subroutine 0.5.2 → 0.5.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/subroutine/auth.rb +21 -0
- data/lib/subroutine/version.rb +1 -1
- data/test/subroutine/auth_test.rb +21 -0
- data/test/support/ops.rb +36 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 51dd4d01f29eee0ec20fedb8cd5fc0de95ce73db
|
|
4
|
+
data.tar.gz: 8dad3a9f2520e5512c2132a56ed75867f9c4b4fa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bedcc9b19e8e29542920bfb858a2022440d99486b85da42f9d7aed895487e24fc249bfc379301f5e07f7348af769a0e3dced6873746c030bd51b117d3c2b4e23
|
|
7
|
+
data.tar.gz: 49c40b9764b62942b64623b1891fb1626e6c6756d627b99c3fa10f62f8d1f7c792a55286fbcedf4ee5ad3d969387e67303fcfb982fe0519f077bdf6d0c76026d
|
data/lib/subroutine/auth.rb
CHANGED
|
@@ -58,11 +58,32 @@ module Subroutine
|
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
# policy :can_update_user
|
|
61
|
+
# policy :can_update_user, unless: :dont_do_it
|
|
62
|
+
# policy :can_update_user, if: :do_it
|
|
61
63
|
# policy :can_do_whatever, policy: :foo_policy
|
|
62
64
|
def policy(*meths)
|
|
63
65
|
opts = meths.extract_options!
|
|
64
66
|
policy_name = opts[:policy] || :policy
|
|
67
|
+
|
|
68
|
+
if_conditionals = Array(opts[:if])
|
|
69
|
+
unless_conditionals = Array( opts[:unless])
|
|
70
|
+
|
|
65
71
|
validate unless: :skip_auth_checks? do
|
|
72
|
+
run_it = true
|
|
73
|
+
# http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions
|
|
74
|
+
|
|
75
|
+
# The validation only runs when all the :if conditions
|
|
76
|
+
if if_conditionals.present?
|
|
77
|
+
run_it &&= if_conditionals.all? { |i| send(i) }
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
# and none of the :unless conditions are evaluated to true.
|
|
81
|
+
if unless_conditionals.present?
|
|
82
|
+
run_it &&= unless_conditionals.none? { |u| send(u) }
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
next unless run_it
|
|
86
|
+
|
|
66
87
|
p = self.send(policy_name)
|
|
67
88
|
if !p || meths.any?{|m| !(p.respond_to?("#{m}?") ? p.send("#{m}?") : p.send(m)) }
|
|
68
89
|
unauthorized! opts[:error]
|
data/lib/subroutine/version.rb
CHANGED
|
@@ -65,5 +65,26 @@ module Subroutine
|
|
|
65
65
|
op.submit!
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
+
def test_it_runs_policies_with_conditionals
|
|
69
|
+
# if: false
|
|
70
|
+
op = IfConditionalPolicyOp.new(user, check_policy: false)
|
|
71
|
+
assert op.submit!
|
|
72
|
+
# unless: true
|
|
73
|
+
op = UnlessConditionalPolicyOp.new(user, unless_check_policy: true)
|
|
74
|
+
assert op.submit!
|
|
75
|
+
|
|
76
|
+
# if: true
|
|
77
|
+
op = IfConditionalPolicyOp.new(user, check_policy: true)
|
|
78
|
+
assert_raises ::Subroutine::Auth::NotAuthorizedError do
|
|
79
|
+
op.submit!
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# unless: false
|
|
83
|
+
op = UnlessConditionalPolicyOp.new(user, unless_check_policy: false)
|
|
84
|
+
assert_raises ::Subroutine::Auth::NotAuthorizedError do
|
|
85
|
+
op.submit!
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
68
89
|
end
|
|
69
90
|
end
|
data/test/support/ops.rb
CHANGED
|
@@ -174,6 +174,42 @@ class PolicyOp < OpWithAuth
|
|
|
174
174
|
end
|
|
175
175
|
end
|
|
176
176
|
|
|
177
|
+
class IfConditionalPolicyOp < OpWithAuth
|
|
178
|
+
|
|
179
|
+
class FakePolicy
|
|
180
|
+
def user_can_access?
|
|
181
|
+
false
|
|
182
|
+
end
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
require_user!
|
|
186
|
+
boolean :check_policy
|
|
187
|
+
validates :check_policy, inclusion: { in: [true,false] }
|
|
188
|
+
policy :user_can_access?, if: :check_policy
|
|
189
|
+
|
|
190
|
+
def policy
|
|
191
|
+
@policy ||= FakePolicy.new
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
class UnlessConditionalPolicyOp < OpWithAuth
|
|
196
|
+
|
|
197
|
+
class FakePolicy
|
|
198
|
+
def user_can_access?
|
|
199
|
+
false
|
|
200
|
+
end
|
|
201
|
+
end
|
|
202
|
+
|
|
203
|
+
require_user!
|
|
204
|
+
boolean :unless_check_policy
|
|
205
|
+
validates :unless_check_policy, inclusion: { in: [true,false] }
|
|
206
|
+
policy :user_can_access?, unless: :unless_check_policy
|
|
207
|
+
|
|
208
|
+
def policy
|
|
209
|
+
@policy ||= FakePolicy.new
|
|
210
|
+
end
|
|
211
|
+
end
|
|
212
|
+
|
|
177
213
|
|
|
178
214
|
class OpWithAssociation < ::Subroutine::Op
|
|
179
215
|
include ::Subroutine::Association
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: subroutine
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mike Nelson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activemodel
|