pundit 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +5 -1
- data/CHANGELOG.md +11 -3
- data/Gemfile +1 -0
- data/README.md +66 -20
- data/lib/generators/pundit/install/templates/application_policy.rb +13 -0
- data/lib/generators/pundit/policy/policy_generator.rb +2 -0
- data/lib/generators/pundit/policy/templates/policy.rb +1 -1
- data/lib/generators/rspec/policy_generator.rb +11 -0
- data/lib/generators/rspec/templates/policy_spec.rb +28 -0
- data/lib/generators/test_unit/policy_generator.rb +11 -0
- data/lib/generators/test_unit/templates/policy_test.rb +19 -0
- data/lib/pundit.rb +9 -3
- data/lib/pundit/policy_finder.rb +2 -0
- data/lib/pundit/rspec.rb +29 -7
- data/lib/pundit/version.rb +1 -1
- data/pundit.gemspec +2 -2
- data/spec/policies/post_policy_spec.rb +20 -0
- data/spec/pundit_spec.rb +17 -58
- data/spec/spec_helper.rb +97 -0
- metadata +32 -24
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dce73a23b63776e71c55792ade6b1066fb5a5896
|
4
|
+
data.tar.gz: b4bdb26c70cb66aa77b1424dd2fe4cd1bc340926
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 76b5740261dd485d461e2209c1fe5558faf2eda1917cdb2f87c4fe7eff026d1519341c260f2f071b37384516a886d6f1cafebdaf7ef688c3c908e59fce028cc8
|
7
|
+
data.tar.gz: d9c8e46eb64b1a03f4741db7bbede7781180f41bd63de8291ab1ebd133c2a9108ff4e0f22d6ba0b41a290325f318281fc767df2224ff2a4f5013da2f77071c6f
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,9 +1,17 @@
|
|
1
1
|
# Pundit
|
2
2
|
|
3
|
-
## 0.
|
3
|
+
## 0.3.0 (unreleased)
|
4
4
|
|
5
|
-
-
|
5
|
+
- Extend the default `ApplicationPolicy` with an `ApplicationPolicy::Scope` (#120)
|
6
|
+
- Fix RSpec 3 deprecation warnings for built-in matchers (#162)
|
7
|
+
- Generate blank policy spec/test files for Rspec/MiniTest/Test::Unit in Rails (#138)
|
8
|
+
|
9
|
+
## 0.2.3 (2014-04-06)
|
10
|
+
|
11
|
+
- Customizable error messages: `#query`, `#record` and `#policy` methods on `Pundit::NotAuthorizedError` (#114)
|
12
|
+
- Raise a different `Pundit::AuthorizationNotPerformedError` when `authorize` call is expected in controller action but missing (#109)
|
13
|
+
- Update Rspec matchers for Rspec 3 (#124)
|
6
14
|
|
7
15
|
## 0.2.2 (2014-02-07)
|
8
16
|
|
9
|
-
-
|
17
|
+
- Customize the user to be passed into policies: `pundit_user` (#42)
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
[![Build Status](https://secure.travis-ci.org/elabs/pundit.png?branch=master)](https://travis-ci.org/elabs/pundit)
|
4
4
|
[![Code Climate](https://codeclimate.com/github/elabs/pundit.png)](https://codeclimate.com/github/elabs/pundit)
|
5
|
-
[![Inline docs](http://inch-
|
5
|
+
[![Inline docs](http://inch-ci.org/github/elabs/pundit.png)](http://inch-ci.org/github/elabs/pundit)
|
6
6
|
|
7
7
|
Pundit provides a set of helpers which guide you in leveraging regular Ruby
|
8
8
|
classes and object oriented design patterns to build a simple, robust and
|
@@ -54,21 +54,8 @@ class PostPolicy
|
|
54
54
|
end
|
55
55
|
```
|
56
56
|
|
57
|
-
As you can see, this is just a plain Ruby class.
|
58
|
-
|
59
|
-
|
60
|
-
``` ruby
|
61
|
-
class PostPolicy < Struct.new(:user, :post)
|
62
|
-
def update?
|
63
|
-
user.admin? or not post.published?
|
64
|
-
end
|
65
|
-
end
|
66
|
-
```
|
67
|
-
|
68
|
-
You could also use the convenient
|
69
|
-
[attr_extras](https://github.com/barsoom/attr_extras) gem.
|
70
|
-
|
71
|
-
Pundit makes the following assumptions about this class:
|
57
|
+
As you can see, this is just a plain Ruby class. Pundit makes the following
|
58
|
+
assumptions about this class:
|
72
59
|
|
73
60
|
- The class has the same name as some kind of model class, only suffixed
|
74
61
|
with the word "Policy".
|
@@ -82,6 +69,17 @@ Pundit makes the following assumptions about this class:
|
|
82
69
|
|
83
70
|
That's it really.
|
84
71
|
|
72
|
+
Usually you'll want to inherit from the application policy created by the
|
73
|
+
generator, or set up your own base class to inherit from:
|
74
|
+
|
75
|
+
``` ruby
|
76
|
+
class PostPolicy < ApplicationPolicy
|
77
|
+
def update?
|
78
|
+
user.admin? or not post.published?
|
79
|
+
end
|
80
|
+
end
|
81
|
+
```
|
82
|
+
|
85
83
|
Supposing that you have an instance of class `Post`, Pundit now lets you do
|
86
84
|
this in your controller:
|
87
85
|
|
@@ -128,6 +126,25 @@ conditionally showing links or buttons in the view:
|
|
128
126
|
<%= link_to "Edit post", edit_post_path(@post) %>
|
129
127
|
<% end %>
|
130
128
|
```
|
129
|
+
## Headless policies
|
130
|
+
|
131
|
+
Given there is a policy without a corresponding model / ruby class,
|
132
|
+
you can retrieve it by passing a symbol.
|
133
|
+
|
134
|
+
```ruby
|
135
|
+
# app/policies/dashboard_policy.rb
|
136
|
+
class DashboardPolicy < Struct.new(:user, :dashboard)
|
137
|
+
# ...
|
138
|
+
end
|
139
|
+
|
140
|
+
# In controllers
|
141
|
+
authorize :dashboard, :show?
|
142
|
+
|
143
|
+
# In views
|
144
|
+
<% if policy(:dashboard).show? %>
|
145
|
+
<%= link_to 'Dashboard', dashboard_path %>
|
146
|
+
<% end %>
|
147
|
+
```
|
131
148
|
|
132
149
|
## Ensuring policies are used
|
133
150
|
|
@@ -144,7 +161,7 @@ end
|
|
144
161
|
|
145
162
|
Likewise, Pundit also adds `verify_policy_scoped` to your controller. This
|
146
163
|
will raise an exception in the vein of `verify_authorized`. However it tracks
|
147
|
-
if `
|
164
|
+
if `policy_scope` is used instead of `authorize`. This is mostly useful for
|
148
165
|
controller actions like `index` which find collections with a scope and don't
|
149
166
|
authorize individual instances.
|
150
167
|
|
@@ -161,8 +178,15 @@ particular user has access to. When using Pundit, you are expected to
|
|
161
178
|
define a class called a policy scope. It can look something like this:
|
162
179
|
|
163
180
|
``` ruby
|
164
|
-
class PostPolicy <
|
165
|
-
class Scope
|
181
|
+
class PostPolicy < ApplicationPolicy
|
182
|
+
class Scope
|
183
|
+
attr_reader :user, :scope
|
184
|
+
|
185
|
+
def initialize(user, scope)
|
186
|
+
@user = user
|
187
|
+
@scope = scope
|
188
|
+
end
|
189
|
+
|
166
190
|
def resolve
|
167
191
|
if user.admin?
|
168
192
|
scope.all
|
@@ -190,6 +214,27 @@ Pundit makes the following assumptions about this class:
|
|
190
214
|
some kind of result which can be iterated over. For ActiveRecord classes,
|
191
215
|
this would usually be an `ActiveRecord::Relation`.
|
192
216
|
|
217
|
+
You'll probably want to inherit from the application policy scope generated by the
|
218
|
+
generator, or create your own base class to inherit from:
|
219
|
+
|
220
|
+
``` ruby
|
221
|
+
class PostPolicy < ApplicationPolicy
|
222
|
+
class Scope < Scope
|
223
|
+
def resolve
|
224
|
+
if user.admin?
|
225
|
+
scope.all
|
226
|
+
else
|
227
|
+
scope.where(:published => true)
|
228
|
+
end
|
229
|
+
end
|
230
|
+
end
|
231
|
+
|
232
|
+
def update?
|
233
|
+
user.admin? or not post.published?
|
234
|
+
end
|
235
|
+
end
|
236
|
+
```
|
237
|
+
|
193
238
|
You can now use this class from your controller via the `policy_scope` method:
|
194
239
|
|
195
240
|
``` ruby
|
@@ -212,7 +257,7 @@ You can, and are encouraged to, use this method in views:
|
|
212
257
|
|
213
258
|
``` erb
|
214
259
|
<% policy_scope(@user.posts).each do |post| %>
|
215
|
-
<p
|
260
|
+
<p><%= link_to post.title, post_path(post) %></p>
|
216
261
|
<% end %>
|
217
262
|
```
|
218
263
|
|
@@ -469,6 +514,7 @@ based on what is or is not authorized.
|
|
469
514
|
- [RailsApps Example Application: Pundit and Devise](https://github.com/RailsApps/rails-devise-pundit)
|
470
515
|
- [Migrating to Pundit from CanCan](http://blog.carbonfive.com/2013/10/21/migrating-to-pundit-from-cancan/)
|
471
516
|
- [Testing Pundit Policies with RSpec](http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/)
|
517
|
+
- [Using Pundit outside of a Rails controller](https://github.com/elabs/pundit/pull/136)
|
472
518
|
|
473
519
|
# License
|
474
520
|
|
@@ -37,5 +37,18 @@ class ApplicationPolicy
|
|
37
37
|
def scope
|
38
38
|
Pundit.policy_scope!(user, record.class)
|
39
39
|
end
|
40
|
+
|
41
|
+
class Scope
|
42
|
+
attr_reader :user, :scope
|
43
|
+
|
44
|
+
def initialize(user, scope)
|
45
|
+
@user = user
|
46
|
+
@scope = scope
|
47
|
+
end
|
48
|
+
|
49
|
+
def resolve
|
50
|
+
scope
|
51
|
+
end
|
52
|
+
end
|
40
53
|
end
|
41
54
|
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module Rspec
|
2
|
+
module Generators
|
3
|
+
class PolicyGenerator < ::Rails::Generators::NamedBase
|
4
|
+
source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
|
5
|
+
|
6
|
+
def create_policy_spec
|
7
|
+
template 'policy_spec.rb', File.join('spec/policies', class_path, "#{file_name}_policy_spec.rb")
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe <%= class_name %>Policy do
|
4
|
+
|
5
|
+
let(:user) { User.new }
|
6
|
+
|
7
|
+
subject { <%= class_name %>Policy }
|
8
|
+
|
9
|
+
permissions ".scope" do
|
10
|
+
pending "add some examples to (or delete) #{__FILE__}"
|
11
|
+
end
|
12
|
+
|
13
|
+
permissions :create? do
|
14
|
+
pending "add some examples to (or delete) #{__FILE__}"
|
15
|
+
end
|
16
|
+
|
17
|
+
permissions :show? do
|
18
|
+
pending "add some examples to (or delete) #{__FILE__}"
|
19
|
+
end
|
20
|
+
|
21
|
+
permissions :update? do
|
22
|
+
pending "add some examples to (or delete) #{__FILE__}"
|
23
|
+
end
|
24
|
+
|
25
|
+
permissions :destroy? do
|
26
|
+
pending "add some examples to (or delete) #{__FILE__}"
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module TestUnit
|
2
|
+
module Generators
|
3
|
+
class PolicyGenerator < ::Rails::Generators::NamedBase
|
4
|
+
source_root File.expand_path(File.join(File.dirname(__FILE__), 'templates'))
|
5
|
+
|
6
|
+
def create_policy_test
|
7
|
+
template 'policy_test.rb', File.join('test/policies', class_path, "#{file_name}_policy_test.rb")
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
data/lib/pundit.rb
CHANGED
@@ -3,12 +3,15 @@ require "pundit/policy_finder"
|
|
3
3
|
require "active_support/concern"
|
4
4
|
require "active_support/core_ext/string/inflections"
|
5
5
|
require "active_support/core_ext/object/blank"
|
6
|
+
require "active_support/core_ext/module/introspection"
|
7
|
+
require "active_support/dependencies/autoload"
|
6
8
|
|
7
9
|
module Pundit
|
8
10
|
class NotAuthorizedError < StandardError
|
9
11
|
attr_accessor :query, :record, :policy
|
10
12
|
end
|
11
13
|
class AuthorizationNotPerformedError < StandardError; end
|
14
|
+
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
|
12
15
|
class NotDefinedError < StandardError; end
|
13
16
|
|
14
17
|
extend ActiveSupport::Concern
|
@@ -56,7 +59,7 @@ module Pundit
|
|
56
59
|
end
|
57
60
|
|
58
61
|
def verify_policy_scoped
|
59
|
-
raise
|
62
|
+
raise PolicyScopingNotPerformedError unless @_policy_scoped
|
60
63
|
end
|
61
64
|
|
62
65
|
def authorize(record, query=nil)
|
@@ -81,9 +84,12 @@ module Pundit
|
|
81
84
|
attr_writer :policy_scope
|
82
85
|
|
83
86
|
def policy(record)
|
84
|
-
@
|
87
|
+
@_policy or Pundit.policy!(pundit_user, record)
|
88
|
+
end
|
89
|
+
|
90
|
+
def policy=(policy)
|
91
|
+
@_policy = policy
|
85
92
|
end
|
86
|
-
attr_writer :policy
|
87
93
|
|
88
94
|
def pundit_user
|
89
95
|
current_user
|
data/lib/pundit/policy_finder.rb
CHANGED
data/lib/pundit/rspec.rb
CHANGED
@@ -1,25 +1,39 @@
|
|
1
|
+
require "active_support/core_ext/array/conversions"
|
2
|
+
|
1
3
|
module Pundit
|
2
4
|
module RSpec
|
3
5
|
module Matchers
|
4
6
|
extend ::RSpec::Matchers::DSL
|
5
7
|
|
6
8
|
matcher :permit do |user, record|
|
7
|
-
|
9
|
+
match_proc = lambda do |policy|
|
8
10
|
permissions.all? { |permission| policy.new(user, record).public_send(permission) }
|
9
11
|
end
|
10
12
|
|
11
|
-
|
13
|
+
match_when_negated_proc = lambda do |policy|
|
12
14
|
permissions.none? { |permission| policy.new(user, record).public_send(permission) }
|
13
15
|
end
|
14
16
|
|
15
|
-
|
17
|
+
failure_message_proc = lambda do |policy|
|
16
18
|
"Expected #{policy} to grant #{permissions.to_sentence} on #{record} but it didn't"
|
17
19
|
end
|
18
20
|
|
19
|
-
|
21
|
+
failure_message_when_negated_proc = lambda do |policy|
|
20
22
|
"Expected #{policy} not to grant #{permissions.to_sentence} on #{record} but it did"
|
21
23
|
end
|
22
24
|
|
25
|
+
if respond_to?(:match_when_negated)
|
26
|
+
match(&match_proc)
|
27
|
+
match_when_negated(&match_when_negated_proc)
|
28
|
+
failure_message(&failure_message_proc)
|
29
|
+
failure_message_when_negated(&failure_message_when_negated_proc)
|
30
|
+
else
|
31
|
+
match_for_should(&match_proc)
|
32
|
+
match_for_should_not(&match_when_negated_proc)
|
33
|
+
failure_message_for_should(&failure_message_proc)
|
34
|
+
failure_message_for_should_not(&failure_message_when_negated_proc)
|
35
|
+
end
|
36
|
+
|
23
37
|
def permissions
|
24
38
|
current_example = ::RSpec.respond_to?(:current_example) ? ::RSpec.current_example : example
|
25
39
|
current_example.metadata[:permissions]
|
@@ -46,7 +60,15 @@ module Pundit
|
|
46
60
|
end
|
47
61
|
|
48
62
|
RSpec.configure do |config|
|
49
|
-
|
50
|
-
|
51
|
-
|
63
|
+
if RSpec::Core::Version::STRING.split(".").first.to_i >= 3
|
64
|
+
config.include(Pundit::RSpec::PolicyExampleGroup, {
|
65
|
+
:type => :policy,
|
66
|
+
:file_path => /spec\/policies/,
|
67
|
+
})
|
68
|
+
else
|
69
|
+
config.include(Pundit::RSpec::PolicyExampleGroup, {
|
70
|
+
:type => :policy,
|
71
|
+
:example_group => { :file_path => /spec\/policies/ }
|
72
|
+
})
|
73
|
+
end
|
52
74
|
end
|
data/lib/pundit/version.rb
CHANGED
data/pundit.gemspec
CHANGED
@@ -19,9 +19,9 @@ Gem::Specification.new do |gem|
|
|
19
19
|
gem.require_paths = ["lib"]
|
20
20
|
|
21
21
|
gem.add_dependency "activesupport", ">= 3.0.0"
|
22
|
-
gem.add_development_dependency "
|
22
|
+
gem.add_development_dependency "activemodel", ">= 3.0.0"
|
23
23
|
gem.add_development_dependency "bundler", "~> 1.3"
|
24
|
-
gem.add_development_dependency "rspec", "
|
24
|
+
gem.add_development_dependency "rspec", ">=2.0.0"
|
25
25
|
gem.add_development_dependency "pry"
|
26
26
|
gem.add_development_dependency "rake"
|
27
27
|
gem.add_development_dependency "yard"
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe PostPolicy do
|
4
|
+
let(:user) { double }
|
5
|
+
let(:own_post) { double(user: user) }
|
6
|
+
let(:other_post) { double(user: double) }
|
7
|
+
subject { PostPolicy }
|
8
|
+
|
9
|
+
permissions :update?, :show? do
|
10
|
+
it "is successful when all permissions match" do
|
11
|
+
should permit(user, own_post)
|
12
|
+
end
|
13
|
+
|
14
|
+
it "fails when any permissions do not match" do
|
15
|
+
expect do
|
16
|
+
should permit(user, other_post)
|
17
|
+
end.to raise_error(RSpec::Expectations::ExpectationNotMetError)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/spec/pundit_spec.rb
CHANGED
@@ -1,66 +1,11 @@
|
|
1
|
-
require "
|
2
|
-
require "pry"
|
3
|
-
require "active_support/core_ext"
|
4
|
-
require "active_model/naming"
|
5
|
-
|
6
|
-
class PostPolicy < Struct.new(:user, :post)
|
7
|
-
def update?
|
8
|
-
post.user == user
|
9
|
-
end
|
10
|
-
def destroy?
|
11
|
-
false
|
12
|
-
end
|
13
|
-
def show?
|
14
|
-
true
|
15
|
-
end
|
16
|
-
end
|
17
|
-
class PostPolicy::Scope < Struct.new(:user, :scope)
|
18
|
-
def resolve
|
19
|
-
scope.published
|
20
|
-
end
|
21
|
-
end
|
22
|
-
class Post < Struct.new(:user)
|
23
|
-
def self.published
|
24
|
-
:published
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
class CommentPolicy < Struct.new(:user, :comment); end
|
29
|
-
class CommentPolicy::Scope < Struct.new(:user, :scope)
|
30
|
-
def resolve
|
31
|
-
scope
|
32
|
-
end
|
33
|
-
end
|
34
|
-
class Comment; extend ActiveModel::Naming; end
|
35
|
-
|
36
|
-
class Article; end
|
37
|
-
|
38
|
-
class BlogPolicy < Struct.new(:user, :blog); end
|
39
|
-
class Blog; end
|
40
|
-
class ArtificialBlog < Blog
|
41
|
-
def self.policy_class
|
42
|
-
BlogPolicy
|
43
|
-
end
|
44
|
-
end
|
45
|
-
class ArticleTag
|
46
|
-
def self.policy_class
|
47
|
-
Struct.new(:user, :tag) do
|
48
|
-
def show?
|
49
|
-
true
|
50
|
-
end
|
51
|
-
def destroy?
|
52
|
-
false
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
1
|
+
require "spec_helper"
|
57
2
|
|
58
3
|
describe Pundit do
|
59
4
|
let(:user) { double }
|
60
5
|
let(:post) { Post.new(user) }
|
61
6
|
let(:comment) { Comment.new }
|
62
7
|
let(:article) { Article.new }
|
63
|
-
let(:controller) {
|
8
|
+
let(:controller) { Controller.new(user, { :action => 'update' }) }
|
64
9
|
let(:artificial_blog) { ArtificialBlog.new }
|
65
10
|
let(:article_tag) { ArticleTag.new }
|
66
11
|
|
@@ -150,6 +95,13 @@ describe Pundit do
|
|
150
95
|
expect(policy.user).to eq user
|
151
96
|
expect(policy.tag).to eq ArticleTag
|
152
97
|
end
|
98
|
+
|
99
|
+
it "returns an instantiated policy given a symbol" do
|
100
|
+
policy = Pundit.policy(user, :dashboard)
|
101
|
+
expect(policy.class).to eq DashboardPolicy
|
102
|
+
expect(policy.user).to eq user
|
103
|
+
expect(policy.dashboard).to eq :dashboard
|
104
|
+
end
|
153
105
|
end
|
154
106
|
end
|
155
107
|
|
@@ -178,6 +130,13 @@ describe Pundit do
|
|
178
130
|
expect(policy.comment).to eq Comment
|
179
131
|
end
|
180
132
|
|
133
|
+
it "returns an instantiated policy given a symbol" do
|
134
|
+
policy = Pundit.policy!(user, :dashboard)
|
135
|
+
expect(policy.class).to eq DashboardPolicy
|
136
|
+
expect(policy.user).to eq user
|
137
|
+
expect(policy.dashboard).to eq :dashboard
|
138
|
+
end
|
139
|
+
|
181
140
|
it "throws an exception if the given policy can't be found" do
|
182
141
|
expect { Pundit.policy!(user, article) }.to raise_error(Pundit::NotDefinedError)
|
183
142
|
expect { Pundit.policy!(user, Article) }.to raise_error(Pundit::NotDefinedError)
|
@@ -202,7 +161,7 @@ describe Pundit do
|
|
202
161
|
end
|
203
162
|
|
204
163
|
it "raises an exception when policy_scope is not used" do
|
205
|
-
expect { controller.verify_policy_scoped }.to raise_error(Pundit::
|
164
|
+
expect { controller.verify_policy_scoped }.to raise_error(Pundit::PolicyScopingNotPerformedError)
|
206
165
|
end
|
207
166
|
end
|
208
167
|
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
require "active_support/core_ext/kernel"
|
2
|
+
|
3
|
+
warnings = capture(:stderr) do
|
4
|
+
require "pundit"
|
5
|
+
require "pundit/rspec"
|
6
|
+
end
|
7
|
+
|
8
|
+
unless warnings.to_s.empty?
|
9
|
+
puts "ERROR: Encountered deprecation warning!"
|
10
|
+
puts warnings
|
11
|
+
exit 1
|
12
|
+
end
|
13
|
+
|
14
|
+
require "pry"
|
15
|
+
require "active_support/core_ext"
|
16
|
+
require "active_model/naming"
|
17
|
+
|
18
|
+
I18n.enforce_available_locales = false
|
19
|
+
|
20
|
+
module PunditSpecHelper
|
21
|
+
extend RSpec::Matchers::DSL
|
22
|
+
|
23
|
+
matcher :be_truthy do
|
24
|
+
match do |actual|
|
25
|
+
actual
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
RSpec.configure do |config|
|
31
|
+
config.include PunditSpecHelper
|
32
|
+
end
|
33
|
+
|
34
|
+
class PostPolicy < Struct.new(:user, :post)
|
35
|
+
def update?
|
36
|
+
post.user == user
|
37
|
+
end
|
38
|
+
def destroy?
|
39
|
+
false
|
40
|
+
end
|
41
|
+
def show?
|
42
|
+
true
|
43
|
+
end
|
44
|
+
end
|
45
|
+
class PostPolicy::Scope < Struct.new(:user, :scope)
|
46
|
+
def resolve
|
47
|
+
scope.published
|
48
|
+
end
|
49
|
+
end
|
50
|
+
class Post < Struct.new(:user)
|
51
|
+
def self.published
|
52
|
+
:published
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
class CommentPolicy < Struct.new(:user, :comment); end
|
57
|
+
class CommentPolicy::Scope < Struct.new(:user, :scope)
|
58
|
+
def resolve
|
59
|
+
scope
|
60
|
+
end
|
61
|
+
end
|
62
|
+
class Comment; extend ActiveModel::Naming; end
|
63
|
+
|
64
|
+
class Article; end
|
65
|
+
|
66
|
+
class BlogPolicy < Struct.new(:user, :blog); end
|
67
|
+
class Blog; end
|
68
|
+
class ArtificialBlog < Blog
|
69
|
+
def self.policy_class
|
70
|
+
BlogPolicy
|
71
|
+
end
|
72
|
+
end
|
73
|
+
class ArticleTag
|
74
|
+
def self.policy_class
|
75
|
+
Struct.new(:user, :tag) do
|
76
|
+
def show?
|
77
|
+
true
|
78
|
+
end
|
79
|
+
def destroy?
|
80
|
+
false
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
class DashboardPolicy < Struct.new(:user, :dashboard); end
|
87
|
+
|
88
|
+
class Controller
|
89
|
+
include Pundit
|
90
|
+
|
91
|
+
attr_reader :current_user, :params
|
92
|
+
|
93
|
+
def initialize(current_user, params)
|
94
|
+
@current_user = current_user
|
95
|
+
@params = params
|
96
|
+
end
|
97
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pundit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonas Nicklas
|
@@ -9,104 +9,104 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-
|
12
|
+
date: 2014-08-22 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
17
17
|
requirements:
|
18
|
-
- -
|
18
|
+
- - ">="
|
19
19
|
- !ruby/object:Gem::Version
|
20
20
|
version: 3.0.0
|
21
21
|
type: :runtime
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
|
-
- -
|
25
|
+
- - ">="
|
26
26
|
- !ruby/object:Gem::Version
|
27
27
|
version: 3.0.0
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
|
-
name:
|
29
|
+
name: activemodel
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
31
31
|
requirements:
|
32
|
-
- -
|
32
|
+
- - ">="
|
33
33
|
- !ruby/object:Gem::Version
|
34
34
|
version: 3.0.0
|
35
35
|
type: :development
|
36
36
|
prerelease: false
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
38
38
|
requirements:
|
39
|
-
- -
|
39
|
+
- - ">="
|
40
40
|
- !ruby/object:Gem::Version
|
41
41
|
version: 3.0.0
|
42
42
|
- !ruby/object:Gem::Dependency
|
43
43
|
name: bundler
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
45
45
|
requirements:
|
46
|
-
- - ~>
|
46
|
+
- - "~>"
|
47
47
|
- !ruby/object:Gem::Version
|
48
48
|
version: '1.3'
|
49
49
|
type: :development
|
50
50
|
prerelease: false
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
52
52
|
requirements:
|
53
|
-
- - ~>
|
53
|
+
- - "~>"
|
54
54
|
- !ruby/object:Gem::Version
|
55
55
|
version: '1.3'
|
56
56
|
- !ruby/object:Gem::Dependency
|
57
57
|
name: rspec
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
59
59
|
requirements:
|
60
|
-
- -
|
60
|
+
- - ">="
|
61
61
|
- !ruby/object:Gem::Version
|
62
|
-
version:
|
62
|
+
version: 2.0.0
|
63
63
|
type: :development
|
64
64
|
prerelease: false
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
66
66
|
requirements:
|
67
|
-
- -
|
67
|
+
- - ">="
|
68
68
|
- !ruby/object:Gem::Version
|
69
|
-
version:
|
69
|
+
version: 2.0.0
|
70
70
|
- !ruby/object:Gem::Dependency
|
71
71
|
name: pry
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
73
73
|
requirements:
|
74
|
-
- -
|
74
|
+
- - ">="
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '0'
|
77
77
|
type: :development
|
78
78
|
prerelease: false
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
80
80
|
requirements:
|
81
|
-
- -
|
81
|
+
- - ">="
|
82
82
|
- !ruby/object:Gem::Version
|
83
83
|
version: '0'
|
84
84
|
- !ruby/object:Gem::Dependency
|
85
85
|
name: rake
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
87
87
|
requirements:
|
88
|
-
- -
|
88
|
+
- - ">="
|
89
89
|
- !ruby/object:Gem::Version
|
90
90
|
version: '0'
|
91
91
|
type: :development
|
92
92
|
prerelease: false
|
93
93
|
version_requirements: !ruby/object:Gem::Requirement
|
94
94
|
requirements:
|
95
|
-
- -
|
95
|
+
- - ">="
|
96
96
|
- !ruby/object:Gem::Version
|
97
97
|
version: '0'
|
98
98
|
- !ruby/object:Gem::Dependency
|
99
99
|
name: yard
|
100
100
|
requirement: !ruby/object:Gem::Requirement
|
101
101
|
requirements:
|
102
|
-
- -
|
102
|
+
- - ">="
|
103
103
|
- !ruby/object:Gem::Version
|
104
104
|
version: '0'
|
105
105
|
type: :development
|
106
106
|
prerelease: false
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
108
108
|
requirements:
|
109
|
-
- -
|
109
|
+
- - ">="
|
110
110
|
- !ruby/object:Gem::Version
|
111
111
|
version: '0'
|
112
112
|
description: Object oriented authorization for Rails applications
|
@@ -117,8 +117,8 @@ executables: []
|
|
117
117
|
extensions: []
|
118
118
|
extra_rdoc_files: []
|
119
119
|
files:
|
120
|
-
- .gitignore
|
121
|
-
- .travis.yml
|
120
|
+
- ".gitignore"
|
121
|
+
- ".travis.yml"
|
122
122
|
- CHANGELOG.md
|
123
123
|
- Gemfile
|
124
124
|
- LICENSE.txt
|
@@ -130,12 +130,18 @@ files:
|
|
130
130
|
- lib/generators/pundit/policy/USAGE
|
131
131
|
- lib/generators/pundit/policy/policy_generator.rb
|
132
132
|
- lib/generators/pundit/policy/templates/policy.rb
|
133
|
+
- lib/generators/rspec/policy_generator.rb
|
134
|
+
- lib/generators/rspec/templates/policy_spec.rb
|
135
|
+
- lib/generators/test_unit/policy_generator.rb
|
136
|
+
- lib/generators/test_unit/templates/policy_test.rb
|
133
137
|
- lib/pundit.rb
|
134
138
|
- lib/pundit/policy_finder.rb
|
135
139
|
- lib/pundit/rspec.rb
|
136
140
|
- lib/pundit/version.rb
|
137
141
|
- pundit.gemspec
|
142
|
+
- spec/policies/post_policy_spec.rb
|
138
143
|
- spec/pundit_spec.rb
|
144
|
+
- spec/spec_helper.rb
|
139
145
|
homepage: https://github.com/elabs/pundit
|
140
146
|
licenses:
|
141
147
|
- MIT
|
@@ -146,20 +152,22 @@ require_paths:
|
|
146
152
|
- lib
|
147
153
|
required_ruby_version: !ruby/object:Gem::Requirement
|
148
154
|
requirements:
|
149
|
-
- -
|
155
|
+
- - ">="
|
150
156
|
- !ruby/object:Gem::Version
|
151
157
|
version: '0'
|
152
158
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
153
159
|
requirements:
|
154
|
-
- -
|
160
|
+
- - ">="
|
155
161
|
- !ruby/object:Gem::Version
|
156
162
|
version: '0'
|
157
163
|
requirements: []
|
158
164
|
rubyforge_project:
|
159
|
-
rubygems_version: 2.
|
165
|
+
rubygems_version: 2.2.2
|
160
166
|
signing_key:
|
161
167
|
specification_version: 4
|
162
168
|
summary: OO authorization for Rails
|
163
169
|
test_files:
|
170
|
+
- spec/policies/post_policy_spec.rb
|
164
171
|
- spec/pundit_spec.rb
|
172
|
+
- spec/spec_helper.rb
|
165
173
|
has_rdoc:
|