strong_actions 0.0.9 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +37 -34
- data/HISTORY.md +5 -0
- data/README.md +30 -30
- data/lib/strong_actions/version.rb +1 -1
- data/strong_actions.gemspec +5 -5
- metadata +18 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 50e942a006bbdf85a8eaeca098f6a25613c0ae0d
|
4
|
+
data.tar.gz: 0baceb772e16461e26cab97ce45d63acfd606ac1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6584b0501fdcd0f7d26f62f90064f22e40f0bffe6ab769d03e3c71e77b6a318e8470f68e75464a6168f3584f767407b19b32003ec74b29e472b2b1249c658e74
|
7
|
+
data.tar.gz: e7f9ecc39c109054f3bfeeb7be293fd3d80644519ad9f27ea8b60afd07d02cf6c0e8d36f504f7a5137d1d910fc701c1428ab84e8071943405946b369c6ef958b
|
data/Gemfile.lock
CHANGED
@@ -1,71 +1,74 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
strong_actions (0.0
|
5
|
-
actionpack (>= 4.
|
6
|
-
activesupport (>= 4.
|
7
|
-
railties (>= 4.
|
4
|
+
strong_actions (0.1.0)
|
5
|
+
actionpack (>= 4.2, < 5.2)
|
6
|
+
activesupport (>= 4.2, < 5.2)
|
7
|
+
railties (>= 4.2, < 5.2)
|
8
8
|
|
9
9
|
GEM
|
10
10
|
remote: https://rubygems.org/
|
11
11
|
specs:
|
12
|
-
actionpack (5.
|
13
|
-
actionview (= 5.
|
14
|
-
activesupport (= 5.
|
12
|
+
actionpack (5.1.4)
|
13
|
+
actionview (= 5.1.4)
|
14
|
+
activesupport (= 5.1.4)
|
15
15
|
rack (~> 2.0)
|
16
|
-
rack-test (
|
16
|
+
rack-test (>= 0.6.3)
|
17
17
|
rails-dom-testing (~> 2.0)
|
18
18
|
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
19
|
-
actionview (5.
|
20
|
-
activesupport (= 5.
|
19
|
+
actionview (5.1.4)
|
20
|
+
activesupport (= 5.1.4)
|
21
21
|
builder (~> 3.1)
|
22
|
-
|
22
|
+
erubi (~> 1.4)
|
23
23
|
rails-dom-testing (~> 2.0)
|
24
24
|
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
25
|
-
activesupport (5.
|
25
|
+
activesupport (5.1.4)
|
26
26
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
27
27
|
i18n (~> 0.7)
|
28
28
|
minitest (~> 5.1)
|
29
29
|
tzinfo (~> 1.1)
|
30
30
|
builder (3.2.3)
|
31
31
|
concurrent-ruby (1.0.5)
|
32
|
-
|
33
|
-
|
34
|
-
|
32
|
+
crass (1.0.3)
|
33
|
+
erubi (1.7.0)
|
34
|
+
i18n (0.9.4)
|
35
|
+
concurrent-ruby (~> 1.0)
|
36
|
+
loofah (2.1.1)
|
37
|
+
crass (~> 1.0.2)
|
35
38
|
nokogiri (>= 1.5.9)
|
36
|
-
method_source (0.
|
37
|
-
mini_portile2 (2.
|
38
|
-
minitest (5.
|
39
|
-
nokogiri (1.
|
40
|
-
mini_portile2 (~> 2.
|
41
|
-
rack (2.0.
|
42
|
-
rack-test (0.
|
43
|
-
rack (>= 1.0)
|
44
|
-
rails-dom-testing (2.0.
|
45
|
-
activesupport (>= 4.2.0
|
46
|
-
nokogiri (
|
39
|
+
method_source (0.9.0)
|
40
|
+
mini_portile2 (2.3.0)
|
41
|
+
minitest (5.11.3)
|
42
|
+
nokogiri (1.8.2)
|
43
|
+
mini_portile2 (~> 2.3.0)
|
44
|
+
rack (2.0.4)
|
45
|
+
rack-test (0.8.2)
|
46
|
+
rack (>= 1.0, < 3)
|
47
|
+
rails-dom-testing (2.0.3)
|
48
|
+
activesupport (>= 4.2.0)
|
49
|
+
nokogiri (>= 1.6)
|
47
50
|
rails-html-sanitizer (1.0.3)
|
48
51
|
loofah (~> 2.0)
|
49
|
-
railties (5.
|
50
|
-
actionpack (= 5.
|
51
|
-
activesupport (= 5.
|
52
|
+
railties (5.1.4)
|
53
|
+
actionpack (= 5.1.4)
|
54
|
+
activesupport (= 5.1.4)
|
52
55
|
method_source
|
53
56
|
rake (>= 0.8.7)
|
54
57
|
thor (>= 0.18.1, < 2.0)
|
55
|
-
rake (12.
|
56
|
-
thor (0.
|
58
|
+
rake (12.3.0)
|
59
|
+
thor (0.20.0)
|
57
60
|
thread_safe (0.3.6)
|
58
|
-
tzinfo (1.2.
|
61
|
+
tzinfo (1.2.5)
|
59
62
|
thread_safe (~> 0.1)
|
60
63
|
|
61
64
|
PLATFORMS
|
62
65
|
ruby
|
63
66
|
|
64
67
|
DEPENDENCIES
|
65
|
-
bundler (~> 1.
|
68
|
+
bundler (~> 1.16)
|
66
69
|
minitest
|
67
70
|
rake (~> 12.0)
|
68
71
|
strong_actions!
|
69
72
|
|
70
73
|
BUNDLED WITH
|
71
|
-
1.
|
74
|
+
1.16.1
|
data/HISTORY.md
CHANGED
data/README.md
CHANGED
@@ -26,53 +26,53 @@ Suppose method "current_user" is available for controllers and views,
|
|
26
26
|
and user has an attribute called admin and only admin can modify resource "users",
|
27
27
|
|
28
28
|
then prepare config/acl.yml
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
29
|
+
```yaml
|
30
|
+
current_user:
|
31
|
+
users:
|
32
|
+
new: admin?
|
33
|
+
create: admin?
|
34
|
+
edit: admin?
|
35
|
+
update: admin?
|
36
|
+
destroy: admin?
|
37
|
+
```
|
38
38
|
In above case, when a non-admin user try to access new_user_path, StrongActions::ForbiddenAction is thrown.
|
39
39
|
|
40
40
|
if all actions are restricted in the same way, you can make a definition on controller level.
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
41
|
+
```yaml
|
42
|
+
current_user:
|
43
|
+
users: admin?
|
44
|
+
```
|
45
45
|
controller definition can be namespaced.
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
46
|
+
```yaml
|
47
|
+
current_user:
|
48
|
+
admin/users: admin?
|
49
|
+
```
|
50
50
|
if you have multiple controllers under a namespace, namespace can be used.
|
51
51
|
ending with '/' indicates that is for namespace 'admin' and not controller 'admin'.
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
52
|
+
```yaml
|
53
|
+
current_user:
|
54
|
+
admin/: admin?
|
55
|
+
```
|
56
56
|
|
57
57
|
### Handling error in controller
|
58
58
|
|
59
59
|
In application_controller.rb, the error should be rescued like
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
60
|
+
```ruby
|
61
|
+
rescue_from StrongActions::ForbiddenAction do
|
62
|
+
render :file => 'public/403.html', :layout => false, :status => :forbidden
|
63
|
+
end
|
64
|
+
```
|
65
65
|
In above case, all the forbidden accesses are handled by public/403.html.
|
66
66
|
|
67
67
|
### Disabling forbidden link in view
|
68
68
|
|
69
69
|
In views, use helper method "available?" so that links for forbidden actions are not shown.
|
70
|
-
|
71
|
-
|
72
|
-
|
70
|
+
```erb
|
71
|
+
<%= link_to 'Add User' new_user_path if available?('users', 'new') %>
|
72
|
+
```
|
73
73
|
## Contributing
|
74
74
|
|
75
|
-
1. Fork it ( https://github.com/
|
75
|
+
1. Fork it ( https://github.com/hybitz/strong_actions/fork )
|
76
76
|
2. Create your feature branch (`git checkout -b my-new-feature`)
|
77
77
|
3. Commit your changes (`git commit -am 'Add some feature'`)
|
78
78
|
4. Push to the branch (`git push origin my-new-feature`)
|
data/strong_actions.gemspec
CHANGED
@@ -17,13 +17,13 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
18
18
|
spec.require_paths = ["lib"]
|
19
19
|
|
20
|
-
spec.required_ruby_version = '~> 2.
|
20
|
+
spec.required_ruby_version = '~> 2.2'
|
21
21
|
|
22
|
-
spec.add_dependency "activesupport", '>= 4.
|
23
|
-
spec.add_dependency "actionpack", '>= 4.
|
24
|
-
spec.add_dependency "railties", '>= 4.
|
22
|
+
spec.add_dependency "activesupport", '>= 4.2', '< 5.2'
|
23
|
+
spec.add_dependency "actionpack", '>= 4.2', '< 5.2'
|
24
|
+
spec.add_dependency "railties", '>= 4.2', '< 5.2'
|
25
25
|
|
26
|
-
spec.add_development_dependency "bundler", "~> 1.
|
26
|
+
spec.add_development_dependency "bundler", "~> 1.16"
|
27
27
|
spec.add_development_dependency "minitest"
|
28
28
|
spec.add_development_dependency "rake", "~> 12.0"
|
29
29
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: strong_actions
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- ichy
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-02-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,74 +16,74 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '4.
|
19
|
+
version: '4.2'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: '5.
|
22
|
+
version: '5.2'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '4.
|
29
|
+
version: '4.2'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: '5.
|
32
|
+
version: '5.2'
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: actionpack
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
36
36
|
requirements:
|
37
37
|
- - ">="
|
38
38
|
- !ruby/object:Gem::Version
|
39
|
-
version: '4.
|
39
|
+
version: '4.2'
|
40
40
|
- - "<"
|
41
41
|
- !ruby/object:Gem::Version
|
42
|
-
version: '5.
|
42
|
+
version: '5.2'
|
43
43
|
type: :runtime
|
44
44
|
prerelease: false
|
45
45
|
version_requirements: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
47
|
- - ">="
|
48
48
|
- !ruby/object:Gem::Version
|
49
|
-
version: '4.
|
49
|
+
version: '4.2'
|
50
50
|
- - "<"
|
51
51
|
- !ruby/object:Gem::Version
|
52
|
-
version: '5.
|
52
|
+
version: '5.2'
|
53
53
|
- !ruby/object:Gem::Dependency
|
54
54
|
name: railties
|
55
55
|
requirement: !ruby/object:Gem::Requirement
|
56
56
|
requirements:
|
57
57
|
- - ">="
|
58
58
|
- !ruby/object:Gem::Version
|
59
|
-
version: '4.
|
59
|
+
version: '4.2'
|
60
60
|
- - "<"
|
61
61
|
- !ruby/object:Gem::Version
|
62
|
-
version: '5.
|
62
|
+
version: '5.2'
|
63
63
|
type: :runtime
|
64
64
|
prerelease: false
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
66
66
|
requirements:
|
67
67
|
- - ">="
|
68
68
|
- !ruby/object:Gem::Version
|
69
|
-
version: '4.
|
69
|
+
version: '4.2'
|
70
70
|
- - "<"
|
71
71
|
- !ruby/object:Gem::Version
|
72
|
-
version: '5.
|
72
|
+
version: '5.2'
|
73
73
|
- !ruby/object:Gem::Dependency
|
74
74
|
name: bundler
|
75
75
|
requirement: !ruby/object:Gem::Requirement
|
76
76
|
requirements:
|
77
77
|
- - "~>"
|
78
78
|
- !ruby/object:Gem::Version
|
79
|
-
version: '1.
|
79
|
+
version: '1.16'
|
80
80
|
type: :development
|
81
81
|
prerelease: false
|
82
82
|
version_requirements: !ruby/object:Gem::Requirement
|
83
83
|
requirements:
|
84
84
|
- - "~>"
|
85
85
|
- !ruby/object:Gem::Version
|
86
|
-
version: '1.
|
86
|
+
version: '1.16'
|
87
87
|
- !ruby/object:Gem::Dependency
|
88
88
|
name: minitest
|
89
89
|
requirement: !ruby/object:Gem::Requirement
|
@@ -153,7 +153,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
153
153
|
requirements:
|
154
154
|
- - "~>"
|
155
155
|
- !ruby/object:Gem::Version
|
156
|
-
version: '2.
|
156
|
+
version: '2.2'
|
157
157
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
158
158
|
requirements:
|
159
159
|
- - ">="
|
@@ -161,7 +161,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
161
161
|
version: '0'
|
162
162
|
requirements: []
|
163
163
|
rubyforge_project:
|
164
|
-
rubygems_version: 2.6.
|
164
|
+
rubygems_version: 2.6.13
|
165
165
|
signing_key:
|
166
166
|
specification_version: 4
|
167
167
|
summary: access control for rails controller/action
|