bullet_train-roles 0.1.10 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +25 -0
  4. data/bullet_train-roles.gemspec +1 -1
  5. data/lib/bullet_train/roles/version.rb +1 -1
  6. data/lib/roles/permit.rb +13 -13
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e682f8f5469478a7c827332cb3c922a3c7657ef48e2e53d15abaf98b4ea8e7ac
4
- data.tar.gz: 15ca75ffc2ebacabebc3632ecc18ce5f20348ad434df094de2ee14eaa05c031e
3
+ metadata.gz: 20e44ef51e368e08f7e07e5ad3bf47d75d6b95ec01ba96742dede9c28c4807c3
4
+ data.tar.gz: 79ffdc354d7a6d1ae305655c6a82128c73a82570f153504ef3b2f0670fd51a35
5
5
  SHA512:
6
- metadata.gz: 4a525dc712139149ea12932af58932a3a8ec11ab582c6a5924b88035ea0c67563fb5ea9958cb9dc581b2045b46ff7add98a164383034ae6e3cb03a50f089076f
7
- data.tar.gz: 544e1c9ddbde15bd1945529af7d0ae136ff22fc8c2d12a0d8b91c148a61a2bbfa2f4296890ec0e235d1353bbff0394f811e588675e42c56e3b254c4ec6d7abcb
6
+ metadata.gz: c993b6c741432461bbe47677870a5de5db2668670836ff39a04291b9a2f0baf8bcc0692dbe0004662e45bbf328ac9979cd841399edcf5cf2bb41e71bc97f5b39
7
+ data.tar.gz: 7cab0dc84d1cb29bda9b1c367109ca7fc16f1471ca9222b7c6179ec919a27051abe78abfab7656c4e5b13e0910b6021ef27fb6df41524420d6be6b5c3116aa5b
data/Gemfile.lock CHANGED
@@ -9,7 +9,7 @@ GIT
9
9
  PATH
10
10
  remote: .
11
11
  specs:
12
- bullet_train-roles (0.1.10)
12
+ bullet_train-roles (1.2.1)
13
13
  active_hash
14
14
  activesupport
15
15
  cancancan
data/README.md CHANGED
@@ -142,6 +142,31 @@ permit user, through: :projects_collaborators, parent: :project
142
142
 
143
143
  In this example, `permit` is smart enough to only apply the permissions granted by a `Projects::Collaborator` record at the level of the `Project` it belongs to. You can turn any model into a grant model by adding `include Roles::Support` and adding a `role_ids:jsonb` attribute. You can look at `Scaffolding::AbsolutelyAbstract::CreativeConcepts::Collaborator` for an example.
144
144
 
145
+
146
+ ## Restricting Available Roles
147
+
148
+ In some situations, you don't want all roles to be available to all Grant Models. For example, you might have a `project_editor` role that only makes sense when applied at the Project level. Note that this is only necessary if you want your project_editor to have more limited permissions than an admin user. If a `project_editor` has full control of their project, you should probably just use the `admin` role.
149
+
150
+ By default all Grant Models will show all roles as options. If you want to limit the roles available to a model, use the `roles_only` class method:
151
+
152
+ ```
153
+ class Membership < ApplicationRecord
154
+ include Roles::Support
155
+ roles_only :admin, :editor, :reader # Add this line to restrict the Membership model to only these roles
156
+ end
157
+ ```
158
+
159
+ To access the array of all roles available for a particular model, use the `assignable_roles` class method. For example, in your Membership form, you probably _only_ want to show the assignable_roles as options. Your view could look like this:
160
+
161
+ ```
162
+ <% Membership.assignable_roles.each do |role| %>
163
+ <% if role.manageable_by?(current_membership.roles) %>
164
+ <!-- View component for showing a role option. Probably a checkbox -->
165
+ <% end %>
166
+ <% end %>
167
+ ```
168
+
169
+
145
170
  ## Debugging
146
171
  If you want to see what CanCanCan directives are being created by your permit calls, you can add the `debug: true` option to your `permit` statement in `app/models/ability.rb`.
147
172
 
data/bullet_train-roles.gemspec CHANGED
@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
12
12
  spec.description = "Yaml-backed ApplicationHash for CanCan Roles"
13
13
  spec.homepage = "https://github.com/bullet-train-co/bullet_train-roles"
14
14
  spec.license = "MIT"
15
- spec.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
15
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.7.0")
16
16
 
17
17
  spec.metadata["homepage_uri"] = spec.homepage
18
18
  spec.metadata["source_code_uri"] = "https://github.com/bullet-train-co/bullet_train-roles"
data/lib/bullet_train/roles/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Roles
4
- VERSION = "0.1.10"
4
+ VERSION = "1.2.1"
5
5
  end
data/lib/roles/permit.rb CHANGED
@@ -2,11 +2,11 @@
2
2
 
3
3
  module Roles
4
4
  module Permit
5
- def permit(user, through:, parent:, debug: false, intermediary: nil, cache_key: nil)
5
+ def permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil)
6
6
  # When changing permissions during development, you may also want to do this on each request:
7
7
  # User.update_all ability_cache: nil if Rails.env.development?
8
- permissions = if cache_key
9
- Rails.cache.fetch(cache_key) do
8
+ permissions = if rails_cache_key
9
+ Rails.cache.fetch(rails_cache_key) do
10
10
  build_permissions(user, through, parent, intermediary)
11
11
  end
12
12
  else
@@ -16,10 +16,10 @@ module Roles
16
16
  begin
17
17
  assign_permissions(permissions)
18
18
  rescue NameError => e
19
- if cache_key
19
+ if rails_cache_key
20
20
  # Cache has become stale with model classes that no longer exist
21
21
  Rails.logger.info "Found missing models in cache - #{e.message.squish} - building fresh permissions"
22
- Rails.cache.delete(cache_key)
22
+ Rails.cache.delete(rails_cache_key)
23
23
  permissions = build_permissions(user, through, parent, intermediary)
24
24
  assign_permissions(permissions)
25
25
  else
@@ -31,10 +31,10 @@ module Roles
31
31
  puts "###########################"
32
32
  puts "Auto generated `ability.rb` content:"
33
33
  permissions.map do |permission|
34
- if permission.is_debug
35
- puts permission.info
34
+ if permission[:is_debug]
35
+ puts permission[:info]
36
36
  else
37
- puts "can #{permission.actions}, #{permission.model}, #{permission.condition}"
37
+ puts "can #{permission[:actions]}, #{permission[:model]}, #{permission[:condition]}"
38
38
  end
39
39
  end
40
40
  puts "############################"
@@ -43,7 +43,7 @@ module Roles
43
43
 
44
44
  def assign_permissions(permissions)
45
45
  permissions.each do |permission|
46
- can(permission.actions, permission.model.constantize, permission.condition) unless permission.is_debug
46
+ can(permission[:actions], permission[:model].constantize, permission[:condition]) unless permission[:is_debug]
47
47
  end
48
48
  end
49
49
 
@@ -52,14 +52,14 @@ module Roles
52
52
  permissions = []
53
53
  user.send(through).map(&:roles).flatten.uniq.each do |role|
54
54
  unless added_roles.include?(role)
55
- permissions << OpenStruct.new(is_debug: true, info: "########### ROLE: #{role.key}")
55
+ permissions << {is_debug: true, info: "########### ROLE: #{role.key}"}
56
56
  permissions += add_abilities_for(role, user, through, parent, intermediary)
57
57
  added_roles << role
58
58
  end
59
59
 
60
60
  role.included_roles.each do |included_role|
61
61
  unless added_roles.include?(included_role)
62
- permissions << OpenStruct.new(is_debug: true, info: "############# INCLUDED ROLE: #{included_role.key}")
62
+ permissions << {is_debug: true, info: "############# INCLUDED ROLE: #{included_role.key}"}
63
63
  permissions += add_abilities_for(included_role, user, through, parent, intermediary)
64
64
  end
65
65
  end
@@ -72,9 +72,9 @@ module Roles
72
72
  permissions = []
73
73
  role.ability_generator(user, through, parent, intermediary) do |ag|
74
74
  permissions << if ag.valid?
75
- OpenStruct.new(is_debug: false, actions: ag.actions, model: ag.model.to_s, condition: ag.condition)
75
+ {is_debug: false, actions: ag.actions, model: ag.model.to_s, condition: ag.condition}
76
76
  else
77
- OpenStruct.new(is_debug: true, info: "# #{ag.model} does not respond to #{parent} so we're not going to add an ability for the #{through} context")
77
+ {is_debug: true, info: "# #{ag.model} does not respond to #{parent} so we're not going to add an ability for the #{through} context"}
78
78
  end
79
79
  end
80
80
  permissions
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bullet_train-roles
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Prabin Poudel
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-08-31 00:00:00.000000000 Z
12
+ date: 2022-12-15 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: byebug
@@ -209,7 +209,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
209
209
  requirements:
210
210
  - - ">="
211
211
  - !ruby/object:Gem::Version
212
- version: 2.4.0
212
+ version: 2.7.0
213
213
  required_rubygems_version: !ruby/object:Gem::Requirement
214
214
  requirements:
215
215
  - - ">="