active_permission 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4822a5239730d4ab16ad3ad140ad83a42d316386
4
- data.tar.gz: 9e72ad4a57f7fcf80ed87a123ccebaf507db91b2
3
+ metadata.gz: a73ca4d8b69856637415f09baae78e1bff8a9569
4
+ data.tar.gz: c715703d8f0ee0a9cdd4b3615f33a472e5c04311
5
5
  SHA512:
6
- metadata.gz: 3c23dd91e7b24ffcfcbf2581a9d02862a2cc05a766aaf4f31e9a6666059ea22c4197ed6b693633c8969030b619b81e1b0c75dba7145d02d5a0ca9ea03dd915b7
7
- data.tar.gz: c55fe1ecaf350a2d76aa01d187a63de3645d03a068e03c9812fec4270de8ba61b75857c2eb63171f5c91df833bc199890aaa1ddd5020ade825a4bd204d50af7a
6
+ metadata.gz: 4427383c2e3032e18848b164acee93a4dc747a197e44ae9645657ae26930405199be127bc95d330f3a9e2a4fbbc8dae979bf11cea4bb30ab0a0f1fa21e3cf254
7
+ data.tar.gz: 108677d1708b6636109f7d53ff2c5750c271ee5f2306b0a20cd5f23dd38c9176f31af7037d9a80e743b9657e633411bdbe03eb179f60a11e1c26462c997a4e5e
data/README.md CHANGED
@@ -9,7 +9,7 @@ This gem allow you load and authorize resource in Ruby on Rails inside controlle
9
9
  Add this line to your application's Gemfile:
10
10
 
11
11
  ```
12
- gem 'activepermission'
12
+ gem 'active_permission'
13
13
  ```
14
14
 
15
15
  And then execute:
@@ -18,7 +18,7 @@ And then execute:
18
18
 
19
19
  Or install it yourself as:
20
20
 
21
- $ gem install activepermission
21
+ $ gem install active_permission
22
22
 
23
23
  ## Usage
24
24
 
@@ -128,7 +128,15 @@ end
128
128
 
129
129
  ```
130
130
  rescue_from ActivePermission::AccessDenied do |error|
131
- logger.warn "Controller: #{error.controller} Action: #{error.action} Object: #{error.object}"
131
+ logger.warn "Controller: #{error.controller} Action: #{error.action} Object: #{error.resources}"
132
+ flash[:warning] = t('Access denied')
133
+ redirect_to root_path
134
+ end
135
+ ```
136
+
137
+ ```
138
+ rescue_from ActivePermission::AccessDenied do |error|
139
+ logger.warn error.to_s
132
140
  flash[:warning] = t('Access denied')
133
141
  redirect_to root_path
134
142
  end
@@ -137,7 +145,7 @@ end
137
145
 
138
146
  ## Contributing
139
147
 
140
- 1. Fork it ( https://github.com/[my-github-username]/activepermission/fork )
148
+ 1. Fork it ( https://github.com/jpascal/active_permission/fork )
141
149
  2. Create your feature branch (`git checkout -b my-new-feature`)
142
150
  3. Commit your changes (`git commit -am 'Add some feature'`)
143
151
  4. Push to the branch (`git push origin my-new-feature`)
@@ -4,12 +4,16 @@ require 'active_permission/base'
4
4
 
5
5
  module ActivePermission
6
6
  class AccessDenied < RuntimeError
7
- attr_reader :controller, :action, :object
8
- def initialize(controller = nil , action = nil , object = nil)
7
+ attr_reader :controller, :action, :resources
8
+ def initialize(controller = nil , action = nil , resources = nil)
9
9
  @controller = controller
10
10
  @action = action
11
- @object = object
12
- super("Access denied in #{@controller}::#{@action} - #{object.inspect}")
11
+ @resources = resources
12
+ message = "Access denied in #{@controller}::#{@action}"
13
+ if resources
14
+ message += ' on resources ' + resources.collect{|resource| resource.respond_to?(:id) ? "#{resource.class}(#{resource.id})}" : resource}.to_s
15
+ end
16
+ super(message)
13
17
  end
14
18
  end
15
19
  end
@@ -17,23 +17,25 @@ module ActivePermission
17
17
  end
18
18
  end
19
19
  end
20
- def can?(controllers, actions, *resource)
20
+ def can!(controllers, actions, *resource)
21
21
  @allowed_actions ||= {}
22
22
  Array(controllers).each do |controller|
23
23
  Array(actions).each do |action|
24
24
  allowed = @allowed_actions[[controller.to_s, action.to_s]]
25
25
  result = allowed && (allowed == true || resource && allowed.call(*resource))
26
- return result if result == true
26
+ if result == true
27
+ return result
28
+ else
29
+ raise AccessDenied.new(controller, action, resource)
30
+ end
27
31
  end
28
32
  end
29
33
  false
30
34
  end
31
- def can!(controllers, actions, *resource)
32
- if can?(controllers, actions, *resource)
33
- true
34
- else
35
- raise AccessDenied.new("Access denied by #{self.class.name} to #{resource.inspect}")
36
- end
35
+ def can?(controllers, actions, *resource)
36
+ can!(controllers, actions, *resource)
37
+ rescue
38
+ false
37
39
  end
38
40
  end
39
41
  end
@@ -1,3 +1,3 @@
1
1
  module ActivePermission
2
- VERSION = '0.2.0'
2
+ VERSION = '0.2.1'
3
3
  end
@@ -7,6 +7,9 @@ class Permissions < ActivePermission::Base
7
7
  can 'manage/root1', [:index, :show]
8
8
  can %w(manage/root2 manage/root3), :index
9
9
  can %w(manage/root4 manage/root5), [:index, :show]
10
+ can :users, :rate do |user, rate|
11
+ (user * 2) == (rate)
12
+ end
10
13
  end
11
14
  end
12
15
 
@@ -41,4 +44,16 @@ describe ActivePermission::Base do
41
44
  it 'default to deny' do
42
45
  expect(permissions.can?('manage/unknown', 'show')).to eql(false)
43
46
  end
47
+ it 'AccessDenied [ :controller, :action, :object ]' do
48
+ expect{permissions.can!('users', 'rate', 2,5)}.to raise_error(ActivePermission::AccessDenied)
49
+ begin
50
+ permissions.can!('users', 'rate', 2,5)
51
+ rescue => error
52
+ expect(error.class).to eql(ActivePermission::AccessDenied)
53
+ expect(error.controller).to eql('users')
54
+ expect(error.action).to eql('rate')
55
+ expect(error.resources).to eql([2,5])
56
+ expect(error.to_s).to eql('Access denied in users::rate on resources [2, 5]')
57
+ end
58
+ end
44
59
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_permission
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Evgeniy Shurmin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-02-09 00:00:00.000000000 Z
11
+ date: 2015-03-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
105
105
  version: '0'
106
106
  requirements: []
107
107
  rubyforge_project:
108
- rubygems_version: 2.2.2
108
+ rubygems_version: 2.4.5
109
109
  signing_key:
110
110
  specification_version: 4
111
111
  summary: This gem allow you load and authorize resource in Ruby on Rails inside controllers