RubyGems - restrict - Versions diffs - 0.0.3 → 0.0.4 - Mend

restrict 0.0.3 → 0.0.4

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a311cd60d3877b78f14d2baa83f6155a86a1f3f2
-  data.tar.gz: 4a974335ee21c330485d91de9cc54f9d861812dc
+  metadata.gz: 09e06d807f7718b921ec0d017f48ff530dcd9543
+  data.tar.gz: 75009eec3d441e82bd472ab8b263080fcc45a8f6
 SHA512:
-  metadata.gz: a49f1610e19cb448b598ff93e965e277788e1e7e482b2541eb5c6275a7b290afbdd1397a51f55dd518894063b34e63dc85ab835e832b0e6a8de52b667f8a3b14
-  data.tar.gz: c50d8015c07fb09a5061f606b2ca8aaeacf45c9d5dc3ed4e0d50d445fef2a849e0372ba31854ed56b0e856d673996d397aa6ff446948939eb1764cc49a403c67
+  metadata.gz: 436c9d5a3c3c85463ea8685660c99f5263be59d55d064282d6dcd8a200f0533d9e1a4913142ebb2191eab8478e1a6d61b08e72a747f6979f88464958961cd907
+  data.tar.gz: 3a79026f12d31af31fcde2904ef3d860c519649be71c54e7ec059933c3b09e59fc4a22a4c51f05f5a39ba8f6e38fd519223b2a2b31618869c229c7499e1b8d50

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+[0.0.4] - 2014-08-23
+  * Bugfixes
+  * Multiple restrictions for the same action are possible
 [0.0.3] - 2014-08-23
   * Added railtie to require controller extension instantly
   * Added :all_actions matcher

data/README.md CHANGED Viewed

@@ -58,6 +58,10 @@ Restrict.config.authentication_validation_method = :current_user
 You may set the method that is used to figure out whether a user is signed in or not to whatever you like, however it's default is `:user_signed_in?` which is the most common (devise) method in use.
+## Todo Ideas
+* restrict :all_actions, except: [:new], allow_if: 'dsfsdf'
 ## Contributing
 You know how this works and bonus points for feature branches!

data/lib/restrict.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'active_support'
+require 'active_support/core_ext/class/attribute.rb'
 require 'restrict/version'
 require 'restrict/configuration'

data/lib/restrict/gatekeeper.rb CHANGED Viewed

@@ -1,8 +1,9 @@
 module Restrict
   class Gatekeeper
     def eye(controller)
-      restriction = current_restriction(controller)
-      restriction and handle_restriction(restriction, controller)
+      Array(concerning_restrictions(controller)).each do |restriction|
+        handle_restriction(restriction, controller)
+      end
     end
     private
@@ -17,9 +18,9 @@ module Restrict
       end
     end
-    def current_restriction(controller)
+    def concerning_restrictions(controller)
       controller.restrictions or return
-      controller.restrictions.find do |restriction|
+      controller.restrictions.select do |restriction|
         restriction.concerning?(controller.action_name)
       end
     end

data/lib/restrict/rails/controller.rb CHANGED Viewed

@@ -4,8 +4,7 @@ module Restrict
       extend ActiveSupport::Concern
       included do
-        cattr_accessor :restrictions
-        self.restrictions ||= []
+        class_attribute :restrictions
         before_filter :invoke_gatekeeper
       end

data/lib/restrict/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Restrict
-  VERSION = "0.0.3"
+  VERSION = "0.0.4"
 end

data/spec/lib/restrict/gatekeeper_spec.rb CHANGED Viewed

@@ -63,5 +63,17 @@ describe Restrict::Gatekeeper do
         expect { gatekeeper.eye(controller) }.not_to raise_error
       end
     end
+    context 'with multiple restrictions' do
+      before do
+        controller.class.restrict :all_actions
+        controller.class.restrict :edit, allow_if: :falsy
+      end
+      it 'denies access if any restriction fails' do
+        controller.current_user = user
+        expect { gatekeeper.eye(controller) }.to raise_error(Restrict::AccessDenied)
+      end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: restrict
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - Johannes Opper