permissioner 0.1.0.beta → 0.1.1.beta
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 283f7e1c48c2fa3ef067f72a57ef99c64b0bee45
|
4
|
+
data.tar.gz: 7d2445b825b484f698f46887dbae818adca3af02
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2e4f293f79ca9bae4d30bf4c8e262f57cba4f7f2920c355b08b894ebaef1058e4bf7c4e0704a448f8c30f343bff1bae332b2075db0364cf53776e99c41429782
|
7
|
+
data.tar.gz: 8699d0ae874e3b08ef9efa448bf8fdb70fdefc32510c2beb5376da705451b63f643228e0d906def191daaa5efcf4491c2e6f95227f0b3ce41569e5785665ffed
|
@@ -5,16 +5,16 @@ module Permissioner
|
|
5
5
|
|
6
6
|
def initialize current_user=nil
|
7
7
|
@current_user = current_user
|
8
|
+
@filters = {}
|
8
9
|
configure_permissions
|
9
10
|
end
|
10
11
|
|
11
12
|
def allow_action?(controller, action, subjects={})
|
12
|
-
allowed =
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
allowed
|
17
|
-
allowed && passed_filters?(controller, action, subjects)
|
13
|
+
allowed = @allow_all
|
14
|
+
if !allowed && @allowed_actions
|
15
|
+
allowed = @allowed_actions[[controller.to_s, action.to_s]] || @allowed_actions[[controller.to_s, 'all']]
|
16
|
+
end
|
17
|
+
allowed && (@allow_all || passed_filters?(controller, action, subjects))
|
18
18
|
end
|
19
19
|
|
20
20
|
def allow_attribute?(resource, attribute)
|
@@ -61,7 +61,8 @@ module Permissioner
|
|
61
61
|
@allowed_actions ||= {}
|
62
62
|
Array(controllers).each do |controller|
|
63
63
|
Array(actions).each do |action|
|
64
|
-
@allowed_actions[[controller.to_s, action.to_s]] =
|
64
|
+
@allowed_actions[[controller.to_s, action.to_s]] = true
|
65
|
+
add_block_to_filters(controller, action, &block) if block_given?
|
65
66
|
end
|
66
67
|
end
|
67
68
|
end
|
@@ -80,11 +81,9 @@ module Permissioner
|
|
80
81
|
|
81
82
|
def add_filter(controllers, actions, &block)
|
82
83
|
raise 'no block given' unless block_given?
|
83
|
-
@filters ||= {}
|
84
84
|
Array(controllers).each do |controller|
|
85
85
|
Array(actions).each do |action|
|
86
|
-
|
87
|
-
@filters[[controller.to_s, action.to_s]] << block
|
86
|
+
add_block_to_filters(controller, action, &block)
|
88
87
|
end
|
89
88
|
end
|
90
89
|
end
|
@@ -113,5 +112,13 @@ module Permissioner
|
|
113
112
|
#
|
114
113
|
def configure_permissions
|
115
114
|
end
|
115
|
+
|
116
|
+
private
|
117
|
+
|
118
|
+
def add_block_to_filters(controller, action, &block)
|
119
|
+
raise 'cannot add filter to :all' if action.to_s == 'all'
|
120
|
+
@filters[[controller.to_s, action.to_s]] ||= []
|
121
|
+
@filters[[controller.to_s, action.to_s]] << block
|
122
|
+
end
|
116
123
|
end
|
117
124
|
end
|
data/lib/permissioner/version.rb
CHANGED
@@ -2,56 +2,55 @@ require 'spec_helper'
|
|
2
2
|
|
3
3
|
describe Permissioner::ControllerAdditions do
|
4
4
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
5
|
+
let(:controller) do
|
6
|
+
controller_class = Class.new
|
7
|
+
controller_class.stub(:helper_method)
|
8
|
+
controller_class.send(:include, Permissioner::ControllerAdditions)
|
9
|
+
controller = controller_class.new
|
10
|
+
controller.stub(:current_user)
|
11
|
+
controller
|
11
12
|
end
|
12
13
|
|
13
14
|
describe '::included' do
|
14
15
|
|
15
|
-
|
16
|
-
@clazz = Class.new
|
17
|
-
end
|
16
|
+
let(:clazz) { Class.new }
|
18
17
|
|
19
18
|
it 'should set view helpers' do
|
20
|
-
|
21
|
-
|
19
|
+
clazz.should_receive(:helper_method).with(:allow_action?, :allow_attribute?, :permission_service)
|
20
|
+
clazz.send(:include, Permissioner::ControllerAdditions)
|
22
21
|
end
|
23
22
|
|
24
23
|
it 'should delegate helper methods to permission servie' do
|
25
|
-
|
26
|
-
|
27
|
-
|
24
|
+
clazz.stub(:helper_method)
|
25
|
+
clazz.should_receive(:delegate).with(:allow_action?, :allow_attribute?, to: :permission_service)
|
26
|
+
clazz.send(:include, Permissioner::ControllerAdditions)
|
28
27
|
end
|
29
28
|
end
|
30
29
|
|
31
|
-
|
32
30
|
describe 'authorize' do
|
33
31
|
|
32
|
+
let(:params) { {controller: 'comments', action: 'index'} }
|
33
|
+
|
34
34
|
before :each do
|
35
|
-
|
36
|
-
|
37
|
-
@controller.stub(:params).and_return(@params)
|
35
|
+
controller.stub(:current_resource).and_return('resource')
|
36
|
+
controller.stub(:params).and_return(params)
|
38
37
|
end
|
39
38
|
|
40
39
|
it 'should call permit_params! if action allwed and filters passed' do
|
41
|
-
|
42
|
-
|
43
|
-
|
40
|
+
controller.permission_service.should_receive(:allow_action?).and_return(true)
|
41
|
+
controller.permission_service.should_receive(:permit_params!).with(params)
|
42
|
+
controller.authorize
|
44
43
|
end
|
45
44
|
|
46
45
|
it 'should call allow_action? with correct parameters' do
|
47
|
-
|
48
|
-
|
46
|
+
controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: params).and_return(true)
|
47
|
+
controller.authorize
|
49
48
|
end
|
50
49
|
|
51
50
|
it 'should raise Permissioner::NotAuthorized when action not allowed' do
|
52
|
-
|
51
|
+
controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: params).and_return(false)
|
53
52
|
expect {
|
54
|
-
|
53
|
+
controller.authorize
|
55
54
|
}.to raise_error Permissioner::NotAuthorized
|
56
55
|
end
|
57
56
|
end
|
@@ -59,31 +58,29 @@ describe Permissioner::ControllerAdditions do
|
|
59
58
|
describe '#permission_service' do
|
60
59
|
|
61
60
|
it 'should return instance of PermissionService' do
|
62
|
-
|
61
|
+
controller.permission_service.class.should eq PermissionService
|
63
62
|
end
|
64
63
|
|
65
64
|
it 'should cache PermissionService instance' do
|
66
|
-
|
67
|
-
permission_service_2 = @controller.permission_service
|
68
|
-
permission_service_1.should eq permission_service_2
|
65
|
+
controller.permission_service.should be controller.permission_service
|
69
66
|
end
|
70
67
|
|
71
68
|
it 'should create PermissionService by calling PermissionService::new' do
|
72
69
|
PermissionService.should_receive(:new)
|
73
|
-
|
70
|
+
controller.permission_service
|
74
71
|
end
|
75
72
|
|
76
73
|
it 'should pass current_user to PermissionService::initialize' do
|
77
|
-
|
74
|
+
controller.should_receive(:current_user).and_return('current_user')
|
78
75
|
PermissionService.should_receive(:new).with('current_user')
|
79
|
-
|
76
|
+
controller.permission_service
|
80
77
|
end
|
81
78
|
end
|
82
79
|
|
83
80
|
describe '#current_resource' do
|
84
81
|
|
85
82
|
it 'should return nil as default' do
|
86
|
-
|
83
|
+
controller.current_resource.should be_nil
|
87
84
|
end
|
88
85
|
end
|
89
86
|
end
|
@@ -25,79 +25,64 @@ describe Permissioner::ServiceAdditions do
|
|
25
25
|
|
26
26
|
describe '#allow_action?' do
|
27
27
|
|
28
|
-
|
29
|
-
permission_service.allow_all
|
30
|
-
permission_service.allow_action?(:comments, :index).should be_true
|
31
|
-
end
|
32
|
-
|
33
|
-
context 'block not given' do
|
28
|
+
context 'filters not given' do
|
34
29
|
|
35
|
-
it 'should return true if
|
30
|
+
it 'should return true if action is allowed' do
|
36
31
|
permission_service.allow_actions :comments, :index
|
37
32
|
permission_service.allow_action?(:comments, :index).should be_true
|
38
33
|
end
|
39
34
|
|
40
|
-
it 'should return true for every action
|
35
|
+
it 'should return true for every action if all actions of controller are allowed' do
|
41
36
|
permission_service.allow_actions :comments, :all
|
42
37
|
permission_service.allow_action?(:comments, :index).should be_true
|
43
38
|
end
|
44
39
|
|
45
|
-
it 'should return true if
|
46
|
-
permission_service.
|
47
|
-
permission_service.allow_actions :comments, :index
|
40
|
+
it 'should return true if allow_all is true' do
|
41
|
+
permission_service.allow_all
|
48
42
|
permission_service.allow_action?(:comments, :index).should be_true
|
49
43
|
end
|
50
44
|
|
51
|
-
it 'should return false if
|
52
|
-
permission_service.allow_action?(:comments, :index).should be_false
|
53
|
-
permission_service.allow_actions :comments, :create
|
54
|
-
permission_service.allow_action?(:comments, :index).should be_false
|
55
|
-
end
|
56
|
-
|
57
|
-
it 'should return false if action is allowed and given filter returns false' do
|
58
|
-
permission_service.add_filter :comments, :index, &Proc.new { false }
|
59
|
-
permission_service.allow_actions :comments, :index
|
45
|
+
it 'should return false if actions is not allowed' do
|
60
46
|
permission_service.allow_action?(:comments, :index).should be_false
|
61
47
|
end
|
62
48
|
end
|
63
49
|
|
64
|
-
context '
|
50
|
+
context 'filters given' do
|
65
51
|
|
66
|
-
it 'should
|
67
|
-
|
68
|
-
|
69
|
-
permission_service.
|
70
|
-
permission_service.allow_action?(:comments, :index, resource: 'resource')
|
52
|
+
it 'should return true if action is allowed and all filters return true' do
|
53
|
+
permission_service.allow_actions :comments, :index, &Proc.new { true }
|
54
|
+
permission_service.add_filter :comments, :index, &Proc.new { true }
|
55
|
+
permission_service.allow_action?(:comments, :index).should be_true
|
71
56
|
end
|
72
57
|
|
73
|
-
it 'should return true
|
74
|
-
|
75
|
-
permission_service.
|
58
|
+
it 'should return true for every action if all actions of controller are allowed and filters return true' do
|
59
|
+
permission_service.allow_actions :comments, :all
|
60
|
+
permission_service.add_filter :comments, :index, &Proc.new { true }
|
76
61
|
permission_service.allow_action?(:comments, :index).should be_true
|
77
62
|
end
|
78
63
|
|
79
|
-
it 'should return true if
|
80
|
-
permission_service.
|
81
|
-
permission_service.allow_actions :comments, :index, &Proc.new {
|
64
|
+
it 'should return true if allow_all is true but filters return false' do
|
65
|
+
permission_service.allow_all
|
66
|
+
permission_service.allow_actions :comments, :index, &Proc.new { false }
|
67
|
+
permission_service.add_filter :comments, :index, &Proc.new { false }
|
82
68
|
permission_service.allow_action?(:comments, :index).should be_true
|
83
69
|
end
|
84
70
|
|
85
|
-
it 'should return false
|
86
|
-
|
87
|
-
permission_service.
|
88
|
-
permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
|
71
|
+
it 'should return false if given action allowed but filters return false' do
|
72
|
+
permission_service.allow_actions :comments, :index, &Proc.new { false }
|
73
|
+
permission_service.allow_action?(:comments, :index).should be_false
|
89
74
|
end
|
90
75
|
|
91
|
-
it 'should return false if
|
92
|
-
permission_service.add_filter :comments, :index, &Proc.new { false }
|
76
|
+
it 'should return false if given action allowed but at least one filter returns false' do
|
93
77
|
permission_service.allow_actions :comments, :index, &Proc.new { true }
|
94
|
-
permission_service.
|
78
|
+
permission_service.add_filter :comments, :index, &Proc.new { false }
|
79
|
+
permission_service.allow_action?(:comments, :index).should be_false
|
95
80
|
end
|
96
81
|
|
97
|
-
it 'should return false if
|
98
|
-
permission_service.
|
99
|
-
permission_service.
|
100
|
-
permission_service.allow_action?(:comments, :index
|
82
|
+
it 'should return false for every action if all actions of controller are allowed but filters return false' do
|
83
|
+
permission_service.allow_actions :comments, :all
|
84
|
+
permission_service.add_filter :comments, :index, &Proc.new { false }
|
85
|
+
permission_service.allow_action?(:comments, :index).should be_false
|
101
86
|
end
|
102
87
|
end
|
103
88
|
|
@@ -215,28 +200,79 @@ describe Permissioner::ServiceAdditions do
|
|
215
200
|
|
216
201
|
describe '#allow_actions' do
|
217
202
|
|
218
|
-
|
219
|
-
|
220
|
-
allowed_actions
|
221
|
-
|
222
|
-
|
223
|
-
|
203
|
+
context 'block not given' do
|
204
|
+
|
205
|
+
it 'should add actions to @allowed_actions when one action is given' do
|
206
|
+
permission_service.allow_actions :comments, :index
|
207
|
+
allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
|
208
|
+
allowed_actions.count.should eq 1
|
209
|
+
allowed_actions[['comments', 'index']].should be_true
|
210
|
+
end
|
211
|
+
|
212
|
+
it 'should add actions to @allowed_actions when multiple actions are given' do
|
213
|
+
permission_service.allow_actions([:comments, :users], [:index, :create])
|
214
|
+
allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
|
215
|
+
allowed_actions.count.should eq 4
|
216
|
+
allowed_actions[['comments', 'index']].should be_true
|
217
|
+
allowed_actions[['comments', 'create']].should be_true
|
218
|
+
allowed_actions[['users', 'index']].should be_true
|
219
|
+
allowed_actions[['users', 'create']].should be_true
|
220
|
+
end
|
224
221
|
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
allowed_actions[['comments', 'create']].should be_true
|
231
|
-
allowed_actions[['users', 'index']].should be_true
|
232
|
-
allowed_actions[['users', 'create']].should be_true
|
222
|
+
it 'should not add any filters' do
|
223
|
+
permission_service.allow_actions :comments, :index
|
224
|
+
filters = permission_service.instance_variable_get(:@filters)
|
225
|
+
filters.count.should eq 0
|
226
|
+
end
|
233
227
|
end
|
234
228
|
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
229
|
+
context 'block given' do
|
230
|
+
|
231
|
+
it 'should add block to @filters one aciton is given' do
|
232
|
+
block = Proc.new {}
|
233
|
+
permission_service.allow_actions :comments, :index, &block
|
234
|
+
filters = permission_service.instance_variable_get(:@filters)
|
235
|
+
filters.count.should eq 1
|
236
|
+
filters[['comments', 'index']].should eq [block]
|
237
|
+
end
|
238
|
+
|
239
|
+
it 'should add block to @filters when multiple actions are given' do
|
240
|
+
block = Proc.new {}
|
241
|
+
permission_service.allow_actions([:comments, :users], [:index, :create], &block)
|
242
|
+
filters = permission_service.instance_variable_get(:@filters)
|
243
|
+
filters.count.should eq 4
|
244
|
+
filters[['comments', 'index']].should eq [block]
|
245
|
+
filters[['comments', 'create']].should eq [block]
|
246
|
+
filters[['users', 'index']].should eq [block]
|
247
|
+
filters[['users', 'create']].should eq [block]
|
248
|
+
end
|
249
|
+
|
250
|
+
it 'should add multiple blocks to @filters fore every actions' do
|
251
|
+
block_1 = Proc.new {}
|
252
|
+
block_2 = Proc.new {}
|
253
|
+
permission_service.allow_actions :comments, :index, &block_1
|
254
|
+
permission_service.allow_actions :comments, :index, &block_2
|
255
|
+
filters = permission_service.instance_variable_get(:@filters)
|
256
|
+
filters.count.should eq 1
|
257
|
+
filters[['comments', 'index']].should eq [block_1, block_2]
|
258
|
+
end
|
259
|
+
|
260
|
+
it 'should add actions to @allowed_actions' do
|
261
|
+
permission_service.allow_actions :comments, :index, &Proc.new {}
|
262
|
+
allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
|
263
|
+
allowed_actions.count.should eq 1
|
264
|
+
allowed_actions[['comments', 'index']].should be_true
|
265
|
+
end
|
266
|
+
|
267
|
+
it 'should raise error if block is given for all actions' do
|
268
|
+
message = 'cannot add filter to :all'
|
269
|
+
expect {
|
270
|
+
permission_service.allow_actions :comments, :all, &Proc.new {}
|
271
|
+
}.to raise_exception message
|
272
|
+
expect {
|
273
|
+
permission_service.allow_actions :comments, 'all', &Proc.new {}
|
274
|
+
}.to raise_exception message
|
275
|
+
end
|
240
276
|
end
|
241
277
|
end
|
242
278
|
|
@@ -298,6 +334,16 @@ describe Permissioner::ServiceAdditions do
|
|
298
334
|
it 'should rails exception when no block given' do
|
299
335
|
expect { permission_service.add_filter(:comments, :index) }.to raise_error('no block given')
|
300
336
|
end
|
337
|
+
|
338
|
+
it 'should raise error if block is given for all actions' do
|
339
|
+
message = 'cannot add filter to :all'
|
340
|
+
expect {
|
341
|
+
permission_service.add_filter :comments, :all, &Proc.new {}
|
342
|
+
}.to raise_exception message
|
343
|
+
expect {
|
344
|
+
permission_service.add_filter :comments, 'all', &Proc.new {}
|
345
|
+
}.to raise_exception message
|
346
|
+
end
|
301
347
|
end
|
302
348
|
|
303
349
|
describe '#clear_filters' do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: permissioner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.1.beta
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Grawunder, Christian Mierich
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-08-
|
11
|
+
date: 2013-08-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|