denied 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +0 -1
  3. data/CHANGELOG.md +4 -1
  4. data/README.md +35 -14
  5. data/lib/BLOG.md +14 -0
  6. data/lib/denied.rb +1 -0
  7. data/lib/denied/rails/railtie.rb +9 -0
  8. data/lib/denied/rspec/matcher_rspec2.rb +44 -0
  9. data/lib/denied/version.rb +1 -1
  10. metadata +5 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b94163c06da89e4067fb3b83d0141d3205461dba
4
- data.tar.gz: d630061324ba20cba1c060d3ef3e62d5ce8bed49
3
+ metadata.gz: 23e77daaaab8fc97af9353272db2a6d6ca829d49
4
+ data.tar.gz: a90ab5ce62da8319d5aa0fd8d098b574cdc36c22
5
5
  SHA512:
6
- metadata.gz: 6f6ab2449c746a7932aa91db6b60f1fae2ba00f7cdb042aa7cb7bf278275c2945b195a934cd0bde747534e60a21468b3cc84bc383c73dd2769cb795f4c930827
7
- data.tar.gz: 39c519ff2f631a0ec99c4b1d175f07410400e2a2fd26b041239ebd4269246cc4abf4f2c0cff45c406602920aa9c063cf30af847827af649afc03e78876790bce
6
+ metadata.gz: d33d85c4dadc76997adec69d46b49369b727e3d791ca28cd603c110701d02deacb58ad878e7c5d911dfa7ec5d321553fc7b24cafcf1bc0b934782e251869a7d9
7
+ data.tar.gz: 32a141989bda077b9f79e1d7f11b4f60fa169db5c893fb8dfbea7933ec0e88b1e859bbabea741ac9dff5fec932ad78cd0a4e7100ac63e7b3db03595d8111393c
data/.travis.yml CHANGED
@@ -1,5 +1,4 @@
1
1
  rvm:
2
- - 1.9.3
3
2
  - 2.0.0
4
3
  - 2.1.0
5
4
  - 2.1.1
data/CHANGELOG.md CHANGED
@@ -1,3 +1,6 @@
1
- 2014-08-21 Initial import
1
+ [not released] - 2014-08-22
2
+ * Added railtie to require controller extension instantly
3
+
4
+ [0.0.1] - 2014-08-21 Initial import
2
5
  * Includes plain and conditional restrictions
3
6
  * ..and RSpec matcher
data/README.md CHANGED
@@ -1,29 +1,50 @@
1
1
  # Denied
2
2
 
3
- TODO: Write a gem description
3
+ A rails controller extension, that gives you the possibility to restrict access to your controller actions.
4
4
 
5
- ## Installation
5
+ [![Build Status](https://secure.travis-ci.org/xijo/denied.png?branch=master)](https://travis-ci.org/xijo/denied) [![Gem Version](https://badge.fury.io/rb/denied.png)](http://badge.fury.io/rb/denied) [![Code Climate](https://codeclimate.com/github/xijo/denied.png)](https://codeclimate.com/github/xijo/denied) [![Code Climate](https://codeclimate.com/github/xijo/denied/coverage.png)](https://codeclimate.com/github/xijo/denied)
6
6
 
7
- Add this line to your application's Gemfile:
7
+ ## Installation
8
8
 
9
9
  gem 'denied'
10
10
 
11
- And then execute:
11
+ ## Compatibility
12
12
 
13
- $ bundle
13
+ Works with rails 3 and 4 and all versions every ruby 2.
14
14
 
15
- Or install it yourself as:
15
+ ## Usage
16
16
 
17
- $ gem install denied
17
+ ```ruby
18
+ class GoodiesController < ApplicationController
19
+ restrict :take
20
+ restrict :delete, allow_if: :goodie_manager?
18
21
 
19
- ## Usage
22
+ def take
23
+ # Grab a goodie
24
+ end
25
+
26
+ def delete
27
+ # Remove all the goodies
28
+ end
29
+
30
+ private
31
+
32
+ def goodie_manager?
33
+ # Your domain implementation
34
+ end
35
+ end
36
+ ```
37
+
38
+ What that does:
39
+ 1. Any anonymous access to one of both methods will raise `Denied::LoginRequired`
40
+ 2. If a `current_user` exists the access to take is allowed
41
+ 3. If a `current_user` exists but `goodie_manager?` returns false, then `Denied::AccessDenied` will be raised
42
+ 4. If a `current_user` exists and `goodie_manager?` is true, the access is allowed
43
+
44
+ ## Todos/Ideas
20
45
 
21
- TODO: Write usage instructions here
46
+ * make `current_user` configurable
22
47
 
23
48
  ## Contributing
24
49
 
25
- 1. Fork it ( http://github.com/<my-github-username>/denied/fork )
26
- 2. Create your feature branch (`git checkout -b my-new-feature`)
27
- 3. Commit your changes (`git commit -am 'Add some feature'`)
28
- 4. Push to the branch (`git push origin my-new-feature`)
29
- 5. Create new Pull Request
50
+ You know how this works and bonus points for feature branches!
data/lib/BLOG.md ADDED
@@ -0,0 +1,14 @@
1
+ Let's assume the following controller:
2
+
3
+ ```ruby
4
+ class GoodiesController < ApplicationController
5
+
6
+ def delete
7
+ # Remove all the goodies
8
+ end
9
+ end
10
+ ```
11
+
12
+ You want to protect that controller action, the normal way is: write a before_filter to check and redirect.
13
+
14
+ This is what `denied` does for you
data/lib/denied.rb CHANGED
@@ -7,6 +7,7 @@ require 'denied/access_denied'
7
7
  require 'denied/restriction'
8
8
  require 'denied/gatekeeper'
9
9
  require 'denied/rails/controller'
10
+ require 'denied/rails/railtie' if defined?(Rails)
10
11
 
11
12
  module Denied
12
13
  # Your code goes here...
data/lib/denied/rails/railtie.rb ADDED
@@ -0,0 +1,9 @@
1
+ module Denied
2
+ module Rails
3
+ class Railtie < ::Rails::Railtie
4
+ initializer 'denied.add_controller_extension' do
5
+ ActionController::Base.send :include, Denied::Rails::Controller
6
+ end
7
+ end
8
+ end
9
+ end
data/lib/denied/rspec/matcher_rspec2.rb ADDED
@@ -0,0 +1,44 @@
1
+ RSpec::Matchers.define :have_restriction_on do |given_action_name|
2
+ match do |given_controller|
3
+ @given_action_name = given_action_name
4
+ @given_controller = given_controller
5
+
6
+ @restriction = given_controller.restrictions.find do |restriction|
7
+ restriction.restricts?(given_action_name)
8
+ end
9
+
10
+ if @restriction
11
+ if @given_allow_if
12
+ @restriction.allow_if == @given_allow_if
13
+ else
14
+ true
15
+ end
16
+ else
17
+ false
18
+ end
19
+ end
20
+
21
+ chain :with_allow_if do |given_allow_if|
22
+ @given_allow_if = given_allow_if
23
+ end
24
+
25
+ failure_message_for_should do |actual|
26
+ if @restriction && @given_allow_if
27
+ "Expected restriction to call #{@given_allow_if.inspect}, but calls #{@restriction.allow_if.inspect}"
28
+ else
29
+ "Expected to have restriction on #{@given_action_name}, but was not found in #{@given_controller.restrictions.inspect}"
30
+ end
31
+ end
32
+
33
+ failure_message_for_should_not do |actual|
34
+ if @given_allow_if
35
+ "Expected restriction not to call #{@given_allow_if.inspect}, but calls #{@restriction.allow_if.inspect}"
36
+ else
37
+ "Expected not to have restriction on #{@given_action_name}, but was found in #{@given_controller.restrictions.inspect}"
38
+ end
39
+ end
40
+
41
+ def description
42
+ "Checks if a restriction for a given action is defined on the controller"
43
+ end
44
+ end
data/lib/denied/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Denied
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: denied
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johannes Opper
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-08-21 00:00:00.000000000 Z
11
+ date: 2014-08-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -124,14 +124,17 @@ files:
124
124
  - README.md
125
125
  - Rakefile
126
126
  - denied.gemspec
127
+ - lib/BLOG.md
127
128
  - lib/denied.rb
128
129
  - lib/denied/access_denied.rb
129
130
  - lib/denied/error.rb
130
131
  - lib/denied/gatekeeper.rb
131
132
  - lib/denied/login_required.rb
132
133
  - lib/denied/rails/controller.rb
134
+ - lib/denied/rails/railtie.rb
133
135
  - lib/denied/restriction.rb
134
136
  - lib/denied/rspec/matcher.rb
137
+ - lib/denied/rspec/matcher_rspec2.rb
135
138
  - lib/denied/version.rb
136
139
  - spec/lib/denied/gatekeeper_spec.rb
137
140
  - spec/lib/denied/rails/controller_spec.rb