action_policy 0.6.5 → 0.6.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/README.md +7 -0
- data/lib/.rbnext/2.7/action_policy/rails/scope_matchers/action_controller_params.rb +19 -0
- data/lib/.rbnext/2.7/action_policy/rails/scope_matchers/active_record.rb +29 -0
- data/lib/action_policy/ext/string_underscore.rb +1 -1
- data/lib/action_policy/rails/scope_matchers/action_controller_params.rb +2 -2
- data/lib/action_policy/rails/scope_matchers/active_record.rb +2 -2
- data/lib/action_policy/railtie.rb +29 -29
- data/lib/action_policy/version.rb +1 -1
- data/lib/generators/action_policy/policy/USAGE +8 -1
- data/lib/generators/action_policy/policy/policy_generator.rb +12 -0
- data/lib/generators/action_policy/policy/templates/policy.rb.tt +1 -1
- metadata +5 -4
- data/lib/action_policy/cache_middleware.rb +0 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df57cf926c648dc59ed1a1afc44b352eb998f5bf03a9405127105611e641ffdb
|
|
4
|
+
data.tar.gz: 51a8e81c6479bf06894da3a2f8fa83c98ed25da678e73bf2462f029a75c55ec4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c55e23ffeff3a1d9800512759105e509abb6b51dabee1a984c56f04daa04e661ef37e056e2fee64b86a17bff8fab8167b557d8f5fe6bd9118febf0b116f7b3a
|
|
7
|
+
data.tar.gz: 8c1459872bb8daa8bca216c1ee342b9c8c4b4b6fb5654301765ec4d2c7f8ff6612ab784269a89920c29f575ee9ecd79b2a470a415f92246db70c0b9d7a3631b1
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,26 @@
|
|
|
2
2
|
|
|
3
3
|
## master
|
|
4
4
|
|
|
5
|
+
## 0.6.7 (2023-09-13)
|
|
6
|
+
|
|
7
|
+
- Fix loading Rails extensions during eager load. ([@palkan][])
|
|
8
|
+
|
|
9
|
+
## 0.6.6 (2023-09-11)
|
|
10
|
+
|
|
11
|
+
- Fix loading Active Record and Action Controller scope matchers. ([@palkan][])
|
|
12
|
+
|
|
13
|
+
- Add `--parent` option for policy generator ([@matsales28][])
|
|
14
|
+
|
|
15
|
+
Example:
|
|
16
|
+
|
|
17
|
+
`bin/rails g action_policy:policy user --parent=base_policy` generates:
|
|
18
|
+
|
|
19
|
+
```ruby
|
|
20
|
+
class UserPolicy < BasePolicy
|
|
21
|
+
# ...
|
|
22
|
+
end
|
|
23
|
+
```
|
|
24
|
+
|
|
5
25
|
## 0.6.5 (2023-02-16)
|
|
6
26
|
|
|
7
27
|
- Fix generated policies' outdated Ruby API (to work with Ruby 3.2).
|
data/README.md
CHANGED
|
@@ -2,9 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
[](https://actionpolicy.evilmartians.io)
|
|
5
|
+
[](https://coveralls.io/github/palkan/action_policy)
|
|
5
6
|
|
|
6
7
|
# Action Policy
|
|
7
8
|
|
|
9
|
+
<img align="right" height="150" width="129"
|
|
10
|
+
title="Action Policy logo" src="./docs/assets/images/logo.svg">
|
|
11
|
+
|
|
8
12
|
Authorization framework for Ruby and Rails applications.
|
|
9
13
|
|
|
10
14
|
Composable. Extensible. Performant.
|
|
@@ -25,6 +29,7 @@ Composable. Extensible. Performant.
|
|
|
25
29
|
## Integrations
|
|
26
30
|
|
|
27
31
|
- GraphQL Ruby ([`action_policy-graphql`](https://github.com/palkan/action_policy-graphql))
|
|
32
|
+
- Graphiti (JSON:API) ([`action_policy-graphiti`](https://github.com/shrimple-tech/action_policy-graphiti))
|
|
28
33
|
|
|
29
34
|
## Installation
|
|
30
35
|
|
|
@@ -71,6 +76,8 @@ end
|
|
|
71
76
|
```
|
|
72
77
|
|
|
73
78
|
This may be done with `rails generate action_policy:policy Post` generator.
|
|
79
|
+
You can also use `rails generate action_policy:policy Post --parent=BasePolicy` to make the generated policy inherits
|
|
80
|
+
from `BasePolicy`.
|
|
74
81
|
|
|
75
82
|
Now you can easily add authorization to your Rails\* controller:
|
|
76
83
|
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module ActionPolicy
|
|
4
|
+
module ScopeMatchers
|
|
5
|
+
# Adds `params_filter` method as an alias
|
|
6
|
+
# for `scope_for :action_controller_params`
|
|
7
|
+
module ActionControllerParams
|
|
8
|
+
def params_filter(*__rest__, &__block__)
|
|
9
|
+
scope_for(:action_controller_params, *__rest__, &__block__)
|
|
10
|
+
end; respond_to?(:ruby2_keywords, true) && (ruby2_keywords :params_filter)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
# Register params scope matcher
|
|
16
|
+
ActionPolicy::Base.scope_matcher :action_controller_params, ActionController::Parameters
|
|
17
|
+
|
|
18
|
+
# Add alias to base policy
|
|
19
|
+
ActionPolicy::Base.extend ActionPolicy::ScopeMatchers::ActionControllerParams
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module ActionPolicy
|
|
4
|
+
module ScopeMatchers
|
|
5
|
+
# Adds `relation_scope` method as an alias
|
|
6
|
+
# for `scope_for :active_record_relation`
|
|
7
|
+
module ActiveRecord
|
|
8
|
+
def relation_scope(*__rest__, &__block__)
|
|
9
|
+
scope_for(:active_record_relation, *__rest__, &__block__)
|
|
10
|
+
end; respond_to?(:ruby2_keywords, true) && (ruby2_keywords :relation_scope)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
# Register relation scope matcher
|
|
16
|
+
ActionPolicy::Base.scope_matcher :active_record_relation, ActiveRecord::Relation
|
|
17
|
+
|
|
18
|
+
# Add alias to base policy
|
|
19
|
+
ActionPolicy::Base.extend ActionPolicy::ScopeMatchers::ActiveRecord
|
|
20
|
+
|
|
21
|
+
ActiveRecord::Relation.include(Module.new do
|
|
22
|
+
def policy_name
|
|
23
|
+
if model.respond_to?(:policy_name)
|
|
24
|
+
model.policy_name.to_s
|
|
25
|
+
else
|
|
26
|
+
"#{model}Policy"
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end)
|
|
@@ -5,8 +5,8 @@ module ActionPolicy
|
|
|
5
5
|
# Adds `params_filter` method as an alias
|
|
6
6
|
# for `scope_for :action_controller_params`
|
|
7
7
|
module ActionControllerParams
|
|
8
|
-
def params_filter(
|
|
9
|
-
scope_for
|
|
8
|
+
def params_filter(...)
|
|
9
|
+
scope_for(:action_controller_params, ...)
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
end
|
|
@@ -5,8 +5,8 @@ module ActionPolicy
|
|
|
5
5
|
# Adds `relation_scope` method as an alias
|
|
6
6
|
# for `scope_for :active_record_relation`
|
|
7
7
|
module ActiveRecord
|
|
8
|
-
def relation_scope(
|
|
9
|
-
scope_for
|
|
8
|
+
def relation_scope(...)
|
|
9
|
+
scope_for(:active_record_relation, ...)
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
end
|
|
@@ -4,14 +4,6 @@ module ActionPolicy # :nodoc:
|
|
|
4
4
|
require "action_policy/rails/controller"
|
|
5
5
|
require "action_policy/rails/channel"
|
|
6
6
|
|
|
7
|
-
if defined?(::ActionController)
|
|
8
|
-
require "action_policy/rails/scope_matchers/action_controller_params"
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
if defined?(::ActiveRecord)
|
|
12
|
-
require "action_policy/rails/scope_matchers/active_record"
|
|
13
|
-
end
|
|
14
|
-
|
|
15
7
|
class Railtie < ::Rails::Railtie # :nodoc:
|
|
16
8
|
# Provides Rails-specific configuration,
|
|
17
9
|
# accessible through `Rails.application.config.action_policy`
|
|
@@ -65,51 +57,59 @@ module ActionPolicy # :nodoc:
|
|
|
65
57
|
config.action_policy = Config
|
|
66
58
|
|
|
67
59
|
initializer "action_policy.clear_per_thread_cache" do |app|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
app.executor.to_complete { ActionPolicy::PerThreadCache.clear_all }
|
|
71
|
-
else
|
|
72
|
-
require "action_policy/cache_middleware"
|
|
73
|
-
app.middleware.use ActionPolicy::CacheMiddleware
|
|
74
|
-
end
|
|
60
|
+
app.executor.to_run { ActionPolicy::PerThreadCache.clear_all }
|
|
61
|
+
app.executor.to_complete { ActionPolicy::PerThreadCache.clear_all }
|
|
75
62
|
end
|
|
76
63
|
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
require "action_policy/rails/authorizer"
|
|
64
|
+
initializer "action_policy.extensions" do |app|
|
|
65
|
+
if app.config.action_policy.instrumentation_enabled
|
|
66
|
+
require "action_policy/rails/policy/instrumentation"
|
|
67
|
+
require "action_policy/rails/authorizer"
|
|
82
68
|
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
69
|
+
ActionPolicy::Base.prepend ActionPolicy::Policy::Rails::Instrumentation
|
|
70
|
+
ActionPolicy::Authorizer.singleton_class.prepend ActionPolicy::Rails::Authorizer
|
|
71
|
+
end
|
|
86
72
|
|
|
87
|
-
config.to_prepare do |_app|
|
|
88
73
|
ActionPolicy::LookupChain.namespace_cache_enabled =
|
|
89
|
-
|
|
74
|
+
app.config.action_policy.namespace_cache_enabled
|
|
90
75
|
|
|
91
76
|
ActiveSupport.on_load(:action_controller) do
|
|
92
|
-
|
|
77
|
+
require "action_policy/rails/scope_matchers/action_controller_params"
|
|
78
|
+
|
|
79
|
+
next unless app.config.action_policy.auto_inject_into_controller
|
|
93
80
|
|
|
94
81
|
ActionController::Base.include ActionPolicy::Controller
|
|
95
82
|
|
|
96
|
-
next unless
|
|
83
|
+
next unless app.config.action_policy.controller_authorize_current_user
|
|
97
84
|
|
|
98
85
|
ActionController::Base.authorize :user, through: :current_user
|
|
99
86
|
end
|
|
100
87
|
|
|
101
88
|
ActiveSupport.on_load(:action_cable) do
|
|
102
|
-
next unless
|
|
89
|
+
next unless app.config.action_policy.auto_inject_into_channel
|
|
103
90
|
|
|
104
91
|
ActionCable::Channel::Base.include ActionPolicy::Channel
|
|
105
92
|
|
|
106
|
-
next unless
|
|
93
|
+
next unless app.config.action_policy.channel_authorize_current_user
|
|
107
94
|
|
|
108
95
|
ActionCable::Channel::Base.authorize :user, through: :current_user
|
|
109
96
|
end
|
|
110
97
|
|
|
111
98
|
ActiveSupport.on_load(:active_record) do
|
|
112
99
|
require "action_policy/rails/ext/active_record"
|
|
100
|
+
require "action_policy/rails/scope_matchers/active_record"
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
# Trigger load hooks of the components that extend ActionPolicy itself
|
|
104
|
+
# (e.g., scope matchers)
|
|
105
|
+
begin
|
|
106
|
+
::ActionController::Base
|
|
107
|
+
rescue NameError
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
begin
|
|
111
|
+
::ActiveRecord::Base
|
|
112
|
+
rescue NameError
|
|
113
113
|
end
|
|
114
114
|
end
|
|
115
115
|
end
|
|
@@ -2,7 +2,14 @@ Description:
|
|
|
2
2
|
Generates a policy for a model with the given name.
|
|
3
3
|
|
|
4
4
|
Example:
|
|
5
|
-
rails generate action_policy:policy user
|
|
5
|
+
rails generate action_policy:policy user --parent=base_policy
|
|
6
6
|
|
|
7
7
|
This will create:
|
|
8
8
|
app/policies/user_policy.rb
|
|
9
|
+
|
|
10
|
+
```ruby
|
|
11
|
+
class UserPolicy < BasePolicy
|
|
12
|
+
# ...
|
|
13
|
+
end
|
|
14
|
+
```
|
|
15
|
+
|
|
@@ -7,6 +7,8 @@ module ActionPolicy
|
|
|
7
7
|
class PolicyGenerator < ::Rails::Generators::NamedBase
|
|
8
8
|
source_root File.expand_path("templates", __dir__)
|
|
9
9
|
|
|
10
|
+
class_option :parent, type: :string, desc: "The parent class for the generated policy"
|
|
11
|
+
|
|
10
12
|
def run_install_if_needed
|
|
11
13
|
in_root do
|
|
12
14
|
return if File.exist?("app/policies/application_policy.rb")
|
|
@@ -20,6 +22,16 @@ module ActionPolicy
|
|
|
20
22
|
end
|
|
21
23
|
|
|
22
24
|
hook_for :test_framework
|
|
25
|
+
|
|
26
|
+
private
|
|
27
|
+
|
|
28
|
+
def parent_class_name
|
|
29
|
+
parent || "ApplicationPolicy"
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def parent
|
|
33
|
+
options[:parent]
|
|
34
|
+
end
|
|
23
35
|
end
|
|
24
36
|
end
|
|
25
37
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: action_policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Vladimir Dementyev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-09-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ruby-next-core
|
|
@@ -138,6 +138,8 @@ files:
|
|
|
138
138
|
- lib/.rbnext/2.7/action_policy/i18n.rb
|
|
139
139
|
- lib/.rbnext/2.7/action_policy/policy/cache.rb
|
|
140
140
|
- lib/.rbnext/2.7/action_policy/policy/pre_check.rb
|
|
141
|
+
- lib/.rbnext/2.7/action_policy/rails/scope_matchers/action_controller_params.rb
|
|
142
|
+
- lib/.rbnext/2.7/action_policy/rails/scope_matchers/active_record.rb
|
|
141
143
|
- lib/.rbnext/2.7/action_policy/rspec/be_authorized_to.rb
|
|
142
144
|
- lib/.rbnext/2.7/action_policy/rspec/have_authorized_scope.rb
|
|
143
145
|
- lib/.rbnext/2.7/action_policy/utils/pretty_print.rb
|
|
@@ -169,7 +171,6 @@ files:
|
|
|
169
171
|
- lib/action_policy/behaviours/policy_for.rb
|
|
170
172
|
- lib/action_policy/behaviours/scoping.rb
|
|
171
173
|
- lib/action_policy/behaviours/thread_memoized.rb
|
|
172
|
-
- lib/action_policy/cache_middleware.rb
|
|
173
174
|
- lib/action_policy/ext/hash_transform_keys.rb
|
|
174
175
|
- lib/action_policy/ext/module_namespace.rb
|
|
175
176
|
- lib/action_policy/ext/policy_cache_key.rb
|
|
@@ -241,7 +242,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
241
242
|
- !ruby/object:Gem::Version
|
|
242
243
|
version: '0'
|
|
243
244
|
requirements: []
|
|
244
|
-
rubygems_version: 3.4.
|
|
245
|
+
rubygems_version: 3.4.8
|
|
245
246
|
signing_key:
|
|
246
247
|
specification_version: 4
|
|
247
248
|
summary: Authorization framework for Ruby/Rails application
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
module ActionPolicy # :nodoc:
|
|
4
|
-
class CacheMiddleware # :nodoc:
|
|
5
|
-
def initialize(app)
|
|
6
|
-
@app = app
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
def call(env)
|
|
10
|
-
ActionPolicy::PerThreadCache.clear_all
|
|
11
|
-
result = @app.call(env)
|
|
12
|
-
ActionPolicy::PerThreadCache.clear_all
|
|
13
|
-
|
|
14
|
-
result
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
end
|