allowy 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +15 -2
- data/lib/allowy.rb +1 -0
- data/lib/allowy/matchers.rb +3 -3
- data/lib/allowy/registry.rb +13 -5
- data/lib/allowy/version.rb +1 -1
- data/spec/access_control_spec.rb +4 -0
- data/spec/registry_spec.rb +9 -0
- data/spec/spec_helper.rb +8 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e1c422bf392e430d0537f4f0e85fd44c8f9532da
|
|
4
|
+
data.tar.gz: 516feb6b05a44db332a06d30c221e3efdf06bb98
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e58da6aa81b41db56da237d79c59637e1ffa9df4fbed1cb7a50ed027cd3f0e17eef3bdda4e1173fac5381ac6c02e7bc91c1c2691c968e69e1ca386ee10116649
|
|
7
|
+
data.tar.gz: ebfe0f8b21bd6c6e57e5fcf5944b4372e7261195b5a4ffe04191cfe3d89b3e4a0089d9ee62aabbd0ca113c1f7b7bc26f6c86d58e07cead4565db332e8584fa49
|
data/README.md
CHANGED
|
@@ -109,7 +109,7 @@ end
|
|
|
109
109
|
The "access" class, by convention, will be determined by the class of the original object plus the "Access" suffix.
|
|
110
110
|
It may be a problem if you decorate the class using `draper` gem or using similar approach where the actual class name is different.
|
|
111
111
|
|
|
112
|
-
The version `0.3`
|
|
112
|
+
The version `0.3` has built-in support for the `draper` gem and it should "just work".
|
|
113
113
|
|
|
114
114
|
But additionally it provides a customisation option for you if you need that.
|
|
115
115
|
|
|
@@ -130,6 +130,19 @@ end
|
|
|
130
130
|
|
|
131
131
|
```
|
|
132
132
|
|
|
133
|
+
If you simply don't like the `Access` suffix, you can override it by passing the `access_suffix` option to the `Registry` class.
|
|
134
|
+
For example, in a typical Rails app you will need to override the `current_allowy` method on the `ApplicationController` like so:
|
|
135
|
+
|
|
136
|
+
```ruby
|
|
137
|
+
class ApplicationController < ActionController::Base
|
|
138
|
+
def current_allowy
|
|
139
|
+
@current_allowy ||= ::Allowy::Registry.new(allowy_context, access_suffix: 'Permission')
|
|
140
|
+
end
|
|
141
|
+
end
|
|
142
|
+
```
|
|
143
|
+
|
|
144
|
+
The above will allow using `UserPermission` class name instead of `UserAccess`.
|
|
145
|
+
|
|
133
146
|
# Early termination
|
|
134
147
|
|
|
135
148
|
If you have a pre-condition for any permission checks you can abort more complex logic by
|
|
@@ -330,4 +343,4 @@ bundle install
|
|
|
330
343
|
bundle exec rspec spec/
|
|
331
344
|
```
|
|
332
345
|
|
|
333
|
-
Pull requests are very welcome, but please include the specs.
|
|
346
|
+
Pull requests are very welcome, but please include the specs.
|
data/lib/allowy.rb
CHANGED
data/lib/allowy/matchers.rb
CHANGED
|
@@ -2,8 +2,8 @@ module Allowy
|
|
|
2
2
|
module Matchers
|
|
3
3
|
|
|
4
4
|
class AbleToMatcher
|
|
5
|
-
def initialize(action, subject=nil)
|
|
6
|
-
@action, @subject = action, subject
|
|
5
|
+
def initialize(action, subject=nil, *params)
|
|
6
|
+
@action, @subject, @params = action, subject, params
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
def say msg
|
|
@@ -11,7 +11,7 @@ module Allowy
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
def matches?(access_control)
|
|
14
|
-
access_control.can?(@action, @subject)
|
|
14
|
+
access_control.can?(@action, @subject, *@params)
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def description
|
data/lib/allowy/registry.rb
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
module Allowy
|
|
2
2
|
class Registry
|
|
3
|
-
def initialize(ctx)
|
|
3
|
+
def initialize(ctx, options={})
|
|
4
|
+
options.assert_valid_keys(:access_suffix)
|
|
4
5
|
@context = ctx
|
|
5
6
|
@registry = {}
|
|
7
|
+
@options = options
|
|
6
8
|
end
|
|
7
9
|
|
|
8
10
|
def access_control_for!(subject)
|
|
@@ -13,21 +15,27 @@ module Allowy
|
|
|
13
15
|
|
|
14
16
|
def access_control_for(subject)
|
|
15
17
|
# Try subject as decorated object
|
|
16
|
-
clazz = class_for
|
|
18
|
+
clazz = class_for subject.class.source_class.name if subject.class.respond_to?(:source_class)
|
|
17
19
|
|
|
18
20
|
# Try subject as an object
|
|
19
|
-
clazz = class_for
|
|
21
|
+
clazz = class_for subject.class.name unless clazz
|
|
20
22
|
|
|
21
23
|
# Try subject as a class
|
|
22
|
-
clazz = class_for
|
|
24
|
+
clazz = class_for subject.name if !clazz && subject.is_a?(Class)
|
|
23
25
|
|
|
24
26
|
return unless clazz # No luck this time
|
|
25
27
|
# create a new instance or return existing
|
|
26
28
|
@registry[clazz] ||= clazz.new(@context)
|
|
27
29
|
end
|
|
28
30
|
|
|
31
|
+
private
|
|
32
|
+
|
|
29
33
|
def class_for(name)
|
|
30
|
-
name.safe_constantize
|
|
34
|
+
"#{name}#{access_suffix}".safe_constantize
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def access_suffix
|
|
38
|
+
@options.fetch(:access_suffix) { 'Access' }
|
|
31
39
|
end
|
|
32
40
|
|
|
33
41
|
end
|
data/lib/allowy/version.rb
CHANGED
data/spec/access_control_spec.rb
CHANGED
|
@@ -19,6 +19,10 @@ module Allowy
|
|
|
19
19
|
it { should be_able_to :read, 'allow' }
|
|
20
20
|
it { should_not be_able_to :read, 'deny' }
|
|
21
21
|
|
|
22
|
+
it "should pass extra parameters" do
|
|
23
|
+
access.should be_able_to :extra_params, 'same', bar: 'same'
|
|
24
|
+
end
|
|
25
|
+
|
|
22
26
|
it "should deny with early termination" do
|
|
23
27
|
access.should_not be_able_to :early_deny, 'foo'
|
|
24
28
|
access.can?(:early_deny, 'xx').should == false
|
data/spec/registry_spec.rb
CHANGED
|
@@ -11,6 +11,15 @@ module Allowy
|
|
|
11
11
|
subject.access_control_for!(Sample.new).should be_a SampleAccess
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
+
it "should find AC by appending custom suffix to the subject" do
|
|
15
|
+
registry = Registry.new(context, access_suffix: 'Permission')
|
|
16
|
+
registry.access_control_for!(Sample.new).should be_a SamplePermission
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
it "raises on invalid option" do
|
|
20
|
+
expect { Registry.new(context, foo: 'incorrect option') }.to raise_error /unknown key/i
|
|
21
|
+
end
|
|
22
|
+
|
|
14
23
|
it "should find AC when the subject is a class" do
|
|
15
24
|
subject.access_control_for!(Sample).should be_a SampleAccess
|
|
16
25
|
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -21,11 +21,19 @@ class SampleAccess
|
|
|
21
21
|
deny! "early terminate: #{str}"
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
+
def extra_params?(foo, *opts)
|
|
25
|
+
foo == opts.last[:bar]
|
|
26
|
+
end
|
|
27
|
+
|
|
24
28
|
def context_is_123?(*whatever)
|
|
25
29
|
context === 123
|
|
26
30
|
end
|
|
27
31
|
end
|
|
28
32
|
|
|
33
|
+
class SamplePermission
|
|
34
|
+
include Allowy::AccessControl
|
|
35
|
+
end
|
|
36
|
+
|
|
29
37
|
class Sample
|
|
30
38
|
attr_accessor :name
|
|
31
39
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: allowy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dmytrii Nagirniak
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-01-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: i18n
|
|
@@ -158,7 +158,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
158
158
|
version: '0'
|
|
159
159
|
requirements: []
|
|
160
160
|
rubyforge_project: allowy
|
|
161
|
-
rubygems_version: 2.
|
|
161
|
+
rubygems_version: 2.4.3
|
|
162
162
|
signing_key:
|
|
163
163
|
specification_version: 4
|
|
164
164
|
summary: Authorization with simplicity and explicitness in mind
|