protector 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +6 -25
- data/gemfiles/AR_3.2.gemfile.lock +1 -1
- data/gemfiles/AR_4.gemfile.lock +1 -1
- data/gemfiles/Sequel.gemfile.lock +1 -1
- data/lib/protector/version.rb +1 -1
- data/lib/protector.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 480667a8c7e66f9afb9fa1e5de46a99edc0d0325
|
4
|
+
data.tar.gz: 39e9914aa30962eb6792a429b10fbde0fa08b141
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 36003bdd3337ee49372bc4cbb4e220e149ba902b47f0b5b987f31823d458cb114494f7b0b537358997fd1f73d8c1ca49fc7cfb074407f1f65e86e7f1589fa46c
|
7
|
+
data.tar.gz: 6874b536a5333f1e4fb4f45b08aced3c41fcd4618d7dc319ce6dcc103fd41396a8ff244d6ab34a57a9234100ee630a4dddc722fc79b48c3b92b3fec33d3c74bc
|
data/README.md
CHANGED
@@ -112,38 +112,19 @@ end
|
|
112
112
|
|
113
113
|
## Associations
|
114
114
|
|
115
|
-
Protector is aware of associations. All the associations retrieved from restricted instance will automatically be restricted to the same context. Therefore you don't have to do anything special – it will respect proper scopes out of the box
|
116
|
-
|
117
|
-
The access to `belongs_to` kind of association depends on corresponding foreign key readability.
|
118
|
-
|
119
|
-
Remember however that auto-restriction is only enabled for reading. Passing a model (or an array of those) to an association will not auto-restrict it. You should handle it manually.
|
120
|
-
|
121
|
-
## Eager Loading
|
122
|
-
|
123
|
-
To take a long story short: it works and you are very likely to never notice changes it introduces to the process. But it might behave unexpected (yet mathematically correct) in complex cases.
|
124
|
-
|
125
|
-
Eager Loading has 2 possible strategies: JOINs and additional requests. Whenever you mark an association to preload and at the same time use this relation among `where` clause – ORMs prefer JOIN. Otherwise it goes with additional requests.
|
115
|
+
Protector is aware of associations. All the associations retrieved from restricted instance will automatically be restricted to the same context. Therefore you don't have to do anything special – it will respect proper scopes out of the box:
|
126
116
|
|
127
117
|
```ruby
|
128
|
-
|
129
|
-
Foo.includes(:bars).where(bars: {absolute: true}) # This will make 1 big JOINfull query
|
118
|
+
foo.restrict!(current_user).bar # bar is automatically restricted by `current_user`
|
130
119
|
```
|
131
120
|
|
132
|
-
|
133
|
-
|
134
|
-
```ruby
|
135
|
-
Foo.restrict!(current_user).includes(:bars).where(bars: {absolute: true})
|
136
|
-
```
|
137
|
-
|
138
|
-
we can appear in the situation where `foos` and `bars` relations are having different restrictions scopes. In this case JOIN will filter by an intersection of scopes which is important to understand. You might not get all `Foo` entries you expect with such where clause since they might appear filtered out by the restriction scope of `Bar`.
|
121
|
+
Remember however that auto-restriction is only enabled for reading. Passing a model (or an array of those) to an association will not auto-restrict it. You should handle it manually.
|
139
122
|
|
140
|
-
|
123
|
+
The access to `belongs_to` kind of association depends on corresponding foreign key readability.
|
141
124
|
|
142
|
-
|
143
|
-
Foo.restrict!(current_user).preload(:bars).join(:bars).where(bars: {absolute: true})
|
144
|
-
```
|
125
|
+
## Eager Loading
|
145
126
|
|
146
|
-
|
127
|
+
Both of eager loading strategies (separate query and JOIN) are fully supported.
|
147
128
|
|
148
129
|
## Manual checks and custom actions
|
149
130
|
|
data/gemfiles/AR_4.gemfile.lock
CHANGED
data/lib/protector/version.rb
CHANGED
data/lib/protector.rb
CHANGED
@@ -6,7 +6,7 @@ require "protector/dsl"
|
|
6
6
|
require "protector/adapters/active_record"
|
7
7
|
require "protector/adapters/sequel"
|
8
8
|
|
9
|
-
I18n.load_path
|
9
|
+
I18n.load_path += Dir[File.expand_path File.join('..', 'locales', '*.yml'), File.dirname(__FILE__)]
|
10
10
|
|
11
11
|
Protector::Adapters::ActiveRecord.activate! if defined?(ActiveRecord)
|
12
12
|
Protector::Adapters::Sequel.activate! if defined?(Sequel)
|