active_permission 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4822a5239730d4ab16ad3ad140ad83a42d316386
-  data.tar.gz: 9e72ad4a57f7fcf80ed87a123ccebaf507db91b2
+  metadata.gz: a73ca4d8b69856637415f09baae78e1bff8a9569
+  data.tar.gz: c715703d8f0ee0a9cdd4b3615f33a472e5c04311
 SHA512:
-  metadata.gz: 3c23dd91e7b24ffcfcbf2581a9d02862a2cc05a766aaf4f31e9a6666059ea22c4197ed6b693633c8969030b619b81e1b0c75dba7145d02d5a0ca9ea03dd915b7
-  data.tar.gz: c55fe1ecaf350a2d76aa01d187a63de3645d03a068e03c9812fec4270de8ba61b75857c2eb63171f5c91df833bc199890aaa1ddd5020ade825a4bd204d50af7a
+  metadata.gz: 4427383c2e3032e18848b164acee93a4dc747a197e44ae9645657ae26930405199be127bc95d330f3a9e2a4fbbc8dae979bf11cea4bb30ab0a0f1fa21e3cf254
+  data.tar.gz: 108677d1708b6636109f7d53ff2c5750c271ee5f2306b0a20cd5f23dd38c9176f31af7037d9a80e743b9657e633411bdbe03eb179f60a11e1c26462c997a4e5e

data/README.md

@@ -9,7 +9,7 @@ This gem allow you load and authorize resource in Ruby on Rails inside controlle
 Add this line to your application's Gemfile:
 
 ```
-gem 'activepermission'
+gem 'active_permission'
 ```
 
 And then execute:
@@ -18,7 +18,7 @@ And then execute:
 
 Or install it yourself as:
 
-    $ gem install activepermission
+    $ gem install active_permission
 
 ## Usage
 
@@ -128,7 +128,15 @@ end
 
 ```
   rescue_from ActivePermission::AccessDenied do |error|
-    logger.warn "Controller: #{error.controller} Action: #{error.action} Object: #{error.object}"
+    logger.warn "Controller: #{error.controller} Action: #{error.action} Object: #{error.resources}"
+    flash[:warning] = t('Access denied')
+    redirect_to root_path
+  end
+```
+
+```
+  rescue_from ActivePermission::AccessDenied do |error|
+    logger.warn error.to_s
     flash[:warning] = t('Access denied')
     redirect_to root_path
   end
@@ -137,7 +145,7 @@ end
 
 ## Contributing
 
-1. Fork it ( https://github.com/[my-github-username]/activepermission/fork )
+1. Fork it ( https://github.com/jpascal/active_permission/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)

data/lib/active_permission.rb

@@ -4,12 +4,16 @@ require 'active_permission/base'
 
 module ActivePermission
   class AccessDenied < RuntimeError
-    attr_reader :controller, :action, :object
-    def initialize(controller = nil , action = nil , object = nil)
+    attr_reader :controller, :action, :resources
+    def initialize(controller = nil , action = nil , resources = nil)
       @controller = controller
       @action = action
-      @object = object
-      super("Access denied in #{@controller}::#{@action} - #{object.inspect}")
+      @resources = resources
+      message = "Access denied in #{@controller}::#{@action}"
+      if resources
+        message += ' on resources ' + resources.collect{|resource| resource.respond_to?(:id) ? "#{resource.class}(#{resource.id})}" : resource}.to_s
+      end
+      super(message)
     end
   end
 end

data/lib/active_permission/base.rb

@@ -17,23 +17,25 @@ module ActivePermission
         end
       end
     end
-    def can?(controllers, actions, *resource)
+    def can!(controllers, actions, *resource)
       @allowed_actions ||= {}
       Array(controllers).each do |controller|
         Array(actions).each do |action|
           allowed = @allowed_actions[[controller.to_s, action.to_s]]
           result = allowed && (allowed == true || resource && allowed.call(*resource))
-          return result if result == true
+          if result == true
+            return result  
+          else
+            raise AccessDenied.new(controller, action, resource)
+          end
         end
       end
       false
     end
-    def can!(controllers, actions, *resource)
-      if can?(controllers, actions, *resource)
-        true
-      else
-        raise AccessDenied.new("Access denied by #{self.class.name} to #{resource.inspect}")
-      end
+    def can?(controllers, actions, *resource)
+       can!(controllers, actions, *resource)
+    rescue
+      false
     end
   end
 end

data/lib/active_permission/version.rb

@@ -1,3 +1,3 @@
 module ActivePermission
-  VERSION = '0.2.0'
+  VERSION = '0.2.1'
 end

data/spec/permissions_spec.rb

@@ -7,6 +7,9 @@ class Permissions < ActivePermission::Base
     can 'manage/root1', [:index, :show]
     can %w(manage/root2 manage/root3), :index
     can %w(manage/root4 manage/root5), [:index, :show]
+    can :users, :rate do |user, rate|
+      (user * 2) == (rate)
+    end
   end
 end
 
@@ -41,4 +44,16 @@ describe ActivePermission::Base do
   it 'default to deny' do
     expect(permissions.can?('manage/unknown', 'show')).to eql(false)
   end
+  it 'AccessDenied [ :controller, :action, :object ]' do
+    expect{permissions.can!('users', 'rate', 2,5)}.to raise_error(ActivePermission::AccessDenied)
+    begin
+      permissions.can!('users', 'rate', 2,5)
+    rescue => error
+      expect(error.class).to eql(ActivePermission::AccessDenied)
+      expect(error.controller).to eql('users')
+      expect(error.action).to eql('rate')
+      expect(error.resources).to eql([2,5])
+      expect(error.to_s).to eql('Access denied in users::rate on resources [2, 5]')
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: active_permission
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Evgeniy Shurmin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-09 00:00:00.000000000 Z
+date: 2015-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: This gem allow you load and authorize resource in Ruby on Rails inside controllers