effective_roles 2.1.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 72568face118a2d07b1fb427fe30aacbaf1fcc8d49b1b21c2c9b76c4772b7024
|
4
|
+
data.tar.gz: 9ecf2d813dea46623737893ba9bf28bdbf99b07ab8e2d6637a02f3d3c711e7db
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e61f574d94b7bae5a50d9cca54cd53f9f172fc015cdaf88631758e6cb15c87ce63f2390e712e36b7331596b957b995a236f98f5632fa1ceaaea1c23d81905a0f
|
7
|
+
data.tar.gz: 3a54e2cc622c8bd97fc1f2838132ba55509e1a5a37af91ab618792365570b38acf2c7912596055c98d5938230c142e52fb3878428b40bd059567d7575259576b
|
@@ -2,7 +2,7 @@ module EffectiveRolesHelper
|
|
2
2
|
def effective_roles_summary(obj, options = {}) # User or a Post, any acts_as_roleable
|
3
3
|
raise 'expected an acts_as_roleable object' unless obj.respond_to?(:roles)
|
4
4
|
|
5
|
-
descriptions = EffectiveRoles.
|
5
|
+
descriptions = EffectiveRoles.role_descriptions[obj.class.name] || EffectiveRoles.role_descriptions || {}
|
6
6
|
opts = { obj: obj, roles: obj.roles, descriptions: descriptions }.merge(options)
|
7
7
|
|
8
8
|
render partial: 'effective/roles/summary', locals: opts
|
@@ -17,7 +17,7 @@ module EffectiveRolesHelper
|
|
17
17
|
raise 'Expected argument to be a Hash' unless opts.kind_of?(Hash)
|
18
18
|
|
19
19
|
roles = Array(opts[:roles]).presence
|
20
|
-
roles ||= [:public, :signed_in] + EffectiveRoles.
|
20
|
+
roles ||= [:public, :signed_in] + EffectiveRoles.roles
|
21
21
|
|
22
22
|
if opts[:only].present?
|
23
23
|
klasses = Array(opts[:only])
|
@@ -103,7 +103,7 @@ module EffectiveRolesHelper
|
|
103
103
|
|
104
104
|
# This is used by the effective_roles_summary_table helper method
|
105
105
|
def effective_roles_authorization_level(controller, role, resource)
|
106
|
-
authorization_method =
|
106
|
+
authorization_method = EffectiveResources.authorization_method
|
107
107
|
|
108
108
|
raise('expected an authorization method') unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
|
109
109
|
return :unknown unless (controller.current_user rescue nil).respond_to?(:roles=)
|
@@ -29,7 +29,7 @@ module ActsAsRoleRestricted
|
|
29
29
|
|
30
30
|
validates :roles_mask, numericality: true, allow_nil: true
|
31
31
|
|
32
|
-
validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
|
32
|
+
validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) && current_user.present? }) do
|
33
33
|
roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
|
34
34
|
changed = (roles + roles_was) - (roles & roles_was) # XOR
|
35
35
|
|
@@ -53,6 +53,8 @@ module ActsAsRoleRestricted
|
|
53
53
|
end
|
54
54
|
|
55
55
|
module ClassMethods
|
56
|
+
def acts_as_role_restricted?; true; end
|
57
|
+
|
56
58
|
# Call with for_role(:admin) or for_role(@user.roles) or for_role([:admin, :member]) or for_role(:admin, :member, ...)
|
57
59
|
|
58
60
|
# Returns all records which have been assigned any of the the given roles
|
@@ -71,33 +73,58 @@ module ActsAsRoleRestricted
|
|
71
73
|
def with_role_sql(*roles)
|
72
74
|
roles = roles.flatten.compact
|
73
75
|
roles = roles.first.roles if roles.length == 1 && roles.first.respond_to?(:roles)
|
74
|
-
roles = (roles.map { |role| role.to_sym } & EffectiveRoles.
|
76
|
+
roles = (roles.map { |role| role.to_sym } & EffectiveRoles.roles)
|
75
77
|
|
76
|
-
roles.map { |role| "(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.
|
78
|
+
roles.map { |role| "(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.roles.index(role) }.join(' OR ')
|
77
79
|
end
|
78
80
|
|
79
81
|
def without_role(*roles)
|
80
82
|
roles = roles.flatten.compact
|
81
83
|
roles = roles.first.roles if roles.length == 1 && roles.first.respond_to?(:roles)
|
82
|
-
roles = (roles.map { |role| role.to_sym } & EffectiveRoles.
|
84
|
+
roles = (roles.map { |role| role.to_sym } & EffectiveRoles.roles)
|
83
85
|
|
84
86
|
where(
|
85
|
-
roles.map { |role| "NOT(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.
|
87
|
+
roles.map { |role| "NOT(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.roles.index(role) }.join(' AND ')
|
86
88
|
).or(where(roles_mask: nil))
|
87
89
|
end
|
88
90
|
end
|
89
91
|
|
92
|
+
def roles
|
93
|
+
EffectiveRoles.roles_for(roles_mask)
|
94
|
+
end
|
95
|
+
|
90
96
|
def roles=(roles)
|
91
97
|
self.roles_mask = EffectiveRoles.roles_mask_for(roles)
|
92
98
|
end
|
93
99
|
|
94
|
-
def
|
95
|
-
|
100
|
+
def add_role(role)
|
101
|
+
raise('expected role to be a symbol') unless role.kind_of?(Symbol)
|
102
|
+
raise('unknown role') unless EffectiveRoles.roles_mask_for(role) > 0
|
103
|
+
|
104
|
+
assign_attributes(roles: roles | [role])
|
105
|
+
end
|
106
|
+
|
107
|
+
def add_role!(role)
|
108
|
+
add_role(role); save!
|
109
|
+
end
|
110
|
+
|
111
|
+
def remove_role(role)
|
112
|
+
raise('expected role to be a symbol') unless role.kind_of?(Symbol)
|
113
|
+
raise('unknown role') unless EffectiveRoles.roles_mask_for(role) > 0
|
114
|
+
|
115
|
+
assign_attributes(roles: roles - [role])
|
116
|
+
end
|
117
|
+
|
118
|
+
def remove_role!(role)
|
119
|
+
remove_role(role); save!
|
96
120
|
end
|
97
121
|
|
98
122
|
# if user.is? :admin
|
99
123
|
def is?(role)
|
100
|
-
|
124
|
+
raise('expected role to be a symbol') unless role.kind_of?(Symbol)
|
125
|
+
raise('unknown role') unless EffectiveRoles.roles_mask_for(role) > 0
|
126
|
+
|
127
|
+
roles.include?(role)
|
101
128
|
end
|
102
129
|
|
103
130
|
# if user.is_any?(:admin, :editor)
|
data/lib/effective_roles.rb
CHANGED
@@ -3,25 +3,12 @@ require 'effective_roles/engine'
|
|
3
3
|
require 'effective_roles/version'
|
4
4
|
|
5
5
|
module EffectiveRoles
|
6
|
-
# mattr_accessor :roles
|
7
|
-
# mattr_accessor :role_descriptions
|
8
|
-
# mattr_accessor :assignable_roles
|
9
|
-
# mattr_accessor :layout
|
10
6
|
|
11
|
-
def self.
|
12
|
-
|
13
|
-
namespace ||= Tenant.current if defined?(Tenant)
|
14
|
-
|
15
|
-
if namespace
|
16
|
-
@config[namespace] ||= ActiveSupport::OrderedOptions.new
|
17
|
-
else
|
18
|
-
@config
|
19
|
-
end
|
7
|
+
def self.config_keys
|
8
|
+
[:roles, :role_descriptions, :assignable_roles, :layout]
|
20
9
|
end
|
21
10
|
|
22
|
-
|
23
|
-
yield(config(namespace))
|
24
|
-
end
|
11
|
+
include EffectiveGem
|
25
12
|
|
26
13
|
def self.permitted_params
|
27
14
|
{ roles: [] }
|
@@ -33,11 +20,11 @@ module EffectiveRoles
|
|
33
20
|
if obj.respond_to?(:is_role_restricted?)
|
34
21
|
obj.roles
|
35
22
|
elsif obj.kind_of?(Integer)
|
36
|
-
|
23
|
+
roles.reject { |r| (obj & 2 ** config.roles.index(r)).zero? }
|
37
24
|
elsif obj.kind_of?(Symbol)
|
38
|
-
Array(
|
25
|
+
Array(roles.find { |role| role == obj })
|
39
26
|
elsif obj.kind_of?(String)
|
40
|
-
Array(
|
27
|
+
Array(roles.find { |role| role == obj.to_sym })
|
41
28
|
elsif obj.kind_of?(Array)
|
42
29
|
obj.map { |obj| roles_for(obj) }.flatten.compact
|
43
30
|
elsif obj.nil?
|
@@ -52,8 +39,8 @@ module EffectiveRoles
|
|
52
39
|
roles_for(roles).map { |r| 2 ** config.roles.index(r) }.sum
|
53
40
|
end
|
54
41
|
|
55
|
-
def self.roles_collection(resource, current_user = nil, only: nil, except: nil, multiple: nil)
|
56
|
-
if
|
42
|
+
def self.roles_collection(resource, current_user = nil, only: nil, except: nil, multiple: nil, skip_disabled: nil)
|
43
|
+
if assignable_roles.present?
|
57
44
|
raise('expected object to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
|
58
45
|
raise('expected current_user to respond to is_role_restricted?') if current_user && !current_user.respond_to?(:is_role_restricted?)
|
59
46
|
end
|
@@ -62,21 +49,25 @@ module EffectiveRoles
|
|
62
49
|
except = Array(except).compact
|
63
50
|
multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
|
64
51
|
assignable = assignable_roles_collection(resource, current_user, multiple: multiple)
|
52
|
+
skip_disabled = assignable_roles.kind_of?(Hash) if skip_disabled.nil?
|
65
53
|
|
66
|
-
|
54
|
+
roles.map do |role|
|
67
55
|
next if only.present? && !only.include?(role)
|
68
56
|
next if except.present? && except.include?(role)
|
69
57
|
|
58
|
+
disabled = !assignable.include?(role)
|
59
|
+
next if disabled && skip_disabled
|
60
|
+
|
70
61
|
[
|
71
62
|
"#{role}<p class='help-block text-muted'>#{role_description(role, resource)}</p>".html_safe,
|
72
63
|
role,
|
73
|
-
({:disabled => :disabled}
|
64
|
+
({:disabled => :disabled} if disabled)
|
74
65
|
]
|
75
66
|
end.compact
|
76
67
|
end
|
77
68
|
|
78
69
|
def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
|
79
|
-
return
|
70
|
+
return roles unless assignable_roles_present?(resource)
|
80
71
|
|
81
72
|
if current_user && !current_user.respond_to?(:is_role_restricted?)
|
82
73
|
raise('expected current_user to respond to is_role_restricted?')
|
@@ -86,8 +77,8 @@ module EffectiveRoles
|
|
86
77
|
raise('expected current_user to respond to is_role_restricted?')
|
87
78
|
end
|
88
79
|
|
89
|
-
assigned_roles = if
|
90
|
-
assignable = (
|
80
|
+
assigned_roles = if assignable_roles.kind_of?(Hash)
|
81
|
+
assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
|
91
82
|
assigned = [] # our return value
|
92
83
|
|
93
84
|
if current_user.blank?
|
@@ -107,8 +98,8 @@ module EffectiveRoles
|
|
107
98
|
end
|
108
99
|
|
109
100
|
assigned
|
110
|
-
elsif
|
111
|
-
|
101
|
+
elsif assignable_roles.kind_of?(Array)
|
102
|
+
assignable_roles
|
112
103
|
end.uniq
|
113
104
|
|
114
105
|
# Check boxes
|
@@ -120,27 +111,27 @@ module EffectiveRoles
|
|
120
111
|
end
|
121
112
|
|
122
113
|
def self.assignable_roles_present?(resource)
|
123
|
-
return false unless
|
114
|
+
return false unless assignable_roles.present?
|
124
115
|
|
125
|
-
raise 'EffectiveRoles config.assignable_roles_for must be a Hash or Array' unless [Hash, Array].include?(
|
116
|
+
raise 'EffectiveRoles config.assignable_roles_for must be a Hash or Array' unless [Hash, Array].include?(assignable_roles.class)
|
126
117
|
raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
|
127
118
|
|
128
|
-
if
|
129
|
-
|
130
|
-
elsif
|
131
|
-
|
119
|
+
if assignable_roles.kind_of?(Array)
|
120
|
+
assignable_roles
|
121
|
+
elsif assignable_roles.key?(resource.class.to_s)
|
122
|
+
assignable_roles[resource.class.to_s]
|
132
123
|
else
|
133
|
-
|
124
|
+
assignable_roles
|
134
125
|
end.present?
|
135
126
|
end
|
136
127
|
|
137
128
|
private
|
138
129
|
|
139
130
|
def self.role_description(role, obj = nil)
|
140
|
-
raise 'EffectiveRoles config.role_descriptions must be a Hash' unless
|
131
|
+
raise 'EffectiveRoles config.role_descriptions must be a Hash' unless role_descriptions.kind_of?(Hash)
|
141
132
|
|
142
|
-
description =
|
143
|
-
description ||=
|
133
|
+
description = role_descriptions.dig(obj.class.to_s, role) if obj.present?
|
134
|
+
description ||= role_descriptions[role]
|
144
135
|
description || ''
|
145
136
|
end
|
146
137
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: effective_roles
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Code and Effect
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|