effective_roles 2.0.2 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e1f0c20e5d0b528fda1c4c550d4532a9e3f28b3117aa692bb8e25a6da5443a2f
-  data.tar.gz: 359fdf3f7ca51f81fe4e50f363cc0e89aeccd93ff536b579597dabc87c6647b2
+  metadata.gz: 2839a8a58a284f7b6f9f7b12a3d5a0eff69b9b60c1f99ef68d364acab5257355
+  data.tar.gz: 69856eb8d9e3296a26386d28560c36c238cbfc7d407168f2614f13f48fc9b9eb
 SHA512:
-  metadata.gz: 0fe0946beed78c8986bb94ee0c8335e9a94c9cbc588f3df059279c01cf1ec4326bdaae69917ccff2ac9c3c7e213721cdf494bbdadf8516356a4fdf04885f60c2
-  data.tar.gz: b922f99dbf1f7c1149c0195fc1785a98b50ee5e74c03cb3dd101209bf6d4eea31cd58a393097cacbccb6273dcd7a477730b5ac0acdb7eb8e9b5480f1be2b65de
+  metadata.gz: e7c8c3befff4c7f7c51290f39f8f14a70ce50cca7448be66869875bca53422d23b73ef5b558b58ebc046b66f398d356d2fa3125bc595b9ecad737eb16a06d41d
+  data.tar.gz: c504136f2a6593dd272ce0208d72f26fb77a491e846c91b24ed5806a60aa4ffbea942ecb09e19e463166bbe0835e21071b7ac9493aecda527a479dc26c68c054

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2019 Code and Effect Inc.
+Copyright 2021 Code and Effect Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -8,10 +8,6 @@ Includes a mixin for adding authentication for any model.
 
 SQL Finders for returning an ActiveRecord::Relation with all permitted records.
 
-Handy formtastic and simple_form helpers for assigning roles.
-
-Rails 3.2.x and Rails 4
-
 
 ## Getting Started
 
@@ -158,8 +154,8 @@ When using assignable roles, you must assign the acts_as_role_restricted resourc
 
 You can do this in one of three ways:
 
-1. Setting resource.current_user = current_user in your controller directly.
-2. Add `before_action :set_effective_roles_current_user` to your ApplicationController
+1. Setting resource.current_user = current_user in your controller update action directly.
+2. Add `before_action -> { @thing.current_user = current_user }` to your ApplicationController
 3. Using `Effective::CrudController` to do this automatically.
 
 This restriction is only applied when running within the rails server. Not on rails console or db:seeds.
@@ -319,5 +315,3 @@ This model implements the https://github.com/ryanb/cancan/wiki/Role-Based-Author
 4. Push to the branch (`git push origin my-new-feature`)
 5. Bonus points for test coverage
 6. Create new Pull Request
-
-

data/app/controllers/admin/roles_controller.rb

@@ -1,12 +1,17 @@
 module Admin
   class RolesController < ApplicationController
-    before_action :authenticate_user!
+    before_action(:authenticate_user!) if defined?(Devise)
+    before_action { EffectiveResources.authorize!(self, :admin, :effective_roles) }
 
-    layout (EffectiveRoles.layout.kind_of?(Hash) ? EffectiveRoles.layout[:admin_roles] : EffectiveRoles.layout)
+    include Effective::CrudController
+
+    if (config = EffectiveRoles.layout)
+      layout(config.kind_of?(Hash) ? config[:admin] : config)
+    end
 
     def index
       @page_title = 'Roles'
-      EffectiveRoles.authorize!(self, :admin, :effective_roles)
     end
+
   end
 end

data/app/helpers/effective_roles_helper.rb

@@ -101,4 +101,108 @@ module EffectiveRolesHelper
     klass.respond_to?(:name) ? klass.name : klass.to_s
   end
 
+  # This is used by the effective_roles_summary_table helper method
+  def effective_roles_authorization_level(controller, role, resource)
+    authorization_method = EffectiveResources.authorization_method
+
+    raise('expected an authorization method') unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
+    return :unknown unless (controller.current_user rescue nil).respond_to?(:roles=)
+
+    # Store the current ability (cancan support) and roles
+    current_ability = controller.instance_variable_get(:@current_ability)
+    current_user = controller.instance_variable_get(:@current_user)
+    current_user_roles = controller.current_user.roles
+
+    # Set up the user, so the check is done with the desired permission level
+    controller.instance_variable_set(:@current_ability, nil)
+
+    level = nil
+
+    case role
+    when :signed_in
+      controller.current_user.roles = []
+    when :public
+      controller.instance_variable_set(:@current_user, nil)
+
+      if defined?(EffectiveLogging)
+        EffectiveLogging.supressed { (controller.request.env['warden'].set_user(false) rescue nil) }
+      else
+        (controller.request.env['warden'].set_user(false) rescue nil)
+      end
+    else
+      controller.current_user.roles = [role]
+    end
+
+    # Find the actual authorization level
+    level = effective_roles_item_authorization_level(controller, role, resource, authorization_method)
+
+    # Restore the existing current_user stuff
+    if role == :public
+      ActiveRecord::Base.transaction do
+        if defined?(EffectiveLogging)
+          EffectiveLogging.supressed { (controller.request.env['warden'].set_user(current_user) rescue nil) }
+        else
+          (controller.request.env['warden'].set_user(current_user) rescue nil)
+        end
+
+        raise ActiveRecord::Rollback
+      end
+    end
+
+    controller.instance_variable_set(:@current_ability, current_ability)
+    controller.instance_variable_set(:@current_user, current_user)
+    controller.current_user.roles = current_user_roles
+
+    level
+  end
+
+  def effective_roles_item_authorization_level(controller, role, resource, auth_method)
+    resource = (resource.new() rescue resource) if resource.kind_of?(ActiveRecord::Base)
+
+    # Custom actions
+    if resource.kind_of?(Hash)
+      resource.each do |key, value|
+        return (controller.instance_exec(controller, key, value, &auth_method) rescue false) ? :yes : :no
+      end
+    end
+
+    # Check for Manage
+    return :manage if (
+      (controller.instance_exec(controller, :create, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :update, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :show, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
+    )
+
+    # Check for Update
+    return :update if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+
+    # Check for Update Own
+    if resource.respond_to?('user=')
+      resource.user = controller.current_user
+      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+      resource.user = nil
+    elsif resource.respond_to?('user_id=')
+      resource.user_id = controller.current_user.id
+      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+      resource.user_id = nil
+    elsif resource.class.name.end_with?('User')
+      return :update_own if (controller.instance_exec(controller, :update, controller.current_user, &auth_method) rescue false)
+    end
+
+    # Check for Create
+    return :create if (controller.instance_exec(controller, :create, resource, &auth_method) rescue false)
+
+    # Check for Show
+    return :show if (controller.instance_exec(controller, :show, resource, &auth_method) rescue false)
+
+    # Check for Index
+    return :index if (controller.instance_exec(controller, :index, resource, &auth_method) rescue false)
+
+    # Check for Destroy
+    return :destroy if (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
+
+    :none
+  end
+
 end

data/app/models/concerns/acts_as_role_restricted.rb

@@ -14,7 +14,7 @@
 module ActsAsRoleRestricted
   extend ActiveSupport::Concern
 
-  module ActiveRecord
+  module Base
     def acts_as_role_restricted(multiple: false)
       @acts_as_role_restricted_opts = { multiple: multiple }
       include ::ActsAsRoleRestricted
@@ -30,16 +30,10 @@ module ActsAsRoleRestricted
     validates :roles_mask, numericality: true, allow_nil: true
 
     validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
-      user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
-
-      if user.blank? && defined?(Rails::Server)
-        self.errors.add(:roles, 'current_user must be present when assigning roles')
-      end
-
       roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
       changed = (roles + roles_was) - (roles & roles_was)  # XOR
 
-      assignable = EffectiveRoles.assignable_roles_collection(self, user) # Returns all roles when user is blank
+      assignable = EffectiveRoles.assignable_roles_collection(self, current_user) # Returns all roles when user is blank
       unauthorized = changed - assignable
 
       authorized = roles.dup
@@ -49,6 +43,10 @@ module ActsAsRoleRestricted
         Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
       end
 
+      if unauthorized.present? && current_user.blank? && defined?(Rails::Server)
+        self.errors.add(:roles, 'current_user must be present when assigning roles')
+      end
+
       self.roles_mask = EffectiveRoles.roles_mask_for(authorized)
     end
 
@@ -131,4 +129,3 @@ module ActsAsRoleRestricted
   end
 
 end
-

data/app/views/effective/roles/_summary_table.html.haml

@@ -13,4 +13,5 @@
         %td= effective_roles_authorization_label(klass)
         - roles.each do |role|
           %td.text-center
-            = effective_roles_authorization_badge(EffectiveRoles.authorization_level(controller, role, klass))
+            - level = effective_roles_authorization_level(controller, role, klass)
+            = effective_roles_authorization_badge(level)

data/config/effective_roles.rb

@@ -62,38 +62,13 @@ EffectiveRoles.setup do |config|
   # config.assignable_roles = {
   #   :superadmin => [:superadmin, :admin, :member], # Superadmins may assign any resource any role
   #   :admin => [:admin, :member],                   # Admins may only assign the :admin or :member role
-  #   :member => []                                  # Members may not assign any roles
+  #   :member => [],                                 # Members may not assign any roles
+  #   :new_record => [:member]                       # Member may be assigned to a new_record without a current_user
   # }
 
   # Authorization Method
-  #
-  # This doesn't have anything to do with the roles themselves.
-  # It's only used in two places:
-  # - For the effective_roles_summary_table() helper method
-  # - The /admin/roles page check
-  #
-  # It should match the authorization check used by your application
-  #
-  # This method is called by all controller actions with the appropriate action and resource
-  # If the method returns false, an Effective::AccessDenied Error will be raised (see README.md for complete info)
-  #
-  # Use via Proc (and with CanCan):
-  # config.authorization_method = Proc.new { |controller, action, resource| can?(action, resource) }
-  #
-  # Use via custom method:
-  # config.authorization_method = :my_authorization_method
-  #
-  # And then in your application_controller.rb:
-  #
-  # def my_authorization_method(action, resource)
-  #   current_user.is?(:admin)
-  # end
-  #
-  # Or disable the check completely:
-  # config.authorization_method = false
-  config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
+  # This gem serves an /admin/roles endpoint that calls EffectiveResources.authorize!
 
   # Layout Settings
-  # Configure the Layout per controller, or all at once
-  config.layout = 'application'
+  # config.layout = 'admin'
 end

data/lib/effective_roles.rb

@@ -1,59 +1,30 @@
+require 'effective_resources'
 require 'effective_roles/engine'
 require 'effective_roles/version'
 
 module EffectiveRoles
-  mattr_accessor :roles
-  mattr_accessor :role_descriptions
-  mattr_accessor :assignable_roles
 
-  mattr_accessor :layout
-  mattr_accessor :authorization_method
-
-  def self.setup
-    yield self
+  def self.config_keys
+    [:roles, :role_descriptions, :assignable_roles, :layout]
   end
 
+  include EffectiveGem
+
   def self.permitted_params
     { roles: [] }
   end
 
-  def self.authorized?(controller, action, resource)
-    @_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
-
-    return !!authorization_method unless authorization_method.respond_to?(:call)
-    controller = controller.controller if controller.respond_to?(:controller)
-
-    begin
-      !!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
-    rescue *@_exceptions
-      false
-    end
-  end
-
-  def self.authorize!(controller, action, resource)
-    raise Effective::AccessDenied unless authorized?(controller, action, resource)
-  end
-
-  # This is set by the "set_effective_roles_current_user" before_filter.
-  def self.current_user=(user)
-    @effective_roles_current_user = user
-  end
-
-  def self.current_user
-    @effective_roles_current_user
-  end
-
   # This method converts whatever is given into its roles
   # Pass an object, Integer, or Symbol to find corresponding role
   def self.roles_for(obj)
     if obj.respond_to?(:is_role_restricted?)
      obj.roles
     elsif obj.kind_of?(Integer)
-      roles.reject { |r| (obj & 2**roles.index(r)).zero? }
+      roles.reject { |r| (obj & 2 ** config.roles.index(r)).zero? }
     elsif obj.kind_of?(Symbol)
-      [roles.find { |role| role == obj }].compact
+      Array(roles.find { |role| role == obj })
     elsif obj.kind_of?(String)
-      [roles.find { |role| role == obj.to_sym }].compact
+      Array(roles.find { |role| role == obj.to_sym })
     elsif obj.kind_of?(Array)
       obj.map { |obj| roles_for(obj) }.flatten.compact
     elsif obj.nil?
@@ -65,7 +36,7 @@ module EffectiveRoles
 
   # EffectiveRoles.roles_mask_for(:admin, :member)
   def self.roles_mask_for(*roles)
-    roles_for(roles).map { |r| 2**EffectiveRoles.roles.index(r) }.sum
+    roles_for(roles).map { |r| 2 ** config.roles.index(r) }.sum
   end
 
   def self.roles_collection(resource, current_user = nil, only: nil, except: nil, multiple: nil)
@@ -94,38 +65,53 @@ module EffectiveRoles
   def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
     return roles unless assignable_roles_present?(resource)
 
-    current_user ||= (EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging)))
-
     if current_user && !current_user.respond_to?(:is_role_restricted?)
-      raise('expected current_user to respond to is_role_restricted?') 
+      raise('expected current_user to respond to is_role_restricted?')
     end
 
-    assignable = if assignable_roles.kind_of?(Array)
-      assignable_roles
-    elsif current_user.present?
-      current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
-      current_user.roles.map { |role| current_roles[role] }.flatten.compact.uniq
-    else
-      current_roles = assignable_roles[resource.class.to_s] || assignable_roles || {}
-      current_roles.values.flatten.uniq
+    if !resource.respond_to?(:is_role_restricted?)
+      raise('expected current_user to respond to is_role_restricted?')
     end
 
+    assigned_roles = if assignable_roles.kind_of?(Hash)
+      assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
+      assigned = [] # our return value
+
+      if current_user.blank?
+        assigned = assignable.values.flatten
+      end
+
+      if current_user.present?
+        assigned = current_user.roles.map { |role| assignable[role] }.flatten.compact
+      end
+
+      if assignable[:new_record] && resource.new_record?
+        assigned += Array(assignable[:new_record])
+      end
+
+      if assignable[:persisted] && resource.persisted?
+        assigned += Array(assignable[:persisted])
+      end
+
+      assigned
+    elsif assignable_roles.kind_of?(Array)
+      assignable_roles
+    end.uniq
+
     # Check boxes
     multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
-    return assignable if multiple
+    return assigned_roles if multiple
 
     # Radios
-    (resource.roles - assignable).present? ? [] : assignable
+    (resource.roles - assigned_roles).present? ? [] : assigned_roles
   end
 
   def self.assignable_roles_present?(resource)
-    return false if assignable_roles.nil?
+    return false unless assignable_roles.present?
 
-    raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
+    raise 'EffectiveRoles config.assignable_roles_for must be a Hash or Array' unless [Hash, Array].include?(assignable_roles.class)
     raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
 
-    return assignable_roles.present? if assignable_roles.kind_of?(Array)
-
     if assignable_roles.kind_of?(Array)
       assignable_roles
     elsif assignable_roles.key?(resource.class.to_s)
@@ -135,113 +121,14 @@ module EffectiveRoles
     end.present?
   end
 
-  # This is used by the effective_roles_summary_table helper method
-  def self.authorization_level(controller, role, resource)
-    return :unknown unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
-    return :unknown unless (controller.current_user rescue nil).respond_to?(:roles=)
-
-    # Store the current ability (cancan support) and roles
-    current_ability = controller.instance_variable_get(:@current_ability)
-    current_user = controller.instance_variable_get(:@current_user)
-    current_user_roles = controller.current_user.roles
-
-    # Set up the user, so the check is done with the desired permission level
-    controller.instance_variable_set(:@current_ability, nil)
-
-    level = nil
-
-    case role
-    when :signed_in
-      controller.current_user.roles = []
-    when :public
-      controller.instance_variable_set(:@current_user, nil)
-
-      if defined?(EffectiveLogging)
-        EffectiveLogging.supressed { (controller.request.env['warden'].set_user(false) rescue nil) }
-      else
-        (controller.request.env['warden'].set_user(false) rescue nil)
-      end
-    else
-      controller.current_user.roles = [role]
-    end
-
-    # Find the actual authorization level
-    level = _authorization_level(controller, role, resource, authorization_method)
-
-    # Restore the existing current_user stuff
-    if role == :public
-      ActiveRecord::Base.transaction do
-        if defined?(EffectiveLogging)
-          EffectiveLogging.supressed { (controller.request.env['warden'].set_user(current_user) rescue nil) }
-        else
-          (controller.request.env['warden'].set_user(current_user) rescue nil)
-        end
-
-        raise ActiveRecord::Rollback
-      end
-    end
-
-    controller.instance_variable_set(:@current_ability, current_ability)
-    controller.instance_variable_set(:@current_user, current_user)
-    controller.current_user.roles = current_user_roles
-
-    level
-  end
-
   private
 
   def self.role_description(role, obj = nil)
     raise 'EffectiveRoles config.role_descriptions must be a Hash' unless role_descriptions.kind_of?(Hash)
-    (role_descriptions[obj.try(:class).to_s] || {})[role] || role_descriptions[role] || ''
-  end
-
-  def self._authorization_level(controller, role, resource, auth_method)
-    resource = (resource.new() rescue resource) if resource.kind_of?(ActiveRecord::Base)
-
-    # Custom actions
-    if resource.kind_of?(Hash)
-      resource.each do |key, value|
-        return (controller.instance_exec(controller, key, value, &auth_method) rescue false) ? :yes : :no
-      end
-    end
-
-    # Check for Manage
-    return :manage if (
-      (controller.instance_exec(controller, :create, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :update, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :show, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
-    )
-
-    # Check for Update
-    return :update if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-
-    # Check for Update Own
-    if resource.respond_to?('user=')
-      resource.user = controller.current_user
-      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-      resource.user = nil
-    elsif resource.respond_to?('user_id=')
-      resource.user_id = controller.current_user.id
-      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-      resource.user_id = nil
-    elsif resource.kind_of?(User)
-      return :update_own if (controller.instance_exec(controller, :update, controller.current_user, &auth_method) rescue false)
-    end
-
-    # Check for Create
-    return :create if (controller.instance_exec(controller, :create, resource, &auth_method) rescue false)
-
-    # Check for Show
-    return :show if (controller.instance_exec(controller, :show, resource, &auth_method) rescue false)
-
-    # Check for Index
-    return :index if (controller.instance_exec(controller, :index, resource, &auth_method) rescue false)
-
-    # Check for Destroy
-    return :destroy if (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
 
-    :none
+    description = role_descriptions.dig(obj.class.to_s, role) if obj.present?
+    description ||= role_descriptions[role]
+    description || ''
   end
 
 end

data/lib/effective_roles/engine.rb

@@ -2,27 +2,15 @@ module EffectiveRoles
   class Engine < ::Rails::Engine
     engine_name 'effective_roles'
 
-    config.autoload_paths += Dir["#{config.root}/app/models/concerns", "#{config.root}/lib/"]
-
     # Include acts_as_addressable concern and allow any ActiveRecord object to call it
     initializer 'effective_roles.active_record' do |app|
       ActiveSupport.on_load :active_record do
-        ActiveRecord::Base.extend(ActsAsRoleRestricted::ActiveRecord)
-      end
-    end
-
-    # Register the log_page_views concern so that it can be called in ActionController or elsewhere
-    initializer 'effective_logging.log_changes_action_controller' do |app|
-      Rails.application.config.to_prepare do
-        ActiveSupport.on_load :action_controller do
-          require 'effective_roles/set_current_user'
-          ActionController::Base.include(EffectiveRoles::SetCurrentUser::ActionController)
-        end
+        ActiveRecord::Base.extend(ActsAsRoleRestricted::Base)
       end
     end
 
     # Set up our default configuration options.
-    initializer "effective_roles.defaults", :before => :load_config_initializers do |app|
+    initializer "effective_roles.defaults", before: :load_config_initializers do |app|
       eval File.read("#{config.root}/config/effective_roles.rb")
     end
 

data/lib/effective_roles/version.rb

@@ -1,3 +1,3 @@
 module EffectiveRoles
-  VERSION = '2.0.2'.freeze
+  VERSION = '2.1.1'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_roles
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.1.1
 platform: ruby
 authors:
 - Code and Effect
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-03 00:00:00.000000000 Z
+date: 2021-02-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+- !ruby/object:Gem::Dependency
+  name: effective_resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Assign multiple roles to any User or other ActiveRecord object. Select
   only the appropriate objects based on intelligent, chainable ActiveRecord::Relation
   finder methods.
@@ -38,7 +52,6 @@ files:
 - app/controllers/admin/roles_controller.rb
 - app/helpers/effective_roles_helper.rb
 - app/models/concerns/acts_as_role_restricted.rb
-- app/models/effective/access_denied.rb
 - app/views/admin/roles/index.html.haml
 - app/views/effective/roles/_summary.html.haml
 - app/views/effective/roles/_summary_table.html.haml
@@ -46,14 +59,13 @@ files:
 - config/routes.rb
 - lib/effective_roles.rb
 - lib/effective_roles/engine.rb
-- lib/effective_roles/set_current_user.rb
 - lib/effective_roles/version.rb
 - lib/generators/effective_roles/install_generator.rb
 homepage: https://github.com/code-and-effect/effective_roles
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -68,8 +80,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
 summary: Assign multiple roles to any User or other ActiveRecord object. Select only
   the appropriate objects based on intelligent, chainable ActiveRecord::Relation finder

data/app/models/effective/access_denied.rb

@@ -1,17 +0,0 @@
-unless defined?(Effective::AccessDenied)
-  module Effective
-    class AccessDenied < StandardError
-      attr_reader :action, :subject
-
-      def initialize(message = nil, action = nil, subject = nil)
-        @message = message
-        @action = action
-        @subject = subject
-      end
-
-      def to_s
-        @message || I18n.t(:'unauthorized.default', :default => 'Access Denied')
-      end
-    end
-  end
-end

data/lib/effective_roles/set_current_user.rb

@@ -1,15 +0,0 @@
-module EffectiveRoles
-  module SetCurrentUser
-    module ActionController
-
-      # Add me to your ApplicationController
-      # before_action :set_effective_roles_current_user
-
-      def set_effective_roles_current_user
-        EffectiveRoles.current_user = current_user
-      end
-
-    end
-  end
-end
-