benhoskings-hammock 0.2.7 → 0.2.8
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +7 -0
- data/hammock.gemspec +2 -2
- data/lib/hammock.rb +1 -1
- data/lib/hammock/controller_attributes.rb +0 -14
- data/lib/hammock/logging.rb +1 -1
- data/lib/hammock/resource_retrieval.rb +5 -5
- data/lib/hammock/restful_support.rb +10 -4
- data/lib/hammock/scope.rb +8 -8
- metadata +2 -2
data/History.txt
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
== 0.2.8 2009-03-10
|
|
2
|
+
Renamed @current_account to current_user.
|
|
3
|
+
Removed AC::Base#nestable_by declaration in favour of the new approach involving AC::Base#route_by and #nest_within, along with the corresponding reader.
|
|
4
|
+
Added #set_new_or_deleted_before_save controller method, and before_create and before_undestroy hooks.
|
|
5
|
+
Revert "Removed unneeded param to specify the finder method in retrieve_record." - the param was actually needed for #find_deleted_record.
|
|
6
|
+
|
|
7
|
+
|
|
1
8
|
== 0.2.7 2009-03-05
|
|
2
9
|
|
|
3
10
|
hamlink_to with implied verbs no longer raises in route_for.
|
data/hammock.gemspec
CHANGED
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{hammock}
|
|
5
|
-
s.version = "0.2.
|
|
5
|
+
s.version = "0.2.8"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Ben Hoskings"]
|
|
9
|
-
s.date = %q{2009-03-
|
|
9
|
+
s.date = %q{2009-03-10}
|
|
10
10
|
s.description = %q{Hammock is a Rails plugin that eliminates redundant code in a very RESTful manner. It does this in lots in lots of different places, but in one manner: it encourages specification in place of implementation. Hammock enforces RESTful resource access by abstracting actions away from the controller in favour of a clean, model-like callback system. Hammock tackles the hard and soft sides of security at once with a scoping security system on your models. Specify who can verb what resources under what conditions once, and everything else - the actual security, link generation, index filtering - just happens. Hammock inspects your routes and resources to generate a routing tree for each resource. Parent resources in a nested route are handled transparently at every point - record retrieval, creation, and linking. It makes more sense when you see how it works though, so check out the screencast!}
|
|
11
11
|
s.email = ["ben@hoskings.net"]
|
|
12
12
|
s.extra_rdoc_files = ["History.txt", "Manifest.txt", "README.rdoc", "misc/scaffold.txt"]
|
data/lib/hammock.rb
CHANGED
|
@@ -8,7 +8,7 @@ Dir.glob("#{File.dirname __FILE__}/hammock/**/*.rb").each {|dep|
|
|
|
8
8
|
} if defined?(RAILS_ROOT) # Loading Hammock components under 'rake package' fails.
|
|
9
9
|
|
|
10
10
|
module Hammock
|
|
11
|
-
VERSION = '0.2.
|
|
11
|
+
VERSION = '0.2.8'
|
|
12
12
|
|
|
13
13
|
def self.included base # :nodoc:
|
|
14
14
|
Hammock.constants.map {|constant_name|
|
|
@@ -6,16 +6,6 @@ module Hammock
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
module ClassMethods
|
|
9
|
-
|
|
10
|
-
# Specifies parent resources that can appear above this one in the route, and will be applied as an extra scope condition whenever present.
|
|
11
|
-
#
|
|
12
|
-
# Supplied as a hash of parameter names to attribute names. For example, given the route <tt>/accounts/7/posts/31</tt>,
|
|
13
|
-
# nestable_by :account_id => :creator_id
|
|
14
|
-
# Would add an extra scope condition requiring that <tt>@post.creator_id</tt> == <tt>params[:account_id]</tt>.
|
|
15
|
-
def nestable_by resources
|
|
16
|
-
write_inheritable_attribute :nestable_by, resources
|
|
17
|
-
end
|
|
18
|
-
|
|
19
9
|
# When +inline_create+ is specified for a controller, the +index+ page will have the ability to directly create new resources, just as the +new+ page normally can.
|
|
20
10
|
#
|
|
21
11
|
# To use +inline_create+, refactor the relevant contents of your +new+ view into a partial and render it in an appropriate place within the +index+ view.
|
|
@@ -37,10 +27,6 @@ module Hammock
|
|
|
37
27
|
|
|
38
28
|
private
|
|
39
29
|
|
|
40
|
-
def nestable_resources
|
|
41
|
-
self.class.read_inheritable_attribute(:nestable_by) || {}
|
|
42
|
-
end
|
|
43
|
-
|
|
44
30
|
def inline_createable_resource?
|
|
45
31
|
self.class.read_inheritable_attribute :inline_create
|
|
46
32
|
end
|
data/lib/hammock/logging.rb
CHANGED
|
@@ -18,7 +18,7 @@ module Hammock
|
|
|
18
18
|
request.remote_ip.colorize('green'),
|
|
19
19
|
(@current_site.subdomain unless @current_site.nil?),
|
|
20
20
|
(session.nil? ? 'nil' : ('...' + session.session_id[-8, 8])),
|
|
21
|
-
(
|
|
21
|
+
(current_user.nil? ? "unauthed" : "Account<#{current_user.id}> #{current_user.name}").colorize('green'),
|
|
22
22
|
headers['Status'],
|
|
23
23
|
log_hit_request_info,
|
|
24
24
|
log_hit_route_info
|
|
@@ -15,10 +15,10 @@ module Hammock
|
|
|
15
15
|
find_record :find_with_deleted
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
def find_record
|
|
18
|
+
def find_record finder = :find
|
|
19
19
|
result = if !callback(:before_find)
|
|
20
20
|
# callbacks failed
|
|
21
|
-
elsif (record = retrieve_record).nil?
|
|
21
|
+
elsif (record = retrieve_record(finder)).nil?
|
|
22
22
|
log "#{mdl}<#{params[:id]}> doesn't exist within #{requester_name.possessive} #{action_name} scope."
|
|
23
23
|
:not_found
|
|
24
24
|
elsif :ok != (verbability = can_verb_record?(action_name.to_sym, record))
|
|
@@ -44,11 +44,11 @@ module Hammock
|
|
|
44
44
|
end
|
|
45
45
|
end
|
|
46
46
|
|
|
47
|
-
def retrieve_record
|
|
47
|
+
def retrieve_record finder
|
|
48
48
|
if (scope = current_scope).nil?
|
|
49
49
|
|
|
50
50
|
else
|
|
51
|
-
record = scope.send
|
|
51
|
+
record = scope.send finder, :first, :conditions => {mdl.routing_attribute => params[:id]}
|
|
52
52
|
record || required_callback(:after_failed_find)
|
|
53
53
|
end
|
|
54
54
|
end
|
|
@@ -66,7 +66,7 @@ module Hammock
|
|
|
66
66
|
escort_for_read_only
|
|
67
67
|
elsif :unauthed == reason
|
|
68
68
|
escort_for_403
|
|
69
|
-
elsif
|
|
69
|
+
elsif current_user.nil? && account_verb_scope?
|
|
70
70
|
escort_for_login
|
|
71
71
|
else
|
|
72
72
|
escort_for_404
|
|
@@ -9,6 +9,8 @@ module Hammock
|
|
|
9
9
|
# TODO Investigate the usefulness of this.
|
|
10
10
|
# before_destroy :set_editing
|
|
11
11
|
before_create :set_creator_id_if_appropriate
|
|
12
|
+
before_create :set_new_or_deleted_before_save
|
|
13
|
+
before_undestroy :set_new_or_deleted_before_save
|
|
12
14
|
helper_method :mdl, :mdl_name, :editing?, :nested_within?, :partial_exists?
|
|
13
15
|
}
|
|
14
16
|
end
|
|
@@ -97,7 +99,7 @@ module Hammock
|
|
|
97
99
|
def make_createable resource = mdl
|
|
98
100
|
if !(new_record = make_new_record(resource))
|
|
99
101
|
log "Couldn't create a new #{resource.base_model} with the given nesting level and parameters."
|
|
100
|
-
elsif !new_record.createable_by?(
|
|
102
|
+
elsif !new_record.createable_by?(current_user)
|
|
101
103
|
log "#{requester_name} can't create #{new_record.resource_name}."
|
|
102
104
|
else
|
|
103
105
|
new_record
|
|
@@ -133,13 +135,17 @@ module Hammock
|
|
|
133
135
|
@editing = @record
|
|
134
136
|
end
|
|
135
137
|
|
|
138
|
+
def set_new_or_deleted_before_save
|
|
139
|
+
@record.set_new_or_deleted_before_save
|
|
140
|
+
end
|
|
141
|
+
|
|
136
142
|
# TODO process /^creating_\w+_id$/ as well
|
|
137
143
|
def set_creator_id_if_appropriate
|
|
138
144
|
if @record.respond_to?(:creator_id=)
|
|
139
|
-
if
|
|
140
|
-
log "Warning: @#{@record.base_model}.creator_id isn't being set, since
|
|
145
|
+
if current_user.nil?
|
|
146
|
+
log "Warning: @#{@record.base_model}.creator_id isn't being set, since current_user was nil."
|
|
141
147
|
else
|
|
142
|
-
@record.creator_id =
|
|
148
|
+
@record.creator_id = current_user.id
|
|
143
149
|
end
|
|
144
150
|
end
|
|
145
151
|
end
|
data/lib/hammock/scope.rb
CHANGED
|
@@ -26,7 +26,7 @@ module Hammock
|
|
|
26
26
|
def can_verb_resource? verb, resource
|
|
27
27
|
raise "The verb at #{call_point} must be supplied as a Symbol." unless verb.nil? || verb.is_a?(Symbol)
|
|
28
28
|
route = route_for verb, resource
|
|
29
|
-
if route.safe? && !resource.indexable_by(
|
|
29
|
+
if route.safe? && !resource.indexable_by(current_user)
|
|
30
30
|
log "#{requester_name} can't index #{resource.name.pluralize}. #{describe_call_point 4}"
|
|
31
31
|
:not_found
|
|
32
32
|
elsif !route.safe? && !make_createable(resource)
|
|
@@ -42,17 +42,17 @@ module Hammock
|
|
|
42
42
|
raise "The verb at #{call_point} must be supplied as a Symbol." unless verb.nil? || verb.is_a?(Symbol)
|
|
43
43
|
route = route_for verb, record
|
|
44
44
|
if route.verb.in?(:save, :create) && record.new_record?
|
|
45
|
-
if !record.createable_by?(
|
|
45
|
+
if !record.createable_by?(current_user)
|
|
46
46
|
log "#{requester_name} can't create a #{record.class} with #{record.attributes.inspect}. #{describe_call_point 4}"
|
|
47
47
|
:unauthed
|
|
48
48
|
else
|
|
49
49
|
:ok
|
|
50
50
|
end
|
|
51
51
|
else
|
|
52
|
-
if !record.readable_by?(
|
|
52
|
+
if !record.readable_by?(current_user)
|
|
53
53
|
log "#{requester_name} can't see #{record.class}<#{record.id}>. #{describe_call_point 4}"
|
|
54
54
|
:not_found
|
|
55
|
-
elsif !route.safe? && !record.writeable_by?(
|
|
55
|
+
elsif !route.safe? && !record.writeable_by?(current_user)
|
|
56
56
|
log "#{requester_name} can't #{verb} #{record.class}<#{record.id}>. #{describe_call_point 4}"
|
|
57
57
|
:read_only
|
|
58
58
|
else
|
|
@@ -63,11 +63,11 @@ module Hammock
|
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def current_verb_scope
|
|
66
|
-
if
|
|
66
|
+
if current_user && (scope_name = account_verb_scope?)
|
|
67
67
|
# log "got an account_verb_scope #{scope_name}."
|
|
68
|
-
mdl.send scope_name,
|
|
68
|
+
mdl.send scope_name, current_user
|
|
69
69
|
elsif !(scope_name = public_verb_scope?)
|
|
70
|
-
log "No #{
|
|
70
|
+
log "No #{current_user.nil? ? 'public' : 'account'} #{scope_name_for_action} scope available for #{mdl}.#{' May be available after login.' if account_verb_scope?}"
|
|
71
71
|
nil
|
|
72
72
|
else
|
|
73
73
|
# log "got a #{scope_name} public_verb_scope."
|
|
@@ -112,7 +112,7 @@ module Hammock
|
|
|
112
112
|
end
|
|
113
113
|
|
|
114
114
|
def requester_name
|
|
115
|
-
|
|
115
|
+
current_user.nil? ? 'Anonymous' : "#{current_user.class}<#{current_user.id}>"
|
|
116
116
|
end
|
|
117
117
|
|
|
118
118
|
def account_verb_scope?
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: benhoskings-hammock
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Hoskings
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-03-
|
|
12
|
+
date: 2009-03-10 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|