load_and_authorize_resource 0.4.0 → 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +14 -4
  3. data/lib/load_and_authorize_resource.rb +4 -4
  4. metadata +15 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d100862ae9989dca78c691aa64a0d90a6d83a9ba
4
- data.tar.gz: 099554f61664a23b04777e63bde6d72cd6292ca3
3
+ metadata.gz: e5dcb0216895dce147e6106f8f8f30ea84e519e0
4
+ data.tar.gz: 15b05d3b49574eb8d4e59b31f7faeb9db82b104b
5
5
  SHA512:
6
- metadata.gz: 29d9d44c2b79b4819e87ec48fa316ba96231e37a6c31bcc164981bc73e9d1dde159557293bba8ac68652e1b9dd1895b211d0583271aba3926a5492a81abc8084
7
- data.tar.gz: 23eeef62e7a7e65656b54c174ce9d90a0fc3a22c5a1b75b43e11e9170da513c0dde08b853610032abc80a88f8447ecf0975b085bc725c26fd2d5bf5192f02da8
6
+ metadata.gz: 66c790c06f547813a2440dc34886ee7a2ad56381abac9560ad4962f879c45da7d52abc9ff8faf1cb0f5a8bdb23c5be8d3e894a6e99dce6b7db172d474f113407
7
+ data.tar.gz: b59f598952516f1713b52dd81b8077708b8f59e561b0616946c0080d5487982bde25377c9f916bc2bbb99eee921acf289a133ea391d91c8cf1d566eb1a26dc16
data/README.md CHANGED
@@ -1,6 +1,16 @@
1
1
  # Load And Authorize Resource
2
2
 
3
- Auto-loads and authorizes resources in Rails 3 and up.
3
+ Auto-loads and authorizes resources in your resource controllers so you can do this:
4
+
5
+ ```ruby
6
+ class NotesController < ApplicationController
7
+ load_and_authorize_resource
8
+
9
+ def show
10
+ # @note is already loaded and the current_user has authority to view it
11
+ end
12
+ end
13
+ ```
4
14
 
5
15
  This was inspired heavily by functionality in the [CanCan](https://github.com/ryanb/cancan) gem, but built to work mostly independent of any authorization library.
6
16
 
@@ -19,7 +29,7 @@ This library assumes your app follows some (fairly common) conventions:
19
29
  1. Your controller name matches your model name, e.g. "NotesController" for the "Note" model.
20
30
  2. You have a method on your (Application)Controller called `current_user` that returns your User model.
21
31
  3. Your User model has methods like `can_read?`, `can_update?`, `can_delete?`, etc. (This works great with [Authority](https://github.com/nathanl/authority) gem, but naturally can work with any authorization library, given you/it defines those methods.)
22
- 4. You have a method on your controller that returns the resource parameters, e.g. `note_params`. You're probably already doing this if you're using [StrongParameters](https://github.com/rails/strong_parameters) or Rails 4.
32
+ 4. You have a method on your controller that returns the resource parameters, e.g. `note_params`.
23
33
 
24
34
  ## Installing
25
35
 
@@ -64,7 +74,7 @@ For each controller action, `current_user.can_<action>?(@note)` is consulted. If
64
74
 
65
75
  This works very nicely along with the [Authority](https://github.com/nathanl/authority) gem.
66
76
 
67
- If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_resource` and/or `authorize_resource`. Also, each macro accepts the normal before_filter options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
77
+ If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_resource` and/or `authorize_resource`. Also, each macro accepts the normal before_action options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
68
78
 
69
79
  ## Loading and Authorizing the Parent Resource
70
80
 
@@ -98,7 +108,7 @@ class NotesController < ApplicationController
98
108
  end
99
109
  ```
100
110
 
101
- If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_parent` and/or `authorize_parent`. Also, each macro accepts the normal before_filter options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
111
+ If you don't wish to authorize, or if you wish to do the loading yourself, you can just call `load_parent` and/or `authorize_parent`. Also, each macro accepts the normal before_action options such as `:only` and `:except` if you wish to only apply the filters to certain actions.
102
112
 
103
113
  ### Accessing Children
104
114
 
data/lib/load_and_authorize_resource.rb CHANGED
@@ -117,7 +117,7 @@ module LoadAndAuthorizeResource
117
117
  required = !(options.delete(:shallow) || options.delete(:optional))
118
118
  save_nested_resource_options(:load, names, required: required)
119
119
  define_scope_method(names, options.delete(:children))
120
- before_filter :load_parent, options
120
+ before_action :load_parent, options
121
121
  end
122
122
 
123
123
  # Macro sets a before filter to authorize the parent resource.
@@ -147,7 +147,7 @@ module LoadAndAuthorizeResource
147
147
  required = !(options.delete(:shallow) || options.delete(:optional))
148
148
  permit = options.delete(:permit) || :read
149
149
  save_nested_resource_options(:auth, names, required: required, permit: permit)
150
- before_filter :authorize_parent, options
150
+ before_action :authorize_parent, options
151
151
  end
152
152
 
153
153
  # A convenience method for calling both `load_parent` and `authorize_parent`
@@ -178,7 +178,7 @@ module LoadAndAuthorizeResource
178
178
  options.reverse_merge!(only: [:show, :new, :create, :edit, :update, :destroy])
179
179
  end
180
180
  define_scope_method([], options.delete(:children))
181
- before_filter :load_resource, options
181
+ before_action :load_resource, options
182
182
  end
183
183
 
184
184
  # Checks authorization on the already-loaded resource.
@@ -193,7 +193,7 @@ module LoadAndAuthorizeResource
193
193
  unless options[:only] or options[:except]
194
194
  options.reverse_merge!(only: [:show, :new, :create, :edit, :update, :destroy])
195
195
  end
196
- before_filter :authorize_resource, options
196
+ before_action :authorize_resource, options
197
197
  end
198
198
 
199
199
  # A convenience method for calling both `load_resource` and `authorize_resource`
metadata CHANGED
@@ -1,83 +1,83 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: load_and_authorize_resource
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Morgan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-29 00:00:00.000000000 Z
11
+ date: 2017-08-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: '4.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '>='
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
26
  version: '4.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec-rails
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '>='
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: sqlite3
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '>='
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - '>='
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: yard
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '>='
59
+ - - ">="
60
60
  - !ruby/object:Gem::Version
61
61
  version: '0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '>='
66
+ - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: redcarpet
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '>='
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
75
  version: '0'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '>='
80
+ - - ">="
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
83
  description:
@@ -98,19 +98,18 @@ require_paths:
98
98
  - lib
99
99
  required_ruby_version: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '>='
101
+ - - ">="
102
102
  - !ruby/object:Gem::Version
103
103
  version: '0'
104
104
  required_rubygems_version: !ruby/object:Gem::Requirement
105
105
  requirements:
106
- - - '>='
106
+ - - ">="
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  requirements: []
110
110
  rubyforge_project:
111
- rubygems_version: 2.2.2
111
+ rubygems_version: 2.5.2
112
112
  signing_key:
113
113
  specification_version: 4
114
114
  summary: Auto-loads and authorizes resources in your controllers in Rails 4 and up.
115
115
  test_files: []
116
- has_rdoc: yard