guachiman 0.1.6 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +89 -17
- data/lib/generators/guachiman/install/templates/permission.rb +6 -6
- data/lib/guachiman/permissions.rb +1 -5
- data/lib/guachiman/rails/permissible.rb +2 -1
- data/lib/guachiman/version.rb +2 -2
- data/test/generators/install_generator_test.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 661a1fd0d6c130c3005dc66cc240c71a6c2454e7
|
4
|
+
data.tar.gz: a23694ba8e7c8bd23f7acbf523f70ee14d8a134f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f28b8f640aa087a664fc75ba082c3ebbdf48efaea481397d3294aa974017c1a7919746abaf6cf0426689a145f9b6406e7c99282cf2998b2834e7ac8b56b88de0
|
7
|
+
data.tar.gz: 981660b65337eaf03b9ac3d9f48e675d32024d8418778186b2f74ecf8e02f0174c0bb35c03ecbc89f513a267977a06a8b43425951fcff9bc82de64331ae5e9b3
|
data/README.md
CHANGED
@@ -32,7 +32,7 @@ Run `rails g guachiman:install`
|
|
32
32
|
|
33
33
|
This will generate a `permission.rb` file in `app/models`.
|
34
34
|
|
35
|
-
Include `Guachiman::Permissible` in `ApplicationController` and
|
35
|
+
Include `Guachiman::Permissible` in `ApplicationController` and implement a `current_user` method there.
|
36
36
|
|
37
37
|
```ruby
|
38
38
|
include Guachiman::Permissible
|
@@ -42,7 +42,7 @@ def current_user
|
|
42
42
|
end
|
43
43
|
```
|
44
44
|
|
45
|
-
You can also override these methods to handle failed authorizations:
|
45
|
+
You can also override these methods to handle failed authorizations for GET, non-AJAX requests:
|
46
46
|
|
47
47
|
```ruby
|
48
48
|
def not_authorized
|
@@ -55,6 +55,14 @@ def not_signed_in
|
|
55
55
|
end
|
56
56
|
```
|
57
57
|
|
58
|
+
And you can also override this method to handle failed non-GET or AJAX requests:
|
59
|
+
|
60
|
+
```ruby
|
61
|
+
def render_unauthorized
|
62
|
+
render text: "NO", status: :unauthorized
|
63
|
+
end
|
64
|
+
```
|
65
|
+
|
58
66
|
That's it, now you can describe your permissions in this way:
|
59
67
|
|
60
68
|
```ruby
|
@@ -62,35 +70,33 @@ class Permission
|
|
62
70
|
include Guachiman::Permissions
|
63
71
|
include Guachiman::Params
|
64
72
|
|
65
|
-
attr_reader :
|
73
|
+
attr_reader :current_user, :current_request
|
66
74
|
|
67
|
-
def initialize
|
68
|
-
@
|
69
|
-
@
|
75
|
+
def initialize user, request
|
76
|
+
@current_user = user
|
77
|
+
@current_request = request
|
70
78
|
|
71
|
-
if
|
79
|
+
if current_user.nil?
|
72
80
|
guest
|
73
|
-
elsif
|
81
|
+
elsif current_user.admin?
|
74
82
|
admin
|
75
83
|
else
|
76
84
|
member
|
77
85
|
end
|
78
86
|
end
|
79
87
|
|
80
|
-
|
88
|
+
private
|
81
89
|
|
82
90
|
def guest
|
83
|
-
allow :sessions,
|
84
|
-
allow :
|
85
|
-
allow :passwords, [:new, :create]
|
91
|
+
allow :sessions, [:new, :create, :destroy]
|
92
|
+
allow :users, [:new, :create]
|
86
93
|
|
87
94
|
allow_param :user, [:name, :email, :password]
|
88
95
|
end
|
89
96
|
|
90
97
|
def member
|
91
98
|
guest
|
92
|
-
allow :
|
93
|
-
allow :passwords, [:edit, :update]
|
99
|
+
allow :users, [:show, :edit, :update]
|
94
100
|
end
|
95
101
|
|
96
102
|
def admin
|
@@ -99,6 +105,72 @@ class Permission
|
|
99
105
|
end
|
100
106
|
```
|
101
107
|
|
102
|
-
*
|
103
|
-
*
|
104
|
-
*
|
108
|
+
* `#allow` takes a **controller** params key or array of keys and an array of **actions**.
|
109
|
+
* `#allow_param` takes a **model** params key or array of keys and an array of **attributes**.
|
110
|
+
* `#allow_all!` is a convinience method to allow **all** controllers, actions and parameteres.
|
111
|
+
|
112
|
+
You can also go a bit further in the way you specify your permissions, if you override `current_resource`:
|
113
|
+
|
114
|
+
```ruby
|
115
|
+
class OrdersController < ApplicationController
|
116
|
+
...
|
117
|
+
|
118
|
+
private
|
119
|
+
def current_resource
|
120
|
+
@order ||= params[:id].present? ? Order.find(params[:id]) : Order.new
|
121
|
+
end
|
122
|
+
end
|
123
|
+
```
|
124
|
+
|
125
|
+
The `current_resource` is passed to a block that needs to return a truthy object to allow the action.
|
126
|
+
|
127
|
+
```ruby
|
128
|
+
def guest
|
129
|
+
allow :sessions, [:new, :create, :destroy]
|
130
|
+
allow :users, [:new, :create]
|
131
|
+
allow :orders, [:show, :edit, :update] do |order|
|
132
|
+
order.accessible_by_token? current_request.cookies['cart_token']
|
133
|
+
end
|
134
|
+
|
135
|
+
allow_param :user, [:name, :email, :password]
|
136
|
+
end
|
137
|
+
|
138
|
+
def member
|
139
|
+
guest
|
140
|
+
|
141
|
+
allow :users, [:show, :edit, :update] do |user|
|
142
|
+
current_user == user
|
143
|
+
end
|
144
|
+
allow :orders, [:show, :edit, :update] do |order|
|
145
|
+
order.accessible_by_user? user
|
146
|
+
end
|
147
|
+
end
|
148
|
+
```
|
149
|
+
|
150
|
+
You can also be more specific about the param permissions setting them to be read or write.
|
151
|
+
|
152
|
+
```ruby
|
153
|
+
def member
|
154
|
+
...
|
155
|
+
|
156
|
+
allow_read_param :contact, [:name, :phone, :email]
|
157
|
+
allow_write_param :contact, [:name, :phone]
|
158
|
+
end
|
159
|
+
```
|
160
|
+
|
161
|
+
That can also be useful on the views because you get a `current_permission` helper that you can use like this:
|
162
|
+
|
163
|
+
```erb
|
164
|
+
<%= form_for current_resource do |f| %>
|
165
|
+
<% current_permission.write_allowed_params.each do |p| %>
|
166
|
+
<%= f.text_field p %>
|
167
|
+
<% end %>
|
168
|
+
|
169
|
+
<%= f.submit %>
|
170
|
+
<% end %>
|
171
|
+
```
|
172
|
+
|
173
|
+
License
|
174
|
+
-------
|
175
|
+
|
176
|
+
MIT
|
@@ -2,15 +2,15 @@ class Permission
|
|
2
2
|
include Guachiman::Permissions
|
3
3
|
include Guachiman::Params
|
4
4
|
|
5
|
-
attr_reader :
|
5
|
+
attr_reader :current_user, :current_request
|
6
6
|
|
7
|
-
def initialize
|
8
|
-
@
|
9
|
-
@
|
7
|
+
def initialize user, request
|
8
|
+
@current_user = user
|
9
|
+
@current_request = request
|
10
10
|
|
11
|
-
if
|
11
|
+
if current_user.nil?
|
12
12
|
guest
|
13
|
-
elsif
|
13
|
+
elsif current_user.admin?
|
14
14
|
admin
|
15
15
|
else
|
16
16
|
member
|
@@ -12,11 +12,7 @@ module Guachiman
|
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
|
-
def
|
16
|
-
allow controllers, [:index, :show, :new, :create, :edit, :update, :destroy]
|
17
|
-
end
|
18
|
-
|
19
|
-
def allow? controller, action, resource = nil
|
15
|
+
def allow? controller, action, resource=nil
|
20
16
|
allowed = allow_all || check_allowed_action(controller, action)
|
21
17
|
!!allowed && (allowed == true || resource && allowed.call(resource))
|
22
18
|
end
|
@@ -6,6 +6,7 @@ module Guachiman
|
|
6
6
|
before_filter :authorize
|
7
7
|
helper_method :current_user
|
8
8
|
helper_method :current_permission
|
9
|
+
helper_method :current_resource
|
9
10
|
end
|
10
11
|
|
11
12
|
def current_user
|
@@ -24,7 +25,7 @@ module Guachiman
|
|
24
25
|
if current_permission.allow? controller_name, action_name, current_resource
|
25
26
|
current_permission.permit_params! params
|
26
27
|
else
|
27
|
-
if request.get?
|
28
|
+
if request.get? && !request.xhr?
|
28
29
|
current_user ? not_authorized : not_signed_in
|
29
30
|
else
|
30
31
|
render_unauthorized
|
data/lib/guachiman/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
module Guachiman
|
2
|
-
VERSION = '0.
|
3
|
-
end
|
2
|
+
VERSION = '0.2.0'
|
3
|
+
end
|
@@ -24,7 +24,7 @@ class InstallGeneratorTest < Rails::Generators::TestCase
|
|
24
24
|
assert_match(/class Permission/, f)
|
25
25
|
assert_match(/include Guachiman::Permissions/, f)
|
26
26
|
assert_match(/include Guachiman::Params/, f)
|
27
|
-
assert_match(/initialize
|
27
|
+
assert_match(/initialize user, request/, f)
|
28
28
|
end
|
29
29
|
end
|
30
30
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: guachiman
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Francesco Rodriguez
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-09-
|
12
|
+
date: 2013-09-13 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: railties
|
@@ -154,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
154
154
|
version: '0'
|
155
155
|
requirements: []
|
156
156
|
rubyforge_project:
|
157
|
-
rubygems_version: 2.
|
157
|
+
rubygems_version: 2.1.2
|
158
158
|
signing_key:
|
159
159
|
specification_version: 4
|
160
160
|
summary: Basic authorization library
|