effective_datatables 3.3.6 → 3.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 80ef322422055559272f3145551bff1357ee74e5
4
- data.tar.gz: 28bc97f374afb93abd7bf5a8007044a37afffef7
3
+ metadata.gz: 6e5ba7e9014cdedb565e735b68524303cbfaa929
4
+ data.tar.gz: 1ac9fef5c0813e8de5a8dd165b4cc19172980e23
5
5
  SHA512:
6
- metadata.gz: 8ca29bb7239a4e4b526b628053926b7308020b01c41b3d4ca557eaff74be562f6c90df91b356794ab88a9bcdb35125d473d5927d34f9340fcfb2e4fd466f34df
7
- data.tar.gz: d5d5ed8d06bc00aae6a3bfd046830d9f7f2d428ce95d6b3893698d29ed18a0f6d7b999f5f1fcde49fe5d43209cd33c9bb366e0f2be9bc0c4475b5118cf981f2b
6
+ metadata.gz: 892e67bedf81da91c2a66f9ac1e3fcf58dd4727503ca7336de967eea241a0b0fcc1b7749e428fd44af72192cbba4c2bef66c85e6a553806e6e8b54f33b2e79d4
7
+ data.tar.gz: f73e528fd21c6934bc6f0219554c33947c6e1e054059da70a38f1e561ebe7ecf0c171162e6a030feb17b0086ea344484ca87151d1976a706d4f3e3e3548402bf
@@ -8,11 +8,11 @@ module Effective
8
8
  @datatable = find_datatable(params[:id]).try(:new) || raise('unable to find datatable')
9
9
  @datatable.view = view_context
10
10
 
11
- EffectiveDatatables.authorized?(self, :index, @datatable.collection_class)
11
+ EffectiveDatatables.authorize!(self, :index, @datatable.collection_class)
12
12
 
13
13
  render json: @datatable.to_json
14
14
  rescue => e
15
- (EffectiveDatatables.authorized?(self, :index, @datatable.try(:collection_class)) rescue false)
15
+ EffectiveDatatables.authorized?(self, :index, @datatable.try(:collection_class))
16
16
 
17
17
  render json: error_json(e)
18
18
  end
@@ -6,9 +6,7 @@ module EffectiveDatatablesHelper
6
6
 
7
7
  datatable.view ||= self
8
8
 
9
- begin
10
- EffectiveDatatables.authorized?(controller, :index, datatable.collection_class) || raise(Effective::AccessDenied)
11
- rescue Effective::AccessDenied => e
9
+ unless EffectiveDatatables.authorized?(controller, :index, datatable.collection_class)
12
10
  return content_tag(:p, "You are not authorized to view this datatable. (cannot :index, #{datatable.collection_class})")
13
11
  end
14
12
 
@@ -103,57 +103,42 @@ module Effective
103
103
 
104
104
  def actions_col_locals(opts)
105
105
  return {} unless opts[:as] == :actions
106
- return { show_path: false, edit_path: false, destroy_path: false } unless active_record_collection?
107
106
 
108
- locals = {}
109
-
110
- locals[:show_action] = opts[:show]
111
- locals[:edit_action] = opts[:edit]
112
- locals[:destroy_action] = opts[:destroy]
113
-
114
- if locals[:show_action] && (EffectiveDatatables.authorized?(view.controller, :show, collection_class) rescue false)
115
- locals[:show_path] = resource.show_path(check: true)
116
- else
117
- locals[:show_path] = false
118
- end
119
-
120
- if locals[:edit_action] && (EffectiveDatatables.authorized?(view.controller, :edit, collection_class) rescue false)
121
- locals[:edit_path] = resource.edit_path(check: true)
122
- else
123
- locals[:edit_path] = false
124
- end
125
-
126
- if locals[:destroy_action] && (EffectiveDatatables.authorized?(view.controller, :destroy, collection_class) rescue false)
127
- locals[:destroy_path] = resource.destroy_path(check: true)
128
- else
129
- locals[:destroy_path] = false
130
- end
131
-
132
- locals
107
+ locals = {
108
+ show_action: (
109
+ active_record_collection? && opts[:show] && resource.routes[:show] &&
110
+ EffectiveDatatables.authorized?(view.controller, :show, collection_class)
111
+ ),
112
+ edit_action: (
113
+ active_record_collection? && opts[:edit] && resource.routes[:edit] &&
114
+ EffectiveDatatables.authorized?(view.controller, :edit, collection_class)
115
+ ),
116
+ destroy_action: (
117
+ active_record_collection? && opts[:destroy] && resource.routes[:destroy] &&
118
+ EffectiveDatatables.authorized?(view.controller, :destroy, collection_class)
119
+ ),
120
+ effective_resource: resource
121
+ }
133
122
  end
134
123
 
135
124
  def resource_col_locals(opts)
136
125
  return {} unless (resource = opts[:resource]).present?
137
126
 
138
- locals = { name: opts[:name], macro: opts[:as], show_path: false, edit_path: false }
127
+ locals = { name: opts[:name], effective_resource: resource, show_action: false, edit_action: false }
139
128
 
140
129
  case opts[:action]
141
130
  when :edit
142
- if (EffectiveDatatables.authorized?(view.controller, :edit, resource.klass) rescue false)
143
- locals[:edit_path] = resource.edit_path(check: true)
144
- end
131
+ locals[:edit_action] = (resource.routes[:edit] && EffectiveDatatables.authorized?(view.controller, :edit, resource.klass))
145
132
  when :show
146
- if (EffectiveDatatables.authorized?(view.controller, :show, resource.klass) rescue false)
147
- locals[:show_path] = resource.show_path(check: true)
148
- end
133
+ locals[:show_action] = (resource.routes[:show] && EffectiveDatatables.authorized?(view.controller, :show, resource.klass))
149
134
  when false
150
135
  # Nothing
151
136
  else
152
137
  # Fallback to defaults - check edit then show
153
- if (EffectiveDatatables.authorized?(view.controller, :edit, resource.klass) rescue false)
154
- locals[:edit_path] = resource.edit_path(check: true)
155
- elsif (EffectiveDatatables.authorized?(view.controller, :show, resource.klass) rescue false)
156
- locals[:show_path] = resource.show_path(check: true)
138
+ if resource.routes[:edit] && EffectiveDatatables.authorized?(view.controller, :edit, resource.klass)
139
+ locals[:edit_action] = true
140
+ elsif resource.routes[:show] && EffectiveDatatables.authorized?(view.controller, :show, resource.klass)
141
+ locals[:show_action] = true
157
142
  end
158
143
  end
159
144
 
@@ -1,11 +1,8 @@
1
- - if show_path
2
- - if show_action == true || (EffectiveDatatables.authorized?(controller, :show, resource) rescue false)
3
- = show_icon_to send(show_path, resource.to_param)
1
+ - if show_action && EffectiveDatatables.authorized?(self, :show, resource)
2
+ = show_icon_to effective_resource.action_path(:show, resource)
4
3
 
5
- - if edit_path
6
- - if edit_action == true || (EffectiveDatatables.authorized?(controller, :edit, resource) rescue false)
7
- = edit_icon_to send(edit_path, resource.to_param)
4
+ - if edit_action && EffectiveDatatables.authorized?(self, :edit, resource)
5
+ = edit_icon_to effective_resource.action_path(:edit, resource)
8
6
 
9
- - if destroy_path
10
- - if destroy_action == true || (EffectiveDatatables.authorized?(controller, :destroy, resource) rescue false)
11
- = destroy_icon_to send(destroy_path, resource.to_param), data: { method: :delete, confirm: "Delete #{resource}?" }
7
+ - if destroy_action && EffectiveDatatables.authorized?(self, :destroy, resource)
8
+ = destroy_icon_to effective_resource.action_path(:destroy, resource), data: { method: :delete, confirm: "Delete #{resource}?" }
@@ -1,8 +1,8 @@
1
- - Array(datatable.array_collection? ? resource : resource.send(name)).each do |associated|
1
+ - Array(datatable.array_collection? ? resource : resource.send(name)).each do |resource|
2
2
  .col-resource_item
3
- - if show_path
4
- = link_to associated.to_s, send(show_path, associated.to_param), title: associated.to_s
5
- - elsif edit_path
6
- = link_to associated.to_s, send(edit_path, associated.to_param), title: associated.to_s
3
+ - if show_action
4
+ = link_to resource.to_s, effective_resource.action_path(:show, resource), title: resource.to_s
5
+ - elsif edit_action
6
+ = link_to resource.to_s, effective_resource.action_path(:edit, resource), title: resource.to_s
7
7
  - else
8
- = associated.to_s.html_safe
8
+ = resource.to_s.html_safe
@@ -2,23 +2,24 @@ EffectiveDatatables.setup do |config|
2
2
  # Authorization Method
3
3
  #
4
4
  # This method is called by all controller actions with the appropriate action and resource
5
- # If the method returns false, an Effective::AccessDenied Error will be raised (see README.md for complete info)
5
+ # If it raises an exception or returns false, an Effective::AccessDenied Error will be raised
6
6
  #
7
- # Use via Proc (and with CanCan):
8
- # config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) }
7
+ # Use via Proc:
8
+ # Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCan
9
+ # Proc.new { |controller, action, resource| can?(action, resource) } # CanCan with skip_authorization_check
10
+ # Proc.new { |controller, action, resource| authorize "#{action}?", resource } # Pundit
11
+ # Proc.new { |controller, action, resource| current_user.is?(:admin) } # Custom logic
9
12
  #
10
- # Use via custom method:
11
- # config.authorization_method = :my_authorization_method
12
- #
13
- # And then in your application_controller.rb:
13
+ # Use via Boolean:
14
+ # config.authorization_method = true # Always authorized
15
+ # config.authorization_method = false # Always unauthorized
14
16
  #
15
- # def my_authorization_method(action, resource)
16
- # current_user.is?(:admin)
17
+ # Use via Method (probably in your application_controller.rb):
18
+ # config.authorization_method = :my_authorization_method
19
+ # def my_authorization_method(resource, action)
20
+ # true
17
21
  # end
18
- #
19
- # Or disable the check completely:
20
- # config.authorization_method = false
21
- config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
22
+ config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) }
22
23
 
23
24
  # Default number of entries shown per page
24
25
  # Valid options are: 5, 10, 25, 50, 100, 250, 500, :all
@@ -1,3 +1,3 @@
1
1
  module EffectiveDatatables
2
- VERSION = '3.3.6'.freeze
2
+ VERSION = '3.3.7'.freeze
3
3
  end
@@ -17,10 +17,20 @@ module EffectiveDatatables
17
17
  end
18
18
 
19
19
  def self.authorized?(controller, action, resource)
20
- if authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol)
21
- raise Effective::AccessDenied.new() unless (controller || self).instance_exec(controller, action, resource, &authorization_method)
20
+ @_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
21
+
22
+ return !!authorization_method unless authorization_method.respond_to?(:call)
23
+ controller = controller.controller if controller.respond_to?(:controller) # Do the right thing with a view
24
+
25
+ begin
26
+ !!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
27
+ rescue *@_exceptions
28
+ false
22
29
  end
23
- true
30
+ end
31
+
32
+ def self.authorize!(controller, action, resource)
33
+ raise Effective::AccessDenied unless authorized?(controller, action, resource)
24
34
  end
25
35
 
26
36
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_datatables
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.6
4
+ version: 3.3.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-07 00:00:00.000000000 Z
11
+ date: 2017-11-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -44,14 +44,14 @@ dependencies:
44
44
  requirements:
45
45
  - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: 0.5.0
47
+ version: 0.7.0
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: 0.5.0
54
+ version: 0.7.0
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: sass-rails
57
57
  requirement: !ruby/object:Gem::Requirement