effective_roles 2.0.5 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '068af67420f4d68373480a8b0f738ae2cc01913b3ec327cff95a01c8dcec0f24'
-  data.tar.gz: b5cc82efb23a36fa31475bfd27bfe69a8d9d2f41813a3ad3397f131a69669814
+  metadata.gz: 7f392991013eeab38fcc7b6092c1014078fc2a356833bd5033b9a268987dc512
+  data.tar.gz: 38bb573be4e391b9cfd6141713bd89d29914e46148705588f1859642a5269bed
 SHA512:
-  metadata.gz: cb8776abf2ed21d03a6c83d51458581143cca3fa0fa2fba64342ec7c05f441fc396a257cf2b4f3d858ff3a5a3bc6479ff1a08af3f5612a6cae8363f6b3f1a8db
-  data.tar.gz: 3d60cf7e471cf5858ba94f60b959e91000a143551d7a15cbe4f4c2759e8aa7e57e7e381452cd45f9ad67b5bd1a42be8235aa5cc067cba339a8d6ea9c567fe198
+  metadata.gz: ef6d332b9c6d93d8e28b61e856c93ec20e8c731b2fd02678fd1dcd8e52c2bcd12e1f5b68c891d82a265054065fe5694cc2bd59baa72ddaf2bb4553af28a93739
+  data.tar.gz: e7f10cde194b45115445a09bd99d0da254c81dd611c97cb9f1c25e8cd33181941449aaa20eb45b5b24d4bea0af8397720cf1156865ef0bf217b1798bf103225a

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2019 Code and Effect Inc.
+Copyright 2021 Code and Effect Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -8,10 +8,6 @@ Includes a mixin for adding authentication for any model.
 
 SQL Finders for returning an ActiveRecord::Relation with all permitted records.
 
-Handy formtastic and simple_form helpers for assigning roles.
-
-Rails 3.2.x and Rails 4
-
 
 ## Getting Started
 
@@ -158,8 +154,8 @@ When using assignable roles, you must assign the acts_as_role_restricted resourc
 
 You can do this in one of three ways:
 
-1. Setting resource.current_user = current_user in your controller directly.
-2. Add `before_action :set_effective_roles_current_user` to your ApplicationController
+1. Setting resource.current_user = current_user in your controller update action directly.
+2. Add `before_action -> { @thing.current_user = current_user }` to your ApplicationController
 3. Using `Effective::CrudController` to do this automatically.
 
 This restriction is only applied when running within the rails server. Not on rails console or db:seeds.
@@ -319,5 +315,3 @@ This model implements the https://github.com/ryanb/cancan/wiki/Role-Based-Author
 4. Push to the branch (`git push origin my-new-feature`)
 5. Bonus points for test coverage
 6. Create new Pull Request
-
-

data/app/controllers/admin/roles_controller.rb

@@ -1,12 +1,17 @@
 module Admin
   class RolesController < ApplicationController
-    before_action :authenticate_user!
+    before_action(:authenticate_user!) if defined?(Devise)
+    before_action { EffectiveResources.authorize!(self, :admin, :effective_roles) }
 
-    layout (EffectiveRoles.layout.kind_of?(Hash) ? EffectiveRoles.layout[:admin_roles] : EffectiveRoles.layout)
+    include Effective::CrudController
+
+    if (config = EffectiveRoles.config.layout)
+      layout(config.kind_of?(Hash) ? config[:admin] : config)
+    end
 
     def index
       @page_title = 'Roles'
-      EffectiveRoles.authorize!(self, :admin, :effective_roles)
     end
+
   end
 end

data/app/helpers/effective_roles_helper.rb

@@ -2,7 +2,7 @@ module EffectiveRolesHelper
   def effective_roles_summary(obj, options = {}) # User or a Post, any acts_as_roleable
     raise 'expected an acts_as_roleable object' unless obj.respond_to?(:roles)
 
-    descriptions = EffectiveRoles.role_descriptions[obj.class.name] || EffectiveRoles.role_descriptions || {}
+    descriptions = EffectiveRoles.config.role_descriptions[obj.class.name] || EffectiveRoles.config.role_descriptions || {}
     opts = { obj: obj, roles: obj.roles, descriptions: descriptions }.merge(options)
 
     render partial: 'effective/roles/summary', locals: opts
@@ -17,7 +17,7 @@ module EffectiveRolesHelper
     raise 'Expected argument to be a Hash' unless opts.kind_of?(Hash)
 
     roles = Array(opts[:roles]).presence
-    roles ||= [:public, :signed_in] + EffectiveRoles.roles
+    roles ||= [:public, :signed_in] + EffectiveRoles.config.roles
 
     if opts[:only].present?
       klasses = Array(opts[:only])
@@ -101,4 +101,108 @@ module EffectiveRolesHelper
     klass.respond_to?(:name) ? klass.name : klass.to_s
   end
 
+  # This is used by the effective_roles_summary_table helper method
+  def effective_roles_authorization_level(controller, role, resource)
+    authorization_method = EffectiveRoles.config.authorization_method
+
+    raise('expected an authorization method') unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
+    return :unknown unless (controller.current_user rescue nil).respond_to?(:roles=)
+
+    # Store the current ability (cancan support) and roles
+    current_ability = controller.instance_variable_get(:@current_ability)
+    current_user = controller.instance_variable_get(:@current_user)
+    current_user_roles = controller.current_user.roles
+
+    # Set up the user, so the check is done with the desired permission level
+    controller.instance_variable_set(:@current_ability, nil)
+
+    level = nil
+
+    case role
+    when :signed_in
+      controller.current_user.roles = []
+    when :public
+      controller.instance_variable_set(:@current_user, nil)
+
+      if defined?(EffectiveLogging)
+        EffectiveLogging.supressed { (controller.request.env['warden'].set_user(false) rescue nil) }
+      else
+        (controller.request.env['warden'].set_user(false) rescue nil)
+      end
+    else
+      controller.current_user.roles = [role]
+    end
+
+    # Find the actual authorization level
+    level = effective_roles_item_authorization_level(controller, role, resource, authorization_method)
+
+    # Restore the existing current_user stuff
+    if role == :public
+      ActiveRecord::Base.transaction do
+        if defined?(EffectiveLogging)
+          EffectiveLogging.supressed { (controller.request.env['warden'].set_user(current_user) rescue nil) }
+        else
+          (controller.request.env['warden'].set_user(current_user) rescue nil)
+        end
+
+        raise ActiveRecord::Rollback
+      end
+    end
+
+    controller.instance_variable_set(:@current_ability, current_ability)
+    controller.instance_variable_set(:@current_user, current_user)
+    controller.current_user.roles = current_user_roles
+
+    level
+  end
+
+  def effective_roles_item_authorization_level(controller, role, resource, auth_method)
+    resource = (resource.new() rescue resource) if resource.kind_of?(ActiveRecord::Base)
+
+    # Custom actions
+    if resource.kind_of?(Hash)
+      resource.each do |key, value|
+        return (controller.instance_exec(controller, key, value, &auth_method) rescue false) ? :yes : :no
+      end
+    end
+
+    # Check for Manage
+    return :manage if (
+      (controller.instance_exec(controller, :create, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :update, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :show, resource, &auth_method) rescue false) &&
+      (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
+    )
+
+    # Check for Update
+    return :update if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+
+    # Check for Update Own
+    if resource.respond_to?('user=')
+      resource.user = controller.current_user
+      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+      resource.user = nil
+    elsif resource.respond_to?('user_id=')
+      resource.user_id = controller.current_user.id
+      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
+      resource.user_id = nil
+    elsif resource.class.name.end_with?('User')
+      return :update_own if (controller.instance_exec(controller, :update, controller.current_user, &auth_method) rescue false)
+    end
+
+    # Check for Create
+    return :create if (controller.instance_exec(controller, :create, resource, &auth_method) rescue false)
+
+    # Check for Show
+    return :show if (controller.instance_exec(controller, :show, resource, &auth_method) rescue false)
+
+    # Check for Index
+    return :index if (controller.instance_exec(controller, :index, resource, &auth_method) rescue false)
+
+    # Check for Destroy
+    return :destroy if (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
+
+    :none
+  end
+
 end

data/app/models/concerns/acts_as_role_restricted.rb

@@ -30,12 +30,10 @@ module ActsAsRoleRestricted
     validates :roles_mask, numericality: true, allow_nil: true
 
     validate(if: -> { changes.include?(:roles_mask) && EffectiveRoles.assignable_roles_present?(self) }) do
-      user = current_user || EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging))
-
       roles_was = EffectiveRoles.roles_for(changes[:roles_mask].first)
       changed = (roles + roles_was) - (roles & roles_was)  # XOR
 
-      assignable = EffectiveRoles.assignable_roles_collection(self, user) # Returns all roles when user is blank
+      assignable = EffectiveRoles.assignable_roles_collection(self, current_user) # Returns all roles when user is blank
       unauthorized = changed - assignable
 
       authorized = roles.dup
@@ -45,7 +43,7 @@ module ActsAsRoleRestricted
         Rails.logger.info "\e[31m unassignable roles: #{unauthorized.map { |role| ":#{role}" }.to_sentence}"
       end
 
-      if unauthorized.present? && user.blank? && defined?(Rails::Server)
+      if unauthorized.present? && current_user.blank? && defined?(Rails::Server)
         self.errors.add(:roles, 'current_user must be present when assigning roles')
       end
 
@@ -73,18 +71,18 @@ module ActsAsRoleRestricted
     def with_role_sql(*roles)
       roles = roles.flatten.compact
       roles = roles.first.roles if roles.length == 1 && roles.first.respond_to?(:roles)
-      roles = (roles.map { |role| role.to_sym } & EffectiveRoles.roles)
+      roles = (roles.map { |role| role.to_sym } & EffectiveRoles.config.roles)
 
-      roles.map { |role| "(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.roles.index(role) }.join(' OR ')
+      roles.map { |role| "(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.config.roles.index(role) }.join(' OR ')
     end
 
     def without_role(*roles)
       roles = roles.flatten.compact
       roles = roles.first.roles if roles.length == 1 && roles.first.respond_to?(:roles)
-      roles = (roles.map { |role| role.to_sym } & EffectiveRoles.roles)
+      roles = (roles.map { |role| role.to_sym } & EffectiveRoles.config.roles)
 
       where(
-        roles.map { |role| "NOT(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.roles.index(role) }.join(' AND ')
+        roles.map { |role| "NOT(#{self.table_name}.roles_mask & %d > 0)" % 2**EffectiveRoles.config.roles.index(role) }.join(' AND ')
       ).or(where(roles_mask: nil))
     end
   end
@@ -131,4 +129,3 @@ module ActsAsRoleRestricted
   end
 
 end
-

data/app/views/effective/roles/_summary_table.html.haml

@@ -13,4 +13,5 @@
         %td= effective_roles_authorization_label(klass)
         - roles.each do |role|
           %td.text-center
-            = effective_roles_authorization_badge(EffectiveRoles.authorization_level(controller, role, klass))
+            - level = effective_roles_authorization_level(controller, role, klass)
+            = effective_roles_authorization_badge(level)

data/config/effective_roles.rb

@@ -67,34 +67,8 @@ EffectiveRoles.setup do |config|
   # }
 
   # Authorization Method
-  #
-  # This doesn't have anything to do with the roles themselves.
-  # It's only used in two places:
-  # - For the effective_roles_summary_table() helper method
-  # - The /admin/roles page check
-  #
-  # It should match the authorization check used by your application
-  #
-  # This method is called by all controller actions with the appropriate action and resource
-  # If the method returns false, an Effective::AccessDenied Error will be raised (see README.md for complete info)
-  #
-  # Use via Proc (and with CanCan):
-  # config.authorization_method = Proc.new { |controller, action, resource| can?(action, resource) }
-  #
-  # Use via custom method:
-  # config.authorization_method = :my_authorization_method
-  #
-  # And then in your application_controller.rb:
-  #
-  # def my_authorization_method(action, resource)
-  #   current_user.is?(:admin)
-  # end
-  #
-  # Or disable the check completely:
-  # config.authorization_method = false
-  config.authorization_method = Proc.new { |controller, action, resource| authorize!(action, resource) } # CanCanCan
+  # This gem serves an /admin/roles endpoint that calls EffectiveResources.authorize!
 
   # Layout Settings
-  # Configure the Layout per controller, or all at once
-  config.layout = 'application'
+  # config.layout = 'admin'
 end

data/lib/effective_roles.rb

@@ -1,46 +1,30 @@
+require 'effective_resources'
 require 'effective_roles/engine'
 require 'effective_roles/version'
 
 module EffectiveRoles
-  mattr_accessor :roles
-  mattr_accessor :role_descriptions
-  mattr_accessor :assignable_roles
+  # mattr_accessor :roles
+  # mattr_accessor :role_descriptions
+  # mattr_accessor :assignable_roles
+  # mattr_accessor :layout
 
-  mattr_accessor :layout
-  mattr_accessor :authorization_method
+  def self.config(namespace = nil)
+    @config ||= ActiveSupport::OrderedOptions.new
+    namespace ||= Tenant.current if defined?(Tenant)
 
-  def self.setup
-    yield self
-  end
-
-  def self.permitted_params
-    { roles: [] }
-  end
-
-  def self.authorized?(controller, action, resource)
-    @_exceptions ||= [Effective::AccessDenied, (CanCan::AccessDenied if defined?(CanCan)), (Pundit::NotAuthorizedError if defined?(Pundit))].compact
-
-    return !!authorization_method unless authorization_method.respond_to?(:call)
-    controller = controller.controller if controller.respond_to?(:controller)
-
-    begin
-      !!(controller || self).instance_exec((controller || self), action, resource, &authorization_method)
-    rescue *@_exceptions
-      false
+    if namespace
+      @config[namespace] ||= ActiveSupport::OrderedOptions.new
+    else
+      @config
     end
   end
 
-  def self.authorize!(controller, action, resource)
-    raise Effective::AccessDenied unless authorized?(controller, action, resource)
+  def self.setup(namespace = nil, &block)
+    yield(config(namespace))
   end
 
-  # This is set by the "set_effective_roles_current_user" before_filter.
-  def self.current_user=(user)
-    @effective_roles_current_user = user
-  end
-
-  def self.current_user
-    @effective_roles_current_user
+  def self.permitted_params
+    { roles: [] }
   end
 
   # This method converts whatever is given into its roles
@@ -49,11 +33,11 @@ module EffectiveRoles
     if obj.respond_to?(:is_role_restricted?)
      obj.roles
     elsif obj.kind_of?(Integer)
-      roles.reject { |r| (obj & 2**roles.index(r)).zero? }
+      config.roles.reject { |r| (obj & 2 ** config.roles.index(r)).zero? }
     elsif obj.kind_of?(Symbol)
-      [roles.find { |role| role == obj }].compact
+      Array(config.roles.find { |role| role == obj })
     elsif obj.kind_of?(String)
-      [roles.find { |role| role == obj.to_sym }].compact
+      Array(config.roles.find { |role| role == obj.to_sym })
     elsif obj.kind_of?(Array)
       obj.map { |obj| roles_for(obj) }.flatten.compact
     elsif obj.nil?
@@ -65,11 +49,11 @@ module EffectiveRoles
 
   # EffectiveRoles.roles_mask_for(:admin, :member)
   def self.roles_mask_for(*roles)
-    roles_for(roles).map { |r| 2**EffectiveRoles.roles.index(r) }.sum
+    roles_for(roles).map { |r| 2 ** config.roles.index(r) }.sum
   end
 
   def self.roles_collection(resource, current_user = nil, only: nil, except: nil, multiple: nil)
-    if assignable_roles.present?
+    if config.assignable_roles.present?
       raise('expected object to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
       raise('expected current_user to respond to is_role_restricted?') if current_user && !current_user.respond_to?(:is_role_restricted?)
     end
@@ -79,7 +63,7 @@ module EffectiveRoles
     multiple = resource.acts_as_role_restricted_options[:multiple] if multiple.nil?
     assignable = assignable_roles_collection(resource, current_user, multiple: multiple)
 
-    roles.map do |role|
+    config.roles.map do |role|
       next if only.present? && !only.include?(role)
       next if except.present? && except.include?(role)
 
@@ -92,20 +76,18 @@ module EffectiveRoles
   end
 
   def self.assignable_roles_collection(resource, current_user = nil, multiple: nil)
-    return roles unless assignable_roles_present?(resource)
-
-    current_user ||= (EffectiveRoles.current_user || (EffectiveLogging.current_user if defined?(EffectiveLogging)))
+    return config.roles unless assignable_roles_present?(resource)
 
     if current_user && !current_user.respond_to?(:is_role_restricted?)
-      raise('expected current_user to respond to is_role_restricted?') 
+      raise('expected current_user to respond to is_role_restricted?')
     end
 
     if !resource.respond_to?(:is_role_restricted?)
-      raise('expected current_user to respond to is_role_restricted?') 
+      raise('expected current_user to respond to is_role_restricted?')
     end
 
-    assigned_roles = if assignable_roles.kind_of?(Hash)
-      assignable = (assignable_roles[resource.class.to_s] || assignable_roles || {})
+    assigned_roles = if config.assignable_roles.kind_of?(Hash)
+      assignable = (config.assignable_roles[resource.class.to_s] || config.assignable_roles || {})
       assigned = [] # our return value
 
       if current_user.blank?
@@ -125,8 +107,8 @@ module EffectiveRoles
       end
 
       assigned
-    elsif assignable_roles.kind_of?(Array)
-      assignable_roles
+    elsif config.assignable_roles.kind_of?(Array)
+      config.assignable_roles
     end.uniq
 
     # Check boxes
@@ -138,129 +120,28 @@ module EffectiveRoles
   end
 
   def self.assignable_roles_present?(resource)
-    return false if assignable_roles.nil?
+    return false unless config.assignable_roles.present?
 
-    raise 'EffectiveRoles config.assignable_roles_for must be a Hash, Array or nil' unless [Hash, Array].include?(assignable_roles.class)
+    raise 'EffectiveRoles config.assignable_roles_for must be a Hash or Array' unless [Hash, Array].include?(config.assignable_roles.class)
     raise('expected resource to respond to is_role_restricted?') unless resource.respond_to?(:is_role_restricted?)
 
-    return assignable_roles.present? if assignable_roles.kind_of?(Array)
-
-    if assignable_roles.kind_of?(Array)
-      assignable_roles
-    elsif assignable_roles.key?(resource.class.to_s)
-      assignable_roles[resource.class.to_s]
+    if config.assignable_roles.kind_of?(Array)
+      config.assignable_roles
+    elsif config.assignable_roles.key?(resource.class.to_s)
+      config.assignable_roles[resource.class.to_s]
     else
-      assignable_roles
+      config.assignable_roles
     end.present?
   end
 
-  # This is used by the effective_roles_summary_table helper method
-  def self.authorization_level(controller, role, resource)
-    return :unknown unless (authorization_method.respond_to?(:call) || authorization_method.kind_of?(Symbol))
-    return :unknown unless (controller.current_user rescue nil).respond_to?(:roles=)
-
-    # Store the current ability (cancan support) and roles
-    current_ability = controller.instance_variable_get(:@current_ability)
-    current_user = controller.instance_variable_get(:@current_user)
-    current_user_roles = controller.current_user.roles
-
-    # Set up the user, so the check is done with the desired permission level
-    controller.instance_variable_set(:@current_ability, nil)
-
-    level = nil
-
-    case role
-    when :signed_in
-      controller.current_user.roles = []
-    when :public
-      controller.instance_variable_set(:@current_user, nil)
-
-      if defined?(EffectiveLogging)
-        EffectiveLogging.supressed { (controller.request.env['warden'].set_user(false) rescue nil) }
-      else
-        (controller.request.env['warden'].set_user(false) rescue nil)
-      end
-    else
-      controller.current_user.roles = [role]
-    end
-
-    # Find the actual authorization level
-    level = _authorization_level(controller, role, resource, authorization_method)
-
-    # Restore the existing current_user stuff
-    if role == :public
-      ActiveRecord::Base.transaction do
-        if defined?(EffectiveLogging)
-          EffectiveLogging.supressed { (controller.request.env['warden'].set_user(current_user) rescue nil) }
-        else
-          (controller.request.env['warden'].set_user(current_user) rescue nil)
-        end
-
-        raise ActiveRecord::Rollback
-      end
-    end
-
-    controller.instance_variable_set(:@current_ability, current_ability)
-    controller.instance_variable_set(:@current_user, current_user)
-    controller.current_user.roles = current_user_roles
-
-    level
-  end
-
   private
 
   def self.role_description(role, obj = nil)
-    raise 'EffectiveRoles config.role_descriptions must be a Hash' unless role_descriptions.kind_of?(Hash)
-    (role_descriptions[obj.try(:class).to_s] || {})[role] || role_descriptions[role] || ''
-  end
-
-  def self._authorization_level(controller, role, resource, auth_method)
-    resource = (resource.new() rescue resource) if resource.kind_of?(ActiveRecord::Base)
-
-    # Custom actions
-    if resource.kind_of?(Hash)
-      resource.each do |key, value|
-        return (controller.instance_exec(controller, key, value, &auth_method) rescue false) ? :yes : :no
-      end
-    end
-
-    # Check for Manage
-    return :manage if (
-      (controller.instance_exec(controller, :create, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :update, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :show, resource, &auth_method) rescue false) &&
-      (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
-    )
-
-    # Check for Update
-    return :update if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-
-    # Check for Update Own
-    if resource.respond_to?('user=')
-      resource.user = controller.current_user
-      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-      resource.user = nil
-    elsif resource.respond_to?('user_id=')
-      resource.user_id = controller.current_user.id
-      return :update_own if (controller.instance_exec(controller, :update, resource, &auth_method) rescue false)
-      resource.user_id = nil
-    elsif resource.kind_of?(User)
-      return :update_own if (controller.instance_exec(controller, :update, controller.current_user, &auth_method) rescue false)
-    end
-
-    # Check for Create
-    return :create if (controller.instance_exec(controller, :create, resource, &auth_method) rescue false)
-
-    # Check for Show
-    return :show if (controller.instance_exec(controller, :show, resource, &auth_method) rescue false)
-
-    # Check for Index
-    return :index if (controller.instance_exec(controller, :index, resource, &auth_method) rescue false)
-
-    # Check for Destroy
-    return :destroy if (controller.instance_exec(controller, :destroy, resource, &auth_method) rescue false)
+    raise 'EffectiveRoles config.role_descriptions must be a Hash' unless config.role_descriptions.kind_of?(Hash)
 
-    :none
+    description = config.role_descriptions.dig(obj.class.to_s, role) if obj.present?
+    description ||= config.role_descriptions[role]
+    description || ''
   end
 
 end

data/lib/effective_roles/engine.rb

@@ -1,5 +1,3 @@
-require 'effective_roles/set_current_user'
-
 module EffectiveRoles
   class Engine < ::Rails::Engine
     engine_name 'effective_roles'
@@ -11,18 +9,8 @@ module EffectiveRoles
       end
     end
 
-    # Register the log_page_views concern so that it can be called in ActionController or elsewhere
-    initializer 'effective_logging.log_changes_action_controller' do |app|
-      Rails.application.config.to_prepare do
-        ActiveSupport.on_load :action_controller do
-          require 'effective_roles/set_current_user'
-          ActionController::Base.include(EffectiveRoles::SetCurrentUser::ActionController)
-        end
-      end
-    end
-
     # Set up our default configuration options.
-    initializer "effective_roles.defaults", :before => :load_config_initializers do |app|
+    initializer "effective_roles.defaults", before: :load_config_initializers do |app|
       eval File.read("#{config.root}/config/effective_roles.rb")
     end
 

data/lib/effective_roles/version.rb

@@ -1,3 +1,3 @@
 module EffectiveRoles
-  VERSION = '2.0.5'.freeze
+  VERSION = '2.1.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_roles
 version: !ruby/object:Gem::Version
-  version: 2.0.5
+  version: 2.1.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-13 00:00:00.000000000 Z
+date: 2021-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+- !ruby/object:Gem::Dependency
+  name: effective_resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Assign multiple roles to any User or other ActiveRecord object. Select
   only the appropriate objects based on intelligent, chainable ActiveRecord::Relation
   finder methods.
@@ -38,7 +52,6 @@ files:
 - app/controllers/admin/roles_controller.rb
 - app/helpers/effective_roles_helper.rb
 - app/models/concerns/acts_as_role_restricted.rb
-- app/models/effective/access_denied.rb
 - app/views/admin/roles/index.html.haml
 - app/views/effective/roles/_summary.html.haml
 - app/views/effective/roles/_summary_table.html.haml
@@ -46,7 +59,6 @@ files:
 - config/routes.rb
 - lib/effective_roles.rb
 - lib/effective_roles/engine.rb
-- lib/effective_roles/set_current_user.rb
 - lib/effective_roles/version.rb
 - lib/generators/effective_roles/install_generator.rb
 homepage: https://github.com/code-and-effect/effective_roles

data/app/models/effective/access_denied.rb

@@ -1,17 +0,0 @@
-unless defined?(Effective::AccessDenied)
-  module Effective
-    class AccessDenied < StandardError
-      attr_reader :action, :subject
-
-      def initialize(message = nil, action = nil, subject = nil)
-        @message = message
-        @action = action
-        @subject = subject
-      end
-
-      def to_s
-        @message || I18n.t(:'unauthorized.default', :default => 'Access Denied')
-      end
-    end
-  end
-end

data/lib/effective_roles/set_current_user.rb

@@ -1,15 +0,0 @@
-module EffectiveRoles
-  module SetCurrentUser
-    module ActionController
-
-      # Add me to your ApplicationController
-      # before_action :set_effective_roles_current_user
-
-      def set_effective_roles_current_user
-        EffectiveRoles.current_user = current_user
-      end
-
-    end
-  end
-end
-