portier 1.0.3 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile +2 -0
- data/README.md +9 -1
- data/lib/portier/application_permission.rb +6 -2
- data/lib/portier/base.rb +4 -1
- data/lib/portier/implants/action_controller_implant.rb +1 -1
- data/portier.gemspec +7 -7
- data/spec/controllers/application_controller_spec.rb +15 -12
- data/spec/portier/application_permission_spec.rb +2 -1
- data/spec/portier/view_tags_permission_spec.rb +4 -4
- data/spec/spec_helper.rb +4 -3
- data/spec/support/views_helper.rb +4 -2
- metadata +22 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 6c67c0d7cb06502c7bfa625bfb032b297ce6e8449dc9982c0af2714a5509e644
|
4
|
+
data.tar.gz: 2c65741303048681f797cf36157955390a1001d2970c1bd806d72512e0bba0a8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d30afb8e7a877d0a102eedca29871c08f73e9f86da1a365a23a9ebefb0871f2f282adfb37832b1515ee7c822eb8047af827d0209c04befd90ebc21ba65b8e00a
|
7
|
+
data.tar.gz: d4449bbf6b0b9be5fdbb298c84519ebb06faec3b300b01cb481f8d7ef1e92f01b4c24aca868ea27968c94fe526573dea72388e2ce7040adc145360a1c1ab8b18
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -26,7 +26,7 @@ In order to let portier control the requests to your application, you need to ad
|
|
26
26
|
protect_from_forgery with: :exception
|
27
27
|
|
28
28
|
# This filter the requests using the permission files
|
29
|
-
|
29
|
+
before_action :protect_app
|
30
30
|
|
31
31
|
# You can define the current_user anyway you want as long as it return the current user record.
|
32
32
|
def current_user
|
@@ -163,7 +163,15 @@ Both ```can?``` and ```can_view?``` methods can take options
|
|
163
163
|
end
|
164
164
|
```
|
165
165
|
|
166
|
+
### namespace
|
166
167
|
|
168
|
+
If you are using namespacing in your controller, you can pass the namespace option.
|
169
|
+
|
170
|
+
```erb
|
171
|
+
<%# app/views/admin/products/show.html.erb %>
|
172
|
+
|
173
|
+
<%= link_to 'Edit product', edit_product_path(id: @product.id) if can? :edit, @product, namespace: :admin %>
|
174
|
+
```
|
167
175
|
|
168
176
|
Copyright
|
169
177
|
---------
|
@@ -65,7 +65,11 @@ class Portier::ApplicationPermission < Portier::BasePermission
|
|
65
65
|
end
|
66
66
|
|
67
67
|
def model
|
68
|
-
|
68
|
+
model_name.camelize.constantize
|
69
|
+
end
|
70
|
+
|
71
|
+
def model_name
|
72
|
+
controller_name.split('/').last.singularize
|
69
73
|
end
|
70
74
|
|
71
75
|
def model_exists?
|
@@ -73,7 +77,7 @@ class Portier::ApplicationPermission < Portier::BasePermission
|
|
73
77
|
end
|
74
78
|
|
75
79
|
def record_name
|
76
|
-
|
80
|
+
model_name.to_sym
|
77
81
|
end
|
78
82
|
|
79
83
|
|
data/lib/portier/base.rb
CHANGED
@@ -26,6 +26,9 @@ class Portier::Base
|
|
26
26
|
else
|
27
27
|
object.class.name.pluralize
|
28
28
|
end
|
29
|
+
|
30
|
+
object_name = "#{options[:namespace].to_s.camelize}::#{object_name.camelize}" if options[:namespace]
|
31
|
+
|
29
32
|
permission = permission_for object_name
|
30
33
|
permission.can? action, object, options
|
31
34
|
end
|
@@ -56,7 +59,7 @@ class Portier::Base
|
|
56
59
|
begin
|
57
60
|
"#{target.camelize}Permission".constantize.new(application_controller, current_user)
|
58
61
|
rescue
|
59
|
-
|
62
|
+
raise Portier::Uninitalized, "You must define #{target.camelize}Permission in app/permissions/#{target}_permission.rb. See documentation for more details."
|
60
63
|
end
|
61
64
|
end
|
62
65
|
|
data/portier.gemspec
CHANGED
@@ -2,8 +2,8 @@ Gem::Specification.new do |gem|
|
|
2
2
|
gem.name = "portier"
|
3
3
|
gem.description = "Portier is an gem that manage permissions in a rails project. The permission rules are flexible, non-obstrusive, scalable and can be applied to the controller actions, and views."
|
4
4
|
gem.summary = "Portier is an gem that manage permissions in a rails project. The permission rules are flexible, non-obstrusive, scalable and can be applied to the controller actions, and views."
|
5
|
-
gem.homepage = "https://
|
6
|
-
gem.version = "1.0
|
5
|
+
gem.homepage = "https://github.com/alchimikweb/portier"
|
6
|
+
gem.version = "1.1.0"
|
7
7
|
gem.licenses = ["MIT"]
|
8
8
|
|
9
9
|
gem.authors = ["Sebastien Rosa"]
|
@@ -14,9 +14,9 @@ Gem::Specification.new do |gem|
|
|
14
14
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
15
15
|
gem.require_paths = ["lib"]
|
16
16
|
|
17
|
-
gem.add_dependency "rails", ['
|
18
|
-
gem.add_development_dependency "sqlite3"
|
19
|
-
gem.add_development_dependency "rspec-rails"
|
20
|
-
gem.add_development_dependency "simplecov"
|
21
|
-
gem.add_development_dependency "simplecov-rcov-text"
|
17
|
+
gem.add_dependency "rails", ['~> 5.0']
|
18
|
+
gem.add_development_dependency "sqlite3", "~> 1.3"
|
19
|
+
gem.add_development_dependency "rspec-rails", "~> 3.7"
|
20
|
+
gem.add_development_dependency "simplecov", "~> 0.15"
|
21
|
+
gem.add_development_dependency "simplecov-rcov-text", "~> 0"
|
22
22
|
end
|
@@ -1,8 +1,11 @@
|
|
1
1
|
require "spec_helper"
|
2
2
|
|
3
|
-
describe ApplicationController do
|
3
|
+
#describe ApplicationController do
|
4
|
+
#end
|
5
|
+
|
6
|
+
describe ApplicationController, :type => :controller do
|
4
7
|
controller do
|
5
|
-
|
8
|
+
before_action :protect_app
|
6
9
|
|
7
10
|
def current_user
|
8
11
|
@user
|
@@ -10,26 +13,26 @@ describe ApplicationController do
|
|
10
13
|
|
11
14
|
def index
|
12
15
|
if can_view?(:granted_response, show: true)
|
13
|
-
render
|
16
|
+
render plain: 'Granted!'
|
14
17
|
else
|
15
|
-
render
|
18
|
+
render plain: 'Nothing'
|
16
19
|
end
|
17
20
|
end
|
18
21
|
|
19
22
|
def create
|
20
23
|
if can?(:create, :products)
|
21
|
-
render
|
24
|
+
render plain: "Created! #{permitted_params}"
|
22
25
|
else
|
23
|
-
render
|
26
|
+
render plain: "Not Created!"
|
24
27
|
end
|
25
28
|
end
|
26
29
|
|
27
30
|
def edit
|
28
|
-
render
|
31
|
+
render plain: 'Refused!'
|
29
32
|
end
|
30
33
|
|
31
34
|
def destroy
|
32
|
-
render
|
35
|
+
render plain: 'Destroyed!'
|
33
36
|
end
|
34
37
|
end
|
35
38
|
|
@@ -44,7 +47,7 @@ describe ApplicationController do
|
|
44
47
|
|
45
48
|
describe "when calling a restricted action" do
|
46
49
|
it 'should not grant access' do
|
47
|
-
get :edit, id: '123'
|
50
|
+
get :edit, params: { id: '123' }
|
48
51
|
|
49
52
|
expect(response.status).to eq(401)
|
50
53
|
expect(response.body).to eq "access_denied"
|
@@ -53,7 +56,7 @@ describe ApplicationController do
|
|
53
56
|
|
54
57
|
describe "when sending the role and the role is not allowed to be sent" do
|
55
58
|
it 'should not have role in the permitted_params' do
|
56
|
-
post :create, anonymou: { name: '123', email: 'a@at.com', role: 'admin' }
|
59
|
+
post :create, params: { anonymou: { name: '123', email: 'a@at.com', role: 'admin' }}
|
57
60
|
|
58
61
|
expect(response.status).to eq(200)
|
59
62
|
expect(response.body).to include('email')
|
@@ -63,7 +66,7 @@ describe ApplicationController do
|
|
63
66
|
|
64
67
|
describe "when deleting an open record" do
|
65
68
|
it 'should grant access' do
|
66
|
-
delete :destroy, id: 'open'
|
69
|
+
delete :destroy, params: { id: 'open' }
|
67
70
|
|
68
71
|
expect(response.status).to eq(200)
|
69
72
|
expect(response.body).to eq "Destroyed!"
|
@@ -72,7 +75,7 @@ describe ApplicationController do
|
|
72
75
|
|
73
76
|
describe "when deleting an restricted record" do
|
74
77
|
it 'should not grant access' do
|
75
|
-
delete :destroy, id: 'restricted'
|
78
|
+
delete :destroy, params: { id: 'restricted' }
|
76
79
|
|
77
80
|
expect(response.status).to eq(401)
|
78
81
|
expect(response.body).to eq "access_denied"
|
@@ -11,7 +11,8 @@ describe Portier::ApplicationPermission do
|
|
11
11
|
|
12
12
|
describe "#default" do
|
13
13
|
it "should be protected by default" do
|
14
|
-
Portier::ApplicationPermission.new(double(:app), double(:user)).default
|
14
|
+
permission = Portier::ApplicationPermission.new(double(:app), double(:user)).default
|
15
|
+
expect(permission).to be_falsey
|
15
16
|
end
|
16
17
|
end
|
17
18
|
|
@@ -12,18 +12,18 @@ describe Portier::ViewTagsPermission do
|
|
12
12
|
end
|
13
13
|
|
14
14
|
context "with the tag show_admin_link restricting access to the user" do
|
15
|
-
before { @permission.
|
15
|
+
before { allow(@permission).to receive_messages(show_admin_link: false) }
|
16
16
|
|
17
17
|
context "when checking if the user can view the show_admin_link" do
|
18
|
-
specify { @permission.can_view?(:show_admin_link).
|
18
|
+
specify { expect(@permission.can_view?(:show_admin_link)).to be_falsey }
|
19
19
|
end
|
20
20
|
end
|
21
21
|
|
22
22
|
context "with the tag show_admin_link allowing access to the user" do
|
23
|
-
before { @permission.
|
23
|
+
before { allow(@permission).to receive_messages(show_admin_link: true) }
|
24
24
|
|
25
25
|
context "when checking if the user can view the show_admin_link" do
|
26
|
-
specify { @permission.can_view?(:show_admin_link).
|
26
|
+
specify { expect(@permission.can_view?(:show_admin_link)).to be_truthy }
|
27
27
|
end
|
28
28
|
end
|
29
29
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -2,11 +2,13 @@ ENV["RAILS_ENV"] ||= 'test'
|
|
2
2
|
|
3
3
|
require 'simplecov'
|
4
4
|
require 'simplecov-rcov-text'
|
5
|
+
require 'coveralls'
|
5
6
|
|
6
|
-
SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
|
7
|
+
SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new([
|
7
8
|
SimpleCov::Formatter::HTMLFormatter,
|
8
9
|
SimpleCov::Formatter::RcovTextFormatter,
|
9
|
-
|
10
|
+
Coveralls::SimpleCov::Formatter
|
11
|
+
])
|
10
12
|
|
11
13
|
SimpleCov.start do
|
12
14
|
add_filter "spec/dummy"
|
@@ -17,7 +19,6 @@ end
|
|
17
19
|
require File.expand_path("../dummy/config/environment", __FILE__)
|
18
20
|
|
19
21
|
require 'rspec/rails'
|
20
|
-
require 'rspec/autorun'
|
21
22
|
|
22
23
|
Dir["./spec/support/**/*.rb"].sort.each {|f| require f }
|
23
24
|
|
@@ -4,8 +4,10 @@ module ViewHelpers
|
|
4
4
|
|
5
5
|
app = double()
|
6
6
|
|
7
|
-
app
|
8
|
-
|
7
|
+
allow(app).to receive_messages(
|
8
|
+
request: { controller: options[:controller], action: options[:action] },
|
9
|
+
params: options[:params]
|
10
|
+
)
|
9
11
|
|
10
12
|
return app
|
11
13
|
end
|
metadata
CHANGED
@@ -1,83 +1,83 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: portier
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sebastien Rosa
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-01-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
17
|
+
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
19
|
+
version: '5.0'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- - "
|
24
|
+
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
26
|
+
version: '5.0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: sqlite3
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- - "
|
31
|
+
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
33
|
+
version: '1.3'
|
34
34
|
type: :development
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- - "
|
38
|
+
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
40
|
+
version: '1.3'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: rspec-rails
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
|
-
- - "
|
45
|
+
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: '
|
47
|
+
version: '3.7'
|
48
48
|
type: :development
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
|
-
- - "
|
52
|
+
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
54
|
+
version: '3.7'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: simplecov
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
61
|
+
version: '0.15'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
|
-
- - "
|
66
|
+
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
68
|
+
version: '0.15'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: simplecov-rcov-text
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
|
-
- - "
|
73
|
+
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
75
|
version: '0'
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
|
-
- - "
|
80
|
+
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '0'
|
83
83
|
description: Portier is an gem that manage permissions in a rails project. The permission
|
@@ -137,7 +137,7 @@ files:
|
|
137
137
|
- spec/portier_spec.rb
|
138
138
|
- spec/spec_helper.rb
|
139
139
|
- spec/support/views_helper.rb
|
140
|
-
homepage: https://
|
140
|
+
homepage: https://github.com/alchimikweb/portier
|
141
141
|
licenses:
|
142
142
|
- MIT
|
143
143
|
metadata: {}
|
@@ -157,7 +157,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
157
157
|
version: '0'
|
158
158
|
requirements: []
|
159
159
|
rubyforge_project:
|
160
|
-
rubygems_version: 2.
|
160
|
+
rubygems_version: 2.7.3
|
161
161
|
signing_key:
|
162
162
|
specification_version: 4
|
163
163
|
summary: Portier is an gem that manage permissions in a rails project. The permission
|