maybee 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +18 -4
- data/lib/maybee/authorization_object.rb +1 -1
- data/lib/maybee/version.rb +1 -1
- metadata +12 -12
data/README.md
CHANGED
|
@@ -52,7 +52,7 @@ allows :to => :drive, :if => :license_plate_valid?, :if_subject => :has_drivers_
|
|
|
52
52
|
|
|
53
53
|
With this declaration, the car would allow any (ruby) object to drive, if the car has a valid license plate and the ruby object responds to `#has_drivers_license?` with a true value.
|
|
54
54
|
|
|
55
|
-
In order to limit the access to instances of a certain class, you can include the desired subject class(es) in the rule
|
|
55
|
+
In order to limit the access to instances of a certain class, you can include the desired subject class(es) in the rule definition:
|
|
56
56
|
|
|
57
57
|
```ruby
|
|
58
58
|
class User < ActiveRecord::Base
|
|
@@ -72,16 +72,16 @@ class Car < ActiveRecord::Base
|
|
|
72
72
|
allows :drivers, :to => :drive, :unless_subject => :drunk?
|
|
73
73
|
end
|
|
74
74
|
```
|
|
75
|
+
This will allow sober drivers to drive, but will reject normal users and drunk drivers.
|
|
75
76
|
|
|
76
77
|
If you do not care for the subject class, you may also write
|
|
77
78
|
|
|
78
79
|
```ruby
|
|
79
80
|
allows_to :drive, :if => ...
|
|
80
81
|
```
|
|
81
|
-
|
|
82
82
|
which is the same as `allows :to => ...`
|
|
83
83
|
|
|
84
|
-
Multiple access rights may be given in the same
|
|
84
|
+
Multiple access rights may be given in the same definition:
|
|
85
85
|
|
|
86
86
|
```ruby
|
|
87
87
|
allows :drivers, :to => [:start, :drive], :if => ...
|
|
@@ -101,7 +101,7 @@ Blocks passed to `:if` and `:unless` are evaluated inside the authorization obje
|
|
|
101
101
|
|
|
102
102
|
### Dealing with nil
|
|
103
103
|
|
|
104
|
-
In most cases, you will want to restrict authorizations to authorized subjects only. So maybee will refuse any access by default if the subject is `nil`. For the special case
|
|
104
|
+
In most cases, you will want to restrict authorizations to authorized subjects only. So maybee will refuse any access by default if the subject is `nil`. For the special case where an access should also be granted if the subject is nil, use the `:allow_nil` option:
|
|
105
105
|
|
|
106
106
|
```ruby
|
|
107
107
|
class Image
|
|
@@ -209,3 +209,17 @@ is equivalent.
|
|
|
209
209
|
### Default authorization subject
|
|
210
210
|
|
|
211
211
|
For more generic implementations the subject argument to `authorize?` and `allow?` can be left out. It will then default to the value of the `authorization_subject` accessor, which should be set before, for example in a `before_filter`.
|
|
212
|
+
|
|
213
|
+
### Inheritance
|
|
214
|
+
|
|
215
|
+
By default, access rules are inherited by subclasses of auth objects. Additional rule definitions on the subclass extend the accesses possible on that class. If you want to redefine an access on a subclass without inheriting the access rules from its superclass, you can use the `exclusive` option:
|
|
216
|
+
|
|
217
|
+
```ruby
|
|
218
|
+
class Foo < ActiveRecord::Base
|
|
219
|
+
allows_to :view, :if => :visible?
|
|
220
|
+
end
|
|
221
|
+
|
|
222
|
+
class SubFoo < Foo
|
|
223
|
+
allows_to :view, :exclusive => true
|
|
224
|
+
end
|
|
225
|
+
```
|
|
@@ -39,7 +39,7 @@ module Maybee
|
|
|
39
39
|
def authorize?(access, subject = authorization_subject)
|
|
40
40
|
errors.clear
|
|
41
41
|
return true if allow?(access, subject)
|
|
42
|
-
defaults = ([ActiveRecord::Base]
|
|
42
|
+
defaults = (self.class.lookup_ancestors + [ActiveRecord::Base]).map do |klass|
|
|
43
43
|
:"#{self.class.i18n_scope}.authorizations.#{klass.model_name.i18n_key}.#{access}"
|
|
44
44
|
end
|
|
45
45
|
key = defaults.shift
|
data/lib/maybee/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: maybee
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,11 +9,11 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-
|
|
12
|
+
date: 2012-07-05 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: i18n
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &2151917600 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '0.5'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *2151917600
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: activerecord
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &2151916880 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ~>
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
version: 3.2.3
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *2151916880
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: activesupport
|
|
38
38
|
requirement: &2151916160 !ruby/object:Gem::Requirement
|
|
@@ -46,7 +46,7 @@ dependencies:
|
|
|
46
46
|
version_requirements: *2151916160
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: sqlite3
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &2151915460 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,10 +54,10 @@ dependencies:
|
|
|
54
54
|
version: '0'
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *2151915460
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: simplecov
|
|
60
|
-
requirement: &
|
|
60
|
+
requirement: &2151914840 !ruby/object:Gem::Requirement
|
|
61
61
|
none: false
|
|
62
62
|
requirements:
|
|
63
63
|
- - ! '>='
|
|
@@ -65,10 +65,10 @@ dependencies:
|
|
|
65
65
|
version: '0'
|
|
66
66
|
type: :development
|
|
67
67
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
68
|
+
version_requirements: *2151914840
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rake
|
|
71
|
-
requirement: &
|
|
71
|
+
requirement: &2151914060 !ruby/object:Gem::Requirement
|
|
72
72
|
none: false
|
|
73
73
|
requirements:
|
|
74
74
|
- - ! '>='
|
|
@@ -76,7 +76,7 @@ dependencies:
|
|
|
76
76
|
version: 0.8.7
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
|
-
version_requirements: *
|
|
79
|
+
version_requirements: *2151914060
|
|
80
80
|
description: A simple, yet flexible approach to model-based authorization
|
|
81
81
|
email: mtgrosser@gmx.net
|
|
82
82
|
executables: []
|