subroutine 0.5.2 → 0.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/subroutine/auth.rb +21 -0
- data/lib/subroutine/version.rb +1 -1
- data/test/subroutine/auth_test.rb +21 -0
- data/test/support/ops.rb +36 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 51dd4d01f29eee0ec20fedb8cd5fc0de95ce73db
|
|
4
|
+
data.tar.gz: 8dad3a9f2520e5512c2132a56ed75867f9c4b4fa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bedcc9b19e8e29542920bfb858a2022440d99486b85da42f9d7aed895487e24fc249bfc379301f5e07f7348af769a0e3dced6873746c030bd51b117d3c2b4e23
|
|
7
|
+
data.tar.gz: 49c40b9764b62942b64623b1891fb1626e6c6756d627b99c3fa10f62f8d1f7c792a55286fbcedf4ee5ad3d969387e67303fcfb982fe0519f077bdf6d0c76026d
|
data/lib/subroutine/auth.rb
CHANGED
|
@@ -58,11 +58,32 @@ module Subroutine
|
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
# policy :can_update_user
|
|
61
|
+
# policy :can_update_user, unless: :dont_do_it
|
|
62
|
+
# policy :can_update_user, if: :do_it
|
|
61
63
|
# policy :can_do_whatever, policy: :foo_policy
|
|
62
64
|
def policy(*meths)
|
|
63
65
|
opts = meths.extract_options!
|
|
64
66
|
policy_name = opts[:policy] || :policy
|
|
67
|
+
|
|
68
|
+
if_conditionals = Array(opts[:if])
|
|
69
|
+
unless_conditionals = Array( opts[:unless])
|
|
70
|
+
|
|
65
71
|
validate unless: :skip_auth_checks? do
|
|
72
|
+
run_it = true
|
|
73
|
+
# http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions
|
|
74
|
+
|
|
75
|
+
# The validation only runs when all the :if conditions
|
|
76
|
+
if if_conditionals.present?
|
|
77
|
+
run_it &&= if_conditionals.all? { |i| send(i) }
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
# and none of the :unless conditions are evaluated to true.
|
|
81
|
+
if unless_conditionals.present?
|
|
82
|
+
run_it &&= unless_conditionals.none? { |u| send(u) }
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
next unless run_it
|
|
86
|
+
|
|
66
87
|
p = self.send(policy_name)
|
|
67
88
|
if !p || meths.any?{|m| !(p.respond_to?("#{m}?") ? p.send("#{m}?") : p.send(m)) }
|
|
68
89
|
unauthorized! opts[:error]
|
data/lib/subroutine/version.rb
CHANGED
|
@@ -65,5 +65,26 @@ module Subroutine
|
|
|
65
65
|
op.submit!
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
+
def test_it_runs_policies_with_conditionals
|
|
69
|
+
# if: false
|
|
70
|
+
op = IfConditionalPolicyOp.new(user, check_policy: false)
|
|
71
|
+
assert op.submit!
|
|
72
|
+
# unless: true
|
|
73
|
+
op = UnlessConditionalPolicyOp.new(user, unless_check_policy: true)
|
|
74
|
+
assert op.submit!
|
|
75
|
+
|
|
76
|
+
# if: true
|
|
77
|
+
op = IfConditionalPolicyOp.new(user, check_policy: true)
|
|
78
|
+
assert_raises ::Subroutine::Auth::NotAuthorizedError do
|
|
79
|
+
op.submit!
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# unless: false
|
|
83
|
+
op = UnlessConditionalPolicyOp.new(user, unless_check_policy: false)
|
|
84
|
+
assert_raises ::Subroutine::Auth::NotAuthorizedError do
|
|
85
|
+
op.submit!
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
68
89
|
end
|
|
69
90
|
end
|
data/test/support/ops.rb
CHANGED
|
@@ -174,6 +174,42 @@ class PolicyOp < OpWithAuth
|
|
|
174
174
|
end
|
|
175
175
|
end
|
|
176
176
|
|
|
177
|
+
class IfConditionalPolicyOp < OpWithAuth
|
|
178
|
+
|
|
179
|
+
class FakePolicy
|
|
180
|
+
def user_can_access?
|
|
181
|
+
false
|
|
182
|
+
end
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
require_user!
|
|
186
|
+
boolean :check_policy
|
|
187
|
+
validates :check_policy, inclusion: { in: [true,false] }
|
|
188
|
+
policy :user_can_access?, if: :check_policy
|
|
189
|
+
|
|
190
|
+
def policy
|
|
191
|
+
@policy ||= FakePolicy.new
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
class UnlessConditionalPolicyOp < OpWithAuth
|
|
196
|
+
|
|
197
|
+
class FakePolicy
|
|
198
|
+
def user_can_access?
|
|
199
|
+
false
|
|
200
|
+
end
|
|
201
|
+
end
|
|
202
|
+
|
|
203
|
+
require_user!
|
|
204
|
+
boolean :unless_check_policy
|
|
205
|
+
validates :unless_check_policy, inclusion: { in: [true,false] }
|
|
206
|
+
policy :user_can_access?, unless: :unless_check_policy
|
|
207
|
+
|
|
208
|
+
def policy
|
|
209
|
+
@policy ||= FakePolicy.new
|
|
210
|
+
end
|
|
211
|
+
end
|
|
212
|
+
|
|
177
213
|
|
|
178
214
|
class OpWithAssociation < ::Subroutine::Op
|
|
179
215
|
include ::Subroutine::Association
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: subroutine
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mike Nelson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activemodel
|