authority 3.1.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +2 -15
- data/CHANGELOG.markdown +5 -0
- data/CODE_OF_CONDUCT.md +9 -0
- data/README.markdown +2 -2
- data/authority.gemspec +1 -1
- data/gemfiles/{3.2.gemfile → 5.0.gemfile} +2 -2
- data/lib/authority/abilities.rb +4 -2
- data/lib/authority/authorizer.rb +0 -2
- data/lib/authority/controller.rb +5 -1
- data/lib/authority/version.rb +1 -1
- data/spec/authority/controller_spec.rb +12 -0
- metadata +6 -8
- data/gemfiles/4.0.gemfile +0 -6
- data/gemfiles/4.1.gemfile +0 -6
- data/gemfiles/4.2.gemfile +0 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bd85fafb11f04643dc126e4bec4f2e13c6dad4d5
|
|
4
|
+
data.tar.gz: f02268b8bc74aef6221fe857ecfe73c75f71cd66
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2538f4aa799c2d0152f638c3687df5c4d4177a29910b96d1063cb68ebac341fc9fb466c8280b86a747cf1925137d23f14438cd6634fb874f5d4eeaffb4e178dd
|
|
7
|
+
data.tar.gz: 6970dfab4e035115d122c97b83d13cacbb7a87e464bd399aa24dfbfd5eb82ea6feadf6d66c02b2a44fac3a07924dfe1ca42b452eac5ac9490ea2d2eed6b77887
|
data/.travis.yml
CHANGED
|
@@ -1,19 +1,6 @@
|
|
|
1
1
|
language: ruby
|
|
2
2
|
rvm:
|
|
3
|
-
-
|
|
4
|
-
- 2.0
|
|
5
|
-
- 2.1
|
|
6
|
-
- 2.2
|
|
7
|
-
- jruby-19mode # JRuby in 1.9 mode
|
|
8
|
-
- rbx-2
|
|
3
|
+
- 2.3.1
|
|
9
4
|
|
|
10
5
|
gemfile:
|
|
11
|
-
- gemfiles/
|
|
12
|
-
- gemfiles/4.0.gemfile
|
|
13
|
-
- gemfiles/4.1.gemfile
|
|
14
|
-
- gemfiles/4.2.gemfile
|
|
15
|
-
|
|
16
|
-
matrix:
|
|
17
|
-
exclude:
|
|
18
|
-
- rvm: rbx
|
|
19
|
-
gemfile: gemfiles/4.0.gemfile
|
|
6
|
+
- gemfiles/5.0.gemfile
|
data/CHANGELOG.markdown
CHANGED
|
@@ -6,6 +6,11 @@ Authority does its best to use [semantic versioning](http://semver.org).
|
|
|
6
6
|
|
|
7
7
|
Nothing
|
|
8
8
|
|
|
9
|
+
## 3.2.0
|
|
10
|
+
|
|
11
|
+
- [Fix Rails 5 deprecation warning](https://github.com/nathanl/authority/pull/110), thanks to [Douglas Teoh](https://github.com/dteoh)
|
|
12
|
+
- CI now only testing latest MRI (2.3.1) and latest Rails (5.0.0). Nothing has been changed to deliberately drop support for older versions; I just don't have time to figure out [the various issues with installing gems and running tests for other versions](https://travis-ci.org/nathanl/authority/builds/142925459). If someone wants to add back some versions [I dropped](https://github.com/nathanl/authority/commit/a91971bc4b30ddbfdc455805fa2566b537f28b6f), PRs are welcome.
|
|
13
|
+
|
|
9
14
|
## 3.1.0
|
|
10
15
|
|
|
11
16
|
- Allow changing the logger by updating the configuration (see commit 0214d24), based on [a question](https://github.com/nathanl/authority/issues/101) from [Nate Bird](https://github.com/natebird)
|
data/CODE_OF_CONDUCT.md
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# Contributor Code of Conduct
|
|
2
|
+
|
|
3
|
+
Authority is a community effort. Everyone should feel welcome to contribute to it, ask questions, or make suggestions.
|
|
4
|
+
|
|
5
|
+
All contributors and maintainers must behave in a respectful and kind manner when working on this project. Harassment, sexual language or images, insults, and otherwise offensive behavior will not be tolerated.
|
|
6
|
+
|
|
7
|
+
Any contributions that violate this standard may be edited or deleted, and the offending contributor may have their right to participate revoked.
|
|
8
|
+
|
|
9
|
+
If you see behavior that violates this standard, please either open an issue or email one of the project maintainers.
|
data/README.markdown
CHANGED
|
@@ -405,7 +405,7 @@ class LlamasController < ApplicationController
|
|
|
405
405
|
end
|
|
406
406
|
```
|
|
407
407
|
|
|
408
|
-
If you want to authorize all actions the same way, use the special `all_actions` hash key. For instance, if you have nested resources, you might say "you're allowed to do anything you like with an employee if you're allowed to update their
|
|
408
|
+
If you want to authorize all actions the same way, use the special `all_actions` hash key. For instance, if you have nested resources, you might say "you're allowed to do anything you like with an employee if you're allowed to update their employer".
|
|
409
409
|
|
|
410
410
|
```ruby
|
|
411
411
|
class EmployeesController < ApplicationController
|
|
@@ -493,7 +493,7 @@ Your method will be handed the `SecurityViolation`, which has a `message` method
|
|
|
493
493
|
|
|
494
494
|
- [adamhunter](https://github.com/adamhunter) for pairing with me on this gem. The only thing faster than his typing is his brain.
|
|
495
495
|
- [kevmoo](https://github.com/kevmoo), [MP211](https://github.com/MP211), and [scottmartin](https://github.com/scottmartin) for pitching in.
|
|
496
|
-
- [nkallen](https://github.com/nkallen) for writing [a lovely blog post on access control](http://
|
|
496
|
+
- [nkallen](https://github.com/nkallen) for writing [a lovely blog post on access control](http://blog.pivotal.io/labs/labs/access-control-permissions-in-rails-access-control-permissions-in-rails) when he worked at Pivotal Labs. I cried sweet tears of joy when I read that a couple of years ago. I was like, "Zee access code, she is so BEEUTY-FUL!"
|
|
497
497
|
- [jnunemaker](https://github.com/jnunemaker) for later creating [Canable](http://github.com/jnunemaker/canable), another inspiration for Authority.
|
|
498
498
|
- [TMA](http://www.tma1.com) for employing me and letting me open source some of our code.
|
|
499
499
|
|
data/authority.gemspec
CHANGED
|
@@ -10,8 +10,8 @@ Gem::Specification.new do |gem|
|
|
|
10
10
|
gem.homepage = "https://github.com/nathanl/authority"
|
|
11
11
|
|
|
12
12
|
gem.add_dependency "activesupport", ">= 3.0.0"
|
|
13
|
-
gem.add_dependency "rake", ">= 0.8.7"
|
|
14
13
|
|
|
14
|
+
gem.add_development_dependency "rake", ">= 0.8.7"
|
|
15
15
|
gem.add_development_dependency "rspec", "~> 3.3.0"
|
|
16
16
|
|
|
17
17
|
gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
data/lib/authority/abilities.rb
CHANGED
|
@@ -18,7 +18,7 @@ module Authority
|
|
|
18
18
|
# - If there is none, use 'ApplicationAuthorizer'
|
|
19
19
|
self.authorizer_name = begin
|
|
20
20
|
"#{base.name}Authorizer".constantize.name
|
|
21
|
-
rescue NameError
|
|
21
|
+
rescue NameError
|
|
22
22
|
"ApplicationAuthorizer"
|
|
23
23
|
end
|
|
24
24
|
end
|
|
@@ -58,4 +58,6 @@ module Authority
|
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
end
|
|
61
|
-
|
|
61
|
+
|
|
62
|
+
NoAuthorizerError = Class.new(RuntimeError)
|
|
63
|
+
end
|
data/lib/authority/authorizer.rb
CHANGED
data/lib/authority/controller.rb
CHANGED
|
@@ -45,7 +45,11 @@ module Authority
|
|
|
45
45
|
self.authority_resource = resource_or_finder
|
|
46
46
|
add_actions(options.fetch(:actions, {}))
|
|
47
47
|
force_action(options[:all_actions]) if options[:all_actions]
|
|
48
|
-
|
|
48
|
+
if respond_to? :before_action
|
|
49
|
+
before_action :run_authorization_check, options
|
|
50
|
+
else
|
|
51
|
+
before_filter :run_authorization_check, options
|
|
52
|
+
end
|
|
49
53
|
end
|
|
50
54
|
|
|
51
55
|
# Allows defining and overriding a controller's map of its actions to the model's authorizer methods
|
data/lib/authority/version.rb
CHANGED
|
@@ -89,6 +89,12 @@ describe Authority::Controller do
|
|
|
89
89
|
|
|
90
90
|
let(:child_controller) { Class.new(controller_class) }
|
|
91
91
|
|
|
92
|
+
let(:rails5_controller) do
|
|
93
|
+
Class.new(controller_class) do
|
|
94
|
+
def self.before_action(*args) ; end
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
|
|
92
98
|
it "allows specifying the class of the model to protect" do
|
|
93
99
|
controller_class.authorize_actions_for(resource_class)
|
|
94
100
|
expect(controller_class.authority_resource).to eq(resource_class)
|
|
@@ -105,6 +111,12 @@ describe Authority::Controller do
|
|
|
105
111
|
controller_class.authorize_actions_for(resource_class, filter_options)
|
|
106
112
|
end
|
|
107
113
|
|
|
114
|
+
it "prefers to set up a before_action over before_filter, passing the options it was given" do
|
|
115
|
+
filter_options = {:only => [:show, :edit, :update]}
|
|
116
|
+
expect(rails5_controller).to receive(:before_action).with(:run_authorization_check, filter_options)
|
|
117
|
+
rails5_controller.authorize_actions_for(resource_class, filter_options)
|
|
118
|
+
end
|
|
119
|
+
|
|
108
120
|
it "if :all_actions option is given, it overrides the action hash to use the action given" do
|
|
109
121
|
overridden_action_map = controller_class.authority_action_map
|
|
110
122
|
overridden_action_map.update(overridden_action_map) {|k,v| v = :annihilate}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authority
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nathan Long
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2016-07-07 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
- - ">="
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
34
|
version: 0.8.7
|
|
35
|
-
type: :
|
|
35
|
+
type: :development
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
@@ -67,6 +67,7 @@ files:
|
|
|
67
67
|
- ".rspec"
|
|
68
68
|
- ".travis.yml"
|
|
69
69
|
- CHANGELOG.markdown
|
|
70
|
+
- CODE_OF_CONDUCT.md
|
|
70
71
|
- CONTRIBUTING.markdown
|
|
71
72
|
- Gemfile
|
|
72
73
|
- LICENSE
|
|
@@ -74,10 +75,7 @@ files:
|
|
|
74
75
|
- Rakefile
|
|
75
76
|
- TODO.markdown
|
|
76
77
|
- authority.gemspec
|
|
77
|
-
- gemfiles/
|
|
78
|
-
- gemfiles/4.0.gemfile
|
|
79
|
-
- gemfiles/4.1.gemfile
|
|
80
|
-
- gemfiles/4.2.gemfile
|
|
78
|
+
- gemfiles/5.0.gemfile
|
|
81
79
|
- lib/authority.rb
|
|
82
80
|
- lib/authority/abilities.rb
|
|
83
81
|
- lib/authority/authorizer.rb
|
|
@@ -121,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
121
119
|
version: '0'
|
|
122
120
|
requirements: []
|
|
123
121
|
rubyforge_project:
|
|
124
|
-
rubygems_version: 2.
|
|
122
|
+
rubygems_version: 2.5.1
|
|
125
123
|
signing_key:
|
|
126
124
|
specification_version: 4
|
|
127
125
|
summary: Authority helps you authorize actions in your Rails app using plain Ruby
|
data/gemfiles/4.0.gemfile
DELETED
data/gemfiles/4.1.gemfile
DELETED