passpartu 1.1.1 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +19 -1
- data/lib/passpartu/block_verify.rb +10 -0
- data/lib/passpartu/validate_result.rb +7 -6
- data/lib/passpartu/verify.rb +4 -6
- data/lib/passpartu/version.rb +1 -1
- data/lib/passpartu.rb +2 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1a282e26dea8142a8ad36151367612a9bfbc3ad0e4c116d87343e93f7e8301a9
|
4
|
+
data.tar.gz: 0dc7b495c6b574a3ca83328e1014e948cbf2993b9fe97cbed192cfb0756b91a6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 73f3c5177366551d7101dd0873e17c6f13dd76b5fb682c0b6b55f07514c9329c728f4e1c5f83c136c7875f5b59968278ad86707010a8b5874b5f4ffdcc386071
|
7
|
+
data.tar.gz: 43ac9dcdc2d90c3db00e781277abdd544a748cab17a2548de57a6d206d1605302cf93e7a9ab90ddb390f90a2bd8878d92663fd363c99017f4bbe3bc4444f90c8
|
data/README.md
CHANGED
@@ -87,7 +87,6 @@ It's possible to use `crud` key to set values for `create`, `read`, `update`, `d
|
|
87
87
|
|
88
88
|
In case `crud: true` and `delete: false` - result `false`
|
89
89
|
|
90
|
-
|
91
90
|
### Only
|
92
91
|
|
93
92
|
It's possible to include specific roles to checks
|
@@ -160,6 +159,25 @@ Check user roles AND policy rule
|
|
160
159
|
user_agent.agent_can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
|
161
160
|
```
|
162
161
|
|
162
|
+
### 'Maybe' option
|
163
|
+
|
164
|
+
Option 'maybe' means that user can do something if the block returns true. In this case block is required
|
165
|
+
and error is raised when option is maybe and no block given.
|
166
|
+
|
167
|
+
```yml
|
168
|
+
manager:
|
169
|
+
products:
|
170
|
+
create: true
|
171
|
+
delete: false
|
172
|
+
bookings:
|
173
|
+
update: maybe
|
174
|
+
```
|
175
|
+
|
176
|
+
```ruby
|
177
|
+
manager.can?(:bookings, :update) # raises error
|
178
|
+
manager.can?(:bookings, :update) { user.bookings.include?(booking) } # returns true or false
|
179
|
+
```
|
180
|
+
|
163
181
|
### Waterfall check
|
164
182
|
|
165
183
|
Allow or restrict absolutely everything for particular role or/and particular domain.
|
@@ -2,11 +2,21 @@
|
|
2
2
|
|
3
3
|
module Passpartu
|
4
4
|
class BlockVerify < ::Passpartu::Verify
|
5
|
+
class BlockMissedError < StandardError; end
|
6
|
+
MAYBE_VALUE = 'maybe'
|
7
|
+
|
5
8
|
def call
|
6
9
|
policy_result = super
|
10
|
+
raise BlockMissedError, "Block is required for 'maybe' allowed resource" if maybe? && block.nil?
|
7
11
|
return policy_result if block.nil?
|
8
12
|
|
9
13
|
policy_result && block.call
|
10
14
|
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def maybe?
|
19
|
+
result == MAYBE_VALUE
|
20
|
+
end
|
11
21
|
end
|
12
22
|
end
|
@@ -3,6 +3,7 @@
|
|
3
3
|
module Passpartu
|
4
4
|
class ValidateResult
|
5
5
|
class PolicyMissedError < StandardError; end
|
6
|
+
class InvalidResultError < StandardError; end
|
6
7
|
|
7
8
|
attr_reader :result
|
8
9
|
|
@@ -15,20 +16,20 @@ module Passpartu
|
|
15
16
|
end
|
16
17
|
|
17
18
|
def call
|
18
|
-
raise PolicyMissedError if
|
19
|
-
return false
|
19
|
+
raise PolicyMissedError if raise_policy_missed_error?
|
20
|
+
return false if result_not_defined?
|
20
21
|
|
21
22
|
result
|
22
23
|
end
|
23
24
|
|
24
25
|
private
|
25
26
|
|
26
|
-
def
|
27
|
-
|
27
|
+
def raise_policy_missed_error?
|
28
|
+
result_not_defined? && Passpartu.config.raise_policy_missed_error
|
28
29
|
end
|
29
30
|
|
30
|
-
def
|
31
|
-
|
31
|
+
def result_not_defined?
|
32
|
+
result.nil? || result.is_a?(Hash)
|
32
33
|
end
|
33
34
|
end
|
34
35
|
end
|
data/lib/passpartu/verify.rb
CHANGED
@@ -31,12 +31,10 @@ module Passpartu
|
|
31
31
|
|
32
32
|
validate_result
|
33
33
|
rescue StandardError => e
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
raise e
|
39
|
-
end
|
34
|
+
raise e unless ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
|
35
|
+
|
36
|
+
raise WaterfallError,
|
37
|
+
"Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
|
40
38
|
end
|
41
39
|
|
42
40
|
private
|
data/lib/passpartu/version.rb
CHANGED
data/lib/passpartu.rb
CHANGED
@@ -83,6 +83,8 @@ module Passpartu
|
|
83
83
|
value.define_singleton_method(:dig) { |*_keys| true }
|
84
84
|
when false
|
85
85
|
value.define_singleton_method(:dig) { |*_keys| false }
|
86
|
+
when 'maybe'
|
87
|
+
value.define_singleton_method(:dig) { |*_keys| 'maybe' }
|
86
88
|
else
|
87
89
|
patch_policy_booleans_if(value)
|
88
90
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: passpartu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OrestF
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-05-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|