action_sentinel_group 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 8aad62dd5fdc24469d713e3185b6bdbe2b203a42b32bd6dcd777538b7c0f6714
+  data.tar.gz: be16545203d28132ca001491a7df1fef4ecb3bcd5accae56bd47748298479d44
+SHA512:
+  metadata.gz: 2bc5981ad5b03df04ebbf4459130b875ee5dbba0f89e911e052a02c7f445ca3e8880e4af2d401953a381c027073d58ecf3a60e6187a03a111116b2be44c58657
+  data.tar.gz: 943383fe344e7b763a65f2ad1df5aa9449d1c91016dbe56a54a6146a84485ac21b4163239ca5582174c93c2913e2f0c3e4be9d7d54aeaca788928e814dd8db56

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,33 @@
+AllCops:
+  TargetRubyVersion: 2.6
+  Exclude:
+    - "lib/generators/**/templates/**/*"
+  NewCops: disable
+
+Style/Documentation:
+  Enabled: true
+  Exclude:
+    - "lib/generators/action_sentinel_group/**"
+    - "spec/support/*"
+
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Layout/LineLength:
+  Max: 120
+
+Metrics/BlockLength:
+  Enabled: true
+  Exclude:
+    - "spec/**/*"
+    - "action_sentinel_group.gemspec"
+
+Naming/HeredocDelimiterNaming:
+  Enabled: true
+  Exclude:
+    - "action_sentinel_group.gemspec"

data/.yardopts

@@ -0,0 +1 @@
+--exclude lib/generators/action_sentinel_group/templates/

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2024-01-05
+
+- Initial release

data/Gemfile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in action_sentinel_group.gemspec
+gemspec
+
+gem "rake", "~> 13.0"

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Denis Stael
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,94 @@
+# ActionSentinelGroup
+
+Control of group access permissions to controller actions using [ActionSentinel](https://github.com/denisstael/action_sentinel).
+## Installation
+
+### 1. Add the gem into your project
+
+Add this to your Gemfile and run `bundle install`.
+
+```ruby
+gem 'action_sentinel_group'
+```
+
+Or install it yourself as:
+```sh
+gem install action_sentinel_group
+```
+
+### 2. Generate Models
+
+Use the ActionSentinelGroup generator to create the required models and its migrations. This generator expects that you already have a user model. 
+
+You must specify the name of the user model and the name of the model that will represent the group of users. For example, if the name of your user model is `User` and you want a group model called `Group`, you can call:
+```
+rails g action_sentinel_group:install User Group
+```
+
+If your database uses UUID for the primary and foreign keys, you can pass the `--uuid` option:
+
+```
+rails g action_sentinel_group:install User Group --uuid
+```
+
+The generator will create the group model with the name that you provided (in this example it will be `Group`), it will also create a model called `UserGroup` (the junction between your user model name and the group model), create the migrations and will insert into your User class the required methods to check the user's groups access permissions.
+
+It will invoke the [generator from ActionSentinel](https://github.com/denisstael/action_sentinel#2-generate-accesspermission-model) to create `AccessPermission` model and insert into Group model the required methods to manage access permissions.
+
+Finally, it will create an initializer file with the required configurations.
+
+### 3. Run the migrations
+
+You can check the migrations created into your migrations folder, and add custom fields before running them if necessary.
+```
+rails db:migrate
+```
+
+## Usage
+
+### Managing permissions to the group
+
+You can add manage permissions to a group at the same way that is informed by [ActionSentinel](https://github.com/denisstael/action_sentinel#usage):
+
+```ruby
+# Adding permissions to access create and update actions in UsersController
+group.add_permissions_to 'create', 'update', 'users'
+
+# Removing permissions to access create and update actions in UsersController
+group.remove_permissions_to 'create', 'update', 'users'
+
+# Checking if the group have permission to access create action in UsersController
+group.has_permission_to? 'create', 'users'
+```
+
+### Check permissions for a user of the group
+
+You can associate a user to a group that have permissions to acces actions of some controllers, and you can check if the user have the pemission to access some action of a controller, in the same way that you check the group permission:
+
+```ruby
+# Associating the user with the group
+UserGroup.create(user_id: user.id, group_id: group.id)
+
+# Giving permission to the group to action 'create' of a controller called PostsController
+group.add_permissions_to('create', 'posts')
+
+# Checking if the user has permission to access the action 'create' of a controller called PostsController
+user.has_permission_to?('create', 'posts')
+```
+
+## Authorization
+
+To controllers authorization and another configurations about authorization methods, you can follow the instructions provided by the documentation of ActionSentinel gem:
+
+- [Include authorization in ApplicationController](https://github.com/denisstael/action_sentinel#4-include-authorization-in-applicationcontroller)
+- [Authorization method](https://github.com/denisstael/action_sentinel#authorization)
+- [Action User](https://github.com/denisstael/action_sentinel#action-user)
+- [Rescuing an UnauthorizedAction in ApplicationController](https://github.com/denisstael/action_sentinel#rescuing-an-unauthorizedaction-in-applicationcontroller)
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/denisstael/action_sentinel_group.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[spec rubocop]

data/lib/action_sentinel_group/configuration.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module ActionSentinelGroup
+  # The Configuration class holds the configuration options for ActionSentinelGroup
+  class Configuration
+    # The name of the user model (default: "User")
+    #
+    # @return [String] The name of the user model
+    attr_reader :user_model_name
+
+    # The name of the group model (default: "Group")
+    #
+    # @return [String] The name of the group model
+    attr_reader :group_model_name
+
+    # The name of the user group model (default: "UserGroup")
+    #
+    # @return [String] The name of the user group model
+    attr_reader :user_group_model_name
+
+    # Initializes a new Configuration instance with default values.
+    def initialize
+      @user_model_name = "User"
+      @group_model_name = "Group"
+      @user_group_model_name = "UserGroup"
+    end
+
+    # Sets the name of the user model after camelizing and singularizing it.
+    #
+    # @param user_model_name [String] The name of the user model
+    def user_model_name=(user_model_name)
+      @user_model_name = user_model_name.camelize.singularize
+    end
+
+    # Sets the name of the group model after camelizing and singularizing it.
+    #
+    # @param group_model_name [String] The name of the group model
+    def group_model_name=(group_model_name)
+      @group_model_name = group_model_name.camelize.singularize
+    end
+
+    # Sets the name of the user group model after camelizing and singularizing it.
+    #
+    # @param user_group_model_name [String] The name of the user group model
+    def user_group_model_name=(user_group_model_name)
+      @user_group_model_name = user_group_model_name.camelize.singularize
+    end
+  end
+end

data/lib/action_sentinel_group/model.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require "action_sentinel_group/permissions"
+
+module ActionSentinelGroup
+  #
+  # Module to be included in ActionSentinel
+  module Model
+    # rubocop:disable Naming/PredicateName
+
+    # Includes the ActionSentinelGroup::Permissions module in the calling model class
+    # to allow checking permissions for controller actions.
+    #
+    # @example:
+    #
+    #   class User < ApplicationRecord
+    #     has_group_permissions
+    #   end
+    #
+    # @see ActionSentinelGroup::Permissions
+    def has_group_permissions
+      include ActionSentinelGroup::Permissions
+    end
+    # rubocop:enable Naming/PredicateName
+  end
+end

data/lib/action_sentinel_group/permissions.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module ActionSentinelGroup
+  # Provides methods for check access permissions of a user model related to groups.
+  #
+  # This module is designed to be included in user models that need to check access permissions.
+  # It introduces methods for checking permissions associated with a specific controller and actions.
+  #
+  # @example Including Permissions in a Model
+  #   class User < ApplicationRecord
+  #     include ActionSentinelGroup::Permissions
+  #   end
+  #
+  #   user = User.new
+  #   user.has_permission_to?('create', 'users')
+  #
+  module Permissions
+    # rubocop:disable Metrics/AbcSize, Naming/PredicateName
+
+    # Checks if the user has permission to perform a specific action on a controller.
+    #
+    # @param action [String] The action to check permission for.
+    # @param controller_path [String] The path of the controller to check permission for.
+    # @return [Boolean] Returns true if the user has permission, otherwise false.
+    def has_permission_to?(action, controller_path)
+      query = AccessPermission
+              .joins(group_table_name.singularize.to_sym => user_groups_table_name.to_sym)
+              .where(user_groups_table_name.to_sym => { "#{user_table_name.singularize}_id".to_sym => id })
+              .where(controller_path: controller_path)
+
+      query = if %w[sqlite sqlite3].include? self.class.connection.adapter_name.downcase
+                query.where("actions LIKE ?", "%#{action}%")
+              else
+                query.where(':action = ANY("access_permissions"."actions")', action: action)
+              end
+
+      query.exists?
+    end
+    # rubocop:enable Metrics/AbcSize, Naming/PredicateName
+
+    private
+
+    # Returns the name of the user table.
+    #
+    # @return [String] The user table name.
+    def user_table_name
+      ActionSentinelGroup.configuration.user_model_name.underscore.pluralize
+    end
+
+    # Returns the name of the group table.
+    #
+    # @return [String] The group table name.
+    def group_table_name
+      ActionSentinelGroup.configuration.group_model_name.underscore.pluralize
+    end
+
+    # Returns the name of the user groups table.
+    #
+    # @return [String] The user groups table name.
+    def user_groups_table_name
+      ActionSentinelGroup.configuration.user_group_model_name.underscore.pluralize
+    end
+  end
+end

data/lib/action_sentinel_group/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module ActionSentinelGroup
+  VERSION = "0.1.0"
+end

data/lib/action_sentinel_group.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require "action_sentinel"
+require "action_sentinel_group/version"
+require "action_sentinel_group/configuration"
+require "action_sentinel_group/model"
+
+# The ActionSentinelGroup module is an extension of ActionSentinel gem
+# that provides a way to group users and provide group access permissions
+module ActionSentinelGroup
+  class << self
+    # Accessor for the configuration instance
+    attr_accessor :configuration
+
+    # Configures the ActionSentinelGroup settings
+    #
+    # @example:
+    #
+    #   ActionSentinelGroup.configure do |config|
+    #     config.user_model_name = "User"
+    #   end
+    def configure
+      self.configuration ||= Configuration.new
+      yield(configuration)
+    end
+  end
+
+  configure {}
+end
+
+# Include ActionSentinelGroup::Model in ActionSentinel
+ActionSentinel.include ActionSentinelGroup::Model

data/lib/generators/action_sentinel_group/install_generator.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+require "rails/generators/active_record"
+
+module ActionSentinelGroup
+  class InstallGenerator < Rails::Generators::Base
+    include Rails::Generators::Migration
+
+    source_root File.expand_path("templates", __dir__)
+
+    argument :user_model_name, type: :string, desc: "Name of the model that is being used as user"
+    argument :group_model_name, type: :string, desc: "Name of the model that will represent a group of users"
+
+    class_option :uuid, type: :boolean, default: false, desc: "Use UUID type as primary/foreign key"
+
+    def self.next_migration_number(path)
+      ActiveRecord::Generators::Base.next_migration_number(path)
+    end
+
+    def generate
+      model_file = File.join("app", "models", "#{user_model_name.underscore.singularize}.rb")
+
+      if File.exist?(model_file) || revoke_process?
+        create_models
+        create_migrations
+        inject_group_association_into_user_model(model_file)
+        create_initializer
+        invoke_action_sentinel_generator
+      else
+        logger.error("The file #{model_file} does not appear to exist")
+      end
+    end
+
+    private
+
+    def logger
+      Logger.new($stdout)
+    end
+
+    def revoke_process?
+      behavior == :revoke
+    end
+
+    def create_models
+      template "models/group_model.rb", "app/models/#{group_model_name.underscore}.rb"
+      template "models/user_group_model.rb", "app/models/#{user_group_model_name.underscore}.rb"
+    end
+
+    def create_migrations
+      migration_template "migrations/create_groups_migration.rb", "db/migrate/create_#{groups_table_name}.rb"
+      migration_template "migrations/create_user_groups_migration.rb", "db/migrate/create_#{user_group_table_name}.rb"
+    end
+
+    def inject_group_association_into_user_model(model_file)
+      if File.exist?(model_file)
+        inject_into_class(model_file, user_model_name) do
+          "\thas_group_permissions\n" \
+          "\thas_many :#{user_group_table_name}\n" \
+          "\thas_many :#{group_model_name.pluralize.underscore}, through: :#{user_group_table_name}\n"
+        end
+      else
+        logger.info("The file #{model_file} does not appear to exist")
+      end
+    end
+
+    def create_initializer
+      template "initializer/action_sentinel_group.rb", "config/initializers/action_sentinel_group.rb"
+    end
+
+    def invoke_action_sentinel_generator
+      invoke "action_sentinel:access_permission", [group_model_name, options]
+    end
+
+    def user_group_model_name
+      "#{user_model_name}#{group_model_name}"
+    end
+
+    def user_group_table_name
+      "#{user_model_name.underscore}_#{group_model_name.underscore.pluralize}"
+    end
+
+    def groups_table_name
+      group_model_name.underscore.pluralize.to_s
+    end
+
+    def migration_version
+      "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
+    end
+
+    def primary_key_type
+      options.uuid? ? ", id: :uuid" : ""
+    end
+
+    def foreign_key_type
+      options.uuid? ? ", type: :uuid" : ""
+    end
+  end
+end

data/lib/generators/action_sentinel_group/templates/initializer/action_sentinel_group.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+# Use this initializer to configure ActionSentinelGroup based on your models.
+#
+# It is very important that the configured models are the same as those used as
+# User, Group and their relationship. Otherwise the gem may not work correctly.
+ActionSentinelGroup.configure do |config|
+  # Name of the model that is being used as User.
+  # The default value is "User".
+  config.user_model_name = "<%= user_model_name.camelize.singularize %>"
+
+  # Name of the model that will be used as Group.
+  # The default value is "Group".
+  config.group_model_name = "<%= group_model_name.camelize.singularize %>"
+
+  # Name of the model that forms the relationship between the User and Group model.
+  # The default value is "UserGroup".
+  config.user_group_model_name = "<%= user_group_model_name.camelize.singularize %>"
+end

data/lib/generators/action_sentinel_group/templates/migrations/create_groups_migration.rb

@@ -0,0 +1,9 @@
+class Create<%= groups_table_name.camelize %> < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :<%= group_model_name.underscore.pluralize %><%= primary_key_type %> do |t|
+      t.string :name, null: false
+
+      t.timestamps
+    end
+  end
+end

data/lib/generators/action_sentinel_group/templates/migrations/create_user_groups_migration.rb

@@ -0,0 +1,12 @@
+class Create<%= user_group_table_name.camelize %> < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :<%= user_group_table_name %><%= primary_key_type %> do |t|
+      t.references :<%= user_model_name.underscore %>, null: false<%= foreign_key_type %>, foreign_key: { on_delete: :cascade }
+      t.references :<%= group_model_name.underscore %>, null: false<%= foreign_key_type %>, foreign_key: { on_delete: :cascade }
+
+      t.timestamps
+    end
+
+    add_index :<%= user_group_table_name %>, %i[<%= user_model_name.underscore %>_id <%= group_model_name.underscore %>_id], unique: true
+  end
+end

data/lib/generators/action_sentinel_group/templates/models/group_model.rb

@@ -0,0 +1,4 @@
+class <%= group_model_name %> < ApplicationRecord
+  has_many :<%= user_group_model_name.underscore.pluralize %>
+  has_many :<%= user_model_name.underscore.pluralize %>, through: :<%= user_group_model_name.underscore.pluralize %>
+end

data/lib/generators/action_sentinel_group/templates/models/user_group_model.rb

@@ -0,0 +1,4 @@
+class <%= user_group_model_name %> < ApplicationRecord
+  belongs_to :<%= user_model_name.underscore %>
+  belongs_to :<%= group_model_name.underscore %>
+end

metadata

@@ -0,0 +1,150 @@
+--- !ruby/object:Gem::Specification
+name: action_sentinel_group
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Denis Stael
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2024-01-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: action_sentinel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.21'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.21'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.2
+description: "    Group access authorization control, based on controllers actions
+  access permissions using ActionSentinel.\n"
+email:
+- denissantistael@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- ".rubocop.yml"
+- ".yardopts"
+- CHANGELOG.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/action_sentinel_group.rb
+- lib/action_sentinel_group/configuration.rb
+- lib/action_sentinel_group/model.rb
+- lib/action_sentinel_group/permissions.rb
+- lib/action_sentinel_group/version.rb
+- lib/generators/action_sentinel_group/install_generator.rb
+- lib/generators/action_sentinel_group/templates/initializer/action_sentinel_group.rb
+- lib/generators/action_sentinel_group/templates/migrations/create_groups_migration.rb
+- lib/generators/action_sentinel_group/templates/migrations/create_user_groups_migration.rb
+- lib/generators/action_sentinel_group/templates/models/group_model.rb
+- lib/generators/action_sentinel_group/templates/models/user_group_model.rb
+homepage: https://github.com/denisstael/action_sentinel_group
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/denisstael/action_sentinel_group
+  source_code_uri: https://github.com/denisstael/action_sentinel_group
+  changelog_uri: https://github.com/denisstael/action_sentinel_group/blob/main/CHANGELOG.md
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.7
+signing_key: 
+specification_version: 4
+summary: Control of group access permissions to controller actions using ActionSentinel.
+test_files: []