just_auth_me 0.0.2alpha
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +20 -0
- data/README.md +56 -0
- data/Rakefile +29 -0
- data/lib/just_auth_me/controller_additions.rb +68 -0
- data/lib/just_auth_me/controller_resources.rb +50 -0
- data/lib/just_auth_me/exceptions.rb +4 -0
- data/lib/just_auth_me/version.rb +3 -0
- data/lib/just_auth_me.rb +6 -0
- data/lib/tasks/just_auth_me_tasks.rake +4 -0
- metadata +105 -0
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2012 André Barbosa
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
# JustAuthMe
|
2
|
+
|
3
|
+
JustAuthMe is a gem to manage authorization in the simplest way possible. Most times you just want to check if an object belongs to the current user, JustAuthMe does just that without any configuration.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
```ruby
|
10
|
+
gem 'just_auth_me'
|
11
|
+
```
|
12
|
+
|
13
|
+
## Usage
|
14
|
+
|
15
|
+
JustAuthMe needs a method called 'current_user' that will return the user currently logged in.
|
16
|
+
|
17
|
+
If you just want to simply want to authorize a resource, add this line to that resource controller:
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
just_auth_me Resource
|
21
|
+
```
|
22
|
+
|
23
|
+
If your resource is nested under other resource you can authorize it through the parent resource by passing the 'through' option like this:
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
just_auth_me Resource, through: OtherResource
|
27
|
+
```
|
28
|
+
|
29
|
+
Alternatively you can also pass a block to handle the authorization logic:
|
30
|
+
|
31
|
+
```ruby
|
32
|
+
just_auth_me Resource do |r|
|
33
|
+
current_user.role == 'admin' and r.user_id == current_user.id
|
34
|
+
end
|
35
|
+
```
|
36
|
+
|
37
|
+
With a nested resource:
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
just_auth_me Resource, through: OtherResource do |r, o|
|
41
|
+
current_user.role == 'admin' and o.user_id == current_user.id
|
42
|
+
end
|
43
|
+
```
|
44
|
+
|
45
|
+
You can also pass 'only' and 'except' options to just_auth_me:
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
just_auth_me Resource, only: [:new, :create, :destroy]
|
49
|
+
just_auth_me Resource, except: [:show]
|
50
|
+
```
|
51
|
+
|
52
|
+
## Development
|
53
|
+
|
54
|
+
Questions or problems? Please post them on the [issue tracker](https://github.com/nata79/just_auth_me/issues). You can contribute changes by forking the project and submitting a pull request. You can ensure the tests passing by running `bundle` and `rake`.
|
55
|
+
|
56
|
+
This gem is created by André Barbosa and is under the MIT License.
|
data/Rakefile
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
begin
|
3
|
+
require 'bundler/setup'
|
4
|
+
rescue LoadError
|
5
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
6
|
+
end
|
7
|
+
begin
|
8
|
+
require 'rdoc/task'
|
9
|
+
rescue LoadError
|
10
|
+
require 'rdoc/rdoc'
|
11
|
+
require 'rake/rdoctask'
|
12
|
+
RDoc::Task = Rake::RDocTask
|
13
|
+
end
|
14
|
+
|
15
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
16
|
+
rdoc.rdoc_dir = 'rdoc'
|
17
|
+
rdoc.title = 'SimpleAuth'
|
18
|
+
rdoc.options << '--line-numbers'
|
19
|
+
rdoc.rdoc_files.include('README.rdoc')
|
20
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
21
|
+
end
|
22
|
+
|
23
|
+
Bundler::GemHelper.install_tasks
|
24
|
+
|
25
|
+
require 'rspec/core/rake_task'
|
26
|
+
|
27
|
+
RSpec::Core::RakeTask.new(:spec)
|
28
|
+
|
29
|
+
task default: :spec
|
@@ -0,0 +1,68 @@
|
|
1
|
+
module JustAuthMe
|
2
|
+
module ControllerAdditions
|
3
|
+
|
4
|
+
module Controller
|
5
|
+
def self.included(klass)
|
6
|
+
klass.class_eval do
|
7
|
+
self.send :extend, JustAuthMe::ControllerAdditions::Controller::ClassMethods
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
module ClassMethods
|
12
|
+
|
13
|
+
def just_auth_me(resource, options={})
|
14
|
+
|
15
|
+
if options[:through]
|
16
|
+
auth_object = "@#{options[:through].name.underscore}"
|
17
|
+
else
|
18
|
+
auth_object = "@#{resource.name.underscore}"
|
19
|
+
end
|
20
|
+
|
21
|
+
send :define_method, "load_#{resource.name.underscore}_just_auth_me" do
|
22
|
+
|
23
|
+
# Load resource
|
24
|
+
if params[:action] == 'index'
|
25
|
+
JustAuthMe::ControllerResources.load_on_index(resource, self, options, params)
|
26
|
+
elsif params[:action] == 'create'
|
27
|
+
JustAuthMe::ControllerResources.load_on_create_or_new(resource, self, options, params)
|
28
|
+
elsif params[:action] == 'new'
|
29
|
+
JustAuthMe::ControllerResources.load_on_create_or_new(resource, self, options, params)
|
30
|
+
else
|
31
|
+
JustAuthMe::ControllerResources.load_by_id(resource, self, options, params)
|
32
|
+
end
|
33
|
+
|
34
|
+
end
|
35
|
+
|
36
|
+
before_filter "load_#{resource.name.underscore}_just_auth_me".to_sym
|
37
|
+
|
38
|
+
send :define_method, "authorize_#{resource.name.underscore}_just_auth_me" do
|
39
|
+
|
40
|
+
# Authorize resource
|
41
|
+
raise JustAuthMe::AnauthorizedAccess unless current_user
|
42
|
+
|
43
|
+
if (params[:action] != 'index' and
|
44
|
+
params[:action] != 'create' and
|
45
|
+
params[:action] != 'new' and
|
46
|
+
instance_variable_defined?(auth_object))
|
47
|
+
|
48
|
+
raise JustAuthMe::AnauthorizedAccess unless current_user.id == instance_variable_get(auth_object).user_id
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
52
|
+
|
53
|
+
before_filter "authorize_#{resource.name.underscore}_just_auth_me".to_sym, only: options[:only], except: options[:except]
|
54
|
+
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
|
59
|
+
module InstanceMethods
|
60
|
+
|
61
|
+
end
|
62
|
+
|
63
|
+
end
|
64
|
+
|
65
|
+
end
|
66
|
+
|
67
|
+
end
|
68
|
+
::ActionController::Base.send :include, JustAuthMe::ControllerAdditions::Controller
|
@@ -0,0 +1,50 @@
|
|
1
|
+
module JustAuthMe
|
2
|
+
class ControllerResources
|
3
|
+
def self.load_on_index(resource, controller, options={}, params={})
|
4
|
+
set_resource_object resource
|
5
|
+
if options[:through]
|
6
|
+
load_parent(options[:through], params, controller)
|
7
|
+
objects = load_parent_nested_resource_collection(resource)
|
8
|
+
controller.instance_variable_set("#{@resource_object.pluralize}", objects)
|
9
|
+
else
|
10
|
+
controller.instance_variable_set("#{@resource_object.pluralize}", resource.all)
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.load_on_create_or_new(resource, controller, options={}, params={})
|
15
|
+
set_resource_object resource
|
16
|
+
if options[:through]
|
17
|
+
load_parent(options[:through], params, controller)
|
18
|
+
created_object = load_parent_nested_resource_collection(resource).new(params[resource.name.underscore.to_sym])
|
19
|
+
controller.instance_variable_set(@resource_object, created_object)
|
20
|
+
else
|
21
|
+
controller.instance_variable_set(@resource_object, resource.new(params[resource.name.underscore.to_sym]))
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.load_by_id(resource, controller, options={}, params={})
|
26
|
+
set_resource_object resource
|
27
|
+
if options[:through]
|
28
|
+
load_parent(options[:through], params, controller)
|
29
|
+
found_object = load_parent_nested_resource_collection(resource).find(params[:id])
|
30
|
+
controller.instance_variable_set(@resource_object, found_object)
|
31
|
+
else
|
32
|
+
controller.instance_variable_set(@resource_object, resource.find(params[:id]))
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
private
|
37
|
+
def self.set_resource_object(resource)
|
38
|
+
@resource_object = "@#{resource.name.underscore}"
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.load_parent(parent_class, params, controller)
|
42
|
+
@parent = parent_class.find(params["#{parent_class.name.underscore}_id"])
|
43
|
+
controller.instance_variable_set("@#{parent_class.name.underscore}", @parent)
|
44
|
+
end
|
45
|
+
|
46
|
+
def self.load_parent_nested_resource_collection(resource)
|
47
|
+
@parent.send("#{resource.name.underscore.pluralize}")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
data/lib/just_auth_me.rb
ADDED
metadata
ADDED
@@ -0,0 +1,105 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: just_auth_me
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.2alpha
|
5
|
+
prerelease: 5
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- André Barbosa
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-09-26 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: rails
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: 3.2.8
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ~>
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 3.2.8
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: rspec-rails
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
37
|
+
version: '0'
|
38
|
+
type: :development
|
39
|
+
prerelease: false
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: '0'
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: sqlite3
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
description: JustAuthMe is a gem to manage authorization in the simplest way possible.
|
63
|
+
Most times you just want to check if an object belongs to the current user, JustAuthMe
|
64
|
+
does just that withou any configuration.
|
65
|
+
email:
|
66
|
+
- albmail88@gmail.com
|
67
|
+
executables: []
|
68
|
+
extensions: []
|
69
|
+
extra_rdoc_files: []
|
70
|
+
files:
|
71
|
+
- lib/just_auth_me/controller_additions.rb
|
72
|
+
- lib/just_auth_me/controller_resources.rb
|
73
|
+
- lib/just_auth_me/exceptions.rb
|
74
|
+
- lib/just_auth_me/version.rb
|
75
|
+
- lib/just_auth_me.rb
|
76
|
+
- lib/tasks/just_auth_me_tasks.rake
|
77
|
+
- MIT-LICENSE
|
78
|
+
- Rakefile
|
79
|
+
- README.md
|
80
|
+
homepage: https://github.com/nata79/just_auth_me
|
81
|
+
licenses: []
|
82
|
+
post_install_message:
|
83
|
+
rdoc_options: []
|
84
|
+
require_paths:
|
85
|
+
- lib
|
86
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
87
|
+
none: false
|
88
|
+
requirements:
|
89
|
+
- - ! '>='
|
90
|
+
- !ruby/object:Gem::Version
|
91
|
+
version: '0'
|
92
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
93
|
+
none: false
|
94
|
+
requirements:
|
95
|
+
- - ! '>'
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: 1.3.1
|
98
|
+
requirements: []
|
99
|
+
rubyforge_project:
|
100
|
+
rubygems_version: 1.8.24
|
101
|
+
signing_key:
|
102
|
+
specification_version: 3
|
103
|
+
summary: JustAuthMe is the most tiny and simple authorization gem for ruby on rails.
|
104
|
+
test_files: []
|
105
|
+
has_rdoc:
|