dead_simple_authorization 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/dead_simple_authorization/helpers.rb +2 -2
- data/lib/dead_simple_authorization/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 15a49f312a875cba52fd7ea632d824de59c15056
|
|
4
|
+
data.tar.gz: 797ddf01b6afd02fa40d97b46053c5997e518e04
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d27a36a1dc76c1f92b7ebea11da3cd900bb1ddb1a572db8b84a2fecd5adcac46846a78bc8a85d7db7077b66117a091fb739f189c820b5a04653597b77f7deb17
|
|
7
|
+
data.tar.gz: ff5f5b0eb38c6baa2b8d3341925b1836b3e9dac4d3e30d8e76d3a904ccdd8efff28d1d967cc313199ef0e5a9a54d571b362ac6e09b41a65c83c9c02aca283612
|
data/README.md
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
It's a simple gem for authorization. The main concepts around dead_simple_authorization are: users, resources and permissions. Using a couple of simple naming conventions, it organizes the way in which access to a resource (an activerecord model for example) by a user (e.g. a web application's user) is checked.
|
|
5
5
|
|
|
6
6
|
## What's included
|
|
7
|
-
The juice of this
|
|
7
|
+
The juice of this gem are the methods can? and authorize included in the module DeadSimpleAuthorization::Helpers. Both methods accept 3 arguments: a user, an action and a resource. For example can?(user, :update, post) checks if a user has the permission to update a post. The authorize method is the stricter of the two, as if the user doesn't have permission, it raises a DeadSimpleAuthorization::Errors::NotAuthorized error, while can? method only returns a boolean.
|
|
8
8
|
|
|
9
9
|
## Example usage
|
|
10
10
|
Think of a web application (e.g. a rails app), a blog for example, where there are Users and Posts and a user can be the owner of a Post. How would we create a simple authorization mechanism in this case?
|
|
@@ -24,10 +24,10 @@ module DeadSimpleAuthorization
|
|
|
24
24
|
# error, but returns the boolean outcome of the check
|
|
25
25
|
#
|
|
26
26
|
def can?(user, action, resource)
|
|
27
|
-
action = action.
|
|
27
|
+
action = action.to_s
|
|
28
28
|
policy_class = "#{resource.class}Policy"
|
|
29
29
|
policy = Object::const_get(policy_class).new(resource, user)
|
|
30
|
-
policy.send("#{action
|
|
30
|
+
policy.send("#{action}?")
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dead_simple_authorization
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Pantelis Vratsalis
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-07-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -93,10 +93,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
93
93
|
version: '0'
|
|
94
94
|
requirements: []
|
|
95
95
|
rubyforge_project:
|
|
96
|
-
rubygems_version: 2.
|
|
96
|
+
rubygems_version: 2.4.5
|
|
97
97
|
signing_key:
|
|
98
98
|
specification_version: 4
|
|
99
99
|
summary: A pretty simple solution for permissions on resources - framework agnostic
|
|
100
100
|
test_files:
|
|
101
101
|
- spec/helpers_spec.rb
|
|
102
102
|
- spec/spec_helper.rb
|
|
103
|
+
has_rdoc:
|