin_role/engine" if defined?(Rails)
|
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
module ActiveAdminRole
|
|
2
2
|
module ActiveAdmin
|
|
3
|
-
module
|
|
3
|
+
module Dsl
|
|
4
4
|
def role_changeable
|
|
5
5
|
scope(:all, default: true)
|
|
6
6
|
|
|
7
7
|
controller.resource_class.roles.each_key(&method(:scope))
|
|
8
|
-
|
|
9
8
|
controller.resource_class.roles.each_key do |role|
|
|
10
9
|
batch_action "assign as #{role}" do |ids|
|
|
11
10
|
formatted_ids = ids - [active_admin_role_current_user.try!(:id).to_s]
|
|
@@ -4,26 +4,26 @@ module ActiveAdminRole
|
|
|
4
4
|
def self.included(klass)
|
|
5
5
|
klass.class_eval do
|
|
6
6
|
if Rails::VERSION::MAJOR >= 4
|
|
7
|
-
before_action :authorize_access_resource!, except: %i
|
|
7
|
+
before_action :authorize_access_resource!, except: %i[index new create show edit update destroy]
|
|
8
8
|
else
|
|
9
|
-
before_filter :authorize_access_resource!, except: %i
|
|
9
|
+
before_filter :authorize_access_resource!, except: %i[index new create show edit update destroy]
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
private
|
|
15
15
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
16
|
+
def authorize_access_resource!
|
|
17
|
+
authorize_resource!(active_admin_config.resource_class)
|
|
18
|
+
end
|
|
19
19
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
def active_admin_role_current_user
|
|
21
|
+
send(active_admin_role_current_user_method_name)
|
|
22
|
+
end
|
|
23
23
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
24
|
+
def active_admin_role_current_user_method_name
|
|
25
|
+
ActiveAdminRole.config.current_user_method_name
|
|
26
|
+
end
|
|
27
27
|
end
|
|
28
28
|
end
|
|
29
29
|
end
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module ActiveAdminRole
|
|
2
2
|
class Config
|
|
3
|
-
attr_accessor :roles, :super_user_roles, :guest_user_roles, :user_class_name, :
|
|
3
|
+
attr_accessor :roles, :super_user_roles, :guest_user_roles, :user_class_name, :current_user_method_name
|
|
4
|
+
attr_reader :default_state
|
|
4
5
|
|
|
5
6
|
def initialize
|
|
6
7
|
@roles = { guest: 0, support: 1, staff: 2, manager: 3, admin: 99 }
|
|
@@ -12,7 +13,7 @@ module ActiveAdminRole
|
|
|
12
13
|
end
|
|
13
14
|
|
|
14
15
|
def default_state=(value)
|
|
15
|
-
@default_state = value.to_s == "can" ? :can : :cannot
|
|
16
|
+
@default_state = (value.to_s == "can") ? :can : :cannot
|
|
16
17
|
end
|
|
17
18
|
end
|
|
18
19
|
end
|
|
@@ -4,11 +4,14 @@ module ActiveAdminRole
|
|
|
4
4
|
class Engine < ::Rails::Engine
|
|
5
5
|
initializer "active_admin_role" do
|
|
6
6
|
ActiveSupport.on_load :active_record do
|
|
7
|
-
|
|
7
|
+
extend ActiveAdminRole::Dsl
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
ActiveSupport.on_load :after_initialize do
|
|
11
|
-
|
|
11
|
+
require "active_admin_role/active_admin/dsl"
|
|
12
|
+
require "active_admin_role/active_admin/resource_controller"
|
|
13
|
+
::ActiveAdmin::DSL.send :include, ActiveAdminRole::ActiveAdmin::Dsl
|
|
14
|
+
::ActiveAdmin::ResourceController.send :include, ActiveAdminRole::ActiveAdmin::ResourceController
|
|
12
15
|
end
|
|
13
16
|
end
|
|
14
17
|
end
|
|
@@ -7,58 +7,58 @@ module ActiveAdminRole
|
|
|
7
7
|
|
|
8
8
|
private
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
def model_file_path
|
|
15
|
-
model_name.underscore
|
|
16
|
-
end
|
|
10
|
+
def model_class_name
|
|
11
|
+
options[:model] ? options[:model].classify : "AdminUser"
|
|
12
|
+
end
|
|
17
13
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
14
|
+
def model_file_path
|
|
15
|
+
model_name.underscore
|
|
16
|
+
end
|
|
21
17
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
18
|
+
def model_path
|
|
19
|
+
@model_path ||= File.join("app", "models", "#{model_file_path}.rb")
|
|
20
|
+
end
|
|
25
21
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
22
|
+
def namespace
|
|
23
|
+
Rails::Generators.namespace if Rails::Generators.respond_to?(:namespace)
|
|
24
|
+
end
|
|
29
25
|
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
else
|
|
34
|
-
[model_class_name]
|
|
35
|
-
end.join("::")
|
|
36
|
-
end
|
|
26
|
+
def namespaced?
|
|
27
|
+
!!namespace
|
|
28
|
+
end
|
|
37
29
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
30
|
+
def model_name
|
|
31
|
+
if namespaced?
|
|
32
|
+
[namespace.to_s] + [model_class_name]
|
|
33
|
+
else
|
|
34
|
+
[model_class_name]
|
|
35
|
+
end.join("::")
|
|
36
|
+
end
|
|
42
37
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
"
|
|
46
|
-
else
|
|
47
|
-
"ActiveRecord::Migration"
|
|
38
|
+
def inject_into_model
|
|
39
|
+
indents = " " * (namespaced? ? 2 : 1)
|
|
40
|
+
inject_into_class model_path, model_class_name, "#{indents}role_based_authorizable\n"
|
|
48
41
|
end
|
|
49
|
-
end
|
|
50
42
|
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
if ActiveRecord::Base.timestamped_migrations
|
|
55
|
-
sleep 1 # make sure each time we get a different timestamp
|
|
56
|
-
Time.new.utc.strftime("%Y%m%d%H%M%S")
|
|
43
|
+
def migration_class_name
|
|
44
|
+
if Rails::VERSION::MAJOR >= 5
|
|
45
|
+
"ActiveRecord::Migration[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
|
|
57
46
|
else
|
|
58
|
-
|
|
47
|
+
"ActiveRecord::Migration"
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
module ClassMethods
|
|
52
|
+
# Define the next_migration_number method (necessary for the migration_template method to work)
|
|
53
|
+
def next_migration_number(dirname)
|
|
54
|
+
if ActiveRecord::Base.timestamped_migrations
|
|
55
|
+
sleep 1 # make sure each time we get a different timestamp
|
|
56
|
+
Time.new.utc.strftime("%Y%m%d%H%M%S")
|
|
57
|
+
else
|
|
58
|
+
"%.3d" % (current_migration_number(dirname) + 1)
|
|
59
|
+
end
|
|
59
60
|
end
|
|
60
61
|
end
|
|
61
|
-
end
|
|
62
62
|
end
|
|
63
63
|
end
|
|
64
64
|
end
|
|
@@ -6,9 +6,7 @@ module ActiveAdminRole
|
|
|
6
6
|
class InstallGenerator < ::Rails::Generators::Base
|
|
7
7
|
include Rails::Generators::Migration
|
|
8
8
|
include ActiveAdminRole::Generators::Helper
|
|
9
|
-
|
|
10
|
-
source_root File.expand_path("../templates", __FILE__)
|
|
11
|
-
|
|
9
|
+
source_root File.expand_path("./templates", __dir__)
|
|
12
10
|
class_option :model, optional: true,
|
|
13
11
|
type: :string,
|
|
14
12
|
banner: "model",
|
|
@@ -16,22 +14,27 @@ module ActiveAdminRole
|
|
|
16
14
|
default: "AdminUser"
|
|
17
15
|
|
|
18
16
|
def copy_initializer_file
|
|
19
|
-
template "initializer.
|
|
17
|
+
template "initializer.tt", "config/initializers/active_admin_role.rb"
|
|
20
18
|
end
|
|
21
19
|
|
|
22
20
|
def configure_model
|
|
23
|
-
generate :"active_admin:install #{model_class_name}" unless model_class_name.safe_constantize
|
|
24
21
|
inject_into_model
|
|
25
22
|
end
|
|
26
23
|
|
|
27
24
|
def copy_migration_files
|
|
28
|
-
migration_template "migration/add_role_to_admin_users.
|
|
29
|
-
|
|
30
|
-
|
|
25
|
+
migration_template "migration/add_role_to_admin_users.tt",
|
|
26
|
+
"db/migrate/add_role_to_#{model_class_name.tableize}.rb",
|
|
27
|
+
migration_class_name: migration_class_name
|
|
28
|
+
migration_template "migration/create_active_admin_managed_resources.tt",
|
|
29
|
+
"db/migrate/create_active_admin_managed_resources.rb",
|
|
30
|
+
migration_class_name: migration_class_name
|
|
31
|
+
migration_template "migration/create_active_admin_permissions.tt",
|
|
32
|
+
"db/migrate/create_active_admin_permissions.rb",
|
|
33
|
+
migration_class_name: migration_class_name
|
|
31
34
|
end
|
|
32
35
|
|
|
33
36
|
def copy_model_file
|
|
34
|
-
template "model/ability.
|
|
37
|
+
template "model/ability.tt", "app/models/ability.rb"
|
|
35
38
|
end
|
|
36
39
|
|
|
37
40
|
def configure_active_admin
|
|
@@ -40,12 +43,12 @@ module ActiveAdminRole
|
|
|
40
43
|
"config.authorization_adapter = ActiveAdmin::CanCanAdapter"
|
|
41
44
|
end
|
|
42
45
|
|
|
43
|
-
def
|
|
44
|
-
template "admin/
|
|
46
|
+
def copy_admin_permissions_file
|
|
47
|
+
template "admin/permissions.tt", "app/admin/permissions.rb"
|
|
45
48
|
end
|
|
46
49
|
|
|
47
|
-
def
|
|
48
|
-
inject_into_file "app/admin/#{
|
|
50
|
+
def configure_admin_users_file
|
|
51
|
+
inject_into_file "app/admin/#{model_class_name.tableize}.rb",
|
|
49
52
|
" role_changeable\n",
|
|
50
53
|
after: "ActiveAdmin.register #{model_class_name} do\n"
|
|
51
54
|
end
|
|
@@ -62,7 +62,7 @@ ActiveAdmin.register ::ActiveAdmin::Permission, as: "Permission" do
|
|
|
62
62
|
selectable_column
|
|
63
63
|
column :role
|
|
64
64
|
column(:state) do |record|
|
|
65
|
-
status_tag(record.state, record.can? ?
|
|
65
|
+
status_tag(record.state, class: record.can? ? "completed ok" : "null", label: record.state)
|
|
66
66
|
end
|
|
67
67
|
column :action
|
|
68
68
|
column :name
|