rails_admin_authorized_fields 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +18 -2
  3. data/lib/rails_admin_authorized_fields/section.rb +41 -14
  4. data/lib/rails_admin_authorized_fields/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c3ddbd9ec37f940016aa0799032308491c2ef5c2
4
- data.tar.gz: b11092e3da381667a0dc27ed25479bf09fb67983
3
+ metadata.gz: 35e8abb44b50cce2e9e0ac0eb25c1f59c451dd29
4
+ data.tar.gz: fe374a70e10a4e72495dbfa74cb424ad05f191e6
5
5
  SHA512:
6
- metadata.gz: 1cb18ccf2c9a8447ed2455edf65984ca58dde5c8931d7b39703009ec7e02b751e401c8aa76143d21a82fa702de3911303701335c702b213d65ca7e91a477e09b
7
- data.tar.gz: b922e774c0be83c01db94457424e6cc37b0c48c7f574ec3b24e1b3839b12e74b51f81629a0e449b3a1db8ffed5b5861496c6ea012a0ca947e41a45d29a6ad3ef
6
+ metadata.gz: 58bdc9b82dbb905def88ad28dd239cabf133932b95f79ee0881b91d77b5e60d6e81dd73e1b29455b3d44635b07e5ca957d9efa1de20f62cbf0dc80f6e790aec6
7
+ data.tar.gz: 1e89f36d6d3fd5059b739f8c12e5bbe70e771da4fe8c18666235fdbfaeaef50969cb0b0f519db82247bb3c39d1094e0ffec3ce2c68b2d69f937a2493220cc3e7
data/README.md CHANGED
@@ -22,8 +22,8 @@ Just add ```authorized_fields``` section to your model with specified rules:
22
22
 
23
23
  rails_admin do
24
24
  authorized_fields( {
25
- [ :enabled, :is_default, :text_slug ] => Proc.new { bindings[:view]._current_user.has_role?( :admin ) },
26
- [ :domain ] => Proc.new { !bindings[:view]._current_user.has_role?( :manager ) },
25
+ [ :enabled, :is_default, :text_slug ] => proc { bindings[:view]._current_user.has_role?( :admin ) },
26
+ [ :domain ] => proc { !bindings[:view]._current_user.has_role?( :manager ) },
27
27
  } )
28
28
 
29
29
  field :enabled
@@ -33,6 +33,22 @@ Just add ```authorized_fields``` section to your model with specified rules:
33
33
  field :text_slug
34
34
  end
35
35
 
36
+ You can also use ```unauthorized_fields``` section in opposite of ```authorized_fields```. All rules will be checked.
37
+
38
+ rails_admin do
39
+ unauthorized_fields( {
40
+ [ :enabled, :is_default, :text_slug ] => proc { bindings[:view]._current_user.has_role?( :manager ) },
41
+ } )
42
+
43
+ field :enabled
44
+ field :name
45
+ field :domain
46
+ field :is_default
47
+ field :text_slug
48
+ end
49
+
50
+ Note: all fields are ```authorized``` by default.
51
+
36
52
  TODO: just a small changes needed to make ```authorized_fields``` section overridable in subsection (list, edit)
37
53
 
38
54
  ## Contributing
data/lib/rails_admin_authorized_fields/section.rb CHANGED
@@ -1,44 +1,72 @@
1
1
  module RailsAdminAuthorizedFields
2
2
  module AuthorazedFieldsSection
3
- attr_accessor :authorization_rules
4
-
5
3
  def initialize(parent)
6
- @authorization_rules = {}
4
+ @allow_rules, @deny_rules = {}, {}
7
5
 
8
6
  super(parent)
9
7
  end
10
8
 
11
9
  def authorized_fields(rules)
12
10
  rules.each do |fields, rule|
13
- fields = [ fields ].flatten
11
+ fields = [fields].flatten
14
12
 
15
13
  fields.each do |name|
16
14
  name = name.to_sym
17
- @authorization_rules[ name ] ||= []
18
- @authorization_rules[ name ] << rule
15
+ @allow_rules[name] ||= []
16
+ @allow_rules[name] << rule
19
17
  end
20
18
  end
21
19
  end
22
20
 
23
- def field_authorization_rules( name )
24
- return @authorization_rules[ name ] || [] if @authorization_rules.any?
25
- return [] if self.parent.nil?
26
- parent.field_authorization_rules( name )
21
+ def unauthorized_fields(rules)
22
+ rules.each do |fields, rule|
23
+ fields = [fields].flatten
24
+
25
+ fields.each do |name|
26
+ name = name.to_sym
27
+ @deny_rules[name] ||= []
28
+ @deny_rules[name] << rule
29
+ end
30
+ end
27
31
  end
28
32
 
29
33
  def visible_fields
30
34
  super.select do |field|
31
35
  authorized = true
32
36
 
33
- rules = field.section.field_authorization_rules( field.name )
37
+ rules = field.section.field_authorization_rules(field.name)
38
+
39
+ rules[:allow].each do |rule|
40
+ authorized &= instance_eval(&rule)
41
+ end
34
42
 
35
- rules.each do |rule|
36
- authorized &= instance_eval( &rule )
43
+ rules[:deny].each do |rule|
44
+ authorized &= !instance_eval(&rule)
37
45
  end
38
46
 
39
47
  authorized
40
48
  end
41
49
  end
50
+
51
+ protected
52
+
53
+ def field_authorization_rules(name)
54
+ {
55
+ allow: extract_rules(name, :allow_rules),
56
+ deny: extract_rules(name, :deny_rules),
57
+ }
58
+ end
59
+
60
+ def extract_rules(name, kind, descendant = nil)
61
+ rules = instance_variable_get(:"@#{kind}")
62
+
63
+ return rules[name] || [] if rules.any?
64
+ return [] if @parent.nil?
65
+ return [] if self == descendant
66
+
67
+ @parent.extract_rules(name, kind, self)
68
+ end
69
+
42
70
  end
43
71
  end
44
72
 
@@ -52,4 +80,3 @@ module RailsAdmin
52
80
  end
53
81
  end
54
82
  end
55
-
data/lib/rails_admin_authorized_fields/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RailsAdminAuthorizedFields
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_admin_authorized_fields
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sergey Malykh