rbac_rls 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -0
- data/app/controllers/rbac_rls/permissions_controller.rb +5 -1
- data/app/controllers/rbac_rls/roles_controller.rb +7 -1
- data/app/models/rbac_rls/group.rb +2 -5
- data/app/models/rbac_rls/permission.rb +26 -5
- data/app/models/rbac_rls/role.rb +23 -1
- data/app/views/rbac_rls/groups/_form.html.erb +6 -6
- data/app/views/rbac_rls/groups/_group.html.erb +8 -12
- data/app/views/rbac_rls/groups/_group_permission_fields.html.erb +2 -2
- data/app/views/rbac_rls/groups/_group_user_fields.html.erb +1 -1
- data/app/views/rbac_rls/groups/edit.html.erb +2 -2
- data/app/views/rbac_rls/groups/index.html.erb +12 -6
- data/app/views/rbac_rls/groups/new.html.erb +1 -1
- data/app/views/rbac_rls/groups/show.html.erb +4 -5
- data/app/views/rbac_rls/permissions/_form.html.erb +15 -12
- data/app/views/rbac_rls/permissions/_permission.html.erb +37 -54
- data/app/views/rbac_rls/permissions/_role_permission_fields.html.erb +2 -2
- data/app/views/rbac_rls/permissions/index.html.erb +12 -5
- data/app/views/rbac_rls/permissions/show.html.erb +7 -6
- data/app/views/rbac_rls/roles/_form.html.erb +13 -12
- data/app/views/rbac_rls/roles/_user_role_fields.html.erb +1 -1
- data/app/views/rbac_rls/roles/index.html.erb +1 -3
- data/app/views/rbac_rls/roles/new.html.erb +1 -1
- data/app/views/rbac_rls/roles/show.html.erb +9 -3
- data/app/views/rbac_rls/shared/_user.html.erb +6 -0
- data/lib/generators/rbac_rls/templates/group_permission_migration.rb +1 -1
- data/lib/generators/rbac_rls/templates/rls_migration.rb +4 -4
- data/lib/rbac_rls/version.rb +2 -2
- data/lib/rbac_rls.rb +4 -0
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a78283c1080582d297d67402835e23261cb3676c1083b7a11283fe983f5b6e4c
|
4
|
+
data.tar.gz: b4193df304d181c3e51c8e0a2de4229dbc11279833314bc77fa571102275a27c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 80ce3e50e315e100fc31febcb62c8f4e8f1068d0d87933c6a45b0fd609eba6f42b4898a0aae8f12549249a21d433fddc21bbbdef93dcaea9a58a156898c85e71
|
7
|
+
data.tar.gz: beb7a1969bd9bad2f70e460a51e403e9fc2798ccf2edbe7dc1d3894d05f2c87927dc8bc133d325160d06af524a360da36ac61acdb9b317c5345ea60173386b52
|
data/README.md
CHANGED
@@ -23,6 +23,10 @@ banco de dados.
|
|
23
23
|
|
24
24
|
# Como utilizar esta Gem ?.
|
25
25
|
|
26
|
+
###
|
27
|
+
Caso queira Apenas Testar há essa aplicação principal com um Scaffold básico "produtos" de exemplo: https://gitlab.com/FilipeBeserraMaia/example_to_test
|
28
|
+
|
29
|
+
|
26
30
|
### Instalação:
|
27
31
|
|
28
32
|
Adicione esta linha no arquivo da sua aplicação Gemfile
|
@@ -43,8 +43,12 @@ module RbacRls
|
|
43
43
|
|
44
44
|
# DELETE /permissions/1
|
45
45
|
def destroy
|
46
|
+
notice_msg = "Permission was successfully destroyed."
|
46
47
|
@permission.destroy
|
47
|
-
|
48
|
+
if @permission.errors.size > 0
|
49
|
+
notice_msg = @permission.errors&.messages&.first&.last&.last
|
50
|
+
end
|
51
|
+
redirect_to permissions_url, notice: notice_msg
|
48
52
|
end
|
49
53
|
|
50
54
|
private
|
@@ -42,8 +42,14 @@ module RbacRls
|
|
42
42
|
|
43
43
|
# DELETE /roles/1
|
44
44
|
def destroy
|
45
|
+
notice_msg = "Role was successfully destroyed."
|
46
|
+
|
45
47
|
@role.destroy
|
46
|
-
|
48
|
+
if @role.errors.size > 0
|
49
|
+
notice_msg = @role.errors&.messages&.first&.last&.last
|
50
|
+
end
|
51
|
+
redirect_to roles_url, notice: notice_msg
|
52
|
+
|
47
53
|
end
|
48
54
|
|
49
55
|
private
|
@@ -1,14 +1,11 @@
|
|
1
1
|
class RbacRls::Group < ApplicationRecord
|
2
2
|
|
3
3
|
self.table_name = :groups
|
4
|
-
has_many :group_permissions, :class_name => 'RbacRls::GroupPermission'
|
5
|
-
has_many :group_users, :class_name => 'RbacRls::GroupUser'
|
4
|
+
has_many :group_permissions, :class_name => 'RbacRls::GroupPermission', dependent: :delete_all
|
5
|
+
has_many :group_users, :class_name => 'RbacRls::GroupUser', dependent: :delete_all
|
6
6
|
accepts_nested_attributes_for :group_permissions, reject_if: :all_blank, allow_destroy: true
|
7
7
|
accepts_nested_attributes_for :group_users, reject_if: :all_blank, allow_destroy: true
|
8
8
|
|
9
|
-
|
10
9
|
private
|
11
10
|
|
12
|
-
|
13
|
-
|
14
11
|
end
|
@@ -2,7 +2,8 @@ class RbacRls::Permission < ApplicationRecord
|
|
2
2
|
include ManageRlsMigrationConcern
|
3
3
|
self.table_name = :permissions
|
4
4
|
belongs_to :permission, :class_name => 'RbacRls::Permission', optional: true
|
5
|
-
has_many :role_permissions, :class_name => 'RbacRls::RolePermission'
|
5
|
+
has_many :role_permissions, :class_name => 'RbacRls::RolePermission', dependent: :delete_all
|
6
|
+
has_many :group_permissions, :class_name => 'RbacRls::GroupPermission'
|
6
7
|
accepts_nested_attributes_for :role_permissions, reject_if: :all_blank, allow_destroy: true
|
7
8
|
|
8
9
|
#validations
|
@@ -11,12 +12,15 @@ class RbacRls::Permission < ApplicationRecord
|
|
11
12
|
validates_presence_of :table_name
|
12
13
|
before_validation :set_permission_name
|
13
14
|
after_validation :create_rls_policy
|
14
|
-
|
15
|
-
|
16
|
-
|
15
|
+
before_destroy :validate_destroy, prepend: true do
|
16
|
+
throw(:abort) if errors.present?
|
17
|
+
end
|
18
|
+
def self.all_tables(schema = :public, except = [])
|
19
|
+
removed = [:permissions, :roles, :user_roles, :schema_migrations, :ar_internal_metadata, :users,
|
20
|
+
:groups, :group_permissions, :group_users, :role_permissions] + except
|
17
21
|
sql = "SELECT table_name FROM information_schema.tables #{where_schema(schema)} "
|
18
22
|
result = ActiveRecord::Base.connection.select_all(sql)
|
19
|
-
tables = result.map { |k| k['table_name'] }
|
23
|
+
tables = result.map { |k| k['table_name'] }.select { |t| removed.exclude?(t.to_sym) }
|
20
24
|
tables
|
21
25
|
end
|
22
26
|
|
@@ -61,4 +65,21 @@ class RbacRls::Permission < ApplicationRecord
|
|
61
65
|
def has_role_permission?() end
|
62
66
|
|
63
67
|
|
68
|
+
def validate_destroy
|
69
|
+
if not can_destroy?
|
70
|
+
self.errors.add(:base, @error)
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
private
|
75
|
+
|
76
|
+
def can_destroy?
|
77
|
+
out = true
|
78
|
+
if group_permissions.count > 0
|
79
|
+
@error = "Can't be destroyed because of Has associations With Groups"
|
80
|
+
out = false
|
81
|
+
end
|
82
|
+
out
|
83
|
+
end
|
84
|
+
|
64
85
|
end
|
data/app/models/rbac_rls/role.rb
CHANGED
@@ -3,8 +3,30 @@ class RbacRls::Role < ApplicationRecord
|
|
3
3
|
|
4
4
|
# has_many :permissions, :class_name => 'RbacRls::Permission'
|
5
5
|
|
6
|
-
has_many :user_roles, :class_name => 'RbacRls::UserRole'
|
6
|
+
has_many :user_roles, :class_name => 'RbacRls::UserRole', dependent: :delete_all
|
7
|
+
has_many :user_permissions, :class_name => 'RbacRls::RolePermission'
|
7
8
|
accepts_nested_attributes_for :user_roles, reject_if: :all_blank, allow_destroy: true
|
8
9
|
|
10
|
+
before_destroy :validate_destroy, prepend: true do
|
11
|
+
throw(:abort) if errors.present?
|
12
|
+
end
|
13
|
+
|
14
|
+
def validate_destroy
|
15
|
+
if not can_destroy?
|
16
|
+
self.errors.add(:base, @error)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
|
22
|
+
def can_destroy?
|
23
|
+
out = true
|
24
|
+
if user_permissions.count > 0
|
25
|
+
@error = "Can't be destroyed because of Has associations With permissions"
|
26
|
+
out = false
|
27
|
+
end
|
28
|
+
out
|
29
|
+
end
|
30
|
+
|
9
31
|
end
|
10
32
|
|
@@ -13,18 +13,18 @@
|
|
13
13
|
|
14
14
|
<div>
|
15
15
|
<%= form.label :name, style: "display: block" %>
|
16
|
-
<%= form.text_field :name %>
|
16
|
+
<%= form.text_field :name, class: "form-control" %>
|
17
17
|
</div>
|
18
18
|
|
19
19
|
<div>
|
20
20
|
<%= form.label :comments, style: "display: block" %>
|
21
|
-
<%= form.text_field :comments %>
|
21
|
+
<%= form.text_field :comments, class: "form-control" %>
|
22
22
|
</div>
|
23
23
|
<div class="m-2">
|
24
24
|
<%= link_to_add_nested(form, :group_permissions, '#group_permissions',
|
25
25
|
partial: 'rbac_rls/groups/group_permission_fields',
|
26
26
|
link_text: 'Add new Permission to this Group Permission',
|
27
|
-
link_classes: 'btn-primary btn
|
27
|
+
link_classes: 'btn-primary btn') %>
|
28
28
|
</div>
|
29
29
|
<div id='group_permissions'>
|
30
30
|
<%= form.fields_for :group_permissions do |p| %>
|
@@ -35,8 +35,8 @@
|
|
35
35
|
<div class="m-2">
|
36
36
|
<%= link_to_add_nested(form, :group_users, '#group_users',
|
37
37
|
partial: 'rbac_rls/groups/group_user_fields',
|
38
|
-
link_text: '
|
39
|
-
link_classes: 'btn-primary btn
|
38
|
+
link_text: 'Associate User to this Group',
|
39
|
+
link_classes: 'btn-primary btn') %>
|
40
40
|
</div>
|
41
41
|
<div id='group_users'>
|
42
42
|
<%= form.fields_for :group_users do |p| %>
|
@@ -45,7 +45,7 @@
|
|
45
45
|
</div>
|
46
46
|
|
47
47
|
<div>
|
48
|
-
<%= form.submit %>
|
48
|
+
<%= form.submit "Save", class: "btn btn-success" %>
|
49
49
|
</div>
|
50
50
|
|
51
51
|
<% end %>
|
@@ -1,12 +1,8 @@
|
|
1
|
-
<
|
2
|
-
<
|
3
|
-
<
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
<%= group.comments %>
|
10
|
-
</p>
|
11
|
-
|
12
|
-
</div>
|
1
|
+
<ul class="list-group">
|
2
|
+
<li class="list-group-item">
|
3
|
+
<b>name:</b> <%= group.name %>
|
4
|
+
</li>
|
5
|
+
<li class="list-group-item">
|
6
|
+
<b>comments:</b> <%= group.comments %>
|
7
|
+
</li>
|
8
|
+
</ul>
|
@@ -1,7 +1,7 @@
|
|
1
1
|
<% utc = Time.now.utc.to_formatted_s(:number) %>
|
2
2
|
<div class="wrapper-div m-2">
|
3
3
|
<div class="">
|
4
|
-
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn
|
4
|
+
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn') %>
|
5
5
|
</div>
|
6
6
|
<div class="">
|
7
7
|
<%= form.label :permission_id %> <br>
|
@@ -13,6 +13,6 @@
|
|
13
13
|
</div>
|
14
14
|
<div class="">
|
15
15
|
<%= form.label :table_value %> <br>
|
16
|
-
<%= form.text_field :table_value %>
|
16
|
+
<%= form.text_field :table_value,class:"form-control" %>
|
17
17
|
</div>
|
18
18
|
</div>
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<div class="wrapper-div m-2">
|
2
2
|
<div class="">
|
3
|
-
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn
|
3
|
+
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn') %>
|
4
4
|
</div>
|
5
5
|
<div class="">
|
6
6
|
<%= form.label :user_id %> <br>
|
@@ -2,13 +2,19 @@
|
|
2
2
|
|
3
3
|
<h1>Groups</h1>
|
4
4
|
|
5
|
-
<div id="groups">
|
5
|
+
<div id="groups" class="mt-3">
|
6
6
|
<% @groups.each do |group| %>
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
7
|
+
<div class="mt-3">
|
8
|
+
<%= render group %>
|
9
|
+
</div>
|
10
|
+
<div class="mt-3 row">
|
11
|
+
<div class="col"><%= link_to "Edit this group", edit_group_path(group), class: "btn btn-warning" %></div>
|
12
|
+
<div class="col"> <%= link_to "Show this group", group, class: "btn btn-secondary" %></div>
|
13
|
+
<div class="col"><%= button_to "Destroy this group", group, method: :delete, class: "btn btn-danger" %></div>
|
14
|
+
</div>
|
11
15
|
<% end %>
|
12
16
|
</div>
|
13
17
|
|
14
|
-
|
18
|
+
<div class="mt-3">
|
19
|
+
<%= link_to "New group", new_group_path, class: "btn btn-primary" %>
|
20
|
+
</div>
|
@@ -2,9 +2,8 @@
|
|
2
2
|
|
3
3
|
<%= render @group %>
|
4
4
|
|
5
|
-
<div>
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
<%= button_to "Destroy this group", @group, method: :delete %>
|
5
|
+
<div class="row mt-3">
|
6
|
+
<div class="col"><%= link_to "Edit this group", edit_group_path(@group), class: "btn btn-warning" %></div>
|
7
|
+
<div class="col"><%= link_to "Back to groups", groups_path, class: "btn btn-secondary" %></div>
|
8
|
+
<div class="col"><%= button_to "Destroy this group", @group, method: :delete, class: "btn btn-danger" %></div>
|
10
9
|
</div>
|
@@ -56,23 +56,26 @@
|
|
56
56
|
</div>
|
57
57
|
</div>
|
58
58
|
|
59
|
-
<div class=""
|
60
|
-
|
61
|
-
|
62
|
-
</div
|
63
|
-
<
|
64
|
-
|
65
|
-
|
66
|
-
link_text: 'Add new User to this Role Permission',
|
67
|
-
link_classes: 'btn-primary btn-sm') %>
|
68
|
-
</div>
|
69
|
-
<div id='roles_permission'>
|
59
|
+
<!-- <div class="">-->
|
60
|
+
<!-- <%#= form.label :permission_id %> <br>-->
|
61
|
+
<%#= form.select(:permission_id, permission_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
|
62
|
+
<!-- </div>-->
|
63
|
+
<hr>
|
64
|
+
<div id='roles_permission' class="m-3">
|
65
|
+
<hr>
|
70
66
|
<%= form.fields_for :role_permissions do |p| %>
|
71
67
|
<% render 'rbac_rls/permissions/role_permission_fields', form: p %>
|
72
68
|
<% end %>
|
69
|
+
|
73
70
|
</div>
|
74
71
|
<div class="m-2">
|
75
|
-
<%= form
|
72
|
+
<%= link_to_add_nested(form, :role_permissions, '#roles_permission',
|
73
|
+
partial: 'rbac_rls/permissions/role_permission_fields',
|
74
|
+
link_text: 'Associate Role to this Permission',
|
75
|
+
link_classes: 'btn btn-primary btn-sm') %>
|
76
|
+
</div>
|
77
|
+
<div class="m-5">
|
78
|
+
<%= form.submit "Save", class: 'btn btn-primary' %>
|
76
79
|
</div>
|
77
80
|
<% end %>
|
78
81
|
</div>
|
@@ -1,54 +1,37 @@
|
|
1
|
-
<div
|
2
|
-
<
|
3
|
-
<
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
owner_read
|
39
|
-
</strong>
|
40
|
-
<%= permission.owner_read %>
|
41
|
-
</p>
|
42
|
-
<p>
|
43
|
-
<strong>
|
44
|
-
owner_change
|
45
|
-
</strong>
|
46
|
-
<%= permission.owner_change %>
|
47
|
-
</p>
|
48
|
-
<p>
|
49
|
-
<strong>
|
50
|
-
owner_remove
|
51
|
-
</strong>
|
52
|
-
<%= permission.owner_remove %>
|
53
|
-
</p>
|
54
|
-
</div>
|
1
|
+
<div class="row">
|
2
|
+
<div class="col">
|
3
|
+
<ul class="list-group">
|
4
|
+
<li class="list-group-item">
|
5
|
+
<b>name:</b> <%= permission.name %>
|
6
|
+
</li>
|
7
|
+
<li class="list-group-item">
|
8
|
+
<b>table name:</b> <%= permission.table_name %>
|
9
|
+
</li>
|
10
|
+
<li class="list-group-item">
|
11
|
+
<b>read:</b> <%= permission.read %>
|
12
|
+
</li>
|
13
|
+
<li class="list-group-item">
|
14
|
+
<b>write:</b> <%= permission.write %>
|
15
|
+
</li>
|
16
|
+
<li class="list-group-item">
|
17
|
+
<b>change:</b> <%= permission.change %>
|
18
|
+
</li>
|
19
|
+
<li class="list-group-item">
|
20
|
+
<b>remove:</b> <%= permission.remove %>
|
21
|
+
</li>
|
22
|
+
</ul>
|
23
|
+
</div>
|
24
|
+
<div class="col">
|
25
|
+
<ul class="list-group">
|
26
|
+
<li class="list-group-item">
|
27
|
+
<b>owner read:</b> <%= permission.owner_read %>
|
28
|
+
</li>
|
29
|
+
<li class="list-group-item">
|
30
|
+
<b>owner change:</b> <%= permission.owner_change %>
|
31
|
+
</li>
|
32
|
+
<li class="list-group-item">
|
33
|
+
<b>owner remove:</b> <%= permission.owner_remove %>
|
34
|
+
</li>
|
35
|
+
</ul>
|
36
|
+
</div>
|
37
|
+
</div>
|
@@ -1,9 +1,9 @@
|
|
1
1
|
<div class="wrapper-div m-2">
|
2
2
|
<div class="">
|
3
|
-
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
|
3
|
+
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn btn-danger btn-sm') %>
|
4
4
|
</div>
|
5
5
|
<div class="">
|
6
6
|
<%= form.label :role_id %> <br>
|
7
|
-
<%= form.select(:role_id, role_options_for_select(form), { :prompt => "..."
|
7
|
+
<%= form.select(:role_id, role_options_for_select(form), { :prompt => "..."}, class: 'form-control') %>
|
8
8
|
</div>
|
9
9
|
</div>
|
@@ -3,16 +3,23 @@
|
|
3
3
|
<h1 class="display-3">Permissions</h1>
|
4
4
|
|
5
5
|
<div class="">
|
6
|
-
<%= link_to new_permission_path, class: 'btn-primary btn-sm' do %>
|
6
|
+
<%= link_to new_permission_path, class: 'btn btn-primary btn-sm' do %>
|
7
7
|
New permission
|
8
8
|
<% end %>
|
9
9
|
</div>
|
10
10
|
|
11
11
|
<div id="permissions">
|
12
12
|
<% @permissions.each do |permission| %>
|
13
|
-
|
14
|
-
<
|
15
|
-
<%=
|
16
|
-
</
|
13
|
+
|
14
|
+
<div class="m-3">
|
15
|
+
<%= render permission %>
|
16
|
+
</div>
|
17
|
+
<div class="m-3">
|
18
|
+
<div class="row">
|
19
|
+
<div class="col"><%= link_to "Edit this permission", edit_permission_path(permission), class: "btn btn-warning" %></div>
|
20
|
+
<div class="col"><%= button_to "Destroy this permission", permission, method: :delete, class: "btn btn-danger" %></div>
|
21
|
+
<div class="col"><%= link_to "Show this permission", permission, class: 'btn btn-secondary' %></div>
|
22
|
+
</div>
|
23
|
+
</div>
|
17
24
|
<% end %>
|
18
25
|
</div>
|
@@ -1,10 +1,11 @@
|
|
1
1
|
<p style="color: green"><%= notice %></p>
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
<%= link_to "Edit this permission", edit_permission_path(@permission) %> |
|
7
|
-
<%= link_to "Back to permissions", permissions_path %>
|
3
|
+
<div class="m-3">
|
4
|
+
<%= render @permission %>
|
5
|
+
</div>
|
8
6
|
|
9
|
-
|
7
|
+
<div class="row">
|
8
|
+
<div class="col"><%= link_to "Edit this permission", edit_permission_path(@permission), class: "btn btn-warning" %></div>
|
9
|
+
<div class="col"><%= link_to "Back to permissions", permissions_path, class: "btn btn-secondary" %></div>
|
10
|
+
<div class="col"><%= button_to "Destroy this permission", @permission, method: :delete, class: "btn btn-danger" %></div>
|
10
11
|
</div>
|
@@ -22,21 +22,22 @@
|
|
22
22
|
<%= form.text_area :comments, class: 'form-control' %>
|
23
23
|
</div>
|
24
24
|
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
25
|
+
<div class="container">
|
26
|
+
<div id='user_roles'>
|
27
|
+
<%= form.fields_for :user_roles do |p| %>
|
28
|
+
<% render 'rbac_rls/roles/user_role_fields', form: p %>
|
29
|
+
<% end %>
|
30
|
+
</div>
|
31
|
+
<div class="m-2">
|
32
|
+
<%= link_to_add_nested(form, :user_roles, '#user_roles',
|
33
|
+
partial: 'rbac_rls/roles/user_role_fields',
|
34
|
+
link_text: 'Add new User to role',
|
35
|
+
link_classes: 'btn btn-primary btn-sm') %>
|
36
|
+
</div>
|
36
37
|
</div>
|
37
38
|
|
38
39
|
<div class="m-2">
|
39
|
-
<%= form.submit "Create Role", class: 'btn-primary btn-sm' %>
|
40
|
+
<%= form.submit "Create Role", class: 'btn btn-primary btn-sm' %>
|
40
41
|
</div>
|
41
42
|
<% end %>
|
42
43
|
</div>
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<div class="wrapper-div m-2">
|
2
2
|
<div class="">
|
3
|
-
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
|
3
|
+
<%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn btn-danger btn-sm') %>
|
4
4
|
</div>
|
5
5
|
<div class="">
|
6
6
|
<%= form.label :user_id %> <br>
|
@@ -1,10 +1,8 @@
|
|
1
1
|
<div class="container">
|
2
2
|
<p style="color: green"><%= notice %></p>
|
3
|
-
|
4
3
|
<h1 class="display-3">Roles</h1>
|
5
|
-
|
6
4
|
<div class="">
|
7
|
-
<%= link_to new_role_path, class: 'btn-primary btn-sm' do %>
|
5
|
+
<%= link_to new_role_path, class: 'btn btn-primary btn-sm' do %>
|
8
6
|
New Role
|
9
7
|
<% end %>
|
10
8
|
</div>
|
@@ -1,7 +1,7 @@
|
|
1
1
|
<div class="container">
|
2
2
|
<h1 class="display-3">New role</h1>
|
3
3
|
<div>
|
4
|
-
<%= link_to "Back to roles", roles_path, class: 'btn-
|
4
|
+
<%= link_to "Back to roles", roles_path, class: 'btn btn-sm btn-danger' %>
|
5
5
|
</div>
|
6
6
|
|
7
7
|
<%= render "form", role: @role %>
|
@@ -1,12 +1,18 @@
|
|
1
1
|
<div class="container">
|
2
2
|
<p style="color: green"><%= notice %></p>
|
3
|
-
<%= link_to "Edit this role", edit_role_path(@role), class: 'btn-primary btn-sm' %>
|
4
|
-
<%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
|
3
|
+
<%= link_to "Edit this role", edit_role_path(@role), class: 'btn btn-primary btn-sm' %>
|
4
|
+
<%= link_to "Back to roles", roles_path, class: 'btn btn-danger btn-sm' %>
|
5
5
|
|
6
6
|
|
7
7
|
<div class="w-75 m-2">
|
8
8
|
<%= render @role %>
|
9
|
+
<div class="m-3">
|
10
|
+
<div><h5>Associated Users</h5></div>
|
11
|
+
<% @role.user_roles.each do |user| %>
|
12
|
+
<%= render 'rbac_rls/shared/user', obj: user %>
|
13
|
+
<% end %>
|
14
|
+
</div>
|
9
15
|
</div>
|
10
16
|
|
11
|
-
<%= button_to "Destroy this role", @role, method: :delete, class: 'btn-danger btn-sm', data: { confirm: "Are you sure?" } %>
|
17
|
+
<%= button_to "Destroy this role", @role, method: :delete, class: 'btn btn-danger btn-sm', data: { confirm: "Are you sure?" } %>
|
12
18
|
</div>
|
@@ -37,7 +37,7 @@ def change
|
|
37
37
|
INNER JOIN group_users gu on gu.group_id = gp.group_id
|
38
38
|
WHERE (p.\"#{type_polices[type.to_sym]}\")
|
39
39
|
AND p.table_name = '#{gen_table_name}'
|
40
|
-
) and
|
40
|
+
) and #{RbacRls::Settings.owner_column_name} = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint )
|
41
41
|
"
|
42
42
|
end
|
43
43
|
}
|
@@ -2,7 +2,7 @@
|
|
2
2
|
# rails generate rbac_rls:custom_migration table_name
|
3
3
|
time_now = Time.now.getutc.to_i
|
4
4
|
attrs = attributes.map { |i| i.name.camelize }
|
5
|
-
|
5
|
+
gen_table_name = name.underscore
|
6
6
|
limit_policy_name = 63
|
7
7
|
type_polices = {insert: :write,
|
8
8
|
select: :read,
|
@@ -33,8 +33,8 @@ def change
|
|
33
33
|
INNER JOIN role_permissions rp on rp.permission_id = p.id
|
34
34
|
INNER JOIN user_roles ur on rp.role_id = ur.role_id
|
35
35
|
WHERE (p.\"#{type_polices_owner[type.to_sym]}\")
|
36
|
-
AND p.table_name = '
|
37
|
-
) and
|
36
|
+
AND p.table_name = '#{gen_table_name}'
|
37
|
+
) and #{RbacRls::Settings.owner_column_name} = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint )
|
38
38
|
"
|
39
39
|
end
|
40
40
|
}
|
@@ -47,7 +47,7 @@ def change
|
|
47
47
|
INNER JOIN role_permissions rp on rp.permission_id = p.id
|
48
48
|
INNER JOIN user_roles ur on rp.role_id = ur.role_id
|
49
49
|
WHERE (p.\"#{type_polices[type.to_sym]}\")
|
50
|
-
AND p.table_name = '
|
50
|
+
AND p.table_name = '#{gen_table_name}'
|
51
51
|
)
|
52
52
|
#{owner_rls_policy[type]}
|
53
53
|
"
|
data/lib/rbac_rls/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
module RbacRls
|
2
|
-
VERSION = "0.1.
|
3
|
-
end
|
2
|
+
VERSION = "0.1.5"
|
3
|
+
end
|
data/lib/rbac_rls.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rbac_rls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- FilipeBeserraMaia
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-10-
|
11
|
+
date: 2022-10-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -128,6 +128,7 @@ files:
|
|
128
128
|
- app/views/rbac_rls/roles/index.html.erb
|
129
129
|
- app/views/rbac_rls/roles/new.html.erb
|
130
130
|
- app/views/rbac_rls/roles/show.html.erb
|
131
|
+
- app/views/rbac_rls/shared/_user.html.erb
|
131
132
|
- config/assets.rb
|
132
133
|
- config/importmap.rb
|
133
134
|
- config/routes.rb
|