ae_declarative_authorization 0.8.0 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/Gemfile.lock +2 -2
- data/README.md +24 -24
- data/README.rdoc +29 -29
- data/gemfiles/rails4252.gemfile.lock +29 -1
- data/gemfiles/rails4271.gemfile.lock +2 -2
- data/gemfiles/rails507.gemfile +1 -0
- data/gemfiles/rails507.gemfile.lock +30 -2
- data/gemfiles/rails516.gemfile +1 -0
- data/gemfiles/rails521.gemfile +1 -0
- data/gemfiles/rails521.gemfile.lock +2 -2
- data/lib/declarative_authorization.rb +10 -5
- data/lib/declarative_authorization/controller/dsl.rb +208 -0
- data/lib/declarative_authorization/controller/grape.rb +79 -0
- data/lib/declarative_authorization/controller/rails.rb +340 -0
- data/lib/declarative_authorization/controller/runtime.rb +149 -0
- data/lib/declarative_authorization/controller_permission.rb +82 -0
- data/lib/declarative_authorization/reader.rb +2 -1
- data/lib/declarative_authorization/version.rb +1 -1
- data/log/test.log +36953 -12956
- data/pkg/ae_declarative_authorization-0.9.0.gem +0 -0
- data/pkg/ae_declarative_authorization-0.9.0.tim1.gem +0 -0
- data/test/grape_api_test.rb +508 -0
- data/test/profiles/access_checking +20 -0
- data/test/{controller_test.rb → rails_controller_test.rb} +2 -2
- data/test/test_helper.rb +14 -71
- data/test/test_support/grape.rb +93 -0
- data/test/test_support/rails.rb +69 -0
- metadata +18 -9
- data/gemfiles/rails516.gemfile.lock +0 -136
- data/lib/declarative_authorization/in_controller.rb +0 -713
- data/pkg/ae_declarative_authorization-0.7.1.gem +0 -0
- data/pkg/ae_declarative_authorization-0.8.0.gem +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 472752db4ce46f5b1874c430aa3e0125e8020742
|
4
|
+
data.tar.gz: cbcce0652438604b6b86fd640461ac5750382428
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0f82c160fb05a04325589327eabbf04a81cee92a2a8609919aebd8f9d91394eb68aa5d8300f1fdd6fcc5a74f5ac1a581c8b023fb780e3ee0e3ad0774d0974d48
|
7
|
+
data.tar.gz: 458d39b82c4b55ca4c2d29b470cf82aea89d2040ef7a800fe58242eb5550038a8e9b7c66745ddd1ec36dbd19ca36dcb9790924e9e5d568125c8e026185e71df2
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
ae_declarative_authorization (0.
|
4
|
+
ae_declarative_authorization (0.9.0)
|
5
5
|
blockenspiel (~> 0.5.0)
|
6
6
|
rails (>= 4.2.5.2, < 6)
|
7
7
|
|
@@ -68,7 +68,7 @@ GEM
|
|
68
68
|
nokogiri (>= 1.5.9)
|
69
69
|
mail (2.7.0)
|
70
70
|
mini_mime (>= 0.1.1)
|
71
|
-
marcel (0.3.
|
71
|
+
marcel (0.3.3)
|
72
72
|
mimemagic (~> 0.3.2)
|
73
73
|
metaclass (0.0.4)
|
74
74
|
method_source (0.9.0)
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Declarative Authorization
|
2
2
|
|
3
|
-
The declarative authorization plugin offers an authorization mechanism inspired
|
3
|
+
The declarative authorization plugin offers an authorization mechanism inspired
|
4
4
|
by _RBAC_. The most notable distinction to other authorization plugins is the
|
5
5
|
declarative approach. That is, authorization rules are not defined
|
6
6
|
programmatically in between business logic but in an authorization configuration.
|
@@ -25,7 +25,7 @@ Plugin features
|
|
25
25
|
|
26
26
|
|
27
27
|
Requirements
|
28
|
-
* An authentication mechanism
|
28
|
+
* An authentication mechanism
|
29
29
|
* User object in Controller#current_user
|
30
30
|
* (For model security) Setting Authorization.current_user
|
31
31
|
* User objects need to respond to a method `:role_symbols` that returns an
|
@@ -85,7 +85,7 @@ authorization do
|
|
85
85
|
# add permissions for guests here, e.g.
|
86
86
|
# has_permission_on :conferences, :to => :read
|
87
87
|
end
|
88
|
-
|
88
|
+
|
89
89
|
# permissions on other roles, such as
|
90
90
|
# role :admin do
|
91
91
|
# has_permission_on :conferences, :to => :manage
|
@@ -157,12 +157,12 @@ Declarative Authorization will use `current_user` to check authorization.
|
|
157
157
|
'-----------' '---------' '-----------'
|
158
158
|
```
|
159
159
|
|
160
|
-
In the application domain, each *User* may be assigned to *Roles* that should
|
161
|
-
define the users' job in the application, such as _Administrator_. On the
|
162
|
-
right-hand side of this diagram, application developers specify which *Permissions*
|
160
|
+
In the application domain, each *User* may be assigned to *Roles* that should
|
161
|
+
define the users' job in the application, such as _Administrator_. On the
|
162
|
+
right-hand side of this diagram, application developers specify which *Permissions*
|
163
163
|
are necessary for users to perform activities, such as calling a controller action,
|
164
164
|
viewing parts of a View or acting on records in the database. Note that
|
165
|
-
Permissions consist of an *Privilege* that is to be performed, such as _read_,
|
165
|
+
Permissions consist of an *Privilege* that is to be performed, such as _read_,
|
166
166
|
and a *Context* in that the Operation takes place, such as _companies_.
|
167
167
|
|
168
168
|
In the authorization configuration, Permissions are assigned to Roles and Role
|
@@ -192,7 +192,7 @@ class EmployeesController < ApplicationController
|
|
192
192
|
end
|
193
193
|
```
|
194
194
|
|
195
|
-
See `Authorization::
|
195
|
+
See `Authorization::Controller::DSL` for options on
|
196
196
|
nested resources and custom member and collection actions.
|
197
197
|
|
198
198
|
By default, Declarative Authorization will enable `filter_resource_access` compatibility with `strong_parameters`.
|
@@ -237,7 +237,7 @@ end
|
|
237
237
|
```
|
238
238
|
|
239
239
|
For some actions it might be necessary to check certain attributes of the
|
240
|
-
object the action is to be acting on. Then, the object needs to be loaded
|
240
|
+
object the action is to be acting on. Then, the object needs to be loaded
|
241
241
|
before the action's access control is evaluated. On the other hand, some actions
|
242
242
|
might prefer the authorization to ignore specific attribute checks as the object is
|
243
243
|
unknown at checking time, so attribute checks and thus automatic loading of
|
@@ -275,9 +275,9 @@ end
|
|
275
275
|
|
276
276
|
If the access is denied, a `permission_denied` method is called on the
|
277
277
|
current_controller, if defined, and the issue is logged.
|
278
|
-
For further customization of the filters and object loading, have a look at
|
279
|
-
the complete API documentation of `filter_access_to` in
|
280
|
-
`Authorization::
|
278
|
+
For further customization of the filters and object loading, have a look at
|
279
|
+
the complete API documentation of `filter_access_to` in
|
280
|
+
`Authorization::Controller::DSL`.
|
281
281
|
|
282
282
|
|
283
283
|
## Views
|
@@ -337,8 +337,8 @@ end
|
|
337
337
|
Thus,
|
338
338
|
`Employee.create(...)`
|
339
339
|
fails, if the current user is not allowed to `:create` `:employees` according
|
340
|
-
to the authorization rules. For the application to find out about what
|
341
|
-
happened if an operation is denied, the filters throw
|
340
|
+
to the authorization rules. For the application to find out about what
|
341
|
+
happened if an operation is denied, the filters throw
|
342
342
|
`Authorization::NotAuthorized` exceptions.
|
343
343
|
|
344
344
|
As access control on read are costly, with possibly lots of objects being
|
@@ -366,8 +366,8 @@ the usual find method:
|
|
366
366
|
Employee.with_permissions_to(:read).find(:all, :conditions => ...)
|
367
367
|
```
|
368
368
|
|
369
|
-
If the current user is completely missing the permissions, an
|
370
|
-
`Authorization::NotAuthorized` exception is raised. Through
|
369
|
+
If the current user is completely missing the permissions, an
|
370
|
+
`Authorization::NotAuthorized` exception is raised. Through
|
371
371
|
`Model.obligation_conditions`, application developers may retrieve
|
372
372
|
the conditions for manual rewrites.
|
373
373
|
|
@@ -422,9 +422,9 @@ privileges do
|
|
422
422
|
privilege :manage, :employees, :includes => :increase_salary
|
423
423
|
end
|
424
424
|
```
|
425
|
-
For more complex use cases, authorizations need to be based on attributes. Note
|
425
|
+
For more complex use cases, authorizations need to be based on attributes. Note
|
426
426
|
that you then also need to set `:attribute_check => true` in controllers for `filter_access_to`.
|
427
|
-
E.g. if a branch admin should manage only employees of his branch (see
|
427
|
+
E.g. if a branch admin should manage only employees of his branch (see
|
428
428
|
`Authorization::Reader` in the API docs for a full list of available operators):
|
429
429
|
|
430
430
|
```ruby
|
@@ -510,7 +510,7 @@ class EmployeeTest < ActiveSupport::TestCase
|
|
510
510
|
end
|
511
511
|
end
|
512
512
|
```
|
513
|
-
|
513
|
+
|
514
514
|
Or, with RSpec, it would work like this:
|
515
515
|
|
516
516
|
```ruby
|
@@ -540,7 +540,7 @@ See `Authorization::TestHelper` for more information.
|
|
540
540
|
## Providing the Plugin's Requirements
|
541
541
|
The requirements are
|
542
542
|
* Rails >= 4.2.5.2 and Ruby >= 2.1.x
|
543
|
-
* An authentication mechanism
|
543
|
+
* An authentication mechanism
|
544
544
|
* A user object returned by Controller#current_user
|
545
545
|
* An array of role symbols returned by User#role_symbols
|
546
546
|
* (For model security) Setting Authorization.current_user to the request's user
|
@@ -553,7 +553,7 @@ restful_authentication.
|
|
553
553
|
cd ../.. && ruby script/generate authenticated user sessions
|
554
554
|
* Move "include AuthenticatedSystem" to ApplicationController
|
555
555
|
* Add +filter_access_to+ calls as described above.
|
556
|
-
* If you'd like to use model security, add a before_action that sets the user
|
556
|
+
* If you'd like to use model security, add a before_action that sets the user
|
557
557
|
globally to your ApplicationController. This is thread-safe.
|
558
558
|
before_action :set_current_user
|
559
559
|
protected
|
@@ -562,9 +562,9 @@ restful_authentication.
|
|
562
562
|
end
|
563
563
|
|
564
564
|
* Add roles field to the User model through a :+has_many+ association
|
565
|
-
(this is just one possible approach; you could just as easily use
|
565
|
+
(this is just one possible approach; you could just as easily use
|
566
566
|
:+has_many+ :+through+ or a serialized roles array):
|
567
|
-
* create a migration for table roles
|
567
|
+
* create a migration for table roles
|
568
568
|
|
569
569
|
class CreateRoles < ActiveRecord::Migration
|
570
570
|
def self.up
|
@@ -584,7 +584,7 @@ restful_authentication.
|
|
584
584
|
belongs_to :user
|
585
585
|
end
|
586
586
|
|
587
|
-
* add +has_many+ :+roles+ to the User model and a roles method that returns the roles
|
587
|
+
* add +has_many+ :+roles+ to the User model and a roles method that returns the roles
|
588
588
|
as an Array of Symbols, e.g.
|
589
589
|
class User < ActiveRecord::Base
|
590
590
|
has_many :roles
|
data/README.rdoc
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
= Declarative Authorization
|
2
2
|
|
3
|
-
The declarative authorization plugin offers an authorization mechanism inspired
|
3
|
+
The declarative authorization plugin offers an authorization mechanism inspired
|
4
4
|
by _RBAC_. The most notable distinction to other authorization plugins is the
|
5
5
|
declarative approach. That is, authorization rules are not defined
|
6
6
|
programmatically in between business logic but in an authorization configuration.
|
@@ -25,7 +25,7 @@ Plugin features
|
|
25
25
|
|
26
26
|
|
27
27
|
Requirements
|
28
|
-
* An authentication mechanism
|
28
|
+
* An authentication mechanism
|
29
29
|
* User object in Controller#current_user
|
30
30
|
* (For model security) Setting Authorization.current_user
|
31
31
|
* User objects need to respond to a method :role_symbols that returns an
|
@@ -83,7 +83,7 @@ at the end of this README if you do not use the above installer.
|
|
83
83
|
# add permissions for guests here, e.g.
|
84
84
|
# has_permission_on :conferences, :to => :read
|
85
85
|
end
|
86
|
-
|
86
|
+
|
87
87
|
# permissions on other roles, such as
|
88
88
|
# role :admin do
|
89
89
|
# has_permission_on :conferences, :to => :manage
|
@@ -147,12 +147,12 @@ Declarative Authorization will use +current_user+ to check authorization.
|
|
147
147
|
| Privilege | | Context | | Attribute |
|
148
148
|
'-----------' '---------' '-----------'
|
149
149
|
|
150
|
-
In the application domain, each *User* may be assigned to *Roles* that should
|
151
|
-
define the users' job in the application, such as _Administrator_. On the
|
152
|
-
right-hand side of this diagram, application developers specify which *Permissions*
|
150
|
+
In the application domain, each *User* may be assigned to *Roles* that should
|
151
|
+
define the users' job in the application, such as _Administrator_. On the
|
152
|
+
right-hand side of this diagram, application developers specify which *Permissions*
|
153
153
|
are necessary for users to perform activities, such as calling a controller action,
|
154
154
|
viewing parts of a View or acting on records in the database. Note that
|
155
|
-
Permissions consist of an *Privilege* that is to be performed, such as _read_,
|
155
|
+
Permissions consist of an *Privilege* that is to be performed, such as _read_,
|
156
156
|
and a *Context* in that the Operation takes place, such as _companies_.
|
157
157
|
|
158
158
|
In the authorization configuration, Permissions are assigned to Roles and Role
|
@@ -180,7 +180,7 @@ filter_access_to with the appropriate parameters to protect the CRUD methods.
|
|
180
180
|
...
|
181
181
|
end
|
182
182
|
|
183
|
-
See Authorization::
|
183
|
+
See Authorization::Controller::DSL for options on
|
184
184
|
nested resources and custom member and collection actions.
|
185
185
|
|
186
186
|
By default, declarative_authorization will enable filter_resource_access compatibility with strong_parameters in Rails 4. If you want to disable this behavior, you can use the +:strong_parameters+ option.
|
@@ -223,7 +223,7 @@ filter_access_to call may become more verbose:
|
|
223
223
|
end
|
224
224
|
|
225
225
|
For some actions it might be necessary to check certain attributes of the
|
226
|
-
object the action is to be acting on. Then, the object needs to be loaded
|
226
|
+
object the action is to be acting on. Then, the object needs to be loaded
|
227
227
|
before the action's access control is evaluated. On the other hand, some actions
|
228
228
|
might prefer the authorization to ignore specific attribute checks as the object is
|
229
229
|
unknown at checking time, so attribute checks and thus automatic loading of
|
@@ -257,9 +257,9 @@ sure, your before_actions occur before any of the filter_access_to calls.
|
|
257
257
|
|
258
258
|
If the access is denied, a +permission_denied+ method is called on the
|
259
259
|
current_controller, if defined, and the issue is logged.
|
260
|
-
For further customization of the filters and object loading, have a look at
|
261
|
-
the complete API documentation of filter_access_to in
|
262
|
-
Authorization::
|
260
|
+
For further customization of the filters and object loading, have a look at
|
261
|
+
the complete API documentation of filter_access_to in
|
262
|
+
Authorization::Controller::DSL.
|
263
263
|
|
264
264
|
|
265
265
|
== Views
|
@@ -310,8 +310,8 @@ model that model security should be enforced on, i.e.
|
|
310
310
|
Thus,
|
311
311
|
Employee.create(...)
|
312
312
|
fails, if the current user is not allowed to :create :employees according
|
313
|
-
to the authorization rules. For the application to find out about what
|
314
|
-
happened if an operation is denied, the filters throw
|
313
|
+
to the authorization rules. For the application to find out about what
|
314
|
+
happened if an operation is denied, the filters throw
|
315
315
|
Authorization::NotAuthorized exceptions.
|
316
316
|
|
317
317
|
As access control on read are costly, with possibly lots of objects being
|
@@ -333,8 +333,8 @@ the usual find method:
|
|
333
333
|
|
334
334
|
Employee.with_permissions_to(:read).find(:all, :conditions => ...)
|
335
335
|
|
336
|
-
If the current user is completely missing the permissions, an
|
337
|
-
Authorization::NotAuthorized exception is raised. Through
|
336
|
+
If the current user is completely missing the permissions, an
|
337
|
+
Authorization::NotAuthorized exception is raised. Through
|
338
338
|
Model.obligation_conditions, application developers may retrieve
|
339
339
|
the conditions for manual rewrites.
|
340
340
|
|
@@ -382,9 +382,9 @@ Privilege hierarchies may be context-specific, e.g. applicable to :employees.
|
|
382
382
|
privilege :manage, :employees, :includes => :increase_salary
|
383
383
|
end
|
384
384
|
|
385
|
-
For more complex use cases, authorizations need to be based on attributes. Note
|
385
|
+
For more complex use cases, authorizations need to be based on attributes. Note
|
386
386
|
that you then also need to set :attribute_check => true in controllers for filter_access_to.
|
387
|
-
E.g. if a branch admin should manage only employees of his branch (see
|
387
|
+
E.g. if a branch admin should manage only employees of his branch (see
|
388
388
|
Authorization::Reader in the API docs for a full list of available operators):
|
389
389
|
|
390
390
|
authorization do
|
@@ -458,7 +458,7 @@ setup and assume certain identities for tests:
|
|
458
458
|
end
|
459
459
|
end
|
460
460
|
end
|
461
|
-
|
461
|
+
|
462
462
|
Or, with RSpec, it would work like this:
|
463
463
|
|
464
464
|
describe Employee do
|
@@ -493,17 +493,17 @@ One of three options to install the plugin:
|
|
493
493
|
* Alternatively, in Rails 2, to install from github, execute in your application's root directory
|
494
494
|
cd vendor/plugins && git clone git://github.com/stffn/declarative_authorization.git
|
495
495
|
|
496
|
-
Then,
|
497
|
-
* provide the requirements as noted below,
|
498
|
-
* create a basic config/authorization_rules.rb--you might want to take the
|
499
|
-
provided example authorization_rules.dist.rb in the plugin root as a starting
|
500
|
-
point,
|
496
|
+
Then,
|
497
|
+
* provide the requirements as noted below,
|
498
|
+
* create a basic config/authorization_rules.rb--you might want to take the
|
499
|
+
provided example authorization_rules.dist.rb in the plugin root as a starting
|
500
|
+
point,
|
501
501
|
* add +filter_access_to+, +permitted_to+? and model security as needed.
|
502
502
|
|
503
503
|
== Providing the Plugin's Requirements
|
504
504
|
The requirements are
|
505
505
|
* Rails >= 4.2.5.2 and Ruby >= 2.3.3
|
506
|
-
* An authentication mechanism
|
506
|
+
* An authentication mechanism
|
507
507
|
* A user object returned by Controller#current_user
|
508
508
|
* An array of role symbols returned by User#role_symbols
|
509
509
|
* (For model security) Setting Authorization.current_user to the request's user
|
@@ -516,7 +516,7 @@ restful_authentication.
|
|
516
516
|
cd ../.. && ruby script/generate authenticated user sessions
|
517
517
|
* Move "include AuthenticatedSystem" to ApplicationController
|
518
518
|
* Add +filter_access_to+ calls as described above.
|
519
|
-
* If you'd like to use model security, add a before_action that sets the user
|
519
|
+
* If you'd like to use model security, add a before_action that sets the user
|
520
520
|
globally to your ApplicationController. This is thread-safe.
|
521
521
|
before_action :set_current_user
|
522
522
|
protected
|
@@ -525,9 +525,9 @@ restful_authentication.
|
|
525
525
|
end
|
526
526
|
|
527
527
|
* Add roles field to the User model through a :+has_many+ association
|
528
|
-
(this is just one possible approach; you could just as easily use
|
528
|
+
(this is just one possible approach; you could just as easily use
|
529
529
|
:+has_many+ :+through+ or a serialized roles array):
|
530
|
-
* create a migration for table roles
|
530
|
+
* create a migration for table roles
|
531
531
|
class CreateRoles < ActiveRecord::Migration
|
532
532
|
def self.up
|
533
533
|
create_table "roles" do |t|
|
@@ -546,7 +546,7 @@ restful_authentication.
|
|
546
546
|
belongs_to :user
|
547
547
|
end
|
548
548
|
|
549
|
-
* add +has_many+ :+roles+ to the User model and a roles method that returns the roles
|
549
|
+
* add +has_many+ :+roles+ to the User model and a roles method that returns the roles
|
550
550
|
as an Array of Symbols, e.g.
|
551
551
|
class User < ActiveRecord::Base
|
552
552
|
has_many :roles
|
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ..
|
3
3
|
specs:
|
4
|
-
ae_declarative_authorization (0.
|
4
|
+
ae_declarative_authorization (0.8.0)
|
5
5
|
blockenspiel (~> 0.5.0)
|
6
6
|
rails (>= 4.2.5.2, < 6)
|
7
7
|
|
@@ -48,15 +48,32 @@ GEM
|
|
48
48
|
rake
|
49
49
|
thor (>= 0.14.0)
|
50
50
|
arel (6.0.4)
|
51
|
+
axiom-types (0.1.1)
|
52
|
+
descendants_tracker (~> 0.0.4)
|
53
|
+
ice_nine (~> 0.11.0)
|
54
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
51
55
|
blockenspiel (0.5.0)
|
52
56
|
builder (3.2.3)
|
57
|
+
coercible (1.0.0)
|
58
|
+
descendants_tracker (~> 0.0.1)
|
53
59
|
concurrent-ruby (1.0.5)
|
54
60
|
crass (1.0.4)
|
61
|
+
descendants_tracker (0.0.4)
|
62
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
63
|
+
equalizer (0.0.11)
|
55
64
|
erubis (2.7.0)
|
56
65
|
globalid (0.4.1)
|
57
66
|
activesupport (>= 4.2.0)
|
67
|
+
grape (1.1.0)
|
68
|
+
activesupport
|
69
|
+
builder
|
70
|
+
mustermann-grape (~> 1.0.0)
|
71
|
+
rack (>= 1.3.0)
|
72
|
+
rack-accept
|
73
|
+
virtus (>= 1.0.0)
|
58
74
|
i18n (0.9.5)
|
59
75
|
concurrent-ruby (~> 1.0)
|
76
|
+
ice_nine (0.11.2)
|
60
77
|
json (1.8.6)
|
61
78
|
loofah (2.2.2)
|
62
79
|
crass (~> 1.0.2)
|
@@ -69,9 +86,14 @@ GEM
|
|
69
86
|
minitest (5.11.3)
|
70
87
|
mocha (1.7.0)
|
71
88
|
metaclass (~> 0.0.1)
|
89
|
+
mustermann (1.0.3)
|
90
|
+
mustermann-grape (1.0.0)
|
91
|
+
mustermann (~> 1.0.0)
|
72
92
|
nokogiri (1.8.4)
|
73
93
|
mini_portile2 (~> 2.3.0)
|
74
94
|
rack (1.6.10)
|
95
|
+
rack-accept (0.4.5)
|
96
|
+
rack (>= 0.4)
|
75
97
|
rack-test (0.6.3)
|
76
98
|
rack (>= 1.0)
|
77
99
|
rails (4.2.5.2)
|
@@ -111,6 +133,11 @@ GEM
|
|
111
133
|
thread_safe (0.3.6)
|
112
134
|
tzinfo (1.2.5)
|
113
135
|
thread_safe (~> 0.1)
|
136
|
+
virtus (1.0.5)
|
137
|
+
axiom-types (~> 0.1)
|
138
|
+
coercible (~> 1.0)
|
139
|
+
descendants_tracker (~> 0.0, >= 0.0.3)
|
140
|
+
equalizer (~> 0.0, >= 0.0.9)
|
114
141
|
|
115
142
|
PLATFORMS
|
116
143
|
ruby
|
@@ -118,6 +145,7 @@ PLATFORMS
|
|
118
145
|
DEPENDENCIES
|
119
146
|
ae_declarative_authorization!
|
120
147
|
appraisal (~> 2.1)
|
148
|
+
grape
|
121
149
|
mocha (~> 1.0)
|
122
150
|
rails (= 4.2.5.2)
|
123
151
|
sqlite3
|
data/gemfiles/rails507.gemfile
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ..
|
3
3
|
specs:
|
4
|
-
ae_declarative_authorization (0.
|
4
|
+
ae_declarative_authorization (0.8.0)
|
5
5
|
blockenspiel (~> 0.5.0)
|
6
6
|
rails (>= 4.2.5.2, < 6)
|
7
7
|
|
@@ -50,15 +50,32 @@ GEM
|
|
50
50
|
rake
|
51
51
|
thor (>= 0.14.0)
|
52
52
|
arel (7.1.4)
|
53
|
+
axiom-types (0.1.1)
|
54
|
+
descendants_tracker (~> 0.0.4)
|
55
|
+
ice_nine (~> 0.11.0)
|
56
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
53
57
|
blockenspiel (0.5.0)
|
54
58
|
builder (3.2.3)
|
59
|
+
coercible (1.0.0)
|
60
|
+
descendants_tracker (~> 0.0.1)
|
55
61
|
concurrent-ruby (1.0.5)
|
56
62
|
crass (1.0.4)
|
63
|
+
descendants_tracker (0.0.4)
|
64
|
+
thread_safe (~> 0.3, >= 0.3.1)
|
65
|
+
equalizer (0.0.11)
|
57
66
|
erubis (2.7.0)
|
58
67
|
globalid (0.4.1)
|
59
68
|
activesupport (>= 4.2.0)
|
69
|
+
grape (1.1.0)
|
70
|
+
activesupport
|
71
|
+
builder
|
72
|
+
mustermann-grape (~> 1.0.0)
|
73
|
+
rack (>= 1.3.0)
|
74
|
+
rack-accept
|
75
|
+
virtus (>= 1.0.0)
|
60
76
|
i18n (1.1.0)
|
61
77
|
concurrent-ruby (~> 1.0)
|
78
|
+
ice_nine (0.11.2)
|
62
79
|
loofah (2.2.2)
|
63
80
|
crass (~> 1.0.2)
|
64
81
|
nokogiri (>= 1.5.9)
|
@@ -68,13 +85,18 @@ GEM
|
|
68
85
|
method_source (0.9.0)
|
69
86
|
mini_mime (1.0.1)
|
70
87
|
mini_portile2 (2.3.0)
|
71
|
-
minitest (5.
|
88
|
+
minitest (5.11.3)
|
72
89
|
mocha (1.7.0)
|
73
90
|
metaclass (~> 0.0.1)
|
91
|
+
mustermann (1.0.3)
|
92
|
+
mustermann-grape (1.0.0)
|
93
|
+
mustermann (~> 1.0.0)
|
74
94
|
nio4r (2.3.1)
|
75
95
|
nokogiri (1.8.4)
|
76
96
|
mini_portile2 (~> 2.3.0)
|
77
97
|
rack (2.0.5)
|
98
|
+
rack-accept (0.4.5)
|
99
|
+
rack (>= 0.4)
|
78
100
|
rack-test (0.6.3)
|
79
101
|
rack (>= 1.0)
|
80
102
|
rails (5.0.7)
|
@@ -117,6 +139,11 @@ GEM
|
|
117
139
|
thread_safe (0.3.6)
|
118
140
|
tzinfo (1.2.5)
|
119
141
|
thread_safe (~> 0.1)
|
142
|
+
virtus (1.0.5)
|
143
|
+
axiom-types (~> 0.1)
|
144
|
+
coercible (~> 1.0)
|
145
|
+
descendants_tracker (~> 0.0, >= 0.0.3)
|
146
|
+
equalizer (~> 0.0, >= 0.0.9)
|
120
147
|
websocket-driver (0.6.5)
|
121
148
|
websocket-extensions (>= 0.1.0)
|
122
149
|
websocket-extensions (0.1.3)
|
@@ -127,6 +154,7 @@ PLATFORMS
|
|
127
154
|
DEPENDENCIES
|
128
155
|
ae_declarative_authorization!
|
129
156
|
appraisal (~> 2.1)
|
157
|
+
grape (~> 1.1)
|
130
158
|
mocha (~> 1.0)
|
131
159
|
rails (= 5.0.7)
|
132
160
|
rails-controller-testing
|