diff --git a/.travis.yml b/.travis.yml index 2cd0bb7b..880f3a50 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,20 +1,15 @@ language: ruby script: bundle exec rake test rvm: - - 1.8.7 - - 1.9.3 + - 2.1 + - 2.2 gemfile: - - gemfiles/2.3.gemfile - - gemfiles/3.0.gemfile - - gemfiles/3.1.gemfile - - gemfiles/3.2.gemfile - gemfiles/4.0.gemfile - gemfiles/4.1.gemfile + - gemfiles/5.0.gemfile + matrix: exclude: - - rvm: 1.8.7 - gemfile: gemfiles/4.0.gemfile - - rvm: 1.8.7 - gemfile: gemfiles/4.1.gemfile - - rvm: 1.9.3 - gemfile: gemfiles/2.3.gemfile + - rvm: 2.1 + gemfile: gemfiles/5.0.gemfile + diff --git a/gemfiles/3.0.gemfile b/gemfiles/3.0.gemfile deleted file mode 100644 index d4349642..00000000 --- a/gemfiles/3.0.gemfile +++ /dev/null @@ -1,8 +0,0 @@ -source 'https://rubygems.org' - -gem 'rails', '~> 3.0.0' -gem 'sqlite3' -gem 'ruby_parser' -gem 'rdoc' -gemspec :path => '..' - diff --git a/gemfiles/3.1.gemfile b/gemfiles/3.1.gemfile deleted file mode 100644 index c9cddba2..00000000 --- a/gemfiles/3.1.gemfile +++ /dev/null @@ -1,8 +0,0 @@ -source 'https://rubygems.org' - -gem 'rails', '~> 3.1.0' -gem 'sqlite3' -gem 'ruby_parser' -gem 'rdoc' -gemspec :path => '..' - diff --git a/gemfiles/3.2.gemfile b/gemfiles/3.2.gemfile deleted file mode 100644 index cdff0429..00000000 --- a/gemfiles/3.2.gemfile +++ /dev/null @@ -1,8 +0,0 @@ -source 'https://rubygems.org' - -gem 'rails', '~> 3.2.0' -gem 'sqlite3' -gem 'ruby_parser' -gem 'rdoc' -gemspec :path => '..' - diff --git a/gemfiles/2.3.gemfile b/gemfiles/5.0.gemfile similarity index 80% rename from gemfiles/2.3.gemfile rename to gemfiles/5.0.gemfile index fa5f3b14..064276cf 100644 --- a/gemfiles/2.3.gemfile +++ b/gemfiles/5.0.gemfile @@ -1,8 +1,8 @@ source 'https://rubygems.org' -gem 'rails', '~> 2.3.0' +gem 'rails', '~> 5.0.0' gem 'sqlite3' gem 'ruby_parser' gem 'rdoc' -gemspec :path => '..' +gemspec :path => '..' diff --git a/lib/declarative_authorization.rb b/lib/declarative_authorization.rb index 81d1f02e..27ec3ba0 100644 --- a/lib/declarative_authorization.rb +++ b/lib/declarative_authorization.rb @@ -14,6 +14,5 @@ require File.join(%w{declarative_authorization railsengine}) if defined?(::Rails::Engine) ActionController::Base.send :include, Authorization::AuthorizationInController -ActionController::Base.helper Authorization::AuthorizationHelper ActiveRecord::Base.send :include, Authorization::AuthorizationInModel if defined?(ActiveRecord) diff --git a/lib/declarative_authorization/in_controller.rb b/lib/declarative_authorization/in_controller.rb index fae894df..18f21d9a 100644 --- a/lib/declarative_authorization/in_controller.rb +++ b/lib/declarative_authorization/in_controller.rb @@ -3,11 +3,23 @@ module Authorization module AuthorizationInController - + def self.included(base) # :nodoc: base.extend(ClassMethods) - base.hide_action :authorization_engine, :permitted_to?, - :permitted_to! + if base.respond_to? :helper + base.helper Authorization::AuthorizationHelper + end + + if base.respond_to? :helper_method + helpers = %w( + permitted_to? + has_role? + has_role_with_hierarchy? + has_any_role? + has_any_role_with_hierarchy? + ) + base.helper_method(*helpers) + end end DEFAULT_DENY = false @@ -131,7 +143,7 @@ def filter_access_filter # :nodoc: # permission_denied needs to render or redirect send(:permission_denied) else - send(:render, :text => "You are not allowed to access this action.", + send(:render, :plain => "You are not allowed to access this action.", :status => :forbidden) end end @@ -238,10 +250,10 @@ module ClassMethods # authorization rules are enforced because for some actions (collections, # +new+, +create+), there is no object to evaluate conditions against. To # allow attribute checks on all actions, it is a common pattern to provide - # custom objects through +before_filters+: + # custom objects through +before_actions+: # class BranchesController < ApplicationController - # before_filter :load_company - # before_filter :new_branch_from_company_and_params, + # before_action :load_company + # before_action :new_branch_from_company_and_params, # :only => [:index, :new, :create] # filter_access_to :all, :attribute_check => true # @@ -250,7 +262,7 @@ module ClassMethods # @branch = @company.branches.new(params[:branch]) # end # end - # NOTE: +before_filters+ need to be defined before the first + # NOTE: +before_actions+ need to be defined before the first # +filter_access_to+ call. # # For further customization, a custom filter expression may be formulated @@ -311,8 +323,10 @@ def filter_access_to (*args, &filter_block) actions = args.flatten # prevent setting filter_access_filter multiple times - skip_before_filter :filter_access_filter - before_filter :filter_access_filter + # skip_before_action :filter_access_filter + before_action do |controller| + controller.send(:filter_access_filter) if controller.methods.include? :filter_access_filter + end filter_access_permissions.each do |perm| perm.remove_actions(actions) @@ -344,7 +358,7 @@ def all_filter_access_permissions # :nodoc: # To DRY up the filter_access_to statements in restful controllers, # filter_resource_access combines typical filter_access_to and - # before_filter calls, which set up the instance variables. + # before_action calls, which set up the instance variables. # # The simplest case are top-level resource controllers with only the # seven CRUD methods, e.g. @@ -457,7 +471,7 @@ def all_filter_access_permissions # :nodoc: # Allows to add additional new actions to the default resource +new+ actions. # [:+context+] # The context is used to determine the model to load objects from for the - # before_filters and the context of privileges to use in authorization + # before_actions and the context of privileges to use in authorization # checks. # [:+nested_in+] # Specifies the parent controller if the resource is nested in another @@ -514,7 +528,7 @@ def filter_resource_access(options = {}) unless options[:nested_in].blank? load_parent_method = :"load_#{options[:nested_in].to_s.singularize}" shallow_exceptions = options[:shallow] ? {:except => members.keys} : {} - before_filter shallow_exceptions do |controller| + before_action shallow_exceptions do |controller| if controller.respond_to?(load_parent_method, true) controller.send(load_parent_method) else @@ -523,7 +537,7 @@ def filter_resource_access(options = {}) end new_for_collection_method = :"new_#{controller_name.singularize}_for_collection" - before_filter :only => collections.keys do |controller| + before_action :only => collections.keys do |controller| # new_for_collection if controller.respond_to?(new_for_collection_method, true) controller.send(new_for_collection_method) @@ -536,7 +550,7 @@ def filter_resource_access(options = {}) unless options[:strong_parameters] new_from_params_method = :"new_#{controller_name.singularize}_from_params" - before_filter :only => new_actions.keys do |controller| + before_action :only => new_actions.keys do |controller| # new_from_params if controller.respond_to?(new_from_params_method, true) controller.send(new_from_params_method) @@ -547,7 +561,7 @@ def filter_resource_access(options = {}) end else new_object_method = :"new_#{controller_name.singularize}" - before_filter :only => :new do |controller| + before_action :only => :new do |controller| # new_from_params if controller.respond_to?(new_object_method, true) controller.send(new_object_method) @@ -559,7 +573,7 @@ def filter_resource_access(options = {}) end load_method = :"load_#{controller_name.singularize}" - before_filter :only => members.keys do |controller| + before_action :only => members.keys do |controller| # load controller object if controller.respond_to?(load_method, true) controller.send(load_method)