ae_declarative_authorization 0.11.0.pre1 → 0.13.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ad3ef30f4d813634f2a7860abb0a4997327721a6e44a84e968ccadd947ed8eef
|
4
|
+
data.tar.gz: 16fb83330aa6bc86d81db1f2386b8e67be4a474a37779e43e520bd99d932b0cc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 89a71106a13ee9372778dd77068794e7c25d583ab3aedc51dc912d64e9fe8edc513fd7bd615b17b5c0735d3232ab8db8455f6e55bd4dc310608c994dbd9ca177
|
7
|
+
data.tar.gz: dd2e1a0b8d094b51d8374c6da470a7fde9ed837ca4e5e8f395e56515bfaa3ea9eb151223ca5de54658453013ee8dd304683a7dba64eab8d83b64bfacf80c6b6f
|
@@ -175,6 +175,9 @@ module Authorization
|
|
175
175
|
|
176
176
|
user, roles, privileges = user_roles_privleges_from_options(privilege, options)
|
177
177
|
|
178
|
+
callback = Rails.application.config.try(:ae_declarative_authorization_permit_callback)
|
179
|
+
callback.call(controller: options[:controller], privilege: privilege) if callback && options.include?(:controller)
|
180
|
+
|
178
181
|
return true if roles.is_a?(Hash) && !(roles.keys & omnipotent_roles).empty?
|
179
182
|
|
180
183
|
# find a authorization rule that matches for at least one of the roles and
|
@@ -29,7 +29,8 @@ module Authorization
|
|
29
29
|
:user => contr.send(:current_user),
|
30
30
|
:object => object,
|
31
31
|
:skip_attribute_test => !@attribute_check,
|
32
|
-
:context => @context || controller_class(contr).decl_auth_context
|
32
|
+
:context => @context || controller_class(contr).decl_auth_context,
|
33
|
+
:controller => contr)
|
33
34
|
end
|
34
35
|
|
35
36
|
def remove_actions(actions)
|
@@ -155,8 +155,14 @@ module DeclarativeAuthorization
|
|
155
155
|
alias :access_tests_not_required :this_is_an_abstract_controller_so_it_needs_no_access_tests
|
156
156
|
|
157
157
|
def all_public_actions
|
158
|
-
actions =
|
159
|
-
|
158
|
+
actions = []
|
159
|
+
if defined?(Grape) && [Grape::API, Grape::API::Instance].any? { |base| controller_class < base }
|
160
|
+
actions += controller_class.routes.map { |api| "#{api.request_method} #{api.origin}" }
|
161
|
+
else
|
162
|
+
actions += controller_class.public_instance_methods(false)
|
163
|
+
actions += controller_class.superclass.public_instance_methods(false)
|
164
|
+
end
|
165
|
+
|
160
166
|
actions.reject! do |method|
|
161
167
|
method =~ /^_/ ||
|
162
168
|
method =~ /^rescue_action/ ||
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ae_declarative_authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.13.0.rc1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- AppFolio
|
8
8
|
- Steffen Bartsch
|
9
|
-
autorequire:
|
9
|
+
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2020-
|
12
|
+
date: 2020-11-07 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: blockenspiel
|
@@ -88,7 +88,7 @@ homepage: http://github.com/appfolio/ae_declarative_authorization
|
|
88
88
|
licenses:
|
89
89
|
- MIT
|
90
90
|
metadata: {}
|
91
|
-
post_install_message:
|
91
|
+
post_install_message:
|
92
92
|
rdoc_options: []
|
93
93
|
require_paths:
|
94
94
|
- lib
|
@@ -103,8 +103,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
103
103
|
- !ruby/object:Gem::Version
|
104
104
|
version: 1.3.1
|
105
105
|
requirements: []
|
106
|
-
rubygems_version: 3.0.
|
107
|
-
signing_key:
|
106
|
+
rubygems_version: 3.0.3
|
107
|
+
signing_key:
|
108
108
|
specification_version: 4
|
109
109
|
summary: ae_declarative_authorization is a Rails gem for maintainable authorization
|
110
110
|
based on readable authorization rules.
|