glib-web 0.11.10 → 0.11.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/glib/auth/policy.rb +15 -9
- data/app/controllers/concerns/glib/json/ui.rb +7 -1
- data/app/helpers/glib/json_ui/action_builder/dialogs.rb +1 -0
- data/app/helpers/glib/json_ui/view_builder/fields.rb +2 -0
- data/app/policies/glib/application_policy.rb +2 -25
- data/app/views/json_ui/garage/actions/_dialogs.json.jbuilder +1 -27
- data/app/views/json_ui/garage/actions/_dialogs_show.json.jbuilder +28 -0
- data/app/views/json_ui/garage/forms/basic.json.jbuilder +6 -1
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c601a7500143869b7353159bd2e884fe76226ca424a5f5453a3a4b366a041461
|
4
|
+
data.tar.gz: 32abfcfa586909fd761cb1cd744b665b5df44215f24c28d50a870c0f74fd6725
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7214acff9c321a08ebed504a4d78874a60609c5d71b4435d997e58987247c2da3c74aef1464da1d5ed9d24c27f2f0491d23f2a35cb1b07284b7606139e7363a1
|
7
|
+
data.tar.gz: 44cdb69292131f9575731a2a3f7c4c6b3eab7fb390f2e26a82f6768c06ac05485fa996cc437ec7bf4552a701ed585a0fde0f487720c893e6c647e98be45ecad9
|
@@ -5,7 +5,7 @@ module Glib::Auth
|
|
5
5
|
extend ActiveSupport::Concern
|
6
6
|
|
7
7
|
included do
|
8
|
-
include Pundit
|
8
|
+
include Pundit::Authorization
|
9
9
|
include Overrides
|
10
10
|
extend ClassMethods
|
11
11
|
|
@@ -20,11 +20,14 @@ module Glib::Auth
|
|
20
20
|
module Overrides
|
21
21
|
|
22
22
|
public # Override
|
23
|
-
def policy(record, policy_name = nil,
|
23
|
+
def policy(record, policy_name = nil, context = nil)
|
24
24
|
policy_name ||= record
|
25
25
|
|
26
26
|
@__pundit_policies ||= {}
|
27
|
-
|
27
|
+
if @__pundit_policies[policy_name]
|
28
|
+
@__pundit_policies[policy_name].context = context
|
29
|
+
return @__pundit_policies[policy_name]
|
30
|
+
end
|
28
31
|
|
29
32
|
if policy_name.is_a?(Symbol) && policy_name.to_s.ends_with?('_admin')
|
30
33
|
policy_class = CommonAdminPolicy
|
@@ -34,7 +37,10 @@ module Glib::Auth
|
|
34
37
|
|
35
38
|
raise "Policy not found for #{policy_name.is_a?(Symbol) || policy_name.is_a?(Class) ? policy_name : policy_name.class}" unless policy_class
|
36
39
|
|
37
|
-
|
40
|
+
policy_instance = policy_class.new(current_user, record, policy_name, self, request, params)
|
41
|
+
policy_instance.context = context
|
42
|
+
|
43
|
+
@__pundit_policies[policy_name] = policy_instance
|
38
44
|
end
|
39
45
|
|
40
46
|
# Expose protected method
|
@@ -51,13 +57,13 @@ module Glib::Auth
|
|
51
57
|
end
|
52
58
|
|
53
59
|
public
|
54
|
-
def can?(action, record,
|
55
|
-
policy(record, nil,
|
60
|
+
def can?(action, record, context = nil)
|
61
|
+
policy(record, nil, context).send("#{action}?")
|
56
62
|
end
|
57
63
|
|
58
64
|
public
|
59
|
-
def cannot?(action, record)
|
60
|
-
!policy(record).send("#{action}?")
|
65
|
+
def cannot?(action, record, context = nil)
|
66
|
+
!policy(record, nil, context).send("#{action}?")
|
61
67
|
end
|
62
68
|
|
63
69
|
# Inspired from https://github.com/ryanb/cancan/wiki/Non-RESTful-Controllers
|
@@ -84,7 +90,7 @@ module Glib::Auth
|
|
84
90
|
resource_instance = instance_variable_get("@#{resource_name}") || policy_name
|
85
91
|
|
86
92
|
query = "#{action_name}?"
|
87
|
-
policy_instance = policy(resource_instance, policy_name, options.
|
93
|
+
policy_instance = policy(resource_instance, policy_name, options.fetch(:context, nil))
|
88
94
|
raise_access_denied(resource_instance, policy_instance) unless policy_instance.public_send(query)
|
89
95
|
end
|
90
96
|
|
@@ -83,6 +83,12 @@ module Glib::Json::Ui
|
|
83
83
|
def __json_ui_vue(hash, options)
|
84
84
|
renderer_path = options[:renderer_path]
|
85
85
|
@__json_ui_orig_page = response.body
|
86
|
-
response.body = render_to_string(
|
86
|
+
response.body = render_to_string(
|
87
|
+
template: renderer_path,
|
88
|
+
layout: 'json_ui/renderer',
|
89
|
+
content_type: 'text/html',
|
90
|
+
formats: [:html],
|
91
|
+
locals: { page: hash, options: options }
|
92
|
+
)
|
87
93
|
end
|
88
94
|
end
|
@@ -2,11 +2,11 @@
|
|
2
2
|
# it's better to perform an explicit check (e.g. as a validation in the model or using a before_action).
|
3
3
|
module Glib
|
4
4
|
class ApplicationPolicy
|
5
|
+
attr_accessor :context
|
5
6
|
attr_reader :user, :record, :policy_name, :controller, :request, :params
|
6
|
-
class_attribute :should_exist_attributes, instance_writer: false, default: []
|
7
7
|
|
8
8
|
private
|
9
|
-
def initialize(user, record, policy_name, controller, request, params
|
9
|
+
def initialize(user, record, policy_name, controller, request, params)
|
10
10
|
@user = user
|
11
11
|
@record = record
|
12
12
|
@controller = controller
|
@@ -15,31 +15,11 @@ module Glib
|
|
15
15
|
# See Presenter::Model::inside_mock_controller()
|
16
16
|
@params = params
|
17
17
|
@policy_name = policy_name
|
18
|
-
|
19
|
-
if attributes.present? && controller.action_name != 'index'
|
20
|
-
self.class.module_eval { attr_accessor(*attributes.keys) }
|
21
|
-
attributes.each do |key, value|
|
22
|
-
send("#{key}=", value)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
if controller.user_signed_in?
|
27
|
-
should_exist_attributes.each do |attribute|
|
28
|
-
if try(attribute).blank? && !['index'].include?(controller.action_name)
|
29
|
-
raise "Attribute #{attribute} is blank, policy will not working properly"
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
33
18
|
end
|
34
19
|
|
35
20
|
class << self
|
36
21
|
attr_reader :catch_all
|
37
22
|
|
38
|
-
def inherited(base)
|
39
|
-
base.should_exist_attributes = should_exist_attributes.dup
|
40
|
-
super
|
41
|
-
end
|
42
|
-
|
43
23
|
# This is to define the authorization logic for an action (or a group of actions). It's different from controller's
|
44
24
|
# authorize().
|
45
25
|
private # Used by child
|
@@ -58,9 +38,6 @@ module Glib
|
|
58
38
|
end
|
59
39
|
end
|
60
40
|
|
61
|
-
def should_exist(*attributes)
|
62
|
-
should_exist_attributes.push(*attributes)
|
63
|
-
end
|
64
41
|
end
|
65
42
|
|
66
43
|
private
|
@@ -54,34 +54,8 @@ section.rows builder: ->(template) do
|
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
57
|
-
markdown = '## Emphasis' + "\n" +
|
58
|
-
'**This is bold text**' + "\n" +
|
59
|
-
"\n" +
|
60
|
-
'*This is italic text*' + "\n" +
|
61
|
-
"\n" +
|
62
|
-
'~~Strikethrough~~' + "\n"
|
63
57
|
template.thumbnail title: 'dialogs/show', onClick: ->(action) do
|
64
|
-
|
65
|
-
dialog.body padding: glib_json_padding_body, childViews: ->(body) do
|
66
|
-
body.markdown text: markdown
|
67
|
-
|
68
|
-
body.panels_split width: 'matchParent', content: ->(split) do
|
69
|
-
split.left childViews: ->(left) do
|
70
|
-
left.panels_horizontal height: 'matchParent', align: 'middle', childViews: ->(horizontal) do
|
71
|
-
horizontal.label text: 'Open current', onClick: ->(subaction) do
|
72
|
-
subaction.dialogs_reload url: json_ui_garage_url(path: 'forms/basic', mode: 'dialog')
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
split.right childViews: ->(right) do
|
78
|
-
right.button text: 'Open New', onClick: ->(subaction) do
|
79
|
-
subaction.dialogs_open url: json_ui_garage_url(path: 'forms/basic', mode: 'dialog')
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
84
|
-
end
|
58
|
+
render 'json_ui/garage/actions/dialogs_show', json: json, action: action, dialog_mode: :show
|
85
59
|
end
|
86
60
|
|
87
61
|
template.thumbnail title: 'dialogs/open', onClick: ->(action) do
|
@@ -0,0 +1,28 @@
|
|
1
|
+
markdown = '## Emphasis' + "\n" +
|
2
|
+
'**This is bold text**' + "\n" +
|
3
|
+
"\n" +
|
4
|
+
'*This is italic text*' + "\n" +
|
5
|
+
"\n" +
|
6
|
+
'~~Strikethrough~~' + "\n"
|
7
|
+
|
8
|
+
action.send "dialogs_#{dialog_mode}", showClose: true, content: ->(dialog) do
|
9
|
+
dialog.body padding: glib_json_padding_body, childViews: ->(body) do
|
10
|
+
body.markdown text: markdown
|
11
|
+
|
12
|
+
body.panels_split width: 'matchParent', content: ->(split) do
|
13
|
+
split.left childViews: ->(left) do
|
14
|
+
left.panels_horizontal height: 'matchParent', align: 'middle', childViews: ->(horizontal) do
|
15
|
+
horizontal.label text: 'Open current', onClick: ->(subaction) do
|
16
|
+
subaction.dialogs_reload url: json_ui_garage_url(path: 'forms/basic', mode: 'dialog_reload')
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
split.right childViews: ->(right) do
|
22
|
+
right.button text: 'Open New', onClick: ->(subaction) do
|
23
|
+
subaction.dialogs_open url: json_ui_garage_url(path: 'forms/basic', mode: 'dialog')
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -10,8 +10,13 @@ page.form url: json_ui_garage_url(path: 'forms/basic_post'), method: 'post', pad
|
|
10
10
|
form.panels_split width: 'matchParent', content: ->(split) do
|
11
11
|
split.left childViews: ->(left) do
|
12
12
|
left.panels_horizontal height: 'matchParent', align: 'middle', childViews: ->(horizontal) do
|
13
|
-
|
13
|
+
case params[:mode]
|
14
|
+
when 'dialog'
|
14
15
|
horizontal.button styleClass: 'link', text: 'cancel', onClick: ->(action) { action.dialogs_close }
|
16
|
+
when 'dialog_reload'
|
17
|
+
horizontal.button styleClass: 'link', text: 'back', onClick: ->(action) do
|
18
|
+
render 'json_ui/garage/actions/dialogs_show', json: json, action: action, dialog_mode: :reload
|
19
|
+
end
|
15
20
|
end
|
16
21
|
end
|
17
22
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: glib-web
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.11.
|
4
|
+
version: 0.11.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- ''
|
@@ -129,6 +129,7 @@ files:
|
|
129
129
|
- app/views/json_ui/garage/_nav_menu.json.jbuilder
|
130
130
|
- app/views/json_ui/garage/actions/_commands.json.jbuilder
|
131
131
|
- app/views/json_ui/garage/actions/_dialogs.json.jbuilder
|
132
|
+
- app/views/json_ui/garage/actions/_dialogs_show.json.jbuilder
|
132
133
|
- app/views/json_ui/garage/actions/_http.json.jbuilder
|
133
134
|
- app/views/json_ui/garage/actions/_panels.json.jbuilder
|
134
135
|
- app/views/json_ui/garage/actions/_reload.json.jbuilder
|