rabarber 5.2.2 → 5.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/README.md +33 -8
- data/lib/rabarber/railtie.rb +5 -1
- data/lib/rabarber/version.rb +1 -1
- data/rabarber.gemspec +5 -1
- metadata +10 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0b6af1a1a593e84b481d92883ca7adf385e2ee1fc9a3fb5615818169fc595444
|
|
4
|
+
data.tar.gz: 97738fdc3bb6e3463b8e331088982a4dcd40e62e4251977ee63cc8b742fcb96a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 535dc707a59522461ad3b5bd26d0e394008454c738ff52e84fa6cd7ebfdd26bb441405326563b2ba4a2229008d0ddcf3b6b426dc9d21186896e53aadf99b5fa6
|
|
7
|
+
data.tar.gz: b32d8c3983deb895e7cefe2e3d273cbad0542477c1bad134a7681ac5ae1e390725f7e34b964de4c0f264fcb1b0d21546cb70b7d89ca29cb3c513e831d281c89c
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -1,17 +1,42 @@
|
|
|
1
|
-
# Rabarber: Role-Based Authorization for Rails
|
|
1
|
+
# Rabarber: Simple Role-Based Authorization for Rails
|
|
2
2
|
|
|
3
3
|
[](http://badge.fury.io/rb/rabarber)
|
|
4
|
+
[](https://rubygems.org/gems/rabarber)
|
|
4
5
|
[](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml)
|
|
6
|
+
[](LICENSE)
|
|
5
7
|
|
|
6
|
-
Rabarber is a role-based authorization library for Ruby on Rails that focuses on controller-level access control. Rather than answering domain questions like "can this user create a post?", Rabarber answers "can this user access the create post endpoint?", providing a clean separation between authorization and business logic.
|
|
8
|
+
Rabarber is a role-based authorization library for Ruby on Rails that focuses on controller-level access control. Rather than answering domain questions like "can this user create a post?", Rabarber answers "can this user access the create post endpoint?", providing a clean separation between authorization and business logic. It supports multi-tenancy through contextual roles, dynamic authorization with conditional logic, and includes view helpers for role-based content rendering.
|
|
7
9
|
|
|
8
|
-
**
|
|
10
|
+
**Example of Usage:**
|
|
9
11
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
12
|
+
Consider a CRM system where users with different roles have distinct access levels. For instance, the role `accountant` can interact with invoices but cannot access marketing information, while the role `analyst` has access to marketing-related data. You can define such authorization rules easily with Rabarber.
|
|
13
|
+
|
|
14
|
+
And here's how your controller might look:
|
|
15
|
+
|
|
16
|
+
```rb
|
|
17
|
+
class InvoicesController < ApplicationController
|
|
18
|
+
grant_access roles: :admin # Admin can access everything
|
|
19
|
+
|
|
20
|
+
grant_access action: :index, roles: [:accountant, :analyst]
|
|
21
|
+
def index
|
|
22
|
+
# Accessible to both analysts and accountants
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
grant_access action: :show, roles: :accountant
|
|
26
|
+
def show
|
|
27
|
+
# Accessible to accountants
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
grant_access action: :analytics, roles: :analyst
|
|
31
|
+
def analytics
|
|
32
|
+
# Accessible to analysts
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def destroy
|
|
36
|
+
# Accessible to admins only
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
```
|
|
15
40
|
|
|
16
41
|
## Table of Contents
|
|
17
42
|
|
data/lib/rabarber/railtie.rb
CHANGED
|
@@ -4,6 +4,10 @@ require "rails/railtie"
|
|
|
4
4
|
|
|
5
5
|
module Rabarber
|
|
6
6
|
class Railtie < Rails::Railtie
|
|
7
|
+
def self.server_running?
|
|
8
|
+
!!defined?(Rails::Server)
|
|
9
|
+
end
|
|
10
|
+
|
|
7
11
|
def self.table_exists?
|
|
8
12
|
ActiveRecord::Base.connection.data_source_exists?("rabarber_roles")
|
|
9
13
|
rescue ActiveRecord::NoDatabaseError, ActiveRecord::ConnectionNotEstablished
|
|
@@ -12,7 +16,7 @@ module Rabarber
|
|
|
12
16
|
|
|
13
17
|
initializer "rabarber.to_prepare" do |app|
|
|
14
18
|
app.config.to_prepare do
|
|
15
|
-
if Rabarber::Railtie.table_exists?
|
|
19
|
+
if Rabarber::Railtie.server_running? && Rabarber::Railtie.table_exists?
|
|
16
20
|
Rabarber::Role.where.not(context_type: nil).distinct.pluck(:context_type).each do |context_class|
|
|
17
21
|
context_class.constantize
|
|
18
22
|
rescue NameError => e
|
data/lib/rabarber/version.rb
CHANGED
data/rabarber.gemspec
CHANGED
|
@@ -6,12 +6,16 @@ Gem::Specification.new do |spec|
|
|
|
6
6
|
spec.name = "rabarber"
|
|
7
7
|
spec.version = Rabarber::VERSION
|
|
8
8
|
spec.authors = ["enjaku4", "trafium"]
|
|
9
|
+
spec.email = ["enjaku4@icloud.com"]
|
|
9
10
|
spec.homepage = "https://github.com/enjaku4/rabarber"
|
|
10
11
|
spec.metadata["homepage_uri"] = spec.homepage
|
|
11
12
|
spec.metadata["source_code_uri"] = spec.homepage
|
|
12
13
|
spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/main/CHANGELOG.md"
|
|
14
|
+
spec.metadata["bug_tracker_uri"] = "#{spec.homepage}/issues"
|
|
15
|
+
spec.metadata["documentation_uri"] = "#{spec.homepage}/blob/main/README.md"
|
|
13
16
|
spec.metadata["rubygems_mfa_required"] = "true"
|
|
14
17
|
spec.summary = "Simple role-based authorization library for Ruby on Rails"
|
|
18
|
+
spec.description = "Rabarber provides role-based authorization for Ruby on Rails applications with support for multi-tenancy, dynamic rules, and clean controller-level access control that separates authorization from business logic"
|
|
15
19
|
spec.license = "MIT"
|
|
16
20
|
spec.required_ruby_version = ">= 3.2", "< 3.5"
|
|
17
21
|
|
|
@@ -23,5 +27,5 @@ Gem::Specification.new do |spec|
|
|
|
23
27
|
|
|
24
28
|
spec.add_dependency "dry-configurable", "~> 1.1"
|
|
25
29
|
spec.add_dependency "dry-types", "~> 1.7"
|
|
26
|
-
spec.add_dependency "rails", ">= 7.1", "< 8.
|
|
30
|
+
spec.add_dependency "rails", ">= 7.1", "< 8.2"
|
|
27
31
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rabarber
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.2.
|
|
4
|
+
version: 5.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- enjaku4
|
|
@@ -47,7 +47,7 @@ dependencies:
|
|
|
47
47
|
version: '7.1'
|
|
48
48
|
- - "<"
|
|
49
49
|
- !ruby/object:Gem::Version
|
|
50
|
-
version: '8.
|
|
50
|
+
version: '8.2'
|
|
51
51
|
type: :runtime
|
|
52
52
|
prerelease: false
|
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -57,7 +57,12 @@ dependencies:
|
|
|
57
57
|
version: '7.1'
|
|
58
58
|
- - "<"
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
|
-
version: '8.
|
|
60
|
+
version: '8.2'
|
|
61
|
+
description: Rabarber provides role-based authorization for Ruby on Rails applications
|
|
62
|
+
with support for multi-tenancy, dynamic rules, and clean controller-level access
|
|
63
|
+
control that separates authorization from business logic
|
|
64
|
+
email:
|
|
65
|
+
- enjaku4@icloud.com
|
|
61
66
|
executables: []
|
|
62
67
|
extensions: []
|
|
63
68
|
extra_rdoc_files: []
|
|
@@ -99,6 +104,8 @@ metadata:
|
|
|
99
104
|
homepage_uri: https://github.com/enjaku4/rabarber
|
|
100
105
|
source_code_uri: https://github.com/enjaku4/rabarber
|
|
101
106
|
changelog_uri: https://github.com/enjaku4/rabarber/blob/main/CHANGELOG.md
|
|
107
|
+
bug_tracker_uri: https://github.com/enjaku4/rabarber/issues
|
|
108
|
+
documentation_uri: https://github.com/enjaku4/rabarber/blob/main/README.md
|
|
102
109
|
rubygems_mfa_required: 'true'
|
|
103
110
|
rdoc_options: []
|
|
104
111
|
require_paths:
|