RubyGems - ae_declarative_authorization - Versions diffs - 2.3.0 → 2.3.1 - Mend

ae_declarative_authorization 2.3.0 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/declarative_authorization/controller/runtime.rb +48 -18
data/lib/declarative_authorization/helper.rb +6 -72
data/lib/declarative_authorization/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 544398ffcc10dc4f2d5ee81e02b598c3bff5a79d329f3c58400b15319c2b784e
-  data.tar.gz: 8602306d8e14deb9b8799677de3c1bd640523ddc6700a1a3380d803971b7fa86
+  metadata.gz: d48feceb3557edc83090bde5cc134402ccd1aa879482e126cc38c0bc32618773
+  data.tar.gz: db4fea2e76369d625965842d4b47c5f4a192023de3530e3abe5880e573e20c37
 SHA512:
-  metadata.gz: 8d9060dc0fe103609fb3eda69a0823982b857a0d9953723adb7bd10e817c12dd985e9f8ce396cdf146dcac74cda24df5f485ab9a71ad9e92138ebde0d065a9af
-  data.tar.gz: f5850595bf61b211ed0bf981c297bb1a823480b163de4d3a3cb90a25dbf48ec75cb3766c5c1f20a960d1876e61c679a9f2cf2b5a5c65567f5984bfca3c93e6fa
+  metadata.gz: f58364fc40bd34c86a41dd42179520e4be8fdd275915e20f1d96b7a101424048c348a2b6f86d6b2fe7cfb52d267a0504b06b6afcdd3980d98784d8d31f916858
+  data.tar.gz: 5856fbb3162520b104e21e4aaa0c582f9a86b3f6f5299b0c1831c3038b5c27231eb6dc7db25a541c3e5f6883b5cbc5386e7109dbf4e7afd124e189fecf79ca0a

data/lib/declarative_authorization/controller/runtime.rb CHANGED Viewed

@@ -14,6 +14,7 @@ module Authorization
       def self.failed_auto_loading_is_not_found?
         @@failed_auto_loading_is_not_found
       end
       def self.failed_auto_loading_is_not_found=(new_value)
         @@failed_auto_loading_is_not_found = new_value
       end
@@ -28,11 +29,27 @@ module Authorization
       # in the authorization rules are only evaluated if an object is given
       # for context.
       #
-      # See examples for Authorization::AuthorizationHelper #permitted_to?
-      #
       # If no object or context is specified, the controller_name is used as
       # context.
       #
+      # Examples:
+      #     <% permitted_to? :create, :users do %>
+      #     <%= link_to 'New', new_user_path %>
+      #     <% end %>
+      #     ...
+      #     <% if permitted_to? :create, :users %>
+      #     <%= link_to 'New', new_user_path %>
+      #     <% else %>
+      #     You are not allowed to create new users!
+      #     <% end %>
+      #     ...
+      #     <% for user in @users %>
+      #     <%= link_to 'Edit', edit_user_path(user) if permitted_to? :update, user %>
+      #     <% end %>
+      #
+      # To pass in an object and override the context, you can use the optional
+      # options:
+      #     permitted_to? :update, user, :context => :account
       def permitted_to?(privilege, object_or_sym = nil, options = {})
         if authorization_engine.permit!(privilege, options_for_permit(object_or_sym, options, false))
           yield if block_given?
@@ -48,16 +65,27 @@ module Authorization
         authorization_engine.permit!(privilege, options_for_permit(object_or_sym, options, true))
       end
-      # While permitted_to? is used for authorization, in some cases
+      # While permitted_to? is used for authorization in views, in some cases
       # content should only be shown to some users without being concerned
       # with authorization.  E.g. to only show the most relevant menu options
       # to a certain group of users.  That is what has_role? should be used for.
+      #
+      # Examples:
+      #     <% has_role?(:sales) do %>
+      #     <%= link_to 'All contacts', contacts_path %>
+      #     <% end %>
+      #     ...
+      #     <% if has_role?(:sales) %>
+      #     <%= link_to 'Customer contacts', contacts_path %>
+      #     <% else %>
+      #     ...
+      #     <% end %>
       def has_role?(*roles)
         user_roles = authorization_engine.roles_for(current_user)
         result = roles.all? do |role|
           user_roles.include?(role)
         end
-        yield if result and block_given?
+        yield if result && block_given?
         result
       end
@@ -68,7 +96,7 @@ module Authorization
         result = roles.any? do |role|
           user_roles.include?(role)
         end
-        yield if result and block_given?
+        yield if result && block_given?
         result
       end
@@ -78,7 +106,7 @@ module Authorization
         result = roles.all? do |role|
           user_roles.include?(role)
         end
-        yield if result and block_given?
+        yield if result && block_given?
         result
       end
@@ -88,7 +116,7 @@ module Authorization
         result = roles.any? do |role|
           user_roles.include?(role)
         end
-        yield if result and block_given?
+        yield if result && block_given?
         result
       end
@@ -96,16 +124,18 @@ module Authorization
         context = object = nil
         if object_or_sym.nil?
           context = decl_auth_context
-        elsif !Authorization.is_a_association_proxy?(object_or_sym) and object_or_sym.is_a?(Symbol)
+        elsif !Authorization.is_a_association_proxy?(object_or_sym) && object_or_sym.is_a?(Symbol)
           context = object_or_sym
         else
           object = object_or_sym
         end
-        result = {:object => object,
-          :context => context,
-          :skip_attribute_test => object.nil?,
-          :bang => bang}.merge(options)
+        result = {
+          object: object,
+          context: context,
+          skip_attribute_test: object.nil?,
+          bang: bang
+        }.merge(options)
         result[:user] = current_user unless result.key?(:user)
         result
       end
@@ -120,12 +150,12 @@ module Authorization
         begin
           allowed = if matching_permissions.any?
-            matching_permissions.all? { |p| p.permit!(self, action_name) }
-          elsif all_permissions.any?
-            all_permissions.all? { |p| p.permit!(self, action_name) }
-          else
-            !DEFAULT_DENY
-          end
+                      matching_permissions.all? { |p| p.permit!(self, action_name) }
+                    elsif all_permissions.any?
+                      all_permissions.all? { |p| p.permit!(self, action_name) }
+                    else
+                      !DEFAULT_DENY
+                    end
         rescue ::Authorization::NotAuthorized => e
           auth_exception = e
         end

data/lib/declarative_authorization/helper.rb CHANGED Viewed

@@ -1,78 +1,12 @@
 # Authorization::AuthorizationHelper
-require File.dirname(__FILE__) + '/authorization.rb'
+require "#{File.dirname(__FILE__)}/authorization.rb"
 module Authorization
+  # Include this module in your views
   module AuthorizationHelper
-    # If the current user meets the given privilege, permitted_to? returns true
-    # and yields to the optional block.  The attribute checks that are defined
-    # in the authorization rules are only evaluated if an object is given
-    # for context.
-    #
-    # Examples:
-    #     <% permitted_to? :create, :users do %>
-    #     <%= link_to 'New', new_user_path %>
-    #     <% end %>
-    #     ...
-    #     <% if permitted_to? :create, :users %>
-    #     <%= link_to 'New', new_user_path %>
-    #     <% else %>
-    #     You are not allowed to create new users!
-    #     <% end %>
-    #     ...
-    #     <% for user in @users %>
-    #     <%= link_to 'Edit', edit_user_path(user) if permitted_to? :update, user %>
-    #     <% end %>
-    #
-    # To pass in an object and override the context, you can use the optional
-    # options:
-    #     permitted_to? :update, user, :context => :account
-    #
-    def permitted_to?(privilege, object_or_sym = nil, options = {})
-      controller.permitted_to?(privilege, object_or_sym, options) do
-        yield if block_given?
-      end
-    end
-    # While permitted_to? is used for authorization in views, in some cases
-    # content should only be shown to some users without being concerned
-    # with authorization.  E.g. to only show the most relevant menu options
-    # to a certain group of users.  That is what has_role? should be used for.
-    #
-    # Examples:
-    #     <% has_role?(:sales) do %>
-    #     <%= link_to 'All contacts', contacts_path %>
-    #     <% end %>
-    #     ...
-    #     <% if has_role?(:sales) %>
-    #     <%= link_to 'Customer contacts', contacts_path %>
-    #     <% else %>
-    #     ...
-    #     <% end %>
-    #
-    def has_role?(*roles)
-      controller.has_role?(*roles) do
-        yield if block_given?
-      end
-    end
-    # As has_role? except checks all roles included in the role hierarchy
-    def has_role_with_hierarchy?(*roles)
-      controller.has_role_with_hierarchy?(*roles) do
-        yield if block_given?
-      end
-    end
-    def has_any_role?(*roles)
-      controller.has_any_role?(*roles) do
-        yield if block_given?
-      end
-    end
-    def has_any_role_with_hierarchy?(*roles)
-      controller.has_any_role_with_hierarchy?(*roles) do
-        yield if block_given?
-      end
-    end
+    delegate :has_role?, :has_role_with_hierarchy?,
+             :has_any_role?, :has_any_role_with_hierarchy?,
+             :permitted_to?,
+             to: :controller
   end
 end

data/lib/declarative_authorization/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeclarativeAuthorization
-  VERSION = '2.3.0'.freeze
+  VERSION = '2.3.1'.freeze
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.3.1
 platform: ruby
 authors:
 - AppFolio