strong_actions 0.0.6 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +9 -0
- data/Gemfile.lock +32 -29
- data/HISTORY.md +4 -0
- data/README.md +17 -0
- data/config/acl.yml +7 -2
- data/lib/strong_actions/controller.rb +1 -1
- data/lib/strong_actions/decision.rb +35 -15
- data/lib/strong_actions/version.rb +1 -1
- data/strong_actions.gemspec +7 -5
- data/test/namespace_test.rb +54 -0
- data/test/test_helper.rb +2 -0
- metadata +20 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ca614b9e39bb1d36354f7acb67d35bbed3dce7c4
|
|
4
|
+
data.tar.gz: 58544302bc297db77b1ffc6240186b50a084f0de
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: af45a6a6bd12d2087a2d8b5006029857b89ba03f87abc99046b5c147a80fefebac11a15c5c3cef6020ff823646484643cd911f4a0443d3bf7b64d37c1ceaaac3
|
|
7
|
+
data.tar.gz: 41ae17c38389bb6f2942274bf27ade8559090a6d1e58b09a36ae60257f1f9d010222f3d50056ff09f8ecc750a655a2ed682330da39e1a59f12dbc663cb93037e
|
data/.gitignore
CHANGED
data/.travis.yml
ADDED
data/Gemfile.lock
CHANGED
|
@@ -1,28 +1,28 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
strong_actions (0.0.
|
|
5
|
-
actionpack (>=
|
|
6
|
-
activesupport (>=
|
|
7
|
-
railties (>=
|
|
4
|
+
strong_actions (0.0.7)
|
|
5
|
+
actionpack (>= 4.0.0, < 5.0.0)
|
|
6
|
+
activesupport (>= 4.0.0, < 5.0.0)
|
|
7
|
+
railties (>= 4.0.0, < 5.0.0)
|
|
8
8
|
|
|
9
9
|
GEM
|
|
10
10
|
remote: https://rubygems.org/
|
|
11
11
|
specs:
|
|
12
|
-
actionpack (4.2.1)
|
|
13
|
-
actionview (= 4.2.1)
|
|
14
|
-
activesupport (= 4.2.1)
|
|
12
|
+
actionpack (4.2.7.1)
|
|
13
|
+
actionview (= 4.2.7.1)
|
|
14
|
+
activesupport (= 4.2.7.1)
|
|
15
15
|
rack (~> 1.6)
|
|
16
16
|
rack-test (~> 0.6.2)
|
|
17
17
|
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
18
|
-
rails-html-sanitizer (~> 1.0, >= 1.0.
|
|
19
|
-
actionview (4.2.1)
|
|
20
|
-
activesupport (= 4.2.1)
|
|
18
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
19
|
+
actionview (4.2.7.1)
|
|
20
|
+
activesupport (= 4.2.7.1)
|
|
21
21
|
builder (~> 3.1)
|
|
22
22
|
erubis (~> 2.7.0)
|
|
23
23
|
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
24
|
-
rails-html-sanitizer (~> 1.0, >= 1.0.
|
|
25
|
-
activesupport (4.2.1)
|
|
24
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
25
|
+
activesupport (4.2.7.1)
|
|
26
26
|
i18n (~> 0.7)
|
|
27
27
|
json (~> 1.7, >= 1.7.7)
|
|
28
28
|
minitest (~> 5.1)
|
|
@@ -31,31 +31,31 @@ GEM
|
|
|
31
31
|
builder (3.2.2)
|
|
32
32
|
erubis (2.7.0)
|
|
33
33
|
i18n (0.7.0)
|
|
34
|
-
json (1.8.
|
|
35
|
-
loofah (2.0.
|
|
34
|
+
json (1.8.3)
|
|
35
|
+
loofah (2.0.3)
|
|
36
36
|
nokogiri (>= 1.5.9)
|
|
37
|
-
|
|
38
|
-
minitest (5.
|
|
39
|
-
nokogiri (1.
|
|
40
|
-
|
|
41
|
-
rack (1.6.
|
|
37
|
+
mini_portile2 (2.1.0)
|
|
38
|
+
minitest (5.10.1)
|
|
39
|
+
nokogiri (1.7.0.1)
|
|
40
|
+
mini_portile2 (~> 2.1.0)
|
|
41
|
+
rack (1.6.5)
|
|
42
42
|
rack-test (0.6.3)
|
|
43
43
|
rack (>= 1.0)
|
|
44
44
|
rails-deprecated_sanitizer (1.0.3)
|
|
45
45
|
activesupport (>= 4.2.0.alpha)
|
|
46
|
-
rails-dom-testing (1.0.
|
|
46
|
+
rails-dom-testing (1.0.8)
|
|
47
47
|
activesupport (>= 4.2.0.beta, < 5.0)
|
|
48
|
-
nokogiri (~> 1.6
|
|
48
|
+
nokogiri (~> 1.6)
|
|
49
49
|
rails-deprecated_sanitizer (>= 1.0.1)
|
|
50
|
-
rails-html-sanitizer (1.0.
|
|
50
|
+
rails-html-sanitizer (1.0.3)
|
|
51
51
|
loofah (~> 2.0)
|
|
52
|
-
railties (4.2.1)
|
|
53
|
-
actionpack (= 4.2.1)
|
|
54
|
-
activesupport (= 4.2.1)
|
|
52
|
+
railties (4.2.7.1)
|
|
53
|
+
actionpack (= 4.2.7.1)
|
|
54
|
+
activesupport (= 4.2.7.1)
|
|
55
55
|
rake (>= 0.8.7)
|
|
56
56
|
thor (>= 0.18.1, < 2.0)
|
|
57
|
-
rake (10.
|
|
58
|
-
thor (0.19.
|
|
57
|
+
rake (10.5.0)
|
|
58
|
+
thor (0.19.4)
|
|
59
59
|
thread_safe (0.3.5)
|
|
60
60
|
tzinfo (1.2.2)
|
|
61
61
|
thread_safe (~> 0.1)
|
|
@@ -64,7 +64,10 @@ PLATFORMS
|
|
|
64
64
|
ruby
|
|
65
65
|
|
|
66
66
|
DEPENDENCIES
|
|
67
|
-
bundler (~> 1.
|
|
67
|
+
bundler (~> 1.7)
|
|
68
68
|
minitest
|
|
69
|
-
rake
|
|
69
|
+
rake (~> 10.0)
|
|
70
70
|
strong_actions!
|
|
71
|
+
|
|
72
|
+
BUNDLED WITH
|
|
73
|
+
1.13.7
|
data/HISTORY.md
CHANGED
data/README.md
CHANGED
|
@@ -37,6 +37,23 @@ then prepare config/acl.yml
|
|
|
37
37
|
|
|
38
38
|
In above case, when a non-admin user try to access new_user_path, StrongActions::ForbiddenAction is thrown.
|
|
39
39
|
|
|
40
|
+
if all actions are restricted in the same way, you can make a definition on controller level.
|
|
41
|
+
|
|
42
|
+
current_user:
|
|
43
|
+
users: admin?
|
|
44
|
+
|
|
45
|
+
controller definition can be namespaced.
|
|
46
|
+
|
|
47
|
+
current_user:
|
|
48
|
+
admin/users: admin?
|
|
49
|
+
|
|
50
|
+
if you have multiple controllers under a namespace, namespace can be used.
|
|
51
|
+
ending with '/' indicates that is for namespace 'admin' and not controller 'admin'.
|
|
52
|
+
|
|
53
|
+
current_user:
|
|
54
|
+
admin/: admin?
|
|
55
|
+
|
|
56
|
+
|
|
40
57
|
### Handling error in controller
|
|
41
58
|
|
|
42
59
|
In application_controller.rb, the error should be rescued like
|
data/config/acl.yml
CHANGED
|
@@ -19,7 +19,7 @@ module StrongActions
|
|
|
19
19
|
def authorize_roles!
|
|
20
20
|
StrongActions.config.roles.each do |role|
|
|
21
21
|
unless judge(role, controller_path, action_name, params)
|
|
22
|
-
message = "#{controller_path.
|
|
22
|
+
message = "#{controller_path.classify}Controller##{action_name} is not permitted for role #{role}"
|
|
23
23
|
raise StrongActions::ForbiddenAction.new(message)
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -6,27 +6,31 @@ module StrongActions
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def call(role, controller_path, action_name = nil, params = {})
|
|
9
|
+
action_name ||= 'index'
|
|
9
10
|
role_definition = StrongActions.config.role_definition(role)
|
|
10
11
|
return true unless role_definition
|
|
11
12
|
|
|
12
|
-
|
|
13
|
-
|
|
13
|
+
controller_names_for(controller_path).each do |controller_name|
|
|
14
|
+
controller_value = role_definition[controller_name]
|
|
15
|
+
next if controller_value.nil?
|
|
14
16
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
return true if action_value.nil?
|
|
17
|
+
if controller_value.is_a?(Hash)
|
|
18
|
+
action_value = controller_value[action_name]
|
|
19
|
+
else
|
|
20
|
+
action_value = controller_value
|
|
21
|
+
end
|
|
22
|
+
next if action_value.nil?
|
|
22
23
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
24
|
+
action_values = Array(action_value)
|
|
25
|
+
action_values.each do |definition|
|
|
26
|
+
next if definition === true
|
|
27
|
+
return false if definition === false
|
|
27
28
|
|
|
28
|
-
|
|
29
|
-
|
|
29
|
+
role_object = role_object_for(role)
|
|
30
|
+
return false unless role_object.instance_eval(definition)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
break
|
|
30
34
|
end
|
|
31
35
|
|
|
32
36
|
true
|
|
@@ -40,5 +44,21 @@ module StrongActions
|
|
|
40
44
|
end
|
|
41
45
|
end
|
|
42
46
|
|
|
47
|
+
def controller_names_for(controller_path)
|
|
48
|
+
ret = []
|
|
49
|
+
|
|
50
|
+
path_elements = controller_path.split('/')
|
|
51
|
+
if path_elements.size == 1
|
|
52
|
+
ret = path_elements
|
|
53
|
+
else
|
|
54
|
+
path_elements.each_with_index do |path_element, i|
|
|
55
|
+
ret << ret.last.to_s + path_element + (i < path_elements.size - 1 ? '/' : '')
|
|
56
|
+
end
|
|
57
|
+
ret.reverse!
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
ret
|
|
61
|
+
end
|
|
62
|
+
|
|
43
63
|
end
|
|
44
64
|
end
|
data/strong_actions.gemspec
CHANGED
|
@@ -17,11 +17,13 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
18
18
|
spec.require_paths = ["lib"]
|
|
19
19
|
|
|
20
|
-
spec.
|
|
21
|
-
spec.add_dependency "actionpack", '>= 3.2.0', '< 5.0.0'
|
|
22
|
-
spec.add_dependency "railties", '>= 3.2.0', '< 5.0.0'
|
|
20
|
+
spec.required_ruby_version = '~> 2.1'
|
|
23
21
|
|
|
24
|
-
spec.
|
|
22
|
+
spec.add_dependency "activesupport", '>= 4.0.0', '< 5.0.0'
|
|
23
|
+
spec.add_dependency "actionpack", '>= 4.0.0', '< 5.0.0'
|
|
24
|
+
spec.add_dependency "railties", '>= 4.0.0', '< 5.0.0'
|
|
25
|
+
|
|
26
|
+
spec.add_development_dependency "bundler", "~> 1.7"
|
|
25
27
|
spec.add_development_dependency "minitest"
|
|
26
|
-
spec.add_development_dependency "rake"
|
|
28
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
|
27
29
|
end
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module SysAdmin
|
|
4
|
+
class SysAdmin::SysConfigController < ActionController::Base
|
|
5
|
+
include StrongActions::Controller
|
|
6
|
+
|
|
7
|
+
def show
|
|
8
|
+
head :ok
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def edit
|
|
12
|
+
head :ok
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def update
|
|
16
|
+
head :ok
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
private
|
|
20
|
+
|
|
21
|
+
def current_user
|
|
22
|
+
unless @current_user
|
|
23
|
+
@current_user = Object.new
|
|
24
|
+
@current_user.instance_eval do
|
|
25
|
+
def sys_admin?
|
|
26
|
+
false
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
@current_user
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
class NamespaceTest < ActionController::TestCase
|
|
38
|
+
tests SysAdmin::SysConfigController
|
|
39
|
+
|
|
40
|
+
def test_allowed
|
|
41
|
+
get :show
|
|
42
|
+
assert_response :ok
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def test_forbidden
|
|
46
|
+
assert_raise StrongActions::ForbiddenAction do
|
|
47
|
+
get :edit
|
|
48
|
+
end
|
|
49
|
+
assert_raise StrongActions::ForbiddenAction do
|
|
50
|
+
patch :update
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: strong_actions
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- ichy
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 4.0.0
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 5.0.0
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version:
|
|
29
|
+
version: 4.0.0
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 5.0.0
|
|
@@ -36,7 +36,7 @@ dependencies:
|
|
|
36
36
|
requirements:
|
|
37
37
|
- - ">="
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version:
|
|
39
|
+
version: 4.0.0
|
|
40
40
|
- - "<"
|
|
41
41
|
- !ruby/object:Gem::Version
|
|
42
42
|
version: 5.0.0
|
|
@@ -46,7 +46,7 @@ dependencies:
|
|
|
46
46
|
requirements:
|
|
47
47
|
- - ">="
|
|
48
48
|
- !ruby/object:Gem::Version
|
|
49
|
-
version:
|
|
49
|
+
version: 4.0.0
|
|
50
50
|
- - "<"
|
|
51
51
|
- !ruby/object:Gem::Version
|
|
52
52
|
version: 5.0.0
|
|
@@ -56,7 +56,7 @@ dependencies:
|
|
|
56
56
|
requirements:
|
|
57
57
|
- - ">="
|
|
58
58
|
- !ruby/object:Gem::Version
|
|
59
|
-
version:
|
|
59
|
+
version: 4.0.0
|
|
60
60
|
- - "<"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
62
|
version: 5.0.0
|
|
@@ -66,7 +66,7 @@ dependencies:
|
|
|
66
66
|
requirements:
|
|
67
67
|
- - ">="
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
|
-
version:
|
|
69
|
+
version: 4.0.0
|
|
70
70
|
- - "<"
|
|
71
71
|
- !ruby/object:Gem::Version
|
|
72
72
|
version: 5.0.0
|
|
@@ -76,14 +76,14 @@ dependencies:
|
|
|
76
76
|
requirements:
|
|
77
77
|
- - "~>"
|
|
78
78
|
- !ruby/object:Gem::Version
|
|
79
|
-
version: '1.
|
|
79
|
+
version: '1.7'
|
|
80
80
|
type: :development
|
|
81
81
|
prerelease: false
|
|
82
82
|
version_requirements: !ruby/object:Gem::Requirement
|
|
83
83
|
requirements:
|
|
84
84
|
- - "~>"
|
|
85
85
|
- !ruby/object:Gem::Version
|
|
86
|
-
version: '1.
|
|
86
|
+
version: '1.7'
|
|
87
87
|
- !ruby/object:Gem::Dependency
|
|
88
88
|
name: minitest
|
|
89
89
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -102,16 +102,16 @@ dependencies:
|
|
|
102
102
|
name: rake
|
|
103
103
|
requirement: !ruby/object:Gem::Requirement
|
|
104
104
|
requirements:
|
|
105
|
-
- - "
|
|
105
|
+
- - "~>"
|
|
106
106
|
- !ruby/object:Gem::Version
|
|
107
|
-
version: '0'
|
|
107
|
+
version: '10.0'
|
|
108
108
|
type: :development
|
|
109
109
|
prerelease: false
|
|
110
110
|
version_requirements: !ruby/object:Gem::Requirement
|
|
111
111
|
requirements:
|
|
112
|
-
- - "
|
|
112
|
+
- - "~>"
|
|
113
113
|
- !ruby/object:Gem::Version
|
|
114
|
-
version: '0'
|
|
114
|
+
version: '10.0'
|
|
115
115
|
description: access control for rails controller/action
|
|
116
116
|
email:
|
|
117
117
|
- ichylinux@gmail.com
|
|
@@ -120,6 +120,7 @@ extensions: []
|
|
|
120
120
|
extra_rdoc_files: []
|
|
121
121
|
files:
|
|
122
122
|
- ".gitignore"
|
|
123
|
+
- ".travis.yml"
|
|
123
124
|
- Gemfile
|
|
124
125
|
- Gemfile.lock
|
|
125
126
|
- HISTORY.md
|
|
@@ -138,6 +139,7 @@ files:
|
|
|
138
139
|
- strong_actions.gemspec
|
|
139
140
|
- test/controller_test.rb
|
|
140
141
|
- test/decision_test.rb
|
|
142
|
+
- test/namespace_test.rb
|
|
141
143
|
- test/test_helper.rb
|
|
142
144
|
homepage: https://github.com/hybitz/strong_actions
|
|
143
145
|
licenses:
|
|
@@ -149,9 +151,9 @@ require_paths:
|
|
|
149
151
|
- lib
|
|
150
152
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
151
153
|
requirements:
|
|
152
|
-
- - "
|
|
154
|
+
- - "~>"
|
|
153
155
|
- !ruby/object:Gem::Version
|
|
154
|
-
version: '
|
|
156
|
+
version: '2.1'
|
|
155
157
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
158
|
requirements:
|
|
157
159
|
- - ">="
|
|
@@ -159,11 +161,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
159
161
|
version: '0'
|
|
160
162
|
requirements: []
|
|
161
163
|
rubyforge_project:
|
|
162
|
-
rubygems_version: 2.4
|
|
164
|
+
rubygems_version: 2.6.4
|
|
163
165
|
signing_key:
|
|
164
166
|
specification_version: 4
|
|
165
167
|
summary: access control for rails controller/action
|
|
166
168
|
test_files:
|
|
167
169
|
- test/controller_test.rb
|
|
168
170
|
- test/decision_test.rb
|
|
171
|
+
- test/namespace_test.rb
|
|
169
172
|
- test/test_helper.rb
|