tiny_admin 0.8.0 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 71d42ca63e3a410de95780d584cdfb61dd94feb95b503f5f55379efabec9477e
-  data.tar.gz: 96c4b375cb65327635199296d11f54335e6c5266dacce39a7316e0eb2844046c
+  metadata.gz: 748ac60bbfef74485795f95728033866510e728572d391b2a3f381fde88434f6
+  data.tar.gz: 59c0a78183a960e28cb1670d4484be18e368ec48cf622bd8034087192385b7dd
 SHA512:
-  metadata.gz: d377537524247253a871e016d3d5e688e47ab07d40c6d33814c5dfc0be761e734d3de3c8c23d3e3981d3f949ce15d230312b4c71fb2d7d6f33aeb45cc352223f
-  data.tar.gz: 4ddb16c2f1fbfefced95deb426cf369d28201866f800eee1f4b14895bd938233f6f67bf51d784a7edf340b48d7a75230a86b679db9ec71c07f18b726c23971a4
+  metadata.gz: 8ba6531f80fbaab695c59a309e7249f071a1f4491fd7800edb2562571beb352d3f4faff625876cf6dc87e9cdcbf8d12d002f343076446c8ad82653c8d488ce78
+  data.tar.gz: 162637202396ce2106c9ad9c2117a22becc3ad99c3a4e0f72f850624089cb110e2eda4ae39aa66e6c4897bb6c5ad0789003d10711c94ba74f28616afa3e5e82a

data/README.md

@@ -19,7 +19,7 @@ Please ⭐ if you like it.
 
 ## Install
 
-- Add to your Gemfile: `gem 'tiny_admin', '~> 0.8'`
+- Add to your Gemfile: `gem 'tiny_admin', '~> 0.10'`
 - Mount the app in a route (check some examples with: Hanami, Rails, Roda and standalone in [extra](extra))
   + in Rails, update _config/routes.rb_: `mount TinyAdmin::Router => '/admin'`
 - Configure the dashboard using `TinyAdmin.configure` and/or `TinyAdmin.configure_from_file` with a YAML config file (see [configuration](#configuration) below):
@@ -43,6 +43,12 @@ Plugins available:
 
 - **NoAuth**: no authentication.
 
+### Authorization
+
+Plugins available:
+
+- **Authorization**: base class to provide an authorization per action, the host application should inherit from it and override the class method `allowed?`.
+
 ### Repository
 
 Plugin available:
@@ -134,6 +140,10 @@ authentication:
   password: 'f1891cea80fc05e433c943254c6bdabc159577a02a7395dfebbfbc4f7661d4af56f2d372131a45936de40160007368a56ef216a30cb202c66d3145fd24380906'
 ```
 
+`authorization_class` (String): a plugin class to use;
+
+> 📚 [Wiki Authentication page](https://github.com/blocknotes/tiny_admin/wiki/Authorization) available
+
 `sections` (Array of hashes): define the admin sections, properties:
 
 - `slug` (String): section reference identifier;
@@ -218,6 +228,8 @@ model: Post
 
 #### Resource index options
 
+> 📚 [Wiki Resource index page](https://github.com/blocknotes/tiny_admin/wiki/Resource-index) available
+
 The Index hash supports the following options:
 
 - `attributes` (Array): fields to expose in the resource list page;
@@ -257,6 +269,8 @@ Example:
 
 #### Resource show options
 
+> 📚 [Wiki Resource show page](https://github.com/blocknotes/tiny_admin/wiki/Resource-show) available
+
 The Show hash supports the following options:
 
 - `attributes` (Array): fields to expose in the resource details page.

data/lib/tiny_admin/actions/index.rb

@@ -58,12 +58,13 @@ module TinyAdmin
         end
       end
 
-      def setup_pagination(page, pagination_component_class, total_count:)
+      def setup_pagination(page, pagination_component, total_count:)
         @pages = (total_count / pagination.to_f).ceil
-        return if pages <= 1 || !pagination_component_class
+        return if pages <= 1 || !pagination_component
 
-        page.pagination_component = pagination_component_class.new
-        page.pagination_component.update_attributes(current: current_page, pages: pages, query_string: query_string)
+        attributes = { current: current_page, pages: pages, query_string: query_string, total_count: total_count }
+        page.pagination_component = pagination_component.new
+        page.pagination_component.update_attributes(attributes)
       end
     end
   end

data/lib/tiny_admin/plugins/authorization.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module TinyAdmin
+  module Plugins
+    class Authorization
+      class << self
+        def allowed?(_user, _action, _param = nil)
+          true
+        end
+      end
+    end
+  end
+end

data/lib/tiny_admin/router.rb

@@ -53,36 +53,45 @@ module TinyAdmin
       render(inline: page.call)
     end
 
-    def root_route(router)
-      if TinyAdmin.settings.root[:redirect]
-        router.redirect route_for(TinyAdmin.settings.root[:redirect])
+    def root_route(req)
+      if authorization.allowed?(current_user, :root)
+        if TinyAdmin.settings.root[:redirect]
+          req.redirect route_for(TinyAdmin.settings.root[:redirect])
+        else
+          page_class = to_class(TinyAdmin.settings.root[:page])
+          attributes = TinyAdmin.settings.root.slice(:content, :title, :widgets)
+          render_page prepare_page(page_class, attributes: attributes, params: request.params)
+        end
       else
-        page_class = to_class(TinyAdmin.settings.root[:page])
-        render_page prepare_page(page_class, attributes: TinyAdmin.settings.root.slice(:content, :title, :widgets))
+        render_page prepare_page(TinyAdmin.settings.page_not_allowed)
       end
     end
 
-    def setup_page_route(router, slug, page_data)
-      router.get slug do
-        attributes = page_data.slice(:content, :title, :widgets)
-        render_page prepare_page(page_data[:class], slug: slug, attributes: attributes)
+    def setup_page_route(req, slug, page_data)
+      req.get slug do
+        if authorization.allowed?(current_user, :page, slug)
+          attributes = page_data.slice(:content, :title, :widgets)
+          render_page prepare_page(page_data[:class], slug: slug, attributes: attributes, params: request.params)
+        else
+          render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+        end
       end
     end
 
-    def setup_resource_routes(router, slug, options:)
-      router.on slug do
-        setup_collection_routes(router, slug, options: options)
-        setup_member_routes(router, slug, options: options)
+    def setup_resource_routes(req, slug, options:)
+      req.on slug do
+        setup_collection_routes(req, slug, options: options)
+        setup_member_routes(req, slug, options: options)
       end
     end
 
-    def setup_collection_routes(router, slug, options:)
+    def setup_collection_routes(req, slug, options:)
       repository = options[:repository].new(options[:model])
       action_options = options[:index] || {}
 
       # Custom actions
       custom_actions = setup_custom_actions(
-        router,
+        req,
         options[:collection_actions],
         options: action_options,
         repository: repository,
@@ -91,28 +100,32 @@ module TinyAdmin
 
       # Index
       if options[:only].include?(:index) || options[:only].include?('index')
-        router.is do
-          context = Context.new(
-            actions: custom_actions,
-            repository: repository,
-            request: request,
-            router: router,
-            slug: slug
-          )
-          index_action = TinyAdmin::Actions::Index.new
-          render_page index_action.call(app: self, context: context, options: action_options)
+        req.is do
+          if authorization.allowed?(current_user, :resource_index, slug)
+            context = Context.new(
+              actions: custom_actions,
+              repository: repository,
+              request: request,
+              router: req,
+              slug: slug
+            )
+            index_action = TinyAdmin::Actions::Index.new
+            render_page index_action.call(app: self, context: context, options: action_options)
+          else
+            render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+          end
         end
       end
     end
 
-    def setup_member_routes(router, slug, options:)
+    def setup_member_routes(req, slug, options:)
       repository = options[:repository].new(options[:model])
       action_options = (options[:show] || {}).merge(record_not_found_page: TinyAdmin.settings.record_not_found)
 
-      router.on String do |reference|
+      req.on String do |reference|
         # Custom actions
         custom_actions = setup_custom_actions(
-          router,
+          req,
           options[:member_actions],
           options: action_options,
           repository: repository,
@@ -122,42 +135,54 @@ module TinyAdmin
 
         # Show
         if options[:only].include?(:show) || options[:only].include?('show')
-          router.is do
-            context = Context.new(
-              actions: custom_actions,
-              reference: reference,
-              repository: repository,
-              request: request,
-              router: router,
-              slug: slug
-            )
-            show_action = TinyAdmin::Actions::Show.new
-            render_page show_action.call(app: self, context: context, options: action_options)
+          req.is do
+            if authorization.allowed?(current_user, :resource_show, slug)
+              context = Context.new(
+                actions: custom_actions,
+                reference: reference,
+                repository: repository,
+                request: request,
+                router: req,
+                slug: slug
+              )
+              show_action = TinyAdmin::Actions::Show.new
+              render_page show_action.call(app: self, context: context, options: action_options)
+            else
+              render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+            end
           end
         end
       end
     end
 
-    def setup_custom_actions(router, custom_actions, options:, repository:, slug:, reference: nil)
+    def setup_custom_actions(req, custom_actions = nil, options:, repository:, slug:, reference: nil)
       (custom_actions || []).each_with_object({}) do |custom_action, result|
         action_slug, action = custom_action.first
         action_class = to_class(action)
 
-        router.get action_slug.to_s do
-          context = Context.new(
-            actions: {},
-            reference: reference,
-            repository: repository,
-            request: request,
-            router: router,
-            slug: slug
-          )
-          custom_action = action_class.new
-          render_page custom_action.call(app: self, context: context, options: options)
+        req.get action_slug.to_s do
+          if authorization.allowed?(current_user, :custom_action, action_slug.to_s)
+            context = Context.new(
+              actions: {},
+              reference: reference,
+              repository: repository,
+              request: request,
+              router: req,
+              slug: slug
+            )
+            custom_action = action_class.new
+            render_page custom_action.call(app: self, context: context, options: options)
+          else
+            render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+          end
         end
 
         result[action_slug.to_s] = action_class
       end
     end
+
+    def authorization
+      TinyAdmin.settings.authorization_class
+    end
   end
 end

data/lib/tiny_admin/settings.rb

@@ -7,6 +7,7 @@ module TinyAdmin
     DEFAULTS = {
       %i[authentication plugin] => Plugins::NoAuth,
       %i[authentication login] => Views::Pages::SimpleAuthLogin,
+      %i[authorization_class] => Plugins::Authorization,
       %i[components field_value] => Views::Components::FieldValue,
       %i[components flash] => Views::Components::Flash,
       %i[components head] => Views::Components::Head,
@@ -14,6 +15,7 @@ module TinyAdmin
       %i[components pagination] => Views::Components::Pagination,
       %i[content_page] => Views::Pages::Content,
       %i[helper_class] => Support,
+      %i[page_not_allowed] => Views::Pages::PageNotAllowed,
       %i[page_not_found] => Views::Pages::PageNotFound,
       %i[record_not_found] => Views::Pages::RecordNotFound,
       %i[repository] => Plugins::ActiveRecordRepository,
@@ -25,10 +27,12 @@ module TinyAdmin
 
     OPTIONS = %i[
       authentication
+      authorization_class
       components
       content_page
       extra_styles
       helper_class
+      page_not_allowed
       page_not_found
       record_not_found
       repository

data/lib/tiny_admin/utils.rb

@@ -14,7 +14,7 @@ module TinyAdmin
       list.join('&')
     end
 
-    def prepare_page(page_class, slug: nil, attributes: nil, options: nil)
+    def prepare_page(page_class, slug: nil, attributes: nil, options: nil, params: nil)
       page_class.new.tap do |page|
         page.options = options
         page.head_component = TinyAdmin.settings.components[:head]&.new
@@ -27,9 +27,11 @@ module TinyAdmin
           items: options&.include?(:no_menu) ? [] : TinyAdmin.settings.store&.navbar
         )
         attrs = attributes || {}
+        attrs[:params] = params if params
         attrs[:widgets] = attrs[:widgets].map { to_class(_1) } if attrs[:widgets]
         page.update_attributes(attrs) unless attrs.empty?
         yield(page) if block_given?
+        page.setup if page.respond_to?(:setup)
       end
     end
 

data/lib/tiny_admin/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TinyAdmin
-  VERSION = '0.8.0'
+  VERSION = '0.10.0'
 end

data/lib/tiny_admin/views/actions/index.rb

@@ -4,7 +4,14 @@ module TinyAdmin
   module Views
     module Actions
       class Index < DefaultLayout
-        attr_accessor :actions, :fields, :filters, :links, :pagination_component, :prepare_record, :records, :slug
+        attr_accessor :actions,
+                      :fields,
+                      :filters,
+                      :links,
+                      :pagination_component,
+                      :prepare_record,
+                      :records,
+                      :slug
 
         def template
           super do
@@ -28,6 +35,8 @@ module TinyAdmin
 
                     table_body
                   }
+
+                  render pagination_component if pagination_component
                 }
 
                 if filters&.any?
@@ -39,8 +48,6 @@ module TinyAdmin
                 end
               }
 
-              render pagination_component if pagination_component
-
               render TinyAdmin::Views::Components::Widgets.new(widgets)
             }
           end

data/lib/tiny_admin/views/actions/show.rb

@@ -4,7 +4,12 @@ module TinyAdmin
   module Views
     module Actions
       class Show < DefaultLayout
-        attr_accessor :actions, :fields, :prepare_record, :record, :reference, :slug
+        attr_accessor :actions,
+                      :fields,
+                      :prepare_record,
+                      :record,
+                      :reference,
+                      :slug
 
         def template
           super do

data/lib/tiny_admin/views/basic_layout.rb

@@ -5,7 +5,7 @@ module TinyAdmin
     class BasicLayout < Phlex::HTML
       include Utils
 
-      attr_accessor :content, :widgets
+      attr_accessor :content, :params, :widgets
 
       def label_for(value, options: [])
         TinyAdmin.settings.helper_class.label_for(value, options: options)

data/lib/tiny_admin/views/components/pagination.rb

@@ -4,23 +4,31 @@ module TinyAdmin
   module Views
     module Components
       class Pagination < BasicComponent
-        attr_accessor :current, :pages, :query_string
+        attr_accessor :current, :pages, :query_string, :total_count
 
         def template
-          div(class: 'pagination-div') {
-            nav('aria-label' => 'Pagination') {
-              ul(class: 'pagination justify-content-center') {
-                if pages <= 10
-                  pages_range(1..pages)
-                elsif current <= 4 || current >= pages - 3
-                  pages_range(1..(current <= 4 ? current + 2 : 4), with_dots: true)
-                  pages_range((current > pages - 4 ? current - 2 : pages - 2)..pages)
-                else
-                  pages_range(1..1, with_dots: true)
-                  pages_range(current - 2..current + 2, with_dots: true)
-                  pages_range(pages..pages)
-                end
+          div(class: 'container') {
+            div(class: 'row') {
+              div(class: 'col total-count') {
+                "#{total_count} items"
               }
+              div(class: 'col col-6 text-center pagination-div') {
+                nav(class: 'd-inline-block', 'aria-label': 'Pagination') {
+                  ul(class: 'pagination') {
+                    if pages <= 10
+                      pages_range(1..pages)
+                    elsif current <= 4 || current >= pages - 3
+                      pages_range(1..(current <= 4 ? current + 2 : 4), with_dots: true)
+                      pages_range((current > pages - 4 ? current - 2 : pages - 2)..pages)
+                    else
+                      pages_range(1..1, with_dots: true)
+                      pages_range(current - 2..current + 2, with_dots: true)
+                      pages_range(pages..pages)
+                    end
+                  }
+                }
+              }
+              div(class: 'col')
             }
           }
         end

data/lib/tiny_admin/views/pages/page_not_allowed.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module TinyAdmin
+  module Views
+    module Pages
+      class PageNotAllowed < DefaultLayout
+        def template
+          super do
+            div(class: 'page_not_allowed') {
+              h1(class: 'title') { title }
+            }
+          end
+        end
+
+        def title
+          'Page not allowed'
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tiny_admin
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.10.0
 platform: ruby
 authors:
 - Mattia Roccoberton
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-10 00:00:00.000000000 Z
+date: 2023-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: phlex
@@ -83,6 +83,7 @@ files:
 - lib/tiny_admin/context.rb
 - lib/tiny_admin/field.rb
 - lib/tiny_admin/plugins/active_record_repository.rb
+- lib/tiny_admin/plugins/authorization.rb
 - lib/tiny_admin/plugins/base_repository.rb
 - lib/tiny_admin/plugins/no_auth.rb
 - lib/tiny_admin/plugins/simple_auth.rb
@@ -107,6 +108,7 @@ files:
 - lib/tiny_admin/views/components/widgets.rb
 - lib/tiny_admin/views/default_layout.rb
 - lib/tiny_admin/views/pages/content.rb
+- lib/tiny_admin/views/pages/page_not_allowed.rb
 - lib/tiny_admin/views/pages/page_not_found.rb
 - lib/tiny_admin/views/pages/record_not_found.rb
 - lib/tiny_admin/views/pages/root.rb
@@ -134,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: Tiny Admin