load_and_authorize_resource 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +14 -4
  3. data/lib/load_and_authorize_resource.rb +4 -4
  4. metadata +15 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d100862ae9989dca78c691aa64a0d90a6d83a9ba
4
- data.tar.gz: 099554f61664a23b04777e63bde6d72cd6292ca3
3
+ metadata.gz: e5dcb0216895dce147e6106f8f8f30ea84e519e0
4
+ data.tar.gz: 15b05d3b49574eb8d4e59b31f7faeb9db82b104b
5
5
  SHA512:
6
- metadata.gz: 29d9d44c2b79b4819e87ec48fa316ba96231e37a6c31bcc164981bc73e9d1dde159557293bba8ac68652e1b9dd1895b211d0583271aba3926a5492a81abc8084
7
- data.tar.gz: 23eeef62e7a7e65656b54c174ce9d90a0fc3a22c5a1b75b43e11e9170da513c0dde08b853610032abc80a88f8447ecf0975b085bc725c26fd2d5bf5192f02da8
6
+ metadata.gz: 66c790c06f547813a2440dc34886ee7a2ad56381abac9560ad4962f879c45da7d52abc9ff8faf1cb0f5a8bdb23c5be8d3e894a6e99dce6b7db172d474f113407
7
+ data.tar.gz: b59f598952516f1713b52dd81b8077708b8f59e561b0616946c0080d5487982bde25377c9f916bc2bbb99eee921acf289a133ea391d91c8cf1d566eb1a26dc16
data/README.md CHANGED
@@ -1,6 +1,16 @@
1
1
  # Load And Authorize Resource
2
2
 
3
- Auto-loads and authorizes resources in Rails 3 and up.
3
+ Auto-loads and authorizes resources in your resource controllers so you can do this:
4
+
5
+ ```ruby
6
+ class NotesController < ApplicationController
7
+ load_and_authorize_resource
8
+
9
+ def show
10
+ # @note is already loaded and the current_user has authority to view it
11
+ end
12
+ end
13
+ ```
4
14
 
5
15
  This was inspired heavily by functionality in the [CanCan](https://github.com/ryanb/cancan) gem, but built to work mostly independent of any authorization library.
6
16
 
@@ -19,7 +29,7 @@ This library assumes your app follows some (fairly common) conventions:
19
29
  1. Your controller name matches your model name, e.g. "NotesController" for the "Note" model.
20
30
  2. You have a method on your (Application)Controller called `current_user` that returns your User model.
21
31
  3. Your User model has methods like `can_read?`, `can_update?`, `can_delete?`, etc. (This works great with [Authority](https://github.com/nathanl/authority) gem, but naturally can work with any authorization library, given you/it defines those methods.)
22
- 4. You have a method on your controller that returns the resource parameters, e.g. `note_params`. You're probably already doing this if you're using [StrongParameters](https://github.com/rails/strong_parameters) or Rails 4.
32
+ 4. You have a method on your controller that returns the resource parameters, e.g. `note_params`.
23
33
 
24
34
  ## Installing
25
35
 
@@ -64,7 +74,7 @@ For each controller action, `current_user.can_<action>?(@note)` is consulted. If
64
74
 
65
75
  This works very nicely along with the [Authority](https://github.com/nathanl/authority) gem.
66
76
 
67
- If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_resource` and/or `authorize_resource`. Also, each macro accepts the normal before_filter options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
77
+ If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_resource` and/or `authorize_resource`. Also, each macro accepts the normal before_action options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
68
78
 
69
79
  ## Loading and Authorizing the Parent Resource
70
80
 
@@ -98,7 +108,7 @@ class NotesController < ApplicationController
98
108
  end
99
109
  ```
100
110
 
101
- If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_parent` and/or `authorize_parent`. Also, each macro accepts the normal before_filter options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
111
+ If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_parent` and/or `authorize_parent`. Also, each macro accepts the normal before_action options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
102
112
 
103
113
  ### Accessing Children
104
114
 
data/lib/load_and_authorize_resource.rb CHANGED
@@ -117,7 +117,7 @@ module LoadAndAuthorizeResource
117
117
  required = !(options.delete(:shallow) || options.delete(:optional))
118
118
  save_nested_resource_options(:load, names, required: required)
119
119
  define_scope_method(names, options.delete(:children))
120
- before_filter :load_parent, options
120
+ before_action :load_parent, options
121
121
  end
122
122
 
123
123
  # Macro sets a before filter to authorize the parent resource.
@@ -147,7 +147,7 @@ module LoadAndAuthorizeResource
147
147
  required = !(options.delete(:shallow) || options.delete(:optional))
148
148
  permit = options.delete(:permit) || :read
149
149
  save_nested_resource_options(:auth, names, required: required, permit: permit)
150
- before_filter :authorize_parent, options
150
+ before_action :authorize_parent, options
151
151
  end
152
152
 
153
153
  # A convenience method for calling both `load_parent` and `authorize_parent`
@@ -178,7 +178,7 @@ module LoadAndAuthorizeResource
178
178
  options.reverse_merge!(only: [:show, :new, :create, :edit, :update, :destroy])
179
179
  end
180
180
  define_scope_method([], options.delete(:children))
181
- before_filter :load_resource, options
181
+ before_action :load_resource, options
182
182
  end
183
183
 
184
184
  # Checks authorization on the already-loaded resource.
@@ -193,7 +193,7 @@ module LoadAndAuthorizeResource
193
193
  unless options[:only] or options[:except]
194
194
  options.reverse_merge!(only: [:show, :new, :create, :edit, :update, :destroy])
195
195
  end
196
- before_filter :authorize_resource, options
196
+ before_action :authorize_resource, options
197
197
  end
198
198
 
199
199
  # A convenience method for calling both `load_resource` and `authorize_resource`
metadata CHANGED
@@ -1,83 +1,83 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: load_and_authorize_resource
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Morgan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-29 00:00:00.000000000 Z
11
+ date: 2017-08-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: '4.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '>='
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
26
  version: '4.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec-rails
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '>='
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: sqlite3
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '>='
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - '>='
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: yard
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '>='
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
61
  version: '0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '>='
66
+ - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: redcarpet
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '>='
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
75
  version: '0'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '>='
80
+ - - ">="
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
83
  description:
@@ -98,19 +98,18 @@ require_paths:
98
98
  - lib
99
99
  required_ruby_version: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '>='
101
+ - - ">="
102
102
  - !ruby/object:Gem::Version
103
103
  version: '0'
104
104
  required_rubygems_version: !ruby/object:Gem::Requirement
105
105
  requirements:
106
- - - '>='
106
+ - - ">="
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  requirements: []
110
110
  rubyforge_project:
111
- rubygems_version: 2.2.2
111
+ rubygems_version: 2.5.2
112
112
  signing_key:
113
113
  specification_version: 4
114
114
  summary: Auto-loads and authorizes resources in your controllers in Rails 4 and up.
115
115
  test_files: []
116
- has_rdoc: yard