discretion 2.0.0.pre.alpha → 3.0.0.pre.alpha
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/discretion.gemspec +9 -9
- data/lib/discretion/can.rb +15 -2
- data/lib/discretion/current_viewer.rb +13 -0
- data/lib/discretion/discreet_model.rb +6 -0
- data/lib/discretion/errors.rb +1 -0
- data/lib/discretion/helpers.rb +6 -6
- data/lib/discretion/middleware.rb +8 -2
- data/lib/discretion/version.rb +1 -1
- metadata +59 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 151384ffe6eb47722c2bba83128a44f7a724e41e105413999ef835da6078c2c6
|
4
|
+
data.tar.gz: 238b0b1f5824c7d854b354c6dbea5f193fda306586fa1acec26e329271d6723b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15261a63c3ecf0d9b9b1ca501d09a09ac81d9c9a2e12e7ffdcbe65011c49007af6711c3feb8d0d8dafb1c49c1da96022e47ed226f0f69abbd57a4c06b6175ea6
|
7
|
+
data.tar.gz: 9f9a15eeaaac9e9c7f108d33016dbf559b46c6bb730f7ef7d19d3b6d261ad61f19c99d738d32cd8a2d2652bfcaf6440f840ce221b4ab9ce0f5ec13392c7ee6d4
|
data/discretion.gemspec
CHANGED
@@ -14,9 +14,9 @@ Gem::Specification.new do |spec|
|
|
14
14
|
spec.homepage = 'https://github.com/abeland/discretion'
|
15
15
|
spec.license = 'MIT'
|
16
16
|
|
17
|
-
spec.add_dependency 'activesupport'
|
17
|
+
spec.add_dependency 'activesupport', '~> 5.1', '>= 5.1.4'
|
18
18
|
spec.add_dependency 'rails', '~>5'
|
19
|
-
spec.add_dependency 'request_store', '~>1.
|
19
|
+
spec.add_dependency 'request_store', '~>1.4', '>= 1.4.1'
|
20
20
|
spec.required_ruby_version = '>= 2.2.2'
|
21
21
|
|
22
22
|
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
@@ -26,11 +26,11 @@ Gem::Specification.new do |spec|
|
|
26
26
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
27
27
|
spec.require_paths = ['lib']
|
28
28
|
|
29
|
-
spec.add_development_dependency 'activerecord'
|
30
|
-
spec.add_development_dependency 'bundler', '~> 1.
|
31
|
-
spec.add_development_dependency 'factory_bot_rails'
|
32
|
-
spec.add_development_dependency 'rake', '~> 10.
|
33
|
-
spec.add_development_dependency 'rspec'
|
34
|
-
spec.add_development_dependency 'rspec-rails'
|
35
|
-
spec.add_development_dependency 'sqlite3'
|
29
|
+
spec.add_development_dependency 'activerecord', '~> 5.1', '>= 5.1.4'
|
30
|
+
spec.add_development_dependency 'bundler', '~> 1.3'
|
31
|
+
spec.add_development_dependency 'factory_bot_rails', '~> 4.8', '>= 4.8.2'
|
32
|
+
spec.add_development_dependency 'rake', '~> 10.5'
|
33
|
+
spec.add_development_dependency 'rspec', '~> 3.7'
|
34
|
+
spec.add_development_dependency 'rspec-rails', '~> 3.7', '>= 3.7.2'
|
35
|
+
spec.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.13'
|
36
36
|
end
|
data/lib/discretion/can.rb
CHANGED
@@ -2,7 +2,8 @@ module Discretion
|
|
2
2
|
class << self
|
3
3
|
def can_see_record?(viewer, record)
|
4
4
|
return true unless record.is_a?(Discretion::DiscreetModel)
|
5
|
-
return true if Discretion::OMNISCIENT_VIEWER
|
5
|
+
return true if Discretion.currently_acting_as?(Discretion::OMNISCIENT_VIEWER) ||
|
6
|
+
Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
|
6
7
|
|
7
8
|
record.send(:can_see?, viewer)
|
8
9
|
end
|
@@ -13,7 +14,7 @@ module Discretion
|
|
13
14
|
|
14
15
|
def can_write_record?(viewer, record, changes, new_record)
|
15
16
|
return true unless record.is_a?(Discretion::DiscreetModel)
|
16
|
-
return true if Discretion::OMNIPOTENT_VIEWER
|
17
|
+
return true if Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
|
17
18
|
|
18
19
|
record.respond_to?(:can_write?, true) ?
|
19
20
|
record.send(:can_write?, viewer, changes, new_record) :
|
@@ -23,5 +24,17 @@ module Discretion
|
|
23
24
|
def current_viewer_can_write_record?(record, changes, new_record)
|
24
25
|
can_write_record?(Discretion.current_viewer, record, changes, new_record)
|
25
26
|
end
|
27
|
+
|
28
|
+
def can_destroy_record?(viewer, record)
|
29
|
+
return true unless record.is_a?(Discretion::DiscreetModel)
|
30
|
+
return true if Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
|
31
|
+
|
32
|
+
record.respond_to?(:can_destroy?, true) ?
|
33
|
+
record.send(:can_destroy?, viewer) : can_write_record?(viewer, record, {}, false)
|
34
|
+
end
|
35
|
+
|
36
|
+
def current_viewer_can_destroy_record?(record)
|
37
|
+
can_destroy_record?(Discretion.current_viewer, record)
|
38
|
+
end
|
26
39
|
end
|
27
40
|
end
|
@@ -4,6 +4,7 @@ module Discretion
|
|
4
4
|
|
5
5
|
class << self
|
6
6
|
CURRENT_VIEWER_KEY = :__discretion_current_viewer
|
7
|
+
CURRENTLY_ACTING_AS_KEY = :__discretion_currently_acting_as
|
7
8
|
|
8
9
|
def current_viewer
|
9
10
|
RequestStore[CURRENT_VIEWER_KEY]
|
@@ -12,5 +13,17 @@ module Discretion
|
|
12
13
|
def set_current_viewer(current_viewer)
|
13
14
|
RequestStore[CURRENT_VIEWER_KEY] = current_viewer
|
14
15
|
end
|
16
|
+
|
17
|
+
def currently_acting_as
|
18
|
+
RequestStore[CURRENTLY_ACTING_AS_KEY]
|
19
|
+
end
|
20
|
+
|
21
|
+
def currently_acting_as?(as)
|
22
|
+
currently_acting_as == as
|
23
|
+
end
|
24
|
+
|
25
|
+
def set_currently_acting_as(as)
|
26
|
+
RequestStore[CURRENTLY_ACTING_AS_KEY] = as
|
27
|
+
end
|
15
28
|
end
|
16
29
|
end
|
@@ -14,6 +14,12 @@ module Discretion
|
|
14
14
|
raise Discretion::CannotWriteError
|
15
15
|
end
|
16
16
|
end
|
17
|
+
|
18
|
+
before_destroy ->(record) {
|
19
|
+
unless Discretion.current_viewer_can_destroy_record?(record)
|
20
|
+
raise Discretion::CannotDestroyError
|
21
|
+
end
|
22
|
+
}, prepend: true
|
17
23
|
end
|
18
24
|
end
|
19
25
|
end
|
data/lib/discretion/errors.rb
CHANGED
data/lib/discretion/helpers.rb
CHANGED
@@ -23,24 +23,24 @@ module Discretion
|
|
23
23
|
# Calling Proc.new will create a Proc from the implicitly given block to
|
24
24
|
# the current method.
|
25
25
|
# cf. http://ruby-doc.org/core-2.5.0/Proc.html#method-c-new
|
26
|
-
|
26
|
+
acting_as(Discretion::OMNISCIENT_VIEWER, &Proc.new)
|
27
27
|
end
|
28
28
|
|
29
29
|
def omnipotently
|
30
30
|
# Calling Proc.new will create a Proc from the implicitly given block to
|
31
31
|
# the current method.
|
32
32
|
# cf. http://ruby-doc.org/core-2.5.0/Proc.html#method-c-new
|
33
|
-
|
33
|
+
acting_as(Discretion::OMNIPOTENT_VIEWER, &Proc.new)
|
34
34
|
end
|
35
35
|
|
36
36
|
private
|
37
37
|
|
38
|
-
def
|
39
|
-
|
40
|
-
Discretion.
|
38
|
+
def acting_as(as)
|
39
|
+
orig_as = Discretion.currently_acting_as
|
40
|
+
Discretion.set_currently_acting_as(as)
|
41
41
|
yield
|
42
42
|
ensure
|
43
|
-
Discretion.
|
43
|
+
Discretion.set_currently_acting_as(orig_as)
|
44
44
|
end
|
45
45
|
end
|
46
46
|
end
|
@@ -6,9 +6,15 @@ module Discretion
|
|
6
6
|
|
7
7
|
def call(env)
|
8
8
|
# From Clearance
|
9
|
-
|
10
|
-
|
9
|
+
|
10
|
+
# Have to do this omnisciently so that when Clearance loads the signed in User, we
|
11
|
+
# can gurarantee can_see?() will return true.
|
12
|
+
Discretion.omnisciently do
|
13
|
+
if env[:clearance]&.signed_in?
|
14
|
+
Discretion.set_current_viewer(env[:clearance].current_user)
|
15
|
+
end
|
11
16
|
end
|
17
|
+
|
12
18
|
@app.call(env)
|
13
19
|
end
|
14
20
|
end
|
data/lib/discretion/version.rb
CHANGED
metadata
CHANGED
@@ -1,29 +1,35 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: discretion
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0.pre.alpha
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Abe Land
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-07-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '5.1'
|
17
20
|
- - ">="
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
22
|
+
version: 5.1.4
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '5.1'
|
24
30
|
- - ">="
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: 5.1.4
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: rails
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -44,112 +50,142 @@ dependencies:
|
|
44
50
|
requirements:
|
45
51
|
- - "~>"
|
46
52
|
- !ruby/object:Gem::Version
|
47
|
-
version: '1.
|
53
|
+
version: '1.4'
|
54
|
+
- - ">="
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: 1.4.1
|
48
57
|
type: :runtime
|
49
58
|
prerelease: false
|
50
59
|
version_requirements: !ruby/object:Gem::Requirement
|
51
60
|
requirements:
|
52
61
|
- - "~>"
|
53
62
|
- !ruby/object:Gem::Version
|
54
|
-
version: '1.
|
63
|
+
version: '1.4'
|
64
|
+
- - ">="
|
65
|
+
- !ruby/object:Gem::Version
|
66
|
+
version: 1.4.1
|
55
67
|
- !ruby/object:Gem::Dependency
|
56
68
|
name: activerecord
|
57
69
|
requirement: !ruby/object:Gem::Requirement
|
58
70
|
requirements:
|
71
|
+
- - "~>"
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: '5.1'
|
59
74
|
- - ">="
|
60
75
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
76
|
+
version: 5.1.4
|
62
77
|
type: :development
|
63
78
|
prerelease: false
|
64
79
|
version_requirements: !ruby/object:Gem::Requirement
|
65
80
|
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '5.1'
|
66
84
|
- - ">="
|
67
85
|
- !ruby/object:Gem::Version
|
68
|
-
version:
|
86
|
+
version: 5.1.4
|
69
87
|
- !ruby/object:Gem::Dependency
|
70
88
|
name: bundler
|
71
89
|
requirement: !ruby/object:Gem::Requirement
|
72
90
|
requirements:
|
73
91
|
- - "~>"
|
74
92
|
- !ruby/object:Gem::Version
|
75
|
-
version: '1.
|
93
|
+
version: '1.3'
|
76
94
|
type: :development
|
77
95
|
prerelease: false
|
78
96
|
version_requirements: !ruby/object:Gem::Requirement
|
79
97
|
requirements:
|
80
98
|
- - "~>"
|
81
99
|
- !ruby/object:Gem::Version
|
82
|
-
version: '1.
|
100
|
+
version: '1.3'
|
83
101
|
- !ruby/object:Gem::Dependency
|
84
102
|
name: factory_bot_rails
|
85
103
|
requirement: !ruby/object:Gem::Requirement
|
86
104
|
requirements:
|
105
|
+
- - "~>"
|
106
|
+
- !ruby/object:Gem::Version
|
107
|
+
version: '4.8'
|
87
108
|
- - ">="
|
88
109
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
110
|
+
version: 4.8.2
|
90
111
|
type: :development
|
91
112
|
prerelease: false
|
92
113
|
version_requirements: !ruby/object:Gem::Requirement
|
93
114
|
requirements:
|
115
|
+
- - "~>"
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '4.8'
|
94
118
|
- - ">="
|
95
119
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
120
|
+
version: 4.8.2
|
97
121
|
- !ruby/object:Gem::Dependency
|
98
122
|
name: rake
|
99
123
|
requirement: !ruby/object:Gem::Requirement
|
100
124
|
requirements:
|
101
125
|
- - "~>"
|
102
126
|
- !ruby/object:Gem::Version
|
103
|
-
version: '10.
|
127
|
+
version: '10.5'
|
104
128
|
type: :development
|
105
129
|
prerelease: false
|
106
130
|
version_requirements: !ruby/object:Gem::Requirement
|
107
131
|
requirements:
|
108
132
|
- - "~>"
|
109
133
|
- !ruby/object:Gem::Version
|
110
|
-
version: '10.
|
134
|
+
version: '10.5'
|
111
135
|
- !ruby/object:Gem::Dependency
|
112
136
|
name: rspec
|
113
137
|
requirement: !ruby/object:Gem::Requirement
|
114
138
|
requirements:
|
115
|
-
- - "
|
139
|
+
- - "~>"
|
116
140
|
- !ruby/object:Gem::Version
|
117
|
-
version: '
|
141
|
+
version: '3.7'
|
118
142
|
type: :development
|
119
143
|
prerelease: false
|
120
144
|
version_requirements: !ruby/object:Gem::Requirement
|
121
145
|
requirements:
|
122
|
-
- - "
|
146
|
+
- - "~>"
|
123
147
|
- !ruby/object:Gem::Version
|
124
|
-
version: '
|
148
|
+
version: '3.7'
|
125
149
|
- !ruby/object:Gem::Dependency
|
126
150
|
name: rspec-rails
|
127
151
|
requirement: !ruby/object:Gem::Requirement
|
128
152
|
requirements:
|
153
|
+
- - "~>"
|
154
|
+
- !ruby/object:Gem::Version
|
155
|
+
version: '3.7'
|
129
156
|
- - ">="
|
130
157
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
158
|
+
version: 3.7.2
|
132
159
|
type: :development
|
133
160
|
prerelease: false
|
134
161
|
version_requirements: !ruby/object:Gem::Requirement
|
135
162
|
requirements:
|
163
|
+
- - "~>"
|
164
|
+
- !ruby/object:Gem::Version
|
165
|
+
version: '3.7'
|
136
166
|
- - ">="
|
137
167
|
- !ruby/object:Gem::Version
|
138
|
-
version:
|
168
|
+
version: 3.7.2
|
139
169
|
- !ruby/object:Gem::Dependency
|
140
170
|
name: sqlite3
|
141
171
|
requirement: !ruby/object:Gem::Requirement
|
142
172
|
requirements:
|
173
|
+
- - "~>"
|
174
|
+
- !ruby/object:Gem::Version
|
175
|
+
version: '1.3'
|
143
176
|
- - ">="
|
144
177
|
- !ruby/object:Gem::Version
|
145
|
-
version:
|
178
|
+
version: 1.3.13
|
146
179
|
type: :development
|
147
180
|
prerelease: false
|
148
181
|
version_requirements: !ruby/object:Gem::Requirement
|
149
182
|
requirements:
|
183
|
+
- - "~>"
|
184
|
+
- !ruby/object:Gem::Version
|
185
|
+
version: '1.3'
|
150
186
|
- - ">="
|
151
187
|
- !ruby/object:Gem::Version
|
152
|
-
version:
|
188
|
+
version: 1.3.13
|
153
189
|
description: A simple privacy/authorization framework for Rails projects.
|
154
190
|
email:
|
155
191
|
- codeclimbcoffee@gmail.com
|
@@ -197,7 +233,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
197
233
|
version: 1.3.1
|
198
234
|
requirements: []
|
199
235
|
rubyforge_project:
|
200
|
-
rubygems_version: 2.6
|
236
|
+
rubygems_version: 2.7.6
|
201
237
|
signing_key:
|
202
238
|
specification_version: 4
|
203
239
|
summary: A simple privacy/authorization framework for Rails projects.
|