petergate 1.1.7 → 1.1.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/petergate.rb +2 -156
- data/lib/petergate/action_controller/base.rb +119 -0
- data/lib/petergate/active_record/base.rb +45 -0
- data/lib/petergate/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e874f558d2dba4491ce0df91cd9dd14d97169abd
|
|
4
|
+
data.tar.gz: 5068a8370ec69a9797af8ccb27b3001a2ecd21a7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b26024de4dd6f9a8f5dd223c576be77001bb717a3193dcd17c558d7e4cba65efa5b0160883b192c1ec9f863beb8c943ac91a30dd95332e96c3827328111b1d3d
|
|
7
|
+
data.tar.gz: 10b62d0f11bdc6696152e5092f0be7ff562eca0f21a8000bc44a56e38895d75353d298209561d07d99854d31fade1ed314a62df21eac8307ba95388ca7ac6747
|
data/lib/petergate.rb
CHANGED
|
@@ -1,162 +1,8 @@
|
|
|
1
1
|
require "petergate/version"
|
|
2
2
|
require "petergate/railtie"
|
|
3
|
+
require 'petergate/action_controller/base'
|
|
4
|
+
require 'petergate/active_record/base'
|
|
3
5
|
|
|
4
6
|
module Petergate
|
|
5
|
-
module ControllerMethods
|
|
6
|
-
module ClassMethods
|
|
7
|
-
def const_missing(const_name)
|
|
8
|
-
if [:AllRest, :ALLREST].include?(const_name)
|
|
9
|
-
warn "`AllRest` and `ALLREST` has been deprecated. Use :all instead."
|
|
10
|
-
return ALLRESTDEP
|
|
11
|
-
else
|
|
12
|
-
return super
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
7
|
|
|
16
|
-
def all_actions
|
|
17
|
-
->{self.action_methods.to_a.map(&:to_sym) - [:check_access, :title]}.call
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def except_actions(arr = [])
|
|
21
|
-
all_actions - arr
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def access(rules = {}, &block)
|
|
25
|
-
if block
|
|
26
|
-
b_rules = block.call
|
|
27
|
-
rules = rules.merge(b_rules) if b_rules.is_a?(Hash)
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
instance_eval do
|
|
31
|
-
@_controller_rules = rules
|
|
32
|
-
|
|
33
|
-
def controller_rules
|
|
34
|
-
@_controller_rules
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def inherited(subclass)
|
|
38
|
-
subclass.instance_variable_set("@_controller_rules", instance_variable_get("@_controller_rules"))
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
class_eval do
|
|
43
|
-
def check_access
|
|
44
|
-
permissions(self.class.controller_rules)
|
|
45
|
-
end
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
ALLRESTDEP = [:show, :index, :new, :edit, :update, :create, :destroy]
|
|
51
|
-
|
|
52
|
-
def self.included(base)
|
|
53
|
-
base.extend(ClassMethods)
|
|
54
|
-
base.helper_method :logged_in?, :forbidden!
|
|
55
|
-
base.before_filter do
|
|
56
|
-
unless logged_in?(:admin)
|
|
57
|
-
message= defined?(check_access) ? check_access : true
|
|
58
|
-
if message.is_a?(String) || message == false
|
|
59
|
-
if user_signed_in?
|
|
60
|
-
forbidden! message
|
|
61
|
-
else
|
|
62
|
-
authenticate_user!
|
|
63
|
-
end
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
end
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
def parse_permission_rules(rules)
|
|
70
|
-
rules = rules.inject({}) do |h, (k, v)|
|
|
71
|
-
special_values = case v.class.to_s
|
|
72
|
-
when "Symbol"
|
|
73
|
-
v == :all ? self.class.all_actions : raise("No action for: #{v}")
|
|
74
|
-
when "Hash"
|
|
75
|
-
v[:except].present? ? self.class.except_actions(v[:except]) : raise("Invalid values for except: #{v.values}")
|
|
76
|
-
when "Array"
|
|
77
|
-
v
|
|
78
|
-
else
|
|
79
|
-
raise("No action for: #{v}")
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
h.merge({k => special_values})
|
|
83
|
-
end
|
|
84
|
-
# Allows Array's of keys for he same hash.
|
|
85
|
-
rules.inject({}){|h, (k, v)| k.class == Array ? h.merge(Hash[k.map{|kk| [kk, v]}]) : h.merge(k => v) }
|
|
86
|
-
end
|
|
87
|
-
|
|
88
|
-
def permissions(rules = {all: [:index, :show], customer: [], wiring: []})
|
|
89
|
-
rules = parse_permission_rules(rules)
|
|
90
|
-
case params[:action].to_sym
|
|
91
|
-
when *(rules[:all]) # checks where the action can be seen by :all
|
|
92
|
-
true
|
|
93
|
-
when *(rules[:user]) # checks if the action can be seen for all users
|
|
94
|
-
user_signed_in?
|
|
95
|
-
when *(rules[(user_signed_in? ? current_user.role.to_sym : :all)]) # checks if action can be seen by the current_users role. If the user isn't logged in check if it can be seen by :all
|
|
96
|
-
true
|
|
97
|
-
else
|
|
98
|
-
false
|
|
99
|
-
end
|
|
100
|
-
end
|
|
101
|
-
|
|
102
|
-
def logged_in?(*roles)
|
|
103
|
-
current_user && (roles & current_user.roles).any?
|
|
104
|
-
end
|
|
105
|
-
|
|
106
|
-
def forbidden!(msg = nil)
|
|
107
|
-
respond_to do |format|
|
|
108
|
-
format.any(:js, :json, :xml) { render nothing: true, status: :forbidden }
|
|
109
|
-
format.html do
|
|
110
|
-
destination = current_user.present? ? request.referrer || after_sign_in_path_for(current_user) : root_path
|
|
111
|
-
redirect_to destination, notice: msg || 'Permission Denied'
|
|
112
|
-
end
|
|
113
|
-
end
|
|
114
|
-
end
|
|
115
|
-
end
|
|
116
|
-
|
|
117
|
-
module UserMethods
|
|
118
|
-
def self.included(base)
|
|
119
|
-
base.extend(ClassMethods)
|
|
120
|
-
end
|
|
121
|
-
|
|
122
|
-
module ClassMethods
|
|
123
|
-
def petergate(options = {roles: [:admin]})
|
|
124
|
-
serialize :roles
|
|
125
|
-
after_initialize do
|
|
126
|
-
self[:roles] ||= []
|
|
127
|
-
end
|
|
128
|
-
|
|
129
|
-
instance_eval do
|
|
130
|
-
const_set('ROLES', options[:roles])
|
|
131
|
-
end
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
class_eval do
|
|
135
|
-
def available_roles
|
|
136
|
-
self.class::ROLES
|
|
137
|
-
end
|
|
138
|
-
|
|
139
|
-
def roles=(v)
|
|
140
|
-
self[:roles] = Array(v).map(&:to_sym).to_a.select{|r| r.size > 0 && available_roles.include?(r)}
|
|
141
|
-
end
|
|
142
|
-
|
|
143
|
-
def roles
|
|
144
|
-
self[:roles] + [:user]
|
|
145
|
-
end
|
|
146
|
-
|
|
147
|
-
def role
|
|
148
|
-
roles.first
|
|
149
|
-
end
|
|
150
|
-
end
|
|
151
|
-
end
|
|
152
|
-
end
|
|
153
|
-
end
|
|
154
|
-
end
|
|
155
|
-
|
|
156
|
-
class ActionController::Base
|
|
157
|
-
include Petergate::ControllerMethods
|
|
158
|
-
end
|
|
159
|
-
|
|
160
|
-
class ActiveRecord::Base
|
|
161
|
-
include Petergate::UserMethods
|
|
162
8
|
end
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
module Petergate
|
|
2
|
+
module ActionController
|
|
3
|
+
module Base
|
|
4
|
+
module ClassMethods
|
|
5
|
+
def const_missing(const_name)
|
|
6
|
+
if [:AllRest, :ALLREST].include?(const_name)
|
|
7
|
+
warn "`AllRest` and `ALLREST` has been deprecated. Use :all instead."
|
|
8
|
+
return ALLRESTDEP
|
|
9
|
+
else
|
|
10
|
+
return super
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def all_actions
|
|
15
|
+
->{self.action_methods.to_a.map(&:to_sym) - [:check_access, :title]}.call
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def except_actions(arr = [])
|
|
19
|
+
all_actions - arr
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def access(rules = {}, &block)
|
|
23
|
+
if block
|
|
24
|
+
b_rules = block.call
|
|
25
|
+
rules = rules.merge(b_rules) if b_rules.is_a?(Hash)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
instance_eval do
|
|
29
|
+
@_controller_rules = rules
|
|
30
|
+
|
|
31
|
+
def controller_rules
|
|
32
|
+
@_controller_rules
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def inherited(subclass)
|
|
36
|
+
subclass.instance_variable_set("@_controller_rules", instance_variable_get("@_controller_rules"))
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
class_eval do
|
|
41
|
+
def check_access
|
|
42
|
+
permissions(self.class.controller_rules)
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
ALLRESTDEP = [:show, :index, :new, :edit, :update, :create, :destroy]
|
|
49
|
+
|
|
50
|
+
def self.included(base)
|
|
51
|
+
base.extend(ClassMethods)
|
|
52
|
+
base.helper_method :logged_in?, :forbidden!
|
|
53
|
+
base.before_filter do
|
|
54
|
+
unless logged_in?(:admin)
|
|
55
|
+
message= defined?(check_access) ? check_access : true
|
|
56
|
+
if message.is_a?(String) || message == false
|
|
57
|
+
if user_signed_in?
|
|
58
|
+
forbidden! message
|
|
59
|
+
else
|
|
60
|
+
authenticate_user!
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def parse_permission_rules(rules)
|
|
68
|
+
rules = rules.inject({}) do |h, (k, v)|
|
|
69
|
+
special_values = case v.class.to_s
|
|
70
|
+
when "Symbol"
|
|
71
|
+
v == :all ? self.class.all_actions : raise("No action for: #{v}")
|
|
72
|
+
when "Hash"
|
|
73
|
+
v[:except].present? ? self.class.except_actions(v[:except]) : raise("Invalid values for except: #{v.values}")
|
|
74
|
+
when "Array"
|
|
75
|
+
v
|
|
76
|
+
else
|
|
77
|
+
raise("No action for: #{v}")
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
h.merge({k => special_values})
|
|
81
|
+
end
|
|
82
|
+
# Allows Array's of keys for he same hash.
|
|
83
|
+
rules.inject({}){|h, (k, v)| k.class == Array ? h.merge(Hash[k.map{|kk| [kk, v]}]) : h.merge(k => v) }
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def permissions(rules = {all: [:index, :show], customer: [], wiring: []})
|
|
87
|
+
rules = parse_permission_rules(rules)
|
|
88
|
+
case params[:action].to_sym
|
|
89
|
+
when *(rules[:all]) # checks where the action can be seen by :all
|
|
90
|
+
true
|
|
91
|
+
when *(rules[:user]) # checks if the action can be seen for all users
|
|
92
|
+
user_signed_in?
|
|
93
|
+
when *(rules[(user_signed_in? ? current_user.role.to_sym : :all)]) # checks if action can be seen by the current_users role. If the user isn't logged in check if it can be seen by :all
|
|
94
|
+
true
|
|
95
|
+
else
|
|
96
|
+
false
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
def logged_in?(*roles)
|
|
101
|
+
current_user && (roles & current_user.roles).any?
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def forbidden!(msg = nil)
|
|
105
|
+
respond_to do |format|
|
|
106
|
+
format.any(:js, :json, :xml) { render nothing: true, status: :forbidden }
|
|
107
|
+
format.html do
|
|
108
|
+
destination = current_user.present? ? request.referrer || after_sign_in_path_for(current_user) : root_path
|
|
109
|
+
redirect_to destination, notice: msg || 'Permission Denied'
|
|
110
|
+
end
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
class ActionController::Base
|
|
118
|
+
include Petergate::ActionController::Base
|
|
119
|
+
end
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
module Petergate
|
|
2
|
+
module ActiveRecord
|
|
3
|
+
module Base
|
|
4
|
+
def self.included(base)
|
|
5
|
+
base.extend(ClassMethods)
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
module ClassMethods
|
|
9
|
+
def petergate(options = {roles: [:admin]})
|
|
10
|
+
serialize :roles
|
|
11
|
+
after_initialize do
|
|
12
|
+
self[:roles] ||= []
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
instance_eval do
|
|
16
|
+
const_set('ROLES', options[:roles])
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
class_eval do
|
|
21
|
+
def available_roles
|
|
22
|
+
self.class::ROLES
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def roles=(v)
|
|
26
|
+
self[:roles] = Array(v).map(&:to_sym).to_a.select{|r| r.size > 0 && available_roles.include?(r)}
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def roles
|
|
30
|
+
self[:roles] + [:user]
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def role
|
|
34
|
+
roles.first
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
class ActiveRecord::Base
|
|
44
|
+
include Petergate::ActiveRecord::Base
|
|
45
|
+
end
|
data/lib/petergate/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: petergate
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Isaac Sloan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-08-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -70,6 +70,8 @@ files:
|
|
|
70
70
|
- lib/generators/petergate/install_generator.rb
|
|
71
71
|
- lib/generators/petergate/templates/migrations/add_roles_to_users.rb
|
|
72
72
|
- lib/petergate.rb
|
|
73
|
+
- lib/petergate/action_controller/base.rb
|
|
74
|
+
- lib/petergate/active_record/base.rb
|
|
73
75
|
- lib/petergate/railtie.rb
|
|
74
76
|
- lib/petergate/version.rb
|
|
75
77
|
- lib/templates/rails/scaffold_controller/controller.rb
|