raygun 0.0.15 → 0.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGES.md +4 -0
- data/app_prototype/app/controllers/registrations_controller.rb +1 -1
- data/app_prototype/app/models/ability.rb +6 -2
- data/app_prototype/spec/controllers/users_controller_spec.rb +1 -1
- data/app_prototype/spec/models/ability_spec.rb +10 -8
- data/lib/raygun/version.rb +1 -1
- data/raygun.gemspec +1 -1
- metadata +2 -2
data/CHANGES.md
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
+
## 0.0.16 [2013-01-04]
|
4
|
+
|
5
|
+
* Improved authorization rules so that users can't delete themselves and non-admin can't access users controller :new.
|
6
|
+
|
3
7
|
## 0.0.15 [2012-12-26]
|
4
8
|
|
5
9
|
* Handle cases where raygun is given a name with dashes (e.g wonder-pets).
|
@@ -17,7 +17,7 @@ class RegistrationsController < ApplicationController
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def activate
|
20
|
-
if @user = User.load_from_activation_token(params[:token])
|
20
|
+
if (@user = User.load_from_activation_token(params[:token]))
|
21
21
|
@user.activate!
|
22
22
|
auto_login @user
|
23
23
|
redirect_to sign_in_path, notice: "Your account has been activated and you're now signed in. Enjoy!"
|
@@ -5,11 +5,15 @@ class Ability
|
|
5
5
|
user ||= User.new # guest user (not logged in)
|
6
6
|
|
7
7
|
if user.admin?
|
8
|
-
can :manage,
|
8
|
+
can :manage, :all
|
9
9
|
else
|
10
|
-
can :
|
10
|
+
can [:read, :update], User, id: user.id
|
11
11
|
end
|
12
12
|
|
13
|
+
# No one can destroy themselves.
|
14
|
+
cannot :destroy, User, id: user.id
|
15
|
+
|
16
|
+
|
13
17
|
# Define abilities for the passed in user here. For example:
|
14
18
|
#
|
15
19
|
# user ||= User.new # guest user (not logged in)
|
@@ -60,7 +60,7 @@ describe UsersController do
|
|
60
60
|
end
|
61
61
|
|
62
62
|
it "assigns a newly created user as @user" do
|
63
|
-
post :create, {user: valid_attributes }, valid_session
|
63
|
+
post :create, { user: valid_attributes }, valid_session
|
64
64
|
expect(assigns(:user)).to be_a(User)
|
65
65
|
expect(assigns(:user)).to be_persisted
|
66
66
|
end
|
@@ -2,33 +2,35 @@ require 'spec_helper'
|
|
2
2
|
require 'cancan/matchers'
|
3
3
|
|
4
4
|
describe "User" do
|
5
|
+
subject { ability }
|
6
|
+
let(:ability) { Ability.new(user) }
|
7
|
+
let(:other) { build(:user) { |u| u.id = 2 } }
|
8
|
+
|
5
9
|
context "when working with User" do
|
6
10
|
context "as a non-admin" do
|
7
11
|
let(:user) { build(:user) { |u| u.id = 1 } }
|
8
|
-
subject { Ability.new(user) }
|
9
12
|
|
10
13
|
context "operating on themselves" do
|
11
|
-
it { should
|
14
|
+
it { should be_able_to(:read, user) }
|
15
|
+
it { should be_able_to(:update, user) }
|
16
|
+
it { should_not be_able_to(:destroy, user) }
|
12
17
|
end
|
13
18
|
|
14
19
|
context "operating on someone else" do
|
15
|
-
let(:other) { build(:user) { |u| u.id = 2 } }
|
16
|
-
|
17
20
|
it { should_not be_able_to(:manage, other) }
|
21
|
+
it { should_not be_able_to(:create, User) }
|
18
22
|
end
|
19
23
|
end
|
20
24
|
|
21
25
|
context "as an admin" do
|
22
26
|
let(:user) { build(:admin) { |u| u.id = 1 } }
|
23
|
-
subject { Ability.new(user) }
|
24
27
|
|
25
28
|
context "operating on themselves" do
|
26
|
-
it { should
|
29
|
+
it { should be_able_to(:manage, user) }
|
30
|
+
it { should_not be_able_to(:destroy, user) }
|
27
31
|
end
|
28
32
|
|
29
33
|
context "operating on someone else" do
|
30
|
-
let(:other) { build(:user) { |u| u.id = 2 } }
|
31
|
-
|
32
34
|
it { should be_able_to(:manage, other) }
|
33
35
|
end
|
34
36
|
end
|
data/lib/raygun/version.rb
CHANGED
data/raygun.gemspec
CHANGED
@@ -14,7 +14,7 @@ Gem::Specification.new do |gem|
|
|
14
14
|
gem.homepage = "https://github.com/carbonfive/raygun"
|
15
15
|
|
16
16
|
gem.files = `git ls-files`.split($/)
|
17
|
-
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
|
+
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
18
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
19
19
|
gem.require_paths = ["lib"]
|
20
20
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: raygun
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.16
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2013-01-04 00:00:00.000000000 Z
|
15
15
|
dependencies: []
|
16
16
|
description: Carbon Five Rails application generator
|
17
17
|
email:
|