simple_acl 1.0.3 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +15 -0
  2. data/README.md +33 -0
  3. data/lib/simple_acl.rb +3 -2
  4. data/lib/simple_acl/acl.rb +23 -0
  5. data/lib/simple_acl/configuration.rb +4 -1
  6. data/lib/simple_acl/version.rb +1 -1
  7. metadata +7 -11
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ NGZjN2RlMDM5ZjQ3NDFiMDYzNmM5ZGJiNTJiNGYxODEzZDJiMTMzYQ==
5
+ data.tar.gz: !binary |-
6
+ MzExYTAzZjc3NjZmMjYxMGU2MzE5ZTljNjE0NTdmOTg1MjQ5YmU4Yw==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ MzkwMzA4MGY5MWRiMDNlMWM2MWU0Y2U3NjE3Y2ZmZjhmYWFjOTkwZGZjYzY1
10
+ NmUzNzRhN2JmYTFmY2Y2YTEzZmMxZjA2NWUyNjcyM2Y1NTgxNzU0MzAxYzBk
11
+ ZTBlMjg3ZjQ2MTE1M2MyNzA4MzkwYmRlNTdmZmM4NDcwOGU1MmI=
12
+ data.tar.gz: !binary |-
13
+ NDc2ZTMxMjlhNTk2NmY5Yzk1OTYyMjA2ZWJkNmUxZjc3OGVjMjJlMmZlOGIz
14
+ NzNlNDczNTZiYTU1YWRmOGVjMGUzNmFjZDFhYjkzNTc3ZmNkY2RjMWZjMzIx
15
+ Mjk5ZjlkMmQ3MDRjZTM5N2ViYmEyYTlkNjdiOWM3ZTcwNjNhNzg=
data/README.md CHANGED
@@ -69,6 +69,7 @@ To configure the ability of a role you can use:
69
69
  Or the basic method `acl_role` with which you need to specify the role.
70
70
 
71
71
  The key `privileges` must be a hash of assertions.
72
+ The key `filters` must be a hash of params filters
72
73
  The key `inherit` must be the symbol of previous defined role.
73
74
 
74
75
  Example:
@@ -117,6 +118,38 @@ If you have values containing `params` and your user model `current_user`
117
118
 
118
119
  ```
119
120
 
121
+ ### Define filters for your roles
122
+
123
+ A filter is a list of allowed tokens for a given parameter. It assume the parameter is a comma delimited string.
124
+ A typical use case for this feature is to accept a prameter that provide a list of options. You want to control which options are available for each role.
125
+
126
+ Example
127
+
128
+ ```ruby
129
+ acl_user privileges: { show: true },
130
+ filters: { features: [ 'opt1', 'opt2', 'opt3'] }
131
+
132
+ ```
133
+
134
+ The filter above will parse the parameter 'features' and remove all token that are not one of the following `opt1`,`opt2`,`opt3`
135
+
136
+ a role can inherit filters from its parent. You can overide an inherited filter by redefining it. You can take advantage of the special value below.
137
+
138
+ * `:all` : Accept any value. It allow to remove an inherited filter
139
+ * `:none` : Reject any value
140
+
141
+ Example
142
+
143
+ ```ruby
144
+
145
+ acl_user privileges: { show: true },
146
+ filters: { features: [ 'opt1', 'opt2', 'opt3'] }
147
+
148
+ acl_guest inherit: :user, filters: { features: :none }
149
+
150
+ acl_admin inherit: :user, filters: { features: :all }
151
+ ```
152
+
120
153
  ## Contributing
121
154
 
122
155
  1. Fork it
data/lib/simple_acl.rb CHANGED
@@ -36,7 +36,7 @@ module SimpleAcl
36
36
  end
37
37
 
38
38
  def acl_values
39
- Thread.current[:acl_values] ||= defined?(params) ? params : nil
39
+ Thread.current[:acl_values] ||= { params: (defined?(params) ? params : nil) }
40
40
  end
41
41
 
42
42
  # @param current_role used for the assertion
@@ -63,6 +63,7 @@ module SimpleAcl
63
63
 
64
64
  begin
65
65
  self.class.acl.check_acl(acl_current_role, acl_action, acl_values)
66
+ self.class.acl.filter_params(acl_current_role, acl_values[:params])
66
67
  ensure
67
68
  # in case of Thread,current is not cleaned
68
69
  Thread.current[:acl_action] = nil
@@ -70,4 +71,4 @@ module SimpleAcl
70
71
  Thread.current[:acl_values] = nil
71
72
  end
72
73
  end
73
- end
74
+ end
data/lib/simple_acl/acl.rb CHANGED
@@ -38,6 +38,15 @@ module SimpleAcl
38
38
  unauthorized
39
39
  end
40
40
 
41
+ def filter_params(role, params)
42
+ filters = configuration.acl_filters[role.to_sym] || {}
43
+ filters.each do |key,value|
44
+ if params.has_key?(key)
45
+ params[key] = filter(params[key], value)
46
+ end
47
+ end
48
+ end
49
+
41
50
  def self.unauthorized
42
51
  raise ExceptionUnauthorized
43
52
  end
@@ -46,5 +55,19 @@ module SimpleAcl
46
55
  true
47
56
  end
48
57
 
58
+ private
59
+
60
+ def filter(values, accepted_values)
61
+ if accepted_values == :all
62
+ values
63
+ elsif accepted_values == :none
64
+ ''
65
+ elsif values == 'all'
66
+ accepted_values.join(',')
67
+ else
68
+ (values.split(',') & accepted_values).join(',')
69
+ end
70
+ end
71
+
49
72
  end
50
73
  end
data/lib/simple_acl/configuration.rb CHANGED
@@ -2,15 +2,18 @@ module SimpleAcl
2
2
  class Configuration
3
3
 
4
4
  attr_reader :acl_privileges
5
+ attr_reader :acl_filters
5
6
 
6
7
  def initialize
7
8
  @acl_privileges = {}
9
+ @acl_filters = {}
8
10
  end
9
11
 
10
12
  def add_role(role, privileges)
11
13
  check_keys(privileges)
12
14
 
13
15
  @acl_privileges[role] = (@acl_privileges[privileges[:inherit]] || {}).merge(privileges[:privileges] || {})
16
+ acl_filters[role] = (acl_filters[privileges[:inherit]] || {}).merge(privileges[:filters] || {})
14
17
 
15
18
  check_set_up(@acl_privileges[role])
16
19
 
@@ -22,7 +25,7 @@ module SimpleAcl
22
25
  # check defined keys in privileges
23
26
  def check_keys(privileges)
24
27
  privileges.keys.each do |configuration_key|
25
- raise ExceptionConfiguration, "Unknow configuration key #{configuration_key}" unless [:privileges, :inherit].include?(configuration_key)
28
+ raise ExceptionConfiguration, "Unknow configuration key #{configuration_key}" unless [:privileges, :inherit, :filters].include?(configuration_key)
26
29
  end
27
30
  raise ExceptionConfiguration, 'Inherit specified is not defined previously' if privileges[:inherit] && !@acl_privileges[privileges[:inherit]]
28
31
  end
data/lib/simple_acl/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SimpleAcl
2
- VERSION = '1.0.3'
2
+ VERSION = '1.1.0'
3
3
  end
metadata CHANGED
@@ -1,20 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simple_acl
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
5
- prerelease:
4
+ version: 1.1.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - mtparet
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2014-01-29 00:00:00.000000000 Z
11
+ date: 2014-03-07 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rspec
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
17
  - - ~>
20
18
  - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
22
20
  type: :development
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
24
  - - ~>
28
25
  - !ruby/object:Gem::Version
@@ -35,34 +32,33 @@ extensions: []
35
32
  extra_rdoc_files: []
36
33
  files:
37
34
  - README.md
35
+ - lib/simple_acl.rb
38
36
  - lib/simple_acl/acl.rb
39
- - lib/simple_acl/version.rb
40
37
  - lib/simple_acl/configuration.rb
41
38
  - lib/simple_acl/exceptions.rb
42
- - lib/simple_acl.rb
39
+ - lib/simple_acl/version.rb
43
40
  homepage: https://github.com/ifeelgoods/simple_acl
44
41
  licenses:
45
42
  - Apache License Version 2.0
43
+ metadata: {}
46
44
  post_install_message:
47
45
  rdoc_options: []
48
46
  require_paths:
49
47
  - lib
50
48
  required_ruby_version: !ruby/object:Gem::Requirement
51
- none: false
52
49
  requirements:
53
50
  - - ! '>='
54
51
  - !ruby/object:Gem::Version
55
52
  version: '0'
56
53
  required_rubygems_version: !ruby/object:Gem::Requirement
57
- none: false
58
54
  requirements:
59
55
  - - ! '>='
60
56
  - !ruby/object:Gem::Version
61
57
  version: '0'
62
58
  requirements: []
63
59
  rubyforge_project:
64
- rubygems_version: 1.8.23
60
+ rubygems_version: 2.2.2
65
61
  signing_key:
66
- specification_version: 3
62
+ specification_version: 4
67
63
  summary: Simple gem to implement ACL in Ruby (especially in Rails).
68
64
  test_files: []