simple_acl 1.0.3 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +15 -0
  2. data/README.md +33 -0
  3. data/lib/simple_acl.rb +3 -2
  4. data/lib/simple_acl/acl.rb +23 -0
  5. data/lib/simple_acl/configuration.rb +4 -1
  6. data/lib/simple_acl/version.rb +1 -1
  7. metadata +7 -11
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ NGZjN2RlMDM5ZjQ3NDFiMDYzNmM5ZGJiNTJiNGYxODEzZDJiMTMzYQ==
5
+ data.tar.gz: !binary |-
6
+ MzExYTAzZjc3NjZmMjYxMGU2MzE5ZTljNjE0NTdmOTg1MjQ5YmU4Yw==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ MzkwMzA4MGY5MWRiMDNlMWM2MWU0Y2U3NjE3Y2ZmZjhmYWFjOTkwZGZjYzY1
10
+ NmUzNzRhN2JmYTFmY2Y2YTEzZmMxZjA2NWUyNjcyM2Y1NTgxNzU0MzAxYzBk
11
+ ZTBlMjg3ZjQ2MTE1M2MyNzA4MzkwYmRlNTdmZmM4NDcwOGU1MmI=
12
+ data.tar.gz: !binary |-
13
+ NDc2ZTMxMjlhNTk2NmY5Yzk1OTYyMjA2ZWJkNmUxZjc3OGVjMjJlMmZlOGIz
14
+ NzNlNDczNTZiYTU1YWRmOGVjMGUzNmFjZDFhYjkzNTc3ZmNkY2RjMWZjMzIx
15
+ Mjk5ZjlkMmQ3MDRjZTM5N2ViYmEyYTlkNjdiOWM3ZTcwNjNhNzg=
data/README.md CHANGED
@@ -69,6 +69,7 @@ To configure the ability of a role you can use:
69
69
  Or the basic method `acl_role` with which you need to specify the role.
70
70
 
71
71
  The key `privileges` must be a hash of assertions.
72
+ The key `filters` must be a hash of params filters
72
73
  The key `inherit` must be the symbol of previous defined role.
73
74
 
74
75
  Example:
@@ -117,6 +118,38 @@ If you have values containing `params` and your user model `current_user`
117
118
 
118
119
  ```
119
120
 
121
+ ### Define filters for your roles
122
+
123
+ A filter is a list of allowed tokens for a given parameter. It assume the parameter is a comma delimited string.
124
+ A typical use case for this feature is to accept a prameter that provide a list of options. You want to control which options are available for each role.
125
+
126
+ Example
127
+
128
+ ```ruby
129
+ acl_user privileges: { show: true },
130
+ filters: { features: [ 'opt1', 'opt2', 'opt3'] }
131
+
132
+ ```
133
+
134
+ The filter above will parse the parameter 'features' and remove all token that are not one of the following `opt1`,`opt2`,`opt3`
135
+
136
+ a role can inherit filters from its parent. You can overide an inherited filter by redefining it. You can take advantage of the special value below.
137
+
138
+ * `:all` : Accept any value. It allow to remove an inherited filter
139
+ * `:none` : Reject any value
140
+
141
+ Example
142
+
143
+ ```ruby
144
+
145
+ acl_user privileges: { show: true },
146
+ filters: { features: [ 'opt1', 'opt2', 'opt3'] }
147
+
148
+ acl_guest inherit: :user, filters: { features: :none }
149
+
150
+ acl_admin inherit: :user, filters: { features: :all }
151
+ ```
152
+
120
153
  ## Contributing
121
154
 
122
155
  1. Fork it
data/lib/simple_acl.rb CHANGED
@@ -36,7 +36,7 @@ module SimpleAcl
36
36
  end
37
37
 
38
38
  def acl_values
39
- Thread.current[:acl_values] ||= defined?(params) ? params : nil
39
+ Thread.current[:acl_values] ||= { params: (defined?(params) ? params : nil) }
40
40
  end
41
41
 
42
42
  # @param current_role used for the assertion
@@ -63,6 +63,7 @@ module SimpleAcl
63
63
 
64
64
  begin
65
65
  self.class.acl.check_acl(acl_current_role, acl_action, acl_values)
66
+ self.class.acl.filter_params(acl_current_role, acl_values[:params])
66
67
  ensure
67
68
  # in case of Thread,current is not cleaned
68
69
  Thread.current[:acl_action] = nil
@@ -70,4 +71,4 @@ module SimpleAcl
70
71
  Thread.current[:acl_values] = nil
71
72
  end
72
73
  end
73
- end
74
+ end
data/lib/simple_acl/acl.rb CHANGED
@@ -38,6 +38,15 @@ module SimpleAcl
38
38
  unauthorized
39
39
  end
40
40
 
41
+ def filter_params(role, params)
42
+ filters = configuration.acl_filters[role.to_sym] || {}
43
+ filters.each do |key,value|
44
+ if params.has_key?(key)
45
+ params[key] = filter(params[key], value)
46
+ end
47
+ end
48
+ end
49
+
41
50
  def self.unauthorized
42
51
  raise ExceptionUnauthorized
43
52
  end
@@ -46,5 +55,19 @@ module SimpleAcl
46
55
  true
47
56
  end
48
57
 
58
+ private
59
+
60
+ def filter(values, accepted_values)
61
+ if accepted_values == :all
62
+ values
63
+ elsif accepted_values == :none
64
+ ''
65
+ elsif values == 'all'
66
+ accepted_values.join(',')
67
+ else
68
+ (values.split(',') & accepted_values).join(',')
69
+ end
70
+ end
71
+
49
72
  end
50
73
  end
data/lib/simple_acl/configuration.rb CHANGED
@@ -2,15 +2,18 @@ module SimpleAcl
2
2
  class Configuration
3
3
 
4
4
  attr_reader :acl_privileges
5
+ attr_reader :acl_filters
5
6
 
6
7
  def initialize
7
8
  @acl_privileges = {}
9
+ @acl_filters = {}
8
10
  end
9
11
 
10
12
  def add_role(role, privileges)
11
13
  check_keys(privileges)
12
14
 
13
15
  @acl_privileges[role] = (@acl_privileges[privileges[:inherit]] || {}).merge(privileges[:privileges] || {})
16
+ acl_filters[role] = (acl_filters[privileges[:inherit]] || {}).merge(privileges[:filters] || {})
14
17
 
15
18
  check_set_up(@acl_privileges[role])
16
19
 
@@ -22,7 +25,7 @@ module SimpleAcl
22
25
  # check defined keys in privileges
23
26
  def check_keys(privileges)
24
27
  privileges.keys.each do |configuration_key|
25
- raise ExceptionConfiguration, "Unknow configuration key #{configuration_key}" unless [:privileges, :inherit].include?(configuration_key)
28
+ raise ExceptionConfiguration, "Unknow configuration key #{configuration_key}" unless [:privileges, :inherit, :filters].include?(configuration_key)
26
29
  end
27
30
  raise ExceptionConfiguration, 'Inherit specified is not defined previously' if privileges[:inherit] && !@acl_privileges[privileges[:inherit]]
28
31
  end
data/lib/simple_acl/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SimpleAcl
2
- VERSION = '1.0.3'
2
+ VERSION = '1.1.0'
3
3
  end
metadata CHANGED
@@ -1,20 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simple_acl
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
5
- prerelease:
4
+ version: 1.1.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - mtparet
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2014-01-29 00:00:00.000000000 Z
11
+ date: 2014-03-07 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rspec
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
17
  - - ~>
20
18
  - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
22
20
  type: :development
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
24
  - - ~>
28
25
  - !ruby/object:Gem::Version
@@ -35,34 +32,33 @@ extensions: []
35
32
  extra_rdoc_files: []
36
33
  files:
37
34
  - README.md
35
+ - lib/simple_acl.rb
38
36
  - lib/simple_acl/acl.rb
39
- - lib/simple_acl/version.rb
40
37
  - lib/simple_acl/configuration.rb
41
38
  - lib/simple_acl/exceptions.rb
42
- - lib/simple_acl.rb
39
+ - lib/simple_acl/version.rb
43
40
  homepage: https://github.com/ifeelgoods/simple_acl
44
41
  licenses:
45
42
  - Apache License Version 2.0
43
+ metadata: {}
46
44
  post_install_message:
47
45
  rdoc_options: []
48
46
  require_paths:
49
47
  - lib
50
48
  required_ruby_version: !ruby/object:Gem::Requirement
51
- none: false
52
49
  requirements:
53
50
  - - ! '>='
54
51
  - !ruby/object:Gem::Version
55
52
  version: '0'
56
53
  required_rubygems_version: !ruby/object:Gem::Requirement
57
- none: false
58
54
  requirements:
59
55
  - - ! '>='
60
56
  - !ruby/object:Gem::Version
61
57
  version: '0'
62
58
  requirements: []
63
59
  rubyforge_project:
64
- rubygems_version: 1.8.23
60
+ rubygems_version: 2.2.2
65
61
  signing_key:
66
- specification_version: 3
62
+ specification_version: 4
67
63
  summary: Simple gem to implement ACL in Ruby (especially in Rails).
68
64
  test_files: []