vigilante 1.0.13 → 1.0.18

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 13a453a54282b105475ead0fca3e6456f14e4031
4
- data.tar.gz: b47cfb8ad4ada90f963b107f095aa394b9209db2
2
+ SHA256:
3
+ metadata.gz: f35bff47c4dcdaac6d7f6713a3c30c95bd9b57054ab635b38a8308d8ed2a18c0
4
+ data.tar.gz: 1cc0d2439f44bcc342d2230eec6e6940168fbadd72ab86a0fbeeaa394f6a6f42
5
5
  SHA512:
6
- metadata.gz: e4d14427df8937a81939043e88dcb9732fd9678aed159bb674ca8867b3f9bca36a7acb10c2bd9d5720d54d030c2f4f0658299f43218b153fd47f84ba58f9c114
7
- data.tar.gz: 08bee54f39b0be0d5e04bddbe5687bc6d9f76ff5350373901237219d2a7f15e741c25726225c30f66c879037d2cedf70aef249a7c0e8e2a9c5228e7904486a9b
6
+ metadata.gz: 87a77298924da072781540d3206e14e61013e56b9d9b900d2ea2f5d87f1d9053fde6104539c00f191f3baf7620129f4492902532ae35a756cad60bf962d02bca
7
+ data.tar.gz: d052c3d0c1f07c59360e2f1913b046b7b4556944e845ec21358c3649d00cc410a62fcb90ce1e1581c7b15b3aecb5da01939b129eee498b6af731ede34a242937
@@ -36,16 +36,17 @@ GEM
36
36
  minitest (~> 5.1)
37
37
  thread_safe (~> 0.3, >= 0.3.4)
38
38
  tzinfo (~> 1.1)
39
- addressable (2.3.6)
39
+ addressable (2.6.0)
40
+ public_suffix (>= 2.0.2, < 4.0)
40
41
  arel (6.0.0)
41
42
  builder (3.2.2)
42
43
  descendants_tracker (0.0.4)
43
44
  thread_safe (~> 0.3, >= 0.3.1)
44
45
  diff-lcs (1.2.5)
45
46
  erubis (2.7.0)
46
- faraday (0.9.0)
47
+ faraday (0.9.2)
47
48
  multipart-post (>= 1.2, < 3)
48
- git (1.2.6)
49
+ git (1.5.0)
49
50
  github_api (0.11.3)
50
51
  addressable (~> 2.3)
51
52
  descendants_tracker (~> 0.0.1)
@@ -56,38 +57,40 @@ GEM
56
57
  oauth2
57
58
  globalid (0.3.5)
58
59
  activesupport (>= 4.1.0)
59
- hashie (3.0.0)
60
- highline (1.6.21)
60
+ hashie (3.6.0)
61
+ highline (2.0.2)
61
62
  i18n (0.7.0)
62
- jeweler (2.0.1)
63
+ jeweler (2.1.2)
63
64
  builder
64
65
  bundler (>= 1.0)
65
66
  git (>= 1.2.5)
66
- github_api
67
+ github_api (~> 0.11.0)
67
68
  highline (>= 1.6.15)
68
69
  nokogiri (>= 1.5.10)
69
70
  rake
70
71
  rdoc
71
- json (1.8.1)
72
- jwt (1.0.0)
72
+ semver
73
+ json (1.8.6)
74
+ jwt (2.2.1)
73
75
  loofah (2.0.2)
74
76
  nokogiri (>= 1.5.9)
75
77
  mail (2.6.3)
76
78
  mime-types (>= 1.16, < 3)
77
79
  mime-types (2.6.1)
78
- mini_portile (0.6.0)
80
+ mini_portile2 (2.1.0)
79
81
  minitest (5.7.0)
80
- multi_json (1.10.1)
81
- multi_xml (0.5.5)
82
- multipart-post (2.0.0)
83
- nokogiri (1.6.2.1)
84
- mini_portile (= 0.6.0)
85
- oauth2 (0.9.4)
86
- faraday (>= 0.8, < 0.10)
87
- jwt (~> 1.0)
82
+ multi_json (1.13.1)
83
+ multi_xml (0.6.0)
84
+ multipart-post (2.1.1)
85
+ nokogiri (1.6.8.1)
86
+ mini_portile2 (~> 2.1.0)
87
+ oauth2 (1.4.1)
88
+ faraday (>= 0.8, < 0.16.0)
89
+ jwt (>= 1.0, < 3.0)
88
90
  multi_json (~> 1.3)
89
91
  multi_xml (~> 0.5)
90
- rack (~> 1.2)
92
+ rack (>= 1.2, < 3)
93
+ public_suffix (3.0.3)
91
94
  rack (1.6.1)
92
95
  rack-test (0.6.3)
93
96
  rack (>= 1.0)
@@ -116,8 +119,7 @@ GEM
116
119
  rake (>= 0.8.7)
117
120
  thor (>= 0.18.1, < 2.0)
118
121
  rake (10.4.2)
119
- rdoc (4.1.1)
120
- json (~> 1.4)
122
+ rdoc (5.1.0)
121
123
  rspec (2.14.1)
122
124
  rspec-core (~> 2.14.0)
123
125
  rspec-expectations (~> 2.14.0)
@@ -134,6 +136,7 @@ GEM
134
136
  rspec-core (~> 2.14.0)
135
137
  rspec-expectations (~> 2.14.0)
136
138
  rspec-mocks (~> 2.14.0)
139
+ semver (1.0.1)
137
140
  shoulda-matchers (2.8.0)
138
141
  activesupport (>= 3.0.0)
139
142
  sprockets (3.2.0)
@@ -160,4 +163,4 @@ DEPENDENCIES
160
163
  sqlite3
161
164
 
162
165
  BUNDLED WITH
163
- 1.10.3
166
+ 1.16.6
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.0.13
1
+ 1.0.18
@@ -1,6 +1,6 @@
1
1
  class AbilitiesController < ApplicationController
2
2
 
3
- before_filter :check_permissions
3
+ before_action :check_permissions
4
4
 
5
5
  def index
6
6
  @abilities = Ability.order(:name)
@@ -15,7 +15,7 @@ class AbilitiesController < ApplicationController
15
15
  end
16
16
 
17
17
  def create
18
- @ability = Ability.new(params[:ability])
18
+ @ability = Ability.new(ability_params)
19
19
  if @ability.save
20
20
  flash[:notice] = t('ability.created')
21
21
  redirect_to :action => :index
@@ -32,7 +32,7 @@ class AbilitiesController < ApplicationController
32
32
  def update
33
33
  @ability = Ability.find(params[:id])
34
34
 
35
- if @ability.update_attributes(params[:ability])
35
+ if @ability.update_attributes(ability_params)
36
36
  flash[:notice] = t('ability.saved')
37
37
  redirect_to :action => :index
38
38
  else
@@ -40,7 +40,15 @@ class AbilitiesController < ApplicationController
40
40
  end
41
41
  end
42
42
 
43
- private
43
+ protected
44
+
45
+ def ability_params
46
+ params.require(:ability).permit(:name, :description,
47
+ :ability_permissions_attributes => [:id, :permission_id, :_destroy,
48
+ :permission_attributes => [:id, :allowed_action, :_destroy]
49
+ ]
50
+ )
51
+ end
44
52
 
45
53
 
46
54
  end
@@ -1,6 +1,8 @@
1
1
  class Ability < ActiveRecord::Base
2
2
  has_many :ability_permissions
3
3
  has_many :permissions, :through => :ability_permissions
4
+ has_many :authorizations
5
+ has_many :operators, :through => :authorizations
4
6
 
5
7
  accepts_nested_attributes_for :permissions
6
8
  accepts_nested_attributes_for :ability_permissions
@@ -25,8 +25,13 @@ class PermissionHash < HashWithIndifferentAccess
25
25
  self[extent][path] ||= {}
26
26
 
27
27
  allowed_actions = [:index, :show] if allowed_actions.nil? || allowed_actions.empty?
28
+ # always allow edit/update and create/new as a pair (allowing one immediately allows the other)
28
29
  allowed_actions.push(:update) if allowed_actions.include?(:edit) && !allowed_actions.include?(:update)
30
+ allowed_actions.push(:edit) if allowed_actions.include?(:update) && !allowed_actions.include?(:edit)
29
31
  allowed_actions.push(:create) if allowed_actions.include?(:new) && !allowed_actions.include?(:create)
32
+ allowed_actions.push(:new) if allowed_actions.include?(:create) && !allowed_actions.include?(:new)
33
+ allowed_actions.push(:destroy) if allowed_actions.include?(:delete) && !allowed_actions.include?(:destroy)
34
+ allowed_actions.push(:delete) if allowed_actions.include?(:destroy) && !allowed_actions.include?(:delete)
30
35
 
31
36
  allowed_actions.each do |a|
32
37
  self[extent][path][a] = 1
@@ -134,4 +139,4 @@ class PermissionHash < HashWithIndifferentAccess
134
139
  result
135
140
  end
136
141
 
137
- end
142
+ end
@@ -1,4 +1,4 @@
1
- class CreatePermissions < ActiveRecord::Migration
1
+ class CreatePermissions < ActiveRecord::Migration[4.2]
2
2
  def change
3
3
  create_table :permissions do |t|
4
4
  t.string :allowed_action
@@ -1,4 +1,4 @@
1
- class CreateAbilities < ActiveRecord::Migration
1
+ class CreateAbilities < ActiveRecord::Migration[4.2]
2
2
  def change
3
3
  create_table :abilities do |t|
4
4
  t.string :name
@@ -1,4 +1,4 @@
1
- class CreateAbilityPermissions < ActiveRecord::Migration
1
+ class CreateAbilityPermissions < ActiveRecord::Migration[4.2]
2
2
  def change
3
3
  create_table :ability_permissions do |t|
4
4
  t.references :ability
@@ -1,4 +1,4 @@
1
- class CreateAuthorizations < ActiveRecord::Migration
1
+ class CreateAuthorizations < ActiveRecord::Migration[4.2]
2
2
  def change
3
3
  create_table :authorizations do |t|
4
4
  t.references :operator, references: false
@@ -1,4 +1,4 @@
1
- class CreateAuthorizationExtents < ActiveRecord::Migration
1
+ class CreateAuthorizationExtents < ActiveRecord::Migration[4.2]
2
2
  def change
3
3
  create_table :authorization_extents do |t|
4
4
  t.references :authorization
@@ -10,15 +10,9 @@ module Vigilante
10
10
  end
11
11
 
12
12
  def add_authorization(role, extent=nil)
13
- ability = Ability.find_by_name(role.downcase)
13
+ ability = Ability.where("lower(name) = '#{role.downcase}'").first
14
14
  raise StandardError.new("Role #{role} is not converted to a corresponding authorization. It does not exist.") if ability.nil?
15
15
 
16
- # extent_params = {}
17
- # unless extent.nil?
18
- # extent_params[:extent] = extent.id
19
- # extent_params[:extent_type] = extent.class.name
20
- # end
21
-
22
16
  new_authorization = ::Authorization.create(:operator_id => self.id, :ability_id => ability.id)
23
17
  unless extent.nil?
24
18
  new_authorization.add_extent(extent)
@@ -232,4 +226,4 @@ module Vigilante
232
226
  end
233
227
 
234
228
  end
235
- end
229
+ end
@@ -2,18 +2,18 @@
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
3
  # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
4
  # -*- encoding: utf-8 -*-
5
- # stub: vigilante 1.0.13 ruby lib
5
+ # stub: vigilante 1.0.18 ruby lib
6
6
 
7
7
  Gem::Specification.new do |s|
8
- s.name = "vigilante"
9
- s.version = "1.0.13"
8
+ s.name = "vigilante".freeze
9
+ s.version = "1.0.18"
10
10
 
11
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
12
- s.require_paths = ["lib"]
13
- s.authors = ["Nathan Van der Auwera"]
14
- s.date = "2016-12-15"
15
- s.description = "Vigilante is a db-backed authorisation, completely configurable and dynamic; where permissions can be limited to extents."
16
- s.email = "nathan@dixis.com"
11
+ s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
12
+ s.require_paths = ["lib".freeze]
13
+ s.authors = ["Nathan Van der Auwera".freeze]
14
+ s.date = "2020-09-07"
15
+ s.description = "Vigilante is a db-backed authorisation, completely configurable and dynamic; where permissions can be limited to extents.".freeze
16
+ s.email = "nathan@dixis.com".freeze
17
17
  s.extra_rdoc_files = [
18
18
  "README.markdown"
19
19
  ]
@@ -117,26 +117,26 @@ Gem::Specification.new do |s|
117
117
  "spec/vigilante_spec.rb",
118
118
  "vigilante.gemspec"
119
119
  ]
120
- s.homepage = "http://github.com/vigilante"
121
- s.rubygems_version = "2.4.6"
122
- s.summary = "Context-based, db-backed authorisation for your rails3 apps"
120
+ s.homepage = "http://github.com/vigilante".freeze
121
+ s.rubygems_version = "2.7.10".freeze
122
+ s.summary = "Context-based, db-backed authorisation for your rails3 apps".freeze
123
123
 
124
124
  if s.respond_to? :specification_version then
125
125
  s.specification_version = 4
126
126
 
127
127
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
128
- s.add_runtime_dependency(%q<rails>, [">= 4.0.0"])
129
- s.add_development_dependency(%q<jeweler>, [">= 0"])
130
- s.add_development_dependency(%q<rspec-rails>, ["~> 2.14.0"])
128
+ s.add_runtime_dependency(%q<rails>.freeze, [">= 4.0.0"])
129
+ s.add_development_dependency(%q<jeweler>.freeze, [">= 0"])
130
+ s.add_development_dependency(%q<rspec-rails>.freeze, ["~> 2.14.0"])
131
131
  else
132
- s.add_dependency(%q<rails>, [">= 4.0.0"])
133
- s.add_dependency(%q<jeweler>, [">= 0"])
134
- s.add_dependency(%q<rspec-rails>, ["~> 2.14.0"])
132
+ s.add_dependency(%q<rails>.freeze, [">= 4.0.0"])
133
+ s.add_dependency(%q<jeweler>.freeze, [">= 0"])
134
+ s.add_dependency(%q<rspec-rails>.freeze, ["~> 2.14.0"])
135
135
  end
136
136
  else
137
- s.add_dependency(%q<rails>, [">= 4.0.0"])
138
- s.add_dependency(%q<jeweler>, [">= 0"])
139
- s.add_dependency(%q<rspec-rails>, ["~> 2.14.0"])
137
+ s.add_dependency(%q<rails>.freeze, [">= 4.0.0"])
138
+ s.add_dependency(%q<jeweler>.freeze, [">= 0"])
139
+ s.add_dependency(%q<rspec-rails>.freeze, ["~> 2.14.0"])
140
140
  end
141
141
  end
142
142
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vigilante
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.13
4
+ version: 1.0.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Van der Auwera
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-12-15 00:00:00.000000000 Z
11
+ date: 2020-09-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -177,7 +177,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
177
177
  version: '0'
178
178
  requirements: []
179
179
  rubyforge_project:
180
- rubygems_version: 2.4.6
180
+ rubygems_version: 2.7.10
181
181
  signing_key:
182
182
  specification_version: 4
183
183
  summary: Context-based, db-backed authorisation for your rails3 apps