action_policy 0.2.0 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a261b126090b29222039294b84b4575fa796bf115033c2514fe301e0ec3d34af
-  data.tar.gz: 05f9d1cd84b2f4ce2b951267e0122fb54a436a5e51f0dd2f9a7d79e06f30d6ec
+  metadata.gz: 5aa63f362aa8606be7d0ba77e1c78be9ed8c811eb57b06c38835ec4df24c9bf1
+  data.tar.gz: 9c704fda90d4735827eddfb78be38a6f2ea2a293f71165df1955cdd78a3e803d
 SHA512:
-  metadata.gz: 80bbbe6ec61bf7241fe0e823844120292e6b8efd98a3c06834d98ac797cf92ebdffa21332e40305770622d5120d391443d0570193001a5e358f1ee6056c09bbb
-  data.tar.gz: 7f6990f7bcd5998eef536640a451591801afd073e29b25a764c500b1d0f535e3cfaf1a176f0adf930f498386ca9f206aa377b4c5adf1b2d119be642681fa7e81
+  metadata.gz: a0cd9a62e04d0dbf1263d5c30ba0e860930877e63dd5c3c93f0be327e204b5e66265b8d9ce264278e9b16bef1bff7924331c66f11f88012c0a26dca445ad51bd
+  data.tar.gz: eb7b6b92a10869ab50f71656b446d26199d339891f5336ca28f87918cfd8dad467498e0262011703662944f82c49927e0c26dc24c871c456813ca87397cc4786

data/CHANGELOG.md

@@ -1,5 +1,16 @@
 ## master
 
+## 0.2.2 (2018-07-01)
+
+- [Fix [#29](https://github.com/palkan/action_policy/issues/29)] Fix loading cache middleware. ([@palkan][])
+
+- Use `send` instead of `public_send` to get the `authorization_context` so that contexts such as
+  `current_user` can be `private` in the controller. ([@brendon][])
+
+- Fix railtie initialisation for Rails < 5. ([@brendon][])
+
+## 0.2.1 (yanked)
+
 ## 0.2.0 (2018-06-17)
 
 - Make `action_policy` JRuby-compatible. ([@palkan][])
@@ -45,3 +56,4 @@
 
 [@palkan]: https://github.com/palkan
 [@ilyasgaraev]: https://github.com/ilyasgaraev
+[@brendon]: https://github.com/brendon

data/action_policy.gemspec

@@ -29,4 +29,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rspec", "~> 3.3"
   spec.add_development_dependency "rubocop", "~> 0.56.0"
   spec.add_development_dependency "rubocop-md", "~> 0.2"
+  spec.add_development_dependency "benchmark-ips", "~> 2.7.0"
 end

data/benchmarks/namespaced_lookup_cache.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+=begin
+
+This benchmark measures the efficiency of NamespaceCache.
+
+Run it multiple times with cache on/off to see the results:
+
+  $ bundle exec ruby namespaced_lookup_cache.rb
+  $ bundle exec ruby namespaced_lookup_cache.rb
+  $ NO_CACHE=1 bundle exec ruby namespaced_lookup_cache.rb
+  $ NO_CACHE=1 bundle exec ruby namespaced_lookup_cache.rb
+
+=end
+
+$LOAD_PATH.unshift File.expand_path("../lib", __dir__)
+
+require "action_policy"
+require "benchmark/ips"
+
+GC.disable
+
+class A; end
+
+class B; end
+
+module X
+  class BPolicy < ActionPolicy::Base; end
+
+  module Y
+    module Z
+      class APolicy < ActionPolicy::Base; end
+    end
+  end
+end
+
+a = A.new
+b = B.new
+
+if ENV['NO_CACHE']
+  ActionPolicy::LookupChain.namespace_cache_enabled = false
+end
+
+Benchmark.ips do |x|
+  x.warmup = 0
+
+  x.report("cache A") do
+    ActionPolicy.lookup(a, namespace: X::Y::Z)
+  end
+
+  x.report("cache B") do
+    ActionPolicy.lookup(b, namespace: X::Y::Z)
+  end
+
+  x.report("no cache A") do
+    ActionPolicy.lookup(a, namespace: X::Y::Z)
+  end
+
+  x.report("no cache B") do
+    ActionPolicy.lookup(b, namespace: X::Y::Z)
+  end
+
+  x.hold! 'temp_results'
+
+  x.compare!
+end
+
+=begin
+
+Comparison:
+            cache B:   178577.4 i/s
+            cache A:   173061.4 i/s - same-ish: difference falls within error
+        no cache A:    97991.7 i/s - same-ish: difference falls within error
+        no cache B:    42505.4 i/s - 4.20x  slower
+=end

data/docs/_sidebar.md

@@ -14,6 +14,8 @@
   * [Failure Reasons](reasons.md)
   * [Instrumentation](instrumentation.md)
   * [I18n Support](i18n.md)
+* Tips & Tricks
+  * [Controller Action Aliases](controller_action_aliases.md)
 * Customize
   * [Base Policy](custom_policy.md)
   * [Lookup Chain](custom_lookup_chain.md)

data/docs/controller_action_aliases.md

@@ -0,0 +1,109 @@
+# Controller Action Aliases
+
+**This is a feature proposed here: https://github.com/palkan/action_policy/issues/25**
+
+If you'd like to see this feature implemented, please comment on the issue to show your support.
+
+## Outline
+
+Say you have abstracted your `authorize!` call to a controller superclass because your policy can
+be executed without regard to the record in any of the subclass controllers:
+
+```ruby
+class AbstractController < ApplicationController
+  authorize :context
+  before_action :authorize_context
+
+  def context
+    # Some code to get your policy context
+  end
+
+  private
+
+  def authorize_context
+    authorize! Context
+  end
+end
+```
+
+Your policy might look like this:
+
+```ruby
+class ContextPolicy < ApplicationPolicy
+  authorize :context
+
+  alias_rule :index?, :show?, to: :view?
+  alias_rule :new?, :create?, :update?, :destroy?, to: :edit?
+
+  def view?
+    context.has_permission_to(:view, user)
+  end
+
+  def edit?
+    context.has_permission_to(:edit, user)
+  end
+end
+```
+
+We can safely add aliases for the common REST actions in the policy.
+
+You may then want to include a concern in your subclass controller(s) that add extra actions to the controller.
+
+
+```ruby
+class ConcreteController < AbstractController
+  include AdditionalFunctionalityConcern
+
+  def index
+    # Index Action
+  end
+
+  def new
+    # New Action
+  end
+
+  # etc...
+end
+```
+
+At this point you may be wondering how to tell your abstracted policy that these new methods map to either
+the `view?` or `edit?` rule. You can currently provide the rule to execute to the `authorize!` method with
+the `to:` parameter but since our call to `authorize!` is in a superclass it has no idea about our concern.
+I propose the following controller method:
+
+```ruby
+alias_action(*actions, to_rule: rule)
+```
+
+Here's an example:
+
+```ruby
+module AdditionalFunctionalityConcern
+  extend ActiveSupport::Concern
+
+  included do
+    alias_action [:first_action, :second_action], to_rule: :view?
+    alias_action [:third_action], to_rule: :edit?
+  end
+
+  def first_action
+    # First Action
+  end
+
+  def second_action
+    # Second Action
+  end
+
+  def third_action
+    # Third Action
+  end
+end
+```
+
+When `authorize!` is called in a controller, it will first check the action aliases for a corresponding
+rule. If one is found, it will execute that rule instead of a rule matching the name of the current action.
+The rule may point at a concrete rule in the policy, or a rule alias in the policy, it doens't matter, the
+alias in the policy will be resolved like normal.
+
+If you'd like to see this feature implemented, please show your support on the
+[Github Issue](https://github.com/palkan/action_policy/issues/25).

data/docs/index.html

@@ -29,7 +29,8 @@
       repo: 'https://github.com/palkan/action_policy',
       loadSidebar: true,
       subMaxLevel: 3,
-      ga: 'UA-104346673-3'
+      ga: 'UA-104346673-3',
+      auto2top:true
     }
   </script>
   <script src="assets/docsify.min.js"></script>

data/docs/lookup_chain.md

@@ -4,7 +4,7 @@ Action Policy tries to automatically infer policy class from the target using th
 
 1. If the target responds to `policy_class`, then use it;
 2. If the target's class responds to `policy_class`, then use it;
-3. If the target's class responds to `policy_name`, then use `#{target.class.policy_name}Policy`;
+3. If the target's class responds to `policy_name`, then use it (the `policy_name` should end with `Policy` as it's not appended automatically);
 4. Otherwise, use `#{target.class.name}Policy`.
 
 > \* [Namespaces](namespaces.md) could be also be considered when `namespace` option is set.

data/docs/rails.md

@@ -12,7 +12,7 @@ You can turn off this behaviour by setting `config.action_policy.controller_auth
 
 ```ruby
 class ApplicationController < ActionController::Base
-  authorize :my_current_user, as: :user
+  authorize :user, through: :my_current_user
 end
 ```
 
@@ -71,7 +71,7 @@ class ApiController < ApplicationController::API
   include ActionPolicy::Controller
 
   # NOTE: you have to provide authorization context manually as well
-  authorize :current_user, as: :user
+  authorize :user, through: :current_user
 end
 ```
 

data/lib/action_policy/behaviour.rb

@@ -50,7 +50,7 @@ module ActionPolicy
 
       @__authorization_context = self.class.authorization_targets
                                      .each_with_object({}) do |(key, meth), obj|
-        obj[key] = public_send(meth)
+        obj[key] = send(meth)
       end
     end
 

data/lib/action_policy/cache_middleware.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module ActionPolicy # :nodoc:
+  class CacheMiddleware # :nodoc:
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      ActionPolicy::PerThreadCache.clear_all
+      result = @app.call(env)
+      ActionPolicy::PerThreadCache.clear_all
+
+      result
+    end
+  end
+end

data/lib/action_policy/lookup_chain.rb

@@ -15,12 +15,14 @@ module ActionPolicy
     require "action_policy/ext/module_namespace"
     using ActionPolicy::Ext::ModuleNamespace
 
-    # Cache namespace resolving result for policies
+    # Cache namespace resolving result for policies.
+    # @see benchmarks/namespaced_lookup_cache.rb
     class NamespaceCache
       class << self
         attr_reader :store
 
         def fetch(namespace, policy)
+          return yield unless LookupChain.namespace_cache_enabled
           return store[namespace][policy] if store[namespace].key?(policy)
           store[namespace][policy] ||= yield
         end
@@ -34,7 +36,7 @@ module ActionPolicy
     end
 
     class << self
-      attr_accessor :chain
+      attr_accessor :chain, :namespace_cache_enabled
 
       def call(record, **opts)
         chain.each do |probe|
@@ -74,6 +76,9 @@ module ActionPolicy
       end
     end
 
+    # Enable namespace cache by default
+    self.namespace_cache_enabled = true
+
     # By self `policy_class` method
     INSTANCE_POLICY_CLASS = ->(record, _) {
       record.policy_class if record.respond_to?(:policy_class)

data/lib/action_policy/railtie.rb

@@ -45,8 +45,13 @@ module ActionPolicy # :nodoc:
     config.action_policy = Config
 
     initializer "action_policy.clear_per_thread_cache" do |app|
-      app.executor.to_run { ActionPolicy::PerThreadCache.clear_all }
-      app.executor.to_complete { ActionPolicy::PerThreadCache.clear_all }
+      if Rails::VERSION::MAJOR >= 5
+        app.executor.to_run { ActionPolicy::PerThreadCache.clear_all }
+        app.executor.to_complete { ActionPolicy::PerThreadCache.clear_all }
+      else
+        require "action_policy/cache_middleware"
+        app_middleware.use ActionPolicy::CacheMiddleware
+      end
     end
 
     config.to_prepare do |_app|

data/lib/action_policy/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ActionPolicy
-  VERSION = "0.2.0"
+  VERSION = "0.2.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_policy
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.2
 platform: ruby
 authors:
 - Vladimir Dementyev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-06-17 00:00:00.000000000 Z
+date: 2018-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,6 +94,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: benchmark-ips
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.7.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.7.0
 description: Authorization framework for Ruby/Rails application
 email:
 - dementiev.vm@gmail.com
@@ -113,6 +127,7 @@ files:
 - README.md
 - Rakefile
 - action_policy.gemspec
+- benchmarks/namespaced_lookup_cache.rb
 - bin/console
 - bin/setup
 - docs/.nojekyll
@@ -133,6 +148,7 @@ files:
 - docs/assets/vue.min.css
 - docs/authorization_context.md
 - docs/caching.md
+- docs/controller_action_aliases.md
 - docs/custom_lookup_chain.md
 - docs/custom_policy.md
 - docs/favicon.ico
@@ -159,6 +175,7 @@ files:
 - lib/action_policy/behaviours/namespaced.rb
 - lib/action_policy/behaviours/policy_for.rb
 - lib/action_policy/behaviours/thread_memoized.rb
+- lib/action_policy/cache_middleware.rb
 - lib/action_policy/ext/module_namespace.rb
 - lib/action_policy/ext/policy_cache_key.rb
 - lib/action_policy/ext/string_constantize.rb