authoreyes 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -0
- data/lib/authoreyes.rb +1 -1
- data/lib/authoreyes/helpers/in_controller.rb +25 -4
- data/lib/authoreyes/railtie.rb +6 -2
- data/lib/authoreyes/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6aa29842232cabee5e1657ec96b6b9a691073e7b
|
4
|
+
data.tar.gz: 9ed619116c26b67aa9f3c9dd3d1e4d7480e82b7c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e6191f4c46865ff31009ecdad20232240700e79a51be00f1ad73346b4f96415e404297ccae1a519cb5619a3f041d819294e43e85b41341ce93069bb154187a24
|
7
|
+
data.tar.gz: 3580773d5184bcd805586440c15b48082dd9795c778d252d26e58b0ccf5e7ba3e5e1022117403a00386c00b905579ec18ea400e1c3d46b5c4ff4321335048d06
|
data/CHANGELOG.md
ADDED
data/lib/authoreyes.rb
CHANGED
@@ -10,29 +10,50 @@ module Authoreyes
|
|
10
10
|
# extend
|
11
11
|
# end
|
12
12
|
|
13
|
-
ApplicationController.send :before_action, :redirect_if_unauthorized
|
13
|
+
# ApplicationController.send :before_action, :redirect_if_unauthorized
|
14
14
|
|
15
15
|
# TODO: Implement this!
|
16
16
|
def filter_resource_access(options = {})
|
17
17
|
|
18
18
|
end
|
19
19
|
|
20
|
-
|
21
|
-
|
20
|
+
ActionController::Base.send(:define_method, :redirect_if_unauthorized) do
|
21
|
+
begin
|
22
|
+
permitted_to! action_name
|
23
|
+
rescue Authoreyes::Authorization::NotAuthorized => e
|
22
24
|
session[:request_unauthorized] = true
|
25
|
+
puts e
|
23
26
|
redirect_back fallback_location: root_path,
|
24
27
|
status: :found,
|
25
28
|
alert: 'You are not allowed to do that.'
|
26
29
|
end
|
27
30
|
end
|
28
31
|
|
29
|
-
|
32
|
+
ActionController::Base.send(:define_method, :set_unauthorized_status_code) do
|
30
33
|
if session[:request_unauthorized] == true
|
31
34
|
session.delete :request_unauthorized
|
32
35
|
response.status = :forbidden
|
33
36
|
end
|
34
37
|
end
|
35
38
|
|
39
|
+
ActionController::API.send(:define_method, :render_unauthorized) do
|
40
|
+
begin
|
41
|
+
permitted_to! action_name
|
42
|
+
rescue Authoreyes::Authorization::NotAuthorized => e
|
43
|
+
puts e
|
44
|
+
response_object = ActiveModelSerializers::Model.new()
|
45
|
+
response_object.attributes.merge!({
|
46
|
+
action: action_name,
|
47
|
+
controller: controller_name
|
48
|
+
})
|
49
|
+
response_object.errors.add :action, e
|
50
|
+
# Assumes ActiveModel::Serializers is used.
|
51
|
+
# If not used, you will have to override `render_unauthorized`
|
52
|
+
# in your ApplicationController.
|
53
|
+
render json: response_object, status: :forbidden, adapter: :json_api, serializer: ActiveModel::Serializer::ErrorSerializer
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
36
57
|
# If the current user meets the given privilege, permitted_to? returns true
|
37
58
|
# and yields to the optional block. The attribute checks that are defined
|
38
59
|
# in the authorization rules are only evaluated if an object is given
|
data/lib/authoreyes/railtie.rb
CHANGED
@@ -30,8 +30,12 @@ module Authoreyes
|
|
30
30
|
# Controller integration
|
31
31
|
initializer 'authoreyes.in_controller' do |app|
|
32
32
|
ActiveSupport.on_load :action_controller do
|
33
|
-
|
34
|
-
|
33
|
+
if Rails.application.config.api_only
|
34
|
+
before_action :render_unauthorized
|
35
|
+
else
|
36
|
+
before_action :redirect_if_unauthorized
|
37
|
+
after_action :set_unauthorized_status_code
|
38
|
+
end
|
35
39
|
end
|
36
40
|
end
|
37
41
|
|
data/lib/authoreyes/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authoreyes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tektite Software
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: exe
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-
|
12
|
+
date: 2016-08-03 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -122,6 +122,7 @@ extra_rdoc_files: []
|
|
122
122
|
files:
|
123
123
|
- ".gitignore"
|
124
124
|
- ".travis.yml"
|
125
|
+
- CHANGELOG.md
|
125
126
|
- Gemfile
|
126
127
|
- LICENSE.txt
|
127
128
|
- MIT-LICENSE
|