effective_roles 2.0.2 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/models/concerns/acts_as_role_restricted.rb +4 -4
- data/config/effective_roles.rb +2 -1
- data/lib/effective_roles.rb +29 -10
- data/lib/effective_roles/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c4de9cee717076b8282e1f92ec075ebc708a2547d13dea34be7c0ece27a14bda
|
|
4
|
+
data.tar.gz: 857e95906133cc6850e2e2d6e3c4e74d1e1d1c95a666290adf6c30f6c556d7d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4e5c8535bf6364ff85d8a667f83266e9add5fa025e3377f7fa66201c32116f8dfd7b3541c9378b521262c19c144184fc6ff05ee376270886076382feb7536681
|
|
7
|
+
data.tar.gz: 10b1a3e174852d4b6e1833dfe0ae28a084949139d923074822a4b1033511715cba42e977864447ac85e35fcaa17971d06237e787e33e62dcd6427b788f8eab4a
|
|
@@ -32,10 +32,6 @@ module ActsAsRoleRestricted
|
|
|
32
32
|
validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
|
|
33
33
|
user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
|
|
34
34
|
|
|
35
|
-
if user.blank? && defined?(Rails::Server)
|
|
36
|
-
self.errors.add(:roles, 'current_user must be present when assigning roles')
|
|
37
|
-
end
|
|
38
|
-
|
|
39
35
|
roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
|
|
40
36
|
changed = (roles + roles_was) - (roles & roles_was) # XOR
|
|
41
37
|
|
|
@@ -49,6 +45,10 @@ module ActsAsRoleRestricted
|
|
|
49
45
|
Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
|
|
50
46
|
end
|
|
51
47
|
|
|
48
|
+
if unauthorized.present? && user.blank? && defined?(Rails::Server)
|
|
49
|
+
self.errors.add(:roles, 'current_user must be present when assigning roles')
|
|
50
|
+
end
|
|
51
|
+
|
|
52
52
|
self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
|
|
53
53
|
end
|
|
54
54
|
|
data/config/effective_roles.rb
CHANGED
|
@@ -62,7 +62,8 @@ EffectiveRoles.setup do |config|
|
|
|
62
62
|
# config.assignable_roles = {
|
|
63
63
|
# :superadmin => [:superadmin, :admin, :member], # Superadmins may assign any resource any role
|
|
64
64
|
# :admin => [:admin, :member], # Admins may only assign the :admin or :member role
|
|
65
|
-
# :member => []
|
|
65
|
+
# :member => [], # Members may not assign any roles
|
|
66
|
+
# :new_record => [:member] # Member may be assigned to a new_record without a current_user
|
|
66
67
|
# }
|
|
67
68
|
|
|
68
69
|
# Authorization Method
|
data/lib/effective_roles.rb
CHANGED
|
@@ -100,22 +100,41 @@ module EffectiveRoles
|
|
|
100
100
|
raise('expected current_user to respond to is_role_restricted?')
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
elsif current_user.present?
|
|
106
|
-
current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
|
|
107
|
-
current_user.roles.map { |role| current_roles[role] }.flatten.compact.uniq
|
|
108
|
-
else
|
|
109
|
-
current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
|
|
110
|
-
current_roles.values.flatten.uniq
|
|
103
|
+
if !resource.respond_to?(:is_role_restricted?)
|
|
104
|
+
raise('expected current_user to respond to is_role_restricted?')
|
|
111
105
|
end
|
|
112
106
|
|
|
107
|
+
assigned_roles = if assignable_roles.kind_of?(Hash)
|
|
108
|
+
assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
|
|
109
|
+
assigned = [] # our return value
|
|
110
|
+
|
|
111
|
+
if current_user.blank?
|
|
112
|
+
assigned = assignable.values.flatten
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
if current_user.present?
|
|
116
|
+
assigned = current_user.roles.map { |role| assignable[role] }.flatten.compact
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
if assignable[:new_record] && resource.new_record?
|
|
120
|
+
assigned += Array(assignable[:new_record])
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
if assignable[:persisted] && resource.persisted?
|
|
124
|
+
assigned += Array(assignable[:persisted])
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
assigned
|
|
128
|
+
elsif assignable_roles.kind_of?(Array)
|
|
129
|
+
assignable_roles
|
|
130
|
+
end.uniq
|
|
131
|
+
|
|
113
132
|
# Check boxes
|
|
114
133
|
multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
|
|
115
|
-
return
|
|
134
|
+
return assigned_roles if multiple
|
|
116
135
|
|
|
117
136
|
# Radios
|
|
118
|
-
(resource.roles -
|
|
137
|
+
(resource.roles - assigned_roles).present? ? [] : assigned_roles
|
|
119
138
|
end
|
|
120
139
|
|
|
121
140
|
def self.assignable_roles_present?(resource)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_roles
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-06-
|
|
11
|
+
date: 2019-06-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|