rabarber 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d6a4f1f81f8a1bf56e999dcc0fbcce91499e428539fc7a48527080519c37775f
4
- data.tar.gz: 9ac2c1a7b2066705cf68d91805af30997bd2c6fc117d3d613fcfbe77cb42b3c6
3
+ metadata.gz: efe276f264ab3b14fb15221050a9876054fc9cda73cd62af4a68b177658af585
4
+ data.tar.gz: be88e7ead8056ba296ede08d74da565ebb3c2e1ea53d203d0b68b29c38cb2076
5
5
  SHA512:
6
- metadata.gz: 898892e6fb802b65bf5815747ee0f0169b0b678beb0005003d7003b019ff704afa346107db8185c9e1e11de9747a591427262be9ba7221bbc323132c59577a28
7
- data.tar.gz: c9dcc16dd51f61d9fe032b4148c8b8f79bfa5656fc2c7ed9d625e7d5ec7cddaf1d7d8b13f163cbd4d1ab6f301082898925cee25a0d0426aa99a24f501141454a
6
+ metadata.gz: 8136281097de32e13774e3beafb60a55bdd031d6f9fec9e2d09a43e746d6a044c13b269e02b086037b8c538c0d35b514ac509ad21c5dfdcf9173013dbeb35f5a
7
+ data.tar.gz: 9479c30544c7ce6a56b418fc6c25fb0470dbdfd6e0a069114bc3616b7b6aaa03756881b6ef2173dd2d4f332e2a3cea0751e322764aa241a70eccd0cc7c45e675
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.1.3
2
+
3
+ - Revise and update README for clarity
4
+
1
5
  ## 0.1.2
2
6
 
3
7
  - Fix check that `Rabarber::HasRoles` can only be included once
data/README.md CHANGED
@@ -2,11 +2,11 @@
2
2
 
3
3
  Rabarber is an authorization library primarily designed for use in the web layer of your application, specifically in controllers and views.
4
4
 
5
- Rabarber takes a slightly different approach compared to some popular libraries. Instead of answering, "Who can perform actions on this record?" it focuses on a question: "Who can access this endpoint?" In Rabarber, authorization is expressed not as "A user with role 'editor' can edit a post," but rather as "A user with the role 'editor' can access a post editing endpoint."
5
+ Rabarber takes a slightly different approach compared to some popular libraries. Rabarber focuses on the question: "Who can access this endpoint?". In Rabarber, authorization is expressed not as "A user with the role 'editor' can edit a post," but rather as "A user with the role 'editor' can access a post editing endpoint."
6
6
 
7
- #### Example Usage:
7
+ #### Example of Usage:
8
8
 
9
- Consider a CRM application where users in different roles have distinct access levels. For instance, an accountant role can interact with invoices and orders but cannot access marketing information, while the marketer role has access to marketing-related data.
9
+ Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices and orders but cannot access marketing information, while the role 'marketer' has access to marketing-related data.
10
10
 
11
11
  ## Installation
12
12
 
@@ -16,13 +16,13 @@ Add the Rabarber gem to your Gemfile:
16
16
  gem "rabarber"
17
17
  ```
18
18
 
19
- Install the gem:
19
+ Install the gem:
20
20
 
21
21
  ```
22
22
  bundle install
23
23
  ```
24
24
 
25
- Next, generate a migration to create tables for storing roles in the database:
25
+ Next, generate a migration to create tables for storing roles in the database:
26
26
 
27
27
  ```
28
28
  rails g rabarber:roles
@@ -36,7 +36,7 @@ rails db:migrate
36
36
 
37
37
  ## Configuration
38
38
 
39
- Seamlessly include Rabarber in your application by adding the following initializer:
39
+ Rabarber can be configured by adding the following code into an initializer:
40
40
 
41
41
  ```rb
42
42
  Rabarber.configure do |config|
@@ -48,12 +48,12 @@ Rabarber.configure do |config|
48
48
  end
49
49
  ```
50
50
  - `current_user_method` must be a symbol representing the method that returns the currently authenticated user. The default value is `:current_user`.
51
- - `must_have_roles` must be a boolean, determining whether a user with no roles can access endpoints permitted to everyone. The default value is `false` (allowing users without roles to access endpoints permitted for everyone).
52
- - `when_unauthorized` must be a lambda where you can define your actions when access is not authorized (`controller` is the instance of the controller where the code is executed). By default, the user is redirected back for HTML requests; otherwise, a 401 Unauthorized response is sent.
51
+ - `must_have_roles` must be a boolean determining whether a user with no roles can access endpoints permitted to everyone. The default value is `false` (allowing users without roles to access endpoints permitted to everyone).
52
+ - `when_unauthorized` must be a lambda where you can define your actions when access is not authorized (`controller` is an instance of the controller where the code is executed). By default, the user is redirected back if the request format is HTML; otherwise, a 401 Unauthorized response is sent.
53
53
 
54
54
  ## Usage
55
55
 
56
- Include the `Rabarber::HasRoles` module in your model representing application users:
56
+ Include `Rabarber::HasRoles` module in your model representing users in your application:
57
57
 
58
58
  ```rb
59
59
  class User < ApplicationRecord
@@ -71,19 +71,26 @@ To assign roles to the user, use:
71
71
  ```rb
72
72
  user.assign_roles(:accountant, :marketer)
73
73
  ```
74
- By default, the `#assign_roles` method will automatically create any roles that don't exist. If you want to assign only existing roles and prevent the creation of new ones, use the method with the `create_new: false` argument:
74
+ By default, `#assign_roles` method will automatically create any roles that don't exist. If you want to assign only existing roles and prevent the creation of new ones, use the method with `create_new: false` argument:
75
75
  ```rb
76
76
  user.assign_roles(:accountant, :marketer, create_new: false)
77
77
  ```
78
78
 
79
+ You can also explicitly create new roles simply by using:
80
+
81
+ ```rb
82
+ Rabarber::Role.create(name: "manager")
83
+ ```
84
+ The role names are unique.
85
+
79
86
  #### `#revoke_roles`
80
87
 
81
- To revoke roles from the user, use:
88
+ To revoke roles, use:
82
89
 
83
90
  ```rb
84
91
  user.revoke_roles(:accountant, :marketer)
85
92
  ```
86
- If any of the specified roles doesn't exist or the user doesn't have such a role, it will be ignored.
93
+ If any of the specified roles doesn't exist or the user doesn't have the role you want to revoke, it will be ignored.
87
94
 
88
95
  #### `#has_role?`
89
96
 
@@ -97,25 +104,24 @@ It returns `true` if the user has at least one role and `false` otherwise.
97
104
 
98
105
  #### `#roles`
99
106
 
100
- View all roles assigned to the user:
107
+ To view all the roles assigned to the user, use:
101
108
 
102
109
  ```rb
103
110
  user.roles
104
111
  ```
105
-
106
- Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). Adapt them to fit the requirements of your app.
107
-
108
- If you need to list all the role names, use:
112
+ If you need to list all the role names available in your application, use:
109
113
 
110
114
  ```rb
111
115
  Rabarber::Role.names
112
116
  ```
113
117
 
118
+ Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). Adapt them to fit the requirements of your application.
119
+
114
120
  ---
115
121
 
116
122
  ### Authorization Rules
117
123
 
118
- Include the `Rabarber::Authorization` module in the controller to which (specifically to it and its children) you want authorization rules to be applied. Typically, it is `ApplicationController`, but it can be any controller.
124
+ Include `Rabarber::Authorization` module into the controller that needs authorization rules to be applied (authorization rules will be applied to the controller and its children). Typically, it is `ApplicationController`, but it can be any controller.
119
125
 
120
126
  ```rb
121
127
  class ApplicationController < ActionController::Base
@@ -123,7 +129,7 @@ class ApplicationController < ActionController::Base
123
129
  ...
124
130
  end
125
131
  ```
126
- This adds the `.grant_access` method to the controller and its children. This method allows you to define the access rules.
132
+ This adds `.grant_access` method to the controller and its children. This method allows you to define the authorization rules.
127
133
 
128
134
  The most basic usage of the method is as follows:
129
135
 
@@ -140,13 +146,13 @@ class InvoicesController < ApplicationController
140
146
  end
141
147
  end
142
148
  ```
143
- This grants access to the `index` action for users with the `accountant` or `admin` role, and access to the `delete` action for only `admin` users.
149
+ This grants access to `index` action for users with `accountant` or `admin` role, and access to `delete` action for `admin` users only.
144
150
 
145
- You can also define controller-wide rules (without the `action` argument):
151
+ You can also define controller-wide rules (without `action` argument):
146
152
 
147
153
  ```rb
148
154
  class Crm::BaseController < ApplicationController
149
- grant_access roles: :admin, :manager
155
+ grant_access roles: [:admin, :manager]
150
156
 
151
157
  grant_access action: :dashboard, roles: :marketer
152
158
  def dashboard
@@ -154,7 +160,7 @@ class Crm::BaseController < ApplicationController
154
160
  end
155
161
  end
156
162
 
157
- class InvoicesController < Crm::BaseControlle
163
+ class Crm::InvoicesController < Crm::BaseController
158
164
  grant_access roles: :accountant
159
165
  def index
160
166
  ...
@@ -165,9 +171,9 @@ class InvoicesController < Crm::BaseControlle
165
171
  end
166
172
  end
167
173
  ```
168
- This means that `admin` and `manager` have access to all actions inside `Crm::BaseController` and its children, while the `accountant` role has access only to actions in `InvoicesController` and its possible children. Users with the `marketer` role can see only the dashboard in this example.
174
+ This means that `admin` and `manager` have access to all the actions inside `Crm::BaseController` and its children, while `accountant` role has access only to the actions in `Crm::InvoicesController` and its possible children. Users with `marketer` role can only see the dashboard in this example.
169
175
 
170
- Roles (as well as actions) can be omitted:
176
+ Roles can also be omitted:
171
177
 
172
178
  ```rb
173
179
  class OrdersController < ApplicationController
@@ -183,9 +189,9 @@ class InvoicesController < ApplicationController
183
189
  end
184
190
  ```
185
191
 
186
- This allows everyone to access `OrdersController` and its children and the `index` action in `InvoicesController`.
192
+ This allows everyone to access `OrdersController` and its children and `index` action in `InvoicesController`.
187
193
 
188
- If you've set the `must_have_roles` setting to `true`, then only the users with at least one role can have access. This setting can be useful if your requirements are so that users without roles are not allowed to see anything.
194
+ If you've set `must_have_roles` setting to `true`, then, only the users with at least one role can have access. This setting can be useful if your requirements are such that users without roles are not allowed to see anything.
189
195
 
190
196
  For more complex rules, Rabarber provides the following:
191
197
 
@@ -202,13 +208,13 @@ class OrdersController < ApplicationController
202
208
  end
203
209
 
204
210
  class InvoicesController < ApplicationController
205
- grant_access action: :index, roles: :accountant, if: -> { current_user.passed_probationary_period? }
211
+ grant_access action: :index, roles: :accountant, if: -> { current_user.passed_probation_period? }
206
212
  def index
207
213
  ...
208
214
  end
209
215
  end
210
216
  ```
211
- You can pass a custom rule as an `if` argument. It can be a symbol (the method with the same name will be called) or a lambda.
217
+ You can pass a custom rule as `if` argument. It can be a symbol (the method with the same name will be called) or a lambda.
212
218
 
213
219
  Rules defined in children don't override parent rules but rather add to them:
214
220
  ```rb
@@ -217,12 +223,12 @@ class Crm::BaseController < ApplicationController
217
223
  ...
218
224
  end
219
225
 
220
- class InvoicesController < Crm::BaseControlle
226
+ class Crm::InvoicesController < Crm::BaseController
221
227
  grant_access roles: :accountant
222
228
  ...
223
229
  end
224
230
  ```
225
- This means that `InvoicesController` is still accessible to `admin` but is also accessible to `accountant`.
231
+ This means that `Crm::InvoicesController` is still accessible to `admin` but is also accessible to `accountant`.
226
232
 
227
233
  ---
228
234
 
@@ -244,9 +250,9 @@ Rabarber also provides a couple of helpers that can be used in views: `visible_t
244
250
 
245
251
  ## Problems?
246
252
 
247
- Encountered a bug or facing a problem?
253
+ Encountered a bug or facing a problem?
248
254
 
249
- - **Create an Issue**: If you've identified a problem or have a feature request, please create an issue on the gem's GitHub repository. Be sure to provide detailed information about the problem, including steps to reproduce it.
255
+ - **Create an Issue**: If you've identified a problem or have a feature request, please create an issue on the gem's GitHub repository. Be sure to provide detailed information about the problem, including the steps to reproduce it.
250
256
  - **Contribute a Solution**: Found a fix for the issue or want to contribute to the project? Feel free to create a pull request with your changes.
251
257
 
252
258
  ## License
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Rabarber
4
- VERSION = "0.1.2"
4
+ VERSION = "0.1.3"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rabarber
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - enjaku4