restrictable 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +56 -3
- data/lib/restrictable/version.rb +1 -1
- data/restrictable.gemspec +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4c8208242de6b87d41a20b85f107913548642805
|
|
4
|
+
data.tar.gz: 265842a4d9ecb1026a058cc3e0c4df78d897a293
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2156e01bdfd9c5a2c7c926288be8777a92ac352bcdd0138c193a87fa0e730a22e1ca9f6fc38778880425ba9d9a4e4d5fe4c186fda9963f442cd9ab25d39ab0fd
|
|
7
|
+
data.tar.gz: c2db2735d82afffc8e96c4b064b57e7e203ac35ba3efdb25b1687bc9fabbcbd138b7a1ef89b007db20949c25a153b4df0ecafc48fc477261adf15b2e3fd9a381
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# Restrictable
|
|
2
2
|
|
|
3
|
+
[](https://badge.fury.io/rb/restrictable)
|
|
4
|
+
|
|
3
5
|
Manage authorization restrictions on Ruby on Rails with [Devise](https://github.com/plataformatec/devise).
|
|
4
6
|
Ideal for controlling actions of 2 or 3 types of users.
|
|
5
7
|
|
|
@@ -53,7 +55,7 @@ end
|
|
|
53
55
|
And now you can take advantage of the simple controller methods:
|
|
54
56
|
|
|
55
57
|
```ruby
|
|
56
|
-
class
|
|
58
|
+
class PostsController < ApplicationController
|
|
57
59
|
only_allow :admin, to: :destroy
|
|
58
60
|
prevent :guest, to: [:create, :update]
|
|
59
61
|
|
|
@@ -70,7 +72,55 @@ end
|
|
|
70
72
|
|
|
71
73
|
## Advanced Usage
|
|
72
74
|
|
|
73
|
-
|
|
75
|
+
Additionally you can match your implementation with `Restrictable` simply overriding controller methods. You can do this on the `ApplicationController` level or in your Controller.
|
|
76
|
+
|
|
77
|
+
#### Example of use:
|
|
78
|
+
|
|
79
|
+
```ruby
|
|
80
|
+
class ApplicationController < ActionController::Base
|
|
81
|
+
protect_from_forgery with: :exception
|
|
82
|
+
before_action :authenticate_user!
|
|
83
|
+
|
|
84
|
+
# `on_forbidden_action` is called when a user role doesn't have
|
|
85
|
+
# permission to access the controller method.
|
|
86
|
+
def on_forbidden_action
|
|
87
|
+
head :forbidden
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
# `should_prevent?(role)` is used to check when a role should be
|
|
91
|
+
# prevented.
|
|
92
|
+
# Called by the `prevent` helper and should return a boolean value.
|
|
93
|
+
def should_prevent?(role)
|
|
94
|
+
current_user.role == role
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
# `should_only_allow?(role)` is used to check when a role should be
|
|
98
|
+
# allowed.
|
|
99
|
+
# Called by the `only_allow` helper and should return a boolean value.
|
|
100
|
+
def should_only_allow?(role)
|
|
101
|
+
current_user.role != role
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
For example, if we want to implement `Restrictable` on an application that already have implemented users roles with the model `Seller` with devise and the attribute `responsability`. Our controller will be something like this:
|
|
107
|
+
|
|
108
|
+
```ruby
|
|
109
|
+
class SellersController < ApplicationController
|
|
110
|
+
only_allow :national_seller, to: :delete
|
|
111
|
+
prevent :local_seller, to: :new, :update
|
|
112
|
+
|
|
113
|
+
def should_prevent?(role)
|
|
114
|
+
@seller.responsability == role
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
def should_only_allow?(role)
|
|
118
|
+
@seller.responsability != role
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
# ...
|
|
122
|
+
end
|
|
123
|
+
```
|
|
74
124
|
|
|
75
125
|
## Development
|
|
76
126
|
|
|
@@ -80,7 +130,10 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
|
80
130
|
|
|
81
131
|
## Roadmap
|
|
82
132
|
|
|
83
|
-
|
|
133
|
+
- [x] Controller helpers
|
|
134
|
+
- [x] Controller override methods
|
|
135
|
+
- [ ] View helpers
|
|
136
|
+
- [ ] Review flexibility on implementation
|
|
84
137
|
|
|
85
138
|
## Contributing
|
|
86
139
|
|
data/lib/restrictable/version.rb
CHANGED
data/restrictable.gemspec
CHANGED
|
@@ -11,7 +11,7 @@ Gem::Specification.new do |spec|
|
|
|
11
11
|
|
|
12
12
|
spec.summary = %q{Simple authorization gem for Ruby on Rails.}
|
|
13
13
|
spec.description = %q{Manage authorization restrictions on Ruby on Rails. Ideal for controlling actions of 2 or 3 types of users.}
|
|
14
|
-
spec.homepage = ""
|
|
14
|
+
spec.homepage = "http://github.com/rejonpardenilla/restrictable"
|
|
15
15
|
spec.license = "MIT"
|
|
16
16
|
|
|
17
17
|
# Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: restrictable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Rejon Pardenilla
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-02-
|
|
11
|
+
date: 2018-02-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -102,7 +102,7 @@ files:
|
|
|
102
102
|
- lib/restrictable/railtie.rb
|
|
103
103
|
- lib/restrictable/version.rb
|
|
104
104
|
- restrictable.gemspec
|
|
105
|
-
homepage:
|
|
105
|
+
homepage: http://github.com/rejonpardenilla/restrictable
|
|
106
106
|
licenses:
|
|
107
107
|
- MIT
|
|
108
108
|
metadata:
|