rabarber 1.2.2 → 1.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +52 -4
- data/lib/rabarber/cache.rb +4 -4
- data/lib/rabarber/models/concerns/has_roles.rb +21 -7
- data/lib/rabarber/models/role.rb +57 -7
- data/lib/rabarber/permissions.rb +15 -13
- data/lib/rabarber/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 77a15b7eb4164c74d70e81d34630d6051915acc2abe35896df8938d9cc53e473
|
|
4
|
+
data.tar.gz: 847f675e00e9a85a158032af7ddc158f3189df78d4e6dae4ce15e2fe5024515e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7d16835ed84fd9ee2c2e7871080c5256bad34944ee0c1a3448c609f14732f1c7901539c0287bc5206feddb79ef77ee4aa001dd26a642d7c23b05498f5a668659
|
|
7
|
+
data.tar.gz: 0bd35329a6608d4f6680b4aba7882d015df36f38e0b0d963c9df988edd40e490e67180e504b1901f05c957e27f8bffe585372f6494ccad2989310daaa7feec68
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
## 1.3.0
|
|
2
|
+
|
|
3
|
+
- Add methods to directly add, rename, and remove roles
|
|
4
|
+
- `HasRoles#assign_roles` and `HasRoles#revoke_roles` methods now return the list of roles assigned to the user
|
|
5
|
+
- Minor performance improvements
|
|
6
|
+
|
|
1
7
|
## 1.2.2
|
|
2
8
|
|
|
3
9
|
- Refactor to improve readability and maintainability
|
data/README.md
CHANGED
|
@@ -67,16 +67,16 @@ Rabarber can be configured by using `.configure` method in an initializer:
|
|
|
67
67
|
|
|
68
68
|
```rb
|
|
69
69
|
Rabarber.configure do |config|
|
|
70
|
-
config.cache_enabled =
|
|
71
|
-
config.current_user_method = :
|
|
72
|
-
config.must_have_roles =
|
|
70
|
+
config.cache_enabled = true
|
|
71
|
+
config.current_user_method = :current_user
|
|
72
|
+
config.must_have_roles = false
|
|
73
73
|
config.when_actions_missing = -> (missing_actions, context) { ... }
|
|
74
74
|
config.when_roles_missing = -> (missing_roles, context) { ... }
|
|
75
75
|
config.when_unauthorized = -> (controller) { ... }
|
|
76
76
|
end
|
|
77
77
|
```
|
|
78
78
|
|
|
79
|
-
- `cache_enabled` must be a boolean determining whether roles are cached. Roles are cached by default to avoid unnecessary database queries. If you want to disable caching, set this option to `false`. If caching is enabled and you need to clear the cache, use
|
|
79
|
+
- `cache_enabled` must be a boolean determining whether roles are cached. Roles are cached by default to avoid unnecessary database queries. If you want to disable caching, set this option to `false`. If caching is enabled and you need to clear the cache, use `Rabarber::Cache.clear` method.
|
|
80
80
|
|
|
81
81
|
- `current_user_method` must be a symbol representing the method that returns the currently authenticated user. The default value is `:current_user`.
|
|
82
82
|
|
|
@@ -112,6 +112,7 @@ By default, `#assign_roles` method will automatically create any roles that don'
|
|
|
112
112
|
```rb
|
|
113
113
|
user.assign_roles(:accountant, :marketer, create_new: false)
|
|
114
114
|
```
|
|
115
|
+
The method returns an array of roles assigned to the user.
|
|
115
116
|
|
|
116
117
|
**`#revoke_roles`**
|
|
117
118
|
|
|
@@ -122,6 +123,8 @@ user.revoke_roles(:accountant, :marketer)
|
|
|
122
123
|
```
|
|
123
124
|
If any of the specified roles doesn't exist or the user doesn't have the role you want to revoke, it will be ignored.
|
|
124
125
|
|
|
126
|
+
The method returns an array of roles assigned to the user.
|
|
127
|
+
|
|
125
128
|
**`#has_role?`**
|
|
126
129
|
|
|
127
130
|
To check whether the user has a role, use:
|
|
@@ -140,6 +143,51 @@ To view all the roles assigned to the user, use:
|
|
|
140
143
|
user.roles
|
|
141
144
|
```
|
|
142
145
|
|
|
146
|
+
---
|
|
147
|
+
|
|
148
|
+
To manipulate roles directly, you can use `Rabarber::Role` methods:
|
|
149
|
+
|
|
150
|
+
**`.add`**
|
|
151
|
+
|
|
152
|
+
To add a new role, use:
|
|
153
|
+
|
|
154
|
+
```rb
|
|
155
|
+
Rabarber::Role.add(:admin)
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
This will create a new role with the specified name and return `true`. If the role already exists, it will return `false`.
|
|
159
|
+
|
|
160
|
+
**`.rename`**
|
|
161
|
+
|
|
162
|
+
To rename a role, use:
|
|
163
|
+
|
|
164
|
+
```rb
|
|
165
|
+
Rabarber::Role.rename(:admin, :administrator)
|
|
166
|
+
```
|
|
167
|
+
The first argument is the old name, and the second argument is the new name. This will rename the role and return `true`. If a role with the new name already exists, it will return `false`.
|
|
168
|
+
|
|
169
|
+
The method won't rename the role if it is assigned to any user. To force the rename, use the method with `force: true` argument:
|
|
170
|
+
```rb
|
|
171
|
+
Rabarber::Role.rename(:admin, :administrator, force: true)
|
|
172
|
+
```
|
|
173
|
+
|
|
174
|
+
**`.remove`**
|
|
175
|
+
|
|
176
|
+
To remove a role, use:
|
|
177
|
+
|
|
178
|
+
```rb
|
|
179
|
+
Rabarber::Role.remove(:admin)
|
|
180
|
+
```
|
|
181
|
+
|
|
182
|
+
This will remove the role and return `true`. If the role doesn't exist, it will return `false`.
|
|
183
|
+
|
|
184
|
+
The method won't remove the role if it is assigned to any user. To force the removal, use the method with `force: true` argument:
|
|
185
|
+
```rb
|
|
186
|
+
Rabarber::Role.remove(:admin, force: true)
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
**`.names`**
|
|
190
|
+
|
|
143
191
|
If you need to list all the role names available in your application, use:
|
|
144
192
|
|
|
145
193
|
```rb
|
data/lib/rabarber/cache.rb
CHANGED
|
@@ -10,16 +10,16 @@ module Rabarber
|
|
|
10
10
|
enabled? ? Rails.cache.fetch(key, options, &block) : yield
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
def delete(
|
|
14
|
-
Rails.cache.
|
|
13
|
+
def delete(*keys)
|
|
14
|
+
Rails.cache.delete_multi(keys) if enabled?
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def enabled?
|
|
18
18
|
Rabarber::Configuration.instance.cache_enabled
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
def key_for(
|
|
22
|
-
"rabarber:roles_#{
|
|
21
|
+
def key_for(id)
|
|
22
|
+
"rabarber:roles_#{id}"
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def clear
|
|
@@ -17,7 +17,7 @@ module Rabarber
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def roles
|
|
20
|
-
Rabarber::Cache.fetch(Rabarber::Cache.key_for(
|
|
20
|
+
Rabarber::Cache.fetch(Rabarber::Cache.key_for(roleable_id), expires_in: 1.hour, race_condition_ttl: 5.seconds) do
|
|
21
21
|
rabarber_roles.names
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -31,15 +31,25 @@ module Rabarber
|
|
|
31
31
|
|
|
32
32
|
create_new_roles(roles_to_assign) if create_new
|
|
33
33
|
|
|
34
|
-
|
|
34
|
+
new_roles = Rabarber::Role.where(name: roles_to_assign) - rabarber_roles
|
|
35
35
|
|
|
36
|
-
|
|
36
|
+
if new_roles.any?
|
|
37
|
+
delete_roleable_cache
|
|
38
|
+
rabarber_roles << new_roles
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
roles
|
|
37
42
|
end
|
|
38
43
|
|
|
39
44
|
def revoke_roles(*role_names)
|
|
40
|
-
|
|
45
|
+
new_roles = rabarber_roles - Rabarber::Role.where(name: process_role_names(role_names))
|
|
46
|
+
|
|
47
|
+
if rabarber_roles != new_roles
|
|
48
|
+
delete_roleable_cache
|
|
49
|
+
self.rabarber_roles = new_roles
|
|
50
|
+
end
|
|
41
51
|
|
|
42
|
-
|
|
52
|
+
roles
|
|
43
53
|
end
|
|
44
54
|
|
|
45
55
|
private
|
|
@@ -53,8 +63,12 @@ module Rabarber
|
|
|
53
63
|
Rabarber::Input::Roles.new(role_names).process
|
|
54
64
|
end
|
|
55
65
|
|
|
56
|
-
def
|
|
57
|
-
Rabarber::Cache.delete(Rabarber::Cache.key_for(
|
|
66
|
+
def delete_roleable_cache
|
|
67
|
+
Rabarber::Cache.delete(Rabarber::Cache.key_for(roleable_id))
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def roleable_id
|
|
71
|
+
public_send(self.class.primary_key)
|
|
58
72
|
end
|
|
59
73
|
end
|
|
60
74
|
end
|
data/lib/rabarber/models/role.rb
CHANGED
|
@@ -6,16 +6,66 @@ module Rabarber
|
|
|
6
6
|
|
|
7
7
|
validates :name, presence: true, uniqueness: true, format: { with: Rabarber::Input::Roles::REGEX }
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
has_and_belongs_to_many :roleables, join_table: "rabarber_roles_roleables"
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
class << self
|
|
12
|
+
def names
|
|
13
|
+
pluck(:name).map(&:to_sym)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def add(name)
|
|
17
|
+
name = process_role_name(name)
|
|
18
|
+
|
|
19
|
+
return false if exists?(name: name)
|
|
20
|
+
|
|
21
|
+
delete_roles_cache
|
|
22
|
+
|
|
23
|
+
!!create!(name: name)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def rename(old_name, new_name, force: false)
|
|
27
|
+
role = find_by(name: process_role_name(old_name))
|
|
28
|
+
name = process_role_name(new_name)
|
|
29
|
+
|
|
30
|
+
return false if !role || exists?(name: name) || assigned_to_roleables(role).any? && !force
|
|
31
|
+
|
|
32
|
+
delete_roles_cache
|
|
33
|
+
delete_roleables_cache(role)
|
|
34
|
+
|
|
35
|
+
role.update!(name: name)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def remove(name, force: false)
|
|
39
|
+
role = find_by(name: process_role_name(name))
|
|
40
|
+
|
|
41
|
+
return false if !role || assigned_to_roleables(role).any? && !force
|
|
42
|
+
|
|
43
|
+
delete_roles_cache
|
|
44
|
+
delete_roleables_cache(role)
|
|
45
|
+
|
|
46
|
+
!!role.destroy!
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
private
|
|
50
|
+
|
|
51
|
+
def delete_roles_cache
|
|
52
|
+
Rabarber::Cache.delete(Rabarber::Cache::ALL_ROLES_KEY)
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def delete_roleables_cache(role)
|
|
56
|
+
keys = assigned_to_roleables(role).map { |roleable_id| Rabarber::Cache.key_for(roleable_id) }
|
|
57
|
+
Rabarber::Cache.delete(*keys) if keys.any?
|
|
58
|
+
end
|
|
14
59
|
|
|
15
|
-
|
|
60
|
+
def assigned_to_roleables(role)
|
|
61
|
+
ActiveRecord::Base.connection.select_values(
|
|
62
|
+
"SELECT roleable_id FROM rabarber_roles_roleables WHERE role_id = #{role.id}"
|
|
63
|
+
)
|
|
64
|
+
end
|
|
16
65
|
|
|
17
|
-
|
|
18
|
-
|
|
66
|
+
def process_role_name(name)
|
|
67
|
+
Rabarber::Input::Roles.new(name).process[0]
|
|
68
|
+
end
|
|
19
69
|
end
|
|
20
70
|
end
|
|
21
71
|
end
|
data/lib/rabarber/permissions.rb
CHANGED
|
@@ -15,22 +15,24 @@ module Rabarber
|
|
|
15
15
|
@storage = { controller_rules: Hash.new({}), action_rules: Hash.new([]) }
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
18
|
+
class << self
|
|
19
|
+
def add(controller, action, roles, dynamic_rule, negated_dynamic_rule)
|
|
20
|
+
rule = Rabarber::Rule.new(action, roles, dynamic_rule, negated_dynamic_rule)
|
|
21
|
+
|
|
22
|
+
if action
|
|
23
|
+
instance.storage[:action_rules][controller] += [rule]
|
|
24
|
+
else
|
|
25
|
+
instance.storage[:controller_rules][controller] = rule
|
|
26
|
+
end
|
|
25
27
|
end
|
|
26
|
-
end
|
|
27
28
|
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
29
|
+
def controller_rules
|
|
30
|
+
instance.storage[:controller_rules]
|
|
31
|
+
end
|
|
31
32
|
|
|
32
|
-
|
|
33
|
-
|
|
33
|
+
def action_rules
|
|
34
|
+
instance.storage[:action_rules]
|
|
35
|
+
end
|
|
34
36
|
end
|
|
35
37
|
end
|
|
36
38
|
end
|
data/lib/rabarber/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rabarber
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- enjaku4
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2024-02-
|
|
12
|
+
date: 2024-02-20 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -80,7 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
80
80
|
- !ruby/object:Gem::Version
|
|
81
81
|
version: '0'
|
|
82
82
|
requirements: []
|
|
83
|
-
rubygems_version: 3.
|
|
83
|
+
rubygems_version: 3.3.26
|
|
84
84
|
signing_key:
|
|
85
85
|
specification_version: 4
|
|
86
86
|
summary: Simple authorization library for Ruby on Rails.
|