restrict 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 64c201583341d1cfab486ba72a9a35562a2e453b15586f25a5403177e8e6af48
4
- data.tar.gz: c73bcd768f66647315925df95a003e236fd31b1a22384a6670cb94ac5ab8cc96
3
+ metadata.gz: f62175faf4d52862724714686cac041256b2310829585c3aca3727b134ce0055
4
+ data.tar.gz: f2417075e72d6fb292c0c0e96070c333736d9bad1ee42ccb8c9e5843f854971e
5
5
  SHA512:
6
- metadata.gz: 7ff470658e364c155179b26ca04c6ba98c342ebc7c6a8bf3d1019f811c08c6ef9e726d06da5e8baa09f75dbbdba74c74553c4f664274f6db04741dbb7728a734
7
- data.tar.gz: 66baa2c8609ba7cc6e2a47fc013e77db2dbb161c7329f6d0b41488d0ac718048ff8ba1a492b74a05363d26a371cf0feb28ffb700030e5356500d8e08b60e77f8
6
+ metadata.gz: 0c8c6c12db208e9ad82f0f2e6ee92fe6cb2224a89c7dbab817caf0e07f23290c9f217c724908bf6cdd96205fdb73129f21d17ed68414736b126f630624b83ab1
7
+ data.tar.gz: c067669909c1aa082fcee9241ddf8688dc9a03464ff19d66fb0686175cd1e222604c6ba0d7971fc0e379d11a9e388fc14e1f64cd66af87aefa6ccff65e226d53
@@ -0,0 +1,34 @@
1
+ name: Specs
2
+
3
+ on:
4
+ pull_request:
5
+ branches:
6
+ - 'master'
7
+ push:
8
+ branches:
9
+ - 'master'
10
+
11
+ jobs:
12
+ build:
13
+ runs-on: ubuntu-latest
14
+
15
+ steps:
16
+ - uses: actions/checkout@v1
17
+
18
+ - name: Set up Ruby 2.7
19
+ uses: actions/setup-ruby@v1
20
+ with:
21
+ ruby-version: 2.7.x
22
+
23
+ - name: bundle
24
+ env:
25
+ RAILS_ENV: test
26
+ run: |
27
+ gem install bundler
28
+ bundle install --jobs 4 --retry 3
29
+
30
+ - name: Run Tests
31
+ env:
32
+ RAILS_ENV: test
33
+ run: |
34
+ bundle exec rspec
@@ -1 +1 @@
1
- 2.4.1
1
+ 2.7.1
@@ -1,3 +1,6 @@
1
+ [0.2.0] - 2020-05-18
2
+ * Implement `:on` parameter for `restrict` calls
3
+
1
4
  [0.1.1] - 2019-11-26
2
5
  * Bug fix release to actually work in rails ¯\_(ツ)_/¯
3
6
 
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  A rails controller extension, that gives you the possibility to restrict access to your controller actions.
4
4
 
5
- [![Build Status](https://secure.travis-ci.org/xijo/restrict.png?branch=master)](https://travis-ci.org/xijo/restrict) [![Gem Version](https://badge.fury.io/rb/restrict.png)](http://badge.fury.io/rb/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict.png)](https://codeclimate.com/github/xijo/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict/coverage.png)](https://codeclimate.com/github/xijo/restrict)
5
+ ![Specs](https://github.com/xijo/restrict/workflows/Specs/badge.svg) [![Gem Version](https://badge.fury.io/rb/restrict.png)](http://badge.fury.io/rb/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict.png)](https://codeclimate.com/github/xijo/restrict) [![Code Climate](https://codeclimate.com/github/xijo/restrict/coverage.png)](https://codeclimate.com/github/xijo/restrict)
6
6
 
7
7
  ## Installation
8
8
 
@@ -49,6 +49,38 @@ restrict
49
49
 
50
50
  This one will apply to all actions on this controller. It takes the `unless` option as well.
51
51
 
52
+ ### Restrict with specific object
53
+
54
+ One may pass `on` to a `restrict` call in a controller.
55
+
56
+ If `on` is set, it evaluates the given method.
57
+ If it returns nil, it raises an error.
58
+ If an object is returned, it will be send while evaluating the `unless`
59
+ condition.
60
+
61
+ Example
62
+
63
+ ```
64
+ class ItemController
65
+ restrict :show, unless: :manager_of?, on: :load_item
66
+
67
+ def show
68
+ end
69
+
70
+ private
71
+
72
+ def manager_of?(item)
73
+ current_user == item.manager
74
+ end
75
+
76
+ def load_item
77
+ @item = Item.find(params[:id])
78
+ end
79
+ end
80
+ ```
81
+
82
+ Aliases for `on` are: `of`, `object`
83
+
52
84
  ### Configuration
53
85
 
54
86
  ```ruby
@@ -15,12 +15,7 @@ module Restrict
15
15
 
16
16
  def handle_restriction(restriction, controller)
17
17
  validate_signed_in(controller)
18
-
19
- if restriction.unless
20
- unless controller.__send__(restriction.unless)
21
- raise Restrict::AccessDenied, reason: restriction
22
- end
23
- end
18
+ restriction.validate(controller)
24
19
  end
25
20
 
26
21
  def concerning_restrictions(controller)
@@ -1,17 +1,32 @@
1
1
  module Restrict
2
2
  class Restriction
3
- attr_accessor :actions, :unless
3
+ attr_accessor :actions, :options, :unless, :on
4
4
 
5
5
  def initialize(*args)
6
- options = args.extract_options!
7
- @unless = options[:unless]
8
- @actions = args
6
+ @options = args.extract_options!
7
+ @unless = @options[:unless]
8
+ @on = @options[:on] || options[:of] || options[:object]
9
+ @actions = args
9
10
  end
10
11
 
11
12
  def applies_to?(action)
12
13
  applies_to_action?(action) || applies_to_all_actions?
13
14
  end
14
15
 
16
+ def validate(controller)
17
+ @unless or return
18
+
19
+ unless_args = []
20
+ if @on
21
+ object = controller.__send__(on)
22
+ unless_args << object or raise Restrict::AccessDenied, reason: 'object given was #{object.inspect}'
23
+ end
24
+
25
+ unless controller.__send__(@unless, *unless_args)
26
+ raise Restrict::AccessDenied, reason: self
27
+ end
28
+ end
29
+
15
30
  private
16
31
 
17
32
  def applies_to_all_actions?
@@ -1,3 +1,3 @@
1
1
  module Restrict
2
- VERSION = "0.1.1"
2
+ VERSION = "0.2.0"
3
3
  end
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
 
21
21
  spec.add_dependency 'rails', '> 3.0'
22
22
 
23
- spec.add_development_dependency 'bundler', '~> 1.5'
23
+ spec.add_development_dependency 'bundler'
24
24
  spec.add_development_dependency 'rspec'
25
25
  spec.add_development_dependency 'simplecov'
26
26
  spec.add_development_dependency 'rake'
@@ -28,4 +28,52 @@ describe Restrict::Restriction do
28
28
  expect(restriction).to be_applies_to(:bar)
29
29
  end
30
30
  end
31
+
32
+ describe '#validate' do
33
+ describe 'with :on option' do
34
+ let(:controller) { ObjectController.new }
35
+
36
+ it 'does not raise if no condition was given' do
37
+ restriction = Restrict::Restriction.new on: :managed_object
38
+ expect { restriction.validate(controller) }.not_to raise_error
39
+ end
40
+
41
+ it 'does not raise an error if `on` and `unless` match' do
42
+ restriction = Restrict::Restriction.new on: :managed_object, unless: :manager_of?
43
+ expect { restriction.validate(controller) }.not_to raise_error
44
+ end
45
+
46
+ it 'raises an error if `unless` does not work on `on`' do
47
+ restriction = Restrict::Restriction.new on: :rougue_object, unless: :manager_of?
48
+ expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
49
+ end
50
+
51
+ it 'raises an error if `on` is nil' do
52
+ restriction = Restrict::Restriction.new on: :nil_object, unless: :manager_of?
53
+ expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
54
+ end
55
+
56
+ it 'works with aliases' do
57
+ restriction = Restrict::Restriction.new of: :managed_object, unless: :manager_of?
58
+ expect { restriction.validate(controller) }.not_to raise_error
59
+
60
+ restriction = Restrict::Restriction.new object: :managed_object, unless: :manager_of?
61
+ expect { restriction.validate(controller) }.not_to raise_error
62
+ end
63
+ end
64
+
65
+ describe 'without :on option' do
66
+ let(:controller) { ExampleController.new }
67
+
68
+ it 'does not raise an error if `unless` works' do
69
+ restriction = Restrict::Restriction.new unless: :truthy
70
+ expect { restriction.validate(controller) }.not_to raise_error
71
+ end
72
+
73
+ it 'raises an error if `unless` does not work' do
74
+ restriction = Restrict::Restriction.new unless: :falsy
75
+ expect { restriction.validate(controller) }.to raise_error(Restrict::AccessDenied)
76
+ end
77
+ end
78
+ end
31
79
  end
@@ -55,3 +55,22 @@ end
55
55
  class BottomLineController < InheritingController
56
56
  include Restrict::Rails::Controller
57
57
  end
58
+
59
+ class ObjectController < ExampleController
60
+ def manager_of?(obj)
61
+ obj == :managed
62
+ end
63
+
64
+ private
65
+
66
+ def managed_object
67
+ :managed
68
+ end
69
+
70
+ def rougue_object
71
+ :other
72
+ end
73
+
74
+ def nil_object
75
+ end
76
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: restrict
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johannes Opper
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-11-28 00:00:00.000000000 Z
11
+ date: 2020-05-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -28,16 +28,16 @@ dependencies:
28
28
  name: bundler
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
- version: '1.5'
33
+ version: '0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
- version: '1.5'
40
+ version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -101,10 +101,10 @@ executables: []
101
101
  extensions: []
102
102
  extra_rdoc_files: []
103
103
  files:
104
+ - ".github/workflows/specs.yml"
104
105
  - ".gitignore"
105
106
  - ".rspec"
106
107
  - ".ruby-version"
107
- - ".travis.yml"
108
108
  - CHANGELOG.md
109
109
  - Gemfile
110
110
  - LICENSE.txt
@@ -151,7 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
151
151
  - !ruby/object:Gem::Version
152
152
  version: '0'
153
153
  requirements: []
154
- rubygems_version: 3.0.6
154
+ rubygems_version: 3.1.2
155
155
  signing_key:
156
156
  specification_version: 4
157
157
  summary: Simple access control dsl for controllers.
@@ -1,9 +0,0 @@
1
- rvm:
2
- - 2.3.1
3
-
4
- script: 'bundle exec rake spec'
5
-
6
- notifications:
7
- disabled: false
8
- recipients:
9
- - johannes.opper@gmail.com