arrthorizer 0.2.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.travis.yml +1 -1
- data/README.md +9 -0
- data/lib/arrthorizer/rails/controller_concern.rb +20 -14
- data/lib/arrthorizer/version.rb +1 -1
- data/spec/rails/controller_concern/authorize_spec.rb +16 -0
- metadata +4 -4
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -11,6 +11,15 @@ Arrthorizer is flexible and allows you to inject much of your own application lo
|
|
|
11
11
|
|
|
12
12
|
Arrthorizer is [designed for ease of use and configurability](https://github.com/BUS-OGD/arrthorizer/wiki/Desired-and-required-features). Its Rails version (currently the *only* version) comes bundled with some useful generators and most of the configuration is done using a DSL in your controllers, along with a plain old YAML file.
|
|
13
13
|
|
|
14
|
+
|
|
15
|
+
## Features
|
|
16
|
+
|
|
17
|
+
* Works with Rails 3.2, 4.0 and 4.1
|
|
18
|
+
* Leverages domain logic for authorization without introducing strong coupling
|
|
19
|
+
* Easy-to-use generators get you up-and-running in minutes, not hours
|
|
20
|
+
* Well-tested
|
|
21
|
+
* Generates tests for your roles for your test framework (MiniTest, RSpec and Test::Unit supported)
|
|
22
|
+
|
|
14
23
|
## Installation
|
|
15
24
|
|
|
16
25
|
Add this line to your application's Gemfile:
|
|
@@ -18,33 +18,39 @@ module Arrthorizer
|
|
|
18
18
|
# built and provided to all ContextRoles that are configured as having
|
|
19
19
|
# access to the given controller action.
|
|
20
20
|
def arrthorizer_context
|
|
21
|
-
arrthorizer_context_builder.build_for_action
|
|
21
|
+
@arrthorizer_context ||= arrthorizer_context_builder.build_for_action
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
def arrthorizer_defaults
|
|
25
|
-
arrthorizer_context_builder.build_default
|
|
25
|
+
@arrthorizer_defaults ||= arrthorizer_context_builder.build_default
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
28
|
+
def arrthorizer_check_role(role, context)
|
|
29
|
+
begin
|
|
30
|
+
role.applies_to_user?(arrthorizer_scope, context)
|
|
31
|
+
rescue StandardError
|
|
32
|
+
::Rails.logger.warn("Error occurred while evaluating #{role} for #{current_user}.")
|
|
33
|
+
return false
|
|
34
|
+
end
|
|
35
|
+
end
|
|
32
36
|
|
|
37
|
+
def arrthorizer_find_applicable_role(roles)
|
|
33
38
|
roles.any? do |role|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
rescue StandardError
|
|
37
|
-
::Rails.logger.warn("Error occurred while evaluating #{role} for #{current_user}.\nCurrent context: #{arrthorizer_context.inspect}")
|
|
38
|
-
|
|
39
|
-
false
|
|
40
|
-
end
|
|
41
|
-
end || forbidden
|
|
39
|
+
arrthorizer_check_role(role, arrthorizer_context)
|
|
40
|
+
end
|
|
42
41
|
end
|
|
43
42
|
|
|
44
43
|
def forbidden
|
|
45
44
|
render text: 'Access Denied', status: :forbidden
|
|
46
45
|
end
|
|
47
46
|
|
|
47
|
+
def authorize
|
|
48
|
+
action = Arrthorizer::Rails::ControllerAction.get_current(self)
|
|
49
|
+
roles = action.privilege.permitted_roles
|
|
50
|
+
|
|
51
|
+
arrthorizer_find_applicable_role(roles) || forbidden
|
|
52
|
+
end
|
|
53
|
+
|
|
48
54
|
def arrthorizer_context_builder
|
|
49
55
|
@context_builder ||= Arrthorizer::Rails::ControllerContextBuilder.new(self, arrthorizer_configuration)
|
|
50
56
|
end
|
data/lib/arrthorizer/version.rb
CHANGED
|
@@ -51,6 +51,22 @@ describe Arrthorizer::Rails::ControllerConcern do
|
|
|
51
51
|
permitted_roles.add(role)
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
context "but building the context results in an error" do
|
|
55
|
+
let(:error) { Class.new(StandardError).new }
|
|
56
|
+
|
|
57
|
+
before :each do
|
|
58
|
+
controller.stub(:arrthorizer_context).and_raise(error)
|
|
59
|
+
# for testing purposes. We're testing a filter here, so no request exists, causing #status= to fail
|
|
60
|
+
controller.stub(:forbidden)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
specify "that error not suppressed" do
|
|
64
|
+
expect {
|
|
65
|
+
controller.send(:authorize)
|
|
66
|
+
}.to raise_error(error)
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
|
|
54
70
|
context "and the role applies to the user" do
|
|
55
71
|
before do
|
|
56
72
|
role.stub(:applies_to_user?).with(current_user, context).and_return(true)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: arrthorizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-05-05 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rails
|
|
@@ -200,7 +200,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
200
200
|
version: '0'
|
|
201
201
|
segments:
|
|
202
202
|
- 0
|
|
203
|
-
hash:
|
|
203
|
+
hash: 2700681613748034197
|
|
204
204
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
205
205
|
none: false
|
|
206
206
|
requirements:
|
|
@@ -209,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
209
209
|
version: '0'
|
|
210
210
|
segments:
|
|
211
211
|
- 0
|
|
212
|
-
hash:
|
|
212
|
+
hash: 2700681613748034197
|
|
213
213
|
requirements: []
|
|
214
214
|
rubyforge_project:
|
|
215
215
|
rubygems_version: 1.8.24
|