strongbolt 0.3.6 → 0.3.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -0
- data/README.md +6 -5
- data/app/views/strongbolt/roles/_form.html.erb +2 -2
- data/app/views/strongbolt/user_groups/_form.html.erb +2 -2
- data/lib/strongbolt.rb +3 -2
- data/lib/strongbolt/bolted_controller.rb +7 -7
- data/lib/strongbolt/helpers.rb +1 -1
- data/lib/strongbolt/version.rb +1 -1
- data/strongbolt.gemspec +2 -1
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: baf025ec21753dc7118e68781d9bb7b2daa018ce
|
|
4
|
+
data.tar.gz: d2d254b7e26d55c1c8f5ec0ce76dd4a02dada6d5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9704256eb913654a8051046032810c01d731c42fdb4e216adabd9004d0cb2342dac42974ea281a4b414fe3d4f285885560a02640868b344b212a9fff481d070e
|
|
7
|
+
data.tar.gz: 715958487be1fe8ecd319d1a1a35979cff78c2a5a933dd4f42832d02c9177240f50ad369f42f200d08bdc382e2129682dd2f4b7ae827967779ceaf23cee01d2b
|
data/Gemfile.lock
CHANGED
|
@@ -4,6 +4,7 @@ PATH
|
|
|
4
4
|
strongbolt (0.3.6)
|
|
5
5
|
awesome_nested_set (~> 3.0.0)
|
|
6
6
|
grant (~> 3.0)
|
|
7
|
+
simple_form (~> 3.0)
|
|
7
8
|
|
|
8
9
|
GEM
|
|
9
10
|
remote: https://rubygems.org/
|
|
@@ -96,6 +97,9 @@ GEM
|
|
|
96
97
|
ruby-progressbar (1.6.0)
|
|
97
98
|
shoulda-matchers (2.7.0)
|
|
98
99
|
activesupport (>= 3.0.0)
|
|
100
|
+
simple_form (3.2.1)
|
|
101
|
+
actionpack (> 4, < 5.1)
|
|
102
|
+
activemodel (> 4, < 5.1)
|
|
99
103
|
sprockets (2.12.3)
|
|
100
104
|
hike (~> 1.2)
|
|
101
105
|
multi_json (~> 1.0)
|
data/README.md
CHANGED
|
@@ -8,8 +8,7 @@ Only works with Rails 4.
|
|
|
8
8
|
|
|
9
9
|
Add this line to your application's Gemfile:
|
|
10
10
|
|
|
11
|
-
gem '
|
|
12
|
-
gem 'strongbolt', git: "git@github.com:AnalyticsMediaGroup/strongbolt.git"
|
|
11
|
+
gem 'strongbolt'
|
|
13
12
|
|
|
14
13
|
And then execute:
|
|
15
14
|
|
|
@@ -73,7 +72,7 @@ skip_controller_authorization, except: [:update]
|
|
|
73
72
|
You can also specify a list of controllers in the initializer `config/initializers/strongbolt.rb`. It is useful for third-party controllers, like devise for instance. The syntax is:
|
|
74
73
|
|
|
75
74
|
```ruby
|
|
76
|
-
config.skip_controller_authorization_for "Devise::
|
|
75
|
+
config.skip_controller_authorization_for "Devise::Sessions", "Devise::Registrations"
|
|
77
76
|
```
|
|
78
77
|
|
|
79
78
|
You can also skip ALL authorization checks (BAD IDEA) using:
|
|
@@ -123,10 +122,12 @@ Strongbolt comes with a table, `strongbolt_users_tenants`, that will store what
|
|
|
123
122
|
|
|
124
123
|
When a tenant is declared, it will add some features to the _User class_ that has been defined in the initializer.
|
|
125
124
|
|
|
126
|
-
First, an association between the _User class_ and the _Tenant class_ will be created, named after the _Tenant class_ name. It is a `has_many :trough => :users_tenants_` association.
|
|
125
|
+
First, an association between the _User class_ and the _Tenant class_ will be created, named after the _Tenant class_ name. It is a `has_many :trough => :users_tenants_` association. You can grant or revoke access to tenants just by interacting with that association.
|
|
127
126
|
|
|
128
127
|
> For instance, a `Company` tenant will generate a `companies` association.
|
|
129
128
|
|
|
129
|
+
> To grant access to `companyA` to the user `myUser`, you just add it to the association `myUser.companies << companyA`. To revoke access to all companies the user might have, you would use `myUser.companies.clear`.
|
|
130
|
+
|
|
130
131
|
A convenient instance method will also be created on the _User class_ to directly access the list of _Tenant class_ a _User_ can access. It is name `accessible_{tenants}` where `{tenants}` is the pluralize version of the _Tenant class_ name.
|
|
131
132
|
|
|
132
133
|
> `Company` will create an `accessible_companies` instance method
|
|
@@ -149,7 +150,7 @@ Strongbolt will then create a `has_one` association on every tenanted model, so
|
|
|
149
150
|
|
|
150
151
|
Strongbolt's capabilites have a boolean attribute, `require_tenant_access`, that specify whether the user can access all _tenanted models_ or only the ones that belong to the _Tenants_ he has access to.
|
|
151
152
|
|
|
152
|
-
> Let's look back at the example. Each
|
|
153
|
+
> Let's look back at the example. Each company has several _projects_. The normal user, belonging to a company, would only have access to his companies projects. You would then define a capability *requiring tenant access* for the normal user.
|
|
153
154
|
|
|
154
155
|
> An admin user, on the other hand, like an engineer of the application, could have access to all the companies' projects. An engineer's projects' permissions would then *not require tenant access*
|
|
155
156
|
|
|
@@ -7,6 +7,6 @@
|
|
|
7
7
|
<%= f.input :parent_id, collection: Role.where.not(id: @role.id).order('parent_id IS NOT NULL', :parent_id, :name) %>
|
|
8
8
|
<%= f.input :description %>
|
|
9
9
|
|
|
10
|
-
<%= f.button :
|
|
10
|
+
<%= f.button :submit, class: 'btn-primary', value: 'Save' %>
|
|
11
11
|
|
|
12
|
-
<% end %>
|
|
12
|
+
<% end %>
|
data/lib/strongbolt.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require "active_record"
|
|
2
2
|
require "awesome_nested_set"
|
|
3
|
+
require "simple_form"
|
|
3
4
|
|
|
4
5
|
require "grant/grantable"
|
|
5
6
|
require "grant/status"
|
|
@@ -58,7 +59,7 @@ module Strongbolt
|
|
|
58
59
|
def self.table_name_prefix
|
|
59
60
|
'strongbolt_'
|
|
60
61
|
end
|
|
61
|
-
|
|
62
|
+
|
|
62
63
|
# Delegates to the configuration the access denied
|
|
63
64
|
def_delegators Configuration, :access_denied, :logger, :tenants, :user_class, :user_class_constant,
|
|
64
65
|
:default_capabilities
|
|
@@ -198,7 +199,7 @@ end
|
|
|
198
199
|
|
|
199
200
|
#
|
|
200
201
|
# We add a method to any object to quickly tell which method
|
|
201
|
-
# should not have any authorization check perform
|
|
202
|
+
# should not have any authorization check perform
|
|
202
203
|
#
|
|
203
204
|
class Object
|
|
204
205
|
def self.perform_without_authorization *method_names
|
|
@@ -13,7 +13,7 @@ module Strongbolt
|
|
|
13
13
|
:create => :create,
|
|
14
14
|
:destroy => :destroy
|
|
15
15
|
}
|
|
16
|
-
|
|
16
|
+
|
|
17
17
|
module ClassMethods
|
|
18
18
|
#
|
|
19
19
|
# Allows defining a specific model for this controller,
|
|
@@ -26,7 +26,7 @@ module Strongbolt
|
|
|
26
26
|
when nil then nil
|
|
27
27
|
else
|
|
28
28
|
raise ArgumentError, "Model for authorization must be a Class or the name of the Class"
|
|
29
|
-
end
|
|
29
|
+
end
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
#
|
|
@@ -136,7 +136,7 @@ module Strongbolt
|
|
|
136
136
|
end
|
|
137
137
|
|
|
138
138
|
end
|
|
139
|
-
|
|
139
|
+
|
|
140
140
|
module InstanceMethods
|
|
141
141
|
|
|
142
142
|
def can? *args
|
|
@@ -208,7 +208,7 @@ module Strongbolt
|
|
|
208
208
|
# rescue Strongbolt::ModelNotFound
|
|
209
209
|
# Strongbolt.logger.warn "No class found or defined for controller #{controller_name}"
|
|
210
210
|
# return
|
|
211
|
-
# end
|
|
211
|
+
# end
|
|
212
212
|
|
|
213
213
|
# Unless it is authorized for this action
|
|
214
214
|
unless Strongbolt.current_user.can? crud_operation_of(action_name), obj
|
|
@@ -256,9 +256,9 @@ module Strongbolt
|
|
|
256
256
|
Strongbolt.without_authorization { yield }
|
|
257
257
|
Strongbolt.logger.warn "Authorization were disabled!"
|
|
258
258
|
end
|
|
259
|
-
|
|
259
|
+
|
|
260
260
|
end
|
|
261
|
-
|
|
261
|
+
|
|
262
262
|
def self.included(receiver)
|
|
263
263
|
receiver.class_eval do
|
|
264
264
|
# Compulsory filters
|
|
@@ -294,4 +294,4 @@ module Strongbolt
|
|
|
294
294
|
end # End self.included
|
|
295
295
|
|
|
296
296
|
end
|
|
297
|
-
end
|
|
297
|
+
end
|
data/lib/strongbolt/helpers.rb
CHANGED
data/lib/strongbolt/version.rb
CHANGED
data/strongbolt.gemspec
CHANGED
|
@@ -17,9 +17,10 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
19
19
|
spec.require_paths = ["lib"]
|
|
20
|
-
|
|
20
|
+
|
|
21
21
|
spec.add_dependency 'awesome_nested_set', '~> 3.0.0'
|
|
22
22
|
spec.add_dependency 'grant', '~> 3.0'
|
|
23
|
+
spec.add_dependency 'simple_form', '~> 3.0'
|
|
23
24
|
|
|
24
25
|
spec.add_development_dependency "rails", "~> 4.1.0"
|
|
25
26
|
spec.add_development_dependency "bundler", "> 1.7.0"
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: strongbolt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas Césaré-Herriau
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-02-12 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: awesome_nested_set
|
|
@@ -39,6 +39,20 @@ dependencies:
|
|
|
39
39
|
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
41
|
version: '3.0'
|
|
42
|
+
- !ruby/object:Gem::Dependency
|
|
43
|
+
name: simple_form
|
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
|
45
|
+
requirements:
|
|
46
|
+
- - "~>"
|
|
47
|
+
- !ruby/object:Gem::Version
|
|
48
|
+
version: '3.0'
|
|
49
|
+
type: :runtime
|
|
50
|
+
prerelease: false
|
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
52
|
+
requirements:
|
|
53
|
+
- - "~>"
|
|
54
|
+
- !ruby/object:Gem::Version
|
|
55
|
+
version: '3.0'
|
|
42
56
|
- !ruby/object:Gem::Dependency
|
|
43
57
|
name: rails
|
|
44
58
|
requirement: !ruby/object:Gem::Requirement
|