hydra-access-controls 5.3.0 → 5.4.0.pre1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/lib/hydra/ability.rb +28 -23
  2. data/lib/hydra/user.rb +4 -0
  3. metadata +6 -9
data/lib/hydra/ability.rb CHANGED
@@ -19,19 +19,24 @@ module Hydra::Ability
19
19
  Hydra.config[:user_model] ? Hydra.config[:user_model].constantize : ::User
20
20
  end
21
21
 
22
+ attr_reader :current_user, :session
23
+
22
24
  def initialize(user, session=nil)
23
- @user = user || Hydra::Ability.user_class.new # guest user (not logged in)
25
+ @current_user = user || Hydra::Ability.user_class.new # guest user (not logged in)
26
+ @user = @current_user # just in case someone was using this in an override. Just don't.
24
27
  @session = session
25
28
  hydra_default_permissions()
26
29
  end
27
30
 
28
31
  ## You can override this method if you are using a different AuthZ (such as LDAP)
29
- def user_groups(user=nil, session=nil)
30
- ActiveSupport::Deprecation.warn("No need to pass user or session to user_groups, use the instance_variables", caller()) if user || session
32
+ def user_groups(deprecated_user=nil, deprecated_session=nil)
33
+ ActiveSupport::Deprecation.warn("No need to pass user or session to user_groups, use the instance_variables", caller()) if deprecated_user || deprecated_session
31
34
 
32
35
  return @user_groups if @user_groups
33
- @user_groups = RoleMapper.roles(@user.user_key) + default_user_groups
34
- @user_groups << 'registered' unless (@user.new_record? || @user_groups.include?('registered'))
36
+
37
+ @user_groups = default_user_groups
38
+ @user_groups |= current_user.groups if current_user and current_user.respond_to? :groups
39
+ @user_groups |= ['registered'] unless current_user.new_record?
35
40
  @user_groups
36
41
  end
37
42
 
@@ -42,21 +47,21 @@ module Hydra::Ability
42
47
 
43
48
 
44
49
  # Requires no arguments, but accepts 2 arguments for backwards compatibility
45
- def hydra_default_permissions(user=nil, session=nil)
46
- ActiveSupport::Deprecation.warn("No need to pass user or session to hydra_default_permissions, use the instance_variables", caller()) if user || session
50
+ def hydra_default_permissions(deprecated_user=nil, deprecated_session=nil)
51
+ ActiveSupport::Deprecation.warn("No need to pass user or session to hydra_default_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
47
52
  logger.debug("Usergroups are " + user_groups.inspect)
48
53
  self.ability_logic.each do |method|
49
54
  send(method)
50
55
  end
51
56
  end
52
57
 
53
- def create_permissions(user=nil, session=nil)
54
- ActiveSupport::Deprecation.warn("No need to pass user or session to create_permissions, use the instance_variables", caller()) if user || session
58
+ def create_permissions(deprecated_user=nil, deprecated_session=nil)
59
+ ActiveSupport::Deprecation.warn("No need to pass user or session to create_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
55
60
  can :create, :all if user_groups.include? 'registered'
56
61
  end
57
62
 
58
- def edit_permissions(user=nil, session=nil)
59
- ActiveSupport::Deprecation.warn("No need to pass user or session to edit_permissions, use the instance_variables", caller()) if user || session
63
+ def edit_permissions(deprecated_user=nil, deprecated_session=nil)
64
+ ActiveSupport::Deprecation.warn("No need to pass user or session to edit_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
60
65
  can [:edit, :update, :destroy], String do |pid|
61
66
  test_edit(pid)
62
67
  end
@@ -71,8 +76,8 @@ module Hydra::Ability
71
76
  end
72
77
  end
73
78
 
74
- def read_permissions(user=nil, session=nil)
75
- ActiveSupport::Deprecation.warn("No need to pass user or session to read_permissions, use the instance_variables", caller()) if user || session
79
+ def read_permissions(deprecated_user=nil, deprecated_session=nil)
80
+ ActiveSupport::Deprecation.warn("No need to pass user or session to read_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
76
81
  can :read, String do |pid|
77
82
  test_read(pid)
78
83
  end
@@ -89,8 +94,8 @@ module Hydra::Ability
89
94
 
90
95
 
91
96
  ## Override custom permissions in your own app to add more permissions beyond what is defined by default.
92
- def custom_permissions(user=nil, session=nil)
93
- ActiveSupport::Deprecation.warn("No need to pass user or session to custom_permissions, use the instance_variables", caller()) if user || session
97
+ def custom_permissions(deprecated_user=nil, deprecated_session=nil)
98
+ ActiveSupport::Deprecation.warn("No need to pass user or session to custom_permissions, use the instance_variables", caller()) if deprecated_user || deprecated_session
94
99
  end
95
100
 
96
101
  protected
@@ -102,22 +107,22 @@ module Hydra::Ability
102
107
  end
103
108
 
104
109
 
105
- def test_edit(pid, user=nil, session=nil)
106
- ActiveSupport::Deprecation.warn("No need to pass user or session to test_edit, use the instance_variables", caller()) if user || session
110
+ def test_edit(pid, deprecated_user=nil, deprecated_session=nil)
111
+ ActiveSupport::Deprecation.warn("No need to pass user or session to test_edit, use the instance_variables", caller()) if deprecated_user || deprecated_session
107
112
  permissions_doc(pid)
108
- logger.debug("[CANCAN] Checking edit permissions for user: #{@user.user_key} with groups: #{user_groups.inspect}")
113
+ logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
109
114
  group_intersection = user_groups & edit_groups
110
- result = !group_intersection.empty? || edit_persons.include?(@user.user_key)
115
+ result = !group_intersection.empty? || edit_persons.include?(current_user.user_key)
111
116
  logger.debug("[CANCAN] decision: #{result}")
112
117
  result
113
118
  end
114
119
 
115
- def test_read(pid, user=nil, session=nil)
116
- ActiveSupport::Deprecation.warn("No need to pass user or session to test_read, use the instance_variables", caller()) if user || session
120
+ def test_read(pid, deprecated_user=nil, deprecated_session=nil)
121
+ ActiveSupport::Deprecation.warn("No need to pass user or session to test_read, use the instance_variables", caller()) if deprecated_user || deprecated_session
117
122
  permissions_doc(pid)
118
- logger.debug("[CANCAN] Checking edit permissions for user: #{@user.user_key} with groups: #{user_groups.inspect}")
123
+ logger.debug("[CANCAN] Checking edit permissions for user: #{current_user.user_key} with groups: #{user_groups.inspect}")
119
124
  group_intersection = user_groups & read_groups
120
- result = !group_intersection.empty? || read_persons.include?(@user.user_key)
125
+ result = !group_intersection.empty? || read_persons.include?(current_user.user_key)
121
126
  logger.debug("[CANCAN] decision: #{result}")
122
127
  result
123
128
  end
data/lib/hydra/user.rb CHANGED
@@ -13,6 +13,10 @@ module Hydra::User
13
13
  def user_key
14
14
  send(Devise.authentication_keys.first)
15
15
  end
16
+
17
+ def groups
18
+ RoleMapper.roles(user_key)
19
+ end
16
20
 
17
21
  module ClassMethods
18
22
  # This method should find User objects using the user_key you've chosen.
metadata CHANGED
@@ -1,8 +1,8 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hydra-access-controls
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.3.0
5
- prerelease:
4
+ version: 5.4.0.pre1
5
+ prerelease: 6
6
6
  platform: ruby
7
7
  authors:
8
8
  - Chris Beer
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2013-01-18 00:00:00.000000000 Z
14
+ date: 2013-01-23 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: activesupport
@@ -186,15 +186,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
186
186
  required_rubygems_version: !ruby/object:Gem::Requirement
187
187
  none: false
188
188
  requirements:
189
- - - ! '>='
189
+ - - ! '>'
190
190
  - !ruby/object:Gem::Version
191
- version: '0'
192
- segments:
193
- - 0
194
- hash: -2784704934018708392
191
+ version: 1.3.1
195
192
  requirements: []
196
193
  rubyforge_project:
197
- rubygems_version: 1.8.24
194
+ rubygems_version: 1.8.23
198
195
  signing_key:
199
196
  specification_version: 3
200
197
  summary: Access controls for project hydra