role_based_authorization 0.1.7 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.7
1
+ 0.1.9
@@ -89,7 +89,7 @@ module RoleBasedAuthorization
89
89
  matching = @roles.include?(:all)
90
90
 
91
91
  # checking for right role (no need to check them if already matching)
92
- matching = !@roles.find { |role| role == user.role }.nil? if !matching
92
+ matching = !@roles.find { |role| !user.nil? && role == user.role }.nil? if !matching
93
93
 
94
94
  if @cond.nil?
95
95
  return matching
@@ -149,6 +149,7 @@ module RoleBasedAuthorization
149
149
  def authorize_action? opts = {}
150
150
  # Option handling
151
151
  user, ids, controller, action = *opts.values_at(:user, :ids, :controller, :action)
152
+ user ||= current_user
152
153
 
153
154
  if respond_to?(:logged_in?) && !logged_in?
154
155
  AUTHORIZATION_LOGGER.info("returning false (not logged in)")
@@ -162,7 +163,7 @@ module RoleBasedAuthorization
162
163
  controller = controller_name if controller.nil? && respond_to?(:controller_name)
163
164
 
164
165
  AUTHORIZATION_LOGGER.info("user %s requested access to method %s:%s using ids:%s" %
165
- [ user && user.inspect + "(id:#{user.id} role:#{user.role})" || 'none',
166
+ [ user && (user.inspect + "(id:#{user.id} role:#{user.role})") || 'none',
166
167
  controller,
167
168
  action,
168
169
  ids.inspect])
@@ -217,7 +218,6 @@ module RoleBasedAuthorization
217
218
  def authorized?
218
219
  authorize_action? :controller => controller_name,
219
220
  :action => action_name,
220
- :ids => params.reject { |key,value| key.to_s !~ /(_id\Z)|(\Aid\Z)/ },
221
- :user => current_user
221
+ :ids => params.reject { |key,value| key.to_s !~ /(_id\Z)|(\Aid\Z)/ }
222
222
  end
223
223
  end
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{role_based_authorization}
8
- s.version = "0.1.7"
8
+ s.version = "0.1.9"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Roberto Esposito"]
@@ -98,6 +98,13 @@ class RoleBasedAuthorizationTest < ActiveSupport::TestCase
98
98
  assert_equal true, @controller.authorize_action?(:action => 'low_security_with_param_identified_by_other_id',
99
99
  :other_id => 'object_id')
100
100
  end
101
+
102
+
103
+ test "helper method should work" do
104
+ @controller.if_authorized?(:action => 'very_low_security') {
105
+ assert true
106
+ }
107
+ end
101
108
 
102
109
 
103
110
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: role_based_authorization
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.1.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Roberto Esposito