clean-policy 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.version +1 -1
- data/lib/adapters/lux.rb +16 -0
- data/lib/clean-policy.rb +1 -0
- data/lib/clean-policy/base.rb +23 -22
- data/lib/clean-policy/global.rb +1 -21
- data/lib/clean-policy/proxy.rb +11 -22
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fb1734db9ce343c7fcb667d10be82ee205b3756f072670baf446a8fce1294286
|
|
4
|
+
data.tar.gz: 54c2c0038f3129351cd8208f3217c936f7b8acb7cb9db4ebdc9db9b6ee39816c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 24f6b064aac3dfbd6292e6b1116a0b209b432a5315f0f8239c2a84c4a3fa36d4bdb0c6b4fa79551ab9911acf501bf1cd459f93b2305c37dab7f920879e29895a
|
|
7
|
+
data.tar.gz: df71154dfe27bf6286fe9551bca352a367cbbeaecb1fcc341bd6a8cc031d2f0cb1d38c44fc971e70c5c40d1caffc4aaca2239a49835743df809745cd71d5c80a
|
data/.version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.3.0
|
data/lib/adapters/lux.rb
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# # modify base policy
|
|
2
|
+
# # after first call in current scope :is_policy_authorized will be set to true
|
|
3
|
+
# # check with `Policy.is_authorized?`, resets on every page load
|
|
4
|
+
# class Policy
|
|
5
|
+
# def before action
|
|
6
|
+
# Lux.current.var[:is_policy_authorized] = true if defined?(Lux)
|
|
7
|
+
# end
|
|
8
|
+
|
|
9
|
+
# def self.is_authorized?
|
|
10
|
+
# Lux.current.var[:is_policy_authorized]
|
|
11
|
+
# end
|
|
12
|
+
# end
|
|
13
|
+
|
|
14
|
+
# Lux::Application.before do
|
|
15
|
+
# Lux.current.var[:is_policy_authorized] = false
|
|
16
|
+
# end
|
data/lib/clean-policy.rb
CHANGED
data/lib/clean-policy/base.rb
CHANGED
|
@@ -1,17 +1,9 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# base caller
|
|
4
|
-
# Policy::User.new(model: @model, user: User.current).can?(:update) -> can current user update @model
|
|
5
|
-
|
|
6
|
-
# block will capture error message and will triggered only if error are present
|
|
7
|
-
# User.can?(:login) { |msg| http_error 401, "Err: #{msg}".red; return 'no access' }
|
|
8
|
-
|
|
9
1
|
class Policy
|
|
10
2
|
attr_reader :model, :user, :action
|
|
11
3
|
|
|
12
4
|
def initialize model:, user:
|
|
13
5
|
@model = model
|
|
14
|
-
@user = user
|
|
6
|
+
@user = user || current_user
|
|
15
7
|
end
|
|
16
8
|
|
|
17
9
|
# pass block if you want to handle errors yourself
|
|
@@ -30,31 +22,32 @@ class Policy
|
|
|
30
22
|
call *args, &block
|
|
31
23
|
end
|
|
32
24
|
|
|
25
|
+
def can
|
|
26
|
+
Proxy.new self
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
private
|
|
30
|
+
|
|
33
31
|
# call has to be isolated because specific of error handling
|
|
34
32
|
def call *args, &block
|
|
35
|
-
raise Error
|
|
33
|
+
raise Error, 'User is not defined, no access' unless @user
|
|
36
34
|
|
|
37
35
|
return true if before(@action)
|
|
38
36
|
return true if send(@action, *args)
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
37
|
+
|
|
38
|
+
raise Error, 'Access disabled in policy'
|
|
39
|
+
rescue Policy::Error => error
|
|
40
|
+
message = error.message
|
|
41
|
+
message += " - #{self.class}.#{@action}" if defined?(Lux) && Lux.config(:dump_errors)
|
|
43
42
|
|
|
44
43
|
if block
|
|
45
|
-
block.call(
|
|
44
|
+
block.call(message)
|
|
46
45
|
false
|
|
47
46
|
else
|
|
48
|
-
raise Policy::Error,
|
|
47
|
+
raise Policy::Error, message
|
|
49
48
|
end
|
|
50
49
|
end
|
|
51
50
|
|
|
52
|
-
def can
|
|
53
|
-
Proxy.new self
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
###
|
|
57
|
-
|
|
58
51
|
def before action
|
|
59
52
|
false
|
|
60
53
|
end
|
|
@@ -63,4 +56,12 @@ class Policy
|
|
|
63
56
|
raise Policy::Error.new(message)
|
|
64
57
|
end
|
|
65
58
|
|
|
59
|
+
# get current user from globals if globals defined
|
|
60
|
+
def current_user
|
|
61
|
+
if defined?(User) && User.respond_to?(:current)
|
|
62
|
+
User.current
|
|
63
|
+
elsif defined?(Current) && Current.respond_to?(:user)
|
|
64
|
+
Current.user
|
|
65
|
+
end
|
|
66
|
+
end
|
|
66
67
|
end
|
data/lib/clean-policy/global.rb
CHANGED
|
@@ -6,8 +6,6 @@ def Policy *args
|
|
|
6
6
|
opts.merge! args[1] if args[1]
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
raise ArgumentError, 'User not defined' unless opts.key?(:user)
|
|
10
|
-
|
|
11
9
|
model = opts[:model]
|
|
12
10
|
|
|
13
11
|
klass =
|
|
@@ -17,23 +15,5 @@ def Policy *args
|
|
|
17
15
|
ApplicationPolicy
|
|
18
16
|
end
|
|
19
17
|
|
|
20
|
-
klass.new(user: opts[:user], model: model)
|
|
18
|
+
klass.new(user: opts[:user], model: model).can
|
|
21
19
|
end
|
|
22
|
-
|
|
23
|
-
# "smart" access that will fill current user if possible
|
|
24
|
-
# fell free to overwrite this method
|
|
25
|
-
class Object
|
|
26
|
-
def policy *args
|
|
27
|
-
opts = args.first.dup
|
|
28
|
-
|
|
29
|
-
unless opts.is_a?(Hash)
|
|
30
|
-
opts = { model: opts }
|
|
31
|
-
opts.merge! args[1] if args[1]
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
opts[:user] ||= user_current if respond_to?(:user_current)
|
|
35
|
-
opts[:user] ||= User.current if defined?(User) && User.respond_to?(:current)
|
|
36
|
-
|
|
37
|
-
Policy opts
|
|
38
|
-
end
|
|
39
|
-
end
|
data/lib/clean-policy/proxy.rb
CHANGED
|
@@ -1,37 +1,26 @@
|
|
|
1
|
-
# true / false
|
|
2
|
-
# @model.can.write?
|
|
3
|
-
#
|
|
4
|
-
# raise error or return true
|
|
5
|
-
# @model.can.write!
|
|
6
|
-
#
|
|
7
|
-
# redirect on error or return true
|
|
8
|
-
# @model.can.write! { redirect_to '/login' }
|
|
9
|
-
|
|
10
1
|
class Policy
|
|
11
2
|
class Proxy
|
|
12
3
|
def initialize policy
|
|
13
4
|
@policy = policy
|
|
14
5
|
end
|
|
15
6
|
|
|
16
|
-
def method_missing name, &block
|
|
7
|
+
def method_missing name, *args, &block
|
|
17
8
|
name = name.to_s.sub(/(.)$/, '')
|
|
18
9
|
action = $1
|
|
10
|
+
@policy.can?(name, *args)
|
|
11
|
+
@policy.model || true
|
|
12
|
+
rescue Policy::Error => error
|
|
13
|
+
if block_given?
|
|
14
|
+
yield
|
|
15
|
+
return nil
|
|
16
|
+
end
|
|
19
17
|
|
|
20
18
|
if action == '!'
|
|
21
|
-
|
|
22
|
-
true
|
|
19
|
+
raise error
|
|
23
20
|
elsif action == '?'
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
begin
|
|
27
|
-
@policy.can?(name)
|
|
28
|
-
true
|
|
29
|
-
rescue Policy::Error
|
|
30
|
-
yield if block_given?
|
|
31
|
-
false
|
|
32
|
-
end
|
|
21
|
+
nil
|
|
33
22
|
else
|
|
34
|
-
raise ArgumentError.new('Bad policy method name
|
|
23
|
+
raise ArgumentError.new('Bad policy method %s' % name)
|
|
35
24
|
end
|
|
36
25
|
end
|
|
37
26
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clean-policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dino Reic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Clean, simple explicit and strait-forward policy definitions.
|
|
14
14
|
email: reic.dino@gmail.com
|
|
@@ -17,6 +17,7 @@ extensions: []
|
|
|
17
17
|
extra_rdoc_files: []
|
|
18
18
|
files:
|
|
19
19
|
- "./.version"
|
|
20
|
+
- "./lib/adapters/lux.rb"
|
|
20
21
|
- "./lib/clean-policy.rb"
|
|
21
22
|
- "./lib/clean-policy/base.rb"
|
|
22
23
|
- "./lib/clean-policy/error.rb"
|