four_eyes 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +24 -5
- data/lib/four_eyes/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 50fdcf432e727f3c0b6f2a78ce41868b5988aad4
|
|
4
|
+
data.tar.gz: 15663bb4f542714eadb56fa44c19e5b05bca28dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5053d22ef3d8fa86cd48b2ff9ba935598f1a649fa9a64f0bb398c2b4c9323dafdcf4152df52e9d6200f7575a111e262cdbeeac8b87097d94d1f58ff230522855
|
|
7
|
+
data.tar.gz: 7407011253cbf4f0f9d5b4161677ac46600682884941c25a45d265705fc148f4f4296ba0dd9f076911b0853dd6025621e0767c6ad57406c6af2349c83ff73fca
|
data/README.md
CHANGED
|
@@ -20,9 +20,9 @@ responsible for performing the validation check to see if the resource is indeed
|
|
|
20
20
|
the system state may change before authorization to a state that renders the action invalid. In such a scenario, the action
|
|
21
21
|
would need to be cancelled and created again.
|
|
22
22
|
|
|
23
|
-
A listing of all pending actions can be availed and depending on any authorization
|
|
23
|
+
A listing of all pending actions can be availed and depending on any authorization mechanism that you have implemented, a user can then access a pending
|
|
24
24
|
action and authorize it.
|
|
25
|
-
|
|
25
|
+
|
|
26
26
|
## Installation
|
|
27
27
|
|
|
28
28
|
Add this line to your application's Gemfile:
|
|
@@ -66,12 +66,12 @@ To add maker checker functionality, add the following before_filter to the contr
|
|
|
66
66
|
|
|
67
67
|
Once that is done, in the create, update or delete action you would call the following
|
|
68
68
|
|
|
69
|
-
maker_create([User resource
|
|
69
|
+
maker_create([User resource performing the action],
|
|
70
70
|
[ID of resource performing the action],
|
|
71
71
|
[Class name of the resource being worked on],
|
|
72
72
|
[Parameters of oject/resource in JSON format])
|
|
73
73
|
|
|
74
|
-
For
|
|
74
|
+
For example, in a system where the users are called Administrators, and the resource we are trying to create via
|
|
75
75
|
maker checker is a Student, the call to create a student via maker-checker would look like this.
|
|
76
76
|
|
|
77
77
|
|
|
@@ -96,7 +96,26 @@ To add maker checker functionality, add the following before_filter to the contr
|
|
|
96
96
|
student.to_json)
|
|
97
97
|
end
|
|
98
98
|
|
|
99
|
-
|
|
99
|
+
Minimal vies have been provided for viewing pending and authorized actions. You will probably want to override these
|
|
100
|
+
and style them accordingly to your application.
|
|
101
|
+
|
|
102
|
+
Please note four_ayes is agnostic for the type of authorization system you are using. Right now the only check that is performed is
|
|
103
|
+
ensuring that the maker of an action cannot be the same person to authorize an action. You can extend this to your own authorization
|
|
104
|
+
system. For example using CanCan you can have something like this for a certain role:
|
|
105
|
+
|
|
106
|
+
|
|
107
|
+
|
|
108
|
+
class AdminAbility
|
|
109
|
+
include CanCan::Ability
|
|
110
|
+
|
|
111
|
+
def initialize(admin)
|
|
112
|
+
admin ||= Administrator.new
|
|
113
|
+
if admin.role? :Manager
|
|
114
|
+
can :authorize, FourEyes::Action, object_resource_class_name: %w(Student Teacher)
|
|
115
|
+
can :cancel, FourEyes::Action
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
100
119
|
|
|
101
120
|
## TODO - Write spec tests.
|
|
102
121
|
|
data/lib/four_eyes/version.rb
CHANGED