raygun 0.0.15 → 0.0.16
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES.md +4 -0
- data/app_prototype/app/controllers/registrations_controller.rb +1 -1
- data/app_prototype/app/models/ability.rb +6 -2
- data/app_prototype/spec/controllers/users_controller_spec.rb +1 -1
- data/app_prototype/spec/models/ability_spec.rb +10 -8
- data/lib/raygun/version.rb +1 -1
- data/raygun.gemspec +1 -1
- metadata +2 -2
data/CHANGES.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## 0.0.16 [2013-01-04]
|
|
4
|
+
|
|
5
|
+
* Improved authorization rules so that users can't delete themselves and non-admin can't access users controller :new.
|
|
6
|
+
|
|
3
7
|
## 0.0.15 [2012-12-26]
|
|
4
8
|
|
|
5
9
|
* Handle cases where raygun is given a name with dashes (e.g wonder-pets).
|
|
@@ -17,7 +17,7 @@ class RegistrationsController < ApplicationController
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def activate
|
|
20
|
-
if @user = User.load_from_activation_token(params[:token])
|
|
20
|
+
if (@user = User.load_from_activation_token(params[:token]))
|
|
21
21
|
@user.activate!
|
|
22
22
|
auto_login @user
|
|
23
23
|
redirect_to sign_in_path, notice: "Your account has been activated and you're now signed in. Enjoy!"
|
|
@@ -5,11 +5,15 @@ class Ability
|
|
|
5
5
|
user ||= User.new # guest user (not logged in)
|
|
6
6
|
|
|
7
7
|
if user.admin?
|
|
8
|
-
can :manage,
|
|
8
|
+
can :manage, :all
|
|
9
9
|
else
|
|
10
|
-
can :
|
|
10
|
+
can [:read, :update], User, id: user.id
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
+
# No one can destroy themselves.
|
|
14
|
+
cannot :destroy, User, id: user.id
|
|
15
|
+
|
|
16
|
+
|
|
13
17
|
# Define abilities for the passed in user here. For example:
|
|
14
18
|
#
|
|
15
19
|
# user ||= User.new # guest user (not logged in)
|
|
@@ -60,7 +60,7 @@ describe UsersController do
|
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
it "assigns a newly created user as @user" do
|
|
63
|
-
post :create, {user: valid_attributes }, valid_session
|
|
63
|
+
post :create, { user: valid_attributes }, valid_session
|
|
64
64
|
expect(assigns(:user)).to be_a(User)
|
|
65
65
|
expect(assigns(:user)).to be_persisted
|
|
66
66
|
end
|
|
@@ -2,33 +2,35 @@ require 'spec_helper'
|
|
|
2
2
|
require 'cancan/matchers'
|
|
3
3
|
|
|
4
4
|
describe "User" do
|
|
5
|
+
subject { ability }
|
|
6
|
+
let(:ability) { Ability.new(user) }
|
|
7
|
+
let(:other) { build(:user) { |u| u.id = 2 } }
|
|
8
|
+
|
|
5
9
|
context "when working with User" do
|
|
6
10
|
context "as a non-admin" do
|
|
7
11
|
let(:user) { build(:user) { |u| u.id = 1 } }
|
|
8
|
-
subject { Ability.new(user) }
|
|
9
12
|
|
|
10
13
|
context "operating on themselves" do
|
|
11
|
-
it { should
|
|
14
|
+
it { should be_able_to(:read, user) }
|
|
15
|
+
it { should be_able_to(:update, user) }
|
|
16
|
+
it { should_not be_able_to(:destroy, user) }
|
|
12
17
|
end
|
|
13
18
|
|
|
14
19
|
context "operating on someone else" do
|
|
15
|
-
let(:other) { build(:user) { |u| u.id = 2 } }
|
|
16
|
-
|
|
17
20
|
it { should_not be_able_to(:manage, other) }
|
|
21
|
+
it { should_not be_able_to(:create, User) }
|
|
18
22
|
end
|
|
19
23
|
end
|
|
20
24
|
|
|
21
25
|
context "as an admin" do
|
|
22
26
|
let(:user) { build(:admin) { |u| u.id = 1 } }
|
|
23
|
-
subject { Ability.new(user) }
|
|
24
27
|
|
|
25
28
|
context "operating on themselves" do
|
|
26
|
-
it { should
|
|
29
|
+
it { should be_able_to(:manage, user) }
|
|
30
|
+
it { should_not be_able_to(:destroy, user) }
|
|
27
31
|
end
|
|
28
32
|
|
|
29
33
|
context "operating on someone else" do
|
|
30
|
-
let(:other) { build(:user) { |u| u.id = 2 } }
|
|
31
|
-
|
|
32
34
|
it { should be_able_to(:manage, other) }
|
|
33
35
|
end
|
|
34
36
|
end
|
data/lib/raygun/version.rb
CHANGED
data/raygun.gemspec
CHANGED
|
@@ -14,7 +14,7 @@ Gem::Specification.new do |gem|
|
|
|
14
14
|
gem.homepage = "https://github.com/carbonfive/raygun"
|
|
15
15
|
|
|
16
16
|
gem.files = `git ls-files`.split($/)
|
|
17
|
-
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
|
17
|
+
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
|
18
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
|
19
19
|
gem.require_paths = ["lib"]
|
|
20
20
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: raygun
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.16
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2013-01-04 00:00:00.000000000 Z
|
|
15
15
|
dependencies: []
|
|
16
16
|
description: Carbon Five Rails application generator
|
|
17
17
|
email:
|