action_policy 0.7.2 → 0.7.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5c3b8d128bdf4e37224446e7c5a65698327a927c743e99757cf6f5363db93ff5
-  data.tar.gz: f046c13d93cff63aa06fd15f4d6375a8498c04d0637110df0ff86891a206fb84
+  metadata.gz: 21363e4337fbe0caea24309750d79d94bb9fa6c4ae0a9d0697b0e686519fa763
+  data.tar.gz: 8ac572534b621240640723ea5c6ec942a73b91e14f2d40e534889c2dc7ba9251
 SHA512:
-  metadata.gz: b66f496343688a55907070ba6b6e82e24a5d358934d6809e1577e80f2c67a81342fe449cbf46942c1e8ff064f79ae898235efa32b63e9fc402e5b416bc223efc
-  data.tar.gz: 57088a306e642a0dd22a68c4da019dbd8669e7fa63ec1e99fb7bb819a563ca514be2200c669486d40f5a4b152a325ee0adc3abcaa6187b45c1f0ef37ddcb7a86
+  metadata.gz: c1dd33d739cfdf1143b7cc2402c2e8bf7ebf1f1613fa7c650c72fddf0bd4fd4b5c924c920ff143ad582ab68524836f0d0c32641372c5999fdd95f6d9113078dc
+  data.tar.gz: 5fb9dbd9b1f19fb6bed19ddbeb99be9bd35495b2d0f89bd3fb0cd8fed59a0513c4a627fdd25291b56dcfc7cf9b60f64d351bb2b658d97351f9a7b5db2d1c4128

data/CHANGELOG.md

@@ -2,6 +2,10 @@
 
 ## master
 
+## 0.7.3 (2024-12-18)
+
+- Fix keeping the result object in concurrent (Fiber-ed) execution environments. ([@palkan][])
+
 ## 0.7.2 (2024-11-21)
 
 - Fix missing details in deny! message interpolation. ([@palkan][])

data/lib/.rbnext/2.7/action_policy/policy/cache.rb

@@ -50,18 +50,18 @@ module ActionPolicy # :nodoc:
         key = rule_cache_key(rule)
 
         ActionPolicy.cache_store.then do |store|
-          @result = store.read(key)
+          result = store.read(key)
           unless result.nil?
             result.cached!
-            next result.value
+            next result
+          end
+          yield.tap do |result|
+            store.write(key, result, options)
           end
-          yield
-          store.write(key, result, options)
-          result.value
         end
       end
 
-      def apply(rule)
+      def apply_r(rule)
         return super if ActionPolicy.cache_store.nil? ||
           !self.class.cached_rules.key?(rule)
 

data/lib/.rbnext/3.0/action_policy/policy/cache.rb

@@ -50,18 +50,18 @@ module ActionPolicy # :nodoc:
         key = rule_cache_key(rule)
 
         ActionPolicy.cache_store.then do |store|
-          @result = store.read(key)
+          result = store.read(key)
           unless result.nil?
             result.cached!
-            next result.value
+            next result
+          end
+          yield.tap do |result|
+            store.write(key, result, options)
           end
-          yield
-          store.write(key, result, options)
-          result.value
         end
       end
 
-      def apply(rule)
+      def apply_r(rule)
         return super if ActionPolicy.cache_store.nil? ||
           !self.class.cached_rules.key?(rule)
 

data/lib/.rbnext/3.0/action_policy/policy/core.rb

@@ -72,7 +72,7 @@ module ActionPolicy
 
       include ActionPolicy::Behaviours::PolicyFor
 
-      attr_reader :record, :result
+      attr_reader :record
 
       # NEXT_RELEASE: deprecate `record` arg, migrate to `record: nil`
       def initialize(record = nil, *__rest__)
@@ -83,13 +83,23 @@ module ActionPolicy
       # Unlike simply calling a predicate rule (`policy.manage?`),
       # `apply` also calls pre-checks.
       def apply(rule)
-        @result = self.class.result_class.new(self.class, rule)
+        res = apply_r(rule)
 
-        catch :policy_fulfilled do
-          result.load __apply__(resolve_rule(rule))
-        end
+        # DEPRECATED (we still rely on it in tests)
+        @result = res
+
+        res.value
+      end
+
+      # NEXT_RELEASE: This is gonna be #apply in 1.0
+      def apply_r(rule) # :nodoc:
+        with_result(rule) do |result|
+          catch :policy_fulfilled do
+            result.load __apply__(resolve_rule(rule))
+          end
 
-        result.value
+          result
+        end
       end
 
       def deny!
@@ -107,14 +117,17 @@ module ActionPolicy
       # (such as caching, pre checks, etc.)
       def __apply__(rule) ;  public_send(rule); end
 
-      # Wrap code that could modify result
-      # to prevent the current result modification
-      def with_clean_result # :nodoc:
-        was_result = @result
-        yield
-        @result
+      # Prepare a new result object for the next rule application.
+      # It's stored in the thread-local storage to be accessible from within the policy.
+      def with_result(rule) # :nodoc:
+        result = self.class.result_class.new(self.class, rule)
+
+        Thread.current[:__action_policy_result__] ||= []
+        Thread.current[:__action_policy_result__] << result
+
+        yield result
       ensure
-        @result = was_result
+        Thread.current[:__action_policy_result__]&.pop
       end
 
       # Returns a result of applying the specified rule to the specified record.
@@ -146,6 +159,13 @@ module ActionPolicy
         activity
       end
 
+      # Returns the result object for the last rule application within the given
+      # execution context (Thread or Fiber)
+      def result
+        # FIXME: Remove ivar fallback after 1.0
+        Thread.current[:__action_policy_result__]&.last || @result
+      end
+
       # Return annotated source code for the rule
       # NOTE: require "method_source" and "prism" gems to be installed.
       # Otherwise returns empty string.
@@ -155,9 +175,7 @@ module ActionPolicy
       # Useful for debugging: type `pp :show?` within the context of the policy
       # to preview the rule.
       def pp(rule)
-        with_clean_result do
-          # We need result to exist for `allowed_to?` to work correctly
-          @result = self.class.result_class.new(self.class, rule)
+        with_result(rule) do
           header = "#{self.class.name}##{rule}"
           source = inspect_rule(rule)
           $stdout.puts "#{header}\n#{source}"

data/lib/.rbnext/3.0/action_policy/policy/reasons.rb

@@ -201,13 +201,12 @@ module ActionPolicy
           if (record == :__undef__ || record == self.record) && options.empty?
             rule = resolve_rule(rule)
             policy = self
-            with_clean_result { apply(rule) }
+            apply_r(rule)
           else
             policy = policy_for(record: record, **options)
             rule = policy.resolve_rule(rule)
 
-            policy.apply(rule)
-            policy.result
+            policy.apply_r(rule)
           end
 
         if res.fail? && result&.reasons

data/lib/.rbnext/3.2/action_policy/policy/core.rb

@@ -72,7 +72,7 @@ module ActionPolicy
 
       include ActionPolicy::Behaviours::PolicyFor
 
-      attr_reader :record, :result
+      attr_reader :record
 
       # NEXT_RELEASE: deprecate `record` arg, migrate to `record: nil`
       def initialize(record = nil, *__rest__)
@@ -83,13 +83,23 @@ module ActionPolicy
       # Unlike simply calling a predicate rule (`policy.manage?`),
       # `apply` also calls pre-checks.
       def apply(rule)
-        @result = self.class.result_class.new(self.class, rule)
+        res = apply_r(rule)
 
-        catch :policy_fulfilled do
-          result.load __apply__(resolve_rule(rule))
-        end
+        # DEPRECATED (we still rely on it in tests)
+        @result = res
+
+        res.value
+      end
+
+      # NEXT_RELEASE: This is gonna be #apply in 1.0
+      def apply_r(rule) # :nodoc:
+        with_result(rule) do |result|
+          catch :policy_fulfilled do
+            result.load __apply__(resolve_rule(rule))
+          end
 
-        result.value
+          result
+        end
       end
 
       def deny!
@@ -107,14 +117,17 @@ module ActionPolicy
       # (such as caching, pre checks, etc.)
       def __apply__(rule) = public_send(rule)
 
-      # Wrap code that could modify result
-      # to prevent the current result modification
-      def with_clean_result # :nodoc:
-        was_result = @result
-        yield
-        @result
+      # Prepare a new result object for the next rule application.
+      # It's stored in the thread-local storage to be accessible from within the policy.
+      def with_result(rule) # :nodoc:
+        result = self.class.result_class.new(self.class, rule)
+
+        Thread.current[:__action_policy_result__] ||= []
+        Thread.current[:__action_policy_result__] << result
+
+        yield result
       ensure
-        @result = was_result
+        Thread.current[:__action_policy_result__]&.pop
       end
 
       # Returns a result of applying the specified rule to the specified record.
@@ -146,6 +159,13 @@ module ActionPolicy
         activity
       end
 
+      # Returns the result object for the last rule application within the given
+      # execution context (Thread or Fiber)
+      def result
+        # FIXME: Remove ivar fallback after 1.0
+        Thread.current[:__action_policy_result__]&.last || @result
+      end
+
       # Return annotated source code for the rule
       # NOTE: require "method_source" and "prism" gems to be installed.
       # Otherwise returns empty string.
@@ -155,9 +175,7 @@ module ActionPolicy
       # Useful for debugging: type `pp :show?` within the context of the policy
       # to preview the rule.
       def pp(rule)
-        with_clean_result do
-          # We need result to exist for `allowed_to?` to work correctly
-          @result = self.class.result_class.new(self.class, rule)
+        with_result(rule) do
           header = "#{self.class.name}##{rule}"
           source = inspect_rule(rule)
           $stdout.puts "#{header}\n#{source}"

data/lib/action_policy/authorizer.rb

@@ -5,10 +5,11 @@ module ActionPolicy
   class Unauthorized < Error
     attr_reader :policy, :rule, :result
 
-    def initialize(policy, rule)
+    # NEXT_RELEASE: remove result fallback
+    def initialize(policy, rule, result = policy.result)
       @policy = policy.class
       @rule = rule
-      @result = policy.result
+      @result = result
 
       super("Not authorized: #{@policy}##{@rule} returns false")
     end
@@ -20,12 +21,14 @@ module ActionPolicy
     class << self
       # Performs authorization, raises an exception when check failed.
       def call(policy, rule)
-        authorize(policy, rule) ||
-          raise(::ActionPolicy::Unauthorized.new(policy, rule))
+        res = authorize(policy, rule)
+        return if res.success?
+
+        raise(::ActionPolicy::Unauthorized.new(policy, rule, res))
       end
 
       def authorize(policy, rule)
-        policy.apply(rule)
+        policy.apply_r(rule)
       end
 
       # Applies scope to the target

data/lib/action_policy/behaviour.rb

@@ -53,8 +53,7 @@ module ActionPolicy
     def allowance_to(rule, record = :__undef__, **options)
       policy = lookup_authorization_policy(record, **options)
 
-      policy.apply(authorization_rule_for(policy, rule))
-      policy.result
+      policy.apply_r(authorization_rule_for(policy, rule))
     end
 
     def authorization_context

data/lib/action_policy/policy/cache.rb

@@ -50,18 +50,18 @@ module ActionPolicy # :nodoc:
         key = rule_cache_key(rule)
 
         ActionPolicy.cache_store.then do |store|
-          @result = store.read(key)
+          result = store.read(key)
           unless result.nil?
             result.cached!
-            next result.value
+            next result
+          end
+          yield.tap do |result|
+            store.write(key, result, options)
           end
-          yield
-          store.write(key, result, options)
-          result.value
         end
       end
 
-      def apply(rule)
+      def apply_r(rule)
         return super if ActionPolicy.cache_store.nil? ||
           !self.class.cached_rules.key?(rule)
 

data/lib/action_policy/policy/cached_apply.rb

@@ -7,19 +7,16 @@ module ActionPolicy
     # When you call `apply` twice on the same policy and for the same rule,
     # the check (and pre-checks) is only called once.
     module CachedApply
-      def apply(rule)
+      def apply_r(rule)
         @__rules_cache__ ||= {}
 
         if @__rules_cache__.key?(rule)
-          @result = @__rules_cache__[rule]
-          return result.value
+          return @__rules_cache__[rule]
         end
 
-        super
-
-        @__rules_cache__[rule] = result
-
-        result.value
+        super.tap do |result|
+          @__rules_cache__[rule] = result
+        end
       end
     end
   end

data/lib/action_policy/policy/core.rb

@@ -72,7 +72,7 @@ module ActionPolicy
 
       include ActionPolicy::Behaviours::PolicyFor
 
-      attr_reader :record, :result
+      attr_reader :record
 
       # NEXT_RELEASE: deprecate `record` arg, migrate to `record: nil`
       def initialize(record = nil, *)
@@ -83,13 +83,23 @@ module ActionPolicy
       # Unlike simply calling a predicate rule (`policy.manage?`),
       # `apply` also calls pre-checks.
       def apply(rule)
-        @result = self.class.result_class.new(self.class, rule)
+        res = apply_r(rule)
 
-        catch :policy_fulfilled do
-          result.load __apply__(resolve_rule(rule))
-        end
+        # DEPRECATED (we still rely on it in tests)
+        @result = res
+
+        res.value
+      end
+
+      # NEXT_RELEASE: This is gonna be #apply in 1.0
+      def apply_r(rule) # :nodoc:
+        with_result(rule) do |result|
+          catch :policy_fulfilled do
+            result.load __apply__(resolve_rule(rule))
+          end
 
-        result.value
+          result
+        end
       end
 
       def deny!
@@ -107,14 +117,17 @@ module ActionPolicy
       # (such as caching, pre checks, etc.)
       def __apply__(rule) = public_send(rule)
 
-      # Wrap code that could modify result
-      # to prevent the current result modification
-      def with_clean_result # :nodoc:
-        was_result = @result
-        yield
-        @result
+      # Prepare a new result object for the next rule application.
+      # It's stored in the thread-local storage to be accessible from within the policy.
+      def with_result(rule) # :nodoc:
+        result = self.class.result_class.new(self.class, rule)
+
+        Thread.current[:__action_policy_result__] ||= []
+        Thread.current[:__action_policy_result__] << result
+
+        yield result
       ensure
-        @result = was_result
+        Thread.current[:__action_policy_result__]&.pop
       end
 
       # Returns a result of applying the specified rule to the specified record.
@@ -146,6 +159,13 @@ module ActionPolicy
         activity
       end
 
+      # Returns the result object for the last rule application within the given
+      # execution context (Thread or Fiber)
+      def result
+        # FIXME: Remove ivar fallback after 1.0
+        Thread.current[:__action_policy_result__]&.last || @result
+      end
+
       # Return annotated source code for the rule
       # NOTE: require "method_source" and "prism" gems to be installed.
       # Otherwise returns empty string.
@@ -155,9 +175,7 @@ module ActionPolicy
       # Useful for debugging: type `pp :show?` within the context of the policy
       # to preview the rule.
       def pp(rule)
-        with_clean_result do
-          # We need result to exist for `allowed_to?` to work correctly
-          @result = self.class.result_class.new(self.class, rule)
+        with_result(rule) do
           header = "#{self.class.name}##{rule}"
           source = inspect_rule(rule)
           $stdout.puts "#{header}\n#{source}"

data/lib/action_policy/policy/reasons.rb

@@ -201,13 +201,12 @@ module ActionPolicy
           if (record == :__undef__ || record == self.record) && options.empty?
             rule = resolve_rule(rule)
             policy = self
-            with_clean_result { apply(rule) }
+            apply_r(rule)
           else
             policy = policy_for(record: record, **options)
             rule = policy.resolve_rule(rule)
 
-            policy.apply(rule)
-            policy.result
+            policy.apply_r(rule)
           end
 
         if res.fail? && result&.reasons

data/lib/action_policy/rails/authorizer.rb

@@ -9,10 +9,10 @@ module ActionPolicy # :nodoc:
       def authorize(policy, rule)
         event = {policy: policy.class.name, rule: rule.to_s}
         ActiveSupport::Notifications.instrument(EVENT_NAME, event) do
-          res = super
-          event[:cached] = policy.result.cached?
-          event[:value] = policy.result.value
-          res
+          result = super
+          event[:cached] = result.cached?
+          event[:value] = result.value
+          result
         end
       end
     end

data/lib/action_policy/rails/policy/instrumentation.rb

@@ -16,13 +16,13 @@ module ActionPolicy # :nodoc:
           ActiveSupport::Notifications.instrument(INIT_EVENT_NAME, event) { super }
         end
 
-        def apply(rule)
+        def apply_r(rule)
           event = {policy: self.class.name, rule: rule.to_s}
           ActiveSupport::Notifications.instrument(APPLY_EVENT_NAME, event) do
-            res = super
+            result = super
             event[:cached] = result.cached?
             event[:value] = result.value
-            res
+            result
           end
         end
       end

data/lib/action_policy/rspec/dsl.rb

@@ -39,6 +39,7 @@ module ActionPolicy
         super
       end
 
+      # FIXME(1.0): Update to use result object directly
       def formatted_policy(policy)
         "#{policy.result.inspect}\n#{policy.inspect_rule(policy.result.rule)}"
       end

data/lib/action_policy/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ActionPolicy
-  VERSION = "0.7.2"
+  VERSION = "0.7.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_policy
 version: !ruby/object:Gem::Version
-  version: 0.7.2
+  version: 0.7.3
 platform: ruby
 authors:
 - Vladimir Dementyev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-11-21 00:00:00.000000000 Z
+date: 2024-12-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-next-core