permissions 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +10 -17
- data/lib/permissions.rb +2 -2
- data/test/permissions_test.rb +5 -42
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: febaedd5aee44b64e40764b8044c1266e4413e62
|
4
|
+
data.tar.gz: 610a0827dbdeca1afb0f1fc716fe62161507924b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c56f43cf0c7d08925f7ede8af7991bdd84bb4dd202453d331424c1dee9d3c8501485fc9361d99da174fdec4b44c920d1ad86d76e785808f06b436d9f6e2f51c7
|
7
|
+
data.tar.gz: cac31aa13191afc57cf4e356a3d2e5479a3f8c8d699d5c0df07e0171b79a6b0026801cde56acadebb923d32f04b0d4f1c1dd949fbc5a81867a0c5020b121ef76
|
data/README.md
CHANGED
@@ -33,12 +33,6 @@ class User
|
|
33
33
|
def initialize(permissions)
|
34
34
|
@permissions = permissions
|
35
35
|
end
|
36
|
-
|
37
|
-
# Authorizables must provide their own implementation of "permissions".
|
38
|
-
# An attr_reader would do.
|
39
|
-
def permissions
|
40
|
-
@permissions
|
41
|
-
end
|
42
36
|
end
|
43
37
|
|
44
38
|
class Command
|
@@ -47,13 +41,6 @@ class Command
|
|
47
41
|
def initialize(user)
|
48
42
|
@user = user
|
49
43
|
end
|
50
|
-
|
51
|
-
# Not provided by the library. An advanced example
|
52
|
-
# on how to authorize things like: "Does an object
|
53
|
-
# belong to a particular user?"
|
54
|
-
def authorize?(other)
|
55
|
-
other.authorize_for?(self.class, self)
|
56
|
-
end
|
57
44
|
end
|
58
45
|
|
59
46
|
permissions = Permissions.new
|
@@ -62,9 +49,15 @@ permissions.for(Command) { |user, command| user == command.user }
|
|
62
49
|
|
63
50
|
user = User.new(permissions)
|
64
51
|
|
65
|
-
|
52
|
+
foo = Command.new(user)
|
66
53
|
|
67
|
-
|
68
|
-
```
|
54
|
+
bar = Command.new(nil)
|
69
55
|
|
70
|
-
|
56
|
+
user.authorize_for?(Command, foo) # true
|
57
|
+
|
58
|
+
user.authorize_for?(Command, bar) # false
|
59
|
+
|
60
|
+
permissions.authorize?(Command, user, foo) # true
|
61
|
+
|
62
|
+
permissions.authorize?(Command, user, bar) # false
|
63
|
+
```
|
data/lib/permissions.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
class Permissions
|
2
|
-
VERSION = '0.1.
|
2
|
+
VERSION = '0.1.3'
|
3
3
|
|
4
4
|
module Authorizable
|
5
5
|
def permissions
|
@@ -32,6 +32,6 @@ class Permissions
|
|
32
32
|
end
|
33
33
|
|
34
34
|
def deep_dup(initial_permissions = {})
|
35
|
-
|
35
|
+
self.class.new(initial_permissions.merge(permissions)) { default }
|
36
36
|
end
|
37
37
|
end
|
data/test/permissions_test.rb
CHANGED
@@ -6,12 +6,6 @@ class User
|
|
6
6
|
def initialize(permissions)
|
7
7
|
@permissions = permissions
|
8
8
|
end
|
9
|
-
|
10
|
-
# Authorizables must provide their own implementation of "permissions".
|
11
|
-
# An attr_reader would do.
|
12
|
-
def permissions
|
13
|
-
@permissions
|
14
|
-
end
|
15
9
|
end
|
16
10
|
|
17
11
|
class Command
|
@@ -20,13 +14,6 @@ class Command
|
|
20
14
|
def initialize(user)
|
21
15
|
@user = user
|
22
16
|
end
|
23
|
-
|
24
|
-
# Not provided by the library. An advanced example
|
25
|
-
# on how to authorize things like: "Does an object
|
26
|
-
# belong to a particular user?"
|
27
|
-
def authorize?(other)
|
28
|
-
other.authorize_for?(self.class, self)
|
29
|
-
end
|
30
17
|
end
|
31
18
|
|
32
19
|
class Create < Command
|
@@ -55,14 +42,6 @@ def refute_authorize_for(user, subject)
|
|
55
42
|
assert !user.authorize_for?(subject), "#{user} is authorized for #{subject}, it should not be"
|
56
43
|
end
|
57
44
|
|
58
|
-
def assert_authorize(subject, user)
|
59
|
-
assert subject.authorize?(user), "#{subject} does not authorize #{user}, it should"
|
60
|
-
end
|
61
|
-
|
62
|
-
def refute_authorize(subject, user)
|
63
|
-
assert !subject.authorize?(user), "#{subject} does authorize #{user}, it should not"
|
64
|
-
end
|
65
|
-
|
66
45
|
# Create a Permissions object.
|
67
46
|
guest_permissions = Permissions.new
|
68
47
|
|
@@ -95,37 +74,21 @@ admin_update = Update.new(admin)
|
|
95
74
|
|
96
75
|
admin_delete = Delete.new(admin)
|
97
76
|
|
98
|
-
test
|
77
|
+
test do
|
99
78
|
# Guest
|
100
79
|
assert_authorize_for guest, Create
|
80
|
+
|
101
81
|
refute_authorize_for guest, Update
|
82
|
+
|
102
83
|
refute_authorize_for guest, Delete
|
103
84
|
|
104
85
|
# Member
|
105
86
|
assert_authorize_for member, Create
|
87
|
+
|
106
88
|
assert_authorize_for admin, Create
|
107
89
|
|
108
90
|
# Admin
|
109
91
|
assert_authorize_for admin, Update
|
110
|
-
assert_authorize_for admin, Delete
|
111
|
-
end
|
112
|
-
|
113
|
-
test '#authorize?' do
|
114
|
-
# Guest
|
115
|
-
refute_authorize member_update, guest
|
116
|
-
refute_authorize member_delete, guest
|
117
|
-
refute_authorize admin_update, guest
|
118
|
-
refute_authorize admin_delete, guest
|
119
92
|
|
120
|
-
|
121
|
-
assert_authorize member_update, member
|
122
|
-
assert_authorize member_delete, member
|
123
|
-
refute_authorize admin_update, member
|
124
|
-
refute_authorize admin_delete, member
|
125
|
-
|
126
|
-
# Admin
|
127
|
-
assert_authorize member_update, admin
|
128
|
-
assert_authorize member_delete, admin
|
129
|
-
assert_authorize admin_update, admin
|
130
|
-
assert_authorize admin_delete, admin
|
93
|
+
assert_authorize_for admin, Delete
|
131
94
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: permissions
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Steve Weiss
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-08-
|
11
|
+
date: 2017-08-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: cutest
|