action_policy 0.6.0 → 0.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0fe2b2b40f6a3bd85c312495209382b1ee72950072257e676be008e2ef8d77c5
-  data.tar.gz: f0c9b0cb38bc130cdb8c7f3f4cfba3adcc326f25c6435fe75723e8c0d3ba3fe9
+  metadata.gz: 611389adf65ee131b0b5b272885fe0ba6a7066330a1e9b97d7f0b9cb8dd47530
+  data.tar.gz: f2f29bf49216ef6406b408935250fc845619d14657d8956d7a20a6344b8a3032
 SHA512:
-  metadata.gz: f49f02d335942aa0a100e681f7570c1b6d042e68d1ed9d02012ec84b9f354b5c0a1d7a42ba15fbd3c84c84536e444af95057a09ef00cdc6ae3c2f5d0b24dd3a6
-  data.tar.gz: 2eced066c406feb11e8cdf99113fa8d27f8fe73ff015bcc1d2958c0a657540d195b25a8328dee02206b8539e55d16278f531dcde6b9567fef95ec1bead92cda0
+  metadata.gz: 86baaf070430319da764d5287542f418a32f9b28870518bddeb6c25ad3875ea14482993c2d0d185750e1dea36ad45263182f285f893b9a44a95f29dcd734f653
+  data.tar.gz: 6fbb1736b962bd2b80d24ffe2ada43ced3bf4324f5d4790d6ca39f7f1c5a654bffcde93caca846c6ce49ce5a1d68a299fd050edda595cdc114bd552de83ac1d5

data/CHANGELOG.md

@@ -2,6 +2,20 @@
 
 ## master
 
+## 0.6.3 (2022-08-16)
+
+- Fix regression for [#179](https://github.com/palkan/action_policy/issues/179). ([@palkan][])
+
+## 0.6.2 (2022-08-12)
+
+- Allow omitting authorization record if `with` is provided. ([@palkan][])
+
+## 0.6.1 (2022-05-23)
+
+- Fix policy lookup when a namespaced record is passed and the strict mode is used. ([@palkan][])
+- Expose `#authorized_scope` as helper. ([@palkan][])
+- [Fixes [#207](https://github.com/palkan/action_policy/issues/207)] refinement#include deprecation warning on Ruby 3.1
+
 ## 0.6.0 (2021-09-02)
 
 - Drop Ruby 2.5 support.

data/lib/.rbnext/3.0/action_policy/ext/policy_cache_key.rb

@@ -23,7 +23,7 @@ module ActionPolicy
       end
 
       refine Object do
-        include ObjectExt
+        ::RubyNext::Core.import_methods(ObjectExt, binding)
       end
 
       refine NilClass do

data/lib/.rbnext/3.0/action_policy/policy/core.rb

@@ -86,7 +86,7 @@ module ActionPolicy
         @result = self.class.result_class.new(self.class, rule)
 
         catch :policy_fulfilled do
-          result.load __apply__(rule)
+          result.load __apply__(resolve_rule(rule))
         end
 
         result.value
@@ -139,7 +139,7 @@ module ActionPolicy
       #
       # By default, rule name is equal to activity name.
       #
-      # Raises ActionPolicy::UknownRule when rule is not found in policy.
+      # Raises ActionPolicy::UnknownRule when rule is not found in policy.
       def resolve_rule(activity)
         raise UnknownRule.new(self, activity) unless
           respond_to?(activity)

data/lib/.rbnext/3.0/action_policy/rspec/be_an_alias_of.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+require "action_policy/testing"
+
+module ActionPolicy
+  module RSpec
+    # Policy rule alias matcher `be_an_alias_of`.
+    #
+    # Verifies that for given policy a policy rule has an alias.
+    #
+    # Example:
+    #
+    #   # in policy specs
+    #   subject(:policy) { described_class.new(record, user: user) }
+    #
+    #   let(:user) { build_stubbed(:user) }
+    #   let(:record) { build_stubbed(:post) }
+    #
+    #   describe "#show?" do
+    #     it "is an alias of :index? policy rule" do
+    #       expect(:show?).to be_an_alias_of(policy, :index?)
+    #     end
+    #   end
+    #
+    #   # negated version
+    #   describe "#show?" do
+    #     it "is not an alias of :index? policy rule" do
+    #       expect(:show?).to_not be_an_alias_of(policy, :index?)
+    #     end
+    #   end
+    #
+    class BeAnAliasOf < ::RSpec::Matchers::BuiltIn::BaseMatcher
+      attr_reader :policy, :rule, :actual
+
+      def initialize(policy, rule)
+        @policy = policy
+        @rule = rule
+      end
+
+      def match(_expected, actual)
+        policy.resolve_rule(actual) == rule
+      end
+
+      def does_not_match?(actual)
+        @actual = actual
+        policy.resolve_rule(actual) != rule
+      end
+
+      def supports_block_expectations?() ;  false; end
+
+      def failure_message
+        "expected #{policy}##{actual} " \
+        "to be an alias of #{policy}##{rule}"
+      end
+
+      def failure_message_when_negated
+        "expected #{policy}##{actual} " \
+        "to not be an alias of #{policy}##{rule}"
+      end
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.include(Module.new do
+    def be_an_alias_of(policy, rule)
+      ActionPolicy::RSpec::BeAnAliasOf.new(policy, rule)
+    end
+  end)
+end

data/lib/.rbnext/3.1/action_policy/ext/module_namespace.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module ActionPolicy
+  module Ext
+    # Add Module#namespace method
+    module ModuleNamespace # :nodoc: all
+      unless "".respond_to?(:safe_constantize)
+        require "action_policy/ext/string_constantize"
+        using ActionPolicy::Ext::StringConstantize
+      end
+
+      module Ext
+        def namespace
+          return unless name&.match?(/[^^]::/)
+
+          name.sub(/::[^:]+$/, "").safe_constantize
+        end
+      end
+
+      # See https://github.com/jruby/jruby/issues/5220
+      ::Module.include(Ext) if RUBY_PLATFORM.match?(/java/i)
+
+      refine Module do
+        if RUBY_VERSION <= "2.7.0"
+          include Ext
+        else
+          ::RubyNext::Core.import_methods(Ext, binding)
+        end
+      end
+    end
+  end
+end

data/lib/.rbnext/3.1/action_policy/ext/policy_cache_key.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module ActionPolicy
+  module Ext
+    # Adds #_policy_cache_key method to Object,
+    # which just call #policy_cache_key or #cache_key
+    # or #object_id (if `use_object_id` parameter is set to true).
+    #
+    # For other core classes returns string representation.
+    #
+    # Raises ArgumentError otherwise.
+    module PolicyCacheKey # :nodoc: all
+      module ObjectExt
+        def _policy_cache_key(use_object_id: false)
+          return policy_cache_key if respond_to?(:policy_cache_key)
+          return cache_key_with_version if respond_to?(:cache_key_with_version)
+          return cache_key if respond_to?(:cache_key)
+
+          return object_id.to_s if use_object_id == true
+
+          raise ArgumentError, "object is not cacheable"
+        end
+      end
+
+      refine Object do
+        ::RubyNext::Core.import_methods(ObjectExt, binding)
+      end
+
+      refine NilClass do
+        def _policy_cache_key(*) = ""
+      end
+
+      refine TrueClass do
+        def _policy_cache_key(*) = "t"
+      end
+
+      refine FalseClass do
+        def _policy_cache_key(*) = "f"
+      end
+
+      refine String do
+        def _policy_cache_key(*) = self
+      end
+
+      refine Symbol do
+        def _policy_cache_key(*) = to_s
+      end
+
+      if RUBY_PLATFORM.match?(/java/i)
+        refine Integer do
+          def _policy_cache_key(*) = to_s
+        end
+
+        refine Float do
+          def _policy_cache_key(*) = to_s
+        end
+      else
+        refine Numeric do
+          def _policy_cache_key(*) = to_s
+        end
+      end
+
+      refine Time do
+        def _policy_cache_key(*) = to_s
+      end
+
+      refine Module do
+        def _policy_cache_key(*) = name
+      end
+    end
+  end
+end

data/lib/action_policy/behaviour.rb

@@ -58,10 +58,11 @@ module ActionPolicy
     end
 
     def authorization_context
-      return @__authorization_context if
-        instance_variable_defined?(:@__authorization_context)
+      @_authorization_context ||= build_authorization_context
+    end
 
-      @__authorization_context = self.class.authorization_targets
+    private def build_authorization_context
+      self.class.authorization_targets
         .each_with_object({}) do |(key, meth), obj|
         obj[key] = send(meth)
       end
@@ -73,11 +74,19 @@ module ActionPolicy
       policy.resolve_rule(rule)
     end
 
-    def lookup_authorization_policy(record, **options) # :nodoc:
-      record = implicit_authorization_target! if :__undef__ == record # rubocop:disable Style/YodaCondition See https://github.com/palkan/action_policy/pull/180
-      Kernel.raise ArgumentError, "Record must be specified" if record.nil?
+    def lookup_authorization_policy(record, with: nil, **options) # :nodoc:
+      if :__undef__ == record # rubocop:disable Style/YodaCondition
+        record =
+          if with
+            implicit_authorization_target
+          else
+            implicit_authorization_target!
+          end
+      end
+
+      Kernel.raise ArgumentError, "Record or policy must be specified" if record.nil? && with.nil?
 
-      policy_for(record: record, **options)
+      policy_for(record: record, with: with, **options)
     end
 
     module ClassMethods # :nodoc:

data/lib/action_policy/ext/module_namespace.rb

@@ -21,7 +21,11 @@ module ActionPolicy
       ::Module.include(Ext) if RUBY_PLATFORM.match?(/java/i)
 
       refine Module do
-        include Ext
+        if RUBY_VERSION <= "2.7.0"
+          include Ext
+        else
+          import_methods Ext
+        end
       end
     end
   end

data/lib/action_policy/ext/policy_cache_key.rb

@@ -23,7 +23,7 @@ module ActionPolicy
       end
 
       refine Object do
-        include ObjectExt
+        import_methods ObjectExt
       end
 
       refine NilClass do

data/lib/action_policy/lookup_chain.rb

@@ -67,12 +67,20 @@ module ActionPolicy
       def lookup_within_namespace(policy_name, namespace, strict: false)
         NamespaceCache.fetch(namespace&.name || "Kernel", policy_name, strict: strict) do
           mod = namespace
+          policy_class = nil
+
           loop do
-            policy = [mod&.name, policy_name].compact.join("::").safe_constantize
-            break policy if policy || mod.nil? || strict
+            policy_class = [mod&.name, policy_name].compact.join("::").safe_constantize
+            break policy_class if policy_class || mod.nil?
 
             mod = mod.namespace
           end
+
+          next policy_class if !strict || namespace.nil? || policy_class.nil?
+
+          # If we're in the strict mode and the namespace boundary is provided,
+          # we must check that the found policy satisfies it
+          policy_class if policy_class.name.start_with?("#{namespace.name}::")
         end
       end
 

data/lib/action_policy/policy/authorization.rb

@@ -66,7 +66,7 @@ module ActionPolicy
           allow_nil ||= optional
 
           ids.each do |id|
-            authorization_targets[id] = {allow_nil, optional}
+            authorization_targets[id] = {allow_nil:, optional:}
           end
 
           attr_reader(*ids)

data/lib/action_policy/policy/core.rb

@@ -86,7 +86,7 @@ module ActionPolicy
         @result = self.class.result_class.new(self.class, rule)
 
         catch :policy_fulfilled do
-          result.load __apply__(rule)
+          result.load __apply__(resolve_rule(rule))
         end
 
         result.value
@@ -139,7 +139,7 @@ module ActionPolicy
       #
       # By default, rule name is equal to activity name.
       #
-      # Raises ActionPolicy::UknownRule when rule is not found in policy.
+      # Raises ActionPolicy::UnknownRule when rule is not found in policy.
       def resolve_rule(activity)
         raise UnknownRule.new(self, activity) unless
           respond_to?(activity)

data/lib/action_policy/rails/controller.rb

@@ -23,7 +23,10 @@ module ActionPolicy
     include ActionPolicy::Behaviours::Namespaced
 
     included do
-      helper_method :allowed_to? if respond_to?(:helper_method)
+      if respond_to?(:helper_method)
+        helper_method :allowed_to?
+        helper_method :authorized_scope
+      end
 
       attr_writer :authorize_count
       attr_reader :verify_authorized_skipped

data/lib/action_policy/rspec/be_an_alias_of.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+require "action_policy/testing"
+
+module ActionPolicy
+  module RSpec
+    # Policy rule alias matcher `be_an_alias_of`.
+    #
+    # Verifies that for given policy a policy rule has an alias.
+    #
+    # Example:
+    #
+    #   # in policy specs
+    #   subject(:policy) { described_class.new(record, user: user) }
+    #
+    #   let(:user) { build_stubbed(:user) }
+    #   let(:record) { build_stubbed(:post) }
+    #
+    #   describe "#show?" do
+    #     it "is an alias of :index? policy rule" do
+    #       expect(:show?).to be_an_alias_of(policy, :index?)
+    #     end
+    #   end
+    #
+    #   # negated version
+    #   describe "#show?" do
+    #     it "is not an alias of :index? policy rule" do
+    #       expect(:show?).to_not be_an_alias_of(policy, :index?)
+    #     end
+    #   end
+    #
+    class BeAnAliasOf < ::RSpec::Matchers::BuiltIn::BaseMatcher
+      attr_reader :policy, :rule, :actual
+
+      def initialize(policy, rule)
+        @policy = policy
+        @rule = rule
+      end
+
+      def match(_expected, actual)
+        policy.resolve_rule(actual) == rule
+      end
+
+      def does_not_match?(actual)
+        @actual = actual
+        policy.resolve_rule(actual) != rule
+      end
+
+      def supports_block_expectations?() = false
+
+      def failure_message
+        "expected #{policy}##{actual} " \
+        "to be an alias of #{policy}##{rule}"
+      end
+
+      def failure_message_when_negated
+        "expected #{policy}##{actual} " \
+        "to not be an alias of #{policy}##{rule}"
+      end
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.include(Module.new do
+    def be_an_alias_of(policy, rule)
+      ActionPolicy::RSpec::BeAnAliasOf.new(policy, rule)
+    end
+  end)
+end

data/lib/action_policy/rspec.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 
+require "action_policy/rspec/be_an_alias_of"
 require "action_policy/rspec/be_authorized_to"
 require "action_policy/rspec/have_authorized_scope"

data/lib/action_policy/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ActionPolicy
-  VERSION = "0.6.0"
+  VERSION = "0.6.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_policy
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.6.3
 platform: ruby
 authors:
 - Vladimir Dementyev
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-02 00:00:00.000000000 Z
+date: 2022-08-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-next-core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.14.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.14.0
 - !ruby/object:Gem::Dependency
   name: ammeter
   requirement: !ruby/object:Gem::Requirement
@@ -133,9 +133,6 @@ files:
 - LICENSE.txt
 - README.md
 - config/rubocop-rspec.yml
-- lib/.rbnext/1995.next/action_policy/behaviours/policy_for.rb
-- lib/.rbnext/1995.next/action_policy/behaviours/scoping.rb
-- lib/.rbnext/1995.next/action_policy/policy/authorization.rb
 - lib/.rbnext/1995.next/action_policy/utils/pretty_print.rb
 - lib/.rbnext/2.7/action_policy/behaviours/policy_for.rb
 - lib/.rbnext/2.7/action_policy/i18n.rb
@@ -153,10 +150,16 @@ files:
 - lib/.rbnext/3.0/action_policy/policy/execution_result.rb
 - lib/.rbnext/3.0/action_policy/policy/pre_check.rb
 - lib/.rbnext/3.0/action_policy/policy/reasons.rb
+- lib/.rbnext/3.0/action_policy/rspec/be_an_alias_of.rb
 - lib/.rbnext/3.0/action_policy/rspec/be_authorized_to.rb
 - lib/.rbnext/3.0/action_policy/rspec/have_authorized_scope.rb
 - lib/.rbnext/3.0/action_policy/utils/pretty_print.rb
 - lib/.rbnext/3.0/action_policy/utils/suggest_message.rb
+- lib/.rbnext/3.1/action_policy/behaviours/policy_for.rb
+- lib/.rbnext/3.1/action_policy/behaviours/scoping.rb
+- lib/.rbnext/3.1/action_policy/ext/module_namespace.rb
+- lib/.rbnext/3.1/action_policy/ext/policy_cache_key.rb
+- lib/.rbnext/3.1/action_policy/policy/authorization.rb
 - lib/action_policy.rb
 - lib/action_policy/authorizer.rb
 - lib/action_policy/base.rb
@@ -194,6 +197,7 @@ files:
 - lib/action_policy/rails/scope_matchers/active_record.rb
 - lib/action_policy/railtie.rb
 - lib/action_policy/rspec.rb
+- lib/action_policy/rspec/be_an_alias_of.rb
 - lib/action_policy/rspec/be_authorized_to.rb
 - lib/action_policy/rspec/dsl.rb
 - lib/action_policy/rspec/have_authorized_scope.rb
@@ -237,7 +241,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.3.11
 signing_key:
 specification_version: 4
 summary: Authorization framework for Ruby/Rails application