rails_apps_pages 0.5.5 → 0.5.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1dbc7ddf891986e0fcc5c62289dd8ab0cf611246
-  data.tar.gz: bfe79b9412e25c244128171403ca3466a44ce65c
+  metadata.gz: 2666de6172f8535a6a2f744f46aaec5efa3300e8
+  data.tar.gz: ff175f2895625425321ae15cf3147c9071eeb650
 SHA512:
-  metadata.gz: 472a90a46c599ca28706774f77dd323800ca56477ed3d257ab743ca76272b90d0083efd04c21bcf291e35c3246716615254c1922f00f14b7648789f534956a87
-  data.tar.gz: d10b12556fba71620f699e84a9ecaf3da0f71ef0070829b9d2c7b54602d3d8108a72f8737f2c277df16e6a838adabaae2900f0c763628a04abbeb131467cfe6c
+  metadata.gz: d00e4ea4ef71c36ea4599f7855384ce1d833964fd93a804a76f8d4eba02e200853d6b61ceeb7111574404ba0b9c06b4bfb3b8565c1a7b523989a942ba93898bb
+  data.tar.gz: c24152b386a11a645d580e9c1875efbeeb1d0513f1f6fb2b75781647700ecefb8343e8d9072fbd4944f2da20d6f82dd98ff2859623ac40e6b386bf0324767078

data/CHANGELOG.textile

@@ -1,5 +1,9 @@
 h1. CHANGELOG
 
+h3. 0.5.6 June 19, 2014
+
+* add files to integrate Pundit with OmniAuth
+
 h3. 0.5.5 June 19, 2014
 
 * don't generate 'users' pages when generating 'authorized' pages

data/lib/generators/pages/authorized/authorized_generator.rb

@@ -5,14 +5,23 @@ module Pages
     class AuthorizedGenerator < ::Rails::Generators::Base
       source_root File.expand_path("../templates", __FILE__)
 
-      desc "Create pages to accompany a User model when authorization is available."
+      desc "Add Pundit for authorization. A User model with roles must be available."
 
-      def create_page
-        ### assumes we are using Devise for authentication
-        ### assumes we are using Pundit for authorization
+      def add_pundit
+        copy_file 'pundit.rb', 'config/initializers/pundit.rb'
         copy_file 'users/_user.html.erb', 'app/views/users/_user.html.erb'
-        copy_file 'users_controller.rb', 'app/controllers/users_controller.rb'
-        copy_file 'user_policy.rb', 'app/policies/user_policy.rb'
+      end
+
+      def add_if_devise
+        return unless File.exists?('config/initializers/devise.rb')
+        copy_file 'devise/users_controller.rb', 'app/controllers/users_controller.rb'
+        copy_file 'devise/user_policy.rb', 'app/policies/user_policy.rb'
+      end
+
+      def add_if_omniauth
+        return unless File.exists?('config/initializers/omniauth.rb')
+        copy_file 'omniauth/users_controller.rb', 'app/controllers/users_controller.rb'
+        copy_file 'omniauth/user_policy.rb', 'app/policies/user_policy.rb'
       end
 
     end

data/lib/generators/pages/authorized/templates/omniauth/user_policy.rb

@@ -0,0 +1,17 @@
+class UserPolicy
+  attr_reader :current_user, :model
+
+  def initialize(current_user, model)
+    @current_user = current_user
+    @user = model
+  end
+
+  def index?
+    @current_user.admin?
+  end
+
+  def show?
+    @current_user.admin? or @current_user == @user
+  end
+
+end

data/lib/generators/pages/authorized/templates/omniauth/users_controller.rb

@@ -0,0 +1,34 @@
+class UsersController < ApplicationController
+  before_filter :authenticate_user!
+  before_filter :correct_user?, :except => [:index]
+
+  def index
+    @users = User.all
+    authorize User
+  end
+
+  def edit
+    @user = User.find(params[:id])
+  end
+
+  def update
+    @user = User.find(params[:id])
+    if @user.update_attributes(secure_params)
+      redirect_to @user
+    else
+      render :edit
+    end
+  end
+
+  def show
+    @user = User.find(params[:id])
+    authorize @user
+  end
+
+  private
+
+  def secure_params
+    params.require(:user).permit(:email)
+  end
+
+end

data/lib/generators/pages/authorized/templates/pundit.rb

@@ -0,0 +1,22 @@
+# config/initializers/pundit.rb
+# Extends the ApplicationController to add Pundit for authorization.
+# Modify this file to change the behavior of a 'not authorized' error.
+# Be sure to restart your server when you modify this file.
+module PunditHelper
+  extend ActiveSupport::Concern
+
+  included do
+    include Pundit
+    rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
+  end
+
+  private
+
+  def user_not_authorized
+    flash[:alert] = "Access denied."
+    redirect_to (request.referrer || root_path)
+  end
+
+end
+
+ApplicationController.send :include, PunditHelper

data/lib/rails_apps_pages/version.rb

@@ -1,3 +1,3 @@
 module RailsAppsPages
-  VERSION = "0.5.5"
+  VERSION = "0.5.6"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_apps_pages
 version: !ruby/object:Gem::Version
-  version: 0.5.5
+  version: 0.5.6
 platform: ruby
 authors:
 - Daniel Kehoe
@@ -60,9 +60,12 @@ files:
 - lib/generators/pages/about/templates/about.html.erb
 - lib/generators/pages/about/templates/about_page_spec.rb
 - lib/generators/pages/authorized/authorized_generator.rb
-- lib/generators/pages/authorized/templates/user_policy.rb
+- lib/generators/pages/authorized/templates/devise/user_policy.rb
+- lib/generators/pages/authorized/templates/devise/users_controller.rb
+- lib/generators/pages/authorized/templates/omniauth/user_policy.rb
+- lib/generators/pages/authorized/templates/omniauth/users_controller.rb
+- lib/generators/pages/authorized/templates/pundit.rb
 - lib/generators/pages/authorized/templates/users/_user.html.erb
-- lib/generators/pages/authorized/templates/users_controller.rb
 - lib/generators/pages/home/home_generator.rb
 - lib/generators/pages/home/templates/home_page_spec.rb
 - lib/generators/pages/home/templates/index.html.erb