action_policy-graphql 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +2 -0
- data/lib/action_policy/graphql/authorized_field.rb +18 -6
- data/lib/action_policy/graphql/behaviour.rb +1 -1
- data/lib/action_policy/graphql/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eb2f4793062ddef25c116e0591d97613174a3c39e18a62e7982f4a41d9f9afc1
|
|
4
|
+
data.tar.gz: 2e776a3a49781309094a4cee8d3824391913b57d5fcdef64edc6425eb476b280
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f02980395258ccf616d7508d24615d54162045e2f9abbea4cebcdd5d8976a19213f04ca8b0a7775fe99b03741ea91213dbe27e3e0994ae645e1656abb76212cd
|
|
7
|
+
data.tar.gz: 892b01138e996004cd1a218e06af56435f0f6cd662af14b295fa4162204da350d8a4fb2d192d014b30bd06f9f1e8798f580f272a203fbdbc75813e107463ac14
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
## master (unreleased)
|
|
4
4
|
|
|
5
|
+
## 0.5.1 (2020-10-08)
|
|
6
|
+
|
|
7
|
+
- Fix mutations authorization (clean up around `authorize_mutation_raise_exception` configuration parameter). ([@rzaharenkov][])
|
|
8
|
+
|
|
9
|
+
- Add deprecation for using `authorize` for mutation fields. ([@rzaharenkov][])
|
|
10
|
+
|
|
5
11
|
## 0.5.0 (2020-10-07)
|
|
6
12
|
|
|
7
13
|
- Add `preauthorize_mutation_raise_exception` configuration parameter. ([@palkan][])
|
data/README.md
CHANGED
|
@@ -80,6 +80,8 @@ You can customize the authorization options, e.g. `authorize: {to: :preview?, wi
|
|
|
80
80
|
|
|
81
81
|
If you don't want to raise an exception but return a null instead, you should set a `raise: false` option.
|
|
82
82
|
|
|
83
|
+
Note: it does not make too much sense to use `authorize` in mutations since it's checking authorization rules after mutation is executed. Therefore `authorize` marked as deprecated when used in mutations and will raise error in future releases.
|
|
84
|
+
|
|
83
85
|
### `authorized_scope: *`
|
|
84
86
|
|
|
85
87
|
You can add `authorized_scope: true` option to the field (list or _connection_ field) to
|
|
@@ -22,17 +22,29 @@ module ActionPolicy
|
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
class AuthorizeExtension < Extension
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
25
|
+
DEPRECATION_MESSAGE = "`authorize: *` for mutation fields is deprecated. Please use `preauthorize: *` instead."
|
|
26
|
+
|
|
27
|
+
class << self
|
|
28
|
+
def show_authorize_mutation_deprecation
|
|
29
|
+
return if defined?(@authorize_mutation_deprecation_shown)
|
|
30
|
+
|
|
31
|
+
if defined?(ActiveSupport::Deprecation)
|
|
32
|
+
ActiveSupport::Deprecation.warn(DEPRECATION_MESSAGE)
|
|
30
33
|
else
|
|
31
|
-
|
|
34
|
+
warn(DEPRECATION_MESSAGE)
|
|
32
35
|
end
|
|
36
|
+
|
|
37
|
+
@authorize_mutation_deprecation_shown = true
|
|
33
38
|
end
|
|
34
39
|
end
|
|
35
40
|
|
|
41
|
+
def apply
|
|
42
|
+
self.class.show_authorize_mutation_deprecation if field.mutation
|
|
43
|
+
|
|
44
|
+
@to = extract_option(:to) { ::ActionPolicy::GraphQL.default_authorize_rule }
|
|
45
|
+
@raise = extract_option(:raise) { ::ActionPolicy::GraphQL.authorize_raise_exception }
|
|
46
|
+
end
|
|
47
|
+
|
|
36
48
|
def after_resolve(value:, context:, object:, **_rest)
|
|
37
49
|
return value if value.nil?
|
|
38
50
|
|
|
@@ -36,7 +36,7 @@ module ActionPolicy
|
|
|
36
36
|
|
|
37
37
|
base.authorize :user, through: :current_user
|
|
38
38
|
|
|
39
|
-
if base.respond_to?(:field_class)
|
|
39
|
+
if base.respond_to?(:field_class) && !(base.field_class < ActionPolicy::GraphQL::AuthorizedField)
|
|
40
40
|
base.field_class.prepend(ActionPolicy::GraphQL::AuthorizedField)
|
|
41
41
|
base.include ActionPolicy::GraphQL::Fields
|
|
42
42
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: action_policy-graphql
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Vladimir Dementyev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-10-
|
|
11
|
+
date: 2020-10-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: action_policy
|