Project

authorized_transaction

0.0
No release in over 3 years
Low commit activity in last 3 years
authorized_transactionxpbytes/authorized_transactionHomepageDocumentationSource CodeBug TrackerWiki
CanCan supported transaction on top of ActiveRecord
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
7,999
Stars
0
Forks
0
Watchers
2
 Releases
Current version
0.3.0
Total releases
4
First release
2019-02-14
Latest release
2019-02-16
 Pull Requests
Open Pull Requests
4
Closed Pull Requests
78
Merged Pull Requests
28
Pull Request Acceptance Rate
25%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2020-11-30
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 2.0
minitest
~> 5.0
rake
~> 10.0

Runtime

activesupport
>= 4.0.0
 Project Readme

AuthorizedTransaction

Build Status: master Gem Version MIT license

Authorize a certain block with cancan(can), or any other authorization framework that exposes a method can?.

Installation

Add this line to your application's Gemfile:

gem 'authorized_transaction'

And then execute:

$ bundle

Or install it yourself as:

$ gem install authorized_transaction

Usage

Wrap whatever you want to be authorized in an authorized_transaction block:

require 'authorized_transaction'

class ApiController < ActionController::API
  include AuthorizedTransaction
end

class BookController < ApiController
  def create
    book = authorized_transaction { CreateAndReturnBook.call(params) }
    render json: book, status: :created
  end
end

Implicitly the current action_name will be used with can? action, resource. You can pass action: ... to the block to set it explicitly:

class Book::SignatureController < ApiController
  def create
    signature = authorized_transaction(action: :sign) { SignBook.call(params) }
    render json: signature, status: :created
  end
end

Authorization work on single resources, or enumerables:

class Book::SignatureController < ApiController
  def show
    _, signature = authorized_transaction do
        [FindBook.call(params), FindSignature.call(params)]
    end
    render json: signature, status: :created
  end
end

By default it will use ActiveRecord::Base.transaction to start the transaction, but you may override this:

AuthorizedTransaction.configure do
  self.transaction_proc = proc { || CreateDatabaseTransaction.call { yield } }
end

:authorize_proc, :implicit_action_proc,

The action passed to authorize_proc or can? is configured by implicit_action_key and defaults to action:

AuthorizedTransaction.configure.implicit_action_key = :authorized_action

Configuration

  • By default it uses can? as defined on your controller, but you can configure this via authorize_proc.
  • By default it uses the implicit_action as defined by implicit_action_key, as written above, to determine the implicit action when it's not given. You can also configure these via implicit_action_key (fetching from params) or implicit_action_proc to change completely.

In an initializer you can set procs in order to change the default behaviour:

AuthorizedTransaction.configure do
  self.implicit_action_proc = proc { |controller| controller.action_name.to_sym }
  self.authorize_proc = proc { |action, resource, controller| action == :whatever || controller.can?(action, resource) }
end

Other configuration options are listed above.

Related

  • ResourceAllowHeader: 🚩 Allow Header for rack responses using cancan(can) or any other authorization framework

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at XPBytes/authorized_transaction.