effective_roles 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/models/concerns/acts_as_role_restricted.rb +4 -4
- data/config/effective_roles.rb +2 -1
- data/lib/effective_roles.rb +29 -10
- data/lib/effective_roles/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c4de9cee717076b8282e1f92ec075ebc708a2547d13dea34be7c0ece27a14bda
|
|
4
|
+
data.tar.gz: 857e95906133cc6850e2e2d6e3c4e74d1e1d1c95a666290adf6c30f6c556d7d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4e5c8535bf6364ff85d8a667f83266e9add5fa025e3377f7fa66201c32116f8dfd7b3541c9378b521262c19c144184fc6ff05ee376270886076382feb7536681
|
|
7
|
+
data.tar.gz: 10b1a3e174852d4b6e1833dfe0ae28a084949139d923074822a4b1033511715cba42e977864447ac85e35fcaa17971d06237e787e33e62dcd6427b788f8eab4a
|
|
@@ -32,10 +32,6 @@ module ActsAsRoleRestricted
|
|
|
32
32
|
validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
|
|
33
33
|
user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
|
|
34
34
|
|
|
35
|
-
if user.blank? && defined?(Rails::Server)
|
|
36
|
-
self.errors.add(:roles, 'current_user must be present when assigning roles')
|
|
37
|
-
end
|
|
38
|
-
|
|
39
35
|
roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
|
|
40
36
|
changed = (roles + roles_was) - (roles & roles_was) # XOR
|
|
41
37
|
|
|
@@ -49,6 +45,10 @@ module ActsAsRoleRestricted
|
|
|
49
45
|
Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
|
|
50
46
|
end
|
|
51
47
|
|
|
48
|
+
if unauthorized.present? && user.blank? && defined?(Rails::Server)
|
|
49
|
+
self.errors.add(:roles, 'current_user must be present when assigning roles')
|
|
50
|
+
end
|
|
51
|
+
|
|
52
52
|
self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
|
|
53
53
|
end
|
|
54
54
|
|
data/config/effective_roles.rb
CHANGED
|
@@ -62,7 +62,8 @@ EffectiveRoles.setup do |config|
|
|
|
62
62
|
# config.assignable_roles = {
|
|
63
63
|
# :superadmin => [:superadmin, :admin, :member], # Superadmins may assign any resource any role
|
|
64
64
|
# :admin => [:admin, :member], # Admins may only assign the :admin or :member role
|
|
65
|
-
# :member => []
|
|
65
|
+
# :member => [], # Members may not assign any roles
|
|
66
|
+
# :new_record => [:member] # Member may be assigned to a new_record without a current_user
|
|
66
67
|
# }
|
|
67
68
|
|
|
68
69
|
# Authorization Method
|
data/lib/effective_roles.rb
CHANGED
|
@@ -100,22 +100,41 @@ module EffectiveRoles
|
|
|
100
100
|
raise('expected current_user to respond to is_role_restricted?')
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
elsif current_user.present?
|
|
106
|
-
current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
|
|
107
|
-
current_user.roles.map { |role| current_roles[role] }.flatten.compact.uniq
|
|
108
|
-
else
|
|
109
|
-
current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
|
|
110
|
-
current_roles.values.flatten.uniq
|
|
103
|
+
if !resource.respond_to?(:is_role_restricted?)
|
|
104
|
+
raise('expected current_user to respond to is_role_restricted?')
|
|
111
105
|
end
|
|
112
106
|
|
|
107
|
+
assigned_roles = if assignable_roles.kind_of?(Hash)
|
|
108
|
+
assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
|
|
109
|
+
assigned = [] # our return value
|
|
110
|
+
|
|
111
|
+
if current_user.blank?
|
|
112
|
+
assigned = assignable.values.flatten
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
if current_user.present?
|
|
116
|
+
assigned = current_user.roles.map { |role| assignable[role] }.flatten.compact
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
if assignable[:new_record] && resource.new_record?
|
|
120
|
+
assigned += Array(assignable[:new_record])
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
if assignable[:persisted] && resource.persisted?
|
|
124
|
+
assigned += Array(assignable[:persisted])
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
assigned
|
|
128
|
+
elsif assignable_roles.kind_of?(Array)
|
|
129
|
+
assignable_roles
|
|
130
|
+
end.uniq
|
|
131
|
+
|
|
113
132
|
# Check boxes
|
|
114
133
|
multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
|
|
115
|
-
return
|
|
134
|
+
return assigned_roles if multiple
|
|
116
135
|
|
|
117
136
|
# Radios
|
|
118
|
-
(resource.roles -
|
|
137
|
+
(resource.roles - assigned_roles).present? ? [] : assigned_roles
|
|
119
138
|
end
|
|
120
139
|
|
|
121
140
|
def self.assignable_roles_present?(resource)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_roles
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-06-
|
|
11
|
+
date: 2019-06-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|