effective_resources 0.6.9 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/concerns/effective/crud_controller.rb +24 -26
- data/app/helpers/effective_resources_helper.rb +11 -5
- data/app/models/effective/resources/actions.rb +48 -15
- data/app/models/effective/resources/associations.rb +6 -2
- data/app/models/effective/resources/paths.rb +61 -58
- data/app/models/effective/resources/sql.rb +7 -7
- data/app/views/application/edit.html.haml +7 -12
- data/app/views/application/index.html.haml +4 -5
- data/app/views/application/show.html.haml +10 -12
- data/config/effective_resources.rb +15 -13
- data/lib/effective_resources/version.rb +1 -1
- data/lib/effective_resources.rb +13 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e60422542e4fd0579203430168370a0469aca1a4
|
|
4
|
+
data.tar.gz: 2768849db26e1cdb04f66a06806acd2026973113
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 21c3d13331bc4eca088ee77b9ba1f0a6ff160f64f7373f190371d90eaadd7060048f1e8f1e471c93515862ac7b7bea0f1dd4be3f10ec38d9d88dbce95ad8f56a
|
|
7
|
+
data.tar.gz: eabc01995fafbb7d4a200336964f34c292341d3b6aaf8d50cddccb0d6fb6a17c2641df45c2fae00b8853a4a7b928daf9affea1389f56ca9e44bfa6cc380136f1
|
|
@@ -61,7 +61,7 @@ module Effective
|
|
|
61
61
|
define_method(action) do
|
|
62
62
|
self.resource ||= resource_scope.find(params[:id])
|
|
63
63
|
|
|
64
|
-
EffectiveResources.
|
|
64
|
+
EffectiveResources.authorize!(self, action, resource)
|
|
65
65
|
|
|
66
66
|
@page_title ||= "#{action.to_s.titleize} #{resource}"
|
|
67
67
|
|
|
@@ -81,7 +81,7 @@ module Effective
|
|
|
81
81
|
|
|
82
82
|
self.resources ||= resource_scope.all
|
|
83
83
|
|
|
84
|
-
EffectiveResources.
|
|
84
|
+
EffectiveResources.authorize!(self, action, resource_klass)
|
|
85
85
|
|
|
86
86
|
@page_title ||= "#{action.to_s.titleize} #{resource_plural_name.titleize}"
|
|
87
87
|
|
|
@@ -121,7 +121,7 @@ module Effective
|
|
|
121
121
|
|
|
122
122
|
def index
|
|
123
123
|
@page_title ||= resource_plural_name.titleize
|
|
124
|
-
|
|
124
|
+
EffectiveDatatables.authorize!(self, :index, resource_klass)
|
|
125
125
|
|
|
126
126
|
self.resources ||= resource_scope.all
|
|
127
127
|
|
|
@@ -140,7 +140,7 @@ module Effective
|
|
|
140
140
|
)
|
|
141
141
|
|
|
142
142
|
@page_title ||= "New #{resource_name.titleize}"
|
|
143
|
-
EffectiveResources.
|
|
143
|
+
EffectiveResources.authorize!(self, :new, resource)
|
|
144
144
|
|
|
145
145
|
run_callbacks(:resource_render)
|
|
146
146
|
end
|
|
@@ -149,10 +149,10 @@ module Effective
|
|
|
149
149
|
self.resource ||= resource_scope.new
|
|
150
150
|
|
|
151
151
|
@page_title ||= "New #{resource_name.titleize}"
|
|
152
|
-
EffectiveResources.
|
|
152
|
+
EffectiveResources.authorize!(self, :create, resource)
|
|
153
153
|
|
|
154
|
-
action =
|
|
155
|
-
EffectiveResources.
|
|
154
|
+
action = commit_action[:action]
|
|
155
|
+
EffectiveResources.authorize!(self, action, resource) unless action == :save
|
|
156
156
|
|
|
157
157
|
resource.assign_attributes(send(resource_params_method_name))
|
|
158
158
|
resource.created_by ||= current_user if resource.respond_to?(:created_by=)
|
|
@@ -170,7 +170,7 @@ module Effective
|
|
|
170
170
|
self.resource ||= resource_scope.find(params[:id])
|
|
171
171
|
|
|
172
172
|
@page_title ||= resource.to_s
|
|
173
|
-
EffectiveResources.
|
|
173
|
+
EffectiveResources.authorize!(self, :show, resource)
|
|
174
174
|
|
|
175
175
|
run_callbacks(:resource_render)
|
|
176
176
|
end
|
|
@@ -179,7 +179,7 @@ module Effective
|
|
|
179
179
|
self.resource ||= resource_scope.find(params[:id])
|
|
180
180
|
|
|
181
181
|
@page_title ||= "Edit #{resource}"
|
|
182
|
-
EffectiveResources.
|
|
182
|
+
EffectiveResources.authorize!(self, :edit, resource)
|
|
183
183
|
|
|
184
184
|
run_callbacks(:resource_render)
|
|
185
185
|
end
|
|
@@ -188,10 +188,10 @@ module Effective
|
|
|
188
188
|
self.resource ||= resource_scope.find(params[:id])
|
|
189
189
|
|
|
190
190
|
@page_title = "Edit #{resource}"
|
|
191
|
-
EffectiveResources.
|
|
191
|
+
EffectiveResources.authorize!(self, :update, resource)
|
|
192
192
|
|
|
193
|
-
action =
|
|
194
|
-
EffectiveResources.
|
|
193
|
+
action = commit_action[:action]
|
|
194
|
+
EffectiveResources.authorize!(self, action, resource) unless action == :save
|
|
195
195
|
|
|
196
196
|
resource.assign_attributes(send(resource_params_method_name))
|
|
197
197
|
|
|
@@ -208,7 +208,7 @@ module Effective
|
|
|
208
208
|
self.resource = resource_scope.find(params[:id])
|
|
209
209
|
|
|
210
210
|
@page_title ||= "Destroy #{resource}"
|
|
211
|
-
EffectiveResources.
|
|
211
|
+
EffectiveResources.authorize!(self, :destroy, resource)
|
|
212
212
|
|
|
213
213
|
if resource.destroy
|
|
214
214
|
flash[:success] ||= flash_success(resource, :delete)
|
|
@@ -220,7 +220,7 @@ module Effective
|
|
|
220
220
|
if referer_redirect_path && !request.referer.to_s.include?("/#{resource.to_param}/")
|
|
221
221
|
redirect_to(referer_redirect_path)
|
|
222
222
|
else
|
|
223
|
-
redirect_to(
|
|
223
|
+
redirect_to(resource_redirect_path)
|
|
224
224
|
end
|
|
225
225
|
end
|
|
226
226
|
|
|
@@ -316,17 +316,15 @@ module Effective
|
|
|
316
316
|
end
|
|
317
317
|
|
|
318
318
|
def resource_redirect_path
|
|
319
|
-
if
|
|
320
|
-
return instance_exec(&resource_commit_action[:redirect])
|
|
321
|
-
end
|
|
319
|
+
return instance_exec(&commit_action[:redirect]) if commit_action[:redirect].respond_to?(:call)
|
|
322
320
|
|
|
323
|
-
commit_action_redirect = case
|
|
321
|
+
commit_action_redirect = case commit_action[:redirect]
|
|
324
322
|
when :index ; resource_index_path
|
|
325
323
|
when :edit ; resource_edit_path
|
|
326
324
|
when :show ; resource_show_path
|
|
327
325
|
when :back ; referer_redirect_path
|
|
328
326
|
when nil ; nil
|
|
329
|
-
else ; resource_member_action_path(
|
|
327
|
+
else ; resource_member_action_path(commit_action[:action])
|
|
330
328
|
end
|
|
331
329
|
|
|
332
330
|
return commit_action_redirect if commit_action_redirect.present?
|
|
@@ -350,27 +348,27 @@ module Effective
|
|
|
350
348
|
end
|
|
351
349
|
|
|
352
350
|
def resource_index_path
|
|
353
|
-
|
|
351
|
+
effective_resource.action_path(:index)
|
|
354
352
|
end
|
|
355
353
|
|
|
356
354
|
def resource_new_path
|
|
357
|
-
|
|
355
|
+
effective_resource.action_path(:new)
|
|
358
356
|
end
|
|
359
357
|
|
|
360
358
|
def resource_edit_path
|
|
361
|
-
|
|
359
|
+
effective_resource.action_path(:edit, resource)
|
|
362
360
|
end
|
|
363
361
|
|
|
364
362
|
def resource_show_path
|
|
365
|
-
|
|
363
|
+
effective_resource.action_path(:show, resource)
|
|
366
364
|
end
|
|
367
365
|
|
|
368
366
|
def resource_destroy_path
|
|
369
|
-
|
|
367
|
+
effective_resource.action_path(:destroy, resource)
|
|
370
368
|
end
|
|
371
369
|
|
|
372
370
|
def resource_member_action_path(action)
|
|
373
|
-
|
|
371
|
+
effective_resource.action_path(action.to_sym, resource)
|
|
374
372
|
end
|
|
375
373
|
|
|
376
374
|
def resource # @thing
|
|
@@ -415,7 +413,7 @@ module Effective
|
|
|
415
413
|
(action.to_s + (action.to_s.end_with?('e') ? 'd' : 'ed'))
|
|
416
414
|
end
|
|
417
415
|
|
|
418
|
-
def
|
|
416
|
+
def commit_action
|
|
419
417
|
self.class.member_actions[params[:commit].to_s] || self.class.member_actions['Save'] || raise("expected member_actions['Save'] to be present")
|
|
420
418
|
end
|
|
421
419
|
|
|
@@ -14,19 +14,25 @@ module EffectiveResourcesHelper
|
|
|
14
14
|
|
|
15
15
|
opts
|
|
16
16
|
end
|
|
17
|
-
|
|
18
17
|
else
|
|
19
18
|
{}.tap do |actions|
|
|
20
19
|
actions['Save'] = { class: 'btn btn-primary', data: { disable_with: 'Saving...' }}
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
|
|
21
|
+
if resource.action_path(:index) && EffectiveResources.authorized?(controller, :index, resource.klass)
|
|
22
|
+
actions['Continue'] = { class: 'btn btn-default', data: { disable_with: 'Saving...' }}
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
if resource.action_path(:new) && EffectiveResources.authorized?(controller, :new, resource.klass)
|
|
26
|
+
actions['Add New'] = { class: 'btn btn-default', data: { disable_with: 'Saving...' }}
|
|
27
|
+
end
|
|
28
|
+
|
|
23
29
|
end
|
|
24
30
|
end
|
|
25
31
|
|
|
26
32
|
wrapper_options = { class: 'form-actions' }.merge(options.delete(:wrapper_html) || {})
|
|
27
33
|
|
|
28
34
|
content_tag(:div, wrapper_options) do
|
|
29
|
-
buttons = actions.group_by { |
|
|
35
|
+
buttons = actions.group_by { |_, args| args[:class] }.flat_map do |_, action|
|
|
30
36
|
action.map { |action| form.button(:submit, *action) } + ['']
|
|
31
37
|
end
|
|
32
38
|
|
|
@@ -39,7 +45,7 @@ module EffectiveResourcesHelper
|
|
|
39
45
|
buttons = [capture(&block), ''] + buttons
|
|
40
46
|
end
|
|
41
47
|
|
|
42
|
-
|
|
48
|
+
buttons.join(' ').html_safe
|
|
43
49
|
end
|
|
44
50
|
end
|
|
45
51
|
|
|
@@ -2,30 +2,59 @@ module Effective
|
|
|
2
2
|
module Resources
|
|
3
3
|
module Actions
|
|
4
4
|
|
|
5
|
-
# This was written for the Edit actions fallback templates
|
|
6
|
-
|
|
7
|
-
def
|
|
8
|
-
@
|
|
9
|
-
|
|
5
|
+
# This was written for the Edit actions fallback templates and Datatables
|
|
6
|
+
# Effective::Resource.new('admin/posts').routes[:index]
|
|
7
|
+
def routes
|
|
8
|
+
@_routes ||= (
|
|
9
|
+
matches = [[namespace, plural_name].compact.join('/'), [namespace, name].compact.join('/')]
|
|
10
10
|
|
|
11
11
|
Rails.application.routes.routes.select do |route|
|
|
12
|
-
|
|
12
|
+
matches.any? { |match| match == route.defaults[:controller] }
|
|
13
|
+
end.inject({}) do |h, route|
|
|
14
|
+
h[route.defaults[:action].to_sym] = route; h
|
|
13
15
|
end
|
|
14
16
|
)
|
|
15
17
|
end
|
|
16
18
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
+
# Effective::Resource.new('admin/posts').action_path_helper(:edit) => 'edit_admin_posts_path'
|
|
20
|
+
# This will return empty for create, update and destroy
|
|
21
|
+
def action_path_helper(action)
|
|
22
|
+
return unless routes[action]
|
|
23
|
+
return (routes[action].name + '_path') if routes[action].name.present?
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# Effective::Resource.new('admin/posts').action_path(:edit, Post.last) => '/admin/posts/3/edit'
|
|
27
|
+
# Will work for any action. Returns the real path
|
|
28
|
+
def action_path(action, resource = nil, opts = {})
|
|
29
|
+
return unless routes[action]
|
|
30
|
+
|
|
31
|
+
# edge case: Effective::Resource.new('admin/comments').action_path(:new, @post)
|
|
32
|
+
if resource.present? && !resource.kind_of?(klass)
|
|
33
|
+
if (bt = belongs_to(resource)).present? && instance.respond_to?("#{bt.name}=")
|
|
34
|
+
return routes[action].format(klass.new(bt.name => resource)).presence
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
routes[action].format(resource || instance).presence
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def actions
|
|
42
|
+
routes.keys
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# GET actions
|
|
46
|
+
def collection_actions
|
|
47
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_get_route?(route) && !is_member_route?(route) }.compact - crud_actions
|
|
19
48
|
end
|
|
20
49
|
|
|
21
50
|
# GET actions
|
|
22
51
|
def member_actions
|
|
23
|
-
|
|
52
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_get_route?(route) && is_member_route?(route) }.compact - crud_actions
|
|
24
53
|
end
|
|
25
54
|
|
|
26
55
|
# POST/PUT/PATCH actions
|
|
27
56
|
def member_post_actions
|
|
28
|
-
|
|
57
|
+
routes.values.map { |route| route.defaults[:action].to_sym if is_post_route?(route) && is_member_route?(route) }.compact - crud_actions
|
|
29
58
|
end
|
|
30
59
|
|
|
31
60
|
# Same as controller_path in the view
|
|
@@ -36,15 +65,19 @@ module Effective
|
|
|
36
65
|
private
|
|
37
66
|
|
|
38
67
|
def crud_actions
|
|
39
|
-
%
|
|
68
|
+
%i(index new create show edit update destroy)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def is_member_route?(route)
|
|
72
|
+
(route.path.required_names || []).include?('id')
|
|
40
73
|
end
|
|
41
74
|
|
|
42
|
-
def
|
|
43
|
-
route.verb.to_s.include?('GET')
|
|
75
|
+
def is_get_route?(route)
|
|
76
|
+
route.verb.to_s.include?('GET')
|
|
44
77
|
end
|
|
45
78
|
|
|
46
|
-
def
|
|
47
|
-
['POST', 'PUT', 'PATCH'].any? { |verb| route.verb == verb }
|
|
79
|
+
def is_post_route?(route)
|
|
80
|
+
['POST', 'PUT', 'PATCH'].any? { |verb| route.verb == verb }
|
|
48
81
|
end
|
|
49
82
|
|
|
50
83
|
end
|
|
@@ -37,8 +37,12 @@ module Effective
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def belongs_to(name)
|
|
40
|
-
|
|
41
|
-
|
|
40
|
+
if name.kind_of?(String) || name.kind_of?(Symbol)
|
|
41
|
+
name = (name.to_s.end_with?('_id') ? name.to_s[0...-3] : name).to_sym
|
|
42
|
+
belong_tos.find { |ass| ass.name == name }
|
|
43
|
+
else
|
|
44
|
+
belong_tos.find { |ass| ass.klass == name.class }
|
|
45
|
+
end
|
|
42
46
|
end
|
|
43
47
|
|
|
44
48
|
def belongs_to_polymorphic(name)
|
|
@@ -2,64 +2,67 @@ module Effective
|
|
|
2
2
|
module Resources
|
|
3
3
|
module Paths
|
|
4
4
|
|
|
5
|
-
#
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
#
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
5
|
+
#
|
|
6
|
+
# TODO: Delete these. Once effective_developer is updated
|
|
7
|
+
#
|
|
8
|
+
# # Controller REST helper paths
|
|
9
|
+
# def index_path(check: false)
|
|
10
|
+
# path = [namespace, plural_name, 'path'].compact * '_'
|
|
11
|
+
# path if (!check || path_exists?(path))
|
|
12
|
+
# end
|
|
13
|
+
|
|
14
|
+
# def new_path(check: false)
|
|
15
|
+
# path = ['new', namespace, name, 'path'].compact * '_'
|
|
16
|
+
# path if (!check || path_exists?(path))
|
|
17
|
+
# end
|
|
18
|
+
|
|
19
|
+
# def show_path(check: false)
|
|
20
|
+
# path = [namespace, name, 'path'].compact * '_'
|
|
21
|
+
# path if (!check || path_exists?(path, 1))
|
|
22
|
+
# end
|
|
23
|
+
|
|
24
|
+
# def destroy_path(check: false)
|
|
25
|
+
# path = [namespace, name, 'path'].compact * '_'
|
|
26
|
+
# path if (!check || path_exists?(path, 1, :delete))
|
|
27
|
+
# end
|
|
28
|
+
|
|
29
|
+
# def edit_path(check: false)
|
|
30
|
+
# path = ['edit', namespace, name, 'path'].compact * '_'
|
|
31
|
+
# path if (!check || path_exists?(path, 1))
|
|
32
|
+
# end
|
|
33
|
+
|
|
34
|
+
# def action_path(action, check: false)
|
|
35
|
+
# path = [action, namespace, name, 'path'].compact * '_'
|
|
36
|
+
# path if (!check || path_exists?(path, 1, :any))
|
|
37
|
+
# end
|
|
38
|
+
|
|
39
|
+
# def action_post_path(action, check: false)
|
|
40
|
+
# path = [action, namespace, name, 'path'].compact * '_'
|
|
41
|
+
# path if (!check || path_exists?(path, 1, :post) || path_exists?(path, 1, :put) || path_exists?(path, 1, :patch))
|
|
42
|
+
# end
|
|
43
|
+
|
|
44
|
+
# def path_exists?(path, param = nil, verb = :get)
|
|
45
|
+
# routes = Rails.application.routes
|
|
46
|
+
|
|
47
|
+
# return false unless routes.url_helpers.respond_to?(path)
|
|
48
|
+
# (routes.recognize_path(routes.url_helpers.send(path, param), method: verb).present? rescue false)
|
|
49
|
+
# end
|
|
50
|
+
|
|
51
|
+
# # _helper methods also put in the (@thing)
|
|
52
|
+
# alias_method :index_path_helper, :index_path
|
|
53
|
+
# alias_method :new_path_helper, :new_path
|
|
54
|
+
|
|
55
|
+
# def show_path_helper(at: true)
|
|
56
|
+
# show_path + '(' + (at ? '@' : '') + name + ')'
|
|
57
|
+
# end
|
|
58
|
+
|
|
59
|
+
# def edit_path_helper(at: true)
|
|
60
|
+
# edit_path + '(' + (at ? '@' : '') + name + ')'
|
|
61
|
+
# end
|
|
62
|
+
|
|
63
|
+
# def action_path_helper(action, at: true)
|
|
64
|
+
# action_path(action) + '(' + (at ? '@' : '') + name + ')'
|
|
65
|
+
# end
|
|
63
66
|
|
|
64
67
|
# Default file paths
|
|
65
68
|
def model_file
|
|
@@ -40,24 +40,24 @@ module Effective
|
|
|
40
40
|
def sql_type(name)
|
|
41
41
|
name = name.to_s.split('.').first
|
|
42
42
|
|
|
43
|
-
if
|
|
44
|
-
:belongs_to_polymorphic
|
|
45
|
-
elsif belongs_to(name)
|
|
43
|
+
if belongs_to(name)
|
|
46
44
|
:belongs_to
|
|
47
|
-
elsif
|
|
48
|
-
|
|
45
|
+
elsif (column = column(name))
|
|
46
|
+
column.type
|
|
49
47
|
elsif has_many(name)
|
|
50
48
|
:has_many
|
|
51
49
|
elsif has_one(name)
|
|
52
50
|
:has_one
|
|
51
|
+
elsif belongs_to_polymorphic(name)
|
|
52
|
+
:belongs_to_polymorphic
|
|
53
|
+
elsif has_and_belongs_to_many(name)
|
|
54
|
+
:has_and_belongs_to_many
|
|
53
55
|
elsif name == 'id' && defined?(EffectiveObfuscation) && klass.respond_to?(:deobfuscate)
|
|
54
56
|
:effective_obfuscation
|
|
55
57
|
elsif name == 'roles' && defined?(EffectiveRoles) && klass.respond_to?(:with_role)
|
|
56
58
|
:effective_roles
|
|
57
59
|
elsif (name.include?('_address') || name.include?('_addresses')) && defined?(EffectiveAddresses) && (klass.new rescue nil).respond_to?(:effective_addresses)
|
|
58
60
|
:effective_addresses
|
|
59
|
-
elsif (column = column(name))
|
|
60
|
-
column.type
|
|
61
61
|
elsif name.ends_with?('_id')
|
|
62
62
|
:integer
|
|
63
63
|
else
|
|
@@ -3,19 +3,14 @@
|
|
|
3
3
|
|
|
4
4
|
- if @resource
|
|
5
5
|
.row
|
|
6
|
-
.col-
|
|
6
|
+
.col-xs-8
|
|
7
7
|
%h1= @page_title
|
|
8
|
-
.col-
|
|
9
|
-
|
|
10
|
-
-
|
|
11
|
-
|
|
12
|
-
- if resource.action_post_path(action, check: true).present?
|
|
13
|
-
= link_to action.titleize, send(resource.action_post_path(action), @resource), class: 'btn btn-primary',
|
|
14
|
-
data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
|
8
|
+
.col-xs-4.text-right
|
|
9
|
+
- resource.member_post_actions.each do |action|
|
|
10
|
+
- if EffectiveResources.authorized?(controller, action, @resource) && (path = resource.action_path(action, @resource)).present?
|
|
11
|
+
= link_to action.to_s.titleize, path, class: 'btn btn-sm btn-primary', data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
|
15
12
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
= link_to 'Delete', send(resource.destroy_path, @resource), class: 'btn btn-danger',
|
|
19
|
-
data: { confirm: "Really delete #{@resource}?", method: :delete }
|
|
13
|
+
- if EffectiveResources.authorized?(controller, :destroy, @resource) && (path = resource.action_path(:destroy, @resource)).present?
|
|
14
|
+
= link_to 'Delete', path, class: 'btn btn-sm btn-danger', data: { confirm: "Really delete #{@resource}?", method: :delete }
|
|
20
15
|
|
|
21
16
|
= render 'form', resource.name.to_sym => @resource
|
|
@@ -1,12 +1,11 @@
|
|
|
1
1
|
- resource = (@_effective_resource || Effective::Resource.new(controller_path))
|
|
2
2
|
|
|
3
3
|
.row
|
|
4
|
-
.col-
|
|
4
|
+
.col-xs-8
|
|
5
5
|
%h1= @page_title
|
|
6
|
-
.col-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
= link_to "New #{resource.human_name.titleize}", send(resource.new_path), class: 'btn btn-primary'
|
|
6
|
+
.col-xs-4.text-right
|
|
7
|
+
- if EffectiveResources.authorized?(controller, :new, resource.klass) && (path = resource.action_path(:new)).present?
|
|
8
|
+
= link_to "New #{resource.human_name.titleize}", path, class: 'btn btn-primary'
|
|
10
9
|
|
|
11
10
|
- if @datatable
|
|
12
11
|
= render_datatable(@datatable)
|
|
@@ -3,19 +3,17 @@
|
|
|
3
3
|
|
|
4
4
|
- if @resource
|
|
5
5
|
.row
|
|
6
|
-
.col-
|
|
6
|
+
.col-xs-8
|
|
7
7
|
%h1= @page_title
|
|
8
|
-
.col-
|
|
9
|
-
|
|
10
|
-
-
|
|
11
|
-
|
|
12
|
-
- if resource.action_post_path(action, check: true).present?
|
|
13
|
-
= link_to action.titleize, send(resource.action_post_path(action), @resource), class: 'btn btn-primary',
|
|
14
|
-
data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
|
8
|
+
.col-xs-4.text-right
|
|
9
|
+
- resource.member_post_actions.each do |action|
|
|
10
|
+
- if EffectiveResources.authorized?(controller, action, @resource) && (path = resource.action_path(action, @resource)).present?
|
|
11
|
+
= link_to action.to_s.titleize, path, class: 'btn btn-sm btn-primary', data: { confirm: "Really #{action} #{@resource}?", method: :post }
|
|
15
12
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
= link_to 'Delete', send(resource.destroy_path, @resource), class: 'btn btn-danger',
|
|
19
|
-
data: { confirm: "Really delete #{@resource}?", method: :delete }
|
|
13
|
+
- if EffectiveResources.authorized?(controller, :destroy, @resource) && (path = resource.action_path(:destroy, @resource)).present?
|
|
14
|
+
= link_to 'Delete', path, class: 'btn btn-sm btn-danger', data: { confirm: "Really delete #{@resource}?", method: :delete }
|
|
20
15
|
|
|
21
16
|
= render @resource
|
|
17
|
+
|
|
18
|
+
.form-actions
|
|
19
|
+
= link_to 'Continue', (resource.action_path(:index) || root_path), class: 'btn btn-primary'
|
|
@@ -2,21 +2,23 @@ EffectiveResources.setup do |config|
|
|
|
2
2
|
# Authorization Method
|
|
3
3
|
#
|
|
4
4
|
# This method is called by all controller actions with the appropriate action and resource
|
|
5
|
-
# If
|
|
5
|
+
# If it raises an exception or returns false, an Effective::AccessDenied Error will be raised
|
|
6
6
|
#
|
|
7
|
-
# Use via Proc
|
|
8
|
-
#
|
|
7
|
+
# Use via Proc:
|
|
8
|
+
# Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCan
|
|
9
|
+
# Proc.new { |controller, action, resource| can?(action, resource) } # CanCan with skip_authorization_check
|
|
10
|
+
# Proc.new { |controller, action, resource| authorize "#{action}?", resource } # Pundit
|
|
11
|
+
# Proc.new { |controller, action, resource| current_user.is?(:admin) } # Custom logic
|
|
9
12
|
#
|
|
10
|
-
# Use via
|
|
11
|
-
# config.authorization_method =
|
|
12
|
-
#
|
|
13
|
-
# And then in your application_controller.rb:
|
|
13
|
+
# Use via Boolean:
|
|
14
|
+
# config.authorization_method = true # Always authorized
|
|
15
|
+
# config.authorization_method = false # Always unauthorized
|
|
14
16
|
#
|
|
15
|
-
#
|
|
16
|
-
#
|
|
17
|
+
# Use via Method (probably in your application_controller.rb):
|
|
18
|
+
# config.authorization_method = :my_authorization_method
|
|
19
|
+
# def my_authorization_method(resource, action)
|
|
20
|
+
# true
|
|
17
21
|
# end
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
# config.authorization_method = false
|
|
21
|
-
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
|
|
22
|
+
config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) }
|
|
23
|
+
|
|
22
24
|
end
|
data/lib/effective_resources.rb
CHANGED
|
@@ -11,10 +11,20 @@ module EffectiveResources
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
def self.authorized?(controller, action, resource)
|
|
14
|
-
if
|
|
15
|
-
|
|
14
|
+
@_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
|
|
15
|
+
|
|
16
|
+
return !!authorization_method unless authorization_method.respond_to?(:call)
|
|
17
|
+
controller = controller.controller if controller.respond_to?(:controller)
|
|
18
|
+
|
|
19
|
+
begin
|
|
20
|
+
!!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
|
|
21
|
+
rescue *@_exceptions
|
|
22
|
+
false
|
|
16
23
|
end
|
|
17
|
-
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def self.authorize!(controller, action, resource)
|
|
27
|
+
raise Effective::AccessDenied unless authorized?(controller, action, resource)
|
|
18
28
|
end
|
|
19
29
|
|
|
20
30
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_resources
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-11-
|
|
11
|
+
date: 2017-11-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|