guachiman-rails 1.1.0 → 2.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +20 -38
- data/guachiman-rails.gemspec +7 -5
- data/lib/generators/guachiman/install/templates/authorization.rb +5 -18
- data/lib/guachiman/rails/authorizable.rb +20 -22
- data/lib/guachiman/rails/version.rb +1 -1
- data/test/generators/install_generator_test.rb +2 -0
- metadata +25 -25
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f97d497beff52c0ddcd093f1e4fe2008725786a7
|
4
|
+
data.tar.gz: b217d443b0e9249646142fb75c9612320c34f339
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 277206971e1827f9aa247ac5862b8b583807df22d3ac0cb2795c5fde800efc1244c1e004e276553b878db59cef7d887722a9a05c407bc386bfbb4cced71a910f
|
7
|
+
data.tar.gz: 053397fc858f4f4313e53cf297e5694102b323cf28c64b3bd69f8ee1f1f6facac90ea20bdec386157b601d0adc1f165c5ab8ff3fb22a025230f66208c6cc1248
|
data/README.md
CHANGED
@@ -32,11 +32,6 @@ Or install it directly:
|
|
32
32
|
$ gem install guachiman-rails
|
33
33
|
```
|
34
34
|
|
35
|
-
Upgrade Notice
|
36
|
-
--------------
|
37
|
-
|
38
|
-
**Version `>= 1.0.0` is incompatible with version `=< 0.3.2`.**
|
39
|
-
|
40
35
|
Usage
|
41
36
|
-----
|
42
37
|
|
@@ -57,27 +52,27 @@ def current_user
|
|
57
52
|
end
|
58
53
|
```
|
59
54
|
|
60
|
-
|
61
|
-
|
62
|
-
### To skip authorization for admins
|
63
|
-
|
64
|
-
Defaults to `false`.
|
55
|
+
### Skip authorization
|
65
56
|
|
66
57
|
```ruby
|
67
|
-
|
68
|
-
|
58
|
+
class UsersController < ApplicationController
|
59
|
+
skip_before_action :authorize, if: :admin?
|
60
|
+
# ...
|
61
|
+
private
|
62
|
+
|
63
|
+
def admin?
|
64
|
+
current_user && current_user.admin?
|
65
|
+
end
|
69
66
|
end
|
70
67
|
```
|
71
68
|
|
72
|
-
###
|
69
|
+
### Handle authorization failure
|
73
70
|
|
74
|
-
|
75
|
-
|
71
|
+
The default implementation is to raise `Guachiman::UnauthorizedError`. You can rescue the error with a regular
|
72
|
+
Rails `rescue_from` call or override the `#unauthorized` method directly:
|
76
73
|
|
77
74
|
```ruby
|
78
|
-
def
|
79
|
-
return true if authorized
|
80
|
-
|
75
|
+
def unauthorized
|
81
76
|
if request.get? && !request.xhr?
|
82
77
|
session[:next] = request.url
|
83
78
|
redirect_to root_path, alert: t(:unauthorized)
|
@@ -93,26 +88,12 @@ Now you can describe your authorization object in this way:
|
|
93
88
|
class Authorization
|
94
89
|
include Guachiman
|
95
90
|
|
96
|
-
def initialize(
|
97
|
-
|
98
|
-
|
99
|
-
else
|
100
|
-
guest_authorization
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
private
|
105
|
-
|
106
|
-
def guest_authorization
|
107
|
-
allow :sessions, [:new, :create]
|
108
|
-
allow :users, [:new, :create]
|
109
|
-
end
|
110
|
-
|
111
|
-
def user_authorization
|
112
|
-
guest_authorization
|
91
|
+
def initialize(current_user)
|
92
|
+
allow :sessions, :new, :create
|
93
|
+
allow :users, :new, :create
|
113
94
|
|
114
|
-
allow :users,
|
115
|
-
|
95
|
+
allow :users, :show, :edit, :update do |user|
|
96
|
+
current_user && current_user.id == user.id
|
116
97
|
end
|
117
98
|
end
|
118
99
|
end
|
@@ -123,9 +104,10 @@ The method `#current_resource` will default to nil but you can override in the c
|
|
123
104
|
```ruby
|
124
105
|
class UsersController < ApplicationController
|
125
106
|
# ...
|
107
|
+
private
|
126
108
|
|
127
109
|
def current_resource
|
128
|
-
@user ||= params[:id]
|
110
|
+
@user ||= User.find(params[:id]) if params[:id].present?
|
129
111
|
end
|
130
112
|
end
|
131
113
|
```
|
data/guachiman-rails.gemspec
CHANGED
@@ -17,10 +17,12 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test)/})
|
18
18
|
spec.require_paths = ['lib']
|
19
19
|
|
20
|
-
spec.
|
21
|
-
spec.add_dependency 'railties', '~> 4.0', '>= 4.0.0'
|
20
|
+
spec.required_ruby_version = '~> 2.0'
|
22
21
|
|
23
|
-
spec.
|
24
|
-
spec.
|
25
|
-
|
22
|
+
spec.add_dependency 'guachiman', '~> 2.0', '>= 2.0.0'
|
23
|
+
spec.add_dependency 'railties', '~> 4.2', '>= 4.2.0'
|
24
|
+
|
25
|
+
spec.add_development_dependency 'rake', '~> 10.4', '>= 10.4.0'
|
26
|
+
spec.add_development_dependency 'minitest', '~> 5.7', '>= 5.7.0'
|
27
|
+
spec.add_development_dependency 'bundler', '~> 1.9', '>= 1.9.0'
|
26
28
|
end
|
@@ -1,25 +1,12 @@
|
|
1
1
|
class Authorization
|
2
2
|
include Guachiman
|
3
3
|
|
4
|
-
def initialize(
|
5
|
-
|
6
|
-
|
7
|
-
else
|
8
|
-
guest_authorization
|
9
|
-
end
|
10
|
-
end
|
11
|
-
|
12
|
-
private
|
13
|
-
|
14
|
-
def guest_authorization
|
15
|
-
# allow :sessions, [:new, :create]
|
16
|
-
end
|
17
|
-
|
18
|
-
def user_authorization
|
19
|
-
guest_authorization
|
4
|
+
def initialize(current_user)
|
5
|
+
# allow :sessions, :new, :create
|
6
|
+
# allow :users, :new, :create
|
20
7
|
|
21
|
-
# allow :users,
|
22
|
-
#
|
8
|
+
# allow :users, :show, :edit, :update do |user|
|
9
|
+
# current_user && current_user.id == user.id
|
23
10
|
# end
|
24
11
|
end
|
25
12
|
end
|
@@ -3,44 +3,42 @@ module Guachiman
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
|
5
5
|
included do
|
6
|
-
before_action :authorize
|
6
|
+
before_action :authorize
|
7
|
+
helper_method :authorization
|
7
8
|
end
|
8
9
|
|
9
|
-
def
|
10
|
-
|
10
|
+
def current_user
|
11
|
+
nil
|
11
12
|
end
|
12
13
|
|
13
|
-
|
14
|
-
::Authorization
|
15
|
-
end
|
14
|
+
private
|
16
15
|
|
17
|
-
def
|
18
|
-
|
16
|
+
def authorization
|
17
|
+
@authorization ||= self.class.parents.first::Authorization.new(current_user)
|
19
18
|
end
|
20
19
|
|
21
20
|
def current_resource
|
22
21
|
nil
|
23
22
|
end
|
24
23
|
|
25
|
-
def skip_authorization?
|
26
|
-
false
|
27
|
-
end
|
28
|
-
|
29
24
|
def authorize
|
30
|
-
|
25
|
+
unauthorized unless authorization.allow?(controller_name.to_sym, action_name.to_sym, current_resource)
|
26
|
+
end
|
31
27
|
|
32
|
-
|
28
|
+
def unauthorized
|
29
|
+
raise UnauthorizedError.new(controller_name, action_name, current_resource)
|
33
30
|
end
|
31
|
+
end
|
32
|
+
|
33
|
+
class UnauthorizedError < StandardError
|
34
|
+
attr_reader :controller, :action, :resource
|
34
35
|
|
35
|
-
def
|
36
|
-
|
36
|
+
def initialize(controller, action, resource)
|
37
|
+
@controller = controller
|
38
|
+
@action = action
|
39
|
+
@resource = resource
|
37
40
|
|
38
|
-
|
39
|
-
session[:next] = request.url
|
40
|
-
redirect_to root_path, alert: t(:unauthorized)
|
41
|
-
else
|
42
|
-
render nothing: true, status: :unauthorized
|
43
|
-
end
|
41
|
+
super("Unauthorized: #{ controller }##{ action } (#{ resource.inspect })")
|
44
42
|
end
|
45
43
|
end
|
46
44
|
end
|
@@ -11,6 +11,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase
|
|
11
11
|
tests Guachiman::Generators::InstallGenerator
|
12
12
|
setup :prepare_destination
|
13
13
|
|
14
|
+
self.test_order = :sorted
|
15
|
+
|
14
16
|
def prepare_destination
|
15
17
|
if Dir.exist?("#{ DESTINATION }/app")
|
16
18
|
FileUtils.rm_r("#{ DESTINATION }/app")
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: guachiman-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1
|
4
|
+
version: 2.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Francesco Rodriguez
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2015-06-04 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: guachiman
|
@@ -17,100 +17,100 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - "~>"
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version: '
|
20
|
+
version: '2.0'
|
21
21
|
- - ">="
|
22
22
|
- !ruby/object:Gem::Version
|
23
|
-
version:
|
23
|
+
version: 2.0.0
|
24
24
|
type: :runtime
|
25
25
|
prerelease: false
|
26
26
|
version_requirements: !ruby/object:Gem::Requirement
|
27
27
|
requirements:
|
28
28
|
- - "~>"
|
29
29
|
- !ruby/object:Gem::Version
|
30
|
-
version: '
|
30
|
+
version: '2.0'
|
31
31
|
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
33
|
+
version: 2.0.0
|
34
34
|
- !ruby/object:Gem::Dependency
|
35
35
|
name: railties
|
36
36
|
requirement: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '4.
|
40
|
+
version: '4.2'
|
41
41
|
- - ">="
|
42
42
|
- !ruby/object:Gem::Version
|
43
|
-
version: 4.
|
43
|
+
version: 4.2.0
|
44
44
|
type: :runtime
|
45
45
|
prerelease: false
|
46
46
|
version_requirements: !ruby/object:Gem::Requirement
|
47
47
|
requirements:
|
48
48
|
- - "~>"
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: '4.
|
50
|
+
version: '4.2'
|
51
51
|
- - ">="
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: 4.
|
53
|
+
version: 4.2.0
|
54
54
|
- !ruby/object:Gem::Dependency
|
55
55
|
name: rake
|
56
56
|
requirement: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
58
|
- - "~>"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: '10.
|
60
|
+
version: '10.4'
|
61
61
|
- - ">="
|
62
62
|
- !ruby/object:Gem::Version
|
63
|
-
version: 10.
|
63
|
+
version: 10.4.0
|
64
64
|
type: :development
|
65
65
|
prerelease: false
|
66
66
|
version_requirements: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
68
|
- - "~>"
|
69
69
|
- !ruby/object:Gem::Version
|
70
|
-
version: '10.
|
70
|
+
version: '10.4'
|
71
71
|
- - ">="
|
72
72
|
- !ruby/object:Gem::Version
|
73
|
-
version: 10.
|
73
|
+
version: 10.4.0
|
74
74
|
- !ruby/object:Gem::Dependency
|
75
75
|
name: minitest
|
76
76
|
requirement: !ruby/object:Gem::Requirement
|
77
77
|
requirements:
|
78
78
|
- - "~>"
|
79
79
|
- !ruby/object:Gem::Version
|
80
|
-
version: '5.
|
80
|
+
version: '5.7'
|
81
81
|
- - ">="
|
82
82
|
- !ruby/object:Gem::Version
|
83
|
-
version: 5.
|
83
|
+
version: 5.7.0
|
84
84
|
type: :development
|
85
85
|
prerelease: false
|
86
86
|
version_requirements: !ruby/object:Gem::Requirement
|
87
87
|
requirements:
|
88
88
|
- - "~>"
|
89
89
|
- !ruby/object:Gem::Version
|
90
|
-
version: '5.
|
90
|
+
version: '5.7'
|
91
91
|
- - ">="
|
92
92
|
- !ruby/object:Gem::Version
|
93
|
-
version: 5.
|
93
|
+
version: 5.7.0
|
94
94
|
- !ruby/object:Gem::Dependency
|
95
95
|
name: bundler
|
96
96
|
requirement: !ruby/object:Gem::Requirement
|
97
97
|
requirements:
|
98
98
|
- - "~>"
|
99
99
|
- !ruby/object:Gem::Version
|
100
|
-
version: '1.
|
100
|
+
version: '1.9'
|
101
101
|
- - ">="
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 1.
|
103
|
+
version: 1.9.0
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: '1.
|
110
|
+
version: '1.9'
|
111
111
|
- - ">="
|
112
112
|
- !ruby/object:Gem::Version
|
113
|
-
version: 1.
|
113
|
+
version: 1.9.0
|
114
114
|
description: Rails specific implementation of the Guachiman gem for authorization
|
115
115
|
in ActionController
|
116
116
|
email:
|
@@ -144,9 +144,9 @@ require_paths:
|
|
144
144
|
- lib
|
145
145
|
required_ruby_version: !ruby/object:Gem::Requirement
|
146
146
|
requirements:
|
147
|
-
- - "
|
147
|
+
- - "~>"
|
148
148
|
- !ruby/object:Gem::Version
|
149
|
-
version: '0'
|
149
|
+
version: '2.0'
|
150
150
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
151
151
|
requirements:
|
152
152
|
- - ">="
|
@@ -154,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
154
154
|
version: '0'
|
155
155
|
requirements: []
|
156
156
|
rubyforge_project:
|
157
|
-
rubygems_version: 2.4.
|
157
|
+
rubygems_version: 2.4.5
|
158
158
|
signing_key:
|
159
159
|
specification_version: 4
|
160
160
|
summary: Rails specific implementation of the Guachiman gem
|