effective_roles 2.0.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 06f6a3d9bee34bb09cb46dca52cf1d7837ed636c9a1888e244aff16c1f8b772c
-  data.tar.gz: 708a5daa2f874de24e5fe8b80f1cd1e4731d9fc30630f18ab16c666d47749e34
+  metadata.gz: e1f0c20e5d0b528fda1c4c550d4532a9e3f28b3117aa692bb8e25a6da5443a2f
+  data.tar.gz: 359fdf3f7ca51f81fe4e50f363cc0e89aeccd93ff536b579597dabc87c6647b2
 SHA512:
-  metadata.gz: a960a0fc29fbfec810675e507628dcf4c6aa2327685866c02e51d267a163869e3ed19c9f6cb92b3ceb7f21315c4d6c42f1f7e19efa374f944970778cf62ad3c7
-  data.tar.gz: 5d51969cfd0d88df911f5c79c550ce5085422ba82670250bb93781f5d95c298578d8c5b5c74bc3dfe4744f04b216ea2aaa00bccfefd097cf24491a5548d1f4a6
+  metadata.gz: 0fe0946beed78c8986bb94ee0c8335e9a94c9cbc588f3df059279c01cf1ec4326bdaae69917ccff2ac9c3c7e213721cdf494bbdadf8516356a4fdf04885f60c2
+  data.tar.gz: b922f99dbf1f7c1149c0195fc1785a98b50ee5e74c03cb3dd101209bf6d4eea31cd58a393097cacbccb6273dcd7a477730b5ac0acdb7eb8e9b5480f1be2b65de

data/app/models/concerns/acts_as_role_restricted.rb

@@ -29,10 +29,10 @@ module ActsAsRoleRestricted
 
     validates :roles_mask, numericality: true, allow_nil: true
 
-    validate(if: -> { changes.include?(:roles_mask) }) do
+    validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
       user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
 
-      if user.blank? && EffectiveRoles.assignable_roles.present? && defined?(Rails::Server)
+      if user.blank? && defined?(Rails::Server)
         self.errors.add(:roles, 'current_user must be present when assigning roles')
       end
 
@@ -45,6 +45,10 @@ module ActsAsRoleRestricted
       authorized = roles.dup
       unauthorized.each { |role| authorized.include?(role) ? authorized.delete(role) : authorized.push(role) }
 
+      if unauthorized.present?
+        Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
+      end
+
       self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
     end
 

data/config/effective_roles.rb

@@ -53,6 +53,8 @@ EffectiveRoles.setup do |config|
   #     :superadmin => [:superadmin, :admin, :member],  # Superadmins may create Pages for any role
   #     :admin => [:admin, :member],                    # Admins may create Pages for admin and members
   #     :member => [:member]                            # Members may create Pages for members
+  #   },
+  #   'Post' => false                                   # Don't enforce assignable roles validation
   #   }
   #
   # Or just keep it simple, and use this Hash syntax of permissions for every resource

data/lib/effective_roles.rb

@@ -92,15 +92,14 @@ module EffectiveRoles
   end
 
   def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
-    return roles if assignable_roles.nil?
+    return roles unless assignable_roles_present?(resource)
 
-    raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
-    raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
-    raise('expected current_user to respond to is_role_restricted?') if current_user && !current_user.respond_to?(:is_role_restricted?)
-    
-    multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
     current_user ||= (EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging)))
 
+    if current_user && !current_user.respond_to?(:is_role_restricted?)
+      raise('expected current_user to respond to is_role_restricted?') 
+    end
+
     assignable = if assignable_roles.kind_of?(Array)
       assignable_roles
     elsif current_user.present?
@@ -112,12 +111,30 @@ module EffectiveRoles
     end
 
     # Check boxes
+    multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
     return assignable if multiple
 
     # Radios
     (resource.roles - assignable).present? ? [] : assignable
   end
 
+  def self.assignable_roles_present?(resource)
+    return false if assignable_roles.nil?
+
+    raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
+    raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
+
+    return assignable_roles.present? if assignable_roles.kind_of?(Array)
+
+    if assignable_roles.kind_of?(Array)
+      assignable_roles
+    elsif assignable_roles.key?(resource.class.to_s)
+      assignable_roles[resource.class.to_s]
+    else
+      assignable_roles
+    end.present?
+  end
+
   # This is used by the effective_roles_summary_table helper method
   def self.authorization_level(controller, role, resource)
     return :unknown unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))

data/lib/effective_roles/version.rb

@@ -1,3 +1,3 @@
 module EffectiveRoles
-  VERSION = '2.0.1'.freeze
+  VERSION = '2.0.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_roles
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.2
 platform: ruby
 authors:
 - Code and Effect
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-28 00:00:00.000000000 Z
+date: 2019-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails