effective_resources 0.6.9 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/effective/crud_controller.rb +24 -26
- data/app/helpers/effective_resources_helper.rb +11 -5
- data/app/models/effective/resources/actions.rb +48 -15
- data/app/models/effective/resources/associations.rb +6 -2
- data/app/models/effective/resources/paths.rb +61 -58
- data/app/models/effective/resources/sql.rb +7 -7
- data/app/views/application/edit.html.haml +7 -12
- data/app/views/application/index.html.haml +4 -5
- data/app/views/application/show.html.haml +10 -12
- data/config/effective_resources.rb +15 -13
- data/lib/effective_resources/version.rb +1 -1
- data/lib/effective_resources.rb +13 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e60422542e4fd0579203430168370a0469aca1a4
|
4
|
+
data.tar.gz: 2768849db26e1cdb04f66a06806acd2026973113
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 21c3d13331bc4eca088ee77b9ba1f0a6ff160f64f7373f190371d90eaadd7060048f1e8f1e471c93515862ac7b7bea0f1dd4be3f10ec38d9d88dbce95ad8f56a
|
7
|
+
data.tar.gz: eabc01995fafbb7d4a200336964f34c292341d3b6aaf8d50cddccb0d6fb6a17c2641df45c2fae00b8853a4a7b928daf9affea1389f56ca9e44bfa6cc380136f1
|
@@ -61,7 +61,7 @@ module Effective
|
|
61
61
|
define_method(action) do
|
62
62
|
self.resource ||= resource_scope.find(params[:id])
|
63
63
|
|
64
|
-
EffectiveResources.
|
64
|
+
EffectiveResources.authorize!(self, action, resource)
|
65
65
|
|
66
66
|
@page_title ||= "#{action.to_s.titleize} #{resource}"
|
67
67
|
|
@@ -81,7 +81,7 @@ module Effective
|
|
81
81
|
|
82
82
|
self.resources ||= resource_scope.all
|
83
83
|
|
84
|
-
EffectiveResources.
|
84
|
+
EffectiveResources.authorize!(self, action, resource_klass)
|
85
85
|
|
86
86
|
@page_title ||= "#{action.to_s.titleize} #{resource_plural_name.titleize}"
|
87
87
|
|
@@ -121,7 +121,7 @@ module Effective
|
|
121
121
|
|
122
122
|
def index
|
123
123
|
@page_title ||= resource_plural_name.titleize
|
124
|
-
|
124
|
+
EffectiveDatatables.authorize!(self, :index, resource_klass)
|
125
125
|
|
126
126
|
self.resources ||= resource_scope.all
|
127
127
|
|
@@ -140,7 +140,7 @@ module Effective
|
|
140
140
|
)
|
141
141
|
|
142
142
|
@page_title ||= "New #{resource_name.titleize}"
|
143
|
-
EffectiveResources.
|
143
|
+
EffectiveResources.authorize!(self, :new, resource)
|
144
144
|
|
145
145
|
run_callbacks(:resource_render)
|
146
146
|
end
|
@@ -149,10 +149,10 @@ module Effective
|
|
149
149
|
self.resource ||= resource_scope.new
|
150
150
|
|
151
151
|
@page_title ||= "New #{resource_name.titleize}"
|
152
|
-
EffectiveResources.
|
152
|
+
EffectiveResources.authorize!(self, :create, resource)
|
153
153
|
|
154
|
-
action =
|
155
|
-
EffectiveResources.
|
154
|
+
action = commit_action[:action]
|
155
|
+
EffectiveResources.authorize!(self, action, resource) unless action == :save
|
156
156
|
|
157
157
|
resource.assign_attributes(send(resource_params_method_name))
|
158
158
|
resource.created_by ||= current_user if resource.respond_to?(:created_by=)
|
@@ -170,7 +170,7 @@ module Effective
|
|
170
170
|
self.resource ||= resource_scope.find(params[:id])
|
171
171
|
|
172
172
|
@page_title ||= resource.to_s
|
173
|
-
EffectiveResources.
|
173
|
+
EffectiveResources.authorize!(self, :show, resource)
|
174
174
|
|
175
175
|
run_callbacks(:resource_render)
|
176
176
|
end
|
@@ -179,7 +179,7 @@ module Effective
|
|
179
179
|
self.resource ||= resource_scope.find(params[:id])
|
180
180
|
|
181
181
|
@page_title ||= "Edit #{resource}"
|
182
|
-
EffectiveResources.
|
182
|
+
EffectiveResources.authorize!(self, :edit, resource)
|
183
183
|
|
184
184
|
run_callbacks(:resource_render)
|
185
185
|
end
|
@@ -188,10 +188,10 @@ module Effective
|
|
188
188
|
self.resource ||= resource_scope.find(params[:id])
|
189
189
|
|
190
190
|
@page_title = "Edit #{resource}"
|
191
|
-
EffectiveResources.
|
191
|
+
EffectiveResources.authorize!(self, :update, resource)
|
192
192
|
|
193
|
-
action =
|
194
|
-
EffectiveResources.
|
193
|
+
action = commit_action[:action]
|
194
|
+
EffectiveResources.authorize!(self, action, resource) unless action == :save
|
195
195
|
|
196
196
|
resource.assign_attributes(send(resource_params_method_name))
|
197
197
|
|
@@ -208,7 +208,7 @@ module Effective
|
|
208
208
|
self.resource = resource_scope.find(params[:id])
|
209
209
|
|
210
210
|
@page_title ||= "Destroy #{resource}"
|
211
|
-
EffectiveResources.
|
211
|
+
EffectiveResources.authorize!(self, :destroy, resource)
|
212
212
|
|
213
213
|
if resource.destroy
|
214
214
|
flash[:success] ||= flash_success(resource, :delete)
|
@@ -220,7 +220,7 @@ module Effective
|
|
220
220
|
if referer_redirect_path && !request.referer.to_s.include?("/#{resource.to_param}/")
|
221
221
|
redirect_to(referer_redirect_path)
|
222
222
|
else
|
223
|
-
redirect_to(
|
223
|
+
redirect_to(resource_redirect_path)
|
224
224
|
end
|
225
225
|
end
|
226
226
|
|
@@ -316,17 +316,15 @@ module Effective
|
|
316
316
|
end
|
317
317
|
|
318
318
|
def resource_redirect_path
|
319
|
-
if
|
320
|
-
return instance_exec(&resource_commit_action[:redirect])
|
321
|
-
end
|
319
|
+
return instance_exec(&commit_action[:redirect]) if commit_action[:redirect].respond_to?(:call)
|
322
320
|
|
323
|
-
commit_action_redirect = case
|
321
|
+
commit_action_redirect = case commit_action[:redirect]
|
324
322
|
when :index ; resource_index_path
|
325
323
|
when :edit ; resource_edit_path
|
326
324
|
when :show ; resource_show_path
|
327
325
|
when :back ; referer_redirect_path
|
328
326
|
when nil ; nil
|
329
|
-
else ; resource_member_action_path(
|
327
|
+
else ; resource_member_action_path(commit_action[:action])
|
330
328
|
end
|
331
329
|
|
332
330
|
return commit_action_redirect if commit_action_redirect.present?
|
@@ -350,27 +348,27 @@ module Effective
|
|
350
348
|
end
|
351
349
|
|
352
350
|
def resource_index_path
|
353
|
-
|
351
|
+
effective_resource.action_path(:index)
|
354
352
|
end
|
355
353
|
|
356
354
|
def resource_new_path
|
357
|
-
|
355
|
+
effective_resource.action_path(:new)
|
358
356
|
end
|
359
357
|
|
360
358
|
def resource_edit_path
|
361
|
-
|
359
|
+
effective_resource.action_path(:edit, resource)
|
362
360
|
end
|
363
361
|
|
364
362
|
def resource_show_path
|
365
|
-
|
363
|
+
effective_resource.action_path(:show, resource)
|
366
364
|
end
|
367
365
|
|
368
366
|
def resource_destroy_path
|
369
|
-
|
367
|
+
effective_resource.action_path(:destroy, resource)
|
370
368
|
end
|
371
369
|
|
372
370
|
def resource_member_action_path(action)
|
373
|
-
|
371
|
+
effective_resource.action_path(action.to_sym, resource)
|
374
372
|
end
|
375
373
|
|
376
374
|
def resource # @thing
|
@@ -415,7 +413,7 @@ module Effective
|
|
415
413
|
(action.to_s + (action.to_s.end_with?('e') ? 'd' : 'ed'))
|
416
414
|
end
|
417
415
|
|
418
|
-
def
|
416
|
+
def commit_action
|
419
417
|
self.class.member_actions[params[:commit].to_s] || self.class.member_actions['Save'] || raise("expected member_actions['Save'] to be present")
|
420
418
|
end
|
421
419
|
|
@@ -14,19 +14,25 @@ module EffectiveResourcesHelper
|
|
14
14
|
|
15
15
|
opts
|
16
16
|
end
|
17
|
-
|
18
17
|
else
|
19
18
|
{}.tap do |actions|
|
20
19
|
actions['Save'] = { class: 'btn btn-primary', data: { disable_with: 'Saving...' }}
|
21
|
-
|
22
|
-
|
20
|
+
|
21
|
+
if resource.action_path(:index) && EffectiveResources.authorized?(controller, :index, resource.klass)
|
22
|
+
actions['Continue'] = { class: 'btn btn-default', data: { disable_with: 'Saving...' }}
|
23
|
+
end
|
24
|
+
|
25
|
+
if resource.action_path(:new) && EffectiveResources.authorized?(controller, :new, resource.klass)
|
26
|
+
actions['Add New'] = { class: 'btn btn-default', data: { disable_with: 'Saving...' }}
|
27
|
+
end
|
28
|
+
|
23
29
|
end
|
24
30
|
end
|
25
31
|
|
26
32
|
wrapper_options = { class: 'form-actions' }.merge(options.delete(:wrapper_html) || {})
|
27
33
|
|
28
34
|
content_tag(:div, wrapper_options) do
|
29
|
-
buttons = actions.group_by { |
|
35
|
+
buttons = actions.group_by { |_, args| args[:class] }.flat_map do |_, action|
|
30
36
|
action.map { |action| form.button(:submit, *action) } + ['']
|
31
37
|
end
|
32
38
|
|
@@ -39,7 +45,7 @@ module EffectiveResourcesHelper
|
|
39
45
|
buttons = [capture(&block), ''] + buttons
|
40
46
|
end
|
41
47
|
|
42
|
-
|
48
|
+
buttons.join(' ').html_safe
|
43
49
|
end
|
44
50
|
end
|
45
51
|
|
@@ -2,30 +2,59 @@ module Effective
|
|
2
2
|
module Resources
|
3
3
|
module Actions
|
4
4
|
|
5
|
-
# This was written for the Edit actions fallback templates
|
6
|
-
|
7
|
-
def
|
8
|
-
@
|
9
|
-
|
5
|
+
# This was written for the Edit actions fallback templates and Datatables
|
6
|
+
# Effective::Resource.new('admin/posts').routes[:index]
|
7
|
+
def routes
|
8
|
+
@_routes ||= (
|
9
|
+
matches = [[namespace, plural_name].compact.join('/'), [namespace, name].compact.join('/')]
|
10
10
|
|
11
11
|
Rails.application.routes.routes.select do |route|
|
12
|
-
|
12
|
+
matches.any? { |match| match == route.defaults[:controller] }
|
13
|
+
end.inject({}) do |h, route|
|
14
|
+
h[route.defaults[:action].to_sym] = route; h
|
13
15
|
end
|
14
16
|
)
|
15
17
|
end
|
16
18
|
|
17
|
-
|
18
|
-
|
19
|
+
# Effective::Resource.new('admin/posts').action_path_helper(:edit) => 'edit_admin_posts_path'
|
20
|
+
# This will return empty for create, update and destroy
|
21
|
+
def action_path_helper(action)
|
22
|
+
return unless routes[action]
|
23
|
+
return (routes[action].name + '_path') if routes[action].name.present?
|
24
|
+
end
|
25
|
+
|
26
|
+
# Effective::Resource.new('admin/posts').action_path(:edit, Post.last) => '/admin/posts/3/edit'
|
27
|
+
# Will work for any action. Returns the real path
|
28
|
+
def action_path(action, resource = nil, opts = {})
|
29
|
+
return unless routes[action]
|
30
|
+
|
31
|
+
# edge case: Effective::Resource.new('admin/comments').action_path(:new, @post)
|
32
|
+
if resource.present? && !resource.kind_of?(klass)
|
33
|
+
if (bt = belongs_to(resource)).present? && instance.respond_to?("#{bt.name}=")
|
34
|
+
return routes[action].format(klass.new(bt.name => resource)).presence
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
routes[action].format(resource || instance).presence
|
39
|
+
end
|
40
|
+
|
41
|
+
def actions
|
42
|
+
routes.keys
|
43
|
+
end
|
44
|
+
|
45
|
+
# GET actions
|
46
|
+
def collection_actions
|
47
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_get_route?(route) && !is_member_route?(route) }.compact - crud_actions
|
19
48
|
end
|
20
49
|
|
21
50
|
# GET actions
|
22
51
|
def member_actions
|
23
|
-
|
52
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_get_route?(route) && is_member_route?(route) }.compact - crud_actions
|
24
53
|
end
|
25
54
|
|
26
55
|
# POST/PUT/PATCH actions
|
27
56
|
def member_post_actions
|
28
|
-
|
57
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_post_route?(route) && is_member_route?(route) }.compact - crud_actions
|
29
58
|
end
|
30
59
|
|
31
60
|
# Same as controller_path in the view
|
@@ -36,15 +65,19 @@ module Effective
|
|
36
65
|
private
|
37
66
|
|
38
67
|
def crud_actions
|
39
|
-
%
|
68
|
+
%i(index new create show edit update destroy)
|
69
|
+
end
|
70
|
+
|
71
|
+
def is_member_route?(route)
|
72
|
+
(route.path.required_names || []).include?('id')
|
40
73
|
end
|
41
74
|
|
42
|
-
def
|
43
|
-
route.verb.to_s.include?('GET')
|
75
|
+
def is_get_route?(route)
|
76
|
+
route.verb.to_s.include?('GET')
|
44
77
|
end
|
45
78
|
|
46
|
-
def
|
47
|
-
['POST', 'PUT', 'PATCH'].any? { |verb| route.verb == verb }
|
79
|
+
def is_post_route?(route)
|
80
|
+
['POST', 'PUT', 'PATCH'].any? { |verb| route.verb == verb }
|
48
81
|
end
|
49
82
|
|
50
83
|
end
|
@@ -37,8 +37,12 @@ module Effective
|
|
37
37
|
end
|
38
38
|
|
39
39
|
def belongs_to(name)
|
40
|
-
|
41
|
-
|
40
|
+
if name.kind_of?(String) || name.kind_of?(Symbol)
|
41
|
+
name = (name.to_s.end_with?('_id') ? name.to_s[0...-3] : name).to_sym
|
42
|
+
belong_tos.find { |ass| ass.name == name }
|
43
|
+
else
|
44
|
+
belong_tos.find { |ass| ass.klass == name.class }
|
45
|
+
end
|
42
46
|
end
|
43
47
|
|
44
48
|
def belongs_to_polymorphic(name)
|
@@ -2,64 +2,67 @@ module Effective
|
|
2
2
|
module Resources
|
3
3
|
module Paths
|
4
4
|
|
5
|
-
#
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
#
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
5
|
+
#
|
6
|
+
# TODO: Delete these. Once effective_developer is updated
|
7
|
+
#
|
8
|
+
# # Controller REST helper paths
|
9
|
+
# def index_path(check: false)
|
10
|
+
# path = [namespace, plural_name, 'path'].compact * '_'
|
11
|
+
# path if (!check || path_exists?(path))
|
12
|
+
# end
|
13
|
+
|
14
|
+
# def new_path(check: false)
|
15
|
+
# path = ['new', namespace, name, 'path'].compact * '_'
|
16
|
+
# path if (!check || path_exists?(path))
|
17
|
+
# end
|
18
|
+
|
19
|
+
# def show_path(check: false)
|
20
|
+
# path = [namespace, name, 'path'].compact * '_'
|
21
|
+
# path if (!check || path_exists?(path, 1))
|
22
|
+
# end
|
23
|
+
|
24
|
+
# def destroy_path(check: false)
|
25
|
+
# path = [namespace, name, 'path'].compact * '_'
|
26
|
+
# path if (!check || path_exists?(path, 1, :delete))
|
27
|
+
# end
|
28
|
+
|
29
|
+
# def edit_path(check: false)
|
30
|
+
# path = ['edit', namespace, name, 'path'].compact * '_'
|
31
|
+
# path if (!check || path_exists?(path, 1))
|
32
|
+
# end
|
33
|
+
|
34
|
+
# def action_path(action, check: false)
|
35
|
+
# path = [action, namespace, name, 'path'].compact * '_'
|
36
|
+
# path if (!check || path_exists?(path, 1, :any))
|
37
|
+
# end
|
38
|
+
|
39
|
+
# def action_post_path(action, check: false)
|
40
|
+
# path = [action, namespace, name, 'path'].compact * '_'
|
41
|
+
# path if (!check || path_exists?(path, 1, :post) || path_exists?(path, 1, :put) || path_exists?(path, 1, :patch))
|
42
|
+
# end
|
43
|
+
|
44
|
+
# def path_exists?(path, param = nil, verb = :get)
|
45
|
+
# routes = Rails.application.routes
|
46
|
+
|
47
|
+
# return false unless routes.url_helpers.respond_to?(path)
|
48
|
+
# (routes.recognize_path(routes.url_helpers.send(path, param), method: verb).present? rescue false)
|
49
|
+
# end
|
50
|
+
|
51
|
+
# # _helper methods also put in the (@thing)
|
52
|
+
# alias_method :index_path_helper, :index_path
|
53
|
+
# alias_method :new_path_helper, :new_path
|
54
|
+
|
55
|
+
# def show_path_helper(at: true)
|
56
|
+
# show_path + '(' + (at ? '@' : '') + name + ')'
|
57
|
+
# end
|
58
|
+
|
59
|
+
# def edit_path_helper(at: true)
|
60
|
+
# edit_path + '(' + (at ? '@' : '') + name + ')'
|
61
|
+
# end
|
62
|
+
|
63
|
+
# def action_path_helper(action, at: true)
|
64
|
+
# action_path(action) + '(' + (at ? '@' : '') + name + ')'
|
65
|
+
# end
|
63
66
|
|
64
67
|
# Default file paths
|
65
68
|
def model_file
|
@@ -40,24 +40,24 @@ module Effective
|
|
40
40
|
def sql_type(name)
|
41
41
|
name = name.to_s.split('.').first
|
42
42
|
|
43
|
-
if
|
44
|
-
:belongs_to_polymorphic
|
45
|
-
elsif belongs_to(name)
|
43
|
+
if belongs_to(name)
|
46
44
|
:belongs_to
|
47
|
-
elsif
|
48
|
-
|
45
|
+
elsif (column = column(name))
|
46
|
+
column.type
|
49
47
|
elsif has_many(name)
|
50
48
|
:has_many
|
51
49
|
elsif has_one(name)
|
52
50
|
:has_one
|
51
|
+
elsif belongs_to_polymorphic(name)
|
52
|
+
:belongs_to_polymorphic
|
53
|
+
elsif has_and_belongs_to_many(name)
|
54
|
+
:has_and_belongs_to_many
|
53
55
|
elsif name == 'id' && defined?(EffectiveObfuscation) && klass.respond_to?(:deobfuscate)
|
54
56
|
:effective_obfuscation
|
55
57
|
elsif name == 'roles' && defined?(EffectiveRoles) && klass.respond_to?(:with_role)
|
56
58
|
:effective_roles
|
57
59
|
elsif (name.include?('_address') || name.include?('_addresses')) && defined?(EffectiveAddresses) && (klass.new rescue nil).respond_to?(:effective_addresses)
|
58
60
|
:effective_addresses
|
59
|
-
elsif (column = column(name))
|
60
|
-
column.type
|
61
61
|
elsif name.ends_with?('_id')
|
62
62
|
:integer
|
63
63
|
else
|
@@ -3,19 +3,14 @@
|
|
3
3
|
|
4
4
|
- if @resource
|
5
5
|
.row
|
6
|
-
.col-
|
6
|
+
.col-xs-8
|
7
7
|
%h1= @page_title
|
8
|
-
.col-
|
9
|
-
|
10
|
-
-
|
11
|
-
|
12
|
-
- if resource.action_post_path(action, check: true).present?
|
13
|
-
= link_to action.titleize, send(resource.action_post_path(action), @resource), class: 'btn btn-primary',
|
14
|
-
data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
8
|
+
.col-xs-4.text-right
|
9
|
+
- resource.member_post_actions.each do |action|
|
10
|
+
- if EffectiveResources.authorized?(controller, action, @resource) && (path = resource.action_path(action, @resource)).present?
|
11
|
+
= link_to action.to_s.titleize, path, class: 'btn btn-sm btn-primary', data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
15
12
|
|
16
|
-
|
17
|
-
|
18
|
-
= link_to 'Delete', send(resource.destroy_path, @resource), class: 'btn btn-danger',
|
19
|
-
data: { confirm: "Really delete #{@resource}?", method: :delete }
|
13
|
+
- if EffectiveResources.authorized?(controller, :destroy, @resource) && (path = resource.action_path(:destroy, @resource)).present?
|
14
|
+
= link_to 'Delete', path, class: 'btn btn-sm btn-danger', data: { confirm: "Really delete #{@resource}?", method: :delete }
|
20
15
|
|
21
16
|
= render 'form', resource.name.to_sym => @resource
|
@@ -1,12 +1,11 @@
|
|
1
1
|
- resource = (@_effective_resource || Effective::Resource.new(controller_path))
|
2
2
|
|
3
3
|
.row
|
4
|
-
.col-
|
4
|
+
.col-xs-8
|
5
5
|
%h1= @page_title
|
6
|
-
.col-
|
7
|
-
|
8
|
-
|
9
|
-
= link_to "New #{resource.human_name.titleize}", send(resource.new_path), class: 'btn btn-primary'
|
6
|
+
.col-xs-4.text-right
|
7
|
+
- if EffectiveResources.authorized?(controller, :new, resource.klass) && (path = resource.action_path(:new)).present?
|
8
|
+
= link_to "New #{resource.human_name.titleize}", path, class: 'btn btn-primary'
|
10
9
|
|
11
10
|
- if @datatable
|
12
11
|
= render_datatable(@datatable)
|
@@ -3,19 +3,17 @@
|
|
3
3
|
|
4
4
|
- if @resource
|
5
5
|
.row
|
6
|
-
.col-
|
6
|
+
.col-xs-8
|
7
7
|
%h1= @page_title
|
8
|
-
.col-
|
9
|
-
|
10
|
-
-
|
11
|
-
|
12
|
-
- if resource.action_post_path(action, check: true).present?
|
13
|
-
= link_to action.titleize, send(resource.action_post_path(action), @resource), class: 'btn btn-primary',
|
14
|
-
data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
8
|
+
.col-xs-4.text-right
|
9
|
+
- resource.member_post_actions.each do |action|
|
10
|
+
- if EffectiveResources.authorized?(controller, action, @resource) && (path = resource.action_path(action, @resource)).present?
|
11
|
+
= link_to action.to_s.titleize, path, class: 'btn btn-sm btn-primary', data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
15
12
|
|
16
|
-
|
17
|
-
|
18
|
-
= link_to 'Delete', send(resource.destroy_path, @resource), class: 'btn btn-danger',
|
19
|
-
data: { confirm: "Really delete #{@resource}?", method: :delete }
|
13
|
+
- if EffectiveResources.authorized?(controller, :destroy, @resource) && (path = resource.action_path(:destroy, @resource)).present?
|
14
|
+
= link_to 'Delete', path, class: 'btn btn-sm btn-danger', data: { confirm: "Really delete #{@resource}?", method: :delete }
|
20
15
|
|
21
16
|
= render @resource
|
17
|
+
|
18
|
+
.form-actions
|
19
|
+
= link_to 'Continue', (resource.action_path(:index) || root_path), class: 'btn btn-primary'
|
@@ -2,21 +2,23 @@ EffectiveResources.setup do |config|
|
|
2
2
|
# Authorization Method
|
3
3
|
#
|
4
4
|
# This method is called by all controller actions with the appropriate action and resource
|
5
|
-
# If
|
5
|
+
# If it raises an exception or returns false, an Effective::AccessDenied Error will be raised
|
6
6
|
#
|
7
|
-
# Use via Proc
|
8
|
-
#
|
7
|
+
# Use via Proc:
|
8
|
+
# Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCan
|
9
|
+
# Proc.new { |controller, action, resource| can?(action, resource) } # CanCan with skip_authorization_check
|
10
|
+
# Proc.new { |controller, action, resource| authorize "#{action}?", resource } # Pundit
|
11
|
+
# Proc.new { |controller, action, resource| current_user.is?(:admin) } # Custom logic
|
9
12
|
#
|
10
|
-
# Use via
|
11
|
-
# config.authorization_method =
|
12
|
-
#
|
13
|
-
# And then in your application_controller.rb:
|
13
|
+
# Use via Boolean:
|
14
|
+
# config.authorization_method = true # Always authorized
|
15
|
+
# config.authorization_method = false # Always unauthorized
|
14
16
|
#
|
15
|
-
#
|
16
|
-
#
|
17
|
+
# Use via Method (probably in your application_controller.rb):
|
18
|
+
# config.authorization_method = :my_authorization_method
|
19
|
+
# def my_authorization_method(resource, action)
|
20
|
+
# true
|
17
21
|
# end
|
18
|
-
|
19
|
-
|
20
|
-
# config.authorization_method = false
|
21
|
-
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
|
22
|
+
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) }
|
23
|
+
|
22
24
|
end
|
data/lib/effective_resources.rb
CHANGED
@@ -11,10 +11,20 @@ module EffectiveResources
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.authorized?(controller, action, resource)
|
14
|
-
if
|
15
|
-
|
14
|
+
@_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
|
15
|
+
|
16
|
+
return !!authorization_method unless authorization_method.respond_to?(:call)
|
17
|
+
controller = controller.controller if controller.respond_to?(:controller)
|
18
|
+
|
19
|
+
begin
|
20
|
+
!!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
|
21
|
+
rescue *@_exceptions
|
22
|
+
false
|
16
23
|
end
|
17
|
-
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.authorize!(controller, action, resource)
|
27
|
+
raise Effective::AccessDenied unless authorized?(controller, action, resource)
|
18
28
|
end
|
19
29
|
|
20
30
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: effective_resources
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Code and Effect
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-11-
|
11
|
+
date: 2017-11-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|