avo 2.21.3.pre.pr1489 → 2.22.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of avo might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +7 -7
- data/app/controllers/avo/application_controller.rb +1 -1
- data/app/controllers/avo/dashboards_controller.rb +3 -0
- data/avo.gemspec +1 -1
- data/lib/avo/dashboards/base_dashboard.rb +1 -0
- data/lib/avo/services/authorization_service.rb +1 -2
- data/lib/avo/version.rb +1 -1
- metadata +5 -6
- data/config/master.key +0 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a08f250c3df5118c161cb76f4aeb79082a1e472c833db780873077fc98563293
|
|
4
|
+
data.tar.gz: 0261dc8b5aa277264c3ae3e70706b11347669fc20cd9c606a4c89179589195eb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5f3e9b443058e4d1649539857d878672f396ec1e1716b6ecfd44b2eba3ffae8953027e3bcafb84fdc96dd8caa737826d34032df9b63198f54d754e28e3878710
|
|
7
|
+
data.tar.gz: 83e60548283c659a4e311454bbb0779eafa61049a7785834b512d808954c9a49debe6bdedbe67cd7faa66d0cba555978c583ba7a425d550b818b507cbac2684e
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
avo (2.
|
|
4
|
+
avo (2.22.0)
|
|
5
5
|
actionview (>= 6.0)
|
|
6
6
|
active_link_to
|
|
7
7
|
activerecord (>= 6.0)
|
|
@@ -230,7 +230,7 @@ GEM
|
|
|
230
230
|
listen (3.7.1)
|
|
231
231
|
rb-fsevent (~> 0.10, >= 0.10.3)
|
|
232
232
|
rb-inotify (~> 0.9, >= 0.9.10)
|
|
233
|
-
loofah (2.19.
|
|
233
|
+
loofah (2.19.1)
|
|
234
234
|
crass (~> 1.0.2)
|
|
235
235
|
nokogiri (>= 1.5.9)
|
|
236
236
|
mail (2.7.1)
|
|
@@ -259,10 +259,10 @@ GEM
|
|
|
259
259
|
net-protocol
|
|
260
260
|
timeout
|
|
261
261
|
nio4r (2.5.8)
|
|
262
|
-
nokogiri (1.13.
|
|
262
|
+
nokogiri (1.13.10)
|
|
263
263
|
mini_portile2 (~> 2.8.0)
|
|
264
264
|
racc (~> 1.4)
|
|
265
|
-
nokogiri (1.13.
|
|
265
|
+
nokogiri (1.13.10-x86_64-linux)
|
|
266
266
|
racc (~> 1.4)
|
|
267
267
|
orm_adapter (0.5.0)
|
|
268
268
|
pagy (5.10.1)
|
|
@@ -276,7 +276,7 @@ GEM
|
|
|
276
276
|
nio4r (~> 2.0)
|
|
277
277
|
pundit (2.2.0)
|
|
278
278
|
activesupport (>= 3.0.0)
|
|
279
|
-
racc (1.6.
|
|
279
|
+
racc (1.6.1)
|
|
280
280
|
rack (2.2.4)
|
|
281
281
|
rack-test (2.0.2)
|
|
282
282
|
rack (>= 1.3)
|
|
@@ -302,8 +302,8 @@ GEM
|
|
|
302
302
|
rails-dom-testing (2.0.3)
|
|
303
303
|
activesupport (>= 4.2.0)
|
|
304
304
|
nokogiri (>= 1.6)
|
|
305
|
-
rails-html-sanitizer (1.4.
|
|
306
|
-
loofah (~> 2.
|
|
305
|
+
rails-html-sanitizer (1.4.4)
|
|
306
|
+
loofah (~> 2.19, >= 2.19.1)
|
|
307
307
|
rails-i18n (7.0.5)
|
|
308
308
|
i18n (>= 0.7, < 2)
|
|
309
309
|
railties (>= 6.0.0, < 8)
|
|
@@ -259,7 +259,7 @@ module Avo
|
|
|
259
259
|
end
|
|
260
260
|
|
|
261
261
|
def render_unauthorized(_exception)
|
|
262
|
-
flash
|
|
262
|
+
flash[:notice] = t "avo.not_authorized"
|
|
263
263
|
|
|
264
264
|
redirect_url = if request.referrer.blank? || (request.referrer == request.url)
|
|
265
265
|
root_url
|
|
@@ -13,6 +13,9 @@ module Avo
|
|
|
13
13
|
def set_dashboard
|
|
14
14
|
@dashboard = Avo::App.get_dashboard_by_id params[:id]
|
|
15
15
|
|
|
16
|
+
authorized = Avo::Hosts::BaseHost.new(block: @dashboard.authorize).handle
|
|
17
|
+
raise Avo::NotAuthorizedError.new if !authorized
|
|
18
|
+
|
|
16
19
|
raise ActionController::RoutingError.new("Not Found") if @dashboard.nil? || @dashboard.is_hidden?
|
|
17
20
|
end
|
|
18
21
|
end
|
data/avo.gemspec
CHANGED
|
@@ -27,7 +27,7 @@ Gem::Specification.new do |spec|
|
|
|
27
27
|
"public gem pushes."
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
spec.required_ruby_version = ">= 2.
|
|
30
|
+
spec.required_ruby_version = ">= 2.6.0"
|
|
31
31
|
spec.post_install_message = "Thank you for using Avo 💪 Docs are available at https://docs.avohq.io"
|
|
32
32
|
|
|
33
33
|
spec.files = Dir["{bin,app,config,db,lib,public}/**/*", "MIT-LICENSE", "Rakefile", "README.md", "avo.gemspec", "Gemfile", "Gemfile.lock"]
|
|
@@ -29,7 +29,6 @@ module Avo
|
|
|
29
29
|
|
|
30
30
|
def authorize(user, record, action, policy_class: nil, **args)
|
|
31
31
|
return true if skip_authorization
|
|
32
|
-
return true if user.nil?
|
|
33
32
|
|
|
34
33
|
client.authorize user, record, action, policy_class: policy_class
|
|
35
34
|
|
|
@@ -64,7 +63,7 @@ module Avo
|
|
|
64
63
|
end
|
|
65
64
|
|
|
66
65
|
def apply_policy(user, model, policy_class: nil)
|
|
67
|
-
return model if skip_authorization
|
|
66
|
+
return model if skip_authorization
|
|
68
67
|
|
|
69
68
|
client.apply_policy(user, model, policy_class: policy_class)
|
|
70
69
|
rescue NoPolicyError => error
|
data/lib/avo/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: avo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.22.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adrian Marin
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2022-12-
|
|
12
|
+
date: 2022-12-20 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activerecord
|
|
@@ -1694,7 +1694,6 @@ files:
|
|
|
1694
1694
|
- config/credentials.yml.enc
|
|
1695
1695
|
- config/i18n-tasks.yml
|
|
1696
1696
|
- config/initializers/pagy.rb
|
|
1697
|
-
- config/master.key
|
|
1698
1697
|
- config/routes.rb
|
|
1699
1698
|
- config/spring.rb
|
|
1700
1699
|
- db/factories.rb
|
|
@@ -1947,12 +1946,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
1947
1946
|
requirements:
|
|
1948
1947
|
- - ">="
|
|
1949
1948
|
- !ruby/object:Gem::Version
|
|
1950
|
-
version: 2.
|
|
1949
|
+
version: 2.6.0
|
|
1951
1950
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
1952
1951
|
requirements:
|
|
1953
|
-
- - "
|
|
1952
|
+
- - ">="
|
|
1954
1953
|
- !ruby/object:Gem::Version
|
|
1955
|
-
version:
|
|
1954
|
+
version: '0'
|
|
1956
1955
|
requirements: []
|
|
1957
1956
|
rubygems_version: 3.3.3
|
|
1958
1957
|
signing_key:
|
data/config/master.key
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
2aeb23d82b909d9c6b5abb62f7058c2a
|