benhoskings-hammock 0.2.7 → 0.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +7 -0
- data/hammock.gemspec +2 -2
- data/lib/hammock.rb +1 -1
- data/lib/hammock/controller_attributes.rb +0 -14
- data/lib/hammock/logging.rb +1 -1
- data/lib/hammock/resource_retrieval.rb +5 -5
- data/lib/hammock/restful_support.rb +10 -4
- data/lib/hammock/scope.rb +8 -8
- metadata +2 -2
data/History.txt
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
== 0.2.8 2009-03-10
|
|
2
|
+
Renamed @current_account to current_user.
|
|
3
|
+
Removed AC::Base#nestable_by declaration in favour of the new approach involving AC::Base#route_by and #nest_within, along with the corresponding reader.
|
|
4
|
+
Added #set_new_or_deleted_before_save controller method, and before_create and before_undestroy hooks.
|
|
5
|
+
Revert "Removed unneeded param to specify the finder method in retrieve_record." - the param was actually needed for #find_deleted_record.
|
|
6
|
+
|
|
7
|
+
|
|
1
8
|
== 0.2.7 2009-03-05
|
|
2
9
|
|
|
3
10
|
hamlink_to with implied verbs no longer raises in route_for.
|
data/hammock.gemspec
CHANGED
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{hammock}
|
|
5
|
-
s.version = "0.2.
|
|
5
|
+
s.version = "0.2.8"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Ben Hoskings"]
|
|
9
|
-
s.date = %q{2009-03-
|
|
9
|
+
s.date = %q{2009-03-10}
|
|
10
10
|
s.description = %q{Hammock is a Rails plugin that eliminates redundant code in a very RESTful manner. It does this in lots in lots of different places, but in one manner: it encourages specification in place of implementation. Hammock enforces RESTful resource access by abstracting actions away from the controller in favour of a clean, model-like callback system. Hammock tackles the hard and soft sides of security at once with a scoping security system on your models. Specify who can verb what resources under what conditions once, and everything else - the actual security, link generation, index filtering - just happens. Hammock inspects your routes and resources to generate a routing tree for each resource. Parent resources in a nested route are handled transparently at every point - record retrieval, creation, and linking. It makes more sense when you see how it works though, so check out the screencast!}
|
|
11
11
|
s.email = ["ben@hoskings.net"]
|
|
12
12
|
s.extra_rdoc_files = ["History.txt", "Manifest.txt", "README.rdoc", "misc/scaffold.txt"]
|
data/lib/hammock.rb
CHANGED
|
@@ -8,7 +8,7 @@ Dir.glob("#{File.dirname __FILE__}/hammock/**/*.rb").each {|dep|
|
|
|
8
8
|
} if defined?(RAILS_ROOT) # Loading Hammock components under 'rake package' fails.
|
|
9
9
|
|
|
10
10
|
module Hammock
|
|
11
|
-
VERSION = '0.2.
|
|
11
|
+
VERSION = '0.2.8'
|
|
12
12
|
|
|
13
13
|
def self.included base # :nodoc:
|
|
14
14
|
Hammock.constants.map {|constant_name|
|
|
@@ -6,16 +6,6 @@ module Hammock
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
module ClassMethods
|
|
9
|
-
|
|
10
|
-
# Specifies parent resources that can appear above this one in the route, and will be applied as an extra scope condition whenever present.
|
|
11
|
-
#
|
|
12
|
-
# Supplied as a hash of parameter names to attribute names. For example, given the route <tt>/accounts/7/posts/31</tt>,
|
|
13
|
-
# nestable_by :account_id => :creator_id
|
|
14
|
-
# Would add an extra scope condition requiring that <tt>@post.creator_id</tt> == <tt>params[:account_id]</tt>.
|
|
15
|
-
def nestable_by resources
|
|
16
|
-
write_inheritable_attribute :nestable_by, resources
|
|
17
|
-
end
|
|
18
|
-
|
|
19
9
|
# When +inline_create+ is specified for a controller, the +index+ page will have the ability to directly create new resources, just as the +new+ page normally can.
|
|
20
10
|
#
|
|
21
11
|
# To use +inline_create+, refactor the relevant contents of your +new+ view into a partial and render it in an appropriate place within the +index+ view.
|
|
@@ -37,10 +27,6 @@ module Hammock
|
|
|
37
27
|
|
|
38
28
|
private
|
|
39
29
|
|
|
40
|
-
def nestable_resources
|
|
41
|
-
self.class.read_inheritable_attribute(:nestable_by) || {}
|
|
42
|
-
end
|
|
43
|
-
|
|
44
30
|
def inline_createable_resource?
|
|
45
31
|
self.class.read_inheritable_attribute :inline_create
|
|
46
32
|
end
|
data/lib/hammock/logging.rb
CHANGED
|
@@ -18,7 +18,7 @@ module Hammock
|
|
|
18
18
|
request.remote_ip.colorize('green'),
|
|
19
19
|
(@current_site.subdomain unless @current_site.nil?),
|
|
20
20
|
(session.nil? ? 'nil' : ('...' + session.session_id[-8, 8])),
|
|
21
|
-
(
|
|
21
|
+
(current_user.nil? ? "unauthed" : "Account<#{current_user.id}> #{current_user.name}").colorize('green'),
|
|
22
22
|
headers['Status'],
|
|
23
23
|
log_hit_request_info,
|
|
24
24
|
log_hit_route_info
|
|
@@ -15,10 +15,10 @@ module Hammock
|
|
|
15
15
|
find_record :find_with_deleted
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
def find_record
|
|
18
|
+
def find_record finder = :find
|
|
19
19
|
result = if !callback(:before_find)
|
|
20
20
|
# callbacks failed
|
|
21
|
-
elsif (record = retrieve_record).nil?
|
|
21
|
+
elsif (record = retrieve_record(finder)).nil?
|
|
22
22
|
log "#{mdl}<#{params[:id]}> doesn't exist within #{requester_name.possessive} #{action_name} scope."
|
|
23
23
|
:not_found
|
|
24
24
|
elsif :ok != (verbability = can_verb_record?(action_name.to_sym, record))
|
|
@@ -44,11 +44,11 @@ module Hammock
|
|
|
44
44
|
end
|
|
45
45
|
end
|
|
46
46
|
|
|
47
|
-
def retrieve_record
|
|
47
|
+
def retrieve_record finder
|
|
48
48
|
if (scope = current_scope).nil?
|
|
49
49
|
|
|
50
50
|
else
|
|
51
|
-
record = scope.send
|
|
51
|
+
record = scope.send finder, :first, :conditions => {mdl.routing_attribute => params[:id]}
|
|
52
52
|
record || required_callback(:after_failed_find)
|
|
53
53
|
end
|
|
54
54
|
end
|
|
@@ -66,7 +66,7 @@ module Hammock
|
|
|
66
66
|
escort_for_read_only
|
|
67
67
|
elsif :unauthed == reason
|
|
68
68
|
escort_for_403
|
|
69
|
-
elsif
|
|
69
|
+
elsif current_user.nil? && account_verb_scope?
|
|
70
70
|
escort_for_login
|
|
71
71
|
else
|
|
72
72
|
escort_for_404
|
|
@@ -9,6 +9,8 @@ module Hammock
|
|
|
9
9
|
# TODO Investigate the usefulness of this.
|
|
10
10
|
# before_destroy :set_editing
|
|
11
11
|
before_create :set_creator_id_if_appropriate
|
|
12
|
+
before_create :set_new_or_deleted_before_save
|
|
13
|
+
before_undestroy :set_new_or_deleted_before_save
|
|
12
14
|
helper_method :mdl, :mdl_name, :editing?, :nested_within?, :partial_exists?
|
|
13
15
|
}
|
|
14
16
|
end
|
|
@@ -97,7 +99,7 @@ module Hammock
|
|
|
97
99
|
def make_createable resource = mdl
|
|
98
100
|
if !(new_record = make_new_record(resource))
|
|
99
101
|
log "Couldn't create a new #{resource.base_model} with the given nesting level and parameters."
|
|
100
|
-
elsif !new_record.createable_by?(
|
|
102
|
+
elsif !new_record.createable_by?(current_user)
|
|
101
103
|
log "#{requester_name} can't create #{new_record.resource_name}."
|
|
102
104
|
else
|
|
103
105
|
new_record
|
|
@@ -133,13 +135,17 @@ module Hammock
|
|
|
133
135
|
@editing = @record
|
|
134
136
|
end
|
|
135
137
|
|
|
138
|
+
def set_new_or_deleted_before_save
|
|
139
|
+
@record.set_new_or_deleted_before_save
|
|
140
|
+
end
|
|
141
|
+
|
|
136
142
|
# TODO process /^creating_\w+_id$/ as well
|
|
137
143
|
def set_creator_id_if_appropriate
|
|
138
144
|
if @record.respond_to?(:creator_id=)
|
|
139
|
-
if
|
|
140
|
-
log "Warning: @#{@record.base_model}.creator_id isn't being set, since
|
|
145
|
+
if current_user.nil?
|
|
146
|
+
log "Warning: @#{@record.base_model}.creator_id isn't being set, since current_user was nil."
|
|
141
147
|
else
|
|
142
|
-
@record.creator_id =
|
|
148
|
+
@record.creator_id = current_user.id
|
|
143
149
|
end
|
|
144
150
|
end
|
|
145
151
|
end
|
data/lib/hammock/scope.rb
CHANGED
|
@@ -26,7 +26,7 @@ module Hammock
|
|
|
26
26
|
def can_verb_resource? verb, resource
|
|
27
27
|
raise "The verb at #{call_point} must be supplied as a Symbol." unless verb.nil? || verb.is_a?(Symbol)
|
|
28
28
|
route = route_for verb, resource
|
|
29
|
-
if route.safe? && !resource.indexable_by(
|
|
29
|
+
if route.safe? && !resource.indexable_by(current_user)
|
|
30
30
|
log "#{requester_name} can't index #{resource.name.pluralize}. #{describe_call_point 4}"
|
|
31
31
|
:not_found
|
|
32
32
|
elsif !route.safe? && !make_createable(resource)
|
|
@@ -42,17 +42,17 @@ module Hammock
|
|
|
42
42
|
raise "The verb at #{call_point} must be supplied as a Symbol." unless verb.nil? || verb.is_a?(Symbol)
|
|
43
43
|
route = route_for verb, record
|
|
44
44
|
if route.verb.in?(:save, :create) && record.new_record?
|
|
45
|
-
if !record.createable_by?(
|
|
45
|
+
if !record.createable_by?(current_user)
|
|
46
46
|
log "#{requester_name} can't create a #{record.class} with #{record.attributes.inspect}. #{describe_call_point 4}"
|
|
47
47
|
:unauthed
|
|
48
48
|
else
|
|
49
49
|
:ok
|
|
50
50
|
end
|
|
51
51
|
else
|
|
52
|
-
if !record.readable_by?(
|
|
52
|
+
if !record.readable_by?(current_user)
|
|
53
53
|
log "#{requester_name} can't see #{record.class}<#{record.id}>. #{describe_call_point 4}"
|
|
54
54
|
:not_found
|
|
55
|
-
elsif !route.safe? && !record.writeable_by?(
|
|
55
|
+
elsif !route.safe? && !record.writeable_by?(current_user)
|
|
56
56
|
log "#{requester_name} can't #{verb} #{record.class}<#{record.id}>. #{describe_call_point 4}"
|
|
57
57
|
:read_only
|
|
58
58
|
else
|
|
@@ -63,11 +63,11 @@ module Hammock
|
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def current_verb_scope
|
|
66
|
-
if
|
|
66
|
+
if current_user && (scope_name = account_verb_scope?)
|
|
67
67
|
# log "got an account_verb_scope #{scope_name}."
|
|
68
|
-
mdl.send scope_name,
|
|
68
|
+
mdl.send scope_name, current_user
|
|
69
69
|
elsif !(scope_name = public_verb_scope?)
|
|
70
|
-
log "No #{
|
|
70
|
+
log "No #{current_user.nil? ? 'public' : 'account'} #{scope_name_for_action} scope available for #{mdl}.#{' May be available after login.' if account_verb_scope?}"
|
|
71
71
|
nil
|
|
72
72
|
else
|
|
73
73
|
# log "got a #{scope_name} public_verb_scope."
|
|
@@ -112,7 +112,7 @@ module Hammock
|
|
|
112
112
|
end
|
|
113
113
|
|
|
114
114
|
def requester_name
|
|
115
|
-
|
|
115
|
+
current_user.nil? ? 'Anonymous' : "#{current_user.class}<#{current_user.id}>"
|
|
116
116
|
end
|
|
117
117
|
|
|
118
118
|
def account_verb_scope?
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: benhoskings-hammock
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Hoskings
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-03-
|
|
12
|
+
date: 2009-03-10 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|