adeia 0.8.6 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/config/locales/en.yml +1 -0
- data/config/locales/fr.yml +1 -0
- data/lib/adeia/authorization.rb +6 -2
- data/lib/adeia/controller_methods.rb +6 -2
- data/lib/adeia/controller_resource.rb +15 -1
- data/lib/adeia/engine.rb +12 -0
- data/lib/adeia/exceptions.rb +8 -0
- data/lib/adeia/helpers/user_helper.rb +21 -0
- data/lib/adeia/version.rb +1 -1
- data/spec/{authorization_spec.rb → adeia/authorization_spec.rb} +0 -0
- data/spec/adeia/controller_methods_spec.rb +108 -0
- data/spec/{validations_spec.rb → adeia/validations_spec.rb} +0 -0
- data/spec/controllers/articles_controller_spec.rb +1 -35
- data/spec/test_app/log/test.log +3490 -0
- metadata +9 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 66ce37ecc369635104a9414c77d3211a8cf44f17
|
4
|
+
data.tar.gz: a6d3b36ce560d07f44ec15356a866728dbdb2d51
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 75842f069596bc4999e6e2f56c4390e48c01cccc72de2deb26e41f09dde799031c4e075c430ddb8ad681ef083e7a868e3151596c23c3232e513c5d5a48652d66
|
7
|
+
data.tar.gz: f11f62d18f0840aefe789984dbcd2e743b08c9c0a77a916a898e26d5db526b45a34b7a4b8bc221025f592e269ee0a26bb834c9ca012a7019137a968ec0429360
|
data/config/locales/en.yml
CHANGED
@@ -4,6 +4,7 @@ en:
|
|
4
4
|
login_required: "Please login before visiting this page !"
|
5
5
|
access_denied: "You don't have access to this page !"
|
6
6
|
missing_params: "params %{params} is missing !"
|
7
|
+
missing_user_model: "A model `User` is missing in the app !"
|
7
8
|
errors:
|
8
9
|
messages:
|
9
10
|
right_required: "Please check at least one right or add an action"
|
data/config/locales/fr.yml
CHANGED
@@ -4,6 +4,7 @@ fr:
|
|
4
4
|
login_required: "Veuillez vous connecter pour accéder à cette page !"
|
5
5
|
access_denied: "Vous n'êtes pas autorisé à accéder à cette page !"
|
6
6
|
missing_params: "Le paramètre %{params} est manquant !"
|
7
|
+
missing_user_model: "Aucun modèle `User` trouvé dans votre application !"
|
7
8
|
errors:
|
8
9
|
messages:
|
9
10
|
right_required: "Vous devez cocher au moins un droit ou ajouter une action"
|
data/lib/adeia/authorization.rb
CHANGED
@@ -21,10 +21,14 @@ module Adeia
|
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
-
def
|
24
|
+
def rights?
|
25
25
|
action_rights = @user.nil? ? {} : send("#{right_name}_rights")
|
26
26
|
merge_permissions(token_rights(right_name), action_rights)
|
27
|
-
@rights.any?
|
27
|
+
@rights.any?
|
28
|
+
end
|
29
|
+
|
30
|
+
def can?
|
31
|
+
rights? && authorize?
|
28
32
|
end
|
29
33
|
|
30
34
|
private
|
@@ -45,8 +45,12 @@ module Adeia
|
|
45
45
|
|
46
46
|
def can?(action, controller=nil, resource=nil)
|
47
47
|
args = { action: action, controller: controller, resource: resource }
|
48
|
-
|
49
|
-
|
48
|
+
ControllerResource.new(self, **args).can?
|
49
|
+
end
|
50
|
+
|
51
|
+
def rights?(action, controller=nil, resource=nil)
|
52
|
+
args = { action: action, controller: controller, resource: resource }
|
53
|
+
ControllerResource.new(self, **args).rights?
|
50
54
|
end
|
51
55
|
|
52
56
|
# Redirect the user to the stored url or the default one provided
|
@@ -73,7 +73,11 @@ module Adeia
|
|
73
73
|
end
|
74
74
|
|
75
75
|
def can?
|
76
|
-
|
76
|
+
instance_variable_get_or_set(:can?)
|
77
|
+
end
|
78
|
+
|
79
|
+
def rights?
|
80
|
+
instance_variable_get_or_set(:rights?)
|
77
81
|
end
|
78
82
|
|
79
83
|
private
|
@@ -90,6 +94,16 @@ module Adeia
|
|
90
94
|
resource_class.model_name.element
|
91
95
|
end
|
92
96
|
|
97
|
+
def var_name(method)
|
98
|
+
[method, @controller_name, @action_name, @resource.try(:model_name).try(:human), @resource.try(:id)].map do |s|
|
99
|
+
s.to_s.gsub("/", "_").delete("?") if s
|
100
|
+
end.compact.join("_").prepend("@")
|
101
|
+
end
|
102
|
+
|
103
|
+
def instance_variable_get_or_set(method)
|
104
|
+
@controller.instance_variable_get(var_name(method)) || @controller.instance_variable_set(var_name(method), authorization.send(method))
|
105
|
+
end
|
106
|
+
|
93
107
|
|
94
108
|
# Store the current url in a cookie
|
95
109
|
#
|
data/lib/adeia/engine.rb
CHANGED
@@ -1,5 +1,7 @@
|
|
1
1
|
require "adeia/controller_methods"
|
2
2
|
require "adeia/helpers/sessions_helper"
|
3
|
+
require "adeia/helpers/user_helper"
|
4
|
+
require "adeia/exceptions"
|
3
5
|
|
4
6
|
module Adeia
|
5
7
|
class Engine < ::Rails::Engine
|
@@ -14,6 +16,16 @@ module Adeia
|
|
14
16
|
g.factory_girl false
|
15
17
|
end
|
16
18
|
|
19
|
+
initializer 'Adeia.requirements' do |app|
|
20
|
+
unless Rails.env.test?
|
21
|
+
raise MissingUserModel unless defined? User
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
initializer 'Adeia.user_addictions' do |app|
|
26
|
+
User.send :include, Adeia::Helpers::UserHelper
|
27
|
+
end
|
28
|
+
|
17
29
|
initializer 'Adeia.controller_methods' do |app|
|
18
30
|
ActionController::Base.send :include, Adeia::ControllerMethods
|
19
31
|
end
|
data/lib/adeia/exceptions.rb
CHANGED
@@ -0,0 +1,21 @@
|
|
1
|
+
module Adeia
|
2
|
+
module Helpers
|
3
|
+
module UserHelper
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
module ClassMethods
|
7
|
+
|
8
|
+
def human_name
|
9
|
+
model_name.i18n_key
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
included do
|
14
|
+
extend ClassMethods
|
15
|
+
|
16
|
+
has_many :permissions, class_name: "Adeia::Permission"
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
data/lib/adeia/version.rb
CHANGED
File without changes
|
@@ -0,0 +1,108 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
module Adeia
|
4
|
+
describe "ControllerMethods", type: :controller do
|
5
|
+
|
6
|
+
describe "#require_login!" do
|
7
|
+
|
8
|
+
controller do
|
9
|
+
def index
|
10
|
+
require_login!
|
11
|
+
render nothing: true
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
it "requires to be logged in" do
|
16
|
+
expect { get :index }.to raise_error Adeia::LoginRequired
|
17
|
+
end
|
18
|
+
|
19
|
+
it "responds successfully when logged in" do
|
20
|
+
@user = create(:user)
|
21
|
+
sign_in @user
|
22
|
+
expect{ get :index }.not_to raise_error
|
23
|
+
end
|
24
|
+
|
25
|
+
end
|
26
|
+
|
27
|
+
describe "::require_login" do
|
28
|
+
|
29
|
+
controller do
|
30
|
+
require_login
|
31
|
+
|
32
|
+
def index
|
33
|
+
render nothing: true
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
it "requires to be logged in" do
|
38
|
+
expect { get :index }.to raise_error Adeia::LoginRequired
|
39
|
+
end
|
40
|
+
|
41
|
+
it "responds successfully when logged in" do
|
42
|
+
@user = create(:user)
|
43
|
+
sign_in @user
|
44
|
+
expect{ get :index }.not_to raise_error
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
describe "#can?" do
|
50
|
+
|
51
|
+
controller do
|
52
|
+
def index
|
53
|
+
@can = can? :read, "articles"
|
54
|
+
render nothing: true
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
it "returns false when the user is not authorized" do
|
59
|
+
get :index
|
60
|
+
expect(assigns(:can)).to be false
|
61
|
+
end
|
62
|
+
|
63
|
+
it "caches the result" do
|
64
|
+
get :index
|
65
|
+
expect(assigns(:can_articles_read)).to be false
|
66
|
+
end
|
67
|
+
|
68
|
+
it "returns true when the user is authorized" do
|
69
|
+
@user = create(:user)
|
70
|
+
sign_in @user
|
71
|
+
create(:permission, owner: @user, element_name: "articles", read_right: true)
|
72
|
+
get :index
|
73
|
+
expect(assigns(:can)).to be true
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
describe "#rights?" do
|
79
|
+
|
80
|
+
controller do
|
81
|
+
def index
|
82
|
+
@rights = rights? :read, "articles"
|
83
|
+
render nothing: true
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
it "returns false when the user is not authorized" do
|
88
|
+
get :index
|
89
|
+
expect(assigns(:rights)).to be false
|
90
|
+
end
|
91
|
+
|
92
|
+
it "caches the result" do
|
93
|
+
get :index
|
94
|
+
expect(assigns(:rights_articles_read)).to be false
|
95
|
+
end
|
96
|
+
|
97
|
+
it "returns true when the user has at least one right" do
|
98
|
+
@user = create(:user)
|
99
|
+
sign_in @user
|
100
|
+
create(:permission, owner: @user, element_name: "articles", type_name: "on_ownerships", read_right: true)
|
101
|
+
get :index
|
102
|
+
expect(assigns(:rights)).to be true
|
103
|
+
end
|
104
|
+
|
105
|
+
end
|
106
|
+
|
107
|
+
end
|
108
|
+
end
|
File without changes
|
@@ -3,7 +3,7 @@ require "rails_helper"
|
|
3
3
|
describe ArticlesController, :type => :controller do
|
4
4
|
context "with a logged in user" do
|
5
5
|
before(:each) do
|
6
|
-
@user =
|
6
|
+
@user = create(:user)
|
7
7
|
sign_in @user
|
8
8
|
end
|
9
9
|
|
@@ -119,39 +119,5 @@ describe ArticlesController, :type => :controller do
|
|
119
119
|
end
|
120
120
|
|
121
121
|
end
|
122
|
-
|
123
|
-
describe "POST #create" do
|
124
|
-
|
125
|
-
it "responds successfully" do
|
126
|
-
expect{ post :create, article: attributes_for(:article) }.not_to raise_error
|
127
|
-
end
|
128
|
-
|
129
|
-
end
|
130
|
-
|
131
|
-
describe "PATCH #update" do
|
132
|
-
|
133
|
-
it "responds successfully" do
|
134
|
-
article = create(:article)
|
135
|
-
expect{ patch :update, id: article.id, article: attributes_for(:article) }.not_to raise_error
|
136
|
-
end
|
137
|
-
|
138
|
-
end
|
139
|
-
end
|
140
|
-
|
141
|
-
describe "POST #create" do
|
142
|
-
|
143
|
-
it "required to be logged in" do
|
144
|
-
expect { post :create, article: attributes_for(:article) }.to raise_error Adeia::LoginRequired
|
145
|
-
end
|
146
|
-
|
147
|
-
end
|
148
|
-
|
149
|
-
describe "PATCH #update" do
|
150
|
-
|
151
|
-
it "required to be logged in" do
|
152
|
-
article = create(:article)
|
153
|
-
expect { patch :update, id: article.id, article: attributes_for(:article) }.to raise_error Adeia::LoginRequired
|
154
|
-
end
|
155
|
-
|
156
122
|
end
|
157
123
|
end
|