tiny_admin 0.9.0 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: de3ed265839998db96c8e220f1b66576a8a37325e0726f3597e0b1ef315087a4
-  data.tar.gz: 828309ff8139a11c3e73fcbeb82ffea7f752191e5c4e99e9dc19fbaa29a2180e
+  metadata.gz: 748ac60bbfef74485795f95728033866510e728572d391b2a3f381fde88434f6
+  data.tar.gz: 59c0a78183a960e28cb1670d4484be18e368ec48cf622bd8034087192385b7dd
 SHA512:
-  metadata.gz: 3648b175fd028a82bc7c3ae35fc51d3380a4d22fc6dd38dfd5da5ed375d94b4b45358b36c17c955482574756700bd2889ba57348e4ed3453491e2112c9d1471f
-  data.tar.gz: 4ea2a1301b70a3b88e07829e5755976482d22b2f18c1752ab7b7626e93b19b20527a7944c9da634fdf92a4bed53cf20d56c1e7e6738bc8c3b519de4147cd810b
+  metadata.gz: 8ba6531f80fbaab695c59a309e7249f071a1f4491fd7800edb2562571beb352d3f4faff625876cf6dc87e9cdcbf8d12d002f343076446c8ad82653c8d488ce78
+  data.tar.gz: 162637202396ce2106c9ad9c2117a22becc3ad99c3a4e0f72f850624089cb110e2eda4ae39aa66e6c4897bb6c5ad0789003d10711c94ba74f28616afa3e5e82a

data/README.md

@@ -19,7 +19,7 @@ Please ⭐ if you like it.
 
 ## Install
 
-- Add to your Gemfile: `gem 'tiny_admin', '~> 0.9'`
+- Add to your Gemfile: `gem 'tiny_admin', '~> 0.10'`
 - Mount the app in a route (check some examples with: Hanami, Rails, Roda and standalone in [extra](extra))
   + in Rails, update _config/routes.rb_: `mount TinyAdmin::Router => '/admin'`
 - Configure the dashboard using `TinyAdmin.configure` and/or `TinyAdmin.configure_from_file` with a YAML config file (see [configuration](#configuration) below):
@@ -43,6 +43,12 @@ Plugins available:
 
 - **NoAuth**: no authentication.
 
+### Authorization
+
+Plugins available:
+
+- **Authorization**: base class to provide an authorization per action, the host application should inherit from it and override the class method `allowed?`.
+
 ### Repository
 
 Plugin available:
@@ -134,6 +140,10 @@ authentication:
   password: 'f1891cea80fc05e433c943254c6bdabc159577a02a7395dfebbfbc4f7661d4af56f2d372131a45936de40160007368a56ef216a30cb202c66d3145fd24380906'
 ```
 
+`authorization_class` (String): a plugin class to use;
+
+> 📚 [Wiki Authentication page](https://github.com/blocknotes/tiny_admin/wiki/Authorization) available
+
 `sections` (Array of hashes): define the admin sections, properties:
 
 - `slug` (String): section reference identifier;

data/lib/tiny_admin/actions/index.rb

@@ -58,12 +58,12 @@ module TinyAdmin
         end
       end
 
-      def setup_pagination(page, pagination_component_class, total_count:)
+      def setup_pagination(page, pagination_component, total_count:)
         @pages = (total_count / pagination.to_f).ceil
-        return if pages <= 1 || !pagination_component_class
+        return if pages <= 1 || !pagination_component
 
         attributes = { current: current_page, pages: pages, query_string: query_string, total_count: total_count }
-        page.pagination_component = pagination_component_class.new
+        page.pagination_component = pagination_component.new
         page.pagination_component.update_attributes(attributes)
       end
     end

data/lib/tiny_admin/plugins/authorization.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module TinyAdmin
+  module Plugins
+    class Authorization
+      class << self
+        def allowed?(_user, _action, _param = nil)
+          true
+        end
+      end
+    end
+  end
+end

data/lib/tiny_admin/router.rb

@@ -53,37 +53,45 @@ module TinyAdmin
       render(inline: page.call)
     end
 
-    def root_route(router)
-      if TinyAdmin.settings.root[:redirect]
-        router.redirect route_for(TinyAdmin.settings.root[:redirect])
+    def root_route(req)
+      if authorization.allowed?(current_user, :root)
+        if TinyAdmin.settings.root[:redirect]
+          req.redirect route_for(TinyAdmin.settings.root[:redirect])
+        else
+          page_class = to_class(TinyAdmin.settings.root[:page])
+          attributes = TinyAdmin.settings.root.slice(:content, :title, :widgets)
+          render_page prepare_page(page_class, attributes: attributes, params: request.params)
+        end
       else
-        page_class = to_class(TinyAdmin.settings.root[:page])
-        attributes = TinyAdmin.settings.root.slice(:content, :title, :widgets)
-        render_page prepare_page(page_class, attributes: attributes, params: request.params)
+        render_page prepare_page(TinyAdmin.settings.page_not_allowed)
       end
     end
 
-    def setup_page_route(router, slug, page_data)
-      router.get slug do
-        attributes = page_data.slice(:content, :title, :widgets)
-        render_page prepare_page(page_data[:class], slug: slug, attributes: attributes, params: request.params)
+    def setup_page_route(req, slug, page_data)
+      req.get slug do
+        if authorization.allowed?(current_user, :page, slug)
+          attributes = page_data.slice(:content, :title, :widgets)
+          render_page prepare_page(page_data[:class], slug: slug, attributes: attributes, params: request.params)
+        else
+          render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+        end
       end
     end
 
-    def setup_resource_routes(router, slug, options:)
-      router.on slug do
-        setup_collection_routes(router, slug, options: options)
-        setup_member_routes(router, slug, options: options)
+    def setup_resource_routes(req, slug, options:)
+      req.on slug do
+        setup_collection_routes(req, slug, options: options)
+        setup_member_routes(req, slug, options: options)
       end
     end
 
-    def setup_collection_routes(router, slug, options:)
+    def setup_collection_routes(req, slug, options:)
       repository = options[:repository].new(options[:model])
       action_options = options[:index] || {}
 
       # Custom actions
       custom_actions = setup_custom_actions(
-        router,
+        req,
         options[:collection_actions],
         options: action_options,
         repository: repository,
@@ -92,28 +100,32 @@ module TinyAdmin
 
       # Index
       if options[:only].include?(:index) || options[:only].include?('index')
-        router.is do
-          context = Context.new(
-            actions: custom_actions,
-            repository: repository,
-            request: request,
-            router: router,
-            slug: slug
-          )
-          index_action = TinyAdmin::Actions::Index.new
-          render_page index_action.call(app: self, context: context, options: action_options)
+        req.is do
+          if authorization.allowed?(current_user, :resource_index, slug)
+            context = Context.new(
+              actions: custom_actions,
+              repository: repository,
+              request: request,
+              router: req,
+              slug: slug
+            )
+            index_action = TinyAdmin::Actions::Index.new
+            render_page index_action.call(app: self, context: context, options: action_options)
+          else
+            render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+          end
         end
       end
     end
 
-    def setup_member_routes(router, slug, options:)
+    def setup_member_routes(req, slug, options:)
       repository = options[:repository].new(options[:model])
       action_options = (options[:show] || {}).merge(record_not_found_page: TinyAdmin.settings.record_not_found)
 
-      router.on String do |reference|
+      req.on String do |reference|
         # Custom actions
         custom_actions = setup_custom_actions(
-          router,
+          req,
           options[:member_actions],
           options: action_options,
           repository: repository,
@@ -123,42 +135,54 @@ module TinyAdmin
 
         # Show
         if options[:only].include?(:show) || options[:only].include?('show')
-          router.is do
-            context = Context.new(
-              actions: custom_actions,
-              reference: reference,
-              repository: repository,
-              request: request,
-              router: router,
-              slug: slug
-            )
-            show_action = TinyAdmin::Actions::Show.new
-            render_page show_action.call(app: self, context: context, options: action_options)
+          req.is do
+            if authorization.allowed?(current_user, :resource_show, slug)
+              context = Context.new(
+                actions: custom_actions,
+                reference: reference,
+                repository: repository,
+                request: request,
+                router: req,
+                slug: slug
+              )
+              show_action = TinyAdmin::Actions::Show.new
+              render_page show_action.call(app: self, context: context, options: action_options)
+            else
+              render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+            end
           end
         end
       end
     end
 
-    def setup_custom_actions(router, custom_actions, options:, repository:, slug:, reference: nil)
+    def setup_custom_actions(req, custom_actions = nil, options:, repository:, slug:, reference: nil)
       (custom_actions || []).each_with_object({}) do |custom_action, result|
         action_slug, action = custom_action.first
         action_class = to_class(action)
 
-        router.get action_slug.to_s do
-          context = Context.new(
-            actions: {},
-            reference: reference,
-            repository: repository,
-            request: request,
-            router: router,
-            slug: slug
-          )
-          custom_action = action_class.new
-          render_page custom_action.call(app: self, context: context, options: options)
+        req.get action_slug.to_s do
+          if authorization.allowed?(current_user, :custom_action, action_slug.to_s)
+            context = Context.new(
+              actions: {},
+              reference: reference,
+              repository: repository,
+              request: request,
+              router: req,
+              slug: slug
+            )
+            custom_action = action_class.new
+            render_page custom_action.call(app: self, context: context, options: options)
+          else
+            render_page prepare_page(TinyAdmin.settings.page_not_allowed)
+          end
         end
 
         result[action_slug.to_s] = action_class
       end
     end
+
+    def authorization
+      TinyAdmin.settings.authorization_class
+    end
   end
 end

data/lib/tiny_admin/settings.rb

@@ -7,6 +7,7 @@ module TinyAdmin
     DEFAULTS = {
       %i[authentication plugin] => Plugins::NoAuth,
       %i[authentication login] => Views::Pages::SimpleAuthLogin,
+      %i[authorization_class] => Plugins::Authorization,
       %i[components field_value] => Views::Components::FieldValue,
       %i[components flash] => Views::Components::Flash,
       %i[components head] => Views::Components::Head,
@@ -14,6 +15,7 @@ module TinyAdmin
       %i[components pagination] => Views::Components::Pagination,
       %i[content_page] => Views::Pages::Content,
       %i[helper_class] => Support,
+      %i[page_not_allowed] => Views::Pages::PageNotAllowed,
       %i[page_not_found] => Views::Pages::PageNotFound,
       %i[record_not_found] => Views::Pages::RecordNotFound,
       %i[repository] => Plugins::ActiveRecordRepository,
@@ -25,10 +27,12 @@ module TinyAdmin
 
     OPTIONS = %i[
       authentication
+      authorization_class
       components
       content_page
       extra_styles
       helper_class
+      page_not_allowed
       page_not_found
       record_not_found
       repository

data/lib/tiny_admin/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TinyAdmin
-  VERSION = '0.9.0'
+  VERSION = '0.10.0'
 end

data/lib/tiny_admin/views/actions/index.rb

@@ -4,7 +4,14 @@ module TinyAdmin
   module Views
     module Actions
       class Index < DefaultLayout
-        attr_accessor :actions, :fields, :filters, :links, :pagination_component, :prepare_record, :records, :slug
+        attr_accessor :actions,
+                      :fields,
+                      :filters,
+                      :links,
+                      :pagination_component,
+                      :prepare_record,
+                      :records,
+                      :slug
 
         def template
           super do

data/lib/tiny_admin/views/actions/show.rb

@@ -4,7 +4,12 @@ module TinyAdmin
   module Views
     module Actions
       class Show < DefaultLayout
-        attr_accessor :actions, :fields, :prepare_record, :record, :reference, :slug
+        attr_accessor :actions,
+                      :fields,
+                      :prepare_record,
+                      :record,
+                      :reference,
+                      :slug
 
         def template
           super do

data/lib/tiny_admin/views/pages/page_not_allowed.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module TinyAdmin
+  module Views
+    module Pages
+      class PageNotAllowed < DefaultLayout
+        def template
+          super do
+            div(class: 'page_not_allowed') {
+              h1(class: 'title') { title }
+            }
+          end
+        end
+
+        def title
+          'Page not allowed'
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tiny_admin
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.10.0
 platform: ruby
 authors:
 - Mattia Roccoberton
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-16 00:00:00.000000000 Z
+date: 2023-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: phlex
@@ -83,6 +83,7 @@ files:
 - lib/tiny_admin/context.rb
 - lib/tiny_admin/field.rb
 - lib/tiny_admin/plugins/active_record_repository.rb
+- lib/tiny_admin/plugins/authorization.rb
 - lib/tiny_admin/plugins/base_repository.rb
 - lib/tiny_admin/plugins/no_auth.rb
 - lib/tiny_admin/plugins/simple_auth.rb
@@ -107,6 +108,7 @@ files:
 - lib/tiny_admin/views/components/widgets.rb
 - lib/tiny_admin/views/default_layout.rb
 - lib/tiny_admin/views/pages/content.rb
+- lib/tiny_admin/views/pages/page_not_allowed.rb
 - lib/tiny_admin/views/pages/page_not_found.rb
 - lib/tiny_admin/views/pages/record_not_found.rb
 - lib/tiny_admin/views/pages/root.rb
@@ -134,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: Tiny Admin