role_based_authorization 0.1.7 → 0.1.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/VERSION +1 -1
  2. data/lib/role_based_authorization/role_based_authorization.rb +4 -4
  3. data/role_based_authorization.gemspec +1 -1
  4. data/test/role_based_authorization_test.rb +7 -0
  5. metadata +1 -1
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.7
1
+ 0.1.9
data/lib/role_based_authorization/role_based_authorization.rb CHANGED
@@ -89,7 +89,7 @@ module RoleBasedAuthorization
89
89
  matching = @roles.include?(:all)
90
90
 
91
91
  # checking for right role (no need to check them if already matching)
92
- matching = !@roles.find { |role| role == user.role }.nil? if !matching
92
+ matching = !@roles.find { |role| !user.nil? && role == user.role }.nil? if !matching
93
93
 
94
94
  if @cond.nil?
95
95
  return matching
@@ -149,6 +149,7 @@ module RoleBasedAuthorization
149
149
  def authorize_action? opts = {}
150
150
  # Option handling
151
151
  user, ids, controller, action = *opts.values_at(:user, :ids, :controller, :action)
152
+ user ||= current_user
152
153
 
153
154
  if respond_to?(:logged_in?) && !logged_in?
154
155
  AUTHORIZATION_LOGGER.info("returning false (not logged in)")
@@ -162,7 +163,7 @@ module RoleBasedAuthorization
162
163
  controller = controller_name if controller.nil? && respond_to?(:controller_name)
163
164
 
164
165
  AUTHORIZATION_LOGGER.info("user %s requested access to method %s:%s using ids:%s" %
165
- [ user && user.inspect + "(id:#{user.id} role:#{user.role})" || 'none',
166
+ [ user && (user.inspect + "(id:#{user.id} role:#{user.role})") || 'none',
166
167
  controller,
167
168
  action,
168
169
  ids.inspect])
@@ -217,7 +218,6 @@ module RoleBasedAuthorization
217
218
  def authorized?
218
219
  authorize_action? :controller => controller_name,
219
220
  :action => action_name,
220
- :ids => params.reject { |key,value| key.to_s !~ /(_id\Z)|(\Aid\Z)/ },
221
- :user => current_user
221
+ :ids => params.reject { |key,value| key.to_s !~ /(_id\Z)|(\Aid\Z)/ }
222
222
  end
223
223
  end
data/role_based_authorization.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{role_based_authorization}
8
- s.version = "0.1.7"
8
+ s.version = "0.1.9"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Roberto Esposito"]
data/test/role_based_authorization_test.rb CHANGED
@@ -98,6 +98,13 @@ class RoleBasedAuthorizationTest < ActiveSupport::TestCase
98
98
  assert_equal true, @controller.authorize_action?(:action => 'low_security_with_param_identified_by_other_id',
99
99
  :other_id => 'object_id')
100
100
  end
101
+
102
+
103
+ test "helper method should work" do
104
+ @controller.if_authorized?(:action => 'very_low_security') {
105
+ assert true
106
+ }
107
+ end
101
108
 
102
109
 
103
110
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: role_based_authorization
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.1.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Roberto Esposito