rabarber 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/CHANGELOG.md +5 -0
- data/README.md +31 -4
- data/lib/generators/rabarber/templates/create_rabarber_roles.rb.erb +2 -2
- data/lib/rabarber/configuration.rb +1 -1
- data/lib/rabarber/models/concerns/has_roles.rb +22 -12
- data/lib/rabarber/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 44ae657744209c8401cc25faff3aba718ce00993d4ba6f1ccd8b833cd7b2e48f
|
4
|
+
data.tar.gz: a5ede8519ed62a197873b8b9f955a38d9a7cb7d34a5a7ef9518ed672b029745b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 03be3074d4a98d2b9c4cf81a1686d411e9f899f9543a82ee0879a4f8935841cbc0916ce7ca739ea44181a0db2dc2b57e2cafd251b3ab7e3389ae3d15fa86fc92
|
7
|
+
data.tar.gz: 647f11032bf0f935f1822f45f3edaec8e8b9db11ba786c72ffef722dcb650a0b3688dbefd9bbe0822aab0d7608f88827b3e7ff2a554f58b93c04a27bd04ec251
|
data/.rspec
CHANGED
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -1,12 +1,35 @@
|
|
1
1
|
# Rabarber: Simplified Authorization for Rails
|
2
2
|
|
3
|
-
|
3
|
+
[![Gem Version](https://badge.fury.io/rb/rabarber.svg)](http://badge.fury.io/rb/rabarber)
|
4
|
+
[![Github Actions badge](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml/badge.svg)](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml)
|
4
5
|
|
5
|
-
Rabarber
|
6
|
+
Rabarber is an authorization library for Ruby on Rails, primarily designed for use in the web layer of your application but not limited to that. It provides a set of useful tools for managing user roles and defining authorization rules.
|
7
|
+
|
8
|
+
---
|
6
9
|
|
7
10
|
#### Example of Usage:
|
8
11
|
|
9
|
-
Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices
|
12
|
+
Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices but cannot access marketing information, while the role 'marketer' has access to marketing-related data. Such authorization rules can be easily defined with Rabarber.
|
13
|
+
|
14
|
+
---
|
15
|
+
|
16
|
+
And this is how your controller might look with Rabarber:
|
17
|
+
|
18
|
+
```rb
|
19
|
+
class TicketsController < ApplicationController
|
20
|
+
grant_access roles: :admin
|
21
|
+
|
22
|
+
grant_access action: :index, roles: :manager
|
23
|
+
def index
|
24
|
+
...
|
25
|
+
end
|
26
|
+
|
27
|
+
def delete
|
28
|
+
...
|
29
|
+
end
|
30
|
+
end
|
31
|
+
```
|
32
|
+
This means that `admin` users can access everything in `TicketsController`, while `manager` role can access only `index` action.
|
10
33
|
|
11
34
|
## Installation
|
12
35
|
|
@@ -28,6 +51,10 @@ Next, generate a migration to create tables for storing roles in the database:
|
|
28
51
|
rails g rabarber:roles
|
29
52
|
```
|
30
53
|
|
54
|
+
This will create a migration file in `db/migrate` directory.
|
55
|
+
|
56
|
+
Replace `raise(Rabarber::Error, "Please specify your user model's table name")` in that file with the name of your user model's table.
|
57
|
+
|
31
58
|
Finally, run the migration to apply the changes to the database:
|
32
59
|
|
33
60
|
```
|
@@ -123,7 +150,7 @@ If you need to list all the role names available in your application, use:
|
|
123
150
|
Rabarber::Role.names
|
124
151
|
```
|
125
152
|
|
126
|
-
Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). Adapt
|
153
|
+
Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). You can also write custom authorization policies based on `#has_role?` method (e.g., to scope the data that the user can access). Adapt these methods to fit the requirements of your application.
|
127
154
|
|
128
155
|
---
|
129
156
|
|
@@ -8,8 +8,8 @@ class CreateRabarberRoles < ActiveRecord::Migration[<%= ActiveRecord::Migration.
|
|
8
8
|
end
|
9
9
|
|
10
10
|
create_table :rabarber_roles_roleables, id: false do |t|
|
11
|
-
t.belongs_to :role, index: true
|
12
|
-
t.belongs_to :roleable, index: true
|
11
|
+
t.belongs_to :role, index: true, foreign_key: { to_table: :rabarber_roles }
|
12
|
+
t.belongs_to :roleable, index: true, foreign_key: { to_table: raise(Rabarber::Error, "Please specify your user model's table name") }
|
13
13
|
end
|
14
14
|
|
15
15
|
add_index :rabarber_roles_roleables, %i[role_id roleable_id], unique: true
|
@@ -21,7 +21,7 @@ module Rabarber
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def current_user_method=(method_name)
|
24
|
-
unless
|
24
|
+
unless [Symbol, String].include?(method_name.class)
|
25
25
|
raise ArgumentError, "Method name must be a symbol or a string"
|
26
26
|
end
|
27
27
|
|
@@ -15,31 +15,41 @@ module Rabarber
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def has_role?(*role_names)
|
18
|
-
|
19
|
-
raise(ArgumentError, "Role names must be symbols or strings")
|
20
|
-
end
|
18
|
+
validate_role_names(role_names)
|
21
19
|
|
22
20
|
roles.exists?(name: role_names)
|
23
21
|
end
|
24
22
|
|
25
23
|
def assign_roles(*role_names, create_new: true)
|
26
|
-
|
27
|
-
raise(ArgumentError, "Role names must be symbols or strings")
|
28
|
-
end
|
24
|
+
validate_role_names(role_names)
|
29
25
|
|
30
|
-
|
31
|
-
new_roles.each { |role| Role.create!(name: role) }
|
32
|
-
end
|
26
|
+
create_new_roles(role_names) if create_new
|
33
27
|
|
34
28
|
roles << Role.where(name: role_names) - roles
|
35
29
|
end
|
36
30
|
|
37
31
|
def revoke_roles(*role_names)
|
38
|
-
|
39
|
-
raise(ArgumentError, "Role names must be symbols or strings")
|
40
|
-
end
|
32
|
+
validate_role_names(role_names)
|
41
33
|
|
42
34
|
self.roles = roles - Role.where(name: role_names)
|
43
35
|
end
|
36
|
+
|
37
|
+
private
|
38
|
+
|
39
|
+
def validate_role_names(role_names)
|
40
|
+
return if role_names.all? do |role_name|
|
41
|
+
[Symbol, String].include?(role_name.class) && role_name.match?(/\A[a-z0-9_]+\z/)
|
42
|
+
end
|
43
|
+
|
44
|
+
raise(
|
45
|
+
ArgumentError,
|
46
|
+
"Role names must be symbols or strings and may only contain lowercase letters and underscores"
|
47
|
+
)
|
48
|
+
end
|
49
|
+
|
50
|
+
def create_new_roles(role_names)
|
51
|
+
new_roles = role_names - Role.names
|
52
|
+
new_roles.each { |role_name| Role.create!(name: role_name) }
|
53
|
+
end
|
44
54
|
end
|
45
55
|
end
|
data/lib/rabarber/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rabarber
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- enjaku4
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-12-
|
11
|
+
date: 2023-12-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|