trust 0.8.3 → 1.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +33 -1
- data/lib/trust.rb +9 -0
- data/lib/trust/authorization.rb +83 -36
- data/lib/trust/controller.rb +32 -8
- data/lib/trust/controller/properties.rb +12 -0
- data/lib/trust/controller/resource.rb +79 -11
- data/lib/trust/permissions.rb +177 -24
- data/lib/trust/version.rb +1 -1
- data/test/dummy/app/controllers/accounts_controller.rb +2 -2
- data/test/dummy/app/controllers/clients_controller.rb +1 -1
- data/test/dummy/app/controllers/mongo_accounts_controller.rb +5 -4
- data/test/dummy/app/controllers/mongo_clients_controller.rb +1 -1
- data/test/dummy/app/controllers/users_controller.rb +1 -5
- data/test/dummy/app/models/account.rb +1 -1
- data/test/dummy/app/models/client.rb +1 -1
- data/test/dummy/app/models/permissions.rb +18 -11
- data/test/dummy/app/models/user.rb +1 -1
- data/test/dummy/app/views/accounts/edit.html.erb +1 -1
- data/test/dummy/app/views/accounts/show.html.erb +1 -1
- data/test/dummy/app/views/mongo_accounts/_form.html.erb +1 -1
- data/test/dummy/app/views/mongo_accounts/edit.html.erb +2 -2
- data/test/dummy/app/views/mongo_accounts/index.html.erb +3 -3
- data/test/dummy/app/views/mongo_accounts/show.html.erb +2 -2
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/bin/setup +29 -0
- data/test/dummy/config/application.rb +3 -34
- data/test/dummy/config/boot.rb +4 -9
- data/test/dummy/config/environment.rb +3 -3
- data/test/dummy/config/environments/development.rb +22 -18
- data/test/dummy/config/environments/production.rb +46 -34
- data/test/dummy/config/environments/test.rb +19 -14
- data/test/dummy/config/initializers/assets.rb +11 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +6 -5
- data/test/dummy/config/initializers/mime_types.rb +0 -1
- data/test/dummy/config/initializers/session_store.rb +1 -6
- data/test/dummy/config/initializers/wrap_parameters.rb +6 -6
- data/test/dummy/config/locales/en.yml +20 -2
- data/test/dummy/config/mongoid.yml +16 -18
- data/test/dummy/config/routes.rb +3 -3
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/log/development.log +30 -0
- data/test/dummy/log/test.log +6382 -0
- data/test/dummy/test/functional/accounts_controller_test.rb +2 -2
- data/test/dummy/test/functional/mongo_accounts_controller_test.rb +8 -8
- data/test/dummy/test/functional/mongo_clients_controller_test.rb +1 -1
- data/test/dummy/test/unit/permissions_test.rb +1 -1
- data/test/dummy/tmp/cache/assets/test/sprockets/0e74e8595d4c5c03160356ab9bf6f67c +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/13fe41fee1fe35b49d145bcc06610705 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/189460d2a0f63f35d55c384e0beb9cc4 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/2f5173deea6c795b8fdde723bb4b63af +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/357970feca3ac29060c1e3861e2c0953 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/371bf96e99717688ed7313a0c53f4212 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/4050a4e5062ab95c9f32e9b6940821ea +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/5f1a0d05e77ca8b9a1fc2a47e17a8174 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/6fc757c2c8329244ca95d6909865bbc2 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/75f67b2244ba6a4914d71df068f5fda9 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/7ed0985e7e627ac5280078ee9c7078fe +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/86d19eda31629412e6817570ffde9a93 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/87b209c0c9da28094a8d5581a21262c6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/954318d0d3412eec67db5c2508ae5169 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/95c1a034126598a432130d7fc227c189 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/b55283b385e5692ecf1b59332bbc5a11 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/b678ce3482f77c68a19e697960645cb6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/ca9d9c205bcfa05de1ddd180f8ecc168 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/cffd775d018f68ce5dba1ee0d951a994 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/d36f675d4251ea3868635d299f3bb166 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/d771ace226fc8215a3572e0aa35bb0d6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f56253b5f374fff1a33fbbc9881c9124 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f7cbd26ba1d28d48de824f0e94586655 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/fe1f20fb032685e2e1fcad23f0ad6601 +0 -0
- data/test/test_helper.rb +6 -2
- data/test/trust_test.rb +4 -0
- data/test/unit/trust/authorization_test.rb +165 -71
- data/test/unit/trust/controller/properties_test.rb +15 -0
- data/test/unit/trust/controller/resource_test.rb +29 -9
- data/test/unit/trust/controller_test.rb +53 -40
- data/test/unit/trust/permissions_test.rb +196 -69
- metadata +93 -28
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5f4f6f8b277d792ad153c664b08a0dedf92d6ef4
|
4
|
+
data.tar.gz: 498d30e412516e48c926724fca6a1425a40e4264
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f0ff733d503944e905020986f6acb716dffa5a5b325d8d4752f0f3e34704df25e6cf5069e67fe18c6dcecad1d81ceb4d17d0934c210a144caf88ec7012e3e386
|
7
|
+
data.tar.gz: c9ebe76c73d95820d0a3151e466624e9b6a3e08793fae6e2801a3c9735a8eab46b89ce6909f2c6222d4663a127cd4479c896d842b6d922acfa198185f68fe856
|
data/README.md
CHANGED
@@ -59,9 +59,33 @@ module Permissions
|
|
59
59
|
parent && parent.is_a?(Client) && parent.operators.find(user.id)
|
60
60
|
end
|
61
61
|
end
|
62
|
+
|
63
|
+
|
64
|
+
class Voucher < Default
|
65
|
+
member_roles :accountant do
|
66
|
+
can :edit, :show, :if => :associated_with_client?
|
67
|
+
end
|
68
|
+
def members_role()
|
69
|
+
user.member_role( subject_or_parent.team )
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
# Rails 4 - definitions for strong_params
|
74
|
+
class Invoice < Default
|
75
|
+
require :invoice # requires :invoice hash. This is set by default, so in practice not necessary to define
|
76
|
+
permit :date, :due_days # permitted parameters
|
77
|
+
role :accountant do
|
78
|
+
can :edit, :show, :if => :associated_with_client?
|
79
|
+
end
|
80
|
+
role :department_manager, :accountant do
|
81
|
+
can :new, :create, :if => lambda { parent }, permit: [:date, :due_days, :discount]
|
82
|
+
end
|
83
|
+
end
|
62
84
|
end
|
63
85
|
```
|
64
86
|
|
87
|
+
The members_role can be implemented if a user has multiple roles such as memberships of teams, projects or similar.
|
88
|
+
|
65
89
|
The following attributes will be accessible in a Permissions class:
|
66
90
|
|
67
91
|
* ```subject``` - the resource that is currently being tested for authorization
|
@@ -88,7 +112,7 @@ class AccountsController < ApplicationController
|
|
88
112
|
end
|
89
113
|
```
|
90
114
|
|
91
|
-
The trustee statement will set up 3 before_filters in your controller:
|
115
|
+
The trustee statement will set up 3 before_filters (before_actions) in your controller:
|
92
116
|
|
93
117
|
``` Ruby
|
94
118
|
before_filter :set_user
|
@@ -214,6 +238,14 @@ You can even assign these if you like. The resource is also exposed as helper, s
|
|
214
238
|
For simplicity we have also exposed an ```instances``` accessor that you can assign when you have a multirecord result,
|
215
239
|
such as for index action.
|
216
240
|
|
241
|
+
Accessing strong_params for updates (rails 4)
|
242
|
+
|
243
|
+
``` Ruby
|
244
|
+
@invoice.update_attributes(resource.strong_params)
|
245
|
+
# or
|
246
|
+
resource.instance.update_attributes(resource.strong_params)
|
247
|
+
```
|
248
|
+
|
217
249
|
## Overriding defaults
|
218
250
|
|
219
251
|
### Overriding resource permits in the controller
|
data/lib/trust.rb
CHANGED
@@ -22,6 +22,7 @@
|
|
22
22
|
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
23
23
|
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
24
24
|
|
25
|
+
require 'active_support/configurable'
|
25
26
|
require 'trust/exceptions'
|
26
27
|
require 'trust/inheritable_attribute'
|
27
28
|
module Trust
|
@@ -30,6 +31,14 @@ module Trust
|
|
30
31
|
autoload :Authorization, 'trust/authorization'
|
31
32
|
autoload :ActiveModel, 'trust/active_model'
|
32
33
|
autoload :Actor, 'trust/actor'
|
34
|
+
|
35
|
+
include ActiveSupport::Configurable
|
36
|
+
|
37
|
+
config_accessor :log_level
|
38
|
+
|
39
|
+
def self.rails_generation
|
40
|
+
@@__generation ||= Rails.version.split('.')[0].to_i
|
41
|
+
end
|
33
42
|
end
|
34
43
|
require 'trust/controller'
|
35
44
|
class ActionController::Base
|
data/lib/trust/authorization.rb
CHANGED
@@ -25,6 +25,10 @@
|
|
25
25
|
module Trust
|
26
26
|
# = Trust Authorization
|
27
27
|
class Authorization
|
28
|
+
|
29
|
+
# raised if attempting to do resource related operations and resource is not passed on to the Authorization object
|
30
|
+
class ResourceNotLoaded < StandardError; end
|
31
|
+
|
28
32
|
class << self
|
29
33
|
|
30
34
|
# Returns true if user is authorized to perform +action+ on +object+ or +class+.
|
@@ -39,25 +43,13 @@ module Trust
|
|
39
43
|
#
|
40
44
|
# This method is called by the +can?+ method in Trust::Controller, and is normally
|
41
45
|
# not necessary to call directly.
|
42
|
-
def authorized?(action,
|
43
|
-
|
44
|
-
parent = options[:parent] || options[:for] || args.first
|
45
|
-
actor = options[:by] || user
|
46
|
-
if object_or_class.is_a? Class
|
47
|
-
klass = object_or_class
|
48
|
-
object = nil
|
49
|
-
else
|
50
|
-
klass = object_or_class.class
|
51
|
-
object = object_or_class
|
52
|
-
end
|
53
|
-
# Identify which class to instanciate and then check authorization
|
54
|
-
auth = authorizing_class(klass)
|
55
|
-
# Rails.logger.debug "Trust: Authorizing class for #{klass.name} is #{auth.name}"
|
56
|
-
auth.new(actor, action.to_sym, klass, object, parent).authorized?
|
46
|
+
def authorized?(action, object_or_class_or_resource, *args)
|
47
|
+
new(action, object_or_class_or_resource, *args).authorized?
|
57
48
|
end
|
58
49
|
|
59
50
|
# Tests if user is authorized to perform +action+ on +object+ or +class+, with the
|
60
51
|
# optional parent and raises Trust::AccessDenied exception if not permitted.
|
52
|
+
# If user is authorized, sets the params_handler for the resource.
|
61
53
|
#
|
62
54
|
# Options:
|
63
55
|
#
|
@@ -70,15 +62,8 @@ module Trust
|
|
70
62
|
# * +:message+ - The message to be passed onto the AccessDenied exception class
|
71
63
|
#
|
72
64
|
# This method is used by the +access_control+ method in Trust::Controller
|
73
|
-
def authorize!(action,
|
74
|
-
|
75
|
-
parent = options[:parent] || options[:for] || args.first
|
76
|
-
message = options[:message]
|
77
|
-
access_denied!(message, action, object_or_class, parent) unless authorized?(action, object_or_class, parent, options)
|
78
|
-
end
|
79
|
-
|
80
|
-
def access_denied!(message = nil, action = nil, subject = nil, parent = nil) #:nodoc:
|
81
|
-
raise AccessDenied.new(message, action, subject)
|
65
|
+
def authorize!(action, object_or_class_or_resource, *args)
|
66
|
+
new(action, object_or_class_or_resource, *args).authorize!
|
82
67
|
end
|
83
68
|
|
84
69
|
# Returns the current +user+ being used in the authorization process
|
@@ -91,20 +76,82 @@ module Trust
|
|
91
76
|
def user=(user)
|
92
77
|
Thread.current["current_user"] = user
|
93
78
|
end
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
79
|
+
end
|
80
|
+
|
81
|
+
attr_reader :authorization, :action, :resource, :klass, :object, :parent, :actor
|
82
|
+
|
83
|
+
delegate :user, to: :class
|
84
|
+
|
85
|
+
def initialize(action, resource_object_or_class, *args)
|
86
|
+
options = args.extract_options!
|
87
|
+
@action = action.to_sym
|
88
|
+
if resource_object_or_class.is_a? Trust::Controller::Resource
|
89
|
+
@resource = resource_object_or_class
|
90
|
+
@klass = resource.klass
|
91
|
+
@object = resource.instance
|
92
|
+
@actor = options[:by] || user
|
93
|
+
@parent = resource.parent
|
94
|
+
else
|
95
|
+
@parent = options[:parent] || options[:for] || args.first
|
96
|
+
@actor = options[:by] || user
|
97
|
+
if resource_object_or_class.is_a? Class
|
98
|
+
@klass = resource_object_or_class
|
99
|
+
@object = nil
|
100
|
+
else
|
101
|
+
@klass = resource_object_or_class.class
|
102
|
+
@object = resource_object_or_class
|
103
|
+
end
|
104
|
+
end
|
105
|
+
auth = authorizing_class
|
106
|
+
# Rails.logger.debug "Trust: Authorizing class for #{klass.name} is #{auth.name}"
|
107
|
+
@authorization = auth.new(@actor, @action, @klass, @object, @parent)
|
108
|
+
end
|
109
|
+
|
110
|
+
def access_denied!(message = nil, action = nil, subject = nil, parent = nil) #:nodoc:
|
111
|
+
raise AccessDenied.new(message, action, subject)
|
112
|
+
end
|
113
|
+
|
114
|
+
def authorize!
|
115
|
+
if perm = permissions
|
116
|
+
resource.params_handler = perm
|
117
|
+
else
|
118
|
+
access_denied!(nil, action, object || klass)
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
def authorized?
|
123
|
+
!!permissions
|
124
|
+
end
|
125
|
+
|
126
|
+
def instance_loaded(instance)
|
127
|
+
@authorization.subject = instance
|
128
|
+
end
|
129
|
+
|
130
|
+
# Preloads resource require and permit attributes, so that new objects can be initialized properly
|
131
|
+
# raises ResourceNotLoaded if Authorization object was not initialized with a resource object
|
132
|
+
def preload
|
133
|
+
raise ResourceNotLoaded unless resource
|
134
|
+
resource.params_handler = authorization.preload
|
135
|
+
end
|
136
|
+
|
137
|
+
def permissions
|
138
|
+
authorization.authorized?
|
139
|
+
end
|
140
|
+
|
141
|
+
|
142
|
+
private
|
143
|
+
def authorizing_class #:nodoc:
|
144
|
+
auth = nil
|
145
|
+
klass.ancestors.each do |k|
|
146
|
+
break if k == ::ActiveRecord::Base
|
147
|
+
begin
|
148
|
+
auth = "::Permissions::#{k}".constantize
|
149
|
+
break
|
150
|
+
rescue
|
105
151
|
end
|
106
|
-
auth || ::Permissions::Default
|
107
152
|
end
|
153
|
+
auth || ::Permissions::Default
|
108
154
|
end
|
155
|
+
|
109
156
|
end
|
110
157
|
end
|
data/lib/trust/controller.rb
CHANGED
@@ -98,7 +98,7 @@ module Trust
|
|
98
98
|
set_user *args
|
99
99
|
load_resource *args
|
100
100
|
access_control *args
|
101
|
-
helper_method :can?, :resource
|
101
|
+
helper_method :can?, :resource, :resource?
|
102
102
|
end
|
103
103
|
end
|
104
104
|
|
@@ -136,12 +136,22 @@ module Trust
|
|
136
136
|
end
|
137
137
|
|
138
138
|
private
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
139
|
+
if Trust.rails_generation < 4
|
140
|
+
def _filter_setting(method, *args)
|
141
|
+
options = args.extract_options!
|
142
|
+
skip_before_filter method
|
143
|
+
unless args.include? :off or options[method] == :off
|
144
|
+
before_filter method, options
|
145
|
+
end
|
144
146
|
end
|
147
|
+
else
|
148
|
+
def _filter_setting(method, *args)
|
149
|
+
options = args.extract_options!
|
150
|
+
skip_before_action method
|
151
|
+
unless args.include? :off or options[method] == :off
|
152
|
+
before_action method, options
|
153
|
+
end
|
154
|
+
end
|
145
155
|
end
|
146
156
|
end
|
147
157
|
|
@@ -183,19 +193,33 @@ module Trust
|
|
183
193
|
@resource ||= Trust::Controller::Resource.new(self, self.class.properties, action_name, params, request)
|
184
194
|
end
|
185
195
|
|
196
|
+
# Returns true if resource has been loaded
|
197
|
+
def resource?
|
198
|
+
!@resource.nil?
|
199
|
+
end
|
186
200
|
# Loads the resource which basically means loading the instance and eventual parent defined through +belongs_to+
|
187
201
|
#
|
188
202
|
# This method is triggered as a callback on +before_filter+
|
189
203
|
# See {Trust::Controller::Resource} for more information
|
190
204
|
def load_resource
|
191
|
-
resource.
|
205
|
+
if resource.new_action?
|
206
|
+
authorization.preload
|
207
|
+
authorization.instance_loaded resource.load # need to set instance on authorizing object
|
208
|
+
else
|
209
|
+
resource.load
|
210
|
+
end
|
192
211
|
end
|
193
212
|
|
194
213
|
# Performs the actual access_control.
|
195
214
|
#
|
196
215
|
# This method is triggered as a callback on +before_filter+
|
197
216
|
def access_control
|
198
|
-
|
217
|
+
authorization.authorize!
|
218
|
+
end
|
219
|
+
|
220
|
+
# maintains access to the authorization object
|
221
|
+
def authorization
|
222
|
+
@authorization ||= Trust::Authorization.new(action_name, resource)
|
199
223
|
end
|
200
224
|
|
201
225
|
# Tests for current users permissions.
|
@@ -83,6 +83,18 @@ module Trust
|
|
83
83
|
model.to_s.classify.constantize
|
84
84
|
end
|
85
85
|
|
86
|
+
# => true if action is a new_action
|
87
|
+
def new_action?(action)
|
88
|
+
new_actions.include? action.to_sym
|
89
|
+
end
|
90
|
+
# => true if action is a collection_action
|
91
|
+
def collection_action?(action)
|
92
|
+
collection_actions.include? action.to_sym
|
93
|
+
end
|
94
|
+
# => true if action is a member_action
|
95
|
+
def member_action?(action)
|
96
|
+
member_actions.include? action.to_sym
|
97
|
+
end
|
86
98
|
# Specify associated resources (nested resources)
|
87
99
|
#
|
88
100
|
# === Example
|
@@ -44,14 +44,16 @@ module Trust
|
|
44
44
|
delegate :logger, :to => Rails
|
45
45
|
attr_reader :properties, :params, :action
|
46
46
|
attr_reader :info, :parent_info, :relation
|
47
|
+
attr_reader :params_handler
|
47
48
|
|
48
49
|
def initialize(controller, properties, action_name, params, request) # nodoc
|
49
50
|
@action = action_name.to_sym
|
50
|
-
|
51
|
+
@params_handler = {}
|
51
52
|
@controller, @properties, @params = controller, properties, params
|
52
53
|
@info = extract_resource_info(properties.model, params)
|
53
54
|
if properties.has_associations?
|
54
55
|
@parent_info = extract_parent_info(properties.associations, params, request)
|
56
|
+
self.parent = parent_info.object if parent_info
|
55
57
|
end
|
56
58
|
@relation = @info.relation(@parent_info)
|
57
59
|
end
|
@@ -73,7 +75,7 @@ module Trust
|
|
73
75
|
@controller.instance_variable_set(:"@#{instance_name}", instance)
|
74
76
|
end
|
75
77
|
|
76
|
-
# Returns the parameters for the instance
|
78
|
+
# Returns the parameters for the instance (Rails 3)
|
77
79
|
#
|
78
80
|
# ==== Example
|
79
81
|
#
|
@@ -82,15 +84,53 @@ module Trust
|
|
82
84
|
def instance_params
|
83
85
|
info.params
|
84
86
|
end
|
87
|
+
|
88
|
+
# Returns strong parameters for the instance (Rails 4)
|
89
|
+
# This call will take advantage of the spesified in permissions.
|
90
|
+
# If no such permissions is defined, it will fall back to instance_params
|
91
|
+
#
|
92
|
+
# ==== Example
|
93
|
+
#
|
94
|
+
# # assume the following permissions defined
|
95
|
+
# class Account < Default
|
96
|
+
# require :account
|
97
|
+
# permit :number, :amount
|
98
|
+
# end
|
99
|
+
#
|
100
|
+
# # in AccountsController
|
101
|
+
# resource.strong_params # same as params.require(:account).permit(:number, :amount)
|
102
|
+
#
|
103
|
+
# # as a new action
|
104
|
+
# resource.strong_params(true) # same as params.fetch(:account, {}).permit(:number, :amount)
|
105
|
+
#
|
106
|
+
def strong_params(new_action = new_action?)
|
107
|
+
if params_handler.size > 0
|
108
|
+
if params_handler[:require]
|
109
|
+
new_action ?
|
110
|
+
params.fetch(params_handler[:require], {}).permit(params_handler[:permit]) :
|
111
|
+
params.require(params_handler[:require]).permit(params_handler[:permit])
|
112
|
+
else
|
113
|
+
params.permit(params_handler[:permit])
|
114
|
+
end
|
115
|
+
else
|
116
|
+
instance_params
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
if Trust.rails_generation < 4
|
121
|
+
def strong_params(new_action = new_action?)
|
122
|
+
instance_params
|
123
|
+
end
|
124
|
+
end
|
85
125
|
|
86
126
|
# Returns the parents instance variable when you use +belongs_to+ for nested routes
|
87
127
|
def parent
|
88
|
-
@controller.instance_variable_get(:"@#{parent_name}")
|
128
|
+
parent_name && @controller.instance_variable_get(:"@#{parent_name}")
|
89
129
|
end
|
90
130
|
|
91
131
|
# Sets the parent instance variable
|
92
132
|
def parent=(instance)
|
93
|
-
@controller.instance_variable_set(:"@#{parent_name}", instance)
|
133
|
+
@controller.instance_variable_set(:"@#{parent_name}", instance) if parent_name
|
94
134
|
end
|
95
135
|
|
96
136
|
# Returns the cinstance variable for ollection
|
@@ -124,6 +164,25 @@ module Trust
|
|
124
164
|
@info.collection(@parent_info, instance)
|
125
165
|
end
|
126
166
|
|
167
|
+
# true if action is a collection action
|
168
|
+
def collection_action?
|
169
|
+
@collection_action ||= properties.collection_action?(action)
|
170
|
+
end
|
171
|
+
|
172
|
+
# true if action is a collection action
|
173
|
+
def member_action?
|
174
|
+
@member_action ||= properties.member_action?(action)
|
175
|
+
end
|
176
|
+
|
177
|
+
# Returns a nested resource if parent is set
|
178
|
+
def nested
|
179
|
+
parent ? [parent, instance] : [instance]
|
180
|
+
end
|
181
|
+
|
182
|
+
# true if action is a new action
|
183
|
+
def new_action?
|
184
|
+
@new_action ||= properties.new_action?(action)
|
185
|
+
end
|
127
186
|
|
128
187
|
# Loads the resource
|
129
188
|
#
|
@@ -133,11 +192,10 @@ module Trust
|
|
133
192
|
# If using nested resources and +belongs_to+ has been declared in the controller it will use the
|
134
193
|
# parent relation if found.
|
135
194
|
def load
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
@controller.send(:build, action) if @controller.respond_to?(:build,true)
|
195
|
+
if new_action?
|
196
|
+
# logger.debug "Trust.load: Setting new: class: #{klass} strong_params: #{strong_params.inspect}"
|
197
|
+
self.instance ||= relation.new(strong_params)
|
198
|
+
@controller.send(:build, action) if @controller.respond_to?(:build, true)
|
141
199
|
elsif properties.member_actions.include?(action)
|
142
200
|
# logger.debug "Trust.load: Finding parent: #{parent.inspect}, relation: #{relation.inspect}"
|
143
201
|
self.instance ||= relation.find(params[:id] || params["#{relation.name.underscore}_id".to_sym])
|
@@ -157,6 +215,16 @@ module Trust
|
|
157
215
|
info.name
|
158
216
|
end
|
159
217
|
|
218
|
+
# Assigns the handler for safe parameters
|
219
|
+
#
|
220
|
+
# This is normally set by the controller during authorization
|
221
|
+
# If you want to set this your self it should
|
222
|
+
def params_handler=(handler)
|
223
|
+
@params_handler = handler
|
224
|
+
end
|
225
|
+
|
226
|
+
|
227
|
+
|
160
228
|
# Returns the plural name of the instance for the resource
|
161
229
|
#
|
162
230
|
# ==== Example
|
@@ -322,11 +390,11 @@ module Trust
|
|
322
390
|
@as = as
|
323
391
|
([@klass] + @klass.descendants).detect do |c|
|
324
392
|
@name = c.to_s.underscore.tr('/','_').to_sym
|
325
|
-
unless @id = request.
|
393
|
+
unless @id = request.path_parameters["#{@name}_id".to_sym]
|
326
394
|
# see if name space handling is necessary
|
327
395
|
if c.to_s.include?('::')
|
328
396
|
@name = c.to_s.demodulize.underscore.to_sym
|
329
|
-
@id = request.
|
397
|
+
@id = request.path_parameters["#{@name}_id".to_sym]
|
330
398
|
end
|
331
399
|
end
|
332
400
|
@id
|