Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Default corresponding authorizers #28

Merged
merged 4 commits into from

1 participant

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
View
4 CHANGELOG.markdown
@@ -2,6 +2,10 @@
Authority does its best to use [semantic versioning](http://semver.org).
+## Unreleased
+
+Models whose `authorizer_name` is not specified will now check for an authorizer with their own name before falling back to `ApplicationAuthorizer`. Eg, `Comment` will look for `CommentAuthorizer`. Namespacing is respected.
+
## v2.4.3
Bugfix for Rails 3.1 - apparently its `class_attribute` method stepped on instance methods even when given `:instance_reader => false`
View
7 README.markdown
@@ -71,9 +71,12 @@ All you have to do is define the methods you need on your authorizers. You have
Authority encapsulates all authorization logic in `Authorizer` classes. Want to do something with a model? **Ask its authorizer**.
-Models that have the same authorization rules should use the same authorizer. In other words, if you would write the exact same methods on two models to determine who can create them, who can edit them, etc, then they should use the same authorizer.
+You can specify a model's authorizer using the class method `authorizer_name=`. If you don't specify it, it will:
-Every model starts out assuming that its authorizer is `ApplicationAuthorizer`, but you can specify another one using the model's `authorizer_name=` method. Authorizers are just classes, so you can use any inheritance pattern you like.
+- Look for an authorizer with its name. Eg, `Comment` will look for `CommentAuthorizer`.
+- If that's not found, it will use `ApplicationAuthorizer`.
+
+**Models that have the same authorization rules should use the same authorizer**. In other words, if you would write the exact same methods on two models to determine who can create them, who can edit them, etc, then they should use the same authorizer.
Some example groupings:
View
2  TODO.markdown
@@ -4,7 +4,7 @@
## Tests
-- Test with Rails 4 and Ruby 2.0
+- Test with Rails 4
- Test `ActionController` integration
- Add tests for the generators
View
13 lib/authority/abilities.rb
@@ -11,10 +11,17 @@ module Abilities
extend ActiveSupport::Concern
extend Forwardable
- # Assume authorizer is `ApplicationAuthorizer` (but let the user change that)
- included do
+ included do |base|
class_attribute :authorizer_name
- self.authorizer_name = "ApplicationAuthorizer"
+
+ # Set the default authorizer for this model.
+ # - Look for an authorizer named like the model inside the model's namespace.
+ # - If there is none, use 'ApplicationAuthorizer'
+ self.authorizer_name = begin
+ "#{base.name}Authorizer".constantize.name
+ rescue NameError => e
+ "ApplicationAuthorizer"
+ end
end
def authorizer
View
34 spec/authority/abilities_spec.rb
@@ -3,23 +3,45 @@
describe Authority::Abilities do
- let(:user) { ExampleUser.new }
- let(:resource_class) { ExampleResource }
+ let(:user) { ExampleUser.new }
+ let(:resource_class) { ExampleResource }
+ let(:namespaced_resource_class) { Namespaced::SampleResource }
+ let(:other_resource_class) { OtherResource }
describe "instance methods" do
describe "authorizer_name" do
- it "has a class attribute getter for authorizer_name" do
+ it "has a class attribute getter" do
expect(resource_class).to respond_to(:authorizer_name)
end
- it "has a class attribute setter for authorizer_name" do
+ it "has a class attribute setter" do
expect(resource_class).to respond_to(:authorizer_name=)
end
- it "has a default authorizer_name of 'ApplicationAuthorizer'" do
- expect(resource_class.authorizer_name).to eq("ApplicationAuthorizer")
+ describe "by default" do
+
+ context "when there is an authorizer with a name like the resource's" do
+
+ it "uses that authorizer" do
+ expect(resource_class.authorizer_name).to eq("ExampleResourceAuthorizer")
+ end
+
+ it "respects namespaces when it's looking" do
+ expect(namespaced_resource_class.authorizer_name).to eq("Namespaced::SampleResourceAuthorizer")
+ end
+
+ end
+
+ context "when there is no authorizer with a name like the resource's" do
+
+ it "uses 'ApplicationAuthorizer'" do
+ expect(other_resource_class.authorizer_name).to eq("ApplicationAuthorizer")
+ end
+
+ end
+
end
end
View
23 spec/support/example_classes.rb
@@ -1,13 +1,30 @@
+class ApplicationAuthorizer < Authority::Authorizer
+ def self.readable_by?(user)
+ true
+ end
+end
+
class ExampleUser
include Authority::UserAbilities
end
+class ExampleResourceAuthorizer < ApplicationAuthorizer
+end
+
class ExampleResource
include Authority::Abilities
end
-class ApplicationAuthorizer < Authority::Authorizer
- def self.readable_by?(user)
- true
+module Namespaced
+ class SampleResourceAuthorizer < ApplicationAuthorizer
+ end
+
+ class SampleResource
+ include Authority::Abilities
end
+
+end
+
+class OtherResource
+ include Authority::Abilities
end
Something went wrong with that request. Please try again.