cancanright 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: f9a9182e701015c6a9d10c66a2e0a6d5d2535d1a
4
+ data.tar.gz: 2b1203da16f841429eb56d165b61ba5de04aded3
5
+ SHA512:
6
+ metadata.gz: 483a8b9a7d281c555924207e2423fe8a6aecf550c31311030e42f42c871e4eff1662b196c743dbe736db7234da88a8e268d3748592b800573729e1ba14530669
7
+ data.tar.gz: 3dcee5d48dbc3c89c331caccc6e4e1a8ae7738d949c717d1a46f433e70013132ae911f28e3839f2d1ed81969864794c89f039d36c37d949344315ac5b7d88edb
data/CHANGELOG.md ADDED
@@ -0,0 +1,8 @@
1
+ # Change Log
2
+ All notable changes to this project will be documented in this file.
3
+ This project adheres to [Semantic Versioning](http://semver.org/).
4
+ This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
5
+
6
+ ## [0.0.1] - 2016-12-09
7
+ ### Added
8
+ - Initial release
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2016 SeaLink Travel Group
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,52 @@
1
+ # CanCanRight - Database driven rules for CanCan
2
+
3
+ [![Build Status](https://travis-ci.org/sealink/cancanright.svg?branch=master)](https://travis-ci.org/sealink/cancanright)
4
+
5
+ In order to allow for flexible and fine-grained access control across a large application it may
6
+ be useful to mange your CanCan abilities in your application's database. With CanCanRight users
7
+ are assigned many Roles which have many Rights. Rights represent CanCan rules.
8
+
9
+ CanCanRight is built for Rails 3+
10
+
11
+
12
+ ## Installation
13
+
14
+ Add this to your Gemfile:
15
+
16
+ gem 'cancanright'
17
+
18
+ and run the `bundle install` command.
19
+
20
+
21
+ ## Getting Started
22
+
23
+ CanCanRight extends upon CanCan's features. It expects a `current_user` method to exist in the
24
+ controller. For information on getting started with CanCan please visit the
25
+ [CanCanCan Wiki](https://github.com/CanCanCommunity/cancancan/wiki).
26
+
27
+
28
+ ## Defining Abilities
29
+
30
+ User permissions are defined in an `Ability` class. CanCanRight includes a Rails generator for
31
+ creating this class.
32
+
33
+ rails g cancanright:ability
34
+
35
+ This creates an Ability class with an example of how to create CanCan Rules from Rights.
36
+ Additionally all of the existing CanCan features for defining abilities are available. See
37
+ [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/defining-abilities) for
38
+ details.
39
+
40
+
41
+ ## Development
42
+
43
+ After checking out the repo, run `bundle install` to install dependencies. Then, run `rake spec`
44
+ to run the tests.
45
+
46
+
47
+ ## Contributing
48
+
49
+ If you find a bug please add an [issue on GitHub](https://github.com/sealink/cancanright/issues)
50
+ or fork the project and send a pull request. This project is intended to be a safe, welcoming
51
+ space for collaboration, and contributors are expected to adhere to the
52
+ [Contributor Covenant](http://contributor-covenant.org) code of conduct.
@@ -0,0 +1,7 @@
1
+ require 'cancanright/model/right'
2
+ require 'cancanright/model/role'
3
+ require 'cancanright/ability'
4
+ require 'cancanright/controller_additions'
5
+ require 'cancanright/error'
6
+ require 'cancanright/role_model'
7
+ require 'cancanright/rule'
@@ -0,0 +1,9 @@
1
+ module CanCanRight
2
+ module Ability
3
+ include CanCan::Ability
4
+
5
+ private def add_rule_for(right)
6
+ add_rule(CanCanRight::Rule.rule_for(right))
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,18 @@
1
+ module CanCanRight
2
+ module ControllerAdditions
3
+ def authorize_action!
4
+ controller = self.rights_from || params[:controller]
5
+ action = params[:action]
6
+
7
+ return if can?(:access, controller) || can?(:access, controller + '#' + action)
8
+
9
+ fail CanCan::AccessDenied, "You are not authorized to access this page."
10
+ end
11
+ end
12
+ end
13
+
14
+ if defined? ActionController::Base
15
+ ActionController::Base.class_eval do
16
+ include CanCanRight::ControllerAdditions
17
+ end
18
+ end
@@ -0,0 +1,3 @@
1
+ module CanCanRight
2
+ class Error < StandardError; end
3
+ end
@@ -0,0 +1,21 @@
1
+ module CanCanRight
2
+ module Model
3
+ class Right < ActiveRecord::Base
4
+ has_and_belongs_to_many :roles, :class_name => 'CanCan::Model::Role'
5
+
6
+ validates :action, presence: true
7
+ validates :can, presence: true
8
+ validates :name, presence: true, uniqueness: true
9
+
10
+ scope :ordered, -> { order :name }
11
+
12
+ def sensible_name
13
+ name.humanize.titleize.gsub(/#/, ' - ')
14
+ end
15
+
16
+ def to_s
17
+ name
18
+ end
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,14 @@
1
+ module CanCanRight
2
+ module Model
3
+ class Role < ActiveRecord::Base
4
+ has_and_belongs_to_many :rights, :class_name => 'CanCanRight::Model::Right'
5
+
6
+ validates :title, presence: true, uniqueness: true
7
+
8
+ def to_s
9
+ self.title.try(:titleize)
10
+ end
11
+ alias_method :name, :to_s
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,10 @@
1
+ module CanCanRight
2
+ module RoleModel
3
+ def self.included(base)
4
+ base.module_eval 'has_and_belongs_to_many :roles, :class_name => "CanCanRight::Model::Role"'
5
+ base.module_eval 'has_many :rights, through: :roles, :class_name => "CanCanRight::Model::Right"'
6
+
7
+ Model::Role.module_eval "has_and_belongs_to_many :#{base.table_name}"
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,51 @@
1
+ module CanCanRight
2
+ class Rule
3
+ def self.rule_for(right)
4
+ self.new(right).call
5
+ end
6
+
7
+ def initialize(right)
8
+ @right = right
9
+ end
10
+
11
+ def call
12
+ validate!
13
+
14
+ CanCan::Rule.new(can?, action, subject, conditions, nil)
15
+ end
16
+
17
+ private
18
+
19
+ def validate!
20
+ fail CanCanRight::Error, 'must specify an action' unless @right.action.present?
21
+ end
22
+
23
+ def can?
24
+ @right.can
25
+ end
26
+
27
+ def action
28
+ @right.action.to_sym
29
+ end
30
+
31
+ def subject
32
+ model_class || @right.subject
33
+ end
34
+
35
+ def conditions
36
+ model_class ? @right.conditions : nil
37
+ end
38
+
39
+ def model_class
40
+ return nil unless @right.subject.present?
41
+
42
+ begin
43
+ model_class = self.class.const_get(@right.subject)
44
+ rescue NameError
45
+ model_class = Class
46
+ end
47
+
48
+ return model_class if model_class.ancestors.include?(ActiveRecord::Base)
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,3 @@
1
+ module CanCanRight
2
+ VERSION = '0.0.1'
3
+ end
@@ -0,0 +1,4 @@
1
+ Description:
2
+ The cancanright:ability generator creates an Ability class in the models
3
+ directory. You can move this file anywhere you want as long as it
4
+ is in the load path.
@@ -0,0 +1,11 @@
1
+ module CanCanRight
2
+ module Generators
3
+ class AbilityGenerator < Rails::Generators::Base
4
+ source_root File.expand_path('../templates', __FILE__)
5
+
6
+ def generate_ability
7
+ copy_file "ability.rb", "app/models/ability.rb"
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,47 @@
1
+ class Ability
2
+ include CanCanRight::Ability
3
+
4
+ def initialize(user)
5
+ # Define abilities for the passed in user here. For example:
6
+ #
7
+ # user ||= User.new # guest user (not logged in)
8
+ # if user.admin?
9
+ # can :manage, :all
10
+ # else
11
+ # can :read, :all
12
+ # end
13
+ #
14
+ # The first argument to `can` is the action you are giving the user
15
+ # permission to do.
16
+ # If you pass :manage it will apply to every action. Other common actions
17
+ # here are :read, :create, :update and :destroy.
18
+ #
19
+ # The second argument is the resource the user can perform the action on.
20
+ # If you pass :all it will apply to every resource. Otherwise pass a Ruby
21
+ # class of the resource.
22
+ #
23
+ # The third argument is an optional hash of conditions to further filter the
24
+ # objects.
25
+ # For example, here the user can only update published articles.
26
+ #
27
+ # can :update, Article, :published => true
28
+ #
29
+ # See the wiki for details:
30
+ # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities
31
+ #
32
+ # CanCanRight extends upon the default CanCan ability with a useful helper.
33
+ #
34
+ # To define an ability for a right you can use:
35
+ #
36
+ # add_rule_for(right)
37
+ #
38
+ # To automatically define all abilities for a user you can just loop over the association.
39
+ #
40
+ # user.rights.each do |right|
41
+ # add_rule_for(right)
42
+ # end
43
+ #
44
+ # Further abilities to extend or override can be defined as usual.
45
+ end
46
+ end
47
+ end
metadata ADDED
@@ -0,0 +1,170 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: cancanright
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Grant Colegate
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-11-22 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rails
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: cancancan
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 1.15.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 1.15.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: 1.12.5
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: 1.12.5
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 11.3.0
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 11.3.0
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: 3.5.0
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: 3.5.0
83
+ - !ruby/object:Gem::Dependency
84
+ name: coverage-kit
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '0.1'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '0.1'
97
+ - !ruby/object:Gem::Dependency
98
+ name: simplecov-rcov
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '0.2'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '0.2'
111
+ - !ruby/object:Gem::Dependency
112
+ name: coveralls
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '0.8'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '0.8'
125
+ description: Database driven rules for CanCan
126
+ email:
127
+ - support@travellink.com.au
128
+ executables: []
129
+ extensions: []
130
+ extra_rdoc_files: []
131
+ files:
132
+ - CHANGELOG.md
133
+ - LICENSE
134
+ - README.md
135
+ - lib/cancanright.rb
136
+ - lib/cancanright/ability.rb
137
+ - lib/cancanright/controller_additions.rb
138
+ - lib/cancanright/error.rb
139
+ - lib/cancanright/model/right.rb
140
+ - lib/cancanright/model/role.rb
141
+ - lib/cancanright/role_model.rb
142
+ - lib/cancanright/rule.rb
143
+ - lib/cancanright/version.rb
144
+ - lib/generators/cancanright/ability/USAGE
145
+ - lib/generators/cancanright/ability/ability_generator.rb
146
+ - lib/generators/cancanright/ability/templates/ability.rb
147
+ homepage: ''
148
+ licenses: []
149
+ metadata: {}
150
+ post_install_message:
151
+ rdoc_options: []
152
+ require_paths:
153
+ - lib
154
+ required_ruby_version: !ruby/object:Gem::Requirement
155
+ requirements:
156
+ - - ">="
157
+ - !ruby/object:Gem::Version
158
+ version: '0'
159
+ required_rubygems_version: !ruby/object:Gem::Requirement
160
+ requirements:
161
+ - - ">="
162
+ - !ruby/object:Gem::Version
163
+ version: '0'
164
+ requirements: []
165
+ rubyforge_project:
166
+ rubygems_version: 2.5.1
167
+ signing_key:
168
+ specification_version: 4
169
+ summary: Database driven rules for CanCan
170
+ test_files: []