the_role 2.0.2 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +36 -21
- data/app/controllers/admin/roles_controller.rb +5 -1
- data/lib/the_role/version.rb +1 -1
- data/lib/the_role.rb +4 -9
- metadata +5 -10
data/README.md
CHANGED
@@ -106,6 +106,16 @@ def self.up
|
|
106
106
|
end
|
107
107
|
```
|
108
108
|
|
109
|
+
### Change User model
|
110
|
+
|
111
|
+
```ruby
|
112
|
+
class User < ActiveRecord::Base
|
113
|
+
include TheRoleUserModel
|
114
|
+
|
115
|
+
# has_many :pages
|
116
|
+
end
|
117
|
+
```
|
118
|
+
|
109
119
|
### Create Role model
|
110
120
|
|
111
121
|
Generate Role model
|
@@ -154,14 +164,14 @@ class ApplicationController < ActionController::Base
|
|
154
164
|
|
155
165
|
# your Access Denied processor
|
156
166
|
def access_denied
|
157
|
-
return render(text: 'access_denied: requires
|
167
|
+
return render(text: 'access_denied: requires a role')
|
158
168
|
end
|
159
169
|
|
160
170
|
# 1) LOGIN_REQUIRE => authenticate_user! for Devise
|
161
171
|
# 2) LOGIN_REQUIRE => require_login for Sorcery
|
162
172
|
# 3) LOGIN_REQUIRE => user_require_method for other Authentication solution
|
163
173
|
|
164
|
-
# Define aliases
|
174
|
+
# Define method aliases for the correct TheRole's controller work
|
165
175
|
alias_method :login_required, :LOGIN_REQUIRE
|
166
176
|
alias_method :role_access_denied, :access_denied
|
167
177
|
end
|
@@ -177,6 +187,10 @@ class PagesController < ApplicationController
|
|
177
187
|
before_action :set_page, only: [:edit, :update, :destroy]
|
178
188
|
before_action :owner_required, only: [:edit, :update, :destroy]
|
179
189
|
|
190
|
+
def edit
|
191
|
+
# ONLY OWNER CAN EDIT THIS PAGE
|
192
|
+
end
|
193
|
+
|
180
194
|
private
|
181
195
|
|
182
196
|
def set_page
|
@@ -184,7 +198,7 @@ class PagesController < ApplicationController
|
|
184
198
|
|
185
199
|
# TheRole: You should define OWNER CHECK OBJECT
|
186
200
|
# When editable object was found
|
187
|
-
# You should
|
201
|
+
# You should define @owner_check_object before invoking **owner_required** method
|
188
202
|
@owner_check_object = @page
|
189
203
|
end
|
190
204
|
end
|
@@ -199,7 +213,7 @@ end
|
|
199
213
|
//= require the_role
|
200
214
|
```
|
201
215
|
|
202
|
-
If you
|
216
|
+
If you don't use **bootstrap-sass** gem you should add the following componetns from your bootstrap version instead **the_role/bootstrap_sass**:
|
203
217
|
|
204
218
|
```
|
205
219
|
bootstrap/variables
|
@@ -236,17 +250,17 @@ end
|
|
236
250
|
|
237
251
|
## Understanding
|
238
252
|
|
239
|
-
#### TheRole instead CanCan?
|
253
|
+
#### TheRole instead of CanCan?
|
240
254
|
|
241
|
-
TheRole in contrast to CanCan has simple and predefined way to find access state
|
255
|
+
TheRole in contrast to CanCan has simple and predefined way to find access state of current role. If you don't want to create your own role scheme with CanCan Abilities - TheRole can be a great solution for your.
|
242
256
|
|
243
|
-
You can manage roles with simple UI. TheRole's ACL structure inspired by Rails controllers, that is why it's so great for Rails application.
|
257
|
+
You can manage roles with simple UI. TheRole's ACL structure is inspired by Rails controllers, that is why it's so great for Rails application.
|
244
258
|
|
245
259
|
#### What does it mean semantic?
|
246
260
|
|
247
|
-
Semantic - the science of meaning. Human should
|
261
|
+
Semantic - the science of meaning. Human should be able to understand fast what is happening in a role system.
|
248
262
|
|
249
|
-
Look at next Role hash. If you can understand access rules - this authorization system is
|
263
|
+
Look at the next Role hash. If you can understand access rules - this authorization system is semantic.
|
250
264
|
|
251
265
|
```ruby
|
252
266
|
role = {
|
@@ -298,11 +312,11 @@ And you can use them as well as other access rules.
|
|
298
312
|
|
299
313
|
#### Who is Administrator?
|
300
314
|
|
301
|
-
Administrator
|
315
|
+
Administrator is the user who can access any section and the rules of your application.
|
302
316
|
|
303
317
|
Administrator is the owner of any objects in your application.
|
304
318
|
|
305
|
-
Administrator
|
319
|
+
Administrator is the user, which has virtual section **system** and rule **administrator** in the role-hash.
|
306
320
|
|
307
321
|
|
308
322
|
```ruby
|
@@ -315,11 +329,11 @@ admin_role_fragment = {
|
|
315
329
|
|
316
330
|
#### Who is Moderator?
|
317
331
|
|
318
|
-
Moderator
|
332
|
+
Moderator is the user, which has access to any actions of some section(s).
|
319
333
|
|
320
|
-
Moderator is
|
334
|
+
Moderator is the owner of any objects of some class.
|
321
335
|
|
322
|
-
Moderator
|
336
|
+
Moderator is the user, which has a virtual section **moderator**, with **section name** as rule name.
|
323
337
|
|
324
338
|
There is Moderator of Pages (controller) and Twitter (virtual section)
|
325
339
|
|
@@ -365,7 +379,7 @@ Is it Moderator?
|
|
365
379
|
@user.moderator?(:articles) => true | false
|
366
380
|
```
|
367
381
|
|
368
|
-
Has
|
382
|
+
Has user got an access to **rule** of **section** (action of controller)?
|
369
383
|
|
370
384
|
```ruby
|
371
385
|
@user.has_role?(:pages, :show) => true | false
|
@@ -373,7 +387,7 @@ Has a user an access to **rule** of **section** (action of controller)?
|
|
373
387
|
@user.has_role?(:articles, :edit) => true | false
|
374
388
|
```
|
375
389
|
|
376
|
-
Is
|
390
|
+
Is user **Owner** of object?
|
377
391
|
|
378
392
|
```ruby
|
379
393
|
@user.owner?(@page) => true | false
|
@@ -421,19 +435,19 @@ Is it **Owner** of object?
|
|
421
435
|
#### UPDATE
|
422
436
|
|
423
437
|
```ruby
|
424
|
-
# set this rule on
|
438
|
+
# set this rule on
|
425
439
|
@role.rule_on(:pages, :index)
|
426
440
|
```
|
427
441
|
|
428
442
|
```ruby
|
429
|
-
# set this rule
|
443
|
+
# set this rule off
|
430
444
|
@role.rule_off(:pages, :index)
|
431
445
|
```
|
432
446
|
|
433
447
|
```ruby
|
434
448
|
# Incoming hash is true-mask-hash
|
435
|
-
# All rules of Role will be
|
436
|
-
# Only rules from true-mask-hash will be set
|
449
|
+
# All the rules of the Role will be reseted to false
|
450
|
+
# Only rules from true-mask-hash will be set true
|
437
451
|
new_role_hash = {
|
438
452
|
:pages => {
|
439
453
|
:index => true,
|
@@ -450,12 +464,13 @@ new_role_hash = {
|
|
450
464
|
# delete a section
|
451
465
|
@role.delete_section(:pages)
|
452
466
|
|
453
|
-
# delete rule in section
|
467
|
+
# delete a rule in section
|
454
468
|
@role.delete_rule(:pages, :show)
|
455
469
|
```
|
456
470
|
|
457
471
|
#### Changelog
|
458
472
|
|
473
|
+
* 2.0.3 - create role fix, cleanup
|
459
474
|
* 2.0.2 - code cleanup, readme
|
460
475
|
* 2.0.1 - code cleanup
|
461
476
|
* 2.0.0 - Rails 4 ready, configurable, tests
|
@@ -19,7 +19,7 @@ class Admin::RolesController < ApplicationController
|
|
19
19
|
def edit; end
|
20
20
|
|
21
21
|
def create
|
22
|
-
@role = Role.new
|
22
|
+
@role = Role.new role_params
|
23
23
|
|
24
24
|
if @role.save
|
25
25
|
flash[:notice] = t 'the_role.role_created'
|
@@ -46,6 +46,10 @@ class Admin::RolesController < ApplicationController
|
|
46
46
|
|
47
47
|
protected
|
48
48
|
|
49
|
+
def role_params
|
50
|
+
params.require(:role).permit(:name, :title, :description)
|
51
|
+
end
|
52
|
+
|
49
53
|
def role_find
|
50
54
|
@role = Role.find params[:id]
|
51
55
|
|
data/lib/the_role/version.rb
CHANGED
data/lib/the_role.rb
CHANGED
@@ -7,16 +7,11 @@ require 'the_role/param_helper'
|
|
7
7
|
|
8
8
|
module TheRole
|
9
9
|
class Engine < Rails::Engine
|
10
|
-
initializer "TheRole precompile hook", :
|
11
|
-
|
12
|
-
end
|
10
|
+
# initializer "TheRole precompile hook", group: :all do |app|
|
11
|
+
# app.config.assets.precompile += %w( x.js y.css )
|
12
|
+
# end
|
13
13
|
|
14
14
|
# http://stackoverflow.com/questions/6279325/adding-to-rails-autoload-path-from-gem
|
15
|
-
|
16
|
-
# config.to_prepare do
|
17
|
-
# Role.send :include, TheRole::RoleModel if the_class_exists? :Role
|
18
|
-
# User.send :include, TheRole::UserModel if the_class_exists? :User
|
19
|
-
# ApplicationController.send :include, TheRole::Requires if the_class_exists? :ApplicationController
|
20
|
-
# end
|
15
|
+
# config.to_prepare do; end
|
21
16
|
end
|
22
17
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: the_role
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.3
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-
|
12
|
+
date: 2013-06-11 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: haml
|
16
|
-
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirement: &76998310 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ! '>='
|
@@ -21,12 +21,7 @@ dependencies:
|
|
21
21
|
version: '0'
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
|
-
version_requirements:
|
25
|
-
none: false
|
26
|
-
requirements:
|
27
|
-
- - ! '>='
|
28
|
-
- !ruby/object:Gem::Version
|
29
|
-
version: '0'
|
24
|
+
version_requirements: *76998310
|
30
25
|
description: Authorization for Rails 4 with Web Interface
|
31
26
|
email:
|
32
27
|
- zykin-ilya@ya.ru
|
@@ -94,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
94
89
|
version: '0'
|
95
90
|
requirements: []
|
96
91
|
rubyforge_project: the_role
|
97
|
-
rubygems_version: 1.8.
|
92
|
+
rubygems_version: 1.8.15
|
98
93
|
signing_key:
|
99
94
|
specification_version: 3
|
100
95
|
summary: Authorization for Rails 4
|