mikldt-authenticates_access 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/lib/authenticates_access.rb +17 -9
- data/mikldt-authenticates_access.gemspec +1 -1
- metadata +1 -1
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.2.
|
|
1
|
+
0.2.2
|
data/lib/authenticates_access.rb
CHANGED
|
@@ -67,6 +67,11 @@ module AuthenticatesAccess
|
|
|
67
67
|
include InstanceMethods
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
+
# Include the instance methods used to implement authentication
|
|
71
|
+
def authenticates_access_with_reads
|
|
72
|
+
include ReadInstanceMethods
|
|
73
|
+
end
|
|
74
|
+
|
|
70
75
|
# Used to require an authentication test to be passed on the accessor
|
|
71
76
|
# before the model may be saved or destroyed. If the test fails, an exception
|
|
72
77
|
# will be thrown. Multiple calls build a chain of tests. If any test
|
|
@@ -99,6 +104,7 @@ module AuthenticatesAccess
|
|
|
99
104
|
def authenticates_reads(options={})
|
|
100
105
|
unless @read_method_list
|
|
101
106
|
authenticates_access
|
|
107
|
+
authenticates_access_with_reads
|
|
102
108
|
#Sadly, no easy way to block reads at this level
|
|
103
109
|
@read_method_list = AuthMethodList.new
|
|
104
110
|
end
|
|
@@ -132,7 +138,7 @@ module AuthenticatesAccess
|
|
|
132
138
|
# Used to specify that a given attribute may only be read if the
|
|
133
139
|
# accessor passes a test. Behaves similarly to authenticates_writes_to
|
|
134
140
|
def authenticates_reads_from(attr, options={})
|
|
135
|
-
|
|
141
|
+
authenticates_access_with_reads
|
|
136
142
|
@read_validation_map ||= {}
|
|
137
143
|
@read_validation_map[attr.to_s] ||= AuthMethodList.new
|
|
138
144
|
@read_validation_map[attr.to_s].add_method(options)
|
|
@@ -342,14 +348,6 @@ module AuthenticatesAccess
|
|
|
342
348
|
end
|
|
343
349
|
end
|
|
344
350
|
|
|
345
|
-
# Overload of read_attribute to filter data access
|
|
346
|
-
def read_attribute(name)
|
|
347
|
-
@bypass_auth ||= false
|
|
348
|
-
if @bypass_auth || allowed_to_read_from(name)
|
|
349
|
-
super(name)
|
|
350
|
-
end
|
|
351
|
-
end
|
|
352
|
-
|
|
353
351
|
# This method may be used to determine if the current accessor may write
|
|
354
352
|
# to a given attribute. Returns true if so, false otherwise.
|
|
355
353
|
def allowed_to_write(name)
|
|
@@ -403,6 +401,16 @@ module AuthenticatesAccess
|
|
|
403
401
|
end
|
|
404
402
|
end
|
|
405
403
|
|
|
404
|
+
module ReadInstanceMethods
|
|
405
|
+
# Overload of read_attribute to filter data access
|
|
406
|
+
def read_attribute(name)
|
|
407
|
+
@bypass_auth ||= false
|
|
408
|
+
if @bypass_auth || allowed_to_read_from(name)
|
|
409
|
+
super(name)
|
|
410
|
+
end
|
|
411
|
+
end
|
|
412
|
+
end
|
|
413
|
+
|
|
406
414
|
module Ownership
|
|
407
415
|
# This method implements a simple test: whether the object is owned by
|
|
408
416
|
# the accessor. See has_owner in ClassMethods. Note that new records,
|