action_policy 0.4.4 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (122) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +203 -174
  3. data/README.md +5 -4
  4. data/lib/.rbnext/2.7/action_policy/behaviours/policy_for.rb +62 -0
  5. data/lib/.rbnext/2.7/action_policy/i18n.rb +56 -0
  6. data/lib/.rbnext/2.7/action_policy/policy/cache.rb +101 -0
  7. data/lib/.rbnext/2.7/action_policy/policy/pre_check.rb +162 -0
  8. data/lib/.rbnext/2.7/action_policy/rspec/be_authorized_to.rb +89 -0
  9. data/lib/.rbnext/2.7/action_policy/rspec/have_authorized_scope.rb +124 -0
  10. data/lib/.rbnext/2.7/action_policy/utils/pretty_print.rb +159 -0
  11. data/lib/.rbnext/3.0/action_policy/behaviour.rb +115 -0
  12. data/lib/.rbnext/3.0/action_policy/behaviours/policy_for.rb +62 -0
  13. data/lib/.rbnext/3.0/action_policy/behaviours/scoping.rb +35 -0
  14. data/lib/.rbnext/3.0/action_policy/behaviours/thread_memoized.rb +59 -0
  15. data/lib/.rbnext/3.0/action_policy/ext/policy_cache_key.rb +72 -0
  16. data/lib/.rbnext/3.0/action_policy/policy/aliases.rb +69 -0
  17. data/lib/.rbnext/3.0/action_policy/policy/authorization.rb +87 -0
  18. data/lib/.rbnext/3.0/action_policy/policy/cache.rb +101 -0
  19. data/lib/.rbnext/3.0/action_policy/policy/core.rb +161 -0
  20. data/lib/.rbnext/3.0/action_policy/policy/defaults.rb +31 -0
  21. data/lib/.rbnext/3.0/action_policy/policy/execution_result.rb +37 -0
  22. data/lib/.rbnext/3.0/action_policy/policy/pre_check.rb +162 -0
  23. data/lib/.rbnext/3.0/action_policy/policy/reasons.rb +212 -0
  24. data/lib/.rbnext/3.0/action_policy/policy/scoping.rb +160 -0
  25. data/lib/.rbnext/3.0/action_policy/rspec/be_authorized_to.rb +89 -0
  26. data/lib/.rbnext/3.0/action_policy/rspec/have_authorized_scope.rb +124 -0
  27. data/lib/.rbnext/3.0/action_policy/utils/pretty_print.rb +159 -0
  28. data/lib/.rbnext/3.0/action_policy/utils/suggest_message.rb +19 -0
  29. data/lib/action_policy.rb +7 -1
  30. data/lib/action_policy/behaviour.rb +22 -16
  31. data/lib/action_policy/behaviours/policy_for.rb +10 -3
  32. data/lib/action_policy/behaviours/scoping.rb +2 -1
  33. data/lib/action_policy/behaviours/thread_memoized.rb +1 -3
  34. data/lib/action_policy/ext/module_namespace.rb +1 -6
  35. data/lib/action_policy/ext/policy_cache_key.rb +10 -30
  36. data/lib/action_policy/i18n.rb +1 -1
  37. data/lib/action_policy/lookup_chain.rb +29 -15
  38. data/lib/action_policy/policy/aliases.rb +7 -12
  39. data/lib/action_policy/policy/authorization.rb +8 -7
  40. data/lib/action_policy/policy/cache.rb +11 -17
  41. data/lib/action_policy/policy/core.rb +25 -12
  42. data/lib/action_policy/policy/defaults.rb +3 -9
  43. data/lib/action_policy/policy/execution_result.rb +3 -9
  44. data/lib/action_policy/policy/pre_check.rb +19 -58
  45. data/lib/action_policy/policy/reasons.rb +31 -19
  46. data/lib/action_policy/policy/scoping.rb +5 -6
  47. data/lib/action_policy/rails/controller.rb +6 -1
  48. data/lib/action_policy/rails/policy/instrumentation.rb +1 -1
  49. data/lib/action_policy/rspec/be_authorized_to.rb +5 -9
  50. data/lib/action_policy/rspec/dsl.rb +1 -1
  51. data/lib/action_policy/rspec/have_authorized_scope.rb +5 -7
  52. data/lib/action_policy/utils/pretty_print.rb +21 -24
  53. data/lib/action_policy/utils/suggest_message.rb +1 -3
  54. data/lib/action_policy/version.rb +1 -1
  55. data/lib/generators/action_policy/install/templates/{application_policy.rb → application_policy.rb.tt} +0 -0
  56. data/lib/generators/action_policy/policy/policy_generator.rb +4 -1
  57. data/lib/generators/action_policy/policy/templates/{policy.rb → policy.rb.tt} +0 -0
  58. data/lib/generators/rspec/templates/{policy_spec.rb → policy_spec.rb.tt} +0 -0
  59. data/lib/generators/test_unit/templates/{policy_test.rb → policy_test.rb.tt} +0 -0
  60. metadata +54 -119
  61. data/.gitattributes +0 -2
  62. data/.github/ISSUE_TEMPLATE.md +0 -21
  63. data/.github/PULL_REQUEST_TEMPLATE.md +0 -29
  64. data/.github/bug_report_template.rb +0 -175
  65. data/.gitignore +0 -15
  66. data/.rubocop.yml +0 -54
  67. data/.tidelift.yml +0 -6
  68. data/.travis.yml +0 -31
  69. data/Gemfile +0 -22
  70. data/Rakefile +0 -27
  71. data/action_policy.gemspec +0 -44
  72. data/benchmarks/namespaced_lookup_cache.rb +0 -74
  73. data/benchmarks/pre_checks.rb +0 -73
  74. data/bin/console +0 -14
  75. data/bin/setup +0 -8
  76. data/docs/.nojekyll +0 -0
  77. data/docs/CNAME +0 -1
  78. data/docs/README.md +0 -79
  79. data/docs/_sidebar.md +0 -27
  80. data/docs/aliases.md +0 -122
  81. data/docs/assets/docsify-search.js +0 -364
  82. data/docs/assets/docsify.min.js +0 -3
  83. data/docs/assets/fonts/FiraCode-Medium.woff +0 -0
  84. data/docs/assets/fonts/FiraCode-Regular.woff +0 -0
  85. data/docs/assets/images/banner.png +0 -0
  86. data/docs/assets/images/cache.png +0 -0
  87. data/docs/assets/images/cache.svg +0 -70
  88. data/docs/assets/images/layer.png +0 -0
  89. data/docs/assets/images/layer.svg +0 -35
  90. data/docs/assets/prism-ruby.min.js +0 -1
  91. data/docs/assets/styles.css +0 -347
  92. data/docs/assets/vue.min.css +0 -1
  93. data/docs/authorization_context.md +0 -92
  94. data/docs/behaviour.md +0 -113
  95. data/docs/caching.md +0 -291
  96. data/docs/controller_action_aliases.md +0 -109
  97. data/docs/custom_lookup_chain.md +0 -48
  98. data/docs/custom_policy.md +0 -53
  99. data/docs/debugging.md +0 -55
  100. data/docs/decorators.md +0 -27
  101. data/docs/favicon.ico +0 -0
  102. data/docs/graphql.md +0 -302
  103. data/docs/i18n.md +0 -44
  104. data/docs/index.html +0 -43
  105. data/docs/instrumentation.md +0 -84
  106. data/docs/lookup_chain.md +0 -22
  107. data/docs/namespaces.md +0 -77
  108. data/docs/non_rails.md +0 -28
  109. data/docs/pre_checks.md +0 -57
  110. data/docs/pundit_migration.md +0 -80
  111. data/docs/quick_start.md +0 -118
  112. data/docs/rails.md +0 -120
  113. data/docs/reasons.md +0 -120
  114. data/docs/scoping.md +0 -255
  115. data/docs/testing.md +0 -390
  116. data/docs/writing_policies.md +0 -107
  117. data/gemfiles/jruby.gemfile +0 -8
  118. data/gemfiles/rails42.gemfile +0 -9
  119. data/gemfiles/rails6.gemfile +0 -8
  120. data/gemfiles/railsmaster.gemfile +0 -6
  121. data/lib/action_policy/ext/string_match.rb +0 -14
  122. data/lib/action_policy/ext/yield_self_then.rb +0 -25
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aa234de7b74f58df4707ec00f9f4d67bee0d89fb721f2b0e4df90627970530e6
4
- data.tar.gz: e6e4ba56d3be720b8ddac3a236f42c84eec2472d04b95213914d89e23d291bf7
3
+ metadata.gz: 5e0d9085b8204e1846c9820dbc5eb7a9960fa9c512a51d942cc8aab16b065257
4
+ data.tar.gz: c85bf2348affc45eb365200070257bc31b873ded038033a0fb3d6f5ca8adb48d
5
5
  SHA512:
6
- metadata.gz: 450572c0987f8d4174ff6c51fdd188d62bd5dfd288b381a593030ee9ef8575df74852b1600706f6dfb1c115fddb9a45e518f03b2dd0a118e653c0a13c0efc05a
7
- data.tar.gz: 1fa6dac85f5fe5f014026d23357c08e9dba0101b68a07a96315275a1ce2aa28762ab82abffbf0ae985a9a277d942de23c521223d485b7acfe1fdceeae9c4179d
6
+ metadata.gz: 2a1de70b5460eed8dc481a651ea52318e060fb486e604b0595f0fa09a4840a0eb93be2b90b7f20789cb135e62388f00a18650881e9739564ba311d11a3fbd131
7
+ data.tar.gz: 5cbcf29add9f224ce3b77a42a17ab403dec7f2f93a581f6ad25e13d8f1e75bc650d9889cb05dd247355fee6b6844fb400852f51b2d1118ac30076e5277b95e75
@@ -2,6 +2,35 @@
2
2
 
3
3
  ## master
4
4
 
5
+ ## 0.5.0 (2020-09-29)
6
+
7
+ - Move `deny!` / `allow!` to core. ([@palkan][])
8
+
9
+ Now you can call `deny!` and `allow!` in policy rules to fail- or pass-fast.
10
+
11
+ **BREAKING.** Pre-check name is no longer added automatically to failure reasons. You should specify the reason
12
+ explicitly: `deny!(:my_reason)`.
13
+
14
+ - Add `Result#all_details` to return all collected details in a single hash. ([@palkan][])
15
+
16
+ - Add `default` option to lookup and `default_authorization_policy_class` callback to behaviour. ([@palkan][])
17
+
18
+ - Add `skip_verify_authorized!` to Rails controllers integration. ([@palkan][])
19
+
20
+ This method allows you to skip the `verify_authorized` callback dynamically.
21
+
22
+ - **Drop Ruby 2.4 support**. ([@palkan][])
23
+
24
+ - Add `allowance_to` method to authorization behaviour. ([@palkan][])
25
+
26
+ This method is similar to `allowed_to?` but returns an authorization result object.
27
+
28
+ - Support aliases in `allowed_to?` / `check?` calls within policies. ([@palkan][])
29
+
30
+ ## 0.4.5 (2020-07-29)
31
+
32
+ - Add strict_namespace option to lookup chain. (@rainerborene)
33
+
5
34
  ## 0.4.4 (2020-07-07)
6
35
 
7
36
  - Fix symbol lookup with namespaces. ([@palkan][])
@@ -23,12 +52,12 @@ See [PR#118](https://github.com/palkan/action_policy/pull/118).
23
52
 
24
53
  - Add `#cache(*parts, **options) { ... }` method. ([@palkan][])
25
54
 
26
- Allows you to cache anything in policy classes using the Action Policy
27
- cache key generation mechanism.
55
+ Allows you to cache anything in policy classes using the Action Policy
56
+ cache key generation mechanism.
28
57
 
29
58
  - Handle versioned Rails cache keys. ([@palkan][])
30
59
 
31
- Use `#cache_with_version` as a cache key if defined.
60
+ Use `#cache_with_version` as a cache key if defined.
32
61
 
33
62
  ## 0.4.2 (2019-12-13)
34
63
 
@@ -38,274 +67,275 @@ See [PR#118](https://github.com/palkan/action_policy/pull/118).
38
67
 
39
68
  - Add `action_policy.init` instrumentation event. ([@palkan][])
40
69
 
41
- Triggered every time a new policy object is initialized.
70
+ Triggered every time a new policy object is initialized.
42
71
 
43
72
  - Fix policy memoization with explicit context. ([@palkan][])
44
73
 
45
- Explicit context (`authorize! context: {}`) wasn't considered during
46
- policies memoization. Not this is fixed.
74
+ Explicit context (`authorize! context: {}`) wasn't considered during
75
+ policies memoization. Not this is fixed.
47
76
 
48
77
  - Support composed matchers for authorization target testing. ([@palkan][])
49
78
 
50
- Now you can write tests like this:
79
+ Now you can write tests like this:
51
80
 
52
- ```ruby
53
- expect { subject }.to be_authorized_to(:show?, an_instance_of(User))
54
- ```
81
+ ```ruby
82
+ expect { subject }.to be_authorized_to(:show?, an_instance_of(User))
83
+ ```
55
84
 
56
85
  ## 0.3.4 (2019-11-27)
57
86
 
58
87
  - Fix Rails generators. ([@palkan][])
59
88
 
60
- Only invoke install generator if `application_policy.rb` is missing.
61
- Fix hooking into test frameworks.
89
+ Only invoke install generator if `application_policy.rb` is missing.
90
+ Fix hooking into test frameworks.
62
91
 
63
92
  ## 0.3.3 (2019-11-27)
64
93
 
65
94
  - Improve pretty print functionality. ([@palkan][])
66
95
 
67
- Colorize true/false values.
68
- Handle multiline expressions and debug statements (i.e., `binding.pry`).
96
+ Colorize true/false values.
97
+ Handle multiline expressions and debug statements (i.e., `binding.pry`).
69
98
 
70
99
  - Add Rails generators. ([@nicolas-brousse][])
71
100
 
72
- Adds `action_policy:install` and `action_policy:policy MODEL` Rails generators.
101
+ Adds `action_policy:install` and `action_policy:policy MODEL` Rails generators.
73
102
 
74
103
  - Optional authorization target. ([@somenugget][])
75
104
 
76
- Allows making authorization context optional:
105
+ Allows making authorization context optional:
77
106
 
78
- ```ruby
79
- class OptionalRolePolicy < ActionPolicy::Base
80
- authorize :role, optional: true
81
- end
107
+ ```ruby
108
+ class OptionalRolePolicy < ActionPolicy::Base
109
+ authorize :role, optional: true
110
+ end
82
111
 
83
- policy = OptionalRolePolicy.new
84
- policy.role #=> nil
85
- ```
112
+ policy = OptionalRolePolicy.new
113
+ policy.role #=> nil
114
+ ```
86
115
 
87
116
  ## 0.3.2 (2019-05-26) 👶
88
117
 
89
118
  - Fixed thread-safety issues with scoping configs. ([@palkan][])
90
119
 
91
- Fixes [#75](https://github.com/palkan/action_policy/issues/75).
120
+ Fixes [#75](https://github.com/palkan/action_policy/issues/75).
92
121
 
93
122
  ## 0.3.1 (2019-05-30)
94
123
 
95
124
  - Fixed bug with missing implicit target and hash like scoping data. ([@palkan][])
96
125
 
97
- Fixes [#70](https://github.com/palkan/action_policy/issues/70).
126
+ Fixes [#70](https://github.com/palkan/action_policy/issues/70).
98
127
 
99
128
  ## 0.3.0 (2019-04-02)
100
129
 
101
130
  - Added ActiveSupport-based instrumentation. ([@palkan][])
102
131
 
103
- See [PR#4](https://github.com/palkan/action_policy/pull/4)
132
+ See [PR#4](https://github.com/palkan/action_policy/pull/4)
104
133
 
105
134
  - Allow passing authorization context explicitly. ([@palkan][])
106
135
 
107
- Closes [#3](https://github.com/palkan/action_policy/issues/3).
136
+ Closes [#3](https://github.com/palkan/action_policy/issues/3).
108
137
 
109
- Now it's possible to override implicit authorization context
110
- via `context` option:
138
+ Now it's possible to override implicit authorization context
139
+ via `context` option:
111
140
 
112
- ```ruby
113
- authorize! target, to: :show?, context: {user: another_user}
114
- authorized_scope User.all, context: {user: another_user}
115
- ```
141
+ ```ruby
142
+ authorize! target, to: :show?, context: {user: another_user}
143
+ authorized_scope User.all, context: {user: another_user}
144
+ ```
116
145
 
117
146
  - Renamed `#authorized` to `#authorized_scope`. ([@palkan][])
118
147
 
119
- **NOTE:** `#authorized` alias is also available.
148
+ **NOTE:** `#authorized` alias is also available.
120
149
 
121
150
  - Added `Policy#pp(rule)` method to print annotated rule source code. ([@palkan][])
122
151
 
123
- Example (debugging):
152
+ Example (debugging):
124
153
 
125
- ```ruby
126
- def edit?
127
- binding.pry # rubocop:disable Lint/Debugger
128
- (user.name == "John") && (admin? || access_feed?)
129
- end
130
- ```
131
-
132
- ```sh
133
- pry> pp :edit?
134
- MyPolicy#edit?
135
- ↳ (
136
- user.name == "John" #=> false
137
- )
138
- AND
139
- (
140
- admin? #=> false
141
- OR
142
- access_feed? #=> true
143
- )
154
+ ```ruby
155
+ def edit?
156
+ binding.pry # rubocop:disable Lint/Debugger
157
+ (user.name == "John") && (admin? || access_feed?)
158
+ end
159
+ ```
160
+
161
+ ```sh
162
+ pry> pp :edit?
163
+ MyPolicy#edit?
164
+ ↳ (
165
+ user.name == "John" #=> false
166
+ )
167
+ AND
168
+ (
169
+ admin? #=> false
170
+ OR
171
+ access_feed? #=> true
144
172
  )
145
- ```
173
+ )
174
+ ```
146
175
 
147
- See [PR#63](https://github.com/palkan/action_policy/pull/63)
176
+ See [PR#63](https://github.com/palkan/action_policy/pull/63)
148
177
 
149
178
  - Added ability to provide additional failure reasons details. ([@palkan][])
150
179
 
151
- Example:
180
+ Example:
152
181
 
153
- ```ruby
154
- class ApplicantPolicy < ApplicationPolicy
155
- def show?
156
- allowed_to?(:show?, object.stage)
157
- end
182
+ ```ruby
183
+ class ApplicantPolicy < ApplicationPolicy
184
+ def show?
185
+ allowed_to?(:show?, object.stage)
158
186
  end
159
-
160
- class StagePolicy < ApplicationPolicy
161
- def show?
162
- # Add stage title to the failure reason (if any)
163
- # (could be used by client to show more descriptive message)
164
- details[:title] = record.title
165
- # then perform the checks
166
- user.stages.where(id: record.id).exists?
167
- end
187
+ end
188
+
189
+ class StagePolicy < ApplicationPolicy
190
+ def show?
191
+ # Add stage title to the failure reason (if any)
192
+ # (could be used by client to show more descriptive message)
193
+ details[:title] = record.title
194
+ # then perform the checks
195
+ user.stages.where(id: record.id).exists?
168
196
  end
197
+ end
169
198
 
170
- # when accessing the reasons
171
- p ex.result.reasons.details #=> { stage: [{show?: {title: "Onboarding"}] }
172
- ```
199
+ # when accessing the reasons
200
+ p ex.result.reasons.details #=> { stage: [{show?: {title: "Onboarding"}] }
201
+ ```
173
202
 
174
- See https://github.com/palkan/action_policy/pull/58
203
+ See https://github.com/palkan/action_policy/pull/58
175
204
 
176
205
  - Ruby 2.4+ is required. ([@palkan][])
177
206
 
178
207
  - Added RSpec DSL for writing policy specs. ([@palkan])
179
208
 
180
- The goal of this DSL is to reduce the boilerplate when writing
181
- policies specs.
209
+ The goal of this DSL is to reduce the boilerplate when writing
210
+ policies specs.
182
211
 
183
- Example:
212
+ Example:
184
213
 
185
- ```ruby
186
- describe PostPolicy do
187
- let(:user) { build_stubbed :user }
188
- let(:record) { build_stubbed :post, draft: false }
214
+ ```ruby
215
+ describe PostPolicy do
216
+ let(:user) { build_stubbed :user }
217
+ let(:record) { build_stubbed :post, draft: false }
189
218
 
190
- let(:context) { {user: user} }
219
+ let(:context) { {user: user} }
191
220
 
192
- describe_rule :show? do
193
- succeed "when post is published"
221
+ describe_rule :show? do
222
+ succeed "when post is published"
194
223
 
195
- failed "when post is draft" do
196
- before { post.draft = false }
224
+ failed "when post is draft" do
225
+ before { post.draft = false }
197
226
 
198
- succeed "when user is a manager" do
199
- before { user.role = "manager" }
200
- end
227
+ succeed "when user is a manager" do
228
+ before { user.role = "manager" }
201
229
  end
202
230
  end
203
231
  end
204
- ```
232
+ end
233
+ ```
205
234
 
206
235
  - Added I18n support ([@DmitryTsepelev][])
207
236
 
208
- Example:
237
+ Example:
209
238
 
210
- ```ruby
211
- class ApplicationController < ActionController::Base
212
- rescue_from ActionPolicy::Unauthorized do |ex|
213
- p ex.result.message #=> "You do not have access to the stage"
214
- p ex.result.reasons.full_messages #=> ["You do not have access to the stage"]
215
- end
239
+ ```ruby
240
+ class ApplicationController < ActionController::Base
241
+ rescue_from ActionPolicy::Unauthorized do |ex|
242
+ p ex.result.message #=> "You do not have access to the stage"
243
+ p ex.result.reasons.full_messages #=> ["You do not have access to the stage"]
216
244
  end
217
- ```
245
+ end
246
+ ```
218
247
 
219
248
  - Added scope options to scopes. ([@korolvs][])
220
249
 
221
- See [#47](https://github.com/palkan/action_policy/pull/47).
250
+ See [#47](https://github.com/palkan/action_policy/pull/47).
222
251
 
223
- Example:
224
- ```ruby
225
- # users_controller.rb
226
- class UsersController < ApplicationController
227
- def index
228
- @user = authorized(User.all, scope_options: {with_deleted: true})
229
- end
252
+ Example:
253
+
254
+ ```ruby
255
+ # users_controller.rb
256
+ class UsersController < ApplicationController
257
+ def index
258
+ @user = authorized(User.all, scope_options: {with_deleted: true})
230
259
  end
260
+ end
231
261
 
232
- # user_policy.rb
233
- describe UserPolicy < Application do
234
- relation_scope do |relation, with_deleted: false|
235
- rel = some_logic(relation)
236
- with_deleted ? rel.with_deleted : rel
237
- end
262
+ # user_policy.rb
263
+ describe UserPolicy < Application do
264
+ relation_scope do |relation, with_deleted: false|
265
+ rel = some_logic(relation)
266
+ with_deleted ? rel.with_deleted : rel
238
267
  end
239
- ```
268
+ end
269
+ ```
240
270
 
241
271
  - Added Symbol lookup to the lookup chain ([@DmitryTsepelev][])
242
272
 
243
- For instance, lookup will implicitly use `AdminPolicy` in a following case:
273
+ For instance, lookup will implicitly use `AdminPolicy` in a following case:
244
274
 
245
- ```ruby
246
- # admin_controller.rb
247
- class AdminController < ApplicationController
248
- authorize! :admin, to: :update_settings
249
- end
250
- ```
275
+ ```ruby
276
+ # admin_controller.rb
277
+ class AdminController < ApplicationController
278
+ authorize! :admin, to: :update_settings
279
+ end
280
+ ```
251
281
 
252
282
  - Added testing for scopes. ([@palkan][])
253
283
 
254
- Example:
284
+ Example:
255
285
 
256
- ```ruby
257
- # users_controller.rb
258
- class UsersController < ApplicationController
259
- def index
260
- @user = authorized(User.all)
261
- end
286
+ ```ruby
287
+ # users_controller.rb
288
+ class UsersController < ApplicationController
289
+ def index
290
+ @user = authorized(User.all)
262
291
  end
263
-
264
- # users_controller_spec.rb
265
- describe UsersController do
266
- subject { get :index }
267
- it "has authorized scope" do
268
- expect { subject }.to have_authorized_scope(:active_record_relation)
269
- .with(PostPolicy)
270
- end
292
+ end
293
+
294
+ # users_controller_spec.rb
295
+ describe UsersController do
296
+ subject { get :index }
297
+ it "has authorized scope" do
298
+ expect { subject }.to have_authorized_scope(:active_record_relation)
299
+ .with(PostPolicy)
271
300
  end
272
- ```
301
+ end
302
+ ```
273
303
 
274
304
  - Added scoping support. ([@palkan][])
275
305
 
276
- See [#5](https://github.com/palkan/action_policy/issues/5).
306
+ See [#5](https://github.com/palkan/action_policy/issues/5).
277
307
 
278
- By "scoping" we mean an ability to use policies to _scope data_.
308
+ By "scoping" we mean an ability to use policies to _scope data_.
279
309
 
280
- For example, when you want to _scope_ Active Record collections depending
281
- on the current user permissions:
310
+ For example, when you want to _scope_ Active Record collections depending
311
+ on the current user permissions:
282
312
 
283
- ```ruby
284
- class PostsController < ApplicationController
285
- def index
286
- @posts = authorized(Post.all)
287
- end
313
+ ```ruby
314
+ class PostsController < ApplicationController
315
+ def index
316
+ @posts = authorized(Post.all)
288
317
  end
318
+ end
289
319
 
290
- class PostPolicy < ApplicationPolicy
291
- relation_scope do |relation|
292
- next relation if user.admin?
293
- relation.where(user: user)
294
- end
320
+ class PostPolicy < ApplicationPolicy
321
+ relation_scope do |relation|
322
+ next relation if user.admin?
323
+ relation.where(user: user)
295
324
  end
296
- ```
325
+ end
326
+ ```
297
327
 
298
- Action Policy provides a flexible mechanism to apply scopes to anything you want.
328
+ Action Policy provides a flexible mechanism to apply scopes to anything you want.
299
329
 
300
- Read more in [docs](https://actionpolicy.evilmartians.io/).
330
+ Read more in [docs](https://actionpolicy.evilmartians.io/).
301
331
 
302
332
  - Added `#implicit_authorization_target`. ([@palkan][]).
303
333
 
304
- See [#35](https://github.com/palkan/action_policy/issues/35).
334
+ See [#35](https://github.com/palkan/action_policy/issues/35).
305
335
 
306
- Implicit authorization target (defined by `implicit_authorization_target`) is used when no target specified for `authorize!` call.
336
+ Implicit authorization target (defined by `implicit_authorization_target`) is used when no target specified for `authorize!` call.
307
337
 
308
- For example, for Rails controllers integration it's just `controller_name.classify.safe_constantize`.
338
+ For example, for Rails controllers integration it's just `controller_name.classify.safe_constantize`.
309
339
 
310
340
  - Consider `record#policy_name` when looking up for a policy class. ([@palkan][])
311
341
 
@@ -319,21 +349,21 @@ See [PR#118](https://github.com/palkan/action_policy/pull/118).
319
349
 
320
350
  - Add ability to disable per-thread cache and disable it in test env by default. ([@palkan][])
321
351
 
322
- You can control per-thread cache by setting:
352
+ You can control per-thread cache by setting:
323
353
 
324
- ```ruby
325
- ActionPolicy::PerThreadCache.enabled = true # or false
326
- ```
354
+ ```ruby
355
+ ActionPolicy::PerThreadCache.enabled = true # or false
356
+ ```
327
357
 
328
358
  ## 0.2.3 (2018-07-03)
329
359
 
330
360
  - [Fix [#16](https://github.com/palkan/action_policy/issues/16)] Add ability to disable namespace resolution cache. ([@palkan][])
331
361
 
332
- We cache namespaced policy resolution for better performance (it could affect performance when we look up a policy from a deeply nested module context).
362
+ We cache namespaced policy resolution for better performance (it could affect performance when we look up a policy from a deeply nested module context).
333
363
 
334
- It could be disabled by setting `ActionPolicy::LookupChain.namespace_cache_enabled = false`. It's enabled by default unless `RACK_ENV` env var is specified and is not equal to `"production"` (e.g. when `RACK_ENV=test` the cache is disabled).
364
+ It could be disabled by setting `ActionPolicy::LookupChain.namespace_cache_enabled = false`. It's enabled by default unless `RACK_ENV` env var is specified and is not equal to `"production"` (e.g. when `RACK_ENV=test` the cache is disabled).
335
365
 
336
- When using Rails it's enabled only in production mode but could be configured through setting the `config.action_policy.namespace_cache_enabled` parameter.
366
+ When using Rails it's enabled only in production mode but could be configured through setting the `config.action_policy.namespace_cache_enabled` parameter.
337
367
 
338
368
  - [Fix [#18](https://github.com/palkan/action_policy/issues/18)] Clarify documentation around, and fix the way `resolve_rule` resolves rules and rule aliases when subclasses are involved. ([@brendon][])
339
369
 
@@ -341,11 +371,10 @@ See [PR#118](https://github.com/palkan/action_policy/pull/118).
341
371
 
342
372
  - [Fix [#29](https://github.com/palkan/action_policy/issues/29)] Fix loading cache middleware. ([@palkan][])
343
373
 
344
-
345
374
  - Use `send` instead of `public_send` to get the `authorization_context` so that contexts such as
346
375
  `current_user` can be `private` in the controller. ([@brendon][])
347
376
 
348
- - Fix railtie initialisation for Rails < 5. ([@brendon][])
377
+ - Fix railtie initialization for Rails < 5. ([@brendon][])
349
378
 
350
379
  ## 0.2.1 (yanked)
351
380
 
@@ -355,18 +384,18 @@ See [PR#118](https://github.com/palkan/action_policy/pull/118).
355
384
 
356
385
  - Add `reasons.details`. ([@palkan][])
357
386
 
358
- ```ruby
359
- rescue_from ActionPolicy::Unauthorized do |ex|
360
- ex.result.reasons.details #=> { stage: [:show?] }
361
- end
362
- ```
387
+ ```ruby
388
+ rescue_from ActionPolicy::Unauthorized do |ex|
389
+ ex.result.reasons.details #=> { stage: [:show?] }
390
+ end
391
+ ```
363
392
 
364
393
  - Add `ExecutionResult`. ([@palkan][])
365
394
 
366
- ExecutionResult contains all the rule application artifacts: the result (`true` / `false`),
367
- failures reasons.
395
+ ExecutionResult contains all the rule application artifacts: the result (`true` / `false`),
396
+ failures reasons.
368
397
 
369
- This value is now stored in a cache (if any) instead of just the call result (`true` / `false`).
398
+ This value is now stored in a cache (if any) instead of just the call result (`true` / `false`).
370
399
 
371
400
  - Add `Policy.identifier`. ([@palkan][])
372
401