action_policy-graphql 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -0
- data/README.md +16 -1
- data/lib/action_policy/graphql/behaviour.rb +4 -2
- data/lib/action_policy/graphql/fields.rb +6 -4
- data/lib/action_policy/graphql/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: da60e0290bedb6652f75804bf0b54eb995c1a85708d35ec486b46022604c13d2
|
4
|
+
data.tar.gz: c996102f26404ba808fd0a6b5d927f3509c45ba799acc5c1147e20f7e62bb76d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c344fff8978dc691b1c820e01790234ef472779592bc70b20b5ef9fa0dbac9cc3075893ad299270396b4be69ed7a7c3c54dc502dde39e3c6fedd11049f2007d7
|
7
|
+
data.tar.gz: 667b4957e8400858eaff8544508cc04482ad90ada14d5f2839910a1ecc29ca6987f3906cf1a111222d81f0d06cc0475884115ddbbac564a554c17200f5bf60cf
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,22 @@
|
|
1
|
+
# Change log
|
2
|
+
|
1
3
|
## master (unreleased)
|
2
4
|
|
5
|
+
## 0.2.0 (2019-08-15)
|
6
|
+
|
7
|
+
- Add ability to specify a field name explicitly. ([@palkan][])
|
8
|
+
|
9
|
+
Now you can write, for example:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
expose_authorization_rules :create?, with: PostPolicy, field_name: :can_create_post
|
13
|
+
```
|
14
|
+
|
15
|
+
- Add support for resolvers. ([@palkan][])
|
16
|
+
|
17
|
+
Now it's possible to `include ActionPolicy::GraphQL::Behaviour` into resolver class to use
|
18
|
+
Action Policy helpers there.
|
19
|
+
|
3
20
|
## 0.1.0 (2019-05-20)
|
4
21
|
|
5
22
|
- Initial version. ([@palkan][])
|
data/README.md
CHANGED
@@ -9,7 +9,7 @@ This gem provides an integration for using [Action Policy](https://github.com/pa
|
|
9
9
|
This integration includes the following features:
|
10
10
|
- Fields & mutations authorization
|
11
11
|
- List and connections scoping
|
12
|
-
- **Exposing permissions/authorization rules in the API
|
12
|
+
- [**Exposing permissions/authorization rules in the API**](https://dev.to/evilmartians/exposing-permissions-in-graphql-apis-with-action-policy-1mfh).
|
13
13
|
|
14
14
|
📑 [Documentation](https://actionpolicy.evilmartians.io/#/graphql)
|
15
15
|
|
@@ -44,6 +44,11 @@ end
|
|
44
44
|
class Types::BaseMutation < GraphQL::Schema::Mutation
|
45
45
|
include ActionPolicy::GraphQL::Behaviour
|
46
46
|
end
|
47
|
+
|
48
|
+
# For using authorization helpers in resolvers
|
49
|
+
class Types::BaseResolver < GraphQL::Schema::Resolver
|
50
|
+
include ActionPolicy::GraphQL::Behaviour
|
51
|
+
end
|
47
52
|
```
|
48
53
|
|
49
54
|
### `authorize: *`
|
@@ -131,6 +136,16 @@ Then the client could perform the following query:
|
|
131
136
|
}
|
132
137
|
```
|
133
138
|
|
139
|
+
You can specify a custom field name as well (only for a single rule):
|
140
|
+
|
141
|
+
```ruby
|
142
|
+
class ProfileType < ::Common::Graphql::Type
|
143
|
+
# Adds can_create_post field.
|
144
|
+
|
145
|
+
expose_authorization_rules :create?, with: PostPolicy, field_name: "can_create_post"
|
146
|
+
end
|
147
|
+
```
|
148
|
+
|
134
149
|
## Contributing
|
135
150
|
|
136
151
|
Bug reports and pull requests are welcome on GitHub at https://github.com/palkan/action_policy-graphql.
|
@@ -12,10 +12,12 @@ module ActionPolicy
|
|
12
12
|
base.include ActionPolicy::Behaviours::Memoized
|
13
13
|
base.include ActionPolicy::Behaviours::Namespaced
|
14
14
|
|
15
|
-
base.field_class.prepend(ActionPolicy::GraphQL::AuthorizedField)
|
16
15
|
base.authorize :user, through: :current_user
|
17
16
|
|
18
|
-
base.
|
17
|
+
if base.respond_to?(:field_class)
|
18
|
+
base.field_class.prepend(ActionPolicy::GraphQL::AuthorizedField)
|
19
|
+
base.include ActionPolicy::GraphQL::Fields
|
20
|
+
end
|
19
21
|
end
|
20
22
|
|
21
23
|
def current_user
|
@@ -34,15 +34,17 @@ module ActionPolicy
|
|
34
34
|
end
|
35
35
|
|
36
36
|
module ClassMethods
|
37
|
-
def expose_authorization_rules(*rules, prefix: ::ActionPolicy::GraphQL.default_authorization_field_prefix, **options)
|
37
|
+
def expose_authorization_rules(*rules, field_name: nil, prefix: ::ActionPolicy::GraphQL.default_authorization_field_prefix, **options)
|
38
|
+
raise ArgumentError, "Cannot specify field_name for multiple rules" if rules.size > 1 && !field_name.nil?
|
39
|
+
|
38
40
|
rules.each do |rule|
|
39
|
-
|
41
|
+
gql_field_name = field_name || "#{prefix}#{rule.to_s.delete("?")}"
|
40
42
|
|
41
|
-
field
|
43
|
+
field gql_field_name,
|
42
44
|
ActionPolicy::GraphQL::Types::AuthorizationResult,
|
43
45
|
null: false
|
44
46
|
|
45
|
-
define_method(
|
47
|
+
define_method(gql_field_name) do
|
46
48
|
allowance_to(rule, options)
|
47
49
|
end
|
48
50
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: action_policy-graphql
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Vladimir Dementyev
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-08-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: action_policy
|
@@ -188,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
188
188
|
- !ruby/object:Gem::Version
|
189
189
|
version: '0'
|
190
190
|
requirements: []
|
191
|
-
rubygems_version: 3.0.
|
191
|
+
rubygems_version: 3.0.4
|
192
192
|
signing_key:
|
193
193
|
specification_version: 4
|
194
194
|
summary: Action Policy integration for GraphQL-Ruby
|