authorized_transaction 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f8b9da68dd1a43d4d19dcc4807d59f74491103ae83c4c873e446ab04b3831df8
4
- data.tar.gz: 0ff63e29f5e467493f9c9adc8f0ad0a325b53fcf3dfa8ce7450375736ab09cf2
3
+ metadata.gz: 2a61369cc8e832baee931ff87c611c90147efc38a9db24cc75a779e97cc47c92
4
+ data.tar.gz: ce349d060ebb6eb9b239699d293c08340e7f71519d944830b85d1f88da7c3f53
5
5
  SHA512:
6
- metadata.gz: aef44d1aebf710cca279f523732c366b1a343a1bdf6fbcc366752af723ba51ea84b152a186729c05f8f09799bc18923309f233e12d1455bcfee8491c5ff67365
7
- data.tar.gz: b6438ea5d977df7a4af99a03663bd3929944e0f74bb26efe93e46c11ff3f7254d7aa2c22bea8a8552b83d59c20ba991bfe103eb1b1243af8d6b4cd68bc9067ec
6
+ metadata.gz: f7d30b70db64e01ebfa4c5c62603bcbddba90a8ccbd0bfe9af2350b23b103bf11647530fa6e4d530cb166f23d8d45f1a8151e012f6c2a89faf825b4bbfd20dfd
7
+ data.tar.gz: 741ec7d1d10449d903c0f9ffea37fad0e6eeb48762e357c549adffbd82f2a9e3b86f29bbfa9e81a9b1e410517702a1f2f246af86b2ffc91b03522acadca9fee8
data/CHANGELOG.md ADDED
@@ -0,0 +1,9 @@
1
+ # Changelog
2
+
3
+ ## 0.2.0
4
+
5
+ - Add configuration via `ResourceAllowHeader.configure`
6
+
7
+ ## 0.1.0
8
+
9
+ :baby: Initial version
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authorized_transaction (0.1.1)
4
+ authorized_transaction (0.2.0)
5
5
  activerecord (>= 4.0.0)
6
6
  activesupport (>= 4.0.0)
7
7
 
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # AuthorizedTransaction
2
2
 
3
- [![Build Status: master](https://travis-ci.com/XPBytes/authorized_transaction.svg)](https://travis-ci.com/XPBytes/authorized_transaction)
3
+ [![Build Status: master](https://travis-ci.com/XPBytes/authorized_transaction.svg)](https://travis-ci.com/XPBytes/authorized_transaction)
4
4
  [![Gem Version](https://badge.fury.io/rb/authorized_transaction.svg)](https://badge.fury.io/rb/authorized_transaction)
5
5
  [![MIT license](http://img.shields.io/badge/license-MIT-brightgreen.svg)](http://opensource.org/licenses/MIT)
6
6
 
@@ -29,6 +29,10 @@ Wrap whatever you want to be authorized in an `authorized_transaction` block:
29
29
  ```ruby
30
30
  require 'authorized_transaction'
31
31
 
32
+ class ApiController < ActionController::API
33
+ include AuthorizedTransaction
34
+ end
35
+
32
36
  class BookController < ApiController
33
37
  def create
34
38
  book = authorized_transaction { CreateAndReturnBook.call(params) }
@@ -54,7 +58,7 @@ Authorization work on single resources, or enumerables:
54
58
  ```ruby
55
59
  class Book::SignatureController < ApiController
56
60
  def show
57
- _, signature = authorized_transaction do
61
+ _, signature = authorized_transaction do
58
62
  [FindBook.call(params), FindSignature.call(params)]
59
63
  end
60
64
  render json: signature, status: :created
@@ -62,6 +66,17 @@ class Book::SignatureController < ApiController
62
66
  end
63
67
  ```
64
68
 
69
+ ### Configuration
70
+
71
+ In an initializer you can set procs in order to change the default behaviour:
72
+
73
+ ```ruby
74
+ AuthorizedTransaction.configure do |this|
75
+ this.implicit_action_proc = proc { |controller| controller.action_name.to_sym }
76
+ this.authorize_proc = proc { |action, resource, controller| action == :whatever || controller.can?(action, resource) }
77
+ end
78
+ ```
79
+
65
80
  ## Development
66
81
 
67
82
  After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can
@@ -2,11 +2,18 @@ require "authorized_transaction/version"
2
2
 
3
3
  require 'active_record'
4
4
  require 'active_support/concern'
5
+ require 'active_support/core_ext/module/attribute_accessors'
5
6
 
6
7
  module AuthorizedTransaction
7
8
  extend ActiveSupport::Concern
8
9
  class Error < StandardError; end
9
10
 
11
+ mattr_accessor :authorize_proc, :implicit_action_proc, :implicit_action_key
12
+
13
+ def self.configure
14
+ yield self
15
+ end
16
+
10
17
  class TransactionUnauthorized < RuntimeError
11
18
  attr_reader :action, :resource
12
19
 
@@ -21,10 +28,6 @@ module AuthorizedTransaction
21
28
  attr_writer :action, :resource
22
29
  end
23
30
 
24
- def implicit_action
25
- params[:action]
26
- end
27
-
28
31
  included do
29
32
  ##
30
33
  # Wraps a block in a transaction after which the authorization check runs, using the controller action as default
@@ -55,9 +58,27 @@ module AuthorizedTransaction
55
58
 
56
59
  def authorize!(action, resource)
57
60
  Array(resource).each do |r|
58
- next if can?(action, r)
61
+ next if authorized?(action, r)
59
62
  raise TransactionUnauthorized.new(action, r)
60
63
  end
61
64
  end
62
65
  end
66
+
67
+ private
68
+
69
+ def implicit_action
70
+ if implicit_action_proc.respond_to?(:call)
71
+ return implicit_action_proc(self)
72
+ end
73
+
74
+ params[implicit_action_key || :action]
75
+ end
76
+
77
+ def authorized?(action, resource)
78
+ if authorize_proc.respond_to?(:call)
79
+ return authorize_proc(action, resource, self)
80
+ end
81
+
82
+ can?(action, resource)
83
+ end
63
84
  end
@@ -1,3 +1,3 @@
1
1
  module AuthorizedTransaction
2
- VERSION = "0.1.1"
2
+ VERSION = "0.2.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authorized_transaction
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Derk-Jan Karrenbeld
@@ -95,6 +95,7 @@ files:
95
95
  - ".idea/modules.xml"
96
96
  - ".idea/vcs.xml"
97
97
  - ".travis.yml"
98
+ - CHANGELOG.md
98
99
  - CODE_OF_CONDUCT.md
99
100
  - Gemfile
100
101
  - Gemfile.lock