iq-acl 1.0.4 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +10 -5
- data/VERSION +1 -1
- data/iq-acl.gemspec +1 -1
- data/lib/iq/acl.rb +0 -12
- data/lib/iq/acl/basic.rb +10 -6
- metadata +2 -2
data/README.rdoc
CHANGED
@@ -6,12 +6,17 @@ This aim of this gem is to provide a series of classes to handle common ACL requ
|
|
6
6
|
gem install iq-acl
|
7
7
|
|
8
8
|
== Usage
|
9
|
+
# Create an instance of the basic class, supplying rights as a hash, note
|
10
|
+
# that asterisks are used as wildcards.
|
9
11
|
auth = IQ::ACL::Basic.new({
|
10
12
|
'*' => { 'terry' => 'r' },
|
11
13
|
'projects' => { 'jonny' => 'rw' },
|
12
14
|
'projects/private' => { 'billy' => 'rw', 'terry' => nil },
|
13
15
|
'projects/public' => { 'terry' => 'rw', '*' => 'r' }
|
14
16
|
})
|
17
|
+
|
18
|
+
# You could alternatively read rights from a YAML file
|
19
|
+
auth = IQ::ACL::Basic.new(YAML.load_file('rights.yml'))
|
15
20
|
|
16
21
|
auth.authorize! 'guest', 'projects' #=> raises IQ::ACL::AccessDeniedError
|
17
22
|
auth.authorize! 'jonny', 'projects' #=> 'rw'
|
@@ -26,11 +31,11 @@ This aim of this gem is to provide a series of classes to handle common ACL requ
|
|
26
31
|
auth.authorize! 'billy', 'projects/public' #=> 'r'
|
27
32
|
auth.authorize! 'terry', 'projects/public' #=> 'rw
|
28
33
|
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
+
A block may be given to <tt>authorize!</tt> that should return true if
|
35
|
+
the yielded rights are adequate for the user, for example the following
|
36
|
+
will raise an IQ::ACL::AccessDeniedError as 'terry' does not have write access
|
37
|
+
to the 'projects' path. If 'terry' had write access to the 'projects'
|
38
|
+
path, the exception would not be thrown.
|
34
39
|
|
35
40
|
auth.authorize! 'terry', 'projects' do |rights|
|
36
41
|
rights.include?('w')
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.0.
|
1
|
+
1.0.5
|
data/iq-acl.gemspec
CHANGED
data/lib/iq/acl.rb
CHANGED
@@ -1,17 +1,5 @@
|
|
1
1
|
module IQ # :nodoc:
|
2
2
|
module ACL # :nodoc:
|
3
|
-
def self.version
|
4
|
-
VERSION::STRING
|
5
|
-
end
|
6
|
-
|
7
|
-
module VERSION #:nodoc:
|
8
|
-
MAJOR = 1
|
9
|
-
MINOR = 0
|
10
|
-
TINY = 1
|
11
|
-
|
12
|
-
STRING = [MAJOR, MINOR, TINY].join('.')
|
13
|
-
end
|
14
|
-
|
15
3
|
autoload :Basic, File.join(File.dirname(__FILE__), 'acl', 'basic')
|
16
4
|
|
17
5
|
# This error is raised when a user does not have access to a supplied path.
|
data/lib/iq/acl/basic.rb
CHANGED
@@ -4,12 +4,17 @@
|
|
4
4
|
# denote global rules.
|
5
5
|
#
|
6
6
|
# @example
|
7
|
+
# # Create an instance of the basic class, supplying rights as a hash, note
|
8
|
+
# # that asterisks are used as wildcards.
|
7
9
|
# auth = IQ::ACL::Basic.new({
|
8
10
|
# '*' => { 'terry' => 'r' },
|
9
11
|
# 'projects' => { 'jonny' => 'rw' },
|
10
12
|
# 'projects/private' => { 'billy' => 'rw', 'terry' => nil },
|
11
13
|
# 'projects/public' => { 'terry' => 'rw', '*' => 'r' }
|
12
14
|
# })
|
15
|
+
#
|
16
|
+
# # You could alternatively read rights from a YAML file
|
17
|
+
# auth = IQ::ACL::Basic.new(YAML.load_file('rights.yml'))
|
13
18
|
#
|
14
19
|
# auth.authorize! 'guest', 'projects' #=> raises IQ::ACL::AccessDeniedError
|
15
20
|
# auth.authorize! 'jonny', 'projects' #=> 'rw'
|
@@ -24,13 +29,12 @@
|
|
24
29
|
# auth.authorize! 'billy', 'projects/public' #=> 'r'
|
25
30
|
# auth.authorize! 'terry', 'projects/public' #=> 'rw
|
26
31
|
#
|
27
|
-
# A block may be given to authorize! that should return true if the yielded
|
28
|
-
# rights are adequate for the user, for example the following will raise an
|
29
|
-
# IQ::ACL::AccessDeniedError as 'terry' does not have write access to the
|
30
|
-
# 'projects' path. If 'terry' had write access to the 'projects' path, the
|
31
|
-
# exception would not be thrown.
|
32
|
+
# # A block may be given to authorize! that should return true if the yielded
|
33
|
+
# # rights are adequate for the user, for example the following will raise an
|
34
|
+
# # IQ::ACL::AccessDeniedError as 'terry' does not have write access to the
|
35
|
+
# # 'projects' path. If 'terry' had write access to the 'projects' path, the
|
36
|
+
# # exception would not be thrown.
|
32
37
|
#
|
33
|
-
# @example
|
34
38
|
# auth.authorize! 'terry', 'projects' do |rights|
|
35
39
|
# rights.include?('w')
|
36
40
|
# end
|