lotus_admin 1.3.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/concerns/lotus_admin/authorization.rb +40 -0
- data/app/controllers/concerns/lotus_admin/filterable_controller.rb +5 -2
- data/app/controllers/lotus_admin/authenticated_controller.rb +1 -1
- data/app/controllers/lotus_admin/resource_controller.rb +22 -2
- data/app/controllers/lotus_admin/users_controller.rb +9 -12
- data/app/helpers/lotus_admin/sidebar_helpers.rb +1 -1
- data/app/policies/lotus_admin/application_policy.rb +51 -0
- data/app/views/lotus_admin/users/_form.html.haml +2 -2
- data/app/views/lotus_admin/users/show.html.haml +8 -8
- data/lib/lotus_admin/configuration.rb +8 -0
- data/lib/lotus_admin/version.rb +1 -1
- data/lib/lotus_admin.rb +1 -0
- metadata +18 -3
- data/app/controllers/concerns/lotus_admin/resourceful_controller.rb +0 -25
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 82eb960c647ff89e930551906a0886cdac56255ea0fe989ab6861cb486f81ca1
|
4
|
+
data.tar.gz: df0111ec129d5ad11c9e01fc40891a5199bead2a68322b186c445842e32d9010
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 72efc100e64e636b9cda77a6f67610e336b2e9445d6081cba2a93006063e18ed060f0e1bc09ee0becd9da07c8820c9d6d49271f1e77d8d222f62e31c77c57b69
|
7
|
+
data.tar.gz: b5539dd34e997fb8c3502a4dc5818a2effc7126ab0ca0b082deef56d5cd3aa2e4bd857fb97cd17c8834e153551631b6fda834e6a9c290684c07ebdaa6163d5f1
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module LotusAdmin
|
2
|
+
module Authorization
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
include Pundit
|
6
|
+
|
7
|
+
class_methods do
|
8
|
+
def policy_class(policy_class_or_name)
|
9
|
+
self._policy_class_name = policy_class_or_name.to_s
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
included do
|
14
|
+
class_attribute :_policy_class_name, instance_accessor: false
|
15
|
+
|
16
|
+
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def pundit_user
|
22
|
+
current_administrator
|
23
|
+
end
|
24
|
+
|
25
|
+
def beginning_of_association_chain
|
26
|
+
chain = super
|
27
|
+
|
28
|
+
if self.class._policy_class_name.present?
|
29
|
+
policy_scope(chain, policy_scope_class: "#{ self.class._policy_class_name }::Scope".constantize)
|
30
|
+
else
|
31
|
+
chain
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def user_not_authorized
|
36
|
+
flash[:alert] = "You are not authorized to perform this action."
|
37
|
+
redirect_to(request.referrer || root_path)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -9,7 +9,6 @@ module LotusAdmin
|
|
9
9
|
self.filters_enabled = false
|
10
10
|
|
11
11
|
class_attribute :_beginning_of_scope_chain, instance_accessor: false
|
12
|
-
beginning_of_scope_chain {}
|
13
12
|
|
14
13
|
let(:filters) { self.class.filters_config }
|
15
14
|
let(:apply_filters?) do
|
@@ -17,7 +16,7 @@ module LotusAdmin
|
|
17
16
|
end
|
18
17
|
|
19
18
|
let(:filters_enabled?) { self.class.filters_enabled }
|
20
|
-
let(:ransack_object) {
|
19
|
+
let(:ransack_object) { beginning_of_association_chain.ransack(params[:q]) }
|
21
20
|
end
|
22
21
|
|
23
22
|
class_methods do
|
@@ -38,6 +37,10 @@ module LotusAdmin
|
|
38
37
|
|
39
38
|
private
|
40
39
|
|
40
|
+
def beginning_of_association_chain
|
41
|
+
instance_exec(&self.class._beginning_of_scope_chain)
|
42
|
+
end
|
43
|
+
|
41
44
|
def end_of_association_chain
|
42
45
|
paginate(ransack_object.result)
|
43
46
|
end
|
@@ -1,9 +1,9 @@
|
|
1
1
|
class LotusAdmin::AuthenticatedController < LotusAdmin::ApplicationController
|
2
2
|
include LotusAdmin::PermittedParams
|
3
3
|
include LotusAdmin::FilterableController
|
4
|
-
include LotusAdmin::ResourcefulController
|
5
4
|
include LotusAdmin::FileStreamer
|
6
5
|
include LotusAdmin::Decorations
|
6
|
+
include LotusAdmin::Authorization
|
7
7
|
|
8
8
|
before_action :authenticate_administrator!
|
9
9
|
around_action :use_user_time_zone, if: :administrator_signed_in?
|
@@ -1,8 +1,20 @@
|
|
1
1
|
class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
2
|
-
|
2
|
+
beginning_of_scope_chain { resource_class.all }
|
3
|
+
|
4
|
+
let(:resource) { beginning_of_association_chain.find(params[:id]) }
|
3
5
|
|
4
6
|
before_action :set_view_paths, only: [:new, :edit, :index, :show]
|
5
7
|
|
8
|
+
def self.manages(model_class)
|
9
|
+
self._resource_class = model_class
|
10
|
+
end
|
11
|
+
|
12
|
+
class_attribute :_resource_class, instance_accessor: false
|
13
|
+
|
14
|
+
let(:menu_identifier) { "#{ resource_class.model_name.route_key }_index" }
|
15
|
+
let(:resource_class) { self.class._resource_class }
|
16
|
+
let(:collection_path) { url_for(resource_class) }
|
17
|
+
|
6
18
|
def new
|
7
19
|
self.resource = build_resource
|
8
20
|
end
|
@@ -25,6 +37,14 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
25
37
|
end
|
26
38
|
end
|
27
39
|
|
40
|
+
def index(&block)
|
41
|
+
respond_to do |format|
|
42
|
+
format.html
|
43
|
+
|
44
|
+
block.call(format) if block.present?
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
28
48
|
def destroy
|
29
49
|
if resource.destroy
|
30
50
|
flash[:notice] = "#{ resource_class.model_name.human } has been removed"
|
@@ -38,7 +58,7 @@ class LotusAdmin::ResourceController < LotusAdmin::AuthenticatedController
|
|
38
58
|
private
|
39
59
|
|
40
60
|
def build_resource(params = {})
|
41
|
-
|
61
|
+
resource_class.new(params)
|
42
62
|
end
|
43
63
|
|
44
64
|
def association_name
|
@@ -1,13 +1,10 @@
|
|
1
1
|
module LotusAdmin
|
2
|
-
class UsersController < LotusAdmin::
|
2
|
+
class UsersController < LotusAdmin::ResourceController
|
3
3
|
manages LotusAdmin.configuration.user_class
|
4
|
-
|
5
|
-
let(:user) { resource_class.find(params[:id]) }
|
4
|
+
policy_class LotusAdmin.configuration.user_class_policy
|
6
5
|
|
7
6
|
permit_params :first_name, :last_name, :email, :time_zone
|
8
7
|
|
9
|
-
beginning_of_scope_chain { resource_class.all }
|
10
|
-
|
11
8
|
filter :first_name
|
12
9
|
filter :last_name
|
13
10
|
filter :email
|
@@ -15,15 +12,15 @@ module LotusAdmin
|
|
15
12
|
filter :last_sign_in_at
|
16
13
|
|
17
14
|
def new
|
18
|
-
self.
|
15
|
+
self.resource = resource_class.new
|
19
16
|
end
|
20
17
|
|
21
18
|
def create
|
22
|
-
self.
|
23
|
-
|
19
|
+
self.resource = resource_class.new(permitted_params)
|
20
|
+
resource.password = Devise.friendly_token.first(8)
|
24
21
|
|
25
|
-
if
|
26
|
-
|
22
|
+
if resource.save
|
23
|
+
resource.send_invited_email_notification
|
27
24
|
|
28
25
|
redirect_to [lotus_admin, resource_class], notice: "Created new #{ resource_class.model_name.human }"
|
29
26
|
else
|
@@ -32,8 +29,8 @@ module LotusAdmin
|
|
32
29
|
end
|
33
30
|
|
34
31
|
def update
|
35
|
-
if
|
36
|
-
redirect_to [lotus_admin,
|
32
|
+
if resource.update(permitted_params)
|
33
|
+
redirect_to [lotus_admin, resource], notice: 'Changes saved'
|
37
34
|
else
|
38
35
|
render :edit
|
39
36
|
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
module LotusAdmin
|
2
|
+
class ApplicationPolicy
|
3
|
+
attr_reader :user, :record
|
4
|
+
|
5
|
+
def initialize(user, record)
|
6
|
+
@user = user
|
7
|
+
@record = record
|
8
|
+
end
|
9
|
+
|
10
|
+
def index?
|
11
|
+
false
|
12
|
+
end
|
13
|
+
|
14
|
+
def show?
|
15
|
+
false
|
16
|
+
end
|
17
|
+
|
18
|
+
def create?
|
19
|
+
false
|
20
|
+
end
|
21
|
+
|
22
|
+
def new?
|
23
|
+
create?
|
24
|
+
end
|
25
|
+
|
26
|
+
def update?
|
27
|
+
false
|
28
|
+
end
|
29
|
+
|
30
|
+
def edit?
|
31
|
+
update?
|
32
|
+
end
|
33
|
+
|
34
|
+
def destroy?
|
35
|
+
false
|
36
|
+
end
|
37
|
+
|
38
|
+
class Scope
|
39
|
+
attr_reader :user, :scope
|
40
|
+
|
41
|
+
def initialize(user, scope)
|
42
|
+
@user = user
|
43
|
+
@scope = scope
|
44
|
+
end
|
45
|
+
|
46
|
+
def resolve
|
47
|
+
scope.all
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
= material_form_for [lotus_admin,
|
1
|
+
= material_form_for [lotus_admin, resource] do |f|
|
2
2
|
.form-inputs
|
3
3
|
= f.input :first_name
|
4
4
|
= f.input :last_name
|
@@ -6,5 +6,5 @@
|
|
6
6
|
= f.input :time_zone, priority: /US/
|
7
7
|
|
8
8
|
.form-actions
|
9
|
-
= material_form_submit(
|
9
|
+
= material_form_submit(resource)
|
10
10
|
= material_form_cancel(lotus_admin.polymorphic_path(resource_class))
|
@@ -2,8 +2,8 @@
|
|
2
2
|
%h2= page_title!("#{ resource_class.model_name.human } Details")
|
3
3
|
|
4
4
|
%ul.actions
|
5
|
-
%li= edit_link(
|
6
|
-
%li= destroy_link(
|
5
|
+
%li= edit_link(resource)
|
6
|
+
%li= destroy_link(resource)
|
7
7
|
|
8
8
|
.card
|
9
9
|
.card-header
|
@@ -13,12 +13,12 @@
|
|
13
13
|
.row
|
14
14
|
.col-sm-6
|
15
15
|
.list-group
|
16
|
-
= panel_attribute(
|
17
|
-
= panel_attribute(
|
18
|
-
= panel_attribute(
|
16
|
+
= panel_attribute(resource, :first_name)
|
17
|
+
= panel_attribute(resource, :last_name)
|
18
|
+
= panel_attribute(resource, :time_zone)
|
19
19
|
|
20
20
|
.col-sm-5
|
21
21
|
.list-group
|
22
|
-
= panel_attribute(
|
23
|
-
= panel_attribute(
|
24
|
-
= I18n.l(
|
22
|
+
= panel_attribute(resource, :email)
|
23
|
+
= panel_attribute(resource, :created_at) do
|
24
|
+
= I18n.l(resource.created_at)
|
@@ -23,5 +23,13 @@ module LotusAdmin
|
|
23
23
|
def user_class
|
24
24
|
@user_class ||= user_class_name.constantize
|
25
25
|
end
|
26
|
+
|
27
|
+
def user_class_policy=(policy_class_or_name)
|
28
|
+
@user_class_policy = policy_class_or_name.to_s
|
29
|
+
end
|
30
|
+
|
31
|
+
def user_class_policy
|
32
|
+
@user_class_policy&.safe_constantize
|
33
|
+
end
|
26
34
|
end
|
27
35
|
end
|
data/lib/lotus_admin/version.rb
CHANGED
data/lib/lotus_admin.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lotus_admin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Millsaps-Brewer
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-03-
|
11
|
+
date: 2020-03-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -240,6 +240,20 @@ dependencies:
|
|
240
240
|
- - ">="
|
241
241
|
- !ruby/object:Gem::Version
|
242
242
|
version: '4.0'
|
243
|
+
- !ruby/object:Gem::Dependency
|
244
|
+
name: pundit
|
245
|
+
requirement: !ruby/object:Gem::Requirement
|
246
|
+
requirements:
|
247
|
+
- - "~>"
|
248
|
+
- !ruby/object:Gem::Version
|
249
|
+
version: '2.1'
|
250
|
+
type: :runtime
|
251
|
+
prerelease: false
|
252
|
+
version_requirements: !ruby/object:Gem::Requirement
|
253
|
+
requirements:
|
254
|
+
- - "~>"
|
255
|
+
- !ruby/object:Gem::Version
|
256
|
+
version: '2.1'
|
243
257
|
- !ruby/object:Gem::Dependency
|
244
258
|
name: pg
|
245
259
|
requirement: !ruby/object:Gem::Requirement
|
@@ -363,13 +377,13 @@ files:
|
|
363
377
|
- app/assets/stylesheets/lotus_admin/components/_filters.scss
|
364
378
|
- app/assets/stylesheets/lotus_admin/components/_forms.scss
|
365
379
|
- app/assets/stylesheets/lotus_admin/components/_tables.scss
|
380
|
+
- app/controllers/concerns/lotus_admin/authorization.rb
|
366
381
|
- app/controllers/concerns/lotus_admin/decorations.rb
|
367
382
|
- app/controllers/concerns/lotus_admin/devise_controllers.rb
|
368
383
|
- app/controllers/concerns/lotus_admin/exposure.rb
|
369
384
|
- app/controllers/concerns/lotus_admin/file_streamer.rb
|
370
385
|
- app/controllers/concerns/lotus_admin/filterable_controller.rb
|
371
386
|
- app/controllers/concerns/lotus_admin/permitted_params.rb
|
372
|
-
- app/controllers/concerns/lotus_admin/resourceful_controller.rb
|
373
387
|
- app/controllers/lotus_admin/application_controller.rb
|
374
388
|
- app/controllers/lotus_admin/authenticated_controller.rb
|
375
389
|
- app/controllers/lotus_admin/confirmations_controller.rb
|
@@ -397,6 +411,7 @@ files:
|
|
397
411
|
- app/models/lotus_admin/application_record.rb
|
398
412
|
- app/models/lotus_admin/filters/configuration.rb
|
399
413
|
- app/models/lotus_admin/user.rb
|
414
|
+
- app/policies/lotus_admin/application_policy.rb
|
400
415
|
- app/services/lotus_admin/exporter.rb
|
401
416
|
- app/views/administrators/_links.html.haml
|
402
417
|
- app/views/administrators/confirmations/new.html.haml
|
@@ -1,25 +0,0 @@
|
|
1
|
-
module LotusAdmin::ResourcefulController
|
2
|
-
extend ActiveSupport::Concern
|
3
|
-
|
4
|
-
included do
|
5
|
-
class_attribute :_resource_class, instance_accessor: false
|
6
|
-
|
7
|
-
let(:menu_identifier) { "#{ resource_class.model_name.route_key }_index" }
|
8
|
-
let(:resource_class) { self.class._resource_class }
|
9
|
-
let(:collection_path) { url_for(resource_class) }
|
10
|
-
end
|
11
|
-
|
12
|
-
class_methods do
|
13
|
-
def manages(model_class)
|
14
|
-
self._resource_class = model_class
|
15
|
-
end
|
16
|
-
end
|
17
|
-
|
18
|
-
def index(&block)
|
19
|
-
respond_to do |format|
|
20
|
-
format.html
|
21
|
-
|
22
|
-
block.call(format) if block.present?
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|