invitational 1.4.1 → 1.5.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ac87f03131dad2c9fb79a5531d30543a913c7dbe4e5731edbdde736b19e56609
4
- data.tar.gz: 544588fd8fed89ba7b4422927ec59b366dea26714846d8c8ff243c8f3e5e213b
3
+ metadata.gz: c95a2f6012a75b5a0f011e76848aa61b85acd37be3b4f5a5e407051de58172cc
4
+ data.tar.gz: 0f629e76aa8574b161870d43314a92f97d0eee383c4793c820097df4db2b5e53
5
5
  SHA512:
6
- metadata.gz: 3a0a0238ca20386061e1541aed1b97e499abac7f334a8cd410e7b158da0271bc51b57e91d7a4944cf188704dea4a152752905478b8d84defeb0311b7903f30de
7
- data.tar.gz: ad8781e05f57a2bd98f0853a5f54d4f8102e1380174be614ac63145ce79f1b46d815410a4b2b33117974ed7a633926e69b300e536a4f15a331619f1ec90a56b3
6
+ metadata.gz: 5d9ae136be475851fbd2595ad3ba520e06c120349dc71f81a3685e5d3546a262537147626fc5d236315151337f675423e9ca337ab999f387105df8e2644349ba
7
+ data.tar.gz: 05e62c3d5675a83270cebf2307669872cc0bfe516f4dd17801f6d950b31ee2bc0efcd373c9a2f152aa9752057014f6585c74bfb15e8441a438d2c83fc0252167
data/README.md CHANGED
@@ -44,11 +44,11 @@ rake db:migrate
44
44
  Invitational has three types of invitations:
45
45
 
46
46
  ## Entity
47
- An `Entity` invitation, as the name imples, is for a specific entity within the system. For example, in a contract management system, a user might be invited to a
47
+ An `Entity` invitation, as the name imples, is for a specific entity within the system. For example, in a contract management system, a user might be invited to a
48
48
  contract in the sytem with the role of 'Recipient' . They might then be able to read and to mark that specific contract as signed, but not access any other contracts in the system.
49
49
 
50
50
  ## System
51
- A `System` invitation is not related to a specific entity, but to the system overall. For example, in the contract management system mentioned above, another user might be
51
+ A `System` invitation is not related to a specific entity, but to the system overall. For example, in the contract management system mentioned above, another user might be
52
52
  invited to the sytem with the role of 'contract_manager'. They might then be able to manage *all* contracts within the system, but not have authority to invite other users.
53
53
 
54
54
  ## UberAdmin
@@ -58,9 +58,9 @@ effectively grants the associated user access to all parts of the system, as eve
58
58
  # Implementation
59
59
 
60
60
  ## invited_to
61
- The generator will setup your identity model (`User`) to include the `Invitational::InvitedTo` module. As part of the Invitational
62
- functionality it provides, the `invited_to` method is added to your user class along with the foundational has_many relationship to
63
- Invitation. This method accepts a list of the entity classes (as symbols)
61
+ The generator will setup your identity model (`User`) to include the `Invitational::InvitedTo` module. As part of the Invitational
62
+ functionality it provides, the `invited_to` method is added to your user class along with the foundational has_many relationship to
63
+ Invitation. This method accepts a list of the entity classes (as symbols)
64
64
  to which a user can be invited:
65
65
 
66
66
  ```
@@ -82,7 +82,7 @@ To configure an entity as able to accept invitations, use the `make_invitable` g
82
82
  rails generate invitational:make_invitable MODEL, ROLE1, ROLE2...
83
83
  ```
84
84
 
85
- Here, replace MODEL with the name of the entity class you are making invitable. Replace, ROLE1, ROLE2 with the
85
+ Here, replace MODEL with the name of the entity class you are making invitable. Replace, ROLE1, ROLE2 with the
86
86
  list of roles which are valid to this model, for example User, Admin. The generator will include the `Invitational::AcceptsInvitationAs`
87
87
  module, and will pre-populate the call to the `accepts_invitation_as` method with the list of roles supplied:
88
88
 
@@ -101,7 +101,7 @@ entity.admins
101
101
  You can then add this entity to the list of invitable classes on the `invited_to` call in your identity class.
102
102
 
103
103
  ## accepts_system_roles_as
104
- System roles are defined in the `Invitation` class. Simply add the list of system roles to the class method that has been defined for you by the
104
+ System roles are defined in the `Invitation` class. Simply add the list of system roles to the class method that has been defined for you by the
105
105
  generator:
106
106
 
107
107
  ```
@@ -139,8 +139,8 @@ To create an invitation to a system role:
139
139
  Invitation.invite_system_user "foo@bar.com", :contract_manager
140
140
  ```
141
141
 
142
- The method will return the Invitation. In the event that the email has already been invited to that entity or to the system role,
143
- an `Invitational::AlreadyInvitedError` will be raised. If the passed role is not valid for the given entity (based on its
142
+ The method will return the Invitation. In the event that the email has already been invited to that entity or to the system role,
143
+ an `Invitational::AlreadyInvitedError` will be raised. If the passed role is not valid for the given entity (based on its
144
144
  `accepts_invitation_as` call) or not a valid system role, an `Invitational::InvalidRoleError` will be raised.
145
145
 
146
146
 
@@ -172,14 +172,14 @@ Invitations can be claimed by passing their hash and the claiming user to the `c
172
172
  Invitation.claim claim_hash, current_user
173
173
  ```
174
174
 
175
- The method will return the claimed Invitation. In the event that the hash does match an existing invitation,
176
- an `Invitational::InvitationNotFoundError` will be raised. If the hash is found, but the invitation has already
175
+ The method will return the claimed Invitation. In the event that the hash does match an existing invitation,
176
+ an `Invitational::InvitationNotFoundError` will be raised. If the hash is found, but the invitation has already
177
177
  been claimed, an `Invitational::AlreadyClaimedError` will be raised.
178
178
 
179
179
  ## Checking for Invitations
180
180
 
181
- The `invited_to?` instance method that Invitational adds to your identity class provides an easy interface to
182
- check if a user has an accepted invitation to a specific entity. Your query can be general (invited in any role) or
181
+ The `invited_to?` instance method that Invitational adds to your identity class provides an easy interface to
182
+ check if a user has an accepted invitation to a specific entity. Your query can be general (invited in any role) or
183
183
  specifically for a supplied role:
184
184
 
185
185
  ```
@@ -203,8 +203,8 @@ current_user.invited_to_system? :contract_manager
203
203
  ## UberAdmin
204
204
 
205
205
  Invitational provides a special, system-wide, invitation and role called `:uberadmin`. A user that has
206
- claimed an UberAdmin invitation will always indicate they have been invited to a given role for a given entity.
207
- In other words, every call to `invited_to?` or `invited_to_system?` for an UberAdmin will return true.
206
+ claimed an UberAdmin invitation will always indicate they have been invited to a given role for a given entity.
207
+ In other words, every call to `invited_to?` or `invited_to_system?` for an UberAdmin will return true.
208
208
 
209
209
  To create an UberAdmin invitation:
210
210
 
@@ -221,7 +221,7 @@ Invitation.invite_uberadmin current_user
221
221
 
222
222
  The process to claim an UberAdmin invitation is the same as any other invitation.
223
223
 
224
- To make getting started with a brand new Invitational based environment easier, a rake task is provided to
224
+ To make getting started with a brand new Invitational based environment easier, a rake task is provided to
225
225
  create a new UberAdmin invitation.
226
226
 
227
227
  ```
@@ -239,8 +239,8 @@ current_user.uberadmin?
239
239
  ## CanCanCan
240
240
 
241
241
  Invitational adds a new condition key to CanCanCan's abilities, `:role`. This allows you to define the role(s)
242
- that a user must be invited into for a specific entity in order to perform the specified action. For example,
243
- to indicate that a user invited to a parent entity in an admin role can manage the parent entity, but a user
242
+ that a user must be invited into for a specific entity in order to perform the specified action. For example,
243
+ to indicate that a user invited to a Parent entity in an admin role can manage the parent entity, but a user
244
244
  invited to a staff role can only read the parent entity, in your `ability.rb` file:
245
245
 
246
246
  ```
@@ -249,17 +249,26 @@ can :read, Parent, roles: [:staff]
249
249
  cannot :edit, Parent, roles: [:consultant]
250
250
  ```
251
251
 
252
+ ### Wildcard Roles
253
+ Often is is neccessary to indicate that a user invited in any role has a given permission. For example, to
254
+ indicate that any user invited to a Parent entity can view that Parent, regardless of their role:
255
+
256
+ ```
257
+ can :view, Parent, roles: [:*]
258
+ ```
259
+
260
+
252
261
  ### System Roles
253
262
  To specify system roles for a given ability, utilize the `system_roles` method inside a `roles:` array:
254
263
 
255
264
  ```
256
- can :manage, contract, roles: [system_roles(:contract_manager, :sales_manager)]
265
+ can :manage, contract, roles: [system_roles([:contract_manager, :sales_manager])]
257
266
  ```
258
267
 
259
268
 
260
269
  ### Invitation to a parent (or other attribute)
261
270
  To idenfitify abilities based upon invitations to a parent entity or other attribute, Invitational provides an
262
- ```attribute_roles``` method. The first argument is symbol indicating the attribute name of the parent entity,
271
+ ```attribute_roles``` method. The first argument is symbol indicating the attribute name of the parent entity,
263
272
  the second is an array of roles in which the user must be invited to the parent entity:
264
273
 
265
274
  ```
@@ -80,7 +80,7 @@ module Invitational
80
80
 
81
81
  def setup_hash
82
82
  self.date_sent = DateTime.now
83
- self.claim_hash = Digest::SHA1.hexdigest(email + date_sent.to_s)
83
+ self.claim_hash = SecureRandom.alphanumeric(40)
84
84
  end
85
85
 
86
86
  def standard_role?
@@ -53,6 +53,8 @@ module Invitational
53
53
  in_roles.inject(false) do |result,role|
54
54
  result || if role.respond_to? :values
55
55
  check_permission_for_keyed_roles model, user, role, role_specific
56
+ elsif role == :*
57
+ Invitational::ChecksForInvitation.for(user, model)
56
58
  else
57
59
  Invitational::ChecksForInvitation.for(user, model, role, role_specific)
58
60
  end
@@ -1,3 +1,3 @@
1
1
  module Invitational
2
- VERSION = "1.4.1"
2
+ VERSION = "1.5.1"
3
3
  end
File without changes
@@ -13,6 +13,7 @@ class Ability
13
13
 
14
14
  can :manage, Entity, roles: [:admin]
15
15
  can :read, Entity, roles: [:user]
16
+ can :validate, Entity, roles: [:*]
16
17
 
17
18
  can :read, Child
18
19