authoreyes 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/Gemfile +6 -0
- data/MIT-LICENSE +20 -0
- data/README.md +6 -6
- data/Rakefile +27 -3
- data/authoreyes.gemspec +8 -0
- data/authorization_rules.dist.rb +1 -1
- data/bin/test +9 -0
- data/lib/authoreyes.rb +12 -2
- data/lib/authoreyes/authorization.rb +18 -18
- data/lib/authoreyes/authorization/engine.rb +5 -0
- data/lib/authoreyes/helpers.rb +6 -0
- data/lib/authoreyes/helpers/in_controller.rb +95 -0
- data/lib/authoreyes/railtie.rb +51 -0
- data/lib/authoreyes/version.rb +1 -1
- data/lib/tasks/authoreyes_tasks.rake +4 -0
- metadata +65 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2043aee1461c027a8e709798ca08a034bef0730a
|
|
4
|
+
data.tar.gz: fc7c8229de1c9edbe95af17b27e12c617a149be7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 64f245dae1fd0a68e7044e653788d1e799d28116c746e63de7398e8b250a5f2e644845baa4969b45670ff5f793a75e5b3e243d7c221951f260b8d8cd0b926513
|
|
7
|
+
data.tar.gz: 8cee745304c642ca106f61d528ad563c067bcd1661d9fc0ae49c45727af8771e7699bb3551d3a56315917dc32683013d0eaae0cb2a015674c23244386a38846b
|
data/.gitignore
CHANGED
data/Gemfile
CHANGED
|
@@ -6,4 +6,10 @@ gem 'rails', '~> 5.0'
|
|
|
6
6
|
|
|
7
7
|
group :test do
|
|
8
8
|
gem "codeclimate-test-reporter", require: nil
|
|
9
|
+
gem 'minitest-spec-rails'
|
|
10
|
+
gem 'minitest-rails-capybara'
|
|
11
|
+
gem 'capybara_minitest_spec'
|
|
12
|
+
gem 'minitest-reporters'
|
|
13
|
+
gem 'factory_girl', '~> 4.0'
|
|
14
|
+
gem 'faker'
|
|
9
15
|
end
|
data/MIT-LICENSE
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
Copyright 2016 Xavier Bick
|
|
2
|
+
|
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
|
4
|
+
a copy of this software and associated documentation files (the
|
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
|
9
|
+
the following conditions:
|
|
10
|
+
|
|
11
|
+
The above copyright notice and this permission notice shall be
|
|
12
|
+
included in all copies or substantial portions of the Software.
|
|
13
|
+
|
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Authoreyes
|
|
2
2
|
|
|
3
|
-
[](https://badge.fury.io/rb/authoreyes) [](https://travis-ci.org/tektite-software/authoreyes) [](https://badge.fury.io/rb/authoreyes) [](https://travis-ci.org/tektite-software/authoreyes) [](https://gemnasium.com/github.com/tektite-software/authoreyes)
|
|
4
|
+
[](https://codeclimate.com/github/tektite-software/authoreyes) [](https://codeclimate.com/github/tektite-software/authoreyes/coverage) [](http://inch-ci.org/github/tektite-software/authoreyes)
|
|
4
5
|
|
|
5
6
|
#### Warning! This gem is an alpha!
|
|
6
7
|
|
|
@@ -29,11 +30,10 @@ For Rails authorization in Rails versions 4 and below, please use [Declarative A
|
|
|
29
30
|
__Warning! This gem is not finished!__ Although authorization functionality _does_ work, you will need to do a few things to actually use it in your application...
|
|
30
31
|
|
|
31
32
|
At this point, to use Authoreyes, you must do the following:
|
|
32
|
-
1. Add an `authorization_rules.rb` file.
|
|
33
|
-
2.
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
5. Use the Engine's `permit!` and `permit?` methods in your application.
|
|
33
|
+
1. Add an `authorization_rules.rb` file. See the included one for an example.
|
|
34
|
+
2. Define privileges for every single action you want to be accessed. As of now, Authoreyes has only one mode: authorize everything.
|
|
35
|
+
|
|
36
|
+
If you want to customize authorization behavior, in your ApplicationController override Authoreyes's `redirect_if_unauthorized` before_action and `set_unauthorized_status_code` after_action. See `lib/authoreyes/helpers/in_controller` for details.
|
|
37
37
|
|
|
38
38
|
## Contributing
|
|
39
39
|
|
data/Rakefile
CHANGED
|
@@ -1,10 +1,34 @@
|
|
|
1
|
+
begin
|
|
2
|
+
require 'bundler/setup'
|
|
3
|
+
rescue LoadError
|
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
|
5
|
+
end
|
|
6
|
+
|
|
7
|
+
require 'rdoc/task'
|
|
8
|
+
|
|
9
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
|
10
|
+
rdoc.rdoc_dir = 'rdoc'
|
|
11
|
+
rdoc.title = 'Authoreyes'
|
|
12
|
+
rdoc.options << '--line-numbers'
|
|
13
|
+
rdoc.rdoc_files.include('README.md')
|
|
14
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
|
|
21
|
+
|
|
1
22
|
require 'bundler/gem_tasks'
|
|
23
|
+
|
|
2
24
|
require 'rake/testtask'
|
|
3
25
|
|
|
4
26
|
Rake::TestTask.new(:test) do |t|
|
|
5
|
-
t.libs << 'test'
|
|
6
27
|
t.libs << 'lib'
|
|
7
|
-
t.
|
|
28
|
+
t.libs << 'test'
|
|
29
|
+
t.pattern = 'test/**/*_test.rb'
|
|
30
|
+
t.verbose = false
|
|
8
31
|
end
|
|
9
32
|
|
|
10
|
-
|
|
33
|
+
|
|
34
|
+
task default: :test
|
data/authoreyes.gemspec
CHANGED
|
@@ -23,7 +23,15 @@ Gem::Specification.new do |spec|
|
|
|
23
23
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
24
24
|
spec.require_paths = ['lib']
|
|
25
25
|
|
|
26
|
+
spec.required_ruby_version = '>= 2.3'
|
|
27
|
+
|
|
28
|
+
spec.add_dependency 'rails', '~> 5.0'
|
|
29
|
+
|
|
26
30
|
spec.add_development_dependency 'bundler', '~> 1.12'
|
|
27
31
|
spec.add_development_dependency 'rake', '~> 10.0'
|
|
28
32
|
spec.add_development_dependency 'minitest', '~> 5.0'
|
|
33
|
+
spec.add_development_dependency 'sqlite3'
|
|
34
|
+
spec.add_development_dependency 'devise'
|
|
35
|
+
spec.add_development_dependency 'byebug'
|
|
36
|
+
|
|
29
37
|
end
|
data/authorization_rules.dist.rb
CHANGED
data/bin/test
ADDED
data/lib/authoreyes.rb
CHANGED
|
@@ -1,7 +1,17 @@
|
|
|
1
|
+
require 'rails'
|
|
1
2
|
require 'authoreyes/version'
|
|
2
|
-
require 'authoreyes/authorization'
|
|
3
3
|
require 'authoreyes/parser'
|
|
4
|
+
require 'authoreyes/authorization'
|
|
5
|
+
require 'authoreyes/railtie'
|
|
4
6
|
|
|
5
7
|
module Authoreyes
|
|
6
|
-
|
|
8
|
+
class Railtie
|
|
9
|
+
# Require helpers after Rails initialization
|
|
10
|
+
config.after_initialize do
|
|
11
|
+
require 'authoreyes/helpers/in_controller'
|
|
12
|
+
|
|
13
|
+
# Include Controller helpers
|
|
14
|
+
ActionController::Base.include Authoreyes::Helpers::InController
|
|
15
|
+
end
|
|
16
|
+
end
|
|
7
17
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# Authorization
|
|
2
|
-
require 'rails'
|
|
3
2
|
require 'authoreyes/authorization/engine'
|
|
4
3
|
require 'authoreyes/authorization/authorization_rule_set'
|
|
5
4
|
require 'authoreyes/authorization/authorization_rule'
|
|
@@ -7,56 +6,57 @@ require 'authoreyes/authorization/attribute'
|
|
|
7
6
|
require 'authoreyes/authorization/attribute_with_permission'
|
|
8
7
|
require 'authoreyes/authorization/anonymous_user'
|
|
9
8
|
|
|
10
|
-
require
|
|
11
|
-
require
|
|
9
|
+
require 'set'
|
|
10
|
+
require 'forwardable'
|
|
12
11
|
|
|
13
12
|
module Authoreyes
|
|
14
13
|
module Authorization
|
|
15
14
|
# An exception raised if anything goes wrong in the Authorization realm
|
|
16
|
-
class AuthorizationError < StandardError
|
|
15
|
+
class AuthorizationError < StandardError; end
|
|
17
16
|
# NotAuthorized is raised if the current user is not allowed to perform
|
|
18
17
|
# the given operation possibly on a specific object.
|
|
19
|
-
class NotAuthorized < AuthorizationError
|
|
18
|
+
class NotAuthorized < AuthorizationError; end
|
|
20
19
|
# AttributeAuthorizationError is more specific than NotAuthorized, signaling
|
|
21
20
|
# that the access was denied on the grounds of attribute conditions.
|
|
22
|
-
class AttributeAuthorizationError < NotAuthorized
|
|
21
|
+
class AttributeAuthorizationError < NotAuthorized; end
|
|
23
22
|
# AuthorizationUsageError is used whenever a situation is encountered
|
|
24
23
|
# in which the application misused the plugin. That is, if, e.g.,
|
|
25
24
|
# authorization rules may not be evaluated.
|
|
26
|
-
class AuthorizationUsageError < AuthorizationError
|
|
25
|
+
class AuthorizationUsageError < AuthorizationError; end
|
|
27
26
|
# NilAttributeValueError is raised by Attribute#validate? when it hits a nil attribute value.
|
|
28
27
|
# The exception is raised to ensure that the entire rule is invalidated.
|
|
29
|
-
class NilAttributeValueError < AuthorizationError
|
|
28
|
+
class NilAttributeValueError < AuthorizationError; end
|
|
30
29
|
|
|
31
|
-
AUTH_DSL_FILES = [Pathname.new(Rails.root || '').join(
|
|
30
|
+
AUTH_DSL_FILES = [Pathname.new(Rails.root || '').join('config', 'authorization_rules.rb').to_s].freeze unless defined? AUTH_DSL_FILES
|
|
32
31
|
|
|
33
32
|
# Controller-independent method for retrieving the current user.
|
|
34
33
|
# Needed for model security where the current controller is not available.
|
|
35
34
|
def self.current_user
|
|
36
|
-
Thread
|
|
35
|
+
# TODO: get rid of Thread usage
|
|
36
|
+
Thread.current['current_user'] || AnonymousUser.new
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
# Controller-independent method for setting the current user.
|
|
40
40
|
def self.current_user=(user)
|
|
41
|
-
Thread.current[
|
|
41
|
+
Thread.current['current_user'] = user
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
# For use in test cases only
|
|
45
45
|
def self.ignore_access_control(state = nil) # :nodoc:
|
|
46
|
-
Thread.current[
|
|
47
|
-
Thread.current[
|
|
46
|
+
Thread.current['ignore_access_control'] = state unless state.nil?
|
|
47
|
+
Thread.current['ignore_access_control'] || false
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def self.activate_authorization_rules_browser? # :nodoc:
|
|
51
51
|
::Rails.env.development?
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
-
@@dot_path =
|
|
54
|
+
@@dot_path = 'dot'
|
|
55
55
|
def self.dot_path
|
|
56
56
|
@@dot_path
|
|
57
57
|
end
|
|
58
58
|
|
|
59
|
-
def self.dot_path=
|
|
59
|
+
def self.dot_path=(path)
|
|
60
60
|
@@dot_path = path
|
|
61
61
|
end
|
|
62
62
|
|
|
@@ -65,12 +65,12 @@ module Authoreyes
|
|
|
65
65
|
@@default_role
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
-
def self.default_role=
|
|
68
|
+
def self.default_role=(role)
|
|
69
69
|
@@default_role = role.to_sym
|
|
70
70
|
end
|
|
71
71
|
|
|
72
|
-
def self.is_a_association_proxy?
|
|
73
|
-
if Rails.version <
|
|
72
|
+
def self.is_a_association_proxy?(object)
|
|
73
|
+
if Rails.version < '3.2'
|
|
74
74
|
object.respond_to?(:proxy_reflection)
|
|
75
75
|
else
|
|
76
76
|
object.respond_to?(:proxy_association)
|
|
@@ -89,6 +89,11 @@ module Authoreyes
|
|
|
89
89
|
privilege.flatten.collect { |priv| priv.to_sym } :
|
|
90
90
|
privilege.to_sym
|
|
91
91
|
|
|
92
|
+
# Convert context to symbol as well
|
|
93
|
+
unless options[:context].nil?
|
|
94
|
+
options[:context] = options[:context].to_sym
|
|
95
|
+
end
|
|
96
|
+
|
|
92
97
|
#
|
|
93
98
|
# If the object responds to :proxy_reflection, we're probably working with
|
|
94
99
|
# an association proxy. Use 'new' to leverage ActiveRecord's builder
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
module Authoreyes
|
|
2
|
+
module Helpers
|
|
3
|
+
# This module handles authorization at the Controller level. It allows
|
|
4
|
+
# various actions within the controller to be configured to work with
|
|
5
|
+
# Authoreyes, only permitting access to that action if certain
|
|
6
|
+
# conditions are met, according to the defined Authorization Rules.
|
|
7
|
+
module InController
|
|
8
|
+
extend ActiveSupport::Concern
|
|
9
|
+
# ActiveSupport.on_load :action_controller do
|
|
10
|
+
# extend
|
|
11
|
+
# end
|
|
12
|
+
|
|
13
|
+
ApplicationController.send :before_action, :redirect_if_unauthorized
|
|
14
|
+
|
|
15
|
+
# TODO: Implement this!
|
|
16
|
+
def filter_resource_access(options = {})
|
|
17
|
+
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def redirect_if_unauthorized
|
|
21
|
+
unless permitted_to? action_name
|
|
22
|
+
session[:request_unauthorized] = true
|
|
23
|
+
redirect_back fallback_location: root_path,
|
|
24
|
+
status: :found,
|
|
25
|
+
alert: 'You are not allowed to do that.'
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def set_unauthorized_status_code
|
|
30
|
+
if session[:request_unauthorized] == true
|
|
31
|
+
session.delete :request_unauthorized
|
|
32
|
+
response.status = :forbidden
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# If the current user meets the given privilege, permitted_to? returns true
|
|
37
|
+
# and yields to the optional block. The attribute checks that are defined
|
|
38
|
+
# in the authorization rules are only evaluated if an object is given
|
|
39
|
+
# for context.
|
|
40
|
+
#
|
|
41
|
+
# See examples for Authorization::AuthorizationHelper #permitted_to?
|
|
42
|
+
#
|
|
43
|
+
# If no object or context is specified, the controller_name is used as
|
|
44
|
+
# context.
|
|
45
|
+
# TODO: Use permit? instead of permit!
|
|
46
|
+
# +privelege+ is the symbol name of the privele checked
|
|
47
|
+
# +object_or_symbol+ is the object the privelege is checked on
|
|
48
|
+
def permitted_to?(privelege, object_or_symbol = nil, options = {})
|
|
49
|
+
if Authoreyes::ENGINE.permit!(
|
|
50
|
+
privelege, options_for_permit(object_or_symbol, options, false)
|
|
51
|
+
)
|
|
52
|
+
yield if block_given?
|
|
53
|
+
true
|
|
54
|
+
else
|
|
55
|
+
false
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
# Works similar to the permitted_to? method, but
|
|
60
|
+
# throws the authorization exceptions, just like Engine#permit!
|
|
61
|
+
# +privelege+ is the symbol name of the privele checked
|
|
62
|
+
# +object_or_symbol+ is the object the privelege is checked on
|
|
63
|
+
def permitted_to!(privelege, object_or_symbol = nil, options = {})
|
|
64
|
+
Authoreyes::ENGINE.permit!(
|
|
65
|
+
privelege, options_for_permit(object_or_symbol, options, true)
|
|
66
|
+
)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
private
|
|
70
|
+
|
|
71
|
+
# Create hash of options to be used with ENGINE's permit methods
|
|
72
|
+
def options_for_permit(object_or_sym = nil, options = {}, bang = true)
|
|
73
|
+
context = object = nil
|
|
74
|
+
if object_or_sym.nil?
|
|
75
|
+
context = controller_name.to_sym
|
|
76
|
+
elsif !Authorization.is_a_association_proxy?(object_or_sym) and object_or_sym.is_a?(Symbol)
|
|
77
|
+
context = object_or_sym
|
|
78
|
+
else
|
|
79
|
+
object = object_or_sym
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
result = {:object => object,
|
|
83
|
+
:context => context,
|
|
84
|
+
:skip_attribute_test => object.nil?,
|
|
85
|
+
:bang => bang}.merge(options)
|
|
86
|
+
result[:user] = current_user unless result.key?(:user)
|
|
87
|
+
result
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
class_methods do
|
|
91
|
+
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
end
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
module Authoreyes
|
|
2
|
+
# Authoreyes sets up a Railtie to create its authorization engine
|
|
3
|
+
# as a constant during the rails initialization. Middleware is also
|
|
4
|
+
# configured here.
|
|
5
|
+
class Railtie < Rails::Railtie
|
|
6
|
+
# Error for bad configuration
|
|
7
|
+
class InvalidConfigurationOption < StandardError; end
|
|
8
|
+
|
|
9
|
+
# Allow users to configure Authoreyes in an initializer file
|
|
10
|
+
# +auth_rules_file+ is the path of the authorization rules file.
|
|
11
|
+
config.authoreyes = ActiveSupport::OrderedOptions.new
|
|
12
|
+
|
|
13
|
+
initializer 'authoreyes.setup', before: 'authoreyes.engine' do |app|
|
|
14
|
+
# Set default Authoreyes options
|
|
15
|
+
default_options = ActiveSupport::OrderedOptions.new
|
|
16
|
+
default_options.auth_rules_file =
|
|
17
|
+
File.path("#{Rails.root}/config/authorization_rules.rb")
|
|
18
|
+
default_options.mode = :whitelist
|
|
19
|
+
|
|
20
|
+
# Validates options
|
|
21
|
+
unless [nil, :whitelist, :blacklist].include? config.authoreyes.mode
|
|
22
|
+
raise InvalidConfigurationOption,
|
|
23
|
+
"Unrecognized mode. Valid options are :whitelist and :blacklist"
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# Merge user options with defaults
|
|
27
|
+
config.authoreyes = default_options.merge(config.authoreyes)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# Controller integration
|
|
31
|
+
initializer 'authoreyes.in_controller' do |app|
|
|
32
|
+
ActiveSupport.on_load :action_controller do
|
|
33
|
+
before_action :redirect_if_unauthorized
|
|
34
|
+
after_action :set_unauthorized_status_code
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
# Set up the Authoreyes ENGINE
|
|
39
|
+
initializer 'authoreyes.engine' do |app|
|
|
40
|
+
config.before_initialize do
|
|
41
|
+
# Set up parser and parse rules
|
|
42
|
+
parser = Authoreyes::Parser::DSLParser.new
|
|
43
|
+
parser.load! app.config.authoreyes.auth_rules_file
|
|
44
|
+
|
|
45
|
+
# Create new engine using parsed rules an make constant
|
|
46
|
+
engine = Authoreyes::Authorization::Engine.new reader: parser
|
|
47
|
+
Authoreyes::ENGINE = engine
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
data/lib/authoreyes/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authoreyes
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tektite Software
|
|
@@ -9,8 +9,22 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-07-
|
|
12
|
+
date: 2016-07-30 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
15
|
+
name: rails
|
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
|
17
|
+
requirements:
|
|
18
|
+
- - "~>"
|
|
19
|
+
- !ruby/object:Gem::Version
|
|
20
|
+
version: '5.0'
|
|
21
|
+
type: :runtime
|
|
22
|
+
prerelease: false
|
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
24
|
+
requirements:
|
|
25
|
+
- - "~>"
|
|
26
|
+
- !ruby/object:Gem::Version
|
|
27
|
+
version: '5.0'
|
|
14
28
|
- !ruby/object:Gem::Dependency
|
|
15
29
|
name: bundler
|
|
16
30
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -53,6 +67,48 @@ dependencies:
|
|
|
53
67
|
- - "~>"
|
|
54
68
|
- !ruby/object:Gem::Version
|
|
55
69
|
version: '5.0'
|
|
70
|
+
- !ruby/object:Gem::Dependency
|
|
71
|
+
name: sqlite3
|
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
|
73
|
+
requirements:
|
|
74
|
+
- - ">="
|
|
75
|
+
- !ruby/object:Gem::Version
|
|
76
|
+
version: '0'
|
|
77
|
+
type: :development
|
|
78
|
+
prerelease: false
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - ">="
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: '0'
|
|
84
|
+
- !ruby/object:Gem::Dependency
|
|
85
|
+
name: devise
|
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
|
87
|
+
requirements:
|
|
88
|
+
- - ">="
|
|
89
|
+
- !ruby/object:Gem::Version
|
|
90
|
+
version: '0'
|
|
91
|
+
type: :development
|
|
92
|
+
prerelease: false
|
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
94
|
+
requirements:
|
|
95
|
+
- - ">="
|
|
96
|
+
- !ruby/object:Gem::Version
|
|
97
|
+
version: '0'
|
|
98
|
+
- !ruby/object:Gem::Dependency
|
|
99
|
+
name: byebug
|
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
|
101
|
+
requirements:
|
|
102
|
+
- - ">="
|
|
103
|
+
- !ruby/object:Gem::Version
|
|
104
|
+
version: '0'
|
|
105
|
+
type: :development
|
|
106
|
+
prerelease: false
|
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
108
|
+
requirements:
|
|
109
|
+
- - ">="
|
|
110
|
+
- !ruby/object:Gem::Version
|
|
111
|
+
version: '0'
|
|
56
112
|
description: |-
|
|
57
113
|
A powerful, modern authorization plugin for Ruby on
|
|
58
114
|
Rails featuring a declarative DSL for centralized
|
|
@@ -68,12 +124,14 @@ files:
|
|
|
68
124
|
- ".travis.yml"
|
|
69
125
|
- Gemfile
|
|
70
126
|
- LICENSE.txt
|
|
127
|
+
- MIT-LICENSE
|
|
71
128
|
- README.md
|
|
72
129
|
- Rakefile
|
|
73
130
|
- authoreyes.gemspec
|
|
74
131
|
- authorization_rules.dist.rb
|
|
75
132
|
- bin/console
|
|
76
133
|
- bin/setup
|
|
134
|
+
- bin/test
|
|
77
135
|
- lib/authoreyes.rb
|
|
78
136
|
- lib/authoreyes/authorization.rb
|
|
79
137
|
- lib/authoreyes/authorization/anonymous_user.rb
|
|
@@ -82,11 +140,15 @@ files:
|
|
|
82
140
|
- lib/authoreyes/authorization/authorization_rule.rb
|
|
83
141
|
- lib/authoreyes/authorization/authorization_rule_set.rb
|
|
84
142
|
- lib/authoreyes/authorization/engine.rb
|
|
143
|
+
- lib/authoreyes/helpers.rb
|
|
144
|
+
- lib/authoreyes/helpers/in_controller.rb
|
|
85
145
|
- lib/authoreyes/parser.rb
|
|
86
146
|
- lib/authoreyes/parser/authorization_rules_parser.rb
|
|
87
147
|
- lib/authoreyes/parser/dsl_parser.rb
|
|
88
148
|
- lib/authoreyes/parser/priveleges_reader.rb
|
|
149
|
+
- lib/authoreyes/railtie.rb
|
|
89
150
|
- lib/authoreyes/version.rb
|
|
151
|
+
- lib/tasks/authoreyes_tasks.rake
|
|
90
152
|
homepage: https://www.github.com/tektite-software/authoreyes
|
|
91
153
|
licenses:
|
|
92
154
|
- MIT
|
|
@@ -99,7 +161,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
99
161
|
requirements:
|
|
100
162
|
- - ">="
|
|
101
163
|
- !ruby/object:Gem::Version
|
|
102
|
-
version: '
|
|
164
|
+
version: '2.3'
|
|
103
165
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
104
166
|
requirements:
|
|
105
167
|
- - ">="
|