bullet_train-roles 0.1.10 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +25 -0
  4. data/bullet_train-roles.gemspec +1 -1
  5. data/lib/bullet_train/roles/version.rb +1 -1
  6. data/lib/roles/permit.rb +13 -13
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e682f8f5469478a7c827332cb3c922a3c7657ef48e2e53d15abaf98b4ea8e7ac
4
- data.tar.gz: 15ca75ffc2ebacabebc3632ecc18ce5f20348ad434df094de2ee14eaa05c031e
3
+ metadata.gz: 30730d97710a95ccb3a1607d68ec6e41316d421555be035900fbb7e112546bd1
4
+ data.tar.gz: f22d482d9382f630b7fb200f48469644bca171d12535fef117880a69cfcca5e3
5
5
  SHA512:
6
- metadata.gz: 4a525dc712139149ea12932af58932a3a8ec11ab582c6a5924b88035ea0c67563fb5ea9958cb9dc581b2045b46ff7add98a164383034ae6e3cb03a50f089076f
7
- data.tar.gz: 544e1c9ddbde15bd1945529af7d0ae136ff22fc8c2d12a0d8b91c148a61a2bbfa2f4296890ec0e235d1353bbff0394f811e588675e42c56e3b254c4ec6d7abcb
6
+ metadata.gz: bf8243e967c09351262fbc615f2b61f3d78d72d741a5c6c18ba62cfe8a0c3621ad4219a65768e640d91eaea4b52c930652ecf94323c31861d5222b5738e71790
7
+ data.tar.gz: 6a8048e3d64762d1578f25b202660606768d38ba6508e89cc7ec33812878d87e139b015286840360d66f04a248b87c2dc3d6b7ef05b76bda70bc1905aa57491b
data/Gemfile.lock CHANGED
@@ -9,7 +9,7 @@ GIT
9
9
  PATH
10
10
  remote: .
11
11
  specs:
12
- bullet_train-roles (0.1.10)
12
+ bullet_train-roles (1.2.0)
13
13
  active_hash
14
14
  activesupport
15
15
  cancancan
data/README.md CHANGED
@@ -142,6 +142,31 @@ permit user, through: :projects_collaborators, parent: :project
142
142
 
143
143
  In this example, `permit` is smart enough to only apply the permissions granted by a `Projects::Collaborator` record at the level of the `Project` it belongs to. You can turn any model into a grant model by adding `include Roles::Support` and adding a `role_ids:jsonb` attribute. You can look at `Scaffolding::AbsolutelyAbstract::CreativeConcepts::Collaborator` for an example.
144
144
 
145
+
146
+ ## Restricting Available Roles
147
+
148
+ In some situations, you don't want all roles to be available to all Grant Models. For example, you might have a `project_editor` role that only makes sense when applied at the Project level. Note that this is only necessary if you want your project_editor to have more limited permissions than an admin user. If a `project_editor` has full control of their project, you should probably just use the `admin` role.
149
+
150
+ By default all Grant Models will show all roles as options. If you want to limit the roles available to a model, use the `roles_only` class method:
151
+
152
+ ```
153
+ class Membership < ApplicationRecord
154
+ include Roles::Support
155
+ roles_only :admin, :editor, :reader # Add this line to restrict the Membership model to only these roles
156
+ end
157
+ ```
158
+
159
+ To access the array of all roles available for a particular model, use the `assignable_roles` class method. For example, in your Membership form, you probably _only_ want to show the assignable_roles as options. Your view could look like this:
160
+
161
+ ```
162
+ <% Membership.assignable_roles.each do |role| %>
163
+ <% if role.manageable_by?(current_membership.roles) %>
164
+ <!-- View component for showing a role option. Probably a checkbox -->
165
+ <% end %>
166
+ <% end %>
167
+ ```
168
+
169
+
145
170
  ## Debugging
146
171
  If you want to see what CanCanCan directives are being created by your permit calls, you can add the `debug: true` option to your `permit` statement in `app/models/ability.rb`.
147
172
 
data/bullet_train-roles.gemspec CHANGED
@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
12
12
  spec.description = "Yaml-backed ApplicationHash for CanCan Roles"
13
13
  spec.homepage = "https://github.com/bullet-train-co/bullet_train-roles"
14
14
  spec.license = "MIT"
15
- spec.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
15
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.7.0")
16
16
 
17
17
  spec.metadata["homepage_uri"] = spec.homepage
18
18
  spec.metadata["source_code_uri"] = "https://github.com/bullet-train-co/bullet_train-roles"
data/lib/bullet_train/roles/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Roles
4
- VERSION = "0.1.10"
4
+ VERSION = "1.2.0"
5
5
  end
data/lib/roles/permit.rb CHANGED
@@ -2,11 +2,11 @@
2
2
 
3
3
  module Roles
4
4
  module Permit
5
- def permit(user, through:, parent:, debug: false, intermediary: nil, cache_key: nil)
5
+ def permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil)
6
6
  # When changing permissions during development, you may also want to do this on each request:
7
7
  # User.update_all ability_cache: nil if Rails.env.development?
8
- permissions = if cache_key
9
- Rails.cache.fetch(cache_key) do
8
+ permissions = if rails_cache_key
9
+ Rails.cache.fetch(rails_cache_key) do
10
10
  build_permissions(user, through, parent, intermediary)
11
11
  end
12
12
  else
@@ -16,10 +16,10 @@ module Roles
16
16
  begin
17
17
  assign_permissions(permissions)
18
18
  rescue NameError => e
19
- if cache_key
19
+ if rails_cache_key
20
20
  # Cache has become stale with model classes that no longer exist
21
21
  Rails.logger.info "Found missing models in cache - #{e.message.squish} - building fresh permissions"
22
- Rails.cache.delete(cache_key)
22
+ Rails.cache.delete(rails_cache_key)
23
23
  permissions = build_permissions(user, through, parent, intermediary)
24
24
  assign_permissions(permissions)
25
25
  else
@@ -31,10 +31,10 @@ module Roles
31
31
  puts "###########################"
32
32
  puts "Auto generated `ability.rb` content:"
33
33
  permissions.map do |permission|
34
- if permission.is_debug
35
- puts permission.info
34
+ if permission[:is_debug]
35
+ puts permission[:info]
36
36
  else
37
- puts "can #{permission.actions}, #{permission.model}, #{permission.condition}"
37
+ puts "can #{permission[:actions]}, #{permission[:model]}, #{permission[:condition]}"
38
38
  end
39
39
  end
40
40
  puts "############################"
@@ -43,7 +43,7 @@ module Roles
43
43
 
44
44
  def assign_permissions(permissions)
45
45
  permissions.each do |permission|
46
- can(permission.actions, permission.model.constantize, permission.condition) unless permission.is_debug
46
+ can(permission[:actions], permission[:model].constantize, permission[:condition]) unless permission[:is_debug]
47
47
  end
48
48
  end
49
49
 
@@ -52,14 +52,14 @@ module Roles
52
52
  permissions = []
53
53
  user.send(through).map(&:roles).flatten.uniq.each do |role|
54
54
  unless added_roles.include?(role)
55
- permissions << OpenStruct.new(is_debug: true, info: "########### ROLE: #{role.key}")
55
+ permissions << {is_debug: true, info: "########### ROLE: #{role.key}"}
56
56
  permissions += add_abilities_for(role, user, through, parent, intermediary)
57
57
  added_roles << role
58
58
  end
59
59
 
60
60
  role.included_roles.each do |included_role|
61
61
  unless added_roles.include?(included_role)
62
- permissions << OpenStruct.new(is_debug: true, info: "############# INCLUDED ROLE: #{included_role.key}")
62
+ permissions << {is_debug: true, info: "############# INCLUDED ROLE: #{included_role.key}"}
63
63
  permissions += add_abilities_for(included_role, user, through, parent, intermediary)
64
64
  end
65
65
  end
@@ -72,9 +72,9 @@ module Roles
72
72
  permissions = []
73
73
  role.ability_generator(user, through, parent, intermediary) do |ag|
74
74
  permissions << if ag.valid?
75
- OpenStruct.new(is_debug: false, actions: ag.actions, model: ag.model.to_s, condition: ag.condition)
75
+ {is_debug: false, actions: ag.actions, model: ag.model.to_s, condition: ag.condition}
76
76
  else
77
- OpenStruct.new(is_debug: true, info: "# #{ag.model} does not respond to #{parent} so we're not going to add an ability for the #{through} context")
77
+ {is_debug: true, info: "# #{ag.model} does not respond to #{parent} so we're not going to add an ability for the #{through} context"}
78
78
  end
79
79
  end
80
80
  permissions
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bullet_train-roles
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Prabin Poudel
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-08-31 00:00:00.000000000 Z
12
+ date: 2022-12-15 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: byebug
@@ -209,7 +209,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
209
209
  requirements:
210
210
  - - ">="
211
211
  - !ruby/object:Gem::Version
212
- version: 2.4.0
212
+ version: 2.7.0
213
213
  required_rubygems_version: !ruby/object:Gem::Requirement
214
214
  requirements:
215
215
  - - ">="