rails-auth 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +7 -2
- data/CHANGES.md +10 -0
- data/Gemfile +2 -1
- data/README.md +2 -2
- data/lib/rails/auth/acl.rb +5 -1
- data/lib/rails/auth/acl/resource.rb +1 -1
- data/lib/rails/auth/error_page/debug_page.html.erb +1 -1
- data/lib/rails/auth/rspec/helper_methods.rb +1 -1
- data/lib/rails/auth/version.rb +1 -1
- data/spec/rails/auth/acl_spec.rb +6 -0
- data/spec/spec_helper.rb +3 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5b48234e95be0db7806d0126d60590261a585409
|
|
4
|
+
data.tar.gz: 02ae7923ef2a6f12da93fbe0ecea10818c167fb5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ffac862f2da1d9054751ba8bdcd05cc292851ce87bf0fea120eb9ec001003bee782b7740f400ef9e02e0a6dd634ab668a96f347e3313391f1bbdd6e7c3b82a39
|
|
7
|
+
data.tar.gz: 1a6a4ed4a30071156042b36755ae8db7ae1b8cc749ba5fad792970ab588e9f051be9199a90af78a60ef0abc59f4befb092785d6e8256872e9ea0ae3401f59c07
|
data/.travis.yml
CHANGED
|
@@ -1,16 +1,21 @@
|
|
|
1
1
|
language: ruby
|
|
2
2
|
sudo: false
|
|
3
|
+
branches:
|
|
4
|
+
only:
|
|
5
|
+
- master
|
|
3
6
|
|
|
4
7
|
before_install:
|
|
5
8
|
- gem install bundler
|
|
6
9
|
|
|
10
|
+
bundler_args: --without development
|
|
11
|
+
|
|
7
12
|
rvm:
|
|
8
13
|
- 2.0.0
|
|
9
|
-
- 2.1.
|
|
14
|
+
- 2.1.10
|
|
10
15
|
- 2.2.4
|
|
11
16
|
- 2.3.0
|
|
12
17
|
matrix:
|
|
13
18
|
include:
|
|
14
|
-
- rvm: jruby-9.0.
|
|
19
|
+
- rvm: jruby-9.0.5.0
|
|
15
20
|
env: JRUBY_OPTS="--debug" # for simplecov
|
|
16
21
|
fast_finish: true
|
data/CHANGES.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
### 0.4.1 (2016-04-23)
|
|
2
|
+
|
|
3
|
+
* [#17](https://github.com/square/rails-auth/pull/17)
|
|
4
|
+
Use PATH_INFO instead of REQUEST_PATH.
|
|
5
|
+
([@tarcieri])
|
|
6
|
+
|
|
7
|
+
* [#15](https://github.com/square/rails-auth/pull/15)
|
|
8
|
+
Check types more thoroughly when parsing ACLs.
|
|
9
|
+
([@tarcieri])
|
|
10
|
+
|
|
1
11
|
### 0.4.0 (2016-03-14)
|
|
2
12
|
|
|
3
13
|
* [#14](https://github.com/square/rails-auth/pull/14)
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -73,7 +73,7 @@ policies around them.
|
|
|
73
73
|
Below is a comparison of how Rails::Auth relates to the existing landscape
|
|
74
74
|
of Rails AuthN and AuthZ libraries. These are grouped into two different
|
|
75
75
|
categories: libraries Rails::Auth replaces, and libraries with which
|
|
76
|
-
Rails::Auth can be used in a
|
|
76
|
+
Rails::Auth can be used in a complementary fashion.
|
|
77
77
|
|
|
78
78
|
### Replaces:
|
|
79
79
|
|
|
@@ -93,7 +93,7 @@ Rails::Auth can be used in a complimentary fashion.
|
|
|
93
93
|
easily support [claims-based identity] systems where user identity
|
|
94
94
|
is outsourced to a separate microservice.
|
|
95
95
|
|
|
96
|
-
###
|
|
96
|
+
### Complements:
|
|
97
97
|
|
|
98
98
|
* [Pundit]: Domain object-centric fine-grained authorization using clean
|
|
99
99
|
object-oriented APIs. Pundit makes authorization decisions around particular
|
data/lib/rails/auth/acl.rb
CHANGED
|
@@ -22,9 +22,13 @@ module Rails
|
|
|
22
22
|
# @param [Hash] :matchers predicate matchers for use with this ACL
|
|
23
23
|
#
|
|
24
24
|
def initialize(acl, matchers: {})
|
|
25
|
+
raise TypeError, "expected Array for acl, got #{acl.class}" unless acl.is_a?(Array)
|
|
26
|
+
|
|
25
27
|
@resources = []
|
|
26
28
|
|
|
27
|
-
acl.
|
|
29
|
+
acl.each do |entry|
|
|
30
|
+
raise TypeError, "expected Hash for acl entry, got #{entry.class}" unless entry.is_a?(Hash)
|
|
31
|
+
|
|
28
32
|
resources = entry["resources"]
|
|
29
33
|
raise ParseError, "no 'resources' key present in entry: #{entry.inspect}" unless resources
|
|
30
34
|
|
|
@@ -58,7 +58,7 @@ module Rails
|
|
|
58
58
|
#
|
|
59
59
|
def match!(env)
|
|
60
60
|
return false unless @http_methods.nil? || @http_methods.include?(env["REQUEST_METHOD".freeze])
|
|
61
|
-
return false unless @path =~ env["
|
|
61
|
+
return false unless @path =~ env["PATH_INFO".freeze]
|
|
62
62
|
return false unless @host.nil? || @host =~ env["HTTP_HOST".freeze]
|
|
63
63
|
true
|
|
64
64
|
end
|
data/lib/rails/auth/version.rb
CHANGED
data/spec/rails/auth/acl_spec.rb
CHANGED
|
@@ -11,6 +11,12 @@ RSpec.describe Rails::Auth::ACL do
|
|
|
11
11
|
)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
+
describe "#initialize" do
|
|
15
|
+
it "raises TypeError if given a non-Array ACL type" do
|
|
16
|
+
expect { described_class.new(:bogus) }.to raise_error(TypeError)
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
14
20
|
describe "#match" do
|
|
15
21
|
it "matches routes against the ACL" do
|
|
16
22
|
expect(example_acl.match(env_for(:get, "/"))).to eq true
|
data/spec/spec_helper.rb
CHANGED
|
@@ -18,9 +18,10 @@ def fixture_path(*args)
|
|
|
18
18
|
Pathname.new(File.expand_path("../fixtures", __FILE__)).join(*args)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
def env_for(method, path)
|
|
21
|
+
def env_for(method, path, host = "127.0.0.1")
|
|
22
22
|
{
|
|
23
23
|
"REQUEST_METHOD" => method.to_s.upcase,
|
|
24
|
-
"
|
|
24
|
+
"PATH_INFO" => path,
|
|
25
|
+
"HTTP_HOST" => host
|
|
25
26
|
}
|
|
26
27
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tony Arcieri
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|