protector 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/lib/protector.rb +12 -1
- data/lib/protector/adapters/active_record/relation.rb +10 -0
- data/lib/protector/dsl.rb +11 -9
- data/lib/protector/version.rb +1 -1
- data/spec/lib/adapters/active_record_spec.rb +2 -0
- data/spec/spec_helpers/examples/model.rb +2 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c70a6f5702f927759d3ad9177aa24b1f9045fe6
|
|
4
|
+
data.tar.gz: 55afe52810b3195c78434062caf155a3804eb19e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5198ddee45f36de0862c08363863bde24b375620c8e901ca21fdcb1f2cf4bba846074b71a87d3b10a1972a58ee36e1384c0a11475b22e8895143890443bcf72e
|
|
7
|
+
data.tar.gz: 9203703fe70cad667f9861091d8b3f2dddf03241a5928dea9986936ac12a5e8e24e96480cf3580ca5bca64ecbb0e14bce6f3608332e4563fc6d8444c0fc57565
|
data/README.md
CHANGED
|
@@ -152,6 +152,18 @@ model.can?(:drink) # Checks if model can drink any field
|
|
|
152
152
|
|
|
153
153
|
As you can see you don't have to use fields. You can use `can :foo` and `can? :foo`. While they will bound to fields internally it will work like you expect for empty sets.
|
|
154
154
|
|
|
155
|
+
## Global switch
|
|
156
|
+
|
|
157
|
+
Sometimes for different reasons (like debug or whatever) you might want to run piece of code having Protector totally disabled. There is a way to do that:
|
|
158
|
+
|
|
159
|
+
```ruby
|
|
160
|
+
Protector.insecurely do
|
|
161
|
+
# anything here
|
|
162
|
+
end
|
|
163
|
+
```
|
|
164
|
+
|
|
165
|
+
No matter what happens inside, all your entities will act unprotected. So use with **EXTREME** caution.
|
|
166
|
+
|
|
155
167
|
## Ideology
|
|
156
168
|
|
|
157
169
|
Protector is a successor to [Heimdallr](https://github.com/inossidabile/heimdallr). The latter being a proof-of-concept appeared to be way too paranoid and incompatible with the rest of the world. Protector re-implements same idea keeping the Ruby way:
|
data/lib/protector.rb
CHANGED
|
@@ -9,4 +9,15 @@ require "protector/adapters/sequel"
|
|
|
9
9
|
I18n.load_path += Dir[File.expand_path File.join('..', 'locales', '*.yml'), File.dirname(__FILE__)]
|
|
10
10
|
|
|
11
11
|
Protector::Adapters::ActiveRecord.activate! if defined?(ActiveRecord)
|
|
12
|
-
Protector::Adapters::Sequel.activate! if defined?(Sequel)
|
|
12
|
+
Protector::Adapters::Sequel.activate! if defined?(Sequel)
|
|
13
|
+
|
|
14
|
+
module Protector
|
|
15
|
+
|
|
16
|
+
# Allows executing any code having Protector globally disabled
|
|
17
|
+
def self.insecurely(&block)
|
|
18
|
+
Thread.current[:protector_disabled] = true
|
|
19
|
+
yield
|
|
20
|
+
ensure
|
|
21
|
+
Thread.current[:protector_disabled] = false
|
|
22
|
+
end
|
|
23
|
+
end
|
|
@@ -37,6 +37,16 @@ module Protector
|
|
|
37
37
|
super.restrict!(protector_subject)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
+
def except(*args)
|
|
41
|
+
return super unless protector_subject?
|
|
42
|
+
super.restrict!(protector_subject)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def only(*args)
|
|
46
|
+
return super unless protector_subject?
|
|
47
|
+
super.restrict!(protector_subject)
|
|
48
|
+
end
|
|
49
|
+
|
|
40
50
|
# @note This is here cause `NullRelation` can return `nil` from `count`
|
|
41
51
|
def count(*args)
|
|
42
52
|
super || 0
|
data/lib/protector/dsl.rb
CHANGED
|
@@ -19,14 +19,16 @@ module Protector
|
|
|
19
19
|
@scope_proc = false
|
|
20
20
|
@destroyable = false
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
22
|
+
Protector.insecurely do
|
|
23
|
+
blocks.each do |b|
|
|
24
|
+
case b.arity
|
|
25
|
+
when 2
|
|
26
|
+
instance_exec subject, entry, &b
|
|
27
|
+
when 1
|
|
28
|
+
instance_exec subject, &b
|
|
29
|
+
else
|
|
30
|
+
instance_exec &b
|
|
31
|
+
end
|
|
30
32
|
end
|
|
31
33
|
end
|
|
32
34
|
end
|
|
@@ -242,7 +244,7 @@ module Protector
|
|
|
242
244
|
|
|
243
245
|
# Checks if model was restricted
|
|
244
246
|
def protector_subject?
|
|
245
|
-
@protector_subject_set == true
|
|
247
|
+
@protector_subject_set == true && !Thread.current[:protector_disabled]
|
|
246
248
|
end
|
|
247
249
|
end
|
|
248
250
|
|
data/lib/protector/version.rb
CHANGED
|
@@ -71,6 +71,8 @@ if defined?(ActiveRecord)
|
|
|
71
71
|
|
|
72
72
|
it "saves subject" do
|
|
73
73
|
Dummy.restrict!('!').where(number: 999).protector_subject.should == '!'
|
|
74
|
+
Dummy.restrict!('!').except(:order).protector_subject.should == '!'
|
|
75
|
+
Dummy.restrict!('!').only(:order).protector_subject.should == '!'
|
|
74
76
|
end
|
|
75
77
|
|
|
76
78
|
it "forwards subject" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: protector
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Boris Staal
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-07-
|
|
11
|
+
date: 2013-07-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|