permission_policy 0.0.4 → 0.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4270c4a66af6696696e86232baff593192682436
4
- data.tar.gz: 99588e8150ce43785cbf0424047ab3ac5a3cbae5
3
+ metadata.gz: cadbc4ee32c7e36250e69cd96ed2bce398e78576
4
+ data.tar.gz: de595ace7d5f9b59a673f7f321cc30c170c32fbe
5
5
  SHA512:
6
- metadata.gz: 9077834201652396ca2655c76b217f902610389fcbd7d9c792d0296da3ca6c00a5355d6a29aa9117e43da817e3f1bb7980aa78ac2d52414ad98bad2336dae35f
7
- data.tar.gz: 409a76941ebc28ed6c455c19c8135f223fff3480ef7516546089d44748df85ab51d0cf54cbb633d2a6817c45a16ed37887461aed52136aaf293e4b94fc5d2dcf
6
+ metadata.gz: a008f46a93ce18c0e4362ab3bc1df6c333ef5f15cf54203e7fbcd366a4e7a2038b8a060b544fc9dbba8df3a7a1866c34d715bab826c8d66022681c7fa567b124
7
+ data.tar.gz: 4141460cc62059eadc6f25b4fdc3f20c2de89e74e950bcbf313e543a2d2159aaa1e0190059a9f274ff65549779a81d5ea21fc245ff723c3da82a64304a5cbf03
data/CHANGELOG.md CHANGED
@@ -1,4 +1,10 @@
1
1
 
2
+ # 0.0.5
3
+
4
+ * [REVERT] the logger was a good idea, but I'm not happy with the implementation
5
+ * [ENHANCEMENT] ensure authorization verification to lock all not permitted actions
6
+
7
+
2
8
  # 0.0.4
3
9
 
4
10
  * [BUGFIX] the debug logger was always enabled
data/README.md CHANGED
@@ -29,7 +29,6 @@ In a Rails App you can configure the gem with simple initializer file under `con
29
29
  ```
30
30
  PermissionPolicy.configure do |c|
31
31
  # c.precondition_attributes = [:current_user] # => default
32
- c.debug_logger = true # => useful for debugging which strategy matched
33
32
  c.strategy_order = [
34
33
  :SuperAdminStrategy,
35
34
  :FeatureStrategy,
@@ -39,6 +38,19 @@ In a Rails App you can configure the gem with simple initializer file under `con
39
38
  end
40
39
  ```
41
40
 
41
+ You can also configure this inside your Application Controller
42
+
43
+ ```
44
+
45
+ class ApplicationController < ActionController::Base
46
+ # ...
47
+ authorize_with :current_user
48
+ verify_authorization! => which will raise an NotVerified Exception if authorized! wasn't called
49
+ # ...
50
+ end
51
+
52
+ ```
53
+
42
54
  The main idea is that strategies decide if they are responsible for authorization.
43
55
  A "base strategy" defines the object API for all strategies which can be
44
56
  used for permission checks. Each strategy should inherit from it and
@@ -1,6 +1,6 @@
1
1
  module PermissionPolicy
2
2
  class Authorization
3
- attr_reader :preconditions
3
+ attr_reader :preconditions, :verified
4
4
 
5
5
  def initialize(context)
6
6
  @preconditions = []
@@ -32,6 +32,7 @@ module PermissionPolicy
32
32
  # end
33
33
  #
34
34
  def authorize!(action, options = {})
35
+ @verified = true
35
36
  !!allowed?(action, options) or raise PermissionPolicy::NotAllowed
36
37
  end
37
38
 
@@ -39,11 +40,7 @@ module PermissionPolicy
39
40
 
40
41
  # Finds the matching strategy which can decide if the action is allowed by lazy checking
41
42
  def strategy_for(*args)
42
- PermissionPolicy.strategies.lazy.map { |klass| Strategies.const_get(klass).new(self, *args) }.find do |s|
43
- s.match?.tap do |match|
44
- PermissionPolicy.log "#{s.class.name} #{match ? 'matched' : 'not matched'}"
45
- end
46
- end
43
+ PermissionPolicy.strategies.lazy.map { |klass| Strategies.const_get(klass).new(self, *args) }.find(&:match?)
47
44
  end
48
45
 
49
46
  def set!(var, value)
@@ -8,12 +8,8 @@ module PermissionPolicy
8
8
  strategy_order || [:UnknownStrategy]
9
9
  end
10
10
 
11
- def log(message)
12
- logging.debug(message) if debug_logger
13
- end
14
-
15
- def logging
16
- logger || Logger.new(STDOUT)
11
+ def verification
12
+ verify_authorization || false
17
13
  end
18
14
  end
19
15
 
@@ -21,7 +17,7 @@ module PermissionPolicy
21
17
  attr_accessor :configuration
22
18
 
23
19
  extend Forwardable
24
- delegate [:preconditions, :strategies, :log] => :config
20
+ delegate [:preconditions, :strategies, :verification] => :config
25
21
 
26
22
  def configure
27
23
  yield(config)
@@ -34,5 +30,9 @@ module PermissionPolicy
34
30
  def authorize_with(*args)
35
31
  configure { |c| c.precondition_attributes = *args }
36
32
  end
33
+
34
+ def verify_authorization!(setting)
35
+ configure { |c| c.verify_authorization = setting }
36
+ end
37
37
  end
38
38
  end
@@ -6,6 +6,10 @@ module PermissionPolicy
6
6
  def authorize_with(*args)
7
7
  PermissionPolicy.authorize_with(*args)
8
8
  end
9
+
10
+ def verify_authorization!(setting = true)
11
+ PermissionPolicy.verify_authorization!(setting)
12
+ end
9
13
  end
10
14
 
11
15
  module InstanceMethods
@@ -15,11 +19,16 @@ module PermissionPolicy
15
19
  helper_method :allowed?
16
20
  delegate :allowed?, to: :permission_policy
17
21
  delegate :authorize!, to: :permission_policy
22
+ after_action -> { verify_authorization if PermissionPolicy.verification }
18
23
  end
19
24
 
20
25
  def permission_policy
21
26
  @permission_policy ||= PermissionPolicy::Authorization.new(self)
22
27
  end
28
+
29
+ def verify_authorization
30
+ raise PermissionPolicy::NotVerified unless @permission_policy.verified
31
+ end
23
32
  end
24
33
  end
25
34
  end
@@ -0,0 +1,7 @@
1
+ module PermissionPolicy
2
+ class NotVerified < StandardError
3
+ def message
4
+ 'authorization not verified'
5
+ end
6
+ end
7
+ end
@@ -1,3 +1,3 @@
1
1
  module PermissionPolicy
2
- VERSION = '0.0.4'
2
+ VERSION = '0.0.5'
3
3
  end
@@ -8,6 +8,7 @@ module PermissionPolicy
8
8
  autoload :Authorization, 'permission_policy/authorization'
9
9
  autoload :MissingPrecondition, 'permission_policy/errors/missing_precondition'
10
10
  autoload :NotAllowed, 'permission_policy/errors/not_allowed'
11
+ autoload :NotVerified, 'permission_policy/errors/not_verified'
11
12
 
12
13
  module Strategies
13
14
  autoload :BaseStrategy, 'permission_policy/strategies/base_strategy'
@@ -2,6 +2,7 @@ require 'action_controller'
2
2
 
3
3
  class MetalTestController < ActionController::Metal
4
4
  include AbstractController::Helpers
5
+ include AbstractController::Callbacks
5
6
  include PermissionPolicy::ControllerAdditions::InstanceMethods
6
7
  extend PermissionPolicy::ControllerAdditions::ClassMethods
7
8
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: permission_policy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.4
4
+ version: 0.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marco Schaden
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-01-23 00:00:00.000000000 Z
12
+ date: 2015-01-30 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -146,6 +146,7 @@ files:
146
146
  - lib/permission_policy/controller_additions.rb
147
147
  - lib/permission_policy/errors/missing_precondition.rb
148
148
  - lib/permission_policy/errors/not_allowed.rb
149
+ - lib/permission_policy/errors/not_verified.rb
149
150
  - lib/permission_policy/railtie.rb
150
151
  - lib/permission_policy/strategies/base_strategy.rb
151
152
  - lib/permission_policy/strategies/unknown_strategy.rb