lockdown 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. data/History.txt +3 -0
  2. data/lib/lockdown/controller.rb +4 -3
  3. data/lib/lockdown/version.rb +1 -1
  4. data/lib/lockdown/view.rb +21 -14
  5. metadata +1 -1
data/History.txt CHANGED
@@ -1,3 +1,6 @@
1
+ == 0.4.3 2008-05-08
2
+ * Fixed: broken show (and destroy) permission test. also reduced calls to polymorphic path by generating the url once
3
+
1
4
  == 0.4.2 2008-05-08
2
5
  * Fixed: broken link_to functionality.
3
6
 
data/lib/lockdown/controller.rb CHANGED
@@ -177,10 +177,11 @@ module Lockdown
177
177
  end
178
178
  end
179
179
 
180
- # Test to see if using a get method (show)
181
- path += "/show" if path.split("/").last.to_i > 0
180
+ # Test to see if url contains id
181
+ parts = path.split("/").collect{|p| p unless p =~ /\A\d+\z/}.compact
182
+ new_path = parts.join("/")
182
183
 
183
- return true if path_allowed?(path)
184
+ return true if path_allowed?(new_path)
184
185
 
185
186
  return false
186
187
  end
data/lib/lockdown/version.rb CHANGED
@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 0
4
4
  MINOR = 4
5
- TINY = 2
5
+ TINY = 3
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
8
8
  end
data/lib/lockdown/view.rb CHANGED
@@ -39,9 +39,10 @@ module Lockdown
39
39
  end
40
40
 
41
41
  def link_to_secured(name, options = {}, html_options = nil)
42
- url = lock_down_url(options, html_options)
43
- if authorized? url
44
- return link_to_open(name,options,html_options)
42
+ # Don't want to go through the polymorphic test twice
43
+ url = real_url(options, html_options)
44
+ if authorized? test_path(url, html_options)
45
+ return link_to_open(name, url, html_options)
45
46
  end
46
47
  return ""
47
48
  end
@@ -52,24 +53,30 @@ module Lockdown
52
53
  end
53
54
 
54
55
  def button_to_secured(name, options = {}, html_options = nil)
55
- url = lock_down_url(options, html_options)
56
- if authorized? url
57
- return button_to_open(name,options,html_options)
56
+ url = real_url(options, html_options)
57
+ if authorized? test_path(url,html_options)
58
+ return button_to_open(name,url,html_options)
58
59
  end
59
60
  return ""
60
61
  end
61
62
 
62
63
  private
63
64
 
64
- def lock_down_url(options, html_options = {})
65
- return options unless options.respond_to?(:new_record?)
66
- p = polymorphic_path(options)
67
- if html_options.is_a?(Hash) && html_options[:method] == :delete
68
- p += "/destroy"
69
- elsif p.split("/").last.to_i > 0
70
- p += "/show"
65
+ def real_url(options, html_options = {})
66
+ unless options.respond_to?(:new_record?)
67
+ options
68
+ else
69
+ polymorphic_path(options)
70
+ end
71
+ end
72
+
73
+ def test_path(url, html_options)
74
+ if url.split("/").last.to_i > 0
75
+ url += "/show"
76
+ elsif html_options.is_a?(Hash) && html_options[:method] == :delete
77
+ url += "/destroy"
71
78
  end
72
- return p
79
+ url
73
80
  end
74
81
  end # Rails
75
82
  end # View
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Stone