ae_declarative_authorization 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7d3a61732493a7f1dfa8698fa016e257e119204c7bf878397b5caa62080c360b
|
|
4
|
+
data.tar.gz: 5d05fbeb9f859e393a42aa86108278037377225ddbe02160a5a6ad5ef4f199fa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 01ec7768b90fcdb701456f254519acce547a635cc6b49a0fad4080c41cc3d72901bf6443c44de132a5f10df63d7c7bf866189f8d1f6a3e79a4e11e51bfa92547
|
|
7
|
+
data.tar.gz: 7bf88799408d3883d41ecbb5e5616d1d12323e6f2e535c9d39ada2bea149ce349e6696750c57901d0059e930863e0f4b7a4caab2b7c770c683d1c7ac64f1fd91
|
|
@@ -21,6 +21,24 @@ module Authorization
|
|
|
21
21
|
# The exception is raised to ensure that the entire rule is invalidated.
|
|
22
22
|
class NilAttributeValueError < AuthorizationError; end
|
|
23
23
|
|
|
24
|
+
class Config
|
|
25
|
+
# A function that takes one argument:
|
|
26
|
+
# - event details (hash)
|
|
27
|
+
attr_accessor :authorization_denied_callback
|
|
28
|
+
|
|
29
|
+
def initialize
|
|
30
|
+
@authorization_denied_callback = nil
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def self.config
|
|
35
|
+
@config ||= Config.new
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def self.configure
|
|
39
|
+
yield config
|
|
40
|
+
end
|
|
41
|
+
|
|
24
42
|
AUTH_DSL_FILES = [Pathname.new(Rails.root || '').join("config", "authorization_rules.rb").to_s] unless defined? AUTH_DSL_FILES
|
|
25
43
|
|
|
26
44
|
# Controller-independent method for retrieving the current user.
|
|
@@ -192,6 +210,24 @@ module Authorization
|
|
|
192
210
|
end
|
|
193
211
|
|
|
194
212
|
if options[:bang]
|
|
213
|
+
# Call authorization_denied_callback if configured
|
|
214
|
+
if Authorization.config.authorization_denied_callback
|
|
215
|
+
action = if options[:controller]&.respond_to?(:action_name)
|
|
216
|
+
options[:controller].action_name
|
|
217
|
+
elsif options[:controller]&.respond_to?(:route) # Grape API
|
|
218
|
+
options[:controller].route&.request_method
|
|
219
|
+
end
|
|
220
|
+
|
|
221
|
+
Authorization.config.authorization_denied_callback&.call(
|
|
222
|
+
{
|
|
223
|
+
action: action,
|
|
224
|
+
path: options[:controller]&.respond_to?(:request) ? options[:controller].request&.path : nil,
|
|
225
|
+
context: options[:context].to_s,
|
|
226
|
+
attribute_check_denial: !rules.empty?
|
|
227
|
+
}
|
|
228
|
+
)
|
|
229
|
+
end
|
|
230
|
+
|
|
195
231
|
if rules.empty?
|
|
196
232
|
raise NotAuthorized, "No matching rules found for #{privilege} for User with id #{user.try(:id)} " +
|
|
197
233
|
"(roles #{roles.inspect}, privileges #{privileges.inspect}, " +
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ae_declarative_authorization
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- AppFolio
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: blockenspiel
|
|
@@ -98,7 +98,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
98
98
|
- !ruby/object:Gem::Version
|
|
99
99
|
version: '0'
|
|
100
100
|
requirements: []
|
|
101
|
-
rubygems_version: 3.
|
|
101
|
+
rubygems_version: 3.7.2
|
|
102
102
|
specification_version: 4
|
|
103
103
|
summary: Rails gem for maintainable authorization based on readable authorization
|
|
104
104
|
rules.
|