simple_acl 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +52 -20
- data/lib/simple_acl.rb +1 -4
- data/lib/simple_acl/configuration.rb +10 -4
- data/lib/simple_acl/version.rb +1 -1
- metadata +5 -5
data/README.md
CHANGED
@@ -1,10 +1,8 @@
|
|
1
|
-
# SimpleAcl
|
2
|
-
|
3
|
-
[![Build Status](https://travis-ci.org/ifeelgoods/simple_acl.png?branch=master)](https://travis-ci.org/ifeelgoods/simple_acl)
|
1
|
+
# SimpleAcl [![Gem Version](https://badge.fury.io/rb/simple_acl.png)](http://badge.fury.io/rb/simple_acl) [![Build Status](https://travis-ci.org/ifeelgoods/simple_acl.png?branch=master)](https://travis-ci.org/ifeelgoods/simple_acl) [![Coverage Status](https://coveralls.io/repos/ifeelgoods/simple_acl/badge.png?branch=master)](https://coveralls.io/r/ifeelgoods/simple_acl?branch=master) [![Code Climate](https://codeclimate.com/github/ifeelgoods/simple_acl.png)](https://codeclimate.com/github/ifeelgoods/simple_acl)
|
4
2
|
|
5
3
|
This gem eases the implementation of ACL in Ruby (especially Rails).
|
6
4
|
|
7
|
-
All access are refused
|
5
|
+
All access are refused : the only default rule.
|
8
6
|
|
9
7
|
## Installation
|
10
8
|
|
@@ -18,17 +16,19 @@ And then execute:
|
|
18
16
|
|
19
17
|
## Usage
|
20
18
|
|
21
|
-
|
19
|
+
Include the main module:
|
22
20
|
|
23
21
|
`include SimpleAcl`
|
24
22
|
|
25
23
|
SimpleAcl need 3 variables:
|
26
|
-
- the action : by default
|
27
|
-
- the role : by default
|
28
|
-
- optional values for custom assertion : by default
|
24
|
+
- the action : by default `params[:action]` if available, nil otherwise
|
25
|
+
- the role : by default `current_role` if available, nil otherwise
|
26
|
+
- optional values for custom assertion : by default `params` if available, nil otherwise
|
29
27
|
|
30
|
-
You can manually define these by using following methods
|
31
|
-
`acl_current_role=`
|
28
|
+
You can manually define these by using following instance methods:
|
29
|
+
* `acl_current_role=`
|
30
|
+
* `acl_action=`
|
31
|
+
* `acl_values=`
|
32
32
|
|
33
33
|
Use the following before_filter to check ACL before the
|
34
34
|
execution of the code in the action.
|
@@ -37,13 +37,25 @@ execution of the code in the action.
|
|
37
37
|
before_filter :do_acl
|
38
38
|
```
|
39
39
|
|
40
|
-
|
40
|
+
When the access is refused to a given role, an `ExceptionUnauthorized`
|
41
|
+
exception will be raised.
|
42
|
+
Catch it to render/do whatever you want in this case (exemple with Rails):
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
rescue_from ExceptionUnauthorized do
|
46
|
+
# render 403
|
47
|
+
end
|
48
|
+
```
|
49
|
+
|
50
|
+
### Define yours ACL
|
41
51
|
|
42
52
|
To configure the ability of a role you can use:
|
43
53
|
|
44
|
-
`acl_user
|
54
|
+
* `acl_user`
|
55
|
+
* `acl_admin`
|
56
|
+
* `acl_guest`
|
45
57
|
|
46
|
-
|
58
|
+
Or the basic method `acl_role` with which you need to specify the role.
|
47
59
|
|
48
60
|
The key `privileges` must be a hash of assertions.
|
49
61
|
The key `inherit` must be the symbol of previous defined role.
|
@@ -64,17 +76,36 @@ Example:
|
|
64
76
|
acl_role(:guest, show: true)
|
65
77
|
```
|
66
78
|
|
67
|
-
|
68
|
-
|
69
|
-
|
79
|
+
### Define assertions in your ACL
|
80
|
+
|
81
|
+
An assertion has to return `TrueClass` or `FalseClass`.
|
82
|
+
(other values will have same effect than a `FalseClass`)
|
83
|
+
|
84
|
+
You can also use lambda to write advanced assertion.
|
85
|
+
The two parameters `current_role` and `values` are passed to the lambda,
|
86
|
+
you can use these for your assertion.
|
87
|
+
|
88
|
+
Example:
|
70
89
|
|
71
90
|
```ruby
|
72
|
-
|
73
|
-
|
74
|
-
|
91
|
+
acl_guest privileges: {
|
92
|
+
show: lambda{|current_role, values| YourModel.find(values[:id]).guest_access?},
|
93
|
+
}
|
94
|
+
|
75
95
|
```
|
76
96
|
|
77
|
-
|
97
|
+
If you have values containing `params` and your user model `current_user`
|
98
|
+
|
99
|
+
```ruby
|
100
|
+
acl_user privileges: {
|
101
|
+
update: lambda{|current_role, values| values[:current_user].profile_id == values[:params][:id]},
|
102
|
+
}
|
103
|
+
|
104
|
+
```
|
105
|
+
|
106
|
+
## Configuration
|
107
|
+
|
108
|
+
In an initializer, you can specify the role you want to use.
|
78
109
|
(defaults are :admin, :user, :guest)
|
79
110
|
|
80
111
|
```
|
@@ -93,3 +124,4 @@ SimpleAcl::Configuration.authorized_roles = [:admin, :user]
|
|
93
124
|
Inspired from `racl-rails` and `racl`.
|
94
125
|
https://github.com/ifeelgoods/racl/
|
95
126
|
https://github.com/ifeelgoods/racl-rails/
|
127
|
+
|
data/lib/simple_acl.rb
CHANGED
@@ -28,9 +28,6 @@ module SimpleAcl
|
|
28
28
|
acl.configuration.add_role(role, privileges)
|
29
29
|
end
|
30
30
|
|
31
|
-
def acl_to_json
|
32
|
-
acl.configuration.acl_privileges.to_json
|
33
|
-
end
|
34
31
|
end
|
35
32
|
|
36
33
|
# @param values used for custom lambda assertion
|
@@ -65,7 +62,7 @@ module SimpleAcl
|
|
65
62
|
return Acl.unauthorized unless self.class.acl
|
66
63
|
|
67
64
|
begin
|
68
|
-
self.class.acl.check_acl(acl_current_role,
|
65
|
+
self.class.acl.check_acl(acl_current_role, acl_action, acl_values)
|
69
66
|
ensure
|
70
67
|
# in case of Thread,current is not cleaned
|
71
68
|
Thread.current[:acl_action] = nil
|
@@ -17,10 +17,8 @@ module SimpleAcl
|
|
17
17
|
|
18
18
|
def add_role(role, privileges)
|
19
19
|
raise ExceptionConfiguration, ExceptionConfiguration, "Unauthorized role #{role}" unless self.class.authorized_roles.include?(role)
|
20
|
-
|
21
|
-
|
22
|
-
end
|
23
|
-
raise ExceptionConfiguration, 'Inherit specified is not defined previously' if privileges[:inherit] && !@acl_privileges[privileges[:inherit]]
|
20
|
+
|
21
|
+
check_keys(privileges)
|
24
22
|
|
25
23
|
@acl_privileges[role] = (@acl_privileges[privileges[:inherit]] || {}).merge(privileges[:privileges] || {})
|
26
24
|
|
@@ -31,6 +29,14 @@ module SimpleAcl
|
|
31
29
|
|
32
30
|
private
|
33
31
|
|
32
|
+
# check defined keys in privileges
|
33
|
+
def check_keys(privileges)
|
34
|
+
privileges.keys.each do |configuration_key|
|
35
|
+
raise ExceptionConfiguration, "Unknow configuration key #{configuration_key}" unless [:privileges, :inherit].include?(configuration_key)
|
36
|
+
end
|
37
|
+
raise ExceptionConfiguration, 'Inherit specified is not defined previously' if privileges[:inherit] && !@acl_privileges[privileges[:inherit]]
|
38
|
+
end
|
39
|
+
|
34
40
|
# check of the set up
|
35
41
|
def check_set_up(privileges)
|
36
42
|
privileges.keys.each{|action| check_assertion(privileges[action]) }
|
data/lib/simple_acl/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simple_acl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-10-
|
12
|
+
date: 2013-10-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rspec
|
@@ -27,8 +27,8 @@ dependencies:
|
|
27
27
|
- - ~>
|
28
28
|
- !ruby/object:Gem::Version
|
29
29
|
version: '2.14'
|
30
|
-
description: Simple
|
31
|
-
given. Great use with Devise.
|
30
|
+
description: Simple gem to implement ACL in Ruby (especially in Rails) based on a
|
31
|
+
role given. Great use with Devise.
|
32
32
|
email: tech@ifeelgoods.com
|
33
33
|
executables: []
|
34
34
|
extensions: []
|
@@ -63,5 +63,5 @@ rubyforge_project:
|
|
63
63
|
rubygems_version: 1.8.25
|
64
64
|
signing_key:
|
65
65
|
specification_version: 3
|
66
|
-
summary: Simple
|
66
|
+
summary: Simple gem to implement ACL in Ruby (especially in Rails).
|
67
67
|
test_files: []
|