exits 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +8 -8
  2. data/README.md +43 -34
  3. data/lib/exits/rules.rb +1 -0
  4. data/lib/exits/version.rb +1 -1
  5. data/test/test_controller.rb +7 -0
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- OGZkYTQzMDI5NzMwMTZmNzEyYTM1MjljMjNiZjJkN2VmZGNhMWU3Mg==
4
+ YzllMzlhZmZlMjNhNzhiNzRkN2NiMDIyMDFhZjI5YWM4OTRhZjk0Zg==
5
5
  data.tar.gz: !binary |-
6
- ZWFjYmU4ZjMwMzJhM2IzNzMyYzFiMzgxNTI1OGZkNjYyMGY5ZjVmNQ==
6
+ YmQ0YjNmMTAwODM3YjEwMDFmNTM1ZmFlZWEyZGJiMjlhMTcxNjZlZA==
7
7
  !binary "U0hBNTEy":
8
8
  metadata.gz: !binary |-
9
- MmVjODNmMTBhNDA1ZGEwYjQ2YjU3NmQ4ZDU1NWYxNjFkOThhMWJmM2YwNTQ3
10
- ZjhmZDc5OGI2ZmU2YjA2ZjVlOTA1MTY5ODliYTcwZDRiODg3ZjQyNDc2YmU1
11
- OWE3NjNlMzJmZGE3ODU1ODg4MGQ1MjMzYzJhMWM1MGNmNmNkZjU=
9
+ MWE2ODkyMGFjYjgxYTBmOTNjOTkxNmUzNzcxNTQ4ZDc2ZDkyMTkxY2M3MjAy
10
+ M2NlYWQwOTQ0OTBhYjIzZTFmODdkMzE3ZDgyMjg3M2M2NWFiNDRjYjJmMWNk
11
+ YjUwZDQ2ODQ3N2Q4ZDIxMTQ1OGY4MmVmNTU3OWQ0ODMyZGIyMmE=
12
12
  data.tar.gz: !binary |-
13
- ZTkzYWE3NDU3YWNjYzc3ZjhhMTdhNjc4ZTI4Njg4MTMxOThlMDdkOTg4ZmQw
14
- MWNmZDE5NmI3MjE3N2M1NzM5ODA0OWY3ODUwMGNmMDJhM2Y1ZTYzMDc5Njll
15
- MmY3MDg5NGRlMWE4MmNmZDZkN2RhYzMxODA0MzQ3YjUyNTJkMWE=
13
+ NmNkYjQ1NmVmZTEyMjQ5NzA3YjkxYmMzODE2MjA2NGFlZmEwNzU4ZTcwMTZj
14
+ YzUwYWRiNDNkODhhMzM5NTYwMzM1MTFhN2YwZTI3ZDhkOWM2NWFkYmU2MTEz
15
+ ODIyOWEyY2YxNDc5NDBiMGRhN2FkMjY4ZmViZWM4OWQ2NzQxYzA=
data/README.md CHANGED
@@ -11,28 +11,30 @@ Designed with an emphasis on readability, it also is designed to work with your
11
11
 
12
12
  Let's assume you have Admin & User and want to let admin have access to everything and restrict User to edit their own stuff.
13
13
 
14
- # controllers/application_controller.rb
15
- class ApplicationController < ActionController::Base
16
- before_action :restrict_routes!
17
- end
18
-
19
- # controllers/posts_controller.rb
20
- class PostsController < ActionController::Base
21
- allow Admin, :all
22
- allow User, :show, :new, :create, :edit
23
-
24
- def admin
25
- end
26
-
27
- def edit
28
- @post = Post.find params[:id].to_i
29
- allow! User do
30
- current_user.eql? @post.user
31
- end
32
- end
33
- end
34
-
35
- First of all, for Exits to work, you need to add `before_action :restrict_routes` to your ApplicationController.
14
+ ```ruby
15
+ # controllers/application_controller.rb
16
+ class ApplicationController < ActionController::Base
17
+ before_action :restrict_routes!
18
+ end
19
+
20
+ # controllers/posts_controller.rb
21
+ class PostsController < ActionController::Base
22
+ allow Admin, :all
23
+ allow User, :show, :new, :create, :edit
24
+
25
+ def admin
26
+ end
27
+
28
+ def edit
29
+ @post = Post.find params[:id].to_i
30
+ allow! User do
31
+ current_user.eql? @post.user
32
+ end
33
+ end
34
+ end
35
+ ```
36
+
37
+ First of all, for Exits to work, you need to add `before_action :restrict_routes!` to your ApplicationController.
36
38
 
37
39
  Exits takes a very strict approach to handling access. If you don't allow access to an action for a given user class, _it won't be authorized to access such action._
38
40
 
@@ -51,30 +53,37 @@ When a user is unauthorized the default behavior is to set a flash message and r
51
53
 
52
54
  You can override this behavior.
53
55
 
54
- # controllers/application_controller.rb
55
- class ApplicationController < ActionController::Base
56
- before_action :restrict_routes!
57
-
58
- def unauthorized (exception)
59
- # Handle unauthorized user here
60
- end
61
- end
62
-
56
+ ```ruby
57
+ # controllers/application_controller.rb
58
+ class ApplicationController < ActionController::Base
59
+ before_action :restrict_routes!
60
+
61
+ def unauthorized (exception)
62
+ # Handle unauthorized user here
63
+ end
64
+ end
65
+ ```
63
66
 
64
67
  ## Installation
65
68
 
66
69
  Add this line to your application's Gemfile:
67
70
 
68
- gem 'exits'
71
+ ```ruby
72
+ gem 'exits'
73
+ ```
69
74
 
70
75
  And then execute:
71
76
 
72
- $ bundle
77
+ ```bash
78
+ $ bundle
79
+ ```
73
80
 
74
81
  ## Test
75
82
  Exits comes with a test suite.
76
83
 
77
- $ rake test
84
+ ```bash
85
+ $ rake test
86
+ ```
78
87
 
79
88
  ## Contributing
80
89
 
data/lib/exits/rules.rb CHANGED
@@ -15,6 +15,7 @@ module Exits
15
15
  end
16
16
 
17
17
  def authorized?(controller_class, klass, action)
18
+ return true if klass.eql?(NilClass)
18
19
  controller = @controllers.fetch(controller_class, {})
19
20
  return false if controller.nil?
20
21
  controller.authorized? klass, action
data/lib/exits/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Exits
2
- VERSION = "0.0.3"
2
+ VERSION = "0.0.4"
3
3
  end
data/test/test_controller.rb CHANGED
@@ -43,6 +43,13 @@ describe Exits::ActionController::Helpers do
43
43
  end
44
44
  end
45
45
 
46
+ it 'should authorize if no user exists (Guest)' do
47
+ @controller.action_name = :index
48
+ @controller.current_user = nil
49
+
50
+ assert @controller.class.rules.authorized? @controller.class, @controller.current_user.class, @controller.action_name
51
+ end
52
+
46
53
  it 'should not authorize a user at the action level' do
47
54
  @controller.action_name = :edit
48
55
  @controller.current_user = User.new
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: exits
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pier-Olivier Thibault