effective_roles 2.0.0 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/concerns/acts_as_role_restricted.rb +10 -6
  3. data/config/effective_roles.rb +4 -1
  4. data/lib/effective_roles.rb +52 -15
  5. data/lib/effective_roles/engine.rb +3 -3
  6. data/lib/effective_roles/version.rb +1 -1
  7. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c2e79ad753b38bbae083f785fe11328f944bdd41c2470751c9ab0e34249f35cc
4
- data.tar.gz: 5846cd1d6ae353411d97e89b73e0fb97582a27a5a00a8272e2d3391a7a924287
3
+ metadata.gz: '068af67420f4d68373480a8b0f738ae2cc01913b3ec327cff95a01c8dcec0f24'
4
+ data.tar.gz: b5cc82efb23a36fa31475bfd27bfe69a8d9d2f41813a3ad3397f131a69669814
5
5
  SHA512:
6
- metadata.gz: 57c6dcaa1b1454f20f6ef6f813d9eb25fee44921cdec96b22c37e171ee8d8d52617d009fbc392847914079018c35f962b7579eb61fb99b89dbc51042f3c1fedb
7
- data.tar.gz: 5bb3f94bce4141aa78a04968e1652824386c2dd2d9c0d1ef4af9d7db5087afdb4e084afaec10d97ac371a8a5ffb63c85002f4d1e9c7133a98763fc1cc412d0c4
6
+ metadata.gz: cb8776abf2ed21d03a6c83d51458581143cca3fa0fa2fba64342ec7c05f441fc396a257cf2b4f3d858ff3a5a3bc6479ff1a08af3f5612a6cae8363f6b3f1a8db
7
+ data.tar.gz: 3d60cf7e471cf5858ba94f60b959e91000a143551d7a15cbe4f4c2759e8aa7e57e7e381452cd45f9ad67b5bd1a42be8235aa5cc067cba339a8d6ea9c567fe198
data/app/models/concerns/acts_as_role_restricted.rb CHANGED
@@ -14,7 +14,7 @@
14
14
  module ActsAsRoleRestricted
15
15
  extend ActiveSupport::Concern
16
16
 
17
- module ActiveRecord
17
+ module Base
18
18
  def acts_as_role_restricted(multiple: false)
19
19
  @acts_as_role_restricted_opts = { multiple: multiple }
20
20
  include ::ActsAsRoleRestricted
@@ -29,13 +29,9 @@ module ActsAsRoleRestricted
29
29
 
30
30
  validates :roles_mask, numericality: true, allow_nil: true
31
31
 
32
- validate(if: -> { changes.include?(:roles_mask) }) do
32
+ validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
33
33
  user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
34
34
 
35
- if user.blank? && EffectiveRoles.assignable_roles.present? && defined?(Rails::Server)
36
- self.errors.add(:roles, 'current_user must be present when assigning roles')
37
- end
38
-
39
35
  roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
40
36
  changed = (roles + roles_was) - (roles & roles_was) # XOR
41
37
 
@@ -45,6 +41,14 @@ module ActsAsRoleRestricted
45
41
  authorized = roles.dup
46
42
  unauthorized.each { |role| authorized.include?(role) ? authorized.delete(role) : authorized.push(role) }
47
43
 
44
+ if unauthorized.present?
45
+ Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
46
+ end
47
+
48
+ if unauthorized.present? && user.blank? && defined?(Rails::Server)
49
+ self.errors.add(:roles, 'current_user must be present when assigning roles')
50
+ end
51
+
48
52
  self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
49
53
  end
50
54
 
data/config/effective_roles.rb CHANGED
@@ -53,6 +53,8 @@ EffectiveRoles.setup do |config|
53
53
  # :superadmin => [:superadmin, :admin, :member], # Superadmins may create Pages for any role
54
54
  # :admin => [:admin, :member], # Admins may create Pages for admin and members
55
55
  # :member => [:member] # Members may create Pages for members
56
+ # },
57
+ # 'Post' => false # Don't enforce assignable roles validation
56
58
  # }
57
59
  #
58
60
  # Or just keep it simple, and use this Hash syntax of permissions for every resource
@@ -60,7 +62,8 @@ EffectiveRoles.setup do |config|
60
62
  # config.assignable_roles = {
61
63
  # :superadmin => [:superadmin, :admin, :member], # Superadmins may assign any resource any role
62
64
  # :admin => [:admin, :member], # Admins may only assign the :admin or :member role
63
- # :member => [] # Members may not assign any roles
65
+ # :member => [], # Members may not assign any roles
66
+ # :new_record => [:member] # Member may be assigned to a new_record without a current_user
64
67
  # }
65
68
 
66
69
  # Authorization Method
data/lib/effective_roles.rb CHANGED
@@ -92,29 +92,66 @@ module EffectiveRoles
92
92
  end
93
93
 
94
94
  def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
95
- return roles if assignable_roles.nil?
95
+ return roles unless assignable_roles_present?(resource)
96
96
 
97
- raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
98
- raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
99
- raise('expected current_user to respond to is_role_restricted?') if current_user && !current_user.respond_to?(:is_role_restricted?)
100
-
101
- multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
102
97
  current_user ||= (EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging)))
103
98
 
104
- assignable = if assignable_roles.kind_of?(Array)
105
- assignable_roles
106
- elsif current_user.present?
107
- current_roles = assignable_roles[resource.try(:class).to_s] || assignable_roles || {}
108
- current_user.roles.map { |role| current_roles[role] }.flatten.compact.uniq
109
- else
110
- assignable_roles[resource.try(:class).to_s] || []
99
+ if current_user && !current_user.respond_to?(:is_role_restricted?)
100
+ raise('expected current_user to respond to is_role_restricted?')
101
+ end
102
+
103
+ if !resource.respond_to?(:is_role_restricted?)
104
+ raise('expected current_user to respond to is_role_restricted?')
111
105
  end
112
106
 
107
+ assigned_roles = if assignable_roles.kind_of?(Hash)
108
+ assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
109
+ assigned = [] # our return value
110
+
111
+ if current_user.blank?
112
+ assigned = assignable.values.flatten
113
+ end
114
+
115
+ if current_user.present?
116
+ assigned = current_user.roles.map { |role| assignable[role] }.flatten.compact
117
+ end
118
+
119
+ if assignable[:new_record] && resource.new_record?
120
+ assigned += Array(assignable[:new_record])
121
+ end
122
+
123
+ if assignable[:persisted] && resource.persisted?
124
+ assigned += Array(assignable[:persisted])
125
+ end
126
+
127
+ assigned
128
+ elsif assignable_roles.kind_of?(Array)
129
+ assignable_roles
130
+ end.uniq
131
+
113
132
  # Check boxes
114
- return assignable if multiple
133
+ multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
134
+ return assigned_roles if multiple
115
135
 
116
136
  # Radios
117
- (resource.roles - assignable).present? ? [] : assignable
137
+ (resource.roles - assigned_roles).present? ? [] : assigned_roles
138
+ end
139
+
140
+ def self.assignable_roles_present?(resource)
141
+ return false if assignable_roles.nil?
142
+
143
+ raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
144
+ raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
145
+
146
+ return assignable_roles.present? if assignable_roles.kind_of?(Array)
147
+
148
+ if assignable_roles.kind_of?(Array)
149
+ assignable_roles
150
+ elsif assignable_roles.key?(resource.class.to_s)
151
+ assignable_roles[resource.class.to_s]
152
+ else
153
+ assignable_roles
154
+ end.present?
118
155
  end
119
156
 
120
157
  # This is used by the effective_roles_summary_table helper method
data/lib/effective_roles/engine.rb CHANGED
@@ -1,13 +1,13 @@
1
+ require 'effective_roles/set_current_user'
2
+
1
3
  module EffectiveRoles
2
4
  class Engine < ::Rails::Engine
3
5
  engine_name 'effective_roles'
4
6
 
5
- config.autoload_paths += Dir["#{config.root}/app/models/concerns", "#{config.root}/lib/"]
6
-
7
7
  # Include acts_as_addressable concern and allow any ActiveRecord object to call it
8
8
  initializer 'effective_roles.active_record' do |app|
9
9
  ActiveSupport.on_load :active_record do
10
- ActiveRecord::Base.extend(ActsAsRoleRestricted::ActiveRecord)
10
+ ActiveRecord::Base.extend(ActsAsRoleRestricted::Base)
11
11
  end
12
12
  end
13
13
 
data/lib/effective_roles/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveRoles
2
- VERSION = '2.0.0'.freeze
2
+ VERSION = '2.0.5'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_roles
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-28 00:00:00.000000000 Z
11
+ date: 2020-08-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -53,7 +53,7 @@ homepage: https://github.com/code-and-effect/effective_roles
53
53
  licenses:
54
54
  - MIT
55
55
  metadata: {}
56
- post_install_message:
56
+ post_install_message:
57
57
  rdoc_options: []
58
58
  require_paths:
59
59
  - lib
@@ -68,8 +68,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
68
68
  - !ruby/object:Gem::Version
69
69
  version: '0'
70
70
  requirements: []
71
- rubygems_version: 3.0.3
72
- signing_key:
71
+ rubygems_version: 3.1.2
72
+ signing_key:
73
73
  specification_version: 4
74
74
  summary: Assign multiple roles to any User or other ActiveRecord object. Select only
75
75
  the appropriate objects based on intelligent, chainable ActiveRecord::Relation finder