authority 3.2.0 → 3.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +23 -2
- data/CHANGELOG.markdown +3 -2
- data/README.markdown +6 -1
- data/gemfiles/3.2.gemfile +6 -0
- data/gemfiles/4.0.gemfile +10 -0
- data/gemfiles/4.1.gemfile +10 -0
- data/gemfiles/4.2.gemfile +10 -0
- data/lib/authority/controller.rb +10 -4
- data/lib/authority/version.rb +1 -1
- data/spec/authority/controller_spec.rb +31 -0
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6807a134d4eaf6379becb0f913924baa5f03e396
|
|
4
|
+
data.tar.gz: 2cf81ed57c186516dd26a6bfc63394e1b0784400
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7f09a2d8e2bbf1107fcbb641fc3449073312ddf869f2d0ab4eed34c0a2d407a932e9160db59bacf7dd25a7cc66742227595a974d2aaab1b5f1db4443e37c4786
|
|
7
|
+
data.tar.gz: d51cf95c7d1c6353faa3843194a1824ace890c38125f2b9c08b0ee7bf9cb3e4a127478c507669b9df2b25c41892dcd183f4644da833cc7fc233a4c3e434bd4ca
|
data/.travis.yml
CHANGED
|
@@ -1,6 +1,27 @@
|
|
|
1
1
|
language: ruby
|
|
2
2
|
rvm:
|
|
3
|
-
-
|
|
3
|
+
- 1.9.3
|
|
4
|
+
- 2.0
|
|
5
|
+
- 2.1
|
|
6
|
+
- 2.2
|
|
7
|
+
- jruby-19mode # JRuby in 1.9 mode
|
|
8
|
+
# - rbx-2
|
|
9
|
+
|
|
10
|
+
before_install:
|
|
11
|
+
- gem update bundler && bundle --version
|
|
4
12
|
|
|
5
13
|
gemfile:
|
|
6
|
-
- gemfiles/
|
|
14
|
+
- gemfiles/3.2.gemfile
|
|
15
|
+
- gemfiles/4.0.gemfile
|
|
16
|
+
- gemfiles/4.1.gemfile
|
|
17
|
+
- gemfiles/4.2.gemfile
|
|
18
|
+
|
|
19
|
+
matrix:
|
|
20
|
+
exclude:
|
|
21
|
+
- rvm: rbx
|
|
22
|
+
gemfile: gemfiles/4.0.gemfile
|
|
23
|
+
include:
|
|
24
|
+
- rvm: 2.2.2
|
|
25
|
+
gemfile: gemfiles/5.0.gemfile
|
|
26
|
+
- rvm: 2.3.1
|
|
27
|
+
gemfile: gemfiles/5.0.gemfile
|
data/CHANGELOG.markdown
CHANGED
|
@@ -2,9 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
Authority does its best to use [semantic versioning](http://semver.org).
|
|
4
4
|
|
|
5
|
-
##
|
|
5
|
+
## 3.2.1
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
- Allow supplying extra arguments to authorizers in `authorize_actions_for` via the `:args` parameter.
|
|
8
|
+
- Resume CI testing against multiple versions of Ruby and Rails, thanks to [Douglas Teoh's work](https://github.com/nathanl/authority/pull/112).
|
|
8
9
|
|
|
9
10
|
## 3.2.0
|
|
10
11
|
|
data/README.markdown
CHANGED
|
@@ -370,7 +370,12 @@ class LlamasController < ApplicationController
|
|
|
370
370
|
end
|
|
371
371
|
```
|
|
372
372
|
|
|
373
|
-
|
|
373
|
+
You can pass extra arguments to your authorization checks in these controller helpers:
|
|
374
|
+
|
|
375
|
+
- `authorize_actions_for(Llama, args: [{:mamma => true}]`
|
|
376
|
+
- `authorize_action_for(@llama, :sporting => @hat_style)`
|
|
377
|
+
|
|
378
|
+
Generally, though, your authorization will depend on some attribute or association of the model instance, so the authorizer can check `@llama.neck_strength` and `@llama.owner.nationality`, etc, without needing any additional information.
|
|
374
379
|
|
|
375
380
|
Note that you can also call `authority_actions` as many times as you like, so you can specify one mapping at a time if you prefer:
|
|
376
381
|
|
data/lib/authority/controller.rb
CHANGED
|
@@ -15,7 +15,8 @@ module Authority
|
|
|
15
15
|
|
|
16
16
|
included do
|
|
17
17
|
rescue_from(Authority::SecurityViolation, :with => Authority::Controller.security_violation_callback)
|
|
18
|
-
class_attribute :authority_resource,
|
|
18
|
+
class_attribute :authority_resource, :instance_reader => false
|
|
19
|
+
class_attribute :authority_arguments, :instance_writer => false
|
|
19
20
|
end
|
|
20
21
|
|
|
21
22
|
attr_writer :authorization_performed
|
|
@@ -40,11 +41,16 @@ module Authority
|
|
|
40
41
|
# determine that class when the request is made
|
|
41
42
|
# @param [Hash] options - can contain :actions to
|
|
42
43
|
# be merged with existing
|
|
43
|
-
# ones and any other options applicable to a before_filter
|
|
44
|
+
# ones and any other options applicable to a before_filter,
|
|
45
|
+
# and can contain an array of :opts to pass to the authorizer
|
|
44
46
|
def authorize_actions_for(resource_or_finder, options = {})
|
|
45
47
|
self.authority_resource = resource_or_finder
|
|
46
48
|
add_actions(options.fetch(:actions, {}))
|
|
47
49
|
force_action(options[:all_actions]) if options[:all_actions]
|
|
50
|
+
|
|
51
|
+
# Capture custom authorization options
|
|
52
|
+
self.authority_arguments = options.delete(:args)
|
|
53
|
+
|
|
48
54
|
if respond_to? :before_action
|
|
49
55
|
before_action :run_authorization_check, options
|
|
50
56
|
else
|
|
@@ -139,11 +145,11 @@ module Authority
|
|
|
139
145
|
def run_authorization_check
|
|
140
146
|
if instance_authority_resource.is_a?(Array)
|
|
141
147
|
# Array includes options; pass as separate args
|
|
142
|
-
authorize_action_for(*instance_authority_resource)
|
|
148
|
+
authorize_action_for(*instance_authority_resource, *authority_arguments)
|
|
143
149
|
else
|
|
144
150
|
# *resource would be interpreted as resource.to_a, which is wrong and
|
|
145
151
|
# actually triggers a query if it's a Sequel model
|
|
146
|
-
authorize_action_for(instance_authority_resource)
|
|
152
|
+
authorize_action_for(instance_authority_resource, *authority_arguments)
|
|
147
153
|
end
|
|
148
154
|
end
|
|
149
155
|
|
data/lib/authority/version.rb
CHANGED
|
@@ -138,6 +138,16 @@ describe Authority::Controller do
|
|
|
138
138
|
expect(child_controller.authority_action_map).to eq(updated_map)
|
|
139
139
|
end
|
|
140
140
|
|
|
141
|
+
it "if :opts option is given, it extracts extra options for the authorization check" do
|
|
142
|
+
controller_class.authorize_actions_for(resource_class, :args => [:foo, :bar])
|
|
143
|
+
expect(controller_class.authority_arguments).to eq([:foo, :bar])
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
it "if :opts option wasn't given, no extra options are set" do
|
|
147
|
+
controller_class.authorize_actions_for(resource_class)
|
|
148
|
+
expect(controller_class.authority_arguments?).not_to be true
|
|
149
|
+
end
|
|
150
|
+
|
|
141
151
|
end
|
|
142
152
|
|
|
143
153
|
describe "authority_resource" do
|
|
@@ -282,6 +292,27 @@ describe Authority::Controller do
|
|
|
282
292
|
|
|
283
293
|
end
|
|
284
294
|
|
|
295
|
+
context "if extra opts were specified" do
|
|
296
|
+
|
|
297
|
+
let(:resource_class) { Hash }
|
|
298
|
+
let(:controller_class) do
|
|
299
|
+
Class.new(ExampleController).tap do |c|
|
|
300
|
+
c.send(:include, Authority::Controller)
|
|
301
|
+
c.authorize_actions_for(:method_to_find_class, args: [:extra, :args])
|
|
302
|
+
end
|
|
303
|
+
end
|
|
304
|
+
|
|
305
|
+
before :each do
|
|
306
|
+
allow(controller_instance).to receive(:method_to_find_class).and_return(resource_class)
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
it "uses extra args in authorization check" do
|
|
310
|
+
expect(controller_instance).to receive(:authorize_action_for).with(resource_class, :extra, :args)
|
|
311
|
+
controller_instance.send(:run_authorization_check)
|
|
312
|
+
end
|
|
313
|
+
|
|
314
|
+
end
|
|
315
|
+
|
|
285
316
|
context "if a method for determining the class was specified" do
|
|
286
317
|
|
|
287
318
|
let(:resource_class) { Hash }
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authority
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nathan Long
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-10-05 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
@@ -75,6 +75,10 @@ files:
|
|
|
75
75
|
- Rakefile
|
|
76
76
|
- TODO.markdown
|
|
77
77
|
- authority.gemspec
|
|
78
|
+
- gemfiles/3.2.gemfile
|
|
79
|
+
- gemfiles/4.0.gemfile
|
|
80
|
+
- gemfiles/4.1.gemfile
|
|
81
|
+
- gemfiles/4.2.gemfile
|
|
78
82
|
- gemfiles/5.0.gemfile
|
|
79
83
|
- lib/authority.rb
|
|
80
84
|
- lib/authority/abilities.rb
|