authoreyes 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -0
- data/lib/authoreyes.rb +1 -1
- data/lib/authoreyes/helpers/in_controller.rb +25 -4
- data/lib/authoreyes/railtie.rb +6 -2
- data/lib/authoreyes/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6aa29842232cabee5e1657ec96b6b9a691073e7b
|
4
|
+
data.tar.gz: 9ed619116c26b67aa9f3c9dd3d1e4d7480e82b7c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e6191f4c46865ff31009ecdad20232240700e79a51be00f1ad73346b4f96415e404297ccae1a519cb5619a3f041d819294e43e85b41341ce93069bb154187a24
|
7
|
+
data.tar.gz: 3580773d5184bcd805586440c15b48082dd9795c778d252d26e58b0ccf5e7ba3e5e1022117403a00386c00b905579ec18ea400e1c3d46b5c4ff4321335048d06
|
data/CHANGELOG.md
ADDED
data/lib/authoreyes.rb
CHANGED
@@ -10,29 +10,50 @@ module Authoreyes
|
|
10
10
|
# extend
|
11
11
|
# end
|
12
12
|
|
13
|
-
ApplicationController.send :before_action, :redirect_if_unauthorized
|
13
|
+
# ApplicationController.send :before_action, :redirect_if_unauthorized
|
14
14
|
|
15
15
|
# TODO: Implement this!
|
16
16
|
def filter_resource_access(options = {})
|
17
17
|
|
18
18
|
end
|
19
19
|
|
20
|
-
|
21
|
-
|
20
|
+
ActionController::Base.send(:define_method, :redirect_if_unauthorized) do
|
21
|
+
begin
|
22
|
+
permitted_to! action_name
|
23
|
+
rescue Authoreyes::Authorization::NotAuthorized => e
|
22
24
|
session[:request_unauthorized] = true
|
25
|
+
puts e
|
23
26
|
redirect_back fallback_location: root_path,
|
24
27
|
status: :found,
|
25
28
|
alert: 'You are not allowed to do that.'
|
26
29
|
end
|
27
30
|
end
|
28
31
|
|
29
|
-
|
32
|
+
ActionController::Base.send(:define_method, :set_unauthorized_status_code) do
|
30
33
|
if session[:request_unauthorized] == true
|
31
34
|
session.delete :request_unauthorized
|
32
35
|
response.status = :forbidden
|
33
36
|
end
|
34
37
|
end
|
35
38
|
|
39
|
+
ActionController::API.send(:define_method, :render_unauthorized) do
|
40
|
+
begin
|
41
|
+
permitted_to! action_name
|
42
|
+
rescue Authoreyes::Authorization::NotAuthorized => e
|
43
|
+
puts e
|
44
|
+
response_object = ActiveModelSerializers::Model.new()
|
45
|
+
response_object.attributes.merge!({
|
46
|
+
action: action_name,
|
47
|
+
controller: controller_name
|
48
|
+
})
|
49
|
+
response_object.errors.add :action, e
|
50
|
+
# Assumes ActiveModel::Serializers is used.
|
51
|
+
# If not used, you will have to override `render_unauthorized`
|
52
|
+
# in your ApplicationController.
|
53
|
+
render json: response_object, status: :forbidden, adapter: :json_api, serializer: ActiveModel::Serializer::ErrorSerializer
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
36
57
|
# If the current user meets the given privilege, permitted_to? returns true
|
37
58
|
# and yields to the optional block. The attribute checks that are defined
|
38
59
|
# in the authorization rules are only evaluated if an object is given
|
data/lib/authoreyes/railtie.rb
CHANGED
@@ -30,8 +30,12 @@ module Authoreyes
|
|
30
30
|
# Controller integration
|
31
31
|
initializer 'authoreyes.in_controller' do |app|
|
32
32
|
ActiveSupport.on_load :action_controller do
|
33
|
-
|
34
|
-
|
33
|
+
if Rails.application.config.api_only
|
34
|
+
before_action :render_unauthorized
|
35
|
+
else
|
36
|
+
before_action :redirect_if_unauthorized
|
37
|
+
after_action :set_unauthorized_status_code
|
38
|
+
end
|
35
39
|
end
|
36
40
|
end
|
37
41
|
|
data/lib/authoreyes/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authoreyes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tektite Software
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: exe
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-
|
12
|
+
date: 2016-08-03 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -122,6 +122,7 @@ extra_rdoc_files: []
|
|
122
122
|
files:
|
123
123
|
- ".gitignore"
|
124
124
|
- ".travis.yml"
|
125
|
+
- CHANGELOG.md
|
125
126
|
- Gemfile
|
126
127
|
- LICENSE.txt
|
127
128
|
- MIT-LICENSE
|