rails-canhaz 2.0.0.pre1 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +9 -0
- data/README.md +11 -5
- data/gemfiles/Gemfile.ar-3.2.x +4 -0
- data/gemfiles/Gemfile.ar-4.0.x +4 -0
- data/gemfiles/Gemfile.ar-4.1.x +4 -0
- data/gemfiles/Gemfile.ar-edge +6 -0
- data/lib/rails-canhaz/canhaz_permission.rb +5 -0
- data/lib/rails-canhaz/extensions_object.rb +18 -0
- data/lib/rails-canhaz/extensions_subject.rb +15 -0
- data/lib/rails-canhaz/model_extensions.rb +2 -0
- data/lib/rails-canhaz/version.rb +1 -1
- data/rails-canhaz.gemspec +2 -3
- data/test/init_tests.rb +0 -1
- data/test/test_canhaz.rb +36 -12
- metadata +31 -21
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cba07dfae0b516985fc7cf3ece68027c4572b9f0
|
4
|
+
data.tar.gz: a30e785af6b55507a8496b75d1ce107715a7d2a4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6ffb8e98b2af37e18cc2e9a8587b322e6a9fea5a64d1f70bdd7f294a6bd80adf4056e77d9168b6ace8abe6af9b487343573cfb92a69c5be689613987eb6e6852
|
7
|
+
data.tar.gz: 96ec2e1f01ed6cb2e042e141b05769b722edc00f8380c7e6a7aea74d42a5bbf1243bbaea3b46c458718f6d4a7d41fad5d03fe194ae8809824071ba6348f6146f
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -1,21 +1,20 @@
|
|
1
1
|
[A port of this gem working on mongoid](https://github.com/intrepidd/mongoid-canhaz) is now avaible.
|
2
|
-
|
3
|
-
# Rails-Canhaz for Rails 4.0.0.beta1 !
|
2
|
+
# Rails-Canhaz [![Build Status](https://travis-ci.org/Intrepidd/rails-canhaz.png)](https://travis-ci.org/Intrepidd/rails-canhaz)
|
4
3
|
|
5
4
|
This gem is a simple activerecord extention that allows any application using activerecord to manage permissions based roles.
|
6
5
|
|
7
|
-
## Installation
|
6
|
+
## Installation
|
8
7
|
|
9
8
|
Standard gem installation :
|
10
9
|
|
11
10
|
```
|
12
|
-
gem install rails-canhaz
|
11
|
+
gem install rails-canhaz
|
13
12
|
```
|
14
13
|
|
15
14
|
Or in your Gemfile if you use bundler
|
16
15
|
|
17
16
|
```ruby
|
18
|
-
gem 'rails-canhaz'
|
17
|
+
gem 'rails-canhaz'
|
19
18
|
```
|
20
19
|
|
21
20
|
You then need to create a single table in order to make this gem to work
|
@@ -66,7 +65,10 @@ Now our models are marked as canhaz subjects and objects, we have access to some
|
|
66
65
|
|
67
66
|
```ruby
|
68
67
|
user = User.find(42)
|
68
|
+
user2 = User.find(21)
|
69
|
+
|
69
70
|
article = Article.find(1337)
|
71
|
+
article2 = Article.find(784)
|
70
72
|
|
71
73
|
user.can?(:read, article) # Can the user read this article? false for now
|
72
74
|
|
@@ -77,8 +79,12 @@ user.can?(:read, article) # Will be true
|
|
77
79
|
|
78
80
|
user.objects_with_permission(Article, :read) # Will return all the articles w/ read permissions for this user
|
79
81
|
|
82
|
+
User.objects_with_permission([user, user2], :read) # Will return all the articles w/ read permissions for these users
|
83
|
+
|
80
84
|
article.subjects_with_permission(User, :read) # Will return all the users hat are able to read this article
|
81
85
|
|
86
|
+
Article.subjects_with_permission([article, article2], User, :read) # Will return all the users that are able to read theses articles
|
87
|
+
|
82
88
|
#You can also remove permissions
|
83
89
|
|
84
90
|
user.cannot!(:read, article)
|
@@ -2,6 +2,11 @@ require 'active_record'
|
|
2
2
|
|
3
3
|
class CanHazPermission < ActiveRecord::Base
|
4
4
|
|
5
|
+
# Only call attr_accessible for Rails 3.x
|
6
|
+
if ActiveRecord::VERSION::MAJOR == '3'
|
7
|
+
attr_accessible :csubject_id, :csubject_type, :cobject_type, :cobject_id, :permission_name
|
8
|
+
end
|
9
|
+
|
5
10
|
validates :cobject_id, :uniqueness => {:scope => [:permission_name, :csubject_id, :csubject_type, :cobject_type]}
|
6
11
|
|
7
12
|
# Gets the permission row between two objects
|
@@ -20,6 +20,7 @@ module CanHaz
|
|
20
20
|
type.joins("INNER JOIN can_haz_permissions ON can_haz_permissions.csubject_id = #{type.table_name}.id").where('cobject_id = ? AND cobject_type = ?', self.id, self.class.to_s).where('csubject_type = ?', type.to_s).where('permission_name = ?', permission)
|
21
21
|
end
|
22
22
|
|
23
|
+
|
23
24
|
# Removes all rights on this object
|
24
25
|
#
|
25
26
|
def not_accessible
|
@@ -30,6 +31,23 @@ module CanHaz
|
|
30
31
|
true
|
31
32
|
end
|
32
33
|
|
34
|
+
module ClassMethods
|
35
|
+
# Gets the subjects that have the corresponding permission and type on this model
|
36
|
+
#
|
37
|
+
# params objects [Array or Object] The object(s) that you want subjects with permission
|
38
|
+
# @param type [Class] The type of the subjects we're looking for
|
39
|
+
# @param permission [String, Symbol] The permission
|
40
|
+
def subjects_with_permission(objects, type, permission)
|
41
|
+
class_name = (objects.is_a?(Array) ? objects.first.try(:class).try(:name) : objects.class.name)
|
42
|
+
|
43
|
+
type.joins("INNER JOIN can_haz_permissions ON can_haz_permissions.csubject_id = #{type.table_name}.id")
|
44
|
+
.where(:'can_haz_permissions.cobject_type' => class_name)
|
45
|
+
.where(:'can_haz_permissions.cobject_id' => objects)
|
46
|
+
.where('csubject_type = ?', type.to_s)
|
47
|
+
.where('permission_name = ?', permission)
|
48
|
+
.uniq
|
49
|
+
end
|
50
|
+
end
|
33
51
|
end
|
34
52
|
end
|
35
53
|
end
|
@@ -73,6 +73,21 @@ module CanHaz
|
|
73
73
|
true
|
74
74
|
end
|
75
75
|
|
76
|
+
module ClassMethods
|
77
|
+
# Gets All objects that match a given type and permission
|
78
|
+
#
|
79
|
+
# params subjects [Array or Object] The subject(s) that you want objects with permission
|
80
|
+
# @param type [Class] The type of the objects
|
81
|
+
# @param permission [ String, Symbol] The name of the permission
|
82
|
+
# @return The macthing objects in an array
|
83
|
+
def objects_with_permission(subjects, type, permission)
|
84
|
+
type.joins("INNER JOIN can_haz_permissions ON can_haz_permissions.cobject_id = #{type.table_name}.id")
|
85
|
+
.where('cobject_type = ?', type.to_s)
|
86
|
+
.where(:'can_haz_permissions.csubject_id' => subjects)
|
87
|
+
.where('permission_name = ?', permission)
|
88
|
+
.uniq
|
89
|
+
end
|
90
|
+
end
|
76
91
|
end
|
77
92
|
end
|
78
93
|
end
|
@@ -17,6 +17,7 @@ module CanHaz
|
|
17
17
|
#
|
18
18
|
def acts_as_canhaz_object
|
19
19
|
include CanHaz::ModelExtensions::Object
|
20
|
+
extend CanHaz::ModelExtensions::Object::ClassMethods
|
20
21
|
before_destroy :not_accessible # Removes permission before deleting the object
|
21
22
|
end
|
22
23
|
|
@@ -25,6 +26,7 @@ module CanHaz
|
|
25
26
|
#
|
26
27
|
def acts_as_canhaz_subject
|
27
28
|
include CanHaz::ModelExtensions::Subject
|
29
|
+
extend CanHaz::ModelExtensions::Subject::ClassMethods
|
28
30
|
before_destroy :can_do_nothing # Removes permission before deleting the subject
|
29
31
|
end
|
30
32
|
|
data/lib/rails-canhaz/version.rb
CHANGED
data/rails-canhaz.gemspec
CHANGED
@@ -17,9 +17,8 @@ Gem::Specification.new do |gem|
|
|
17
17
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
18
|
gem.require_paths = ["lib"]
|
19
19
|
|
20
|
-
gem.add_dependency 'activerecord', '
|
21
|
-
gem.add_dependency 'rake'
|
22
|
-
|
20
|
+
gem.add_dependency 'activerecord', '>= 3.1.0', '<5'
|
23
21
|
gem.add_development_dependency 'rake'
|
24
22
|
gem.add_development_dependency 'sqlite3'
|
23
|
+
gem.add_development_dependency 'minitest'
|
25
24
|
end
|
data/test/init_tests.rb
CHANGED
data/test/test_canhaz.rb
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
require 'init_tests'
|
2
2
|
require 'rails-canhaz'
|
3
|
-
require '
|
3
|
+
require 'minitest/autorun'
|
4
4
|
require 'models/object_model'
|
5
5
|
require 'models/subject_model'
|
6
6
|
require 'models/foo_model'
|
7
7
|
|
8
8
|
load 'schema.rb'
|
9
9
|
|
10
|
-
class CanHazTest <
|
10
|
+
class CanHazTest < Minitest::Unit::TestCase
|
11
11
|
|
12
12
|
def test_methods
|
13
13
|
assert ActiveRecord::Base.respond_to? :acts_as_canhaz_object
|
@@ -38,21 +38,19 @@ class CanHazTest < Test::Unit::TestCase
|
|
38
38
|
|
39
39
|
object = ObjectModel.new
|
40
40
|
|
41
|
-
|
41
|
+
assert_raises CanHaz::Exceptions::NotACanHazObject do
|
42
42
|
subject.can!(:whatever, foo)
|
43
43
|
end
|
44
44
|
|
45
|
-
assert_nothing_raised RuntimeError do
|
46
|
-
subject.can!(:whatever, object)
|
47
|
-
end
|
48
45
|
|
49
|
-
|
46
|
+
subject.can!(:whatever, object)
|
47
|
+
|
48
|
+
|
49
|
+
assert_raises CanHaz::Exceptions::NotACanHazObject do
|
50
50
|
subject.can?(:whatever, foo)
|
51
51
|
end
|
52
52
|
|
53
|
-
|
54
|
-
subject.can?(:whatever, object)
|
55
|
-
end
|
53
|
+
subject.can?(:whatever, object)
|
56
54
|
|
57
55
|
end
|
58
56
|
|
@@ -63,12 +61,27 @@ class CanHazTest < Test::Unit::TestCase
|
|
63
61
|
subject2 = SubjectModel.new
|
64
62
|
subject2.save
|
65
63
|
|
64
|
+
subject3 = SubjectModel.new
|
65
|
+
subject3.save
|
66
|
+
|
66
67
|
object = ObjectModel.new
|
67
68
|
object.save
|
68
69
|
|
70
|
+
object2 = ObjectModel.new
|
71
|
+
object2.save
|
72
|
+
|
73
|
+
object3 = ObjectModel.new
|
74
|
+
object3.save
|
75
|
+
|
69
76
|
subject2.can!(:foo, object)
|
70
77
|
subject2.can!(:bar, object)
|
71
78
|
|
79
|
+
subject2.can!(:foo, object2)
|
80
|
+
subject2.can!(:bar, object2)
|
81
|
+
|
82
|
+
subject3.can!(:foo, object)
|
83
|
+
subject3.cannot!(:bar, object)
|
84
|
+
|
72
85
|
assert subject.can?(:foo, object) == false
|
73
86
|
assert subject.can?(:bar, object) == false
|
74
87
|
|
@@ -92,9 +105,21 @@ class CanHazTest < Test::Unit::TestCase
|
|
92
105
|
|
93
106
|
assert subject.objects_with_permission(ObjectModel, :bar).count == 1
|
94
107
|
assert subject.objects_with_permission(ObjectModel, :bar).first == object
|
95
|
-
|
96
108
|
assert subject.objects_with_permission(ObjectModel, :foobar).count == 0
|
97
109
|
|
110
|
+
assert SubjectModel.objects_with_permission(subject, ObjectModel, :bar).count == 1
|
111
|
+
assert SubjectModel.objects_with_permission([subject, subject2], ObjectModel, :bar).count == 2
|
112
|
+
assert SubjectModel.objects_with_permission([subject, subject2, subject3], ObjectModel, :bar).count == 2
|
113
|
+
assert SubjectModel.objects_with_permission([subject, subject2, subject3], ObjectModel, :foo).count == 2
|
114
|
+
assert SubjectModel.objects_with_permission([subject, subject3], ObjectModel, :foo).count == 1
|
115
|
+
|
116
|
+
assert object.subjects_with_permission(SubjectModel, :bar).count == 2
|
117
|
+
assert object.subjects_with_permission(SubjectModel, :foo).count == 3
|
118
|
+
assert object.subjects_with_permission(SubjectModel, :foo).count == 3
|
119
|
+
|
120
|
+
assert ObjectModel.subjects_with_permission([object, object2, object3], SubjectModel, :foo).count == 3
|
121
|
+
assert ObjectModel.subjects_with_permission(object2, SubjectModel, :foo).count == 1
|
122
|
+
assert ObjectModel.subjects_with_permission([object], SubjectModel, :bar).count == 2
|
98
123
|
end
|
99
124
|
|
100
125
|
def test_can_cannot
|
@@ -271,4 +296,3 @@ class CanHazTest < Test::Unit::TestCase
|
|
271
296
|
end
|
272
297
|
|
273
298
|
end
|
274
|
-
|
metadata
CHANGED
@@ -1,69 +1,75 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails-canhaz
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Intrepidd
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2014-06-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activerecord
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 3.1.0
|
20
|
+
- - "<"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '5'
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
24
|
-
- -
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 3.1.0
|
30
|
+
- - "<"
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: '5'
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: rake
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
30
36
|
requirements:
|
31
|
-
- -
|
37
|
+
- - ">="
|
32
38
|
- !ruby/object:Gem::Version
|
33
39
|
version: '0'
|
34
|
-
type: :
|
40
|
+
type: :development
|
35
41
|
prerelease: false
|
36
42
|
version_requirements: !ruby/object:Gem::Requirement
|
37
43
|
requirements:
|
38
|
-
- -
|
44
|
+
- - ">="
|
39
45
|
- !ruby/object:Gem::Version
|
40
46
|
version: '0'
|
41
47
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
48
|
+
name: sqlite3
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
44
50
|
requirements:
|
45
|
-
- -
|
51
|
+
- - ">="
|
46
52
|
- !ruby/object:Gem::Version
|
47
53
|
version: '0'
|
48
54
|
type: :development
|
49
55
|
prerelease: false
|
50
56
|
version_requirements: !ruby/object:Gem::Requirement
|
51
57
|
requirements:
|
52
|
-
- -
|
58
|
+
- - ">="
|
53
59
|
- !ruby/object:Gem::Version
|
54
60
|
version: '0'
|
55
61
|
- !ruby/object:Gem::Dependency
|
56
|
-
name:
|
62
|
+
name: minitest
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
58
64
|
requirements:
|
59
|
-
- -
|
65
|
+
- - ">="
|
60
66
|
- !ruby/object:Gem::Version
|
61
67
|
version: '0'
|
62
68
|
type: :development
|
63
69
|
prerelease: false
|
64
70
|
version_requirements: !ruby/object:Gem::Requirement
|
65
71
|
requirements:
|
66
|
-
- -
|
72
|
+
- - ">="
|
67
73
|
- !ruby/object:Gem::Version
|
68
74
|
version: '0'
|
69
75
|
description: A simple gem for managing permissions between rails models
|
@@ -73,11 +79,15 @@ executables: []
|
|
73
79
|
extensions: []
|
74
80
|
extra_rdoc_files: []
|
75
81
|
files:
|
76
|
-
- .gitignore
|
77
|
-
- .travis.yml
|
82
|
+
- ".gitignore"
|
83
|
+
- ".travis.yml"
|
78
84
|
- Gemfile
|
79
85
|
- README.md
|
80
86
|
- Rakefile
|
87
|
+
- gemfiles/Gemfile.ar-3.2.x
|
88
|
+
- gemfiles/Gemfile.ar-4.0.x
|
89
|
+
- gemfiles/Gemfile.ar-4.1.x
|
90
|
+
- gemfiles/Gemfile.ar-edge
|
81
91
|
- lib/generators/can_haz/install/install_generator.rb
|
82
92
|
- lib/generators/can_haz/install/templates/migrations/1_default_can_haz.rb
|
83
93
|
- lib/rails-canhaz.rb
|
@@ -105,17 +115,17 @@ require_paths:
|
|
105
115
|
- lib
|
106
116
|
required_ruby_version: !ruby/object:Gem::Requirement
|
107
117
|
requirements:
|
108
|
-
- -
|
118
|
+
- - ">="
|
109
119
|
- !ruby/object:Gem::Version
|
110
120
|
version: '0'
|
111
121
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
112
122
|
requirements:
|
113
|
-
- -
|
123
|
+
- - ">="
|
114
124
|
- !ruby/object:Gem::Version
|
115
|
-
version:
|
125
|
+
version: '0'
|
116
126
|
requirements: []
|
117
127
|
rubyforge_project:
|
118
|
-
rubygems_version: 2.
|
128
|
+
rubygems_version: 2.2.2
|
119
129
|
signing_key:
|
120
130
|
specification_version: 4
|
121
131
|
summary: A simple gem for managing permissions between rails models
|