action_policy-graphql 0.4.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bd6ef7017bd2bda6778f20997ea146431c9ed368f35ca257fd96c2050f3036c4
4
- data.tar.gz: 4270fc41dadbbce556841298bcd6b2de62bafd7ac9826dd7b7ea60907d6ba98e
3
+ metadata.gz: b5ed86f1884fc8a9468ed78e7476afc81cf68af0f65a549df4e213f5ab50b53f
4
+ data.tar.gz: 1991a6c3c2414a85bf3738cbdc600fda90d989a059f613200445d6b1d2c47c9e
5
5
  SHA512:
6
- metadata.gz: 2337aa180c36185a1790863df06346c36ad17e3335d1dcc724ba6de9e9b498d0fb6c36336ee7cabe0489995dfe782447f9c1fe6da1747849a3ae58acb9a6aa90
7
- data.tar.gz: f7448255b43d4cec0e5f837a11c00b48c74148ba0f2839520f9466286ff5f53594c1bcf1f033a08479790cc426a0a2feaf475a2c11739b2344a2231204b3f52f
6
+ metadata.gz: f7a9012c86bcaad3c1220a7f9621655f3ae3ecc7f314672bf58c3f60d09112aa9605f3c361259bc8a7fb39d147ca696409ca20bb6fe92cf88c0cf1bc8c90d5a0
7
+ data.tar.gz: 967fa7b9dfc0638469744b810b0329f703eacebd6ba66f960448953b172476c183d1bda2e25841c61e963da6bbf8e091243fce0bb0c0409e3c3b53a38d1bc47b
@@ -2,7 +2,30 @@
2
2
 
3
3
  ## master (unreleased)
4
4
 
5
- ## 0.4.0 (2010-03-11)
5
+ ## 0.5.0 (2020-10-07)
6
+
7
+ - Add `preauthorize_mutation_raise_exception` configuration parameter. ([@palkan][])
8
+
9
+ Similar to `preauthorize_raise_exception` but only for mutations.
10
+ Fallbacks to `preauthorize_raise_exception` unless explicitly specified.
11
+
12
+ - Add `preauthorize_raise_exception` configuration parameter. ([@palkan][])
13
+
14
+ Similar to `authorize_raise_exception` but for `preauthorize: true` fields.
15
+ Fallbacks to `authorize_raise_exception` unless explicitly specified.
16
+
17
+ - Add ability to specify custom field options for `expose_authorization_rules`. ([@bibendi][])
18
+
19
+ Now you can add additional options for underflying `field` call via `field_options` parameter:
20
+
21
+ ```ruby
22
+ expose_authorization_rules :show?, field_options: {camelize: false}
23
+
24
+ # equals to
25
+ field :can_show, ActionPolicy::GraphQL::Types::AuthorizationResult, null: false, camelize: false
26
+ ```
27
+
28
+ ## 0.4.0 (2020-03-11)
6
29
 
7
30
  - **Require Ruby 2.5+**. ([@palkan][])
8
31
 
@@ -42,3 +65,4 @@ Action Policy helpers there.
42
65
  [@palkan]: https://github.com/palkan
43
66
  [@haines]: https://github.com/haines
44
67
  [@sponomarev]: https://github.com/sponomarev
68
+ [@bibendi]: https://github.com/bibendi
data/README.md CHANGED
@@ -1,5 +1,6 @@
1
1
  [![Gem Version](https://badge.fury.io/rb/action_policy-graphql.svg)](https://badge.fury.io/rb/action_policy-graphql)
2
- [![Build Status](https://travis-ci.org/palkan/action_policy-graphql.svg?branch=master)](https://travis-ci.org/palkan/action_policy-graphql)
2
+ ![Build](https://github.com/palkan/action_policy-graphql/workflows/Build/badge.svg)
3
+ ![JRuby Build](https://github.com/palkan/action_policy-graphql/workflows/JRuby%20Build/badge.svg)
3
4
  [![Documentation](https://img.shields.io/badge/docs-link-brightgreen.svg)](https://actionpolicy.evilmartians.io/#/graphql)
4
5
 
5
6
  # Action Policy GraphQL
@@ -7,6 +8,7 @@
7
8
  This gem provides an integration for using [Action Policy](https://github.com/palkan/action_policy) as an authorization framework for GraphQL applications (built with [`graphql` ruby gem](https://graphql-ruby.org)).
8
9
 
9
10
  This integration includes the following features:
11
+
10
12
  - Fields & mutations authorization
11
13
  - List and connections scoping
12
14
  - [**Exposing permissions/authorization rules in the API**](https://evilmartians.com/chronicles/exposing-permissions-in-graphql-apis-with-action-policy).
@@ -21,13 +23,9 @@ This integration includes the following features:
21
23
  Add this line to your application's Gemfile:
22
24
 
23
25
  ```ruby
24
- gem "action_policy-graphql", "~> 0.3"
26
+ gem "action_policy-graphql"
25
27
  ```
26
28
 
27
- And then execute:
28
-
29
- $ bundle
30
-
31
29
  ## Usage
32
30
 
33
31
  **NOTE:** this is a quick overview of the functionality provided by the gem. For more information see the [documentation](https://actionpolicy.evilmartians.io/#/graphql).
@@ -1,3 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "ruby-next"
3
4
  require "action_policy/graphql"
@@ -30,12 +30,33 @@ module ActionPolicy
30
30
  # Which prefix to use for authorization fields
31
31
  # Defaults to `"can_"`
32
32
  attr_accessor :default_authorization_field_prefix
33
+
34
+ attr_writer :preauthorize_raise_exception
35
+
36
+ # Whether to raise an exception if preauthorization fails
37
+ # Equals to authorize_raise_exception unless explicitly set
38
+ def preauthorize_raise_exception
39
+ return authorize_raise_exception if @preauthorize_raise_exception.nil?
40
+ @preauthorize_raise_exception
41
+ end
42
+
43
+ # Whether to raise an exception if preauthorization fails
44
+ # Equals to preauthorize_raise_exception unless explicitly set
45
+ attr_writer :preauthorize_mutation_raise_exception
46
+
47
+ def preauthorize_mutation_raise_exception
48
+ return preauthorize_raise_exception if @preauthorize_mutation_raise_exception.nil?
49
+
50
+ @preauthorize_mutation_raise_exception
51
+ end
33
52
  end
34
53
 
35
54
  self.default_authorize_rule = :show?
36
55
  self.default_preauthorize_list_rule = :index?
37
56
  self.default_preauthorize_node_rule = :show?
38
57
  self.authorize_raise_exception = true
58
+ self.preauthorize_raise_exception = nil
59
+ self.preauthorize_mutation_raise_exception = nil
39
60
  self.default_authorization_field_prefix = "can_"
40
61
  end
41
62
  end
@@ -24,7 +24,13 @@ module ActionPolicy
24
24
  class AuthorizeExtension < Extension
25
25
  def apply
26
26
  @to = extract_option(:to) { ::ActionPolicy::GraphQL.default_authorize_rule }
27
- @raise = extract_option(:raise) { ::ActionPolicy::GraphQL.authorize_raise_exception }
27
+ @raise = extract_option(:raise) do
28
+ if field.mutation
29
+ ::ActionPolicy::GraphQL.authorize_mutation_raise_exception
30
+ else
31
+ ::ActionPolicy::GraphQL.authorize_raise_exception
32
+ end
33
+ end
28
34
  end
29
35
 
30
36
  def after_resolve(value:, context:, object:, **_rest)
@@ -54,7 +60,13 @@ module ActionPolicy
54
60
  end
55
61
  end
56
62
 
57
- @raise = extract_option(:raise) { ::ActionPolicy::GraphQL.authorize_raise_exception }
63
+ @raise = extract_option(:raise) do
64
+ if field.mutation
65
+ ::ActionPolicy::GraphQL.preauthorize_mutation_raise_exception
66
+ else
67
+ ::ActionPolicy::GraphQL.preauthorize_raise_exception
68
+ end
69
+ end
58
70
  end
59
71
 
60
72
  def resolve(context:, object:, arguments:, **_rest)
@@ -3,10 +3,7 @@
3
3
  require "action_policy/graphql/types/authorization_result"
4
4
 
5
5
  module ActionPolicy
6
- unless "".respond_to?(:then)
7
- require "action_policy/ext/yield_self_then"
8
- using ActionPolicy::Ext::YieldSelfThen
9
- end
6
+ using RubyNext
10
7
 
11
8
  module GraphQL
12
9
  # Add DSL to add policy rules as fields
@@ -26,26 +23,20 @@ module ActionPolicy
26
23
  base.extend ClassMethods
27
24
  end
28
25
 
29
- def allowance_to(rule, target = object, **options)
30
- policy_for(record: target, **options).then do |policy|
31
- policy.apply(authorization_rule_for(policy, rule))
32
- policy.result
33
- end
34
- end
35
-
36
26
  module ClassMethods
37
- def expose_authorization_rules(*rules, field_name: nil, prefix: ::ActionPolicy::GraphQL.default_authorization_field_prefix, **options)
27
+ def expose_authorization_rules(*rules, field_name: nil, prefix: ::ActionPolicy::GraphQL.default_authorization_field_prefix, field_options: {}, **options)
38
28
  raise ArgumentError, "Cannot specify field_name for multiple rules" if rules.size > 1 && !field_name.nil?
39
29
 
40
30
  rules.each do |rule|
41
31
  gql_field_name = field_name || "#{prefix}#{rule.to_s.delete("?")}"
42
32
 
43
33
  field gql_field_name,
44
- ActionPolicy::GraphQL::Types::AuthorizationResult,
45
- null: false
34
+ ActionPolicy::GraphQL::Types::AuthorizationResult,
35
+ null: false,
36
+ **field_options
46
37
 
47
38
  define_method(gql_field_name) do
48
- allowance_to(rule, **options)
39
+ allowance_to(rule, object, **options)
49
40
  end
50
41
  end
51
42
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module ActionPolicy
4
4
  module GraphQL
5
- VERSION = "0.4.0"
5
+ VERSION = "0.5.0"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: action_policy-graphql
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Vladimir Dementyev
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-03-11 00:00:00.000000000 Z
11
+ date: 2020-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: action_policy
@@ -16,14 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 0.3.0
19
+ version: 0.5.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: 0.3.0
26
+ version: 0.5.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: ruby-next
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: 0.10.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: 0.10.0
27
41
  - !ruby/object:Gem::Dependency
28
42
  name: graphql
29
43
  requirement: !ruby/object:Gem::Requirement
@@ -80,48 +94,6 @@ dependencies:
80
94
  - - "~>"
81
95
  - !ruby/object:Gem::Version
82
96
  version: '3.8'
83
- - !ruby/object:Gem::Dependency
84
- name: rubocop
85
- requirement: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - "~>"
88
- - !ruby/object:Gem::Version
89
- version: 0.67.0
90
- type: :development
91
- prerelease: false
92
- version_requirements: !ruby/object:Gem::Requirement
93
- requirements:
94
- - - "~>"
95
- - !ruby/object:Gem::Version
96
- version: 0.67.0
97
- - !ruby/object:Gem::Dependency
98
- name: rubocop-md
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - "~>"
102
- - !ruby/object:Gem::Version
103
- version: '0.3'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - "~>"
109
- - !ruby/object:Gem::Version
110
- version: '0.3'
111
- - !ruby/object:Gem::Dependency
112
- name: standard
113
- requirement: !ruby/object:Gem::Requirement
114
- requirements:
115
- - - "~>"
116
- - !ruby/object:Gem::Version
117
- version: 0.0.39
118
- type: :development
119
- prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
121
- requirements:
122
- - - "~>"
123
- - !ruby/object:Gem::Version
124
- version: 0.0.39
125
97
  - !ruby/object:Gem::Dependency
126
98
  name: i18n
127
99
  requirement: !ruby/object:Gem::Requirement
@@ -143,21 +115,9 @@ executables: []
143
115
  extensions: []
144
116
  extra_rdoc_files: []
145
117
  files:
146
- - ".gitignore"
147
- - ".rubocop.yml"
148
- - ".travis.yml"
149
118
  - CHANGELOG.md
150
- - Gemfile
151
119
  - LICENSE.txt
152
120
  - README.md
153
- - Rakefile
154
- - action_policy-graphql.gemspec
155
- - bin/console
156
- - bin/setup
157
- - gemfiles/action_policy/0.3.gemfile
158
- - gemfiles/action_policy/master.gemfile
159
- - gemfiles/graphql/master.gemfile
160
- - gemfiles/jruby.gemfile
161
121
  - lib/action_policy-graphql.rb
162
122
  - lib/action_policy/graphql.rb
163
123
  - lib/action_policy/graphql/authorized_field.rb
data/.gitignore DELETED
@@ -1,10 +0,0 @@
1
- /.bundle/
2
- /.yardoc
3
- /Gemfile.lock
4
- /_yardoc/
5
- /coverage/
6
- /doc/
7
- /pkg/
8
- /spec/reports/
9
- /tmp/
10
- Gemfile.local
@@ -1,54 +0,0 @@
1
- require:
2
- - standard/cop/semantic_blocks
3
- - rubocop-md
4
-
5
- inherit_gem:
6
- standard: config/base.yml
7
-
8
- AllCops:
9
- Exclude:
10
- - 'bin/*'
11
- - 'tmp/**/*'
12
- - 'Gemfile'
13
- - 'vendor/**/*'
14
- - 'gemfiles/**/*'
15
- DisplayCopNames: true
16
- TargetRubyVersion: 2.5
17
-
18
- Standard/SemanticBlocks:
19
- Enabled: false
20
-
21
- Style/FrozenStringLiteralComment:
22
- Enabled: true
23
-
24
- Style/TrailingCommaInArrayLiteral:
25
- EnforcedStyleForMultiline: no_comma
26
-
27
- Style/TrailingCommaInHashLiteral:
28
- EnforcedStyleForMultiline: no_comma
29
-
30
- Layout/AlignParameters:
31
- EnforcedStyle: with_first_parameter
32
-
33
- Lint/Void:
34
- Exclude:
35
- - '**/*.md'
36
-
37
- # See https://github.com/rubocop-hq/rubocop/issues/4222
38
- Lint/AmbiguousBlockAssociation:
39
- Exclude:
40
- - 'spec/**/*'
41
- - '**/*.md'
42
-
43
- Lint/DuplicateMethods:
44
- Exclude:
45
- - '**/*.md'
46
-
47
- Naming/FileName:
48
- Exclude:
49
- - 'lib/action_policy-graphql.rb'
50
- - '**/*.md'
51
-
52
- Layout/InitialIndentation:
53
- Exclude:
54
- - 'CHANGELOG.md'
@@ -1,41 +0,0 @@
1
- sudo: false
2
- language: ruby
3
- cache: bundler
4
- notifications:
5
- email: false
6
-
7
- before_install:
8
- - gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
9
- - gem install bundler -v '< 2'
10
-
11
- script:
12
- - bundle exec rake
13
-
14
- matrix:
15
- fast_finish: true
16
- include:
17
- - rvm: ruby-head
18
- gemfile: gemfiles/graphql/master.gemfile
19
- - rvm: 2.6
20
- gemfile: gemfiles/graphql/master.gemfile
21
- - rvm: 2.6
22
- gemfile: gemfiles/action_policy/master.gemfile
23
- - rvm: 2.6
24
- gemfile: gemfiles/action_policy/0.3.gemfile
25
- - rvm: jruby-9.2.8.0
26
- gemfile: gemfiles/jruby.gemfile
27
- - rvm: 2.7
28
- gemfile: Gemfile
29
- - rvm: 2.6
30
- gemfile: Gemfile
31
- - rvm: 2.5
32
- gemfile: Gemfile
33
- allow_failures:
34
- - rvm: ruby-head
35
- gemfile: gemfiles/graphql/master.gemfile
36
- - rvm: 2.6
37
- gemfile: gemfiles/graphql/master.gemfile
38
- - rvm: 2.6
39
- gemfile: gemfiles/action_policy/master.gemfile
40
- - rvm: jruby-9.2.8.0
41
- gemfile: gemfiles/jruby.gemfile
data/Gemfile DELETED
@@ -1,16 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- # Specify your gem's dependencies in action_policy-graphql.gemspec
4
- gemspec
5
-
6
- gem "pry-byebug", platform: :mri
7
-
8
- local_gemfile = File.join(__dir__, "Gemfile.local")
9
-
10
- if File.exist?(local_gemfile)
11
- # Specify custom action_policy/graphql-ruby version in Gemfile.local
12
- eval(File.read(local_gemfile)) # rubocop:disable Security/Eval
13
- else
14
- gem "action_policy", "~> 0.4.0"
15
- gem "graphql", "~> 1.9.3"
16
- end
data/Rakefile DELETED
@@ -1,10 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "rubocop/rake_task"
4
- require "rspec/core/rake_task"
5
-
6
- RuboCop::RakeTask.new
7
-
8
- RSpec::Core::RakeTask.new(:spec)
9
-
10
- task default: [:rubocop, :spec]
@@ -1,44 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- lib = File.expand_path("../lib", __FILE__)
4
- $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
- require "action_policy/graphql/version"
6
-
7
- Gem::Specification.new do |spec|
8
- spec.name = "action_policy-graphql"
9
- spec.version = ActionPolicy::GraphQL::VERSION
10
- spec.authors = ["Vladimir Dementyev"]
11
- spec.email = ["dementiev.vm@gmail.com"]
12
-
13
- spec.summary = "Action Policy integration for GraphQL-Ruby"
14
- spec.description = "Action Policy integration for GraphQL-Ruby"
15
- spec.homepage = "https://github.com/palkan/action_policy-graphql"
16
- spec.license = "MIT"
17
-
18
- spec.files = `git ls-files -z`.split("\x0").reject do |f|
19
- f.match(%r{^(test|spec|features)/})
20
- end
21
-
22
- spec.metadata = {
23
- "bug_tracker_uri" => "https://github.com/palkan/action_policy-graphql/issues",
24
- "changelog_uri" => "https://github.com/palkan/action_policy-graphql/blob/master/CHANGELOG.md",
25
- "documentation_uri" => "https://actionpolicy.evilmartians.io/#/graphql",
26
- "homepage_uri" => "https://github.com/palkan/action_policy-graphql",
27
- "source_code_uri" => "https://github.com/palkan/action_policy-graphql"
28
- }
29
-
30
- spec.require_paths = ["lib"]
31
-
32
- spec.required_ruby_version = ">= 2.5.0"
33
-
34
- spec.add_dependency "action_policy", ">= 0.3.0"
35
- spec.add_dependency "graphql", ">= 1.9.3"
36
-
37
- spec.add_development_dependency "bundler", ">= 1.15"
38
- spec.add_development_dependency "rake", "~> 13.0"
39
- spec.add_development_dependency "rspec", "~> 3.8"
40
- spec.add_development_dependency "rubocop", "~> 0.67.0"
41
- spec.add_development_dependency "rubocop-md", "~> 0.3"
42
- spec.add_development_dependency "standard", "~> 0.0.39"
43
- spec.add_development_dependency "i18n"
44
- end
@@ -1,14 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- require "bundler/setup"
4
- require "action_policy/graphql"
5
-
6
- # You can add fixtures and/or initialization code here to make experimenting
7
- # with your gem easier. You can also use a different console, if you like.
8
-
9
- # (If you use this, don't forget to add pry to your Gemfile!)
10
- # require "pry"
11
- # Pry.start
12
-
13
- require "irb"
14
- IRB.start(__FILE__)
data/bin/setup DELETED
@@ -1,8 +0,0 @@
1
- #!/usr/bin/env bash
2
- set -euo pipefail
3
- IFS=$'\n\t'
4
- set -vx
5
-
6
- bundle install
7
-
8
- # Do any other automated setup that you need to do here
@@ -1,5 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- gem "action_policy", "~> 0.3.0"
4
-
5
- gemspec path: "../.."
@@ -1,5 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- gem "action_policy", github: "palkan/action_policy"
4
-
5
- gemspec path: "../.."
@@ -1,5 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- gem "graphql", github: "rmosolgo/graphql-ruby"
4
-
5
- gemspec path: "../.."
@@ -1,3 +0,0 @@
1
- source "https://rubygems.org"
2
-
3
- gemspec path: ".."