clean-policy 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.version +1 -1
- data/lib/adapters/lux.rb +16 -0
- data/lib/clean-policy.rb +1 -0
- data/lib/clean-policy/base.rb +23 -22
- data/lib/clean-policy/global.rb +1 -21
- data/lib/clean-policy/proxy.rb +11 -22
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fb1734db9ce343c7fcb667d10be82ee205b3756f072670baf446a8fce1294286
|
|
4
|
+
data.tar.gz: 54c2c0038f3129351cd8208f3217c936f7b8acb7cb9db4ebdc9db9b6ee39816c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 24f6b064aac3dfbd6292e6b1116a0b209b432a5315f0f8239c2a84c4a3fa36d4bdb0c6b4fa79551ab9911acf501bf1cd459f93b2305c37dab7f920879e29895a
|
|
7
|
+
data.tar.gz: df71154dfe27bf6286fe9551bca352a367cbbeaecb1fcc341bd6a8cc031d2f0cb1d38c44fc971e70c5c40d1caffc4aaca2239a49835743df809745cd71d5c80a
|
data/.version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.3.0
|
data/lib/adapters/lux.rb
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# # modify base policy
|
|
2
|
+
# # after first call in current scope :is_policy_authorized will be set to true
|
|
3
|
+
# # check with `Policy.is_authorized?`, resets on every page load
|
|
4
|
+
# class Policy
|
|
5
|
+
# def before action
|
|
6
|
+
# Lux.current.var[:is_policy_authorized] = true if defined?(Lux)
|
|
7
|
+
# end
|
|
8
|
+
|
|
9
|
+
# def self.is_authorized?
|
|
10
|
+
# Lux.current.var[:is_policy_authorized]
|
|
11
|
+
# end
|
|
12
|
+
# end
|
|
13
|
+
|
|
14
|
+
# Lux::Application.before do
|
|
15
|
+
# Lux.current.var[:is_policy_authorized] = false
|
|
16
|
+
# end
|
data/lib/clean-policy.rb
CHANGED
data/lib/clean-policy/base.rb
CHANGED
|
@@ -1,17 +1,9 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# base caller
|
|
4
|
-
# Policy::User.new(model: @model, user: User.current).can?(:update) -> can current user update @model
|
|
5
|
-
|
|
6
|
-
# block will capture error message and will triggered only if error are present
|
|
7
|
-
# User.can?(:login) { |msg| http_error 401, "Err: #{msg}".red; return 'no access' }
|
|
8
|
-
|
|
9
1
|
class Policy
|
|
10
2
|
attr_reader :model, :user, :action
|
|
11
3
|
|
|
12
4
|
def initialize model:, user:
|
|
13
5
|
@model = model
|
|
14
|
-
@user = user
|
|
6
|
+
@user = user || current_user
|
|
15
7
|
end
|
|
16
8
|
|
|
17
9
|
# pass block if you want to handle errors yourself
|
|
@@ -30,31 +22,32 @@ class Policy
|
|
|
30
22
|
call *args, &block
|
|
31
23
|
end
|
|
32
24
|
|
|
25
|
+
def can
|
|
26
|
+
Proxy.new self
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
private
|
|
30
|
+
|
|
33
31
|
# call has to be isolated because specific of error handling
|
|
34
32
|
def call *args, &block
|
|
35
|
-
raise Error
|
|
33
|
+
raise Error, 'User is not defined, no access' unless @user
|
|
36
34
|
|
|
37
35
|
return true if before(@action)
|
|
38
36
|
return true if send(@action, *args)
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
37
|
+
|
|
38
|
+
raise Error, 'Access disabled in policy'
|
|
39
|
+
rescue Policy::Error => error
|
|
40
|
+
message = error.message
|
|
41
|
+
message += " - #{self.class}.#{@action}" if defined?(Lux) && Lux.config(:dump_errors)
|
|
43
42
|
|
|
44
43
|
if block
|
|
45
|
-
block.call(
|
|
44
|
+
block.call(message)
|
|
46
45
|
false
|
|
47
46
|
else
|
|
48
|
-
raise Policy::Error,
|
|
47
|
+
raise Policy::Error, message
|
|
49
48
|
end
|
|
50
49
|
end
|
|
51
50
|
|
|
52
|
-
def can
|
|
53
|
-
Proxy.new self
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
###
|
|
57
|
-
|
|
58
51
|
def before action
|
|
59
52
|
false
|
|
60
53
|
end
|
|
@@ -63,4 +56,12 @@ class Policy
|
|
|
63
56
|
raise Policy::Error.new(message)
|
|
64
57
|
end
|
|
65
58
|
|
|
59
|
+
# get current user from globals if globals defined
|
|
60
|
+
def current_user
|
|
61
|
+
if defined?(User) && User.respond_to?(:current)
|
|
62
|
+
User.current
|
|
63
|
+
elsif defined?(Current) && Current.respond_to?(:user)
|
|
64
|
+
Current.user
|
|
65
|
+
end
|
|
66
|
+
end
|
|
66
67
|
end
|
data/lib/clean-policy/global.rb
CHANGED
|
@@ -6,8 +6,6 @@ def Policy *args
|
|
|
6
6
|
opts.merge! args[1] if args[1]
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
raise ArgumentError, 'User not defined' unless opts.key?(:user)
|
|
10
|
-
|
|
11
9
|
model = opts[:model]
|
|
12
10
|
|
|
13
11
|
klass =
|
|
@@ -17,23 +15,5 @@ def Policy *args
|
|
|
17
15
|
ApplicationPolicy
|
|
18
16
|
end
|
|
19
17
|
|
|
20
|
-
klass.new(user: opts[:user], model: model)
|
|
18
|
+
klass.new(user: opts[:user], model: model).can
|
|
21
19
|
end
|
|
22
|
-
|
|
23
|
-
# "smart" access that will fill current user if possible
|
|
24
|
-
# fell free to overwrite this method
|
|
25
|
-
class Object
|
|
26
|
-
def policy *args
|
|
27
|
-
opts = args.first.dup
|
|
28
|
-
|
|
29
|
-
unless opts.is_a?(Hash)
|
|
30
|
-
opts = { model: opts }
|
|
31
|
-
opts.merge! args[1] if args[1]
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
opts[:user] ||= user_current if respond_to?(:user_current)
|
|
35
|
-
opts[:user] ||= User.current if defined?(User) && User.respond_to?(:current)
|
|
36
|
-
|
|
37
|
-
Policy opts
|
|
38
|
-
end
|
|
39
|
-
end
|
data/lib/clean-policy/proxy.rb
CHANGED
|
@@ -1,37 +1,26 @@
|
|
|
1
|
-
# true / false
|
|
2
|
-
# @model.can.write?
|
|
3
|
-
#
|
|
4
|
-
# raise error or return true
|
|
5
|
-
# @model.can.write!
|
|
6
|
-
#
|
|
7
|
-
# redirect on error or return true
|
|
8
|
-
# @model.can.write! { redirect_to '/login' }
|
|
9
|
-
|
|
10
1
|
class Policy
|
|
11
2
|
class Proxy
|
|
12
3
|
def initialize policy
|
|
13
4
|
@policy = policy
|
|
14
5
|
end
|
|
15
6
|
|
|
16
|
-
def method_missing name, &block
|
|
7
|
+
def method_missing name, *args, &block
|
|
17
8
|
name = name.to_s.sub(/(.)$/, '')
|
|
18
9
|
action = $1
|
|
10
|
+
@policy.can?(name, *args)
|
|
11
|
+
@policy.model || true
|
|
12
|
+
rescue Policy::Error => error
|
|
13
|
+
if block_given?
|
|
14
|
+
yield
|
|
15
|
+
return nil
|
|
16
|
+
end
|
|
19
17
|
|
|
20
18
|
if action == '!'
|
|
21
|
-
|
|
22
|
-
true
|
|
19
|
+
raise error
|
|
23
20
|
elsif action == '?'
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
begin
|
|
27
|
-
@policy.can?(name)
|
|
28
|
-
true
|
|
29
|
-
rescue Policy::Error
|
|
30
|
-
yield if block_given?
|
|
31
|
-
false
|
|
32
|
-
end
|
|
21
|
+
nil
|
|
33
22
|
else
|
|
34
|
-
raise ArgumentError.new('Bad policy method name
|
|
23
|
+
raise ArgumentError.new('Bad policy method %s' % name)
|
|
35
24
|
end
|
|
36
25
|
end
|
|
37
26
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clean-policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dino Reic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Clean, simple explicit and strait-forward policy definitions.
|
|
14
14
|
email: reic.dino@gmail.com
|
|
@@ -17,6 +17,7 @@ extensions: []
|
|
|
17
17
|
extra_rdoc_files: []
|
|
18
18
|
files:
|
|
19
19
|
- "./.version"
|
|
20
|
+
- "./lib/adapters/lux.rb"
|
|
20
21
|
- "./lib/clean-policy.rb"
|
|
21
22
|
- "./lib/clean-policy/base.rb"
|
|
22
23
|
- "./lib/clean-policy/error.rb"
|