rails_authorize 0.1.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +5 -5
- data/lib/rails_authorize.rb +23 -23
- data/lib/rails_authorize/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e8f0d5120896348f98b7f268593565d38a58b12478fdb9b622f429fcf76eaa28
|
4
|
+
data.tar.gz: 163ad731aaeaaaf3d766abc3de284f65a12e1d507e2bf67a02be8a090d25cd6e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f2ca97240e596d0a505edda8fe402f27cc2161648a166127b84e394eb111d2562b434fb0c71b08af64b2d541071b5a8017dcfcb7a22b34fcf91599f044e74790
|
7
|
+
data.tar.gz: 3ff394b863f95512dfd0ef6b9889ab8b5153ce452bff9a8c73f32573a9deca451004dda547f8c5f8255976b051e37049b958b9679749572d257d7687b9ba146d
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -32,9 +32,9 @@ end
|
|
32
32
|
```
|
33
33
|
|
34
34
|
```ruby
|
35
|
-
# app/
|
35
|
+
# app/policies/application_policy.rb
|
36
36
|
|
37
|
-
class
|
37
|
+
class ApplicationPolicy
|
38
38
|
attr_reader :user, :target, :context
|
39
39
|
|
40
40
|
def initialize(user, target, context)
|
@@ -46,9 +46,9 @@ end
|
|
46
46
|
```
|
47
47
|
|
48
48
|
```ruby
|
49
|
-
# app/
|
49
|
+
# app/policies/post_policy.rb
|
50
50
|
|
51
|
-
class
|
51
|
+
class PostPolicy < ApplicationPolicy
|
52
52
|
def index?
|
53
53
|
true
|
54
54
|
end
|
@@ -67,7 +67,7 @@ end
|
|
67
67
|
# app/controllers/application_controller.rb
|
68
68
|
|
69
69
|
class ApplicationController < ActionController::Base
|
70
|
-
include
|
70
|
+
include RailsAuthorize
|
71
71
|
end
|
72
72
|
```
|
73
73
|
|
data/lib/rails_authorize.rb
CHANGED
@@ -5,19 +5,19 @@ module RailsAuthorize
|
|
5
5
|
class NotAuthorizedError < StandardError; end
|
6
6
|
|
7
7
|
##
|
8
|
-
# Finds
|
8
|
+
# Finds policy class for given target and returns new instance
|
9
9
|
#
|
10
|
-
# @param target [any] the target to load
|
11
|
-
# @param options [Hash] key/value options (user,
|
10
|
+
# @param target [any] the target to load policy
|
11
|
+
# @param options [Hash] key/value options (user, policy, context)
|
12
12
|
# @param options[:user] [Object] the user that initiated the action
|
13
|
-
# @param options[:
|
14
|
-
# @param options[:context] [Hash] other key/value options to use in the
|
13
|
+
# @param options[:policy] [Class] Authorization class to use for authenticate
|
14
|
+
# @param options[:context] [Hash] other key/value options to use in the policy methods
|
15
15
|
#
|
16
|
-
# @return [Object] new
|
16
|
+
# @return [Object] new policy instance
|
17
17
|
#
|
18
|
-
def
|
18
|
+
def policy(target, options={})
|
19
19
|
user = options[:user] || current_user
|
20
|
-
klass = options[:
|
20
|
+
klass = options[:policy] || "#{target.model_name.name}Policy".constantize
|
21
21
|
|
22
22
|
klass.new(user, target, options[:context])
|
23
23
|
end
|
@@ -26,49 +26,49 @@ module RailsAuthorize
|
|
26
26
|
# Throwing an error if the user is not authorized to perform the given action
|
27
27
|
#
|
28
28
|
# @param target [Object] the target we're checking permissions of
|
29
|
-
# @param options [Hash] key/value options (action, user,
|
30
|
-
# @param options[:action] [String] the method to check on the
|
29
|
+
# @param options [Hash] key/value options (action, user, policy, context)
|
30
|
+
# @param options[:action] [String] the method to check on the policy (e.g. `:show?`)
|
31
31
|
#
|
32
32
|
# @raise [NotAuthorizedError] if the given action method returned false
|
33
33
|
# @return [Object] the passed target
|
34
34
|
#
|
35
35
|
def authorize(target, options={})
|
36
36
|
action = options.delete(:action) || "#{action_name}?"
|
37
|
-
|
37
|
+
policy = policy(target, options)
|
38
38
|
|
39
|
-
raise(NotAuthorizedError) unless
|
39
|
+
raise(NotAuthorizedError) unless policy.public_send(action)
|
40
40
|
|
41
41
|
target
|
42
42
|
end
|
43
43
|
|
44
44
|
##
|
45
|
-
# Retrieves the
|
45
|
+
# Retrieves the policy scope for the given target
|
46
46
|
#
|
47
47
|
# @param target [Object] the target we're retrieving the policy scope for
|
48
|
-
# @param options [Hash] key/value options (user,
|
48
|
+
# @param options [Hash] key/value options (user, policy, context)
|
49
49
|
#
|
50
|
-
# @return [Scope]
|
50
|
+
# @return [Scope] policy scope
|
51
51
|
#
|
52
|
-
def
|
53
|
-
|
52
|
+
def policy_scope(target, options={})
|
53
|
+
policy(target, options).scope
|
54
54
|
end
|
55
55
|
|
56
56
|
##
|
57
57
|
# Throwing an error if the user is not authorized to perform the given action
|
58
58
|
#
|
59
59
|
# @param target [Object] the target we're retrieving the policy scope for
|
60
|
-
# @param options [Hash] key/value options (action, user,
|
61
|
-
# @param options[:action] [String] the method to check on the
|
60
|
+
# @param options [Hash] key/value options (action, user, policy, context)
|
61
|
+
# @param options[:action] [String] the method to check on the policy (e.g. `:show?`)
|
62
62
|
#
|
63
63
|
# @raise [NotAuthorizedError] if the given action method returned false
|
64
|
-
# @return [Scope]
|
64
|
+
# @return [Scope] authorized policy scope
|
65
65
|
#
|
66
66
|
def authorized_scope(target, options={})
|
67
67
|
action = options.delete(:action) || "#{action_name}?"
|
68
|
-
|
68
|
+
policy = policy(target, options)
|
69
69
|
|
70
|
-
raise(NotAuthorizedError) unless
|
70
|
+
raise(NotAuthorizedError) unless policy.public_send(action)
|
71
71
|
|
72
|
-
|
72
|
+
policy.scope
|
73
73
|
end
|
74
74
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails_authorize
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- rjurado01
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-04-
|
11
|
+
date: 2018-04-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|