effective_roles 2.0.1 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/models/concerns/acts_as_role_restricted.rb +6 -2
- data/config/effective_roles.rb +2 -0
- data/lib/effective_roles.rb +23 -6
- data/lib/effective_roles/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e1f0c20e5d0b528fda1c4c550d4532a9e3f28b3117aa692bb8e25a6da5443a2f
|
|
4
|
+
data.tar.gz: 359fdf3f7ca51f81fe4e50f363cc0e89aeccd93ff536b579597dabc87c6647b2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0fe0946beed78c8986bb94ee0c8335e9a94c9cbc588f3df059279c01cf1ec4326bdaae69917ccff2ac9c3c7e213721cdf494bbdadf8516356a4fdf04885f60c2
|
|
7
|
+
data.tar.gz: b922f99dbf1f7c1149c0195fc1785a98b50ee5e74c03cb3dd101209bf6d4eea31cd58a393097cacbccb6273dcd7a477730b5ac0acdb7eb8e9b5480f1be2b65de
|
|
@@ -29,10 +29,10 @@ module ActsAsRoleRestricted
|
|
|
29
29
|
|
|
30
30
|
validates :roles_mask, numericality: true, allow_nil: true
|
|
31
31
|
|
|
32
|
-
validate(if: -> { changes.include?(:roles_mask) }) do
|
|
32
|
+
validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
|
|
33
33
|
user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
|
|
34
34
|
|
|
35
|
-
if user.blank? &&
|
|
35
|
+
if user.blank? && defined?(Rails::Server)
|
|
36
36
|
self.errors.add(:roles, 'current_user must be present when assigning roles')
|
|
37
37
|
end
|
|
38
38
|
|
|
@@ -45,6 +45,10 @@ module ActsAsRoleRestricted
|
|
|
45
45
|
authorized = roles.dup
|
|
46
46
|
unauthorized.each { |role| authorized.include?(role) ? authorized.delete(role) : authorized.push(role) }
|
|
47
47
|
|
|
48
|
+
if unauthorized.present?
|
|
49
|
+
Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
|
|
50
|
+
end
|
|
51
|
+
|
|
48
52
|
self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
|
|
49
53
|
end
|
|
50
54
|
|
data/config/effective_roles.rb
CHANGED
|
@@ -53,6 +53,8 @@ EffectiveRoles.setup do |config|
|
|
|
53
53
|
# :superadmin => [:superadmin, :admin, :member], # Superadmins may create Pages for any role
|
|
54
54
|
# :admin => [:admin, :member], # Admins may create Pages for admin and members
|
|
55
55
|
# :member => [:member] # Members may create Pages for members
|
|
56
|
+
# },
|
|
57
|
+
# 'Post' => false # Don't enforce assignable roles validation
|
|
56
58
|
# }
|
|
57
59
|
#
|
|
58
60
|
# Or just keep it simple, and use this Hash syntax of permissions for every resource
|
data/lib/effective_roles.rb
CHANGED
|
@@ -92,15 +92,14 @@ module EffectiveRoles
|
|
|
92
92
|
end
|
|
93
93
|
|
|
94
94
|
def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
|
|
95
|
-
return roles
|
|
95
|
+
return roles unless assignable_roles_present?(resource)
|
|
96
96
|
|
|
97
|
-
raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
|
|
98
|
-
raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
|
|
99
|
-
raise('expected current_user to respond to is_role_restricted?') if current_user && !current_user.respond_to?(:is_role_restricted?)
|
|
100
|
-
|
|
101
|
-
multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
|
|
102
97
|
current_user ||= (EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging)))
|
|
103
98
|
|
|
99
|
+
if current_user && !current_user.respond_to?(:is_role_restricted?)
|
|
100
|
+
raise('expected current_user to respond to is_role_restricted?')
|
|
101
|
+
end
|
|
102
|
+
|
|
104
103
|
assignable = if assignable_roles.kind_of?(Array)
|
|
105
104
|
assignable_roles
|
|
106
105
|
elsif current_user.present?
|
|
@@ -112,12 +111,30 @@ module EffectiveRoles
|
|
|
112
111
|
end
|
|
113
112
|
|
|
114
113
|
# Check boxes
|
|
114
|
+
multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
|
|
115
115
|
return assignable if multiple
|
|
116
116
|
|
|
117
117
|
# Radios
|
|
118
118
|
(resource.roles - assignable).present? ? [] : assignable
|
|
119
119
|
end
|
|
120
120
|
|
|
121
|
+
def self.assignable_roles_present?(resource)
|
|
122
|
+
return false if assignable_roles.nil?
|
|
123
|
+
|
|
124
|
+
raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
|
|
125
|
+
raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
|
|
126
|
+
|
|
127
|
+
return assignable_roles.present? if assignable_roles.kind_of?(Array)
|
|
128
|
+
|
|
129
|
+
if assignable_roles.kind_of?(Array)
|
|
130
|
+
assignable_roles
|
|
131
|
+
elsif assignable_roles.key?(resource.class.to_s)
|
|
132
|
+
assignable_roles[resource.class.to_s]
|
|
133
|
+
else
|
|
134
|
+
assignable_roles
|
|
135
|
+
end.present?
|
|
136
|
+
end
|
|
137
|
+
|
|
121
138
|
# This is used by the effective_roles_summary_table helper method
|
|
122
139
|
def self.authorization_level(controller, role, resource)
|
|
123
140
|
return :unknown unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_roles
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-06-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|