grant 2.0.1 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/grant.rb +3 -6
- data/lib/grant/error.rb +22 -0
- data/lib/grant/grantor.rb +2 -8
- data/lib/grant/version.rb +1 -1
- data/spec/error_spec.rb +33 -0
- data/spec/grantor_spec.rb +0 -18
- metadata +7 -4
data/lib/grant.rb
CHANGED
@@ -1,15 +1,12 @@
|
|
1
1
|
require 'active_record'
|
2
2
|
require 'grant/grantable'
|
3
|
+
require 'grant/error'
|
3
4
|
|
4
5
|
# TODO: Remove these two requires when backwards compatibility with grant 2.0.0
|
5
6
|
# is no longer necessary
|
6
7
|
require 'grant/integration'
|
7
8
|
require 'grant/model_security'
|
8
9
|
|
9
|
-
module Grant
|
10
|
-
class Error < StandardError; end
|
11
|
-
end
|
12
|
-
|
13
10
|
ActiveRecord::Base.send :include, Grant::Grantable
|
14
11
|
|
15
12
|
if defined?(ActionController) and defined?(ActionController::Base)
|
@@ -17,8 +14,8 @@ if defined?(ActionController) and defined?(ActionController::Base)
|
|
17
14
|
require 'grant/user'
|
18
15
|
|
19
16
|
ActionController::Base.class_eval do
|
20
|
-
before_filter do
|
21
|
-
Grant::User.current_user =
|
17
|
+
before_filter do |c|
|
18
|
+
Grant::User.current_user = c.send(:current_user) if c.respond_to?(:current_user)
|
22
19
|
end
|
23
20
|
end
|
24
21
|
|
data/lib/grant/error.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
module Grant
|
2
|
+
class Error < StandardError
|
3
|
+
attr_reader :user, :action, :model
|
4
|
+
|
5
|
+
def initialize(*args)
|
6
|
+
if args.size == 3
|
7
|
+
@user, @action, @model = args
|
8
|
+
else
|
9
|
+
@message = args[0]
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def to_s
|
14
|
+
if @message
|
15
|
+
@message
|
16
|
+
else
|
17
|
+
user_str = user == nil ? 'Anonymous' : "#{user.class.name}:#{user.id}"
|
18
|
+
"#{action} permission not granted to #{user_str} for resource #{model.class.name}:#{model.id}"
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
data/lib/grant/grantor.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'grant/status'
|
2
|
+
require 'grant/error'
|
2
3
|
|
3
4
|
module Grant
|
4
5
|
class Grantor
|
@@ -9,15 +10,8 @@ module Grant
|
|
9
10
|
def initialize(action)
|
10
11
|
self.class.send(:define_method, "#{action == :find ? 'after' : 'before'}_#{action}") do |model|
|
11
12
|
user = Grant::User.current_user
|
12
|
-
|
13
|
+
raise Grant::Error.new(user, action, model) unless grant_disabled? || (@callback != nil && @callback.call(user, model))
|
13
14
|
end
|
14
15
|
end
|
15
|
-
|
16
|
-
def error(user, action, model)
|
17
|
-
msg = ["#{action} permission",
|
18
|
-
"not granted to #{user.class.name}:#{user.id}",
|
19
|
-
"for resource #{model.class.name}:#{model.id}"]
|
20
|
-
raise Grant::Error.new(msg.join(' '))
|
21
|
-
end
|
22
16
|
end
|
23
17
|
end
|
data/lib/grant/version.rb
CHANGED
data/spec/error_spec.rb
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'grant/error'
|
2
|
+
|
3
|
+
describe Grant::Error do
|
4
|
+
|
5
|
+
it 'should make user, action, and model available as readers' do
|
6
|
+
user = OpenStruct.new(:id => 1)
|
7
|
+
model = OpenStruct.new(:id => 2)
|
8
|
+
action = :create
|
9
|
+
ex = Grant::Error.new(user, action, model)
|
10
|
+
|
11
|
+
ex.user.should == user
|
12
|
+
ex.action.should == action
|
13
|
+
ex.model.should == model
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'should produce a nicely formatted message' do
|
17
|
+
user = OpenStruct.new(:id => 3)
|
18
|
+
model = OpenStruct.new(:id => 4)
|
19
|
+
action = :create
|
20
|
+
ex = Grant::Error.new(user, action, model)
|
21
|
+
|
22
|
+
ex.message.should include("#{user.class.name}:#{user.id}")
|
23
|
+
ex.message.should include("#{model.class.name}:#{model.id}")
|
24
|
+
ex.message.should include(action.to_s)
|
25
|
+
end
|
26
|
+
|
27
|
+
it 'should make the a string passed to the constructor available as the error message' do
|
28
|
+
ex = Grant::Error.new('message')
|
29
|
+
ex.message.should == 'message'
|
30
|
+
ex.to_s.should == 'message'
|
31
|
+
end
|
32
|
+
|
33
|
+
end
|
data/spec/grantor_spec.rb
CHANGED
@@ -19,22 +19,4 @@ describe Grant::Grantor do
|
|
19
19
|
end
|
20
20
|
end
|
21
21
|
|
22
|
-
describe '#error' do
|
23
|
-
it 'should raise a nicely formatted error detailing the user and model objects' do
|
24
|
-
user = OpenStruct.new(:id => 1)
|
25
|
-
model = OpenStruct.new(:id => 2)
|
26
|
-
action = :create
|
27
|
-
|
28
|
-
begin
|
29
|
-
Grant::Grantor.new(:create).error(user, action, model)
|
30
|
-
rescue => ex
|
31
|
-
ex.message.should include("#{user.class.name}:#{user.id}")
|
32
|
-
ex.message.should include("#{model.class.name}:#{model.id}")
|
33
|
-
ex.message.should include(action.to_s)
|
34
|
-
else
|
35
|
-
fail "should have received an exception"
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
22
|
end
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grant
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 11
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 2
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 2.0.
|
9
|
+
- 2
|
10
|
+
version: 2.0.2
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Jeff Kunkle
|
@@ -16,7 +16,7 @@ autorequire:
|
|
16
16
|
bindir: bin
|
17
17
|
cert_chain: []
|
18
18
|
|
19
|
-
date: 2011-03-
|
19
|
+
date: 2011-03-22 00:00:00 -04:00
|
20
20
|
default_executable:
|
21
21
|
dependencies:
|
22
22
|
- !ruby/object:Gem::Dependency
|
@@ -87,6 +87,7 @@ files:
|
|
87
87
|
- init.rb
|
88
88
|
- lib/grant.rb
|
89
89
|
- lib/grant/config.rb
|
90
|
+
- lib/grant/error.rb
|
90
91
|
- lib/grant/grantable.rb
|
91
92
|
- lib/grant/grantor.rb
|
92
93
|
- lib/grant/integration.rb
|
@@ -96,6 +97,7 @@ files:
|
|
96
97
|
- lib/grant/user.rb
|
97
98
|
- lib/grant/version.rb
|
98
99
|
- spec/config_spec.rb
|
100
|
+
- spec/error_spec.rb
|
99
101
|
- spec/grantable_spec.rb
|
100
102
|
- spec/grantor_spec.rb
|
101
103
|
- spec/spec_helper.rb
|
@@ -139,6 +141,7 @@ specification_version: 3
|
|
139
141
|
summary: Conscious security constraints for your ActiveRecord model objects
|
140
142
|
test_files:
|
141
143
|
- spec/config_spec.rb
|
144
|
+
- spec/error_spec.rb
|
142
145
|
- spec/grantable_spec.rb
|
143
146
|
- spec/grantor_spec.rb
|
144
147
|
- spec/spec_helper.rb
|