stffn-declarative_authorization 0.3.2.1 → 0.3.2.2
Sign up to get free protection for your applications and to get access to all the features.
@@ -33,10 +33,10 @@ module Authorization
|
|
33
33
|
Thread.current["current_user"] = user
|
34
34
|
end
|
35
35
|
|
36
|
-
@@ignore_access_control = false
|
37
36
|
# For use in test cases only
|
38
37
|
def self.ignore_access_control (state = nil) # :nodoc:
|
39
|
-
|
38
|
+
Thread.current["ignore_access_control"] = state unless state.nil?
|
39
|
+
Thread.current["ignore_access_control"] || false
|
40
40
|
end
|
41
41
|
|
42
42
|
def self.activate_authorization_rules_browser? # :nodoc:
|
@@ -555,8 +555,8 @@ module Authorization
|
|
555
555
|
unless object
|
556
556
|
begin
|
557
557
|
object = load_object_model.find(contr.params[:id])
|
558
|
-
rescue ActiveRecord::RecordNotFound
|
559
|
-
logger.debug("filter_access_to tried to find " +
|
558
|
+
rescue ActiveRecord::RecordNotFound, RuntimeError
|
559
|
+
contr.logger.debug("filter_access_to tried to find " +
|
560
560
|
"#{load_object_model.inspect} from params[:id] " +
|
561
561
|
"(#{contr.params[:id].inspect}), because attribute_check is enabled " +
|
562
562
|
"and #{instance_var.to_s} isn't set.")
|
@@ -2,12 +2,6 @@
|
|
2
2
|
require File.dirname(__FILE__) + '/authorization.rb'
|
3
3
|
|
4
4
|
module Authorization
|
5
|
-
|
6
|
-
def self.ignore_access_control (state = nil) # :nodoc:
|
7
|
-
Thread.current["ignore_access_control"] = state unless state.nil?
|
8
|
-
Thread.current["ignore_access_control"] || false
|
9
|
-
end
|
10
|
-
|
11
5
|
# Provides a few maintenance methods for modifying data without enforcing
|
12
6
|
# authorization.
|
13
7
|
module Maintenance
|
@@ -21,8 +15,8 @@ module Authorization
|
|
21
15
|
# without_access_control do
|
22
16
|
# SomeModel.find(:first).save
|
23
17
|
# end
|
24
|
-
def without_access_control
|
25
|
-
|
18
|
+
def without_access_control (&block)
|
19
|
+
Authorization::Maintenance.without_access_control(&block)
|
26
20
|
end
|
27
21
|
|
28
22
|
# A class method variant of without_access_control. Thus, one can call
|
data/test/controller_test.rb
CHANGED
@@ -124,9 +124,6 @@ class BasicControllerTest < ActionController::TestCase
|
|
124
124
|
}
|
125
125
|
request!(MockUser.new(:test_role), "new", reader)
|
126
126
|
assert @controller.authorized?
|
127
|
-
|
128
|
-
request!(MockUser.new(:test_role), "edit_2", reader)
|
129
|
-
assert !@controller.authorized?
|
130
127
|
end
|
131
128
|
|
132
129
|
def test_existing_instance_var_remains_unchanged
|
@@ -238,6 +235,23 @@ class LoadObjectControllerTest < ActionController::TestCase
|
|
238
235
|
assert @controller.authorized?
|
239
236
|
assert @controller.instance_variable_defined?(:@load_mock_object)
|
240
237
|
end
|
238
|
+
|
239
|
+
def test_filter_access_object_load_without_param
|
240
|
+
reader = Authorization::Reader::DSLReader.new
|
241
|
+
reader.parse %{
|
242
|
+
authorization do
|
243
|
+
role :test_role do
|
244
|
+
has_permission_on :load_mock_objects, :to => [:show, :edit] do
|
245
|
+
if_attribute :id => is {"1"}
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
}
|
250
|
+
|
251
|
+
assert_raise RuntimeError, "No id param supplied" do
|
252
|
+
request!(MockUser.new(:test_role), "show", reader)
|
253
|
+
end
|
254
|
+
end
|
241
255
|
|
242
256
|
def test_filter_access_with_object_load_custom
|
243
257
|
reader = Authorization::Reader::DSLReader.new
|
data/test/maintenance_test.rb
CHANGED
@@ -2,6 +2,7 @@ require File.join(File.dirname(__FILE__), 'test_helper.rb')
|
|
2
2
|
require File.join(File.dirname(__FILE__), %w{.. lib declarative_authorization maintenance})
|
3
3
|
|
4
4
|
class MaintenanceTest < Test::Unit::TestCase
|
5
|
+
include Authorization::TestHelper
|
5
6
|
|
6
7
|
def test_usages_by_controllers
|
7
8
|
usage_test_controller = Class.new(ActionController::Base)
|
@@ -25,6 +26,10 @@ class MaintenanceTest < Test::Unit::TestCase
|
|
25
26
|
assert !engine.permit?(:test_2, :context => :permissions,
|
26
27
|
:user => MockUser.new(:test_role))
|
27
28
|
Authorization::Maintenance::without_access_control do
|
29
|
+
assert engine.permit!(:test_2, :context => :permissions,
|
30
|
+
:user => MockUser.new(:test_role))
|
31
|
+
end
|
32
|
+
without_access_control do
|
28
33
|
assert engine.permit?(:test_2, :context => :permissions,
|
29
34
|
:user => MockUser.new(:test_role))
|
30
35
|
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stffn-declarative_authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.2.
|
4
|
+
version: 0.3.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Steffen Bartsch
|
@@ -77,7 +77,6 @@ files:
|
|
77
77
|
- test/test_helper.rb
|
78
78
|
has_rdoc: true
|
79
79
|
homepage: http://github.com/stffn/declarative_authorization
|
80
|
-
licenses:
|
81
80
|
post_install_message:
|
82
81
|
rdoc_options: []
|
83
82
|
|
@@ -98,7 +97,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
98
97
|
requirements: []
|
99
98
|
|
100
99
|
rubyforge_project:
|
101
|
-
rubygems_version: 1.
|
100
|
+
rubygems_version: 1.2.0
|
102
101
|
signing_key:
|
103
102
|
specification_version: 2
|
104
103
|
summary: declarative_authorization is a Rails plugin for authorization based on readable authorization rules.
|