effective_datatables 3.3.6 → 3.3.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/effective/datatables_controller.rb +2 -2
- data/app/helpers/effective_datatables_helper.rb +1 -3
- data/app/models/effective/effective_datatable/format.rb +22 -37
- data/app/views/effective/datatables/_actions_column.html.haml +6 -9
- data/app/views/effective/datatables/_resource_column.html.haml +6 -6
- data/config/effective_datatables.rb +14 -13
- data/lib/effective_datatables/version.rb +1 -1
- data/lib/effective_datatables.rb +13 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6e5ba7e9014cdedb565e735b68524303cbfaa929
|
|
4
|
+
data.tar.gz: 1ac9fef5c0813e8de5a8dd165b4cc19172980e23
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 892e67bedf81da91c2a66f9ac1e3fcf58dd4727503ca7336de967eea241a0b0fcc1b7749e428fd44af72192cbba4c2bef66c85e6a553806e6e8b54f33b2e79d4
|
|
7
|
+
data.tar.gz: f73e528fd21c6934bc6f0219554c33947c6e1e054059da70a38f1e561ebe7ecf0c171162e6a030feb17b0086ea344484ca87151d1976a706d4f3e3e3548402bf
|
|
@@ -8,11 +8,11 @@ module Effective
|
|
|
8
8
|
@datatable = find_datatable(params[:id]).try(:new) || raise('unable to find datatable')
|
|
9
9
|
@datatable.view = view_context
|
|
10
10
|
|
|
11
|
-
EffectiveDatatables.
|
|
11
|
+
EffectiveDatatables.authorize!(self, :index, @datatable.collection_class)
|
|
12
12
|
|
|
13
13
|
render json: @datatable.to_json
|
|
14
14
|
rescue => e
|
|
15
|
-
|
|
15
|
+
EffectiveDatatables.authorized?(self, :index, @datatable.try(:collection_class))
|
|
16
16
|
|
|
17
17
|
render json: error_json(e)
|
|
18
18
|
end
|
|
@@ -6,9 +6,7 @@ module EffectiveDatatablesHelper
|
|
|
6
6
|
|
|
7
7
|
datatable.view ||= self
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
EffectiveDatatables.authorized?(controller, :index, datatable.collection_class) || raise(Effective::AccessDenied)
|
|
11
|
-
rescue Effective::AccessDenied => e
|
|
9
|
+
unless EffectiveDatatables.authorized?(controller, :index, datatable.collection_class)
|
|
12
10
|
return content_tag(:p, "You are not authorized to view this datatable. (cannot :index, #{datatable.collection_class})")
|
|
13
11
|
end
|
|
14
12
|
|
|
@@ -103,57 +103,42 @@ module Effective
|
|
|
103
103
|
|
|
104
104
|
def actions_col_locals(opts)
|
|
105
105
|
return {} unless opts[:as] == :actions
|
|
106
|
-
return { show_path: false, edit_path: false, destroy_path: false } unless active_record_collection?
|
|
107
106
|
|
|
108
|
-
locals = {
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
locals[:edit_path] = false
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
if locals[:destroy_action] && (EffectiveDatatables.authorized?(view.controller, :destroy, collection_class) rescue false)
|
|
127
|
-
locals[:destroy_path] = resource.destroy_path(check: true)
|
|
128
|
-
else
|
|
129
|
-
locals[:destroy_path] = false
|
|
130
|
-
end
|
|
131
|
-
|
|
132
|
-
locals
|
|
107
|
+
locals = {
|
|
108
|
+
show_action: (
|
|
109
|
+
active_record_collection? && opts[:show] && resource.routes[:show] &&
|
|
110
|
+
EffectiveDatatables.authorized?(view.controller, :show, collection_class)
|
|
111
|
+
),
|
|
112
|
+
edit_action: (
|
|
113
|
+
active_record_collection? && opts[:edit] && resource.routes[:edit] &&
|
|
114
|
+
EffectiveDatatables.authorized?(view.controller, :edit, collection_class)
|
|
115
|
+
),
|
|
116
|
+
destroy_action: (
|
|
117
|
+
active_record_collection? && opts[:destroy] && resource.routes[:destroy] &&
|
|
118
|
+
EffectiveDatatables.authorized?(view.controller, :destroy, collection_class)
|
|
119
|
+
),
|
|
120
|
+
effective_resource: resource
|
|
121
|
+
}
|
|
133
122
|
end
|
|
134
123
|
|
|
135
124
|
def resource_col_locals(opts)
|
|
136
125
|
return {} unless (resource = opts[:resource]).present?
|
|
137
126
|
|
|
138
|
-
locals = { name: opts[:name],
|
|
127
|
+
locals = { name: opts[:name], effective_resource: resource, show_action: false, edit_action: false }
|
|
139
128
|
|
|
140
129
|
case opts[:action]
|
|
141
130
|
when :edit
|
|
142
|
-
|
|
143
|
-
locals[:edit_path] = resource.edit_path(check: true)
|
|
144
|
-
end
|
|
131
|
+
locals[:edit_action] = (resource.routes[:edit] && EffectiveDatatables.authorized?(view.controller, :edit, resource.klass))
|
|
145
132
|
when :show
|
|
146
|
-
|
|
147
|
-
locals[:show_path] = resource.show_path(check: true)
|
|
148
|
-
end
|
|
133
|
+
locals[:show_action] = (resource.routes[:show] && EffectiveDatatables.authorized?(view.controller, :show, resource.klass))
|
|
149
134
|
when false
|
|
150
135
|
# Nothing
|
|
151
136
|
else
|
|
152
137
|
# Fallback to defaults - check edit then show
|
|
153
|
-
if
|
|
154
|
-
locals[:
|
|
155
|
-
elsif
|
|
156
|
-
locals[:
|
|
138
|
+
if resource.routes[:edit] && EffectiveDatatables.authorized?(view.controller, :edit, resource.klass)
|
|
139
|
+
locals[:edit_action] = true
|
|
140
|
+
elsif resource.routes[:show] && EffectiveDatatables.authorized?(view.controller, :show, resource.klass)
|
|
141
|
+
locals[:show_action] = true
|
|
157
142
|
end
|
|
158
143
|
end
|
|
159
144
|
|
|
@@ -1,11 +1,8 @@
|
|
|
1
|
-
- if
|
|
2
|
-
|
|
3
|
-
= show_icon_to send(show_path, resource.to_param)
|
|
1
|
+
- if show_action && EffectiveDatatables.authorized?(self, :show, resource)
|
|
2
|
+
= show_icon_to effective_resource.action_path(:show, resource)
|
|
4
3
|
|
|
5
|
-
- if
|
|
6
|
-
|
|
7
|
-
= edit_icon_to send(edit_path, resource.to_param)
|
|
4
|
+
- if edit_action && EffectiveDatatables.authorized?(self, :edit, resource)
|
|
5
|
+
= edit_icon_to effective_resource.action_path(:edit, resource)
|
|
8
6
|
|
|
9
|
-
- if
|
|
10
|
-
|
|
11
|
-
= destroy_icon_to send(destroy_path, resource.to_param), data: { method: :delete, confirm: "Delete #{resource}?" }
|
|
7
|
+
- if destroy_action && EffectiveDatatables.authorized?(self, :destroy, resource)
|
|
8
|
+
= destroy_icon_to effective_resource.action_path(:destroy, resource), data: { method: :delete, confirm: "Delete #{resource}?" }
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
- Array(datatable.array_collection? ? resource : resource.send(name)).each do |
|
|
1
|
+
- Array(datatable.array_collection? ? resource : resource.send(name)).each do |resource|
|
|
2
2
|
.col-resource_item
|
|
3
|
-
- if
|
|
4
|
-
= link_to
|
|
5
|
-
- elsif
|
|
6
|
-
= link_to
|
|
3
|
+
- if show_action
|
|
4
|
+
= link_to resource.to_s, effective_resource.action_path(:show, resource), title: resource.to_s
|
|
5
|
+
- elsif edit_action
|
|
6
|
+
= link_to resource.to_s, effective_resource.action_path(:edit, resource), title: resource.to_s
|
|
7
7
|
- else
|
|
8
|
-
=
|
|
8
|
+
= resource.to_s.html_safe
|
|
@@ -2,23 +2,24 @@ EffectiveDatatables.setup do |config|
|
|
|
2
2
|
# Authorization Method
|
|
3
3
|
#
|
|
4
4
|
# This method is called by all controller actions with the appropriate action and resource
|
|
5
|
-
# If
|
|
5
|
+
# If it raises an exception or returns false, an Effective::AccessDenied Error will be raised
|
|
6
6
|
#
|
|
7
|
-
# Use via Proc
|
|
8
|
-
#
|
|
7
|
+
# Use via Proc:
|
|
8
|
+
# Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCan
|
|
9
|
+
# Proc.new { |controller, action, resource| can?(action, resource) } # CanCan with skip_authorization_check
|
|
10
|
+
# Proc.new { |controller, action, resource| authorize "#{action}?", resource } # Pundit
|
|
11
|
+
# Proc.new { |controller, action, resource| current_user.is?(:admin) } # Custom logic
|
|
9
12
|
#
|
|
10
|
-
# Use via
|
|
11
|
-
# config.authorization_method =
|
|
12
|
-
#
|
|
13
|
-
# And then in your application_controller.rb:
|
|
13
|
+
# Use via Boolean:
|
|
14
|
+
# config.authorization_method = true # Always authorized
|
|
15
|
+
# config.authorization_method = false # Always unauthorized
|
|
14
16
|
#
|
|
15
|
-
#
|
|
16
|
-
#
|
|
17
|
+
# Use via Method (probably in your application_controller.rb):
|
|
18
|
+
# config.authorization_method = :my_authorization_method
|
|
19
|
+
# def my_authorization_method(resource, action)
|
|
20
|
+
# true
|
|
17
21
|
# end
|
|
18
|
-
|
|
19
|
-
# Or disable the check completely:
|
|
20
|
-
# config.authorization_method = false
|
|
21
|
-
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
|
|
22
|
+
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) }
|
|
22
23
|
|
|
23
24
|
# Default number of entries shown per page
|
|
24
25
|
# Valid options are: 5, 10, 25, 50, 100, 250, 500, :all
|
data/lib/effective_datatables.rb
CHANGED
|
@@ -17,10 +17,20 @@ module EffectiveDatatables
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def self.authorized?(controller, action, resource)
|
|
20
|
-
if
|
|
21
|
-
|
|
20
|
+
@_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
|
|
21
|
+
|
|
22
|
+
return !!authorization_method unless authorization_method.respond_to?(:call)
|
|
23
|
+
controller = controller.controller if controller.respond_to?(:controller) # Do the right thing with a view
|
|
24
|
+
|
|
25
|
+
begin
|
|
26
|
+
!!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
|
|
27
|
+
rescue *@_exceptions
|
|
28
|
+
false
|
|
22
29
|
end
|
|
23
|
-
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def self.authorize!(controller, action, resource)
|
|
33
|
+
raise Effective::AccessDenied unless authorized?(controller, action, resource)
|
|
24
34
|
end
|
|
25
35
|
|
|
26
36
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_datatables
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.3.
|
|
4
|
+
version: 3.3.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-11-
|
|
11
|
+
date: 2017-11-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - ">="
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.
|
|
47
|
+
version: 0.7.0
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - ">="
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.
|
|
54
|
+
version: 0.7.0
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: sass-rails
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|