controller_policies 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +48 -10
- data/lib/ability.rb +16 -12
- data/lib/controller_policies/railtie.rb +2 -2
- data/lib/controller_policies/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fa53cf4c7f5bfddf09fdf955300af7495177f5d3410983a43202733504d6169b
|
4
|
+
data.tar.gz: 68c2cc086cb3cf7c49cc711a08f39ffa3ef3708bdb18add637a76e2e562b6e80
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c36da060a6497a6655e4affc6404142d29055830819a67ffd441aabe401b4ce6fb3c72061b9905e5a7485c9ebfc68cb1451caf5fef64a3ea7dc333d8c4ef4839
|
7
|
+
data.tar.gz: c37a343a64bacc653e06420be3e1c3e5f1563692d996326de1112da645770dca5258cd145038d456c41705b2e79bc4110cc6ae3683db83647a540b72d8acaa69
|
data/README.md
CHANGED
@@ -20,7 +20,7 @@ rails g policy_definition my/namespace
|
|
20
20
|
|
21
21
|
This will generate a file: `app/policies/my/namespace/definitions.rb`
|
22
22
|
|
23
|
-
The developer should edit this file and add the policies for the app.
|
23
|
+
The developer should edit this file and add the policies for the app. **It is important to note that the location of the definitions file should reflect the namespace of the associated controllers.**
|
24
24
|
|
25
25
|
### `actions` key
|
26
26
|
|
@@ -61,7 +61,7 @@ Simply add the line `has_enforced_policies`, and pass a block with one argument
|
|
61
61
|
```ruby
|
62
62
|
class MyController < ApplicationController
|
63
63
|
has_enforced_policies do |ability_code|
|
64
|
-
current_user.abilities.include? ability_code
|
64
|
+
render 'unauthorized' unless current_user.abilities.include? ability_code
|
65
65
|
end
|
66
66
|
|
67
67
|
# ...
|
@@ -73,14 +73,28 @@ class MyController < ApplicationController
|
|
73
73
|
has_enforced_policies
|
74
74
|
|
75
75
|
def ability?(ability_code)
|
76
|
-
current_user.abilities.include? ability_code
|
76
|
+
render 'unauthorized' unless current_user.abilities.include? ability_code
|
77
77
|
end
|
78
78
|
# ...
|
79
79
|
end
|
80
80
|
```
|
81
81
|
|
82
|
+
It is recommended to use `render` or `redirect_to` within this block **to prevent the controllers from executing the action** when the ability did not exist in the data. The ability checking is done in a `before_action` callback, hence using `render` or `redirect_to` will stop further controller actions. This is a Rails behavior.
|
83
|
+
|
82
84
|
Since storing abilities are very flexible and there are truly infinite ways of doing it, *this gem did not support that feature.* Instead, the developer must define their own ability checking.
|
83
85
|
|
86
|
+
## Skipping Policy Enforcement in Certain Actions
|
87
|
+
|
88
|
+
There might be an event where there is a need to skip automatic policy enforcements in certain actions. As explained above, the policy enforcement is done in a `before_action` callback. To skip a policy enforcement, simply use the `skip_before_action :check_abilities_by_definition` method from Rails. The `:only` and `:except` options are also available to filter actions.
|
89
|
+
|
90
|
+
```ruby
|
91
|
+
class MyOtherController < MyController
|
92
|
+
skip_before_action :check_abilities_by_definition, only: [:new, :edit]
|
93
|
+
|
94
|
+
# ...
|
95
|
+
end
|
96
|
+
```
|
97
|
+
|
84
98
|
## Ability
|
85
99
|
|
86
100
|
The Ability class is a model for abilities that come from the definition files.
|
@@ -91,25 +105,33 @@ The Ability class is a model for abilities that come from the definition files.
|
|
91
105
|
|
92
106
|
Get all abilities from all definitions.
|
93
107
|
|
108
|
+
```ruby
|
109
|
+
Ability.all
|
110
|
+
```
|
111
|
+
|
94
112
|
#### #all_codes
|
95
113
|
|
96
114
|
Get all ability codes from all definitions.
|
97
115
|
|
98
|
-
|
116
|
+
```ruby
|
117
|
+
Ability.all_codes
|
118
|
+
```
|
99
119
|
|
100
|
-
|
120
|
+
#### #where(*queries)
|
101
121
|
|
102
|
-
|
122
|
+
Filter abilities based on namespace. `queries` can be an array of Strings, Modules or Classes.
|
103
123
|
|
104
|
-
|
124
|
+
```ruby
|
125
|
+
Ability.where(FeatureOne, FeatureTwo, FeatureOne::SubFeatureA)
|
126
|
+
```
|
105
127
|
|
106
128
|
#### #match(expression)
|
107
129
|
|
108
130
|
Match abilities based on a matching string or regex. The matcher is based on the namespace. `expression` can be a Regexp or String.
|
109
131
|
|
110
|
-
|
111
|
-
|
112
|
-
|
132
|
+
```ruby
|
133
|
+
Ability.match(/FeatureOne(::)?(.)*/)
|
134
|
+
```
|
113
135
|
|
114
136
|
### Instance Methods
|
115
137
|
|
@@ -117,18 +139,34 @@ Find an ability based on a matching string or regex. The matcher is based on the
|
|
117
139
|
|
118
140
|
The code of the ability.
|
119
141
|
|
142
|
+
```ruby
|
143
|
+
ability.code
|
144
|
+
```
|
145
|
+
|
120
146
|
#### #name
|
121
147
|
|
122
148
|
The name of the ability.
|
123
149
|
|
150
|
+
```ruby
|
151
|
+
ability.name
|
152
|
+
```
|
153
|
+
|
124
154
|
#### #description
|
125
155
|
|
126
156
|
The description of the ability.
|
127
157
|
|
158
|
+
```ruby
|
159
|
+
ability.description
|
160
|
+
```
|
161
|
+
|
128
162
|
#### #actions
|
129
163
|
|
130
164
|
Controller actions that the ability can check against.
|
131
165
|
|
166
|
+
```ruby
|
167
|
+
ability.actions
|
168
|
+
```
|
169
|
+
|
132
170
|
## Contributing
|
133
171
|
|
134
172
|
Bug reports and pull requests are welcome on GitHub at https://github.com/tieeeeen1994/controller_policies. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/tieeeeen1994/controller_policies/blob/master/CODE_OF_CONDUCT.md).
|
data/lib/ability.rb
CHANGED
@@ -33,19 +33,23 @@ class Ability
|
|
33
33
|
end
|
34
34
|
|
35
35
|
# Filter abilities based on namespace.
|
36
|
-
def where(
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
36
|
+
def where(*queries)
|
37
|
+
results = []
|
38
|
+
queries.each do |query|
|
39
|
+
case query.class.to_s
|
40
|
+
when 'String'
|
41
|
+
results += all.select { |ability| ability.namespace.to_s == trim(query).camelize }
|
42
|
+
when 'Module', 'Class'
|
43
|
+
results += all.select { |ability| ability.namespace == query }
|
44
|
+
end
|
42
45
|
end
|
46
|
+
results
|
43
47
|
end
|
44
48
|
|
45
49
|
# Find an ability within a namespace.
|
46
|
-
def find(query_string)
|
47
|
-
|
48
|
-
end
|
50
|
+
# def find(query_string)
|
51
|
+
# where(query_string).first
|
52
|
+
# end
|
49
53
|
|
50
54
|
# Match abilities based on a matching string or regex. The matcher is based on the namespace.
|
51
55
|
def match(expression)
|
@@ -56,9 +60,9 @@ class Ability
|
|
56
60
|
end
|
57
61
|
|
58
62
|
# Find an ability based on a matching string or regex. The matcher is based on the namespace.
|
59
|
-
def mill(expression)
|
60
|
-
|
61
|
-
end
|
63
|
+
# def mill(expression)
|
64
|
+
# match(expression).first
|
65
|
+
# end
|
62
66
|
|
63
67
|
# Path to the policy folder.
|
64
68
|
def policy_path
|
@@ -19,10 +19,10 @@ module ControllerPolicies
|
|
19
19
|
|
20
20
|
initializer 'controller_policies.autoloaders' do
|
21
21
|
Rails.autoloaders.each do |autoloader|
|
22
|
-
autoloader.ignore(
|
22
|
+
autoloader.ignore(Ability.policy_path)
|
23
23
|
end
|
24
24
|
|
25
|
-
Dir[
|
25
|
+
Dir[Ability.policy_path.join('**/*.rb')].each { |definition| require definition }
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: controller_policies
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tien
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-05-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|