arrthorizer 0.2.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.travis.yml +1 -1
- data/README.md +9 -0
- data/lib/arrthorizer/rails/controller_concern.rb +20 -14
- data/lib/arrthorizer/version.rb +1 -1
- data/spec/rails/controller_concern/authorize_spec.rb +16 -0
- metadata +4 -4
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -11,6 +11,15 @@ Arrthorizer is flexible and allows you to inject much of your own application lo
|
|
|
11
11
|
|
|
12
12
|
Arrthorizer is [designed for ease of use and configurability](https://github.com/BUS-OGD/arrthorizer/wiki/Desired-and-required-features). Its Rails version (currently the *only* version) comes bundled with some useful generators and most of the configuration is done using a DSL in your controllers, along with a plain old YAML file.
|
|
13
13
|
|
|
14
|
+
|
|
15
|
+
## Features
|
|
16
|
+
|
|
17
|
+
* Works with Rails 3.2, 4.0 and 4.1
|
|
18
|
+
* Leverages domain logic for authorization without introducing strong coupling
|
|
19
|
+
* Easy-to-use generators get you up-and-running in minutes, not hours
|
|
20
|
+
* Well-tested
|
|
21
|
+
* Generates tests for your roles for your test framework (MiniTest, RSpec and Test::Unit supported)
|
|
22
|
+
|
|
14
23
|
## Installation
|
|
15
24
|
|
|
16
25
|
Add this line to your application's Gemfile:
|
|
@@ -18,33 +18,39 @@ module Arrthorizer
|
|
|
18
18
|
# built and provided to all ContextRoles that are configured as having
|
|
19
19
|
# access to the given controller action.
|
|
20
20
|
def arrthorizer_context
|
|
21
|
-
arrthorizer_context_builder.build_for_action
|
|
21
|
+
@arrthorizer_context ||= arrthorizer_context_builder.build_for_action
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
def arrthorizer_defaults
|
|
25
|
-
arrthorizer_context_builder.build_default
|
|
25
|
+
@arrthorizer_defaults ||= arrthorizer_context_builder.build_default
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
28
|
+
def arrthorizer_check_role(role, context)
|
|
29
|
+
begin
|
|
30
|
+
role.applies_to_user?(arrthorizer_scope, context)
|
|
31
|
+
rescue StandardError
|
|
32
|
+
::Rails.logger.warn("Error occurred while evaluating #{role} for #{current_user}.")
|
|
33
|
+
return false
|
|
34
|
+
end
|
|
35
|
+
end
|
|
32
36
|
|
|
37
|
+
def arrthorizer_find_applicable_role(roles)
|
|
33
38
|
roles.any? do |role|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
rescue StandardError
|
|
37
|
-
::Rails.logger.warn("Error occurred while evaluating #{role} for #{current_user}.\nCurrent context: #{arrthorizer_context.inspect}")
|
|
38
|
-
|
|
39
|
-
false
|
|
40
|
-
end
|
|
41
|
-
end || forbidden
|
|
39
|
+
arrthorizer_check_role(role, arrthorizer_context)
|
|
40
|
+
end
|
|
42
41
|
end
|
|
43
42
|
|
|
44
43
|
def forbidden
|
|
45
44
|
render text: 'Access Denied', status: :forbidden
|
|
46
45
|
end
|
|
47
46
|
|
|
47
|
+
def authorize
|
|
48
|
+
action = Arrthorizer::Rails::ControllerAction.get_current(self)
|
|
49
|
+
roles = action.privilege.permitted_roles
|
|
50
|
+
|
|
51
|
+
arrthorizer_find_applicable_role(roles) || forbidden
|
|
52
|
+
end
|
|
53
|
+
|
|
48
54
|
def arrthorizer_context_builder
|
|
49
55
|
@context_builder ||= Arrthorizer::Rails::ControllerContextBuilder.new(self, arrthorizer_configuration)
|
|
50
56
|
end
|
data/lib/arrthorizer/version.rb
CHANGED
|
@@ -51,6 +51,22 @@ describe Arrthorizer::Rails::ControllerConcern do
|
|
|
51
51
|
permitted_roles.add(role)
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
context "but building the context results in an error" do
|
|
55
|
+
let(:error) { Class.new(StandardError).new }
|
|
56
|
+
|
|
57
|
+
before :each do
|
|
58
|
+
controller.stub(:arrthorizer_context).and_raise(error)
|
|
59
|
+
# for testing purposes. We're testing a filter here, so no request exists, causing #status= to fail
|
|
60
|
+
controller.stub(:forbidden)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
specify "that error not suppressed" do
|
|
64
|
+
expect {
|
|
65
|
+
controller.send(:authorize)
|
|
66
|
+
}.to raise_error(error)
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
|
|
54
70
|
context "and the role applies to the user" do
|
|
55
71
|
before do
|
|
56
72
|
role.stub(:applies_to_user?).with(current_user, context).and_return(true)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: arrthorizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-05-05 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rails
|
|
@@ -200,7 +200,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
200
200
|
version: '0'
|
|
201
201
|
segments:
|
|
202
202
|
- 0
|
|
203
|
-
hash:
|
|
203
|
+
hash: 2700681613748034197
|
|
204
204
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
205
205
|
none: false
|
|
206
206
|
requirements:
|
|
@@ -209,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
209
209
|
version: '0'
|
|
210
210
|
segments:
|
|
211
211
|
- 0
|
|
212
|
-
hash:
|
|
212
|
+
hash: 2700681613748034197
|
|
213
213
|
requirements: []
|
|
214
214
|
rubyforge_project:
|
|
215
215
|
rubygems_version: 1.8.24
|