action_policy 0.4.3 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (124) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +221 -174
  3. data/LICENSE.txt +1 -1
  4. data/README.md +7 -11
  5. data/lib/.rbnext/2.7/action_policy/behaviours/policy_for.rb +62 -0
  6. data/lib/.rbnext/2.7/action_policy/i18n.rb +56 -0
  7. data/lib/.rbnext/2.7/action_policy/policy/cache.rb +101 -0
  8. data/lib/.rbnext/2.7/action_policy/policy/pre_check.rb +162 -0
  9. data/lib/.rbnext/2.7/action_policy/rspec/be_authorized_to.rb +89 -0
  10. data/lib/.rbnext/2.7/action_policy/rspec/have_authorized_scope.rb +124 -0
  11. data/lib/.rbnext/2.7/action_policy/utils/pretty_print.rb +159 -0
  12. data/lib/.rbnext/3.0/action_policy/behaviour.rb +115 -0
  13. data/lib/.rbnext/3.0/action_policy/behaviours/policy_for.rb +62 -0
  14. data/lib/.rbnext/3.0/action_policy/behaviours/scoping.rb +35 -0
  15. data/lib/.rbnext/3.0/action_policy/behaviours/thread_memoized.rb +59 -0
  16. data/lib/.rbnext/3.0/action_policy/ext/policy_cache_key.rb +72 -0
  17. data/lib/.rbnext/3.0/action_policy/policy/aliases.rb +69 -0
  18. data/lib/.rbnext/3.0/action_policy/policy/authorization.rb +87 -0
  19. data/lib/.rbnext/3.0/action_policy/policy/cache.rb +101 -0
  20. data/lib/.rbnext/3.0/action_policy/policy/core.rb +161 -0
  21. data/lib/.rbnext/3.0/action_policy/policy/defaults.rb +31 -0
  22. data/lib/.rbnext/3.0/action_policy/policy/execution_result.rb +37 -0
  23. data/lib/.rbnext/3.0/action_policy/policy/pre_check.rb +162 -0
  24. data/lib/.rbnext/3.0/action_policy/policy/reasons.rb +212 -0
  25. data/lib/.rbnext/3.0/action_policy/policy/scoping.rb +160 -0
  26. data/lib/.rbnext/3.0/action_policy/rspec/be_authorized_to.rb +89 -0
  27. data/lib/.rbnext/3.0/action_policy/rspec/have_authorized_scope.rb +124 -0
  28. data/lib/.rbnext/3.0/action_policy/utils/pretty_print.rb +159 -0
  29. data/lib/.rbnext/3.0/action_policy/utils/suggest_message.rb +19 -0
  30. data/lib/action_policy.rb +7 -1
  31. data/lib/action_policy/behaviour.rb +22 -16
  32. data/lib/action_policy/behaviours/policy_for.rb +10 -3
  33. data/lib/action_policy/behaviours/scoping.rb +2 -1
  34. data/lib/action_policy/behaviours/thread_memoized.rb +1 -3
  35. data/lib/action_policy/ext/module_namespace.rb +1 -6
  36. data/lib/action_policy/ext/policy_cache_key.rb +10 -30
  37. data/lib/action_policy/ext/{symbol_classify.rb → symbol_camelize.rb} +6 -6
  38. data/lib/action_policy/i18n.rb +1 -1
  39. data/lib/action_policy/lookup_chain.rb +41 -21
  40. data/lib/action_policy/policy/aliases.rb +7 -12
  41. data/lib/action_policy/policy/authorization.rb +8 -7
  42. data/lib/action_policy/policy/cache.rb +11 -17
  43. data/lib/action_policy/policy/core.rb +25 -12
  44. data/lib/action_policy/policy/defaults.rb +3 -9
  45. data/lib/action_policy/policy/execution_result.rb +3 -9
  46. data/lib/action_policy/policy/pre_check.rb +19 -58
  47. data/lib/action_policy/policy/reasons.rb +32 -20
  48. data/lib/action_policy/policy/scoping.rb +5 -6
  49. data/lib/action_policy/rails/controller.rb +6 -1
  50. data/lib/action_policy/rails/ext/active_record.rb +7 -0
  51. data/lib/action_policy/rails/policy/instrumentation.rb +1 -1
  52. data/lib/action_policy/rspec/be_authorized_to.rb +5 -9
  53. data/lib/action_policy/rspec/dsl.rb +3 -3
  54. data/lib/action_policy/rspec/have_authorized_scope.rb +5 -7
  55. data/lib/action_policy/utils/pretty_print.rb +21 -24
  56. data/lib/action_policy/utils/suggest_message.rb +1 -3
  57. data/lib/action_policy/version.rb +1 -1
  58. data/lib/generators/action_policy/install/templates/{application_policy.rb → application_policy.rb.tt} +1 -1
  59. data/lib/generators/action_policy/policy/policy_generator.rb +4 -1
  60. data/lib/generators/action_policy/policy/templates/{policy.rb → policy.rb.tt} +0 -0
  61. data/lib/generators/rspec/templates/{policy_spec.rb → policy_spec.rb.tt} +0 -0
  62. data/lib/generators/test_unit/templates/{policy_test.rb → policy_test.rb.tt} +0 -0
  63. metadata +55 -119
  64. data/.gitattributes +0 -2
  65. data/.github/FUNDING.yml +0 -1
  66. data/.github/ISSUE_TEMPLATE.md +0 -18
  67. data/.github/PULL_REQUEST_TEMPLATE.md +0 -29
  68. data/.gitignore +0 -15
  69. data/.rubocop.yml +0 -54
  70. data/.tidelift.yml +0 -6
  71. data/.travis.yml +0 -31
  72. data/Gemfile +0 -22
  73. data/Rakefile +0 -27
  74. data/action_policy.gemspec +0 -44
  75. data/benchmarks/namespaced_lookup_cache.rb +0 -71
  76. data/bin/console +0 -14
  77. data/bin/setup +0 -8
  78. data/docs/.nojekyll +0 -0
  79. data/docs/CNAME +0 -1
  80. data/docs/README.md +0 -79
  81. data/docs/_sidebar.md +0 -27
  82. data/docs/aliases.md +0 -122
  83. data/docs/assets/docsify-search.js +0 -364
  84. data/docs/assets/docsify.min.js +0 -3
  85. data/docs/assets/fonts/FiraCode-Medium.woff +0 -0
  86. data/docs/assets/fonts/FiraCode-Regular.woff +0 -0
  87. data/docs/assets/images/banner.png +0 -0
  88. data/docs/assets/images/cache.png +0 -0
  89. data/docs/assets/images/cache.svg +0 -70
  90. data/docs/assets/images/layer.png +0 -0
  91. data/docs/assets/images/layer.svg +0 -35
  92. data/docs/assets/prism-ruby.min.js +0 -1
  93. data/docs/assets/styles.css +0 -347
  94. data/docs/assets/vue.min.css +0 -1
  95. data/docs/authorization_context.md +0 -92
  96. data/docs/behaviour.md +0 -113
  97. data/docs/caching.md +0 -291
  98. data/docs/controller_action_aliases.md +0 -109
  99. data/docs/custom_lookup_chain.md +0 -48
  100. data/docs/custom_policy.md +0 -53
  101. data/docs/debugging.md +0 -55
  102. data/docs/decorators.md +0 -27
  103. data/docs/favicon.ico +0 -0
  104. data/docs/graphql.md +0 -302
  105. data/docs/i18n.md +0 -44
  106. data/docs/index.html +0 -43
  107. data/docs/instrumentation.md +0 -84
  108. data/docs/lookup_chain.md +0 -17
  109. data/docs/namespaces.md +0 -77
  110. data/docs/non_rails.md +0 -28
  111. data/docs/pre_checks.md +0 -57
  112. data/docs/pundit_migration.md +0 -80
  113. data/docs/quick_start.md +0 -118
  114. data/docs/rails.md +0 -120
  115. data/docs/reasons.md +0 -120
  116. data/docs/scoping.md +0 -255
  117. data/docs/testing.md +0 -333
  118. data/docs/writing_policies.md +0 -107
  119. data/gemfiles/jruby.gemfile +0 -8
  120. data/gemfiles/rails42.gemfile +0 -9
  121. data/gemfiles/rails6.gemfile +0 -8
  122. data/gemfiles/railsmaster.gemfile +0 -6
  123. data/lib/action_policy/ext/string_match.rb +0 -14
  124. data/lib/action_policy/ext/yield_self_then.rb +0 -25
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6530513fc2b087beae97b3b33e662f421a0f12911a1e21b2cce9778dc7f693c9
4
- data.tar.gz: a915127b22da7b43cb0fc1aa1048c8a4d9c0b5a51f458039594eac17b29e92bc
3
+ metadata.gz: 5e0d9085b8204e1846c9820dbc5eb7a9960fa9c512a51d942cc8aab16b065257
4
+ data.tar.gz: c85bf2348affc45eb365200070257bc31b873ded038033a0fb3d6f5ca8adb48d
5
5
  SHA512:
6
- metadata.gz: 2a34ac6a7ab8289521e2ccb977ed6c6b6e655a185deb053676aad2d78674b7367d04c75abd552dafd59b1ae46465cfa117ae97239b9fd2e3cc6947d020d80775
7
- data.tar.gz: 991f5b553314cf11dedaab9964d5d4b4ee384877474ed6dc814fa0c4d4bdf383b8288df46bf987a437b82a33f859ac5314a1c4bd75b1df28d8a2438886f37c40
6
+ metadata.gz: 2a1de70b5460eed8dc481a651ea52318e060fb486e604b0595f0fa09a4840a0eb93be2b90b7f20789cb135e62388f00a18650881e9739564ba311d11a3fbd131
7
+ data.tar.gz: 5cbcf29add9f224ce3b77a42a17ab403dec7f2f93a581f6ad25e13d8f1e75bc650d9889cb05dd247355fee6b6844fb400852f51b2d1118ac30076e5277b95e75
@@ -2,16 +2,62 @@
2
2
 
3
3
  ## master
4
4
 
5
+ ## 0.5.0 (2020-09-29)
6
+
7
+ - Move `deny!` / `allow!` to core. ([@palkan][])
8
+
9
+ Now you can call `deny!` and `allow!` in policy rules to fail- or pass-fast.
10
+
11
+ **BREAKING.** Pre-check name is no longer added automatically to failure reasons. You should specify the reason
12
+ explicitly: `deny!(:my_reason)`.
13
+
14
+ - Add `Result#all_details` to return all collected details in a single hash. ([@palkan][])
15
+
16
+ - Add `default` option to lookup and `default_authorization_policy_class` callback to behaviour. ([@palkan][])
17
+
18
+ - Add `skip_verify_authorized!` to Rails controllers integration. ([@palkan][])
19
+
20
+ This method allows you to skip the `verify_authorized` callback dynamically.
21
+
22
+ - **Drop Ruby 2.4 support**. ([@palkan][])
23
+
24
+ - Add `allowance_to` method to authorization behaviour. ([@palkan][])
25
+
26
+ This method is similar to `allowed_to?` but returns an authorization result object.
27
+
28
+ - Support aliases in `allowed_to?` / `check?` calls within policies. ([@palkan][])
29
+
30
+ ## 0.4.5 (2020-07-29)
31
+
32
+ - Add strict_namespace option to lookup chain. (@rainerborene)
33
+
34
+ ## 0.4.4 (2020-07-07)
35
+
36
+ - Fix symbol lookup with namespaces. ([@palkan][])
37
+
38
+ Fixes [#122](https://github.com/palkan/action_policy/issues/122).
39
+
40
+ - Separated `#classify`-based and `#camelize`-based symbol lookups. ([Be-ngt-oH][])
41
+
42
+ Only affects Rails apps. Now lookup for `:users` tries to find `UsersPolicy` first (camelize),
43
+ and only then search for `UserPolicy` (classify).
44
+
45
+ See [PR#118](https://github.com/palkan/action_policy/pull/118).
46
+
47
+ - Fix calling rules with `allowed_to?` directly. ([@palkan][])
48
+
49
+ Fixes [#113](https://github.com/palkan/action_policy/issues/113)
50
+
5
51
  ## 0.4.3 (2019-12-14)
6
52
 
7
53
  - Add `#cache(*parts, **options) { ... }` method. ([@palkan][])
8
54
 
9
- Allows you to cache anything in policy classes using the Action Policy
10
- cache key generation mechanism.
55
+ Allows you to cache anything in policy classes using the Action Policy
56
+ cache key generation mechanism.
11
57
 
12
58
  - Handle versioned Rails cache keys. ([@palkan][])
13
59
 
14
- Use `#cache_with_version` as a cache key if defined.
60
+ Use `#cache_with_version` as a cache key if defined.
15
61
 
16
62
  ## 0.4.2 (2019-12-13)
17
63
 
@@ -21,274 +67,275 @@
21
67
 
22
68
  - Add `action_policy.init` instrumentation event. ([@palkan][])
23
69
 
24
- Triggered every time a new policy object is initialized.
70
+ Triggered every time a new policy object is initialized.
25
71
 
26
72
  - Fix policy memoization with explicit context. ([@palkan][])
27
73
 
28
- Explicit context (`authorize! context: {}`) wasn't considered during
29
- policies memoization. Not this is fixed.
74
+ Explicit context (`authorize! context: {}`) wasn't considered during
75
+ policies memoization. Not this is fixed.
30
76
 
31
77
  - Support composed matchers for authorization target testing. ([@palkan][])
32
78
 
33
- Now you can write tests like this:
79
+ Now you can write tests like this:
34
80
 
35
- ```ruby
36
- expect { subject }.to be_authorized_to(:show?, an_instance_of(User))
37
- ```
81
+ ```ruby
82
+ expect { subject }.to be_authorized_to(:show?, an_instance_of(User))
83
+ ```
38
84
 
39
85
  ## 0.3.4 (2019-11-27)
40
86
 
41
87
  - Fix Rails generators. ([@palkan][])
42
88
 
43
- Only invoke install generator if `application_policy.rb` is missing.
44
- Fix hooking into test frameworks.
89
+ Only invoke install generator if `application_policy.rb` is missing.
90
+ Fix hooking into test frameworks.
45
91
 
46
92
  ## 0.3.3 (2019-11-27)
47
93
 
48
94
  - Improve pretty print functionality. ([@palkan][])
49
95
 
50
- Colorize true/false values.
51
- Handle multiline expressions and debug statements (i.e., `binding.pry`).
96
+ Colorize true/false values.
97
+ Handle multiline expressions and debug statements (i.e., `binding.pry`).
52
98
 
53
99
  - Add Rails generators. ([@nicolas-brousse][])
54
100
 
55
- Adds `action_policy:install` and `action_policy:policy MODEL` Rails generators.
101
+ Adds `action_policy:install` and `action_policy:policy MODEL` Rails generators.
56
102
 
57
103
  - Optional authorization target. ([@somenugget][])
58
104
 
59
- Allows making authorization context optional:
105
+ Allows making authorization context optional:
60
106
 
61
- ```ruby
62
- class OptionalRolePolicy < ActionPolicy::Base
63
- authorize :role, optional: true
64
- end
107
+ ```ruby
108
+ class OptionalRolePolicy < ActionPolicy::Base
109
+ authorize :role, optional: true
110
+ end
65
111
 
66
- policy = OptionalRolePolicy.new
67
- policy.role #=> nil
68
- ```
112
+ policy = OptionalRolePolicy.new
113
+ policy.role #=> nil
114
+ ```
69
115
 
70
116
  ## 0.3.2 (2019-05-26) 👶
71
117
 
72
118
  - Fixed thread-safety issues with scoping configs. ([@palkan][])
73
119
 
74
- Fixes [#75](https://github.com/palkan/action_policy/issues/75).
120
+ Fixes [#75](https://github.com/palkan/action_policy/issues/75).
75
121
 
76
122
  ## 0.3.1 (2019-05-30)
77
123
 
78
124
  - Fixed bug with missing implicit target and hash like scoping data. ([@palkan][])
79
125
 
80
- Fixes [#70](https://github.com/palkan/action_policy/issues/70).
126
+ Fixes [#70](https://github.com/palkan/action_policy/issues/70).
81
127
 
82
128
  ## 0.3.0 (2019-04-02)
83
129
 
84
130
  - Added ActiveSupport-based instrumentation. ([@palkan][])
85
131
 
86
- See [PR#4](https://github.com/palkan/action_policy/pull/4)
132
+ See [PR#4](https://github.com/palkan/action_policy/pull/4)
87
133
 
88
134
  - Allow passing authorization context explicitly. ([@palkan][])
89
135
 
90
- Closes [#3](https://github.com/palkan/action_policy/issues/3).
136
+ Closes [#3](https://github.com/palkan/action_policy/issues/3).
91
137
 
92
- Now it's possible to override implicit authorization context
93
- via `context` option:
138
+ Now it's possible to override implicit authorization context
139
+ via `context` option:
94
140
 
95
- ```ruby
96
- authorize! target, to: :show?, context: {user: another_user}
97
- authorized_scope User.all, context: {user: another_user}
98
- ```
141
+ ```ruby
142
+ authorize! target, to: :show?, context: {user: another_user}
143
+ authorized_scope User.all, context: {user: another_user}
144
+ ```
99
145
 
100
146
  - Renamed `#authorized` to `#authorized_scope`. ([@palkan][])
101
147
 
102
- **NOTE:** `#authorized` alias is also available.
148
+ **NOTE:** `#authorized` alias is also available.
103
149
 
104
150
  - Added `Policy#pp(rule)` method to print annotated rule source code. ([@palkan][])
105
151
 
106
- Example (debugging):
152
+ Example (debugging):
107
153
 
108
- ```ruby
109
- def edit?
110
- binding.pry # rubocop:disable Lint/Debugger
111
- (user.name == "John") && (admin? || access_feed?)
112
- end
113
- ```
114
-
115
- ```sh
116
- pry> pp :edit?
117
- MyPolicy#edit?
118
- ↳ (
119
- user.name == "John" #=> false
120
- )
121
- AND
122
- (
123
- admin? #=> false
124
- OR
125
- access_feed? #=> true
126
- )
154
+ ```ruby
155
+ def edit?
156
+ binding.pry # rubocop:disable Lint/Debugger
157
+ (user.name == "John") && (admin? || access_feed?)
158
+ end
159
+ ```
160
+
161
+ ```sh
162
+ pry> pp :edit?
163
+ MyPolicy#edit?
164
+ ↳ (
165
+ user.name == "John" #=> false
127
166
  )
128
- ```
167
+ AND
168
+ (
169
+ admin? #=> false
170
+ OR
171
+ access_feed? #=> true
172
+ )
173
+ )
174
+ ```
129
175
 
130
- See [PR#63](https://github.com/palkan/action_policy/pull/63)
176
+ See [PR#63](https://github.com/palkan/action_policy/pull/63)
131
177
 
132
178
  - Added ability to provide additional failure reasons details. ([@palkan][])
133
179
 
134
- Example:
180
+ Example:
135
181
 
136
- ```ruby
137
- class ApplicantPolicy < ApplicationPolicy
138
- def show?
139
- allowed_to?(:show?, object.stage)
140
- end
182
+ ```ruby
183
+ class ApplicantPolicy < ApplicationPolicy
184
+ def show?
185
+ allowed_to?(:show?, object.stage)
141
186
  end
142
-
143
- class StagePolicy < ApplicationPolicy
144
- def show?
145
- # Add stage title to the failure reason (if any)
146
- # (could be used by client to show more descriptive message)
147
- details[:title] = record.title
148
- # then perform the checks
149
- user.stages.where(id: record.id).exists?
150
- end
187
+ end
188
+
189
+ class StagePolicy < ApplicationPolicy
190
+ def show?
191
+ # Add stage title to the failure reason (if any)
192
+ # (could be used by client to show more descriptive message)
193
+ details[:title] = record.title
194
+ # then perform the checks
195
+ user.stages.where(id: record.id).exists?
151
196
  end
197
+ end
152
198
 
153
- # when accessing the reasons
154
- p ex.result.reasons.details #=> { stage: [{show?: {title: "Onboarding"}] }
155
- ```
199
+ # when accessing the reasons
200
+ p ex.result.reasons.details #=> { stage: [{show?: {title: "Onboarding"}] }
201
+ ```
156
202
 
157
- See https://github.com/palkan/action_policy/pull/58
203
+ See https://github.com/palkan/action_policy/pull/58
158
204
 
159
205
  - Ruby 2.4+ is required. ([@palkan][])
160
206
 
161
207
  - Added RSpec DSL for writing policy specs. ([@palkan])
162
208
 
163
- The goal of this DSL is to reduce the boilerplate when writing
164
- policies specs.
209
+ The goal of this DSL is to reduce the boilerplate when writing
210
+ policies specs.
165
211
 
166
- Example:
212
+ Example:
167
213
 
168
- ```ruby
169
- describe PostPolicy do
170
- let(:user) { build_stubbed :user }
171
- let(:record) { build_stubbed :post, draft: false }
214
+ ```ruby
215
+ describe PostPolicy do
216
+ let(:user) { build_stubbed :user }
217
+ let(:record) { build_stubbed :post, draft: false }
172
218
 
173
- let(:context) { {user: user} }
219
+ let(:context) { {user: user} }
174
220
 
175
- describe_rule :show? do
176
- succeed "when post is published"
221
+ describe_rule :show? do
222
+ succeed "when post is published"
177
223
 
178
- failed "when post is draft" do
179
- before { post.draft = false }
224
+ failed "when post is draft" do
225
+ before { post.draft = false }
180
226
 
181
- succeed "when user is a manager" do
182
- before { user.role = "manager" }
183
- end
227
+ succeed "when user is a manager" do
228
+ before { user.role = "manager" }
184
229
  end
185
230
  end
186
231
  end
187
- ```
232
+ end
233
+ ```
188
234
 
189
235
  - Added I18n support ([@DmitryTsepelev][])
190
236
 
191
- Example:
237
+ Example:
192
238
 
193
- ```ruby
194
- class ApplicationController < ActionController::Base
195
- rescue_from ActionPolicy::Unauthorized do |ex|
196
- p ex.result.message #=> "You do not have access to the stage"
197
- p ex.result.reasons.full_messages #=> ["You do not have access to the stage"]
198
- end
239
+ ```ruby
240
+ class ApplicationController < ActionController::Base
241
+ rescue_from ActionPolicy::Unauthorized do |ex|
242
+ p ex.result.message #=> "You do not have access to the stage"
243
+ p ex.result.reasons.full_messages #=> ["You do not have access to the stage"]
199
244
  end
200
- ```
245
+ end
246
+ ```
201
247
 
202
248
  - Added scope options to scopes. ([@korolvs][])
203
249
 
204
- See [#47](https://github.com/palkan/action_policy/pull/47).
250
+ See [#47](https://github.com/palkan/action_policy/pull/47).
205
251
 
206
- Example:
207
- ```ruby
208
- # users_controller.rb
209
- class UsersController < ApplicationController
210
- def index
211
- @user = authorized(User.all, scope_options: {with_deleted: true})
212
- end
252
+ Example:
253
+
254
+ ```ruby
255
+ # users_controller.rb
256
+ class UsersController < ApplicationController
257
+ def index
258
+ @user = authorized(User.all, scope_options: {with_deleted: true})
213
259
  end
260
+ end
214
261
 
215
- # user_policy.rb
216
- describe UserPolicy < Application do
217
- relation_scope do |relation, with_deleted: false|
218
- rel = some_logic(relation)
219
- with_deleted ? rel.with_deleted : rel
220
- end
262
+ # user_policy.rb
263
+ describe UserPolicy < Application do
264
+ relation_scope do |relation, with_deleted: false|
265
+ rel = some_logic(relation)
266
+ with_deleted ? rel.with_deleted : rel
221
267
  end
222
- ```
268
+ end
269
+ ```
223
270
 
224
271
  - Added Symbol lookup to the lookup chain ([@DmitryTsepelev][])
225
272
 
226
- For instance, lookup will implicitly use `AdminPolicy` in a following case:
273
+ For instance, lookup will implicitly use `AdminPolicy` in a following case:
227
274
 
228
- ```ruby
229
- # admin_controller.rb
230
- class AdminController < ApplicationController
231
- authorize! :admin, to: :update_settings
232
- end
233
- ```
275
+ ```ruby
276
+ # admin_controller.rb
277
+ class AdminController < ApplicationController
278
+ authorize! :admin, to: :update_settings
279
+ end
280
+ ```
234
281
 
235
282
  - Added testing for scopes. ([@palkan][])
236
283
 
237
- Example:
284
+ Example:
238
285
 
239
- ```ruby
240
- # users_controller.rb
241
- class UsersController < ApplicationController
242
- def index
243
- @user = authorized(User.all)
244
- end
286
+ ```ruby
287
+ # users_controller.rb
288
+ class UsersController < ApplicationController
289
+ def index
290
+ @user = authorized(User.all)
245
291
  end
246
-
247
- # users_controller_spec.rb
248
- describe UsersController do
249
- subject { get :index }
250
- it "has authorized scope" do
251
- expect { subject }.to have_authorized_scope(:active_record_relation)
252
- .with(PostPolicy)
253
- end
292
+ end
293
+
294
+ # users_controller_spec.rb
295
+ describe UsersController do
296
+ subject { get :index }
297
+ it "has authorized scope" do
298
+ expect { subject }.to have_authorized_scope(:active_record_relation)
299
+ .with(PostPolicy)
254
300
  end
255
- ```
301
+ end
302
+ ```
256
303
 
257
304
  - Added scoping support. ([@palkan][])
258
305
 
259
- See [#5](https://github.com/palkan/action_policy/issues/5).
306
+ See [#5](https://github.com/palkan/action_policy/issues/5).
260
307
 
261
- By "scoping" we mean an ability to use policies to _scope data_.
308
+ By "scoping" we mean an ability to use policies to _scope data_.
262
309
 
263
- For example, when you want to _scope_ Active Record collections depending
264
- on the current user permissions:
310
+ For example, when you want to _scope_ Active Record collections depending
311
+ on the current user permissions:
265
312
 
266
- ```ruby
267
- class PostsController < ApplicationController
268
- def index
269
- @posts = authorized(Post.all)
270
- end
313
+ ```ruby
314
+ class PostsController < ApplicationController
315
+ def index
316
+ @posts = authorized(Post.all)
271
317
  end
318
+ end
272
319
 
273
- class PostPolicy < ApplicationPolicy
274
- relation_scope do |relation|
275
- next relation if user.admin?
276
- relation.where(user: user)
277
- end
320
+ class PostPolicy < ApplicationPolicy
321
+ relation_scope do |relation|
322
+ next relation if user.admin?
323
+ relation.where(user: user)
278
324
  end
279
- ```
325
+ end
326
+ ```
280
327
 
281
- Action Policy provides a flexible mechanism to apply scopes to anything you want.
328
+ Action Policy provides a flexible mechanism to apply scopes to anything you want.
282
329
 
283
- Read more in [docs](https://actionpolicy.evilmartians.io/).
330
+ Read more in [docs](https://actionpolicy.evilmartians.io/).
284
331
 
285
332
  - Added `#implicit_authorization_target`. ([@palkan][]).
286
333
 
287
- See [#35](https://github.com/palkan/action_policy/issues/35).
334
+ See [#35](https://github.com/palkan/action_policy/issues/35).
288
335
 
289
- Implicit authorization target (defined by `implicit_authorization_target`) is used when no target specified for `authorize!` call.
336
+ Implicit authorization target (defined by `implicit_authorization_target`) is used when no target specified for `authorize!` call.
290
337
 
291
- For example, for Rails controllers integration it's just `controller_name.classify.safe_constantize`.
338
+ For example, for Rails controllers integration it's just `controller_name.classify.safe_constantize`.
292
339
 
293
340
  - Consider `record#policy_name` when looking up for a policy class. ([@palkan][])
294
341
 
@@ -302,21 +349,21 @@
302
349
 
303
350
  - Add ability to disable per-thread cache and disable it in test env by default. ([@palkan][])
304
351
 
305
- You can control per-thread cache by setting:
352
+ You can control per-thread cache by setting:
306
353
 
307
- ```ruby
308
- ActionPolicy::PerThreadCache.enabled = true # or false
309
- ```
354
+ ```ruby
355
+ ActionPolicy::PerThreadCache.enabled = true # or false
356
+ ```
310
357
 
311
358
  ## 0.2.3 (2018-07-03)
312
359
 
313
360
  - [Fix [#16](https://github.com/palkan/action_policy/issues/16)] Add ability to disable namespace resolution cache. ([@palkan][])
314
361
 
315
- We cache namespaced policy resolution for better performance (it could affect performance when we look up a policy from a deeply nested module context).
362
+ We cache namespaced policy resolution for better performance (it could affect performance when we look up a policy from a deeply nested module context).
316
363
 
317
- It could be disabled by setting `ActionPolicy::LookupChain.namespace_cache_enabled = false`. It's enabled by default unless `RACK_ENV` env var is specified and is not equal to `"production"` (e.g. when `RACK_ENV=test` the cache is disabled).
364
+ It could be disabled by setting `ActionPolicy::LookupChain.namespace_cache_enabled = false`. It's enabled by default unless `RACK_ENV` env var is specified and is not equal to `"production"` (e.g. when `RACK_ENV=test` the cache is disabled).
318
365
 
319
- When using Rails it's enabled only in production mode but could be configured through setting the `config.action_policy.namespace_cache_enabled` parameter.
366
+ When using Rails it's enabled only in production mode but could be configured through setting the `config.action_policy.namespace_cache_enabled` parameter.
320
367
 
321
368
  - [Fix [#18](https://github.com/palkan/action_policy/issues/18)] Clarify documentation around, and fix the way `resolve_rule` resolves rules and rule aliases when subclasses are involved. ([@brendon][])
322
369
 
@@ -324,11 +371,10 @@
324
371
 
325
372
  - [Fix [#29](https://github.com/palkan/action_policy/issues/29)] Fix loading cache middleware. ([@palkan][])
326
373
 
327
-
328
374
  - Use `send` instead of `public_send` to get the `authorization_context` so that contexts such as
329
375
  `current_user` can be `private` in the controller. ([@brendon][])
330
376
 
331
- - Fix railtie initialisation for Rails < 5. ([@brendon][])
377
+ - Fix railtie initialization for Rails < 5. ([@brendon][])
332
378
 
333
379
  ## 0.2.1 (yanked)
334
380
 
@@ -338,18 +384,18 @@
338
384
 
339
385
  - Add `reasons.details`. ([@palkan][])
340
386
 
341
- ```ruby
342
- rescue_from ActionPolicy::Unauthorized do |ex|
343
- ex.result.reasons.details #=> { stage: [:show?] }
344
- end
345
- ```
387
+ ```ruby
388
+ rescue_from ActionPolicy::Unauthorized do |ex|
389
+ ex.result.reasons.details #=> { stage: [:show?] }
390
+ end
391
+ ```
346
392
 
347
393
  - Add `ExecutionResult`. ([@palkan][])
348
394
 
349
- ExecutionResult contains all the rule application artifacts: the result (`true` / `false`),
350
- failures reasons.
395
+ ExecutionResult contains all the rule application artifacts: the result (`true` / `false`),
396
+ failures reasons.
351
397
 
352
- This value is now stored in a cache (if any) instead of just the call result (`true` / `false`).
398
+ This value is now stored in a cache (if any) instead of just the call result (`true` / `false`).
353
399
 
354
400
  - Add `Policy.identifier`. ([@palkan][])
355
401
 
@@ -382,3 +428,4 @@
382
428
  [@korolvs]: https://github.com/korolvs
383
429
  [@nicolas-brousse]: https://github.com/nicolas-brousse
384
430
  [@somenugget]: https://github.com/somenugget
431
+ [@Be-ngt-oH]: https://github.com/Be-ngt-oH