restrict 0.0.8 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/specs.yml +34 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +12 -0
- data/README.md +42 -1
- data/lib/restrict/already_restricted_error.rb +4 -0
- data/lib/restrict/gatekeeper.rb +1 -6
- data/lib/restrict/rails/controller.rb +25 -6
- data/lib/restrict/rails/railtie.rb +3 -1
- data/lib/restrict/restriction.rb +19 -4
- data/lib/restrict/rspec/matcher.rb +9 -11
- data/lib/restrict/rspec/matcher_rspec2.rb +11 -12
- data/lib/restrict/rspec/shared_example.rb +5 -0
- data/lib/restrict/version.rb +1 -1
- data/restrict.gemspec +1 -2
- data/spec/lib/restrict/rails/controller_spec.rb +45 -1
- data/spec/lib/restrict/restriction_spec.rb +48 -0
- data/spec/lib/restrict_spec.rb +0 -2
- data/spec/spec_helper.rb +33 -4
- metadata +11 -24
- data/.travis.yml +0 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: b012524d4112ddfce7cef1066511516b69019acf727b577cb271d36355edc6e5
|
4
|
+
data.tar.gz: 161638aee7c62d34da01168eeb8e7aec23cacef01a9e0b596209f3f4cf0ed8ac
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0130142f698da26e48c9d986782f080e4f457a5833ca83a54846d79dbb6a96a5f751e7ff96d08c0bee6cfa99325f9414ba7f74bbed951629965f89d460981cae
|
7
|
+
data.tar.gz: c83f370a57e3f73874000ac806e28f08e22ccfc2247c0c2954b1a329a34f902c71f5aaf60d0a98e61c66d22320ff2b649b3c295a611215f97bc33e48e7f36b7a
|
@@ -0,0 +1,34 @@
|
|
1
|
+
name: Specs
|
2
|
+
|
3
|
+
on:
|
4
|
+
pull_request:
|
5
|
+
branches:
|
6
|
+
- 'master'
|
7
|
+
push:
|
8
|
+
branches:
|
9
|
+
- 'master'
|
10
|
+
|
11
|
+
jobs:
|
12
|
+
build:
|
13
|
+
runs-on: ubuntu-latest
|
14
|
+
|
15
|
+
steps:
|
16
|
+
- uses: actions/checkout@v1
|
17
|
+
|
18
|
+
- name: Set up Ruby 2.7
|
19
|
+
uses: actions/setup-ruby@v1
|
20
|
+
with:
|
21
|
+
ruby-version: 2.7.x
|
22
|
+
|
23
|
+
- name: bundle
|
24
|
+
env:
|
25
|
+
RAILS_ENV: test
|
26
|
+
run: |
|
27
|
+
gem install bundler
|
28
|
+
bundle install --jobs 4 --retry 3
|
29
|
+
|
30
|
+
- name: Run Tests
|
31
|
+
env:
|
32
|
+
RAILS_ENV: test
|
33
|
+
run: |
|
34
|
+
bundle exec rspec
|
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2.7.1
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,15 @@
|
|
1
|
+
[0.2.1] - 2021-04-24
|
2
|
+
* Fix rails autoloading issue (@jaynetics)
|
3
|
+
|
4
|
+
[0.2.0] - 2020-05-18
|
5
|
+
* Implement `:on` parameter for `restrict` calls
|
6
|
+
|
7
|
+
[0.1.1] - 2019-11-26
|
8
|
+
* Bug fix release to actually work in rails ¯\_(ツ)_/¯
|
9
|
+
|
10
|
+
[0.1.0] - 2019-11-25
|
11
|
+
* Support controller inheritance
|
12
|
+
|
1
13
|
[0.0.7] - 2014-08-25
|
2
14
|
* Breaking change part 2: restrict without action names will now implicitly restrict all actions
|
3
15
|
* :all_actions modifier is gone
|
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
A rails controller extension, that gives you the possibility to restrict access to your controller actions.
|
4
4
|
|
5
|
-
|
5
|
+
![Specs](https://github.com/xijo/restrict/workflows/Specs/badge.svg) [![Gem Version](https://badge.fury.io/rb/restrict.png)](http://badge.fury.io/rb/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict.png)](https://codeclimate.com/github/xijo/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict/coverage.png)](https://codeclimate.com/github/xijo/restrict)
|
6
6
|
|
7
7
|
## Installation
|
8
8
|
|
@@ -49,6 +49,38 @@ restrict
|
|
49
49
|
|
50
50
|
This one will apply to all actions on this controller. It takes the `unless` option as well.
|
51
51
|
|
52
|
+
### Restrict with specific object
|
53
|
+
|
54
|
+
One may pass `on` to a `restrict` call in a controller.
|
55
|
+
|
56
|
+
If `on` is set, it evaluates the given method.
|
57
|
+
If it returns nil, it raises an error.
|
58
|
+
If an object is returned, it will be send while evaluating the `unless`
|
59
|
+
condition.
|
60
|
+
|
61
|
+
Example
|
62
|
+
|
63
|
+
```
|
64
|
+
class ItemController
|
65
|
+
restrict :show, unless: :manager_of?, on: :load_item
|
66
|
+
|
67
|
+
def show
|
68
|
+
end
|
69
|
+
|
70
|
+
private
|
71
|
+
|
72
|
+
def manager_of?(item)
|
73
|
+
current_user == item.manager
|
74
|
+
end
|
75
|
+
|
76
|
+
def load_item
|
77
|
+
@item = Item.find(params[:id])
|
78
|
+
end
|
79
|
+
end
|
80
|
+
```
|
81
|
+
|
82
|
+
Aliases for `on` are: `of`, `object`
|
83
|
+
|
52
84
|
### Configuration
|
53
85
|
|
54
86
|
```ruby
|
@@ -58,6 +90,15 @@ Restrict.config.authentication_validation_method = :admin_session_exists?
|
|
58
90
|
|
59
91
|
You may set the method that is used to figure out whether a user is signed in or not to whatever you like, however it's default is `:user_signed_in?` which is the most common (devise) method in use.
|
60
92
|
|
93
|
+
### Inheritance
|
94
|
+
|
95
|
+
A controller will respect all restrictions that are applied to its ancestors.
|
96
|
+
|
97
|
+
You may implement a set of rules in a `BaseController` and refine them in subclasses later on.
|
98
|
+
|
99
|
+
Please note: it is not possible yet to revert previously added restrictions, that means
|
100
|
+
if a restriction on `show` is added in a class and another one in the subclass **BOTH** apply.
|
101
|
+
|
61
102
|
## Contributing
|
62
103
|
|
63
104
|
You know how this works and bonus points for feature branches!
|
data/lib/restrict/gatekeeper.rb
CHANGED
@@ -15,12 +15,7 @@ module Restrict
|
|
15
15
|
|
16
16
|
def handle_restriction(restriction, controller)
|
17
17
|
validate_signed_in(controller)
|
18
|
-
|
19
|
-
if restriction.unless
|
20
|
-
unless controller.__send__(restriction.unless)
|
21
|
-
raise Restrict::AccessDenied, reason: restriction
|
22
|
-
end
|
23
|
-
end
|
18
|
+
restriction.validate(controller)
|
24
19
|
end
|
25
20
|
|
26
21
|
def concerning_restrictions(controller)
|
@@ -3,29 +3,48 @@ module Restrict
|
|
3
3
|
module Controller
|
4
4
|
extend ActiveSupport::Concern
|
5
5
|
|
6
|
-
|
7
|
-
|
6
|
+
def inherited(subclass)
|
7
|
+
subclass.extend Restrict::Rails::Controller
|
8
|
+
end
|
9
|
+
|
10
|
+
def restrictions
|
11
|
+
inherited_restrictions + self.class.__send__(:restrict_restrictions)
|
8
12
|
end
|
9
13
|
|
10
14
|
module ClassMethods
|
11
15
|
def restrict(*args)
|
12
16
|
install_gatekeeper
|
13
|
-
|
14
|
-
|
17
|
+
restrict_restrictions << Restrict::Restriction.new(*args)
|
18
|
+
end
|
19
|
+
|
20
|
+
# Access the class instance variable. Do not mistake this method with
|
21
|
+
# the instance method `#restrictions` which is actually used to determine
|
22
|
+
# access and that respects inherited restrictions.
|
23
|
+
# Hence the `__` name.
|
24
|
+
private def restrict_restrictions
|
25
|
+
@restrictions ||= []
|
15
26
|
end
|
16
27
|
|
17
28
|
# This could happen in included block as well, but often you need
|
18
29
|
# other before filters to happen before you actually check the
|
19
30
|
# restrictions, so lets set it where it is used in the code as well.
|
20
31
|
def install_gatekeeper
|
21
|
-
return if @
|
32
|
+
return if @restrict_gatekeeper_installed
|
22
33
|
before_action :invoke_gatekeeper
|
23
|
-
@
|
34
|
+
@restrict_gatekeeper_installed = true
|
24
35
|
end
|
25
36
|
end
|
26
37
|
|
27
38
|
private
|
28
39
|
|
40
|
+
def inherited_restrictions
|
41
|
+
self.class.ancestors.map do |ancestor|
|
42
|
+
if ancestor.instance_variable_get(:@restrict_gatekeeper_installed)
|
43
|
+
ancestor.__send__(:restrict_restrictions)
|
44
|
+
end
|
45
|
+
end.compact.flatten
|
46
|
+
end
|
47
|
+
|
29
48
|
def invoke_gatekeeper
|
30
49
|
Restrict::Gatekeeper.new.eye(self)
|
31
50
|
end
|
@@ -2,7 +2,9 @@ module Restrict
|
|
2
2
|
module Rails
|
3
3
|
class Railtie < ::Rails::Railtie
|
4
4
|
initializer 'restrict.add_controller_extension' do
|
5
|
-
|
5
|
+
ActiveSupport.on_load(:action_controller_base) do
|
6
|
+
ActionController::Base.include Restrict::Rails::Controller
|
7
|
+
end
|
6
8
|
end
|
7
9
|
end
|
8
10
|
end
|
data/lib/restrict/restriction.rb
CHANGED
@@ -1,17 +1,32 @@
|
|
1
1
|
module Restrict
|
2
2
|
class Restriction
|
3
|
-
attr_accessor :actions, :unless
|
3
|
+
attr_accessor :actions, :options, :unless, :on
|
4
4
|
|
5
5
|
def initialize(*args)
|
6
|
-
options = args.extract_options!
|
7
|
-
@unless
|
8
|
-
@
|
6
|
+
@options = args.extract_options!
|
7
|
+
@unless = @options[:unless]
|
8
|
+
@on = @options[:on] || options[:of] || options[:object]
|
9
|
+
@actions = args
|
9
10
|
end
|
10
11
|
|
11
12
|
def applies_to?(action)
|
12
13
|
applies_to_action?(action) || applies_to_all_actions?
|
13
14
|
end
|
14
15
|
|
16
|
+
def validate(controller)
|
17
|
+
@unless or return
|
18
|
+
|
19
|
+
unless_args = []
|
20
|
+
if @on
|
21
|
+
object = controller.__send__(on)
|
22
|
+
unless_args << object or raise Restrict::AccessDenied, reason: 'object given was #{object.inspect}'
|
23
|
+
end
|
24
|
+
|
25
|
+
unless controller.__send__(@unless, *unless_args)
|
26
|
+
raise Restrict::AccessDenied, reason: self
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
15
30
|
private
|
16
31
|
|
17
32
|
def applies_to_all_actions?
|
@@ -4,24 +4,23 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
4
4
|
@given_controller = given_controller
|
5
5
|
|
6
6
|
@restriction = given_controller.restrictions.find do |restriction|
|
7
|
-
restriction.applies_to?(given_action_name)
|
8
|
-
|
9
|
-
|
10
|
-
if @restriction
|
11
|
-
if @given_unless
|
12
|
-
@restriction.unless == @given_unless
|
13
|
-
else
|
14
|
-
true
|
7
|
+
if restriction.applies_to?(given_action_name) && matching_unless(restriction, @given_unless)
|
8
|
+
restriction
|
15
9
|
end
|
16
|
-
else
|
17
|
-
false
|
18
10
|
end
|
11
|
+
|
12
|
+
!!@restriction
|
19
13
|
end
|
20
14
|
|
21
15
|
chain :unless do |given_unless|
|
22
16
|
@given_unless = given_unless
|
23
17
|
end
|
24
18
|
|
19
|
+
def matching_unless(restriction, given_unless)
|
20
|
+
given_unless or return true
|
21
|
+
restriction.unless == given_unless
|
22
|
+
end
|
23
|
+
|
25
24
|
failure_message do |actual|
|
26
25
|
if @restriction && @given_unless
|
27
26
|
"Expected restriction to call #{@given_unless.inspect}, but calls #{@restriction.unless.inspect}"
|
@@ -38,7 +37,6 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
38
37
|
end
|
39
38
|
end
|
40
39
|
|
41
|
-
# :nocov:
|
42
40
|
def description
|
43
41
|
"Checks if a restriction for a given action is defined on the controller"
|
44
42
|
end
|
@@ -4,25 +4,24 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
4
4
|
@given_controller = given_controller
|
5
5
|
|
6
6
|
@restriction = given_controller.restrictions.find do |restriction|
|
7
|
-
restriction.applies_to?(given_action_name)
|
8
|
-
|
9
|
-
|
10
|
-
if @restriction
|
11
|
-
if @given_unless
|
12
|
-
@restriction.unless == @given_unless
|
13
|
-
else
|
14
|
-
true
|
7
|
+
if restriction.applies_to?(given_action_name) && matching_unless(restriction, @given_unless)
|
8
|
+
restriction
|
15
9
|
end
|
16
|
-
else
|
17
|
-
false
|
18
10
|
end
|
11
|
+
|
12
|
+
!!@restriction
|
19
13
|
end
|
20
14
|
|
21
15
|
chain :unless do |given_unless|
|
22
16
|
@given_unless = given_unless
|
23
17
|
end
|
24
18
|
|
25
|
-
|
19
|
+
def matching_unless(restriction, given_unless)
|
20
|
+
given_unless or return true
|
21
|
+
restriction.unless == given_unless
|
22
|
+
end
|
23
|
+
|
24
|
+
failure_message do |actual|
|
26
25
|
if @restriction && @given_unless
|
27
26
|
"Expected restriction to call #{@given_unless.inspect}, but calls #{@restriction.unless.inspect}"
|
28
27
|
else
|
@@ -30,7 +29,7 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
30
29
|
end
|
31
30
|
end
|
32
31
|
|
33
|
-
|
32
|
+
failure_message_when_negated do |actual|
|
34
33
|
if @given_unless
|
35
34
|
"Expected restriction not to call #{@given_unless.inspect}, but calls #{@restriction.unless.inspect}"
|
36
35
|
else
|
data/lib/restrict/version.rb
CHANGED
data/restrict.gemspec
CHANGED
@@ -20,10 +20,9 @@ Gem::Specification.new do |spec|
|
|
20
20
|
|
21
21
|
spec.add_dependency 'rails', '> 3.0'
|
22
22
|
|
23
|
-
spec.add_development_dependency 'bundler'
|
23
|
+
spec.add_development_dependency 'bundler'
|
24
24
|
spec.add_development_dependency 'rspec'
|
25
25
|
spec.add_development_dependency 'simplecov'
|
26
26
|
spec.add_development_dependency 'rake'
|
27
27
|
spec.add_development_dependency 'byebug'
|
28
|
-
spec.add_development_dependency 'codeclimate-test-reporter'
|
29
28
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Restrict::Rails::Controller do
|
4
|
-
|
5
4
|
let(:controller) { ExampleController.new }
|
6
5
|
|
7
6
|
before do
|
@@ -17,6 +16,8 @@ describe Restrict::Rails::Controller do
|
|
17
16
|
it 'builds and adds a conditional restriction' do
|
18
17
|
expect(controller).to have_restriction_on(:show).unless(:access_allowed?)
|
19
18
|
end
|
19
|
+
|
20
|
+
include_examples 'restricts access to', :show, :access_allowed?
|
20
21
|
end
|
21
22
|
|
22
23
|
describe '#included' do
|
@@ -32,4 +33,47 @@ describe Restrict::Rails::Controller do
|
|
32
33
|
end
|
33
34
|
end
|
34
35
|
|
36
|
+
describe 'in inherited mode' do
|
37
|
+
let(:base) { ExampleController.new }
|
38
|
+
let(:controller) { InheritingController.new }
|
39
|
+
let(:child) { BottomLineController.new }
|
40
|
+
|
41
|
+
before do
|
42
|
+
base.class.restrict :show, unless: :level1?
|
43
|
+
controller.class.restrict :show, unless: :level2?
|
44
|
+
child.class.restrict :show, unless: :level3?
|
45
|
+
end
|
46
|
+
|
47
|
+
it 'does not leak restrictions into superclass' do
|
48
|
+
expect(base).to have_restriction_on(:show).unless(:level1?)
|
49
|
+
expect(base).not_to have_restriction_on(:show).unless(:level2?)
|
50
|
+
expect(base).not_to have_restriction_on(:show).unless(:level3?)
|
51
|
+
|
52
|
+
expect(controller).to have_restriction_on(:show).unless(:level1?)
|
53
|
+
expect(controller).to have_restriction_on(:show).unless(:level2?)
|
54
|
+
expect(controller).not_to have_restriction_on(:show).unless(:level3?)
|
55
|
+
|
56
|
+
expect(child).to have_restriction_on(:show).unless(:level1?)
|
57
|
+
expect(child).to have_restriction_on(:show).unless(:level2?)
|
58
|
+
expect(child).to have_restriction_on(:show).unless(:level3?)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
describe 'applies inherited general restrictions additionally to explizit restrictions' do
|
63
|
+
let(:base) { ExampleController.new }
|
64
|
+
let(:controller) { InheritingController.new }
|
65
|
+
|
66
|
+
before do
|
67
|
+
base.class.restrict unless: :level1?
|
68
|
+
controller.class.restrict :show, unless: :level2?
|
69
|
+
end
|
70
|
+
|
71
|
+
it 'does not leak restrictions into superclass' do
|
72
|
+
expect(base).to have_restriction_on(:show).unless(:level1?)
|
73
|
+
expect(base).not_to have_restriction_on(:show).unless(:level2?)
|
74
|
+
|
75
|
+
expect(controller).to have_restriction_on(:show).unless(:level1?)
|
76
|
+
expect(controller).to have_restriction_on(:show).unless(:level2?)
|
77
|
+
end
|
78
|
+
end
|
35
79
|
end
|
@@ -28,4 +28,52 @@ describe Restrict::Restriction do
|
|
28
28
|
expect(restriction).to be_applies_to(:bar)
|
29
29
|
end
|
30
30
|
end
|
31
|
+
|
32
|
+
describe '#validate' do
|
33
|
+
describe 'with :on option' do
|
34
|
+
let(:controller) { ObjectController.new }
|
35
|
+
|
36
|
+
it 'does not raise if no condition was given' do
|
37
|
+
restriction = Restrict::Restriction.new on: :managed_object
|
38
|
+
expect { restriction.validate(controller) }.not_to raise_error
|
39
|
+
end
|
40
|
+
|
41
|
+
it 'does not raise an error if `on` and `unless` match' do
|
42
|
+
restriction = Restrict::Restriction.new on: :managed_object, unless: :manager_of?
|
43
|
+
expect { restriction.validate(controller) }.not_to raise_error
|
44
|
+
end
|
45
|
+
|
46
|
+
it 'raises an error if `unless` does not work on `on`' do
|
47
|
+
restriction = Restrict::Restriction.new on: :rougue_object, unless: :manager_of?
|
48
|
+
expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
|
49
|
+
end
|
50
|
+
|
51
|
+
it 'raises an error if `on` is nil' do
|
52
|
+
restriction = Restrict::Restriction.new on: :nil_object, unless: :manager_of?
|
53
|
+
expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
|
54
|
+
end
|
55
|
+
|
56
|
+
it 'works with aliases' do
|
57
|
+
restriction = Restrict::Restriction.new of: :managed_object, unless: :manager_of?
|
58
|
+
expect { restriction.validate(controller) }.not_to raise_error
|
59
|
+
|
60
|
+
restriction = Restrict::Restriction.new object: :managed_object, unless: :manager_of?
|
61
|
+
expect { restriction.validate(controller) }.not_to raise_error
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
describe 'without :on option' do
|
66
|
+
let(:controller) { ExampleController.new }
|
67
|
+
|
68
|
+
it 'does not raise an error if `unless` works' do
|
69
|
+
restriction = Restrict::Restriction.new unless: :truthy
|
70
|
+
expect { restriction.validate(controller) }.not_to raise_error
|
71
|
+
end
|
72
|
+
|
73
|
+
it 'raises an error if `unless` does not work' do
|
74
|
+
restriction = Restrict::Restriction.new unless: :falsy
|
75
|
+
expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
31
79
|
end
|
data/spec/lib/restrict_spec.rb
CHANGED
@@ -1,7 +1,6 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Restrict do
|
4
|
-
|
5
4
|
describe '#config' do
|
6
5
|
it 'returns a configuration' do
|
7
6
|
expect(Restrict.config).to be_a Restrict::Configuration
|
@@ -17,5 +16,4 @@ describe Restrict do
|
|
17
16
|
expect(Restrict.config).to eq Restrict.config
|
18
17
|
end
|
19
18
|
end
|
20
|
-
|
21
19
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,8 +1,7 @@
|
|
1
|
-
require 'codeclimate-test-reporter'
|
2
|
-
CodeClimate::TestReporter.start
|
3
|
-
|
4
1
|
require 'simplecov'
|
5
2
|
require 'byebug'
|
3
|
+
require 'active_support'
|
4
|
+
require 'active_support/core_ext'
|
6
5
|
|
7
6
|
SimpleCov.profiles.define 'gem' do
|
8
7
|
add_filter '/spec/'
|
@@ -13,10 +12,13 @@ SimpleCov.start 'gem'
|
|
13
12
|
|
14
13
|
require 'restrict'
|
15
14
|
require 'restrict/rspec/matcher'
|
15
|
+
require 'restrict/rspec/shared_example'
|
16
16
|
|
17
17
|
RSpec.configure do |config|
|
18
18
|
config.after do
|
19
|
-
ExampleController.
|
19
|
+
ExampleController.__send__(:restrict_restrictions).clear
|
20
|
+
InheritingController.__send__(:restrict_restrictions).clear
|
21
|
+
BottomLineController.__send__(:restrict_restrictions).clear
|
20
22
|
end
|
21
23
|
end
|
22
24
|
|
@@ -47,3 +49,30 @@ class ExampleController < FakeController
|
|
47
49
|
true
|
48
50
|
end
|
49
51
|
end
|
52
|
+
|
53
|
+
class InheritingController < ExampleController
|
54
|
+
include Restrict::Rails::Controller
|
55
|
+
end
|
56
|
+
|
57
|
+
class BottomLineController < InheritingController
|
58
|
+
include Restrict::Rails::Controller
|
59
|
+
end
|
60
|
+
|
61
|
+
class ObjectController < ExampleController
|
62
|
+
def manager_of?(obj)
|
63
|
+
obj == :managed
|
64
|
+
end
|
65
|
+
|
66
|
+
private
|
67
|
+
|
68
|
+
def managed_object
|
69
|
+
:managed
|
70
|
+
end
|
71
|
+
|
72
|
+
def rougue_object
|
73
|
+
:other
|
74
|
+
end
|
75
|
+
|
76
|
+
def nil_object
|
77
|
+
end
|
78
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: restrict
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Johannes Opper
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-04-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -26,20 +26,6 @@ dependencies:
|
|
26
26
|
version: '3.0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: bundler
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '1.5'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '1.5'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: rspec
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
44
30
|
requirements:
|
45
31
|
- - ">="
|
@@ -53,7 +39,7 @@ dependencies:
|
|
53
39
|
- !ruby/object:Gem::Version
|
54
40
|
version: '0'
|
55
41
|
- !ruby/object:Gem::Dependency
|
56
|
-
name:
|
42
|
+
name: rspec
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
58
44
|
requirements:
|
59
45
|
- - ">="
|
@@ -67,7 +53,7 @@ dependencies:
|
|
67
53
|
- !ruby/object:Gem::Version
|
68
54
|
version: '0'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
56
|
+
name: simplecov
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
72
58
|
requirements:
|
73
59
|
- - ">="
|
@@ -81,7 +67,7 @@ dependencies:
|
|
81
67
|
- !ruby/object:Gem::Version
|
82
68
|
version: '0'
|
83
69
|
- !ruby/object:Gem::Dependency
|
84
|
-
name:
|
70
|
+
name: rake
|
85
71
|
requirement: !ruby/object:Gem::Requirement
|
86
72
|
requirements:
|
87
73
|
- - ">="
|
@@ -95,7 +81,7 @@ dependencies:
|
|
95
81
|
- !ruby/object:Gem::Version
|
96
82
|
version: '0'
|
97
83
|
- !ruby/object:Gem::Dependency
|
98
|
-
name:
|
84
|
+
name: byebug
|
99
85
|
requirement: !ruby/object:Gem::Requirement
|
100
86
|
requirements:
|
101
87
|
- - ">="
|
@@ -115,9 +101,10 @@ executables: []
|
|
115
101
|
extensions: []
|
116
102
|
extra_rdoc_files: []
|
117
103
|
files:
|
104
|
+
- ".github/workflows/specs.yml"
|
118
105
|
- ".gitignore"
|
119
106
|
- ".rspec"
|
120
|
-
- ".
|
107
|
+
- ".ruby-version"
|
121
108
|
- CHANGELOG.md
|
122
109
|
- Gemfile
|
123
110
|
- LICENSE.txt
|
@@ -125,6 +112,7 @@ files:
|
|
125
112
|
- Rakefile
|
126
113
|
- lib/restrict.rb
|
127
114
|
- lib/restrict/access_denied.rb
|
115
|
+
- lib/restrict/already_restricted_error.rb
|
128
116
|
- lib/restrict/configuration.rb
|
129
117
|
- lib/restrict/error.rb
|
130
118
|
- lib/restrict/gatekeeper.rb
|
@@ -134,6 +122,7 @@ files:
|
|
134
122
|
- lib/restrict/restriction.rb
|
135
123
|
- lib/restrict/rspec/matcher.rb
|
136
124
|
- lib/restrict/rspec/matcher_rspec2.rb
|
125
|
+
- lib/restrict/rspec/shared_example.rb
|
137
126
|
- lib/restrict/version.rb
|
138
127
|
- restrict.gemspec
|
139
128
|
- spec/lib/restrict/configuration_spec.rb
|
@@ -162,8 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
162
151
|
- !ruby/object:Gem::Version
|
163
152
|
version: '0'
|
164
153
|
requirements: []
|
165
|
-
|
166
|
-
rubygems_version: 2.6.4
|
154
|
+
rubygems_version: 3.1.4
|
167
155
|
signing_key:
|
168
156
|
specification_version: 4
|
169
157
|
summary: Simple access control dsl for controllers.
|
@@ -175,4 +163,3 @@ test_files:
|
|
175
163
|
- spec/lib/restrict/rspec/matcher_spec.rb
|
176
164
|
- spec/lib/restrict_spec.rb
|
177
165
|
- spec/spec_helper.rb
|
178
|
-
has_rdoc:
|