restrict 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -1
- data/README.md +15 -3
- data/Rakefile +1 -1
- data/lib/restrict/configuration.rb +9 -0
- data/lib/restrict/gatekeeper.rb +1 -1
- data/lib/restrict/restriction.rb +13 -4
- data/lib/restrict/rspec/matcher.rb +2 -1
- data/lib/restrict/rspec/matcher_rspec2.rb +1 -1
- data/lib/restrict/version.rb +1 -1
- data/lib/restrict.rb +7 -1
- data/spec/lib/restrict/configuration_spec.rb +17 -0
- data/spec/lib/restrict/restriction_spec.rb +11 -12
- data/spec/lib/restrict_spec.rb +21 -0
- metadata +6 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a311cd60d3877b78f14d2baa83f6155a86a1f3f2
|
4
|
+
data.tar.gz: 4a974335ee21c330485d91de9cc54f9d861812dc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a49f1610e19cb448b598ff93e965e277788e1e7e482b2541eb5c6275a7b290afbdd1397a51f55dd518894063b34e63dc85ab835e832b0e6a8de52b667f8a3b14
|
7
|
+
data.tar.gz: c50d8015c07fb09a5061f606b2ca8aaeacf45c9d5dc3ed4e0d50d445fef2a849e0372ba31854ed56b0e856d673996d397aa6ff446948939eb1764cc49a403c67
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,7 @@
|
|
1
|
-
[
|
1
|
+
[0.0.3] - 2014-08-23
|
2
2
|
* Added railtie to require controller extension instantly
|
3
|
+
* Added :all_actions matcher
|
4
|
+
* Configuration for authentication_validation_method
|
3
5
|
|
4
6
|
[0.0.1] - 2014-08-21 Initial import
|
5
7
|
* Includes plain and conditional restrictions
|
data/README.md
CHANGED
@@ -41,10 +41,22 @@ What that does:
|
|
41
41
|
3. If a `current_user` exists but `goodie_manager?` returns false, then `Restrict::AccessDenied` will be raised
|
42
42
|
4. If a `current_user` exists and `goodie_manager?` is true, the access is allowed
|
43
43
|
|
44
|
-
|
44
|
+
### Restrict all actions
|
45
45
|
|
46
|
-
|
47
|
-
|
46
|
+
```ruby
|
47
|
+
restrict :all_actions
|
48
|
+
```
|
49
|
+
|
50
|
+
This one will apply to all actions on this controller. It takes the `allow_if` option as well.
|
51
|
+
|
52
|
+
### Configuration
|
53
|
+
|
54
|
+
```ruby
|
55
|
+
# Default is :user_signed_in?
|
56
|
+
Restrict.config.authentication_validation_method = :current_user
|
57
|
+
```
|
58
|
+
|
59
|
+
You may set the method that is used to figure out whether a user is signed in or not to whatever you like, however it's default is `:user_signed_in?` which is the most common (devise) method in use.
|
48
60
|
|
49
61
|
## Contributing
|
50
62
|
|
data/Rakefile
CHANGED
data/lib/restrict/gatekeeper.rb
CHANGED
@@ -20,7 +20,7 @@ module Restrict
|
|
20
20
|
def current_restriction(controller)
|
21
21
|
controller.restrictions or return
|
22
22
|
controller.restrictions.find do |restriction|
|
23
|
-
restriction.
|
23
|
+
restriction.concerning?(controller.action_name)
|
24
24
|
end
|
25
25
|
end
|
26
26
|
end
|
data/lib/restrict/restriction.rb
CHANGED
@@ -1,17 +1,26 @@
|
|
1
1
|
module Restrict
|
2
2
|
class Restriction
|
3
|
-
attr_accessor :actions, :
|
3
|
+
attr_accessor :actions, :allow_if
|
4
4
|
|
5
5
|
def initialize(*args)
|
6
6
|
options = args.extract_options!
|
7
|
-
@role = options[:role]
|
8
7
|
@allow_if = options[:allow_if]
|
9
8
|
@actions = args
|
10
9
|
actions.empty? and raise ArgumentError, "expected actions to restrict, but got #{actions.inspect}"
|
11
10
|
end
|
12
11
|
|
13
|
-
def
|
14
|
-
|
12
|
+
def concerning?(action)
|
13
|
+
concerns_action?(action) || concerns_all?
|
14
|
+
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def concerns_all?
|
19
|
+
actions.include?(:all_actions)
|
20
|
+
end
|
21
|
+
|
22
|
+
def concerns_action?(name)
|
23
|
+
actions.include?(name.to_sym)
|
15
24
|
end
|
16
25
|
end
|
17
26
|
end
|
@@ -4,7 +4,7 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
4
4
|
@given_controller = given_controller
|
5
5
|
|
6
6
|
@restriction = given_controller.restrictions.find do |restriction|
|
7
|
-
restriction.
|
7
|
+
restriction.concerning?(given_action_name)
|
8
8
|
end
|
9
9
|
|
10
10
|
if @restriction
|
@@ -38,6 +38,7 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
|
+
# :nocov:
|
41
42
|
def description
|
42
43
|
"Checks if a restriction for a given action is defined on the controller"
|
43
44
|
end
|
@@ -4,7 +4,7 @@ RSpec::Matchers.define :have_restriction_on do |given_action_name|
|
|
4
4
|
@given_controller = given_controller
|
5
5
|
|
6
6
|
@restriction = given_controller.restrictions.find do |restriction|
|
7
|
-
restriction.
|
7
|
+
restriction.concerning?(given_action_name)
|
8
8
|
end
|
9
9
|
|
10
10
|
if @restriction
|
data/lib/restrict/version.rb
CHANGED
data/lib/restrict.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'active_support'
|
2
2
|
|
3
3
|
require 'restrict/version'
|
4
|
+
require 'restrict/configuration'
|
4
5
|
require 'restrict/error'
|
5
6
|
require 'restrict/login_required'
|
6
7
|
require 'restrict/access_denied'
|
@@ -10,5 +11,10 @@ require 'restrict/rails/controller'
|
|
10
11
|
require 'restrict/rails/railtie' if defined?(Rails)
|
11
12
|
|
12
13
|
module Restrict
|
13
|
-
|
14
|
+
|
15
|
+
def self.config(&block)
|
16
|
+
@configuration ||= Restrict::Configuration.new
|
17
|
+
block_given? ? yield(@configuration) : @configuration
|
18
|
+
end
|
19
|
+
|
14
20
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Restrict::Configuration do
|
4
|
+
let(:configuration) { Restrict::Configuration.new }
|
5
|
+
|
6
|
+
describe '#authentication_method' do
|
7
|
+
it 'has a sensible default' do
|
8
|
+
expect(configuration.authentication_validation_method).to eq :user_signed_in?
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'can be overridden' do
|
12
|
+
configuration.authentication_validation_method = :foobar?
|
13
|
+
expect(configuration.authentication_validation_method).to eq :foobar?
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Restrict::Restriction do
|
4
|
-
let(:restriction) { Restrict::Restriction.new(:show, :edit
|
4
|
+
let(:restriction) { Restrict::Restriction.new(:show, :edit) }
|
5
5
|
|
6
6
|
describe '#initialize' do
|
7
7
|
it 'knows about its actions' do
|
@@ -13,24 +13,23 @@ describe Restrict::Restriction do
|
|
13
13
|
end
|
14
14
|
end
|
15
15
|
|
16
|
-
describe '#
|
16
|
+
describe '#concerning?' do
|
17
17
|
it 'returns true if the given action is contained' do
|
18
|
-
expect(restriction).to
|
18
|
+
expect(restriction).to be_concerning(:show)
|
19
19
|
end
|
20
20
|
|
21
|
-
it 'returns
|
22
|
-
expect(restriction).
|
21
|
+
it 'returns true if the given name is a string' do
|
22
|
+
expect(restriction).to be_concerning('show')
|
23
23
|
end
|
24
|
-
end
|
25
24
|
|
26
|
-
|
27
|
-
|
28
|
-
expect(restriction.role).to eq :manager
|
25
|
+
it 'returns false if the given action name is not contained' do
|
26
|
+
expect(restriction).not_to be_concerning(:index)
|
29
27
|
end
|
30
28
|
|
31
|
-
it 'returns
|
32
|
-
|
29
|
+
it 'returns true if it concerns :all_actions' do
|
30
|
+
restriction = Restrict::Restriction.new(:all_actions)
|
31
|
+
expect(restriction).to be_concerning(:foo)
|
32
|
+
expect(restriction).to be_concerning(:bar)
|
33
33
|
end
|
34
34
|
end
|
35
|
-
|
36
35
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Restrict do
|
4
|
+
|
5
|
+
describe '#config' do
|
6
|
+
it 'returns a configuration' do
|
7
|
+
expect(Restrict.config).to be_a Restrict::Configuration
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'yiels a configuration if block given' do
|
11
|
+
Restrict.config do |config|
|
12
|
+
expect(config).to be_a Restrict::Configuration
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'keeps the same configuration' do
|
17
|
+
expect(Restrict.config).to eq Restrict.config
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: restrict
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Johannes Opper
|
@@ -125,6 +125,7 @@ files:
|
|
125
125
|
- Rakefile
|
126
126
|
- lib/restrict.rb
|
127
127
|
- lib/restrict/access_denied.rb
|
128
|
+
- lib/restrict/configuration.rb
|
128
129
|
- lib/restrict/error.rb
|
129
130
|
- lib/restrict/gatekeeper.rb
|
130
131
|
- lib/restrict/login_required.rb
|
@@ -135,10 +136,12 @@ files:
|
|
135
136
|
- lib/restrict/rspec/matcher_rspec2.rb
|
136
137
|
- lib/restrict/version.rb
|
137
138
|
- restrict.gemspec
|
139
|
+
- spec/lib/restrict/configuration_spec.rb
|
138
140
|
- spec/lib/restrict/gatekeeper_spec.rb
|
139
141
|
- spec/lib/restrict/rails/controller_spec.rb
|
140
142
|
- spec/lib/restrict/restriction_spec.rb
|
141
143
|
- spec/lib/restrict/rspec/matcher_spec.rb
|
144
|
+
- spec/lib/restrict_spec.rb
|
142
145
|
- spec/spec_helper.rb
|
143
146
|
homepage: https://github.com/xijo/restrict
|
144
147
|
licenses:
|
@@ -165,8 +168,10 @@ signing_key:
|
|
165
168
|
specification_version: 4
|
166
169
|
summary: Simple access control dsl for controllers.
|
167
170
|
test_files:
|
171
|
+
- spec/lib/restrict/configuration_spec.rb
|
168
172
|
- spec/lib/restrict/gatekeeper_spec.rb
|
169
173
|
- spec/lib/restrict/rails/controller_spec.rb
|
170
174
|
- spec/lib/restrict/restriction_spec.rb
|
171
175
|
- spec/lib/restrict/rspec/matcher_spec.rb
|
176
|
+
- spec/lib/restrict_spec.rb
|
172
177
|
- spec/spec_helper.rb
|