mongoid_ability 0.3.8 → 0.3.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8f068e6315f26aa262a2e85aaa2d533028b284f8
|
4
|
+
data.tar.gz: 22a58ce215e9fc9982c23e3ebef2a03642a60f29
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0823e671b6f4f9bc4e500fe83a0bb39502f26106012bd011be9dfea71ea71083b0936bbe6a24417467e7a56bffa7f85c28d86031e3a62ec58341e632cc0f6783
|
7
|
+
data.tar.gz: 2f416fbeecb89078b0846c9bb4a9084aad1db0c4c3b7c3c976ea5e40b7c00840949b783d45ea88da65d5cf181ad64094c2293eb482c05e9c9208ff71d9a55b98
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -43,10 +43,10 @@ end
|
|
43
43
|
|
44
44
|
This class defines a permission itself using the following fields:
|
45
45
|
|
46
|
-
`:subject_type, type: String`
|
47
|
-
`:subject_id, type: Moped::BSON::ObjectId`
|
48
|
-
`:action, type: Symbol, default: :read`
|
49
|
-
`:outcome, type: Boolean, default: false`
|
46
|
+
`:subject_type, type: String`
|
47
|
+
`:subject_id, type: Moped::BSON::ObjectId`
|
48
|
+
`:action, type: Symbol, default: :read`
|
49
|
+
`:outcome, type: Boolean, default: false`
|
50
50
|
|
51
51
|
These fields define what subject (respectively subject type, when referring to a class) the lock applies to, which action it is defined for (for example `:read`), and whether the outcome is positive or negative.
|
52
52
|
|
@@ -81,6 +81,12 @@ end
|
|
81
81
|
|
82
82
|
The subject classes can be subclassed. Subclasses inherit the default locks (unless they override them), the resulting outcome being correctly calculated bottom-up the superclass chain.
|
83
83
|
|
84
|
+
Additionally the locks can be converted to Mongoid criteria:
|
85
|
+
|
86
|
+
```ruby
|
87
|
+
MySubject.accessible_by(ability, :read)
|
88
|
+
```
|
89
|
+
|
84
90
|
### Owner
|
85
91
|
|
86
92
|
This `Ability` class supports two levels of inheritance (for example User and its Roles). The locks can be either embedded (via `.embeds_many`) or associated (via `.has_many`). Make sure to include the `as: :owner` option.
|
@@ -7,16 +7,16 @@ module MongoidAbility
|
|
7
7
|
attr_reader :owner
|
8
8
|
|
9
9
|
def self.subject_classes
|
10
|
-
Object.descendants.select{ |cls| cls.included_modules.include?(MongoidAbility::Subject) }
|
10
|
+
Object.descendants.select { |cls| cls.included_modules.include?(MongoidAbility::Subject) }
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.subject_root_classes
|
14
|
-
subject_classes.reject{ |cls| cls.superclass.included_modules.include?(MongoidAbility::Subject) }
|
14
|
+
subject_classes.reject { |cls| cls.superclass.included_modules.include?(MongoidAbility::Subject) }
|
15
15
|
end
|
16
16
|
|
17
17
|
# =====================================================================
|
18
18
|
|
19
|
-
def initialize
|
19
|
+
def initialize(owner)
|
20
20
|
@owner = owner
|
21
21
|
|
22
22
|
can do |action, subject_type, subject, options|
|
@@ -26,7 +26,7 @@ module MongoidAbility
|
|
26
26
|
|
27
27
|
subject_class.self_and_ancestors_with_default_locks.each do |cls|
|
28
28
|
outcome = ResolveInheritedLocks.call(owner, action, cls, subject, options)
|
29
|
-
break
|
29
|
+
break unless outcome.nil?
|
30
30
|
end
|
31
31
|
|
32
32
|
outcome
|
@@ -40,11 +40,13 @@ module MongoidAbility
|
|
40
40
|
# .select(¤t_ability.can_update)
|
41
41
|
# .select(¤t_ability.can_destroy)
|
42
42
|
# etc.
|
43
|
-
|
43
|
+
#
|
44
|
+
# TODO: allow to pass options .select(¤t_ability.can_read(my_option: false))
|
45
|
+
#
|
46
|
+
def method_missing(name, *args)
|
44
47
|
return super unless name.to_s =~ /\A(can|cannot)_/
|
45
48
|
return unless action = name.to_s.gsub(/\A(can|cannot)_/, '').to_sym
|
46
|
-
name =~ /can_/ ?
|
49
|
+
name =~ /can_/ ? ->(doc) { can? action, doc } : ->(doc) { cannot? action, doc }
|
47
50
|
end
|
48
|
-
|
49
51
|
end
|
50
52
|
end
|
@@ -4,6 +4,10 @@ module MongoidAbility
|
|
4
4
|
new(*args).call
|
5
5
|
end
|
6
6
|
|
7
|
+
def initialize(base_class, ability, action, options = {})
|
8
|
+
super(base_class, ability, action, options)
|
9
|
+
end
|
10
|
+
|
7
11
|
# =====================================================================
|
8
12
|
|
9
13
|
def call
|
@@ -17,18 +21,18 @@ module MongoidAbility
|
|
17
21
|
private # =============================================================
|
18
22
|
|
19
23
|
def closed_types_condition
|
20
|
-
{
|
24
|
+
{ type_key => { '$nin' => values.closed_types.uniq } }
|
21
25
|
end
|
22
26
|
|
23
27
|
def open_types_and_ids_condition
|
24
28
|
{
|
25
|
-
|
26
|
-
|
29
|
+
type_key => { '$in' => values.open_types_and_ids.map(&:type).uniq },
|
30
|
+
id_key => { '$in' => values.open_types_and_ids.map(&:id).uniq }
|
27
31
|
}
|
28
32
|
end
|
29
33
|
|
30
34
|
def closed_ids_condition
|
31
|
-
{
|
35
|
+
{ id_key => { '$nin' => values.closed_ids.uniq } }
|
32
36
|
end
|
33
37
|
|
34
38
|
# ---------------------------------------------------------------------
|
@@ -42,5 +46,19 @@ module MongoidAbility
|
|
42
46
|
def base_class_superclass
|
43
47
|
@base_class_superclass ||= (base_class.ancestors_with_default_locks.last || base_class)
|
44
48
|
end
|
49
|
+
|
50
|
+
# ---------------------------------------------------------------------
|
51
|
+
|
52
|
+
def prefix
|
53
|
+
options.fetch(:prefix, nil)
|
54
|
+
end
|
55
|
+
|
56
|
+
def id_key
|
57
|
+
[prefix, '_id'].reject(&:blank?).join.to_sym
|
58
|
+
end
|
59
|
+
|
60
|
+
def type_key
|
61
|
+
[prefix, '_type'].reject(&:blank?).join.to_sym
|
62
|
+
end
|
45
63
|
end
|
46
64
|
end
|
@@ -18,6 +18,11 @@ module MongoidAbility
|
|
18
18
|
subject.must_be_kind_of Mongoid::Criteria
|
19
19
|
end
|
20
20
|
|
21
|
+
it 'allows to pass prefix' do
|
22
|
+
skip 'not sure how to best test this'
|
23
|
+
selector = AccessibleQueryBuilder.call(base_class, ability, action, prefix: :foo).selector
|
24
|
+
end
|
25
|
+
|
21
26
|
# ---------------------------------------------------------------------
|
22
27
|
|
23
28
|
describe 'closed_types' do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mongoid_ability
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tomáš Celizna
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-05-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: cancancan
|