protector 0.3.0 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/lib/protector.rb +12 -1
- data/lib/protector/adapters/active_record/relation.rb +10 -0
- data/lib/protector/dsl.rb +11 -9
- data/lib/protector/version.rb +1 -1
- data/spec/lib/adapters/active_record_spec.rb +2 -0
- data/spec/spec_helpers/examples/model.rb +2 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c70a6f5702f927759d3ad9177aa24b1f9045fe6
|
|
4
|
+
data.tar.gz: 55afe52810b3195c78434062caf155a3804eb19e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5198ddee45f36de0862c08363863bde24b375620c8e901ca21fdcb1f2cf4bba846074b71a87d3b10a1972a58ee36e1384c0a11475b22e8895143890443bcf72e
|
|
7
|
+
data.tar.gz: 9203703fe70cad667f9861091d8b3f2dddf03241a5928dea9986936ac12a5e8e24e96480cf3580ca5bca64ecbb0e14bce6f3608332e4563fc6d8444c0fc57565
|
data/README.md
CHANGED
|
@@ -152,6 +152,18 @@ model.can?(:drink) # Checks if model can drink any field
|
|
|
152
152
|
|
|
153
153
|
As you can see you don't have to use fields. You can use `can :foo` and `can? :foo`. While they will bound to fields internally it will work like you expect for empty sets.
|
|
154
154
|
|
|
155
|
+
## Global switch
|
|
156
|
+
|
|
157
|
+
Sometimes for different reasons (like debug or whatever) you might want to run piece of code having Protector totally disabled. There is a way to do that:
|
|
158
|
+
|
|
159
|
+
```ruby
|
|
160
|
+
Protector.insecurely do
|
|
161
|
+
# anything here
|
|
162
|
+
end
|
|
163
|
+
```
|
|
164
|
+
|
|
165
|
+
No matter what happens inside, all your entities will act unprotected. So use with **EXTREME** caution.
|
|
166
|
+
|
|
155
167
|
## Ideology
|
|
156
168
|
|
|
157
169
|
Protector is a successor to [Heimdallr](https://github.com/inossidabile/heimdallr). The latter being a proof-of-concept appeared to be way too paranoid and incompatible with the rest of the world. Protector re-implements same idea keeping the Ruby way:
|
data/lib/protector.rb
CHANGED
|
@@ -9,4 +9,15 @@ require "protector/adapters/sequel"
|
|
|
9
9
|
I18n.load_path += Dir[File.expand_path File.join('..', 'locales', '*.yml'), File.dirname(__FILE__)]
|
|
10
10
|
|
|
11
11
|
Protector::Adapters::ActiveRecord.activate! if defined?(ActiveRecord)
|
|
12
|
-
Protector::Adapters::Sequel.activate! if defined?(Sequel)
|
|
12
|
+
Protector::Adapters::Sequel.activate! if defined?(Sequel)
|
|
13
|
+
|
|
14
|
+
module Protector
|
|
15
|
+
|
|
16
|
+
# Allows executing any code having Protector globally disabled
|
|
17
|
+
def self.insecurely(&block)
|
|
18
|
+
Thread.current[:protector_disabled] = true
|
|
19
|
+
yield
|
|
20
|
+
ensure
|
|
21
|
+
Thread.current[:protector_disabled] = false
|
|
22
|
+
end
|
|
23
|
+
end
|
|
@@ -37,6 +37,16 @@ module Protector
|
|
|
37
37
|
super.restrict!(protector_subject)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
+
def except(*args)
|
|
41
|
+
return super unless protector_subject?
|
|
42
|
+
super.restrict!(protector_subject)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def only(*args)
|
|
46
|
+
return super unless protector_subject?
|
|
47
|
+
super.restrict!(protector_subject)
|
|
48
|
+
end
|
|
49
|
+
|
|
40
50
|
# @note This is here cause `NullRelation` can return `nil` from `count`
|
|
41
51
|
def count(*args)
|
|
42
52
|
super || 0
|
data/lib/protector/dsl.rb
CHANGED
|
@@ -19,14 +19,16 @@ module Protector
|
|
|
19
19
|
@scope_proc = false
|
|
20
20
|
@destroyable = false
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
22
|
+
Protector.insecurely do
|
|
23
|
+
blocks.each do |b|
|
|
24
|
+
case b.arity
|
|
25
|
+
when 2
|
|
26
|
+
instance_exec subject, entry, &b
|
|
27
|
+
when 1
|
|
28
|
+
instance_exec subject, &b
|
|
29
|
+
else
|
|
30
|
+
instance_exec &b
|
|
31
|
+
end
|
|
30
32
|
end
|
|
31
33
|
end
|
|
32
34
|
end
|
|
@@ -242,7 +244,7 @@ module Protector
|
|
|
242
244
|
|
|
243
245
|
# Checks if model was restricted
|
|
244
246
|
def protector_subject?
|
|
245
|
-
@protector_subject_set == true
|
|
247
|
+
@protector_subject_set == true && !Thread.current[:protector_disabled]
|
|
246
248
|
end
|
|
247
249
|
end
|
|
248
250
|
|
data/lib/protector/version.rb
CHANGED
|
@@ -71,6 +71,8 @@ if defined?(ActiveRecord)
|
|
|
71
71
|
|
|
72
72
|
it "saves subject" do
|
|
73
73
|
Dummy.restrict!('!').where(number: 999).protector_subject.should == '!'
|
|
74
|
+
Dummy.restrict!('!').except(:order).protector_subject.should == '!'
|
|
75
|
+
Dummy.restrict!('!').only(:order).protector_subject.should == '!'
|
|
74
76
|
end
|
|
75
77
|
|
|
76
78
|
it "forwards subject" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: protector
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Boris Staal
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-07-
|
|
11
|
+
date: 2013-07-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|