rabarber 1.2.1 → 1.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +8 -6
- data/lib/rabarber/configuration.rb +2 -2
- data/lib/rabarber/logger.rb +11 -0
- data/lib/rabarber/missing/base.rb +2 -2
- data/lib/rabarber/missing/roles.rb +2 -2
- data/lib/rabarber/version.rb +1 -1
- data/lib/rabarber.rb +1 -0
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '084b409c4886e7622ee37f20b8f00c0d6e083546394bf3617bdd5277548a2764'
|
4
|
+
data.tar.gz: 62c3f5fb0496fc5a0cf95f04f0f04d26ba4f847bdf1e838c248361dca72744ee
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a1b141efb53f2b863f0dbbd1fe4c03ce199b7278bc0c51f8868866b918ea3161b8aebd9920872b43d9aea8cf24c5161b0f87d6d535a7c76295aa7890ee4b337
|
7
|
+
data.tar.gz: b740291aba6e4d1c529453e990c30e009b5215ccbdc99a5eac6c1b8c21d354c813e5bdd3f700c37e9aa22d528b025814ce69629aedb95449108a704e233c53d2
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -218,24 +218,26 @@ end
|
|
218
218
|
|
219
219
|
This allows everyone to access `OrdersController` and its children and `index` action in `InvoicesController`. This also extends to scenarios where there is no user present, i.e. when the method responsible for returning the currently authenticated user in your application returns `nil`.
|
220
220
|
|
221
|
+
Be aware that if the user is not authenticated (the method responsible for returning the currently authenticated user in your application returns `nil`), Rabarber will treat this situation as if the user with no roles assigned was authenticated.
|
222
|
+
|
221
223
|
If you've set `must_have_roles` setting to `true`, then, only the users with at least one role can have access. This setting can be useful if your requirements are such that users without roles are not allowed to access anything.
|
222
224
|
|
223
225
|
For more complex cases, Rabarber provides dynamic rules:
|
224
226
|
|
225
227
|
```rb
|
226
228
|
class OrdersController < ApplicationController
|
227
|
-
grant_access if: :
|
228
|
-
grant_access unless: :
|
229
|
+
grant_access if: :current_company_accountant?
|
230
|
+
grant_access unless: :fired?
|
229
231
|
...
|
230
232
|
|
231
233
|
private
|
232
234
|
|
233
|
-
def
|
234
|
-
|
235
|
+
def current_company_accountant?
|
236
|
+
current_company.accountant == current_user
|
235
237
|
end
|
236
238
|
|
237
|
-
def
|
238
|
-
|
239
|
+
def fired?
|
240
|
+
current_user.fired?
|
239
241
|
end
|
240
242
|
end
|
241
243
|
|
@@ -78,13 +78,13 @@ module Rabarber
|
|
78
78
|
-> (missing_roles, context) {
|
79
79
|
delimiter = context[:action] ? "#" : ""
|
80
80
|
message = "Missing roles: #{missing_roles}, context: #{context[:controller]}#{delimiter}#{context[:action]}"
|
81
|
-
|
81
|
+
Rabarber::Logger.log(:warn, message)
|
82
82
|
}
|
83
83
|
end
|
84
84
|
|
85
85
|
def default_when_unauthorized
|
86
86
|
-> (controller) do
|
87
|
-
|
87
|
+
Rabarber::Logger.log(:warn, "Unauthorized attempt")
|
88
88
|
if controller.request.format.html?
|
89
89
|
controller.redirect_back fallback_location: controller.main_app.root_path
|
90
90
|
else
|
@@ -41,7 +41,7 @@ module Rabarber
|
|
41
41
|
|
42
42
|
def controller_rules
|
43
43
|
if controller
|
44
|
-
|
44
|
+
Rabarber::Permissions.controller_rules.slice(controller)
|
45
45
|
else
|
46
46
|
Rabarber::Permissions.controller_rules
|
47
47
|
end
|
@@ -49,7 +49,7 @@ module Rabarber
|
|
49
49
|
|
50
50
|
def action_rules
|
51
51
|
if controller
|
52
|
-
|
52
|
+
Rabarber::Permissions.action_rules.slice(controller)
|
53
53
|
else
|
54
54
|
Rabarber::Permissions.action_rules
|
55
55
|
end
|
@@ -7,8 +7,8 @@ module Rabarber
|
|
7
7
|
|
8
8
|
def check_controller_rules
|
9
9
|
controller_rules.each do |controller, controller_rule|
|
10
|
-
missing_roles = controller_rule.roles - all_roles
|
11
|
-
missing_list << Rabarber::Missing::Item.new(missing_roles, controller, nil)
|
10
|
+
missing_roles = controller_rule.roles - all_roles
|
11
|
+
missing_list << Rabarber::Missing::Item.new(missing_roles, controller, nil) unless missing_roles.empty?
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
data/lib/rabarber/version.rb
CHANGED
data/lib/rabarber.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rabarber
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- enjaku4
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2024-02-
|
12
|
+
date: 2024-02-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -50,6 +50,7 @@ files:
|
|
50
50
|
- lib/rabarber/input/types/booleans.rb
|
51
51
|
- lib/rabarber/input/types/procs.rb
|
52
52
|
- lib/rabarber/input/types/symbols.rb
|
53
|
+
- lib/rabarber/logger.rb
|
53
54
|
- lib/rabarber/missing/actions.rb
|
54
55
|
- lib/rabarber/missing/base.rb
|
55
56
|
- lib/rabarber/missing/roles.rb
|