checkin 0.4.5 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +7 -5
- data/VERSION +1 -1
- data/checkin.gemspec +2 -2
- data/lib/checkin/filters.rb +5 -4
- metadata +3 -3
data/README.md
CHANGED
|
@@ -13,7 +13,8 @@
|
|
|
13
13
|
* Scoped authorization rules
|
|
14
14
|
* Cascading authorization rules
|
|
15
15
|
* Simple: even complex authorization behaviour is understandable at glimpse and easily predictable
|
|
16
|
-
* Support for controller based mass assignment protection
|
|
16
|
+
* Support for controller based mass assignment protection
|
|
17
|
+
* Support for RESTful and non-RESTful controllers
|
|
17
18
|
|
|
18
19
|
## Installation
|
|
19
20
|
|
|
@@ -166,7 +167,9 @@ Inside a permissions block `allow` and `deny` rules are checked consecutively. T
|
|
|
166
167
|
|
|
167
168
|
## Integration with the application
|
|
168
169
|
|
|
169
|
-
The `checkin` method
|
|
170
|
+
The `checkin` method defines a before filter to a controller that is responsible to instantiate a subject decorator to the current subject model.
|
|
171
|
+
|
|
172
|
+
Without options `checkin` instantiates automatically the current resource for CRUD actions (inferhed by controller name), and checks permissions for the *current subject* to perform the *current action* on the *current resource* in the *current scope*. You may with to set `:resourceful => false` to skip this.
|
|
170
173
|
|
|
171
174
|
If the check fails a `Checkin::AccessDenied` exception is raised.
|
|
172
175
|
|
|
@@ -197,7 +200,7 @@ end
|
|
|
197
200
|
|
|
198
201
|
##### References
|
|
199
202
|
|
|
200
|
-
* `checkin(options = {})
|
|
203
|
+
* `checkin(options = {})` *aliased by* `authorize` <br/>
|
|
201
204
|
Define the checkin before filter in the controller in which is invoked
|
|
202
205
|
**Options**
|
|
203
206
|
* `:scope` : Specify the current scope
|
|
@@ -206,7 +209,7 @@ end
|
|
|
206
209
|
* `:subject_model` : Specify the method that return the current subject model, default to `:current_user`
|
|
207
210
|
* `:object` : Specify a method accessible in the controller scope that returns the current resource, if none is specified such method is automatically generated by the `checkin` method
|
|
208
211
|
* `:find_object` : Specify a way to fetch the resource object passing a `String` or `Symbol` corresponding to a method name or a `Proc` that returns the resoruce. Default to `Proc.new { model_class.find(params[:id]) }`
|
|
209
|
-
* `:
|
|
212
|
+
* `resourceful`: Specify to instantiate a resource for CRUD actions (if not already present) and to check authorization process against it. Default to `true`.
|
|
210
213
|
* `:rescue_with` : Specify a procedure that is invoked to rescue from `Checkin::AccessDenied` exceptions
|
|
211
214
|
|
|
212
215
|
_eg._
|
|
@@ -282,4 +285,3 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
|
282
285
|
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
283
286
|
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
284
287
|
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
285
|
-
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.5.0
|
data/checkin.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = "checkin"
|
|
8
|
-
s.version = "0.
|
|
8
|
+
s.version = "0.5.0"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["mcasimir"]
|
|
12
|
-
s.date = "2012-
|
|
12
|
+
s.date = "2012-08-04"
|
|
13
13
|
s.description = "Checkin is an authorization gem for Ruby on Rails"
|
|
14
14
|
s.email = "maurizio.cas@gmail.com"
|
|
15
15
|
s.extra_rdoc_files = [
|
data/lib/checkin/filters.rb
CHANGED
|
@@ -36,10 +36,10 @@ module Checkin
|
|
|
36
36
|
define_method :rescue_from_checkin_access_denied, &block
|
|
37
37
|
rescue_from Checkin::AccessDenied, :with => :rescue_from_checkin_access_denied
|
|
38
38
|
end
|
|
39
|
-
|
|
40
|
-
|
|
39
|
+
|
|
40
|
+
opts[:resourceful] ||= true
|
|
41
|
+
if opts[:resourceful] && !opts[:skip_authorization]
|
|
41
42
|
define_method :"#{object_method}" do
|
|
42
|
-
|
|
43
43
|
|
|
44
44
|
if params[:id]
|
|
45
45
|
model_class = self.controller_name.singularize.camelize.constantize
|
|
@@ -72,7 +72,8 @@ module Checkin
|
|
|
72
72
|
end
|
|
73
73
|
end
|
|
74
74
|
end
|
|
75
|
+
alias :authorize :checkin
|
|
76
|
+
|
|
75
77
|
end
|
|
76
|
-
|
|
77
78
|
end
|
|
78
79
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: checkin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-
|
|
12
|
+
date: 2012-08-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: jeweler
|
|
@@ -70,7 +70,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
70
70
|
version: '0'
|
|
71
71
|
segments:
|
|
72
72
|
- 0
|
|
73
|
-
hash:
|
|
73
|
+
hash: 1410408469614774106
|
|
74
74
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
75
|
none: false
|
|
76
76
|
requirements:
|