action_policy-graphiti 0.0.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/README.md +31 -6
  4. data/lib/action_policy/graphiti/behaviour.rb +32 -12
  5. data/lib/action_policy/graphiti/version.rb +1 -1
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7db91afa6d3c7fbc23e5d0551cb462666a488930e6e3faebe4652da3ffc3d31b
4
- data.tar.gz: e23d9222e846dd0c649093e296617ed0114a8377f97d28ee13ab36726d65f22c
3
+ metadata.gz: 14c1d111ab3637ca0a0473052745648b29d59eae102983f2352aee57cad48b91
4
+ data.tar.gz: ef0f1e0ba47fbf1091c471dae9a0b6902c9c63cd238f5325c5af19afe82936db
5
5
  SHA512:
6
- metadata.gz: 5120f1911ee32eca98396110b06c4173114f1bff437f8e51af7f856e35352166bce58f38d129ab7be4f95618e5a15e6b216a7fc4d16cd7fedc4f9dffcbc7b5a4
7
- data.tar.gz: f28b0083a0fe65b96983fa7b53d292852a009cb1a56bf34f83cd1e9bf862e33ec4e66027afbe625a81df633b1bf74a1863a083f5c85ed308010268845e9b42f9
6
+ metadata.gz: 94e2a8414ab817b697a36de4c438e29ed5f9b610b30cf2f551b2598e56e257443a6adabecea6af9d43553376279b024cce266d45ec687b7809157eed9ab7d63a
7
+ data.tar.gz: 014b16778a53046c51d6851d1e8d8298fbec0840d0dbd6de898441d2f2d71e7fd07b19ae09842de7e7fae0a61462c79c3c736e1ae5e146a6ce7299e815b9184e
data/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # Change Log
2
2
 
3
+ ## [0.2.0] - 2023-06-28
4
+
5
+ - Enable authorization shortcuts
6
+
7
+ ## [0.1.0] - 2023-06-23
8
+
9
+ - Enable explicit policies and actions
10
+
3
11
  ## [0.0.1] - 2023-05-02
4
12
 
5
13
  - Initial release
data/README.md CHANGED
@@ -7,12 +7,10 @@ The following features are currently enabled:
7
7
  - Authorization of `create`, `update` and `destroy` actions
8
8
  - Resource scoping
9
9
 
10
- **This gem is under heavy development, was not yet released (since it is not production ready) so use it at your own risk!**
10
+ **This gem is under heavy development so use it at your own risk!**
11
11
 
12
12
  ## Installation
13
13
 
14
- **This gem was not yet released and can be installed only via a github link**
15
-
16
14
  Add this line to your application's Gemfile:
17
15
 
18
16
  ```ruby
@@ -40,17 +38,44 @@ class TestResource < ApplicationResource
40
38
  authorize_action :destroy
41
39
  end
42
40
  ```
41
+
42
+ Or certain action shortcuts may be used (pay attention to explicit policies and actions):
43
+
44
+ ```ruby
45
+ class TestResource < ApplicationResource
46
+ include ActionPolicy::Graphiti::Behaviour
47
+
48
+ authorize_create to: :manage_but_not_destroy?
49
+ authorize_update with: 'TestExplicitPolicy', to: :manage_but_not_destroy?
50
+ authorize_destroy
51
+ end
52
+ ```
53
+
54
+ **Note:** current implementation requires you to use policy names (when specifying explicit policies) instead of classes since it is not guaranteed that policy classes are already loaded **before** the resource classes load.
55
+
43
56
  **Note:** current implementation requires you to place `authorize_` directives **after** `before_save` and `before_destroy` hooks (since it is adding authorization checks as hooks and we want them to be called **after** all the regular hooks were completed).
44
57
 
45
- Scoping is done via adding the following class method call:
58
+ Scoping is done via adding the following class method call (you can specify the explicit policy using `with` argument):
46
59
  ```ruby
47
60
  class TestResource < ApplicationResource
48
61
  include ActionPolicy::Graphiti::Behaviour
49
62
 
50
- authorize_scope
63
+ authorize_scope with: 'TestExplicitPolicy'
64
+ # or just plain authorize_scope
51
65
  end
52
66
  ```
53
- **Note:** current implementation requires you to place `authorize_scope` call **after** the explicit `base_scope` method (scoping is performed by base scope results modification).
67
+
68
+ You can also use a handy shortcut (you can also use an explicit `with` argument just as with other `authorize_` class methods) to authorize `create`, `update`, `destroy` methods and also apply scoping:
69
+ ```ruby
70
+ class TestResource < ApplicationResource
71
+ include ActionPolicy::Graphiti::Behaviour
72
+
73
+ authorize_and_scope_all with: 'TestExplicitPolicy'
74
+ # or just plain authorize_and_scope_all if you want to deduce the policy class
75
+ end
76
+ ```
77
+
78
+ **Note:** current implementation requires you to place `authorize_scope` (and `authorize_and_scope_all` too) call **after** the explicit `base_scope` method (scoping is performed by base scope results modification).
54
79
 
55
80
  You can also use authorization context building inside Graphiti resources (just like with Action Policy in controllers):
56
81
  ```ruby
data/lib/action_policy/graphiti/behaviour.rb CHANGED
@@ -12,17 +12,23 @@ module ActionPolicy
12
12
  AUTHORIZABLE_ACTIONS = %i[create update destroy].freeze
13
13
  IMPLICITLY_AUTHORIZABLE_ACTIONS = %i[index show].freeze
14
14
 
15
- def authorize_action(action, **arguments)
15
+ def authorize_action(action, to: nil, with: nil, **arguments)
16
16
  if AUTHORIZABLE_ACTIONS.include?(action)
17
- rule = "#{action}?".to_sym
18
-
19
17
  callback_and_arguments = callback_and_arguments_for_action(action)
20
18
 
21
19
  callback = callback_and_arguments[:callback]
22
20
  callback_arguments = callback_and_arguments[:arguments]
23
21
 
24
22
  send(callback, **callback_arguments) do |model|
25
- authorize! model, with: ActionPolicy.lookup(self), to: rule, **arguments
23
+ rule = to || "#{action}?".to_sym
24
+
25
+ policy = if with
26
+ with.is_a?(String) ? ActiveSupport::Inflector.safe_constantize(with) : with
27
+ else
28
+ ActionPolicy.lookup(self)
29
+ end
30
+
31
+ authorize! model, with: policy, to: rule, **arguments
26
32
  end
27
33
  elsif IMPLICITLY_AUTHORIZABLE_ACTIONS.include?(action)
28
34
  raise ArgumentError, "Index and show authorization is done implicitly by scoping"
@@ -46,28 +52,42 @@ module ActionPolicy
46
52
  }
47
53
  end
48
54
 
49
- def authorize_create
50
- authorize_action(:create)
55
+ def authorize_create(**arguments)
56
+ authorize_action(:create, **arguments)
51
57
  end
52
58
 
53
- def authorize_update
54
- authorize_action(:update)
59
+ def authorize_update(**arguments)
60
+ authorize_action(:update, **arguments)
55
61
  end
56
62
 
57
- def authorize_destroy
58
- authorize_action(:destroy)
63
+ def authorize_destroy(**arguments)
64
+ authorize_action(:destroy, **arguments)
59
65
  end
60
66
 
61
- def authorize_scope(_scope_name = nil)
67
+ def authorize_scope(_scope_name = nil, with: nil)
62
68
  original_base_scope = instance_method(:base_scope)
63
69
 
64
70
  define_method(:base_scope) do |*args, &block|
71
+ policy = if with
72
+ with.is_a?(String) ? ActiveSupport::Inflector.safe_constantize(with) : with
73
+ else
74
+ ActionPolicy.lookup(self)
75
+ end
76
+
65
77
  authorized_scope(
66
78
  original_base_scope.bind(self).call(*args, &block),
67
- with: ActionPolicy.lookup(self)
79
+ with: policy
68
80
  )
69
81
  end
70
82
  end
83
+
84
+ def authorize_and_scope_all(**arguments)
85
+ authorize_scope(**arguments)
86
+
87
+ authorize_create(**arguments)
88
+ authorize_update(**arguments)
89
+ authorize_destroy(**arguments)
90
+ end
71
91
  end
72
92
 
73
93
  def self.included(base)
data/lib/action_policy/graphiti/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module ActionPolicy
4
4
  module Graphiti
5
- VERSION = "0.0.1"
5
+ VERSION = "0.2.0"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: action_policy-graphiti
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrei Mochalov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-06-23 00:00:00.000000000 Z
11
+ date: 2023-06-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: action_policy
@@ -70,28 +70,28 @@ dependencies:
70
70
  name: rake
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - ">="
73
+ - - "~>"
74
74
  - !ruby/object:Gem::Version
75
75
  version: '13.0'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - ">="
80
+ - - "~>"
81
81
  - !ruby/object:Gem::Version
82
82
  version: '13.0'
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: rspec
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - ">="
87
+ - - "~>"
88
88
  - !ruby/object:Gem::Version
89
89
  version: '3.8'
90
90
  type: :development
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
- - - ">="
94
+ - - "~>"
95
95
  - !ruby/object:Gem::Version
96
96
  version: '3.8'
97
97
  - !ruby/object:Gem::Dependency