checkin 0.4.5 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +7 -5
- data/VERSION +1 -1
- data/checkin.gemspec +2 -2
- data/lib/checkin/filters.rb +5 -4
- metadata +3 -3
data/README.md
CHANGED
|
@@ -13,7 +13,8 @@
|
|
|
13
13
|
* Scoped authorization rules
|
|
14
14
|
* Cascading authorization rules
|
|
15
15
|
* Simple: even complex authorization behaviour is understandable at glimpse and easily predictable
|
|
16
|
-
* Support for controller based mass assignment protection
|
|
16
|
+
* Support for controller based mass assignment protection
|
|
17
|
+
* Support for RESTful and non-RESTful controllers
|
|
17
18
|
|
|
18
19
|
## Installation
|
|
19
20
|
|
|
@@ -166,7 +167,9 @@ Inside a permissions block `allow` and `deny` rules are checked consecutively. T
|
|
|
166
167
|
|
|
167
168
|
## Integration with the application
|
|
168
169
|
|
|
169
|
-
The `checkin` method
|
|
170
|
+
The `checkin` method defines a before filter to a controller that is responsible to instantiate a subject decorator to the current subject model.
|
|
171
|
+
|
|
172
|
+
Without options `checkin` instantiates automatically the current resource for CRUD actions (inferhed by controller name), and checks permissions for the *current subject* to perform the *current action* on the *current resource* in the *current scope*. You may with to set `:resourceful => false` to skip this.
|
|
170
173
|
|
|
171
174
|
If the check fails a `Checkin::AccessDenied` exception is raised.
|
|
172
175
|
|
|
@@ -197,7 +200,7 @@ end
|
|
|
197
200
|
|
|
198
201
|
##### References
|
|
199
202
|
|
|
200
|
-
* `checkin(options = {})
|
|
203
|
+
* `checkin(options = {})` *aliased by* `authorize` <br/>
|
|
201
204
|
Define the checkin before filter in the controller in which is invoked
|
|
202
205
|
**Options**
|
|
203
206
|
* `:scope` : Specify the current scope
|
|
@@ -206,7 +209,7 @@ end
|
|
|
206
209
|
* `:subject_model` : Specify the method that return the current subject model, default to `:current_user`
|
|
207
210
|
* `:object` : Specify a method accessible in the controller scope that returns the current resource, if none is specified such method is automatically generated by the `checkin` method
|
|
208
211
|
* `:find_object` : Specify a way to fetch the resource object passing a `String` or `Symbol` corresponding to a method name or a `Proc` that returns the resoruce. Default to `Proc.new { model_class.find(params[:id]) }`
|
|
209
|
-
* `:
|
|
212
|
+
* `resourceful`: Specify to instantiate a resource for CRUD actions (if not already present) and to check authorization process against it. Default to `true`.
|
|
210
213
|
* `:rescue_with` : Specify a procedure that is invoked to rescue from `Checkin::AccessDenied` exceptions
|
|
211
214
|
|
|
212
215
|
_eg._
|
|
@@ -282,4 +285,3 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
|
282
285
|
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
283
286
|
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
284
287
|
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
285
|
-
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.5.0
|
data/checkin.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = "checkin"
|
|
8
|
-
s.version = "0.
|
|
8
|
+
s.version = "0.5.0"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["mcasimir"]
|
|
12
|
-
s.date = "2012-
|
|
12
|
+
s.date = "2012-08-04"
|
|
13
13
|
s.description = "Checkin is an authorization gem for Ruby on Rails"
|
|
14
14
|
s.email = "maurizio.cas@gmail.com"
|
|
15
15
|
s.extra_rdoc_files = [
|
data/lib/checkin/filters.rb
CHANGED
|
@@ -36,10 +36,10 @@ module Checkin
|
|
|
36
36
|
define_method :rescue_from_checkin_access_denied, &block
|
|
37
37
|
rescue_from Checkin::AccessDenied, :with => :rescue_from_checkin_access_denied
|
|
38
38
|
end
|
|
39
|
-
|
|
40
|
-
|
|
39
|
+
|
|
40
|
+
opts[:resourceful] ||= true
|
|
41
|
+
if opts[:resourceful] && !opts[:skip_authorization]
|
|
41
42
|
define_method :"#{object_method}" do
|
|
42
|
-
|
|
43
43
|
|
|
44
44
|
if params[:id]
|
|
45
45
|
model_class = self.controller_name.singularize.camelize.constantize
|
|
@@ -72,7 +72,8 @@ module Checkin
|
|
|
72
72
|
end
|
|
73
73
|
end
|
|
74
74
|
end
|
|
75
|
+
alias :authorize :checkin
|
|
76
|
+
|
|
75
77
|
end
|
|
76
|
-
|
|
77
78
|
end
|
|
78
79
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: checkin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-
|
|
12
|
+
date: 2012-08-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: jeweler
|
|
@@ -70,7 +70,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
70
70
|
version: '0'
|
|
71
71
|
segments:
|
|
72
72
|
- 0
|
|
73
|
-
hash:
|
|
73
|
+
hash: 1410408469614774106
|
|
74
74
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
75
|
none: false
|
|
76
76
|
requirements:
|