kojac 0.13.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/assets/javascripts/kojac_ember.js +1 -1
- data/app/controllers/{kojac_base_controller.rb → kojac_front_controller.rb} +3 -1
- data/app/controllers/kojac_front_methods.rb +32 -23
- data/app/policies/concentric_policy.rb +131 -0
- data/app/policies/kojac_base_policy.rb +1 -153
- data/app/serializers/kojac_base_serializer.rb +3 -1
- data/kojac.gemspec +2 -1
- data/lib/kojac/concentric.rb +41 -14
- data/lib/kojac/kojac_controller.rb +7 -0
- data/lib/kojac/kojac_rails.rb +179 -117
- data/lib/kojac/version.rb +1 -1
- data/lib/kojac.rb +6 -1
- data/spec/demo/.generators +8 -0
- data/spec/demo/.rakeTasks +7 -0
- data/spec/demo/.ruby-version +1 -1
- data/spec/demo/Gemfile +7 -2
- data/spec/demo/Gemfile.lock +118 -85
- data/spec/demo/app/policies/user_policy.rb +20 -27
- data/spec/demo/spec/controllers/allowed_fields_spec.rb +8 -8
- data/spec/demo/spec/features/concentric_spec.rb +6 -6
- data/spec/{model_ring_spec.rb → demo/spec/models/model_ring_spec.rb} +8 -22
- data/spec/demo/spec/spec_utils.rb +5 -5
- metadata +40 -7
- data/lib/kojac/kojac_policy.rb +0 -70
data/lib/kojac/kojac_policy.rb
DELETED
|
@@ -1,70 +0,0 @@
|
|
|
1
|
-
#require "pundit/version"
|
|
2
|
-
require "pundit/policy_finder"
|
|
3
|
-
#require "active_support/concern"
|
|
4
|
-
#require "active_support/core_ext/string/inflections"
|
|
5
|
-
#require "active_support/core_ext/object/blank"
|
|
6
|
-
|
|
7
|
-
module Kojac
|
|
8
|
-
#class NotAuthorizedError < StandardError; end
|
|
9
|
-
#class NotDefinedError < StandardError; end
|
|
10
|
-
|
|
11
|
-
extend ActiveSupport::Concern
|
|
12
|
-
|
|
13
|
-
class << self
|
|
14
|
-
def policy_scope(user, scope, op=nil)
|
|
15
|
-
policy = Pundit::PolicyFinder.new(scope).scope
|
|
16
|
-
policy.new(user, scope, op).resolve if policy
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def policy_scope!(user, scope, op=nil)
|
|
20
|
-
Pundit::PolicyFinder.new(scope).scope!.new(user, scope, op).resolve
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def policy(user, record, op=nil)
|
|
24
|
-
scope = Pundit::PolicyFinder.new(record).policy
|
|
25
|
-
scope.new(user, record, op) if scope
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def policy!(user, record, op=nil)
|
|
29
|
-
Pundit::PolicyFinder.new(record).policy!.new(user, record, op)
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
included do
|
|
34
|
-
if respond_to?(:helper_method)
|
|
35
|
-
helper_method :policy_scope
|
|
36
|
-
helper_method :policy
|
|
37
|
-
end
|
|
38
|
-
if respond_to?(:hide_action)
|
|
39
|
-
hide_action :authorize
|
|
40
|
-
hide_action :verify_authorized
|
|
41
|
-
hide_action :verify_policy_scoped
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def verify_authorized
|
|
46
|
-
raise NotAuthorizedError unless @_policy_authorized
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
def verify_policy_scoped
|
|
50
|
-
raise NotAuthorizedError unless @_policy_scoped
|
|
51
|
-
end
|
|
52
|
-
|
|
53
|
-
def authorize(record, query=nil)
|
|
54
|
-
query ||= params[:action].to_s + "?"
|
|
55
|
-
@_policy_authorized = true
|
|
56
|
-
unless policy(record).public_send(query)
|
|
57
|
-
raise NotAuthorizedError, "not allowed to #{query} this #{record}"
|
|
58
|
-
end
|
|
59
|
-
true
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
def policy_scope(scope)
|
|
63
|
-
@_policy_scoped = true
|
|
64
|
-
Pundit::Pundit.policy_scope!(current_user, scope, op)
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
def policy(record)
|
|
68
|
-
Pundit::Pundit.policy!(current_user, record, op)
|
|
69
|
-
end
|
|
70
|
-
end
|