active_record_api-rest 1.0.4 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d6c7bfa36f4f4e1cf3a3013003dc091864a44e6a2f0df9c47886ce37b7c4a88f
-  data.tar.gz: 5929dfad290e2789a5acbfa574cde379c409d4de125679966c0ed5e98f230edf
+  metadata.gz: d68b145e695905bba559d0c28db4f50ce452fd81d67abf4227c8dcb9a823a936
+  data.tar.gz: 4bc55f74cf9bc0a0a0197fd7f671cb551ee8e0a38d975337538547f7975e4a96
 SHA512:
-  metadata.gz: a524c311c0cd8ecda10d96d82a9900b68853e108c96d59109e5493dce0052a6ee31348807a2f423a0234ce011bbf272eccf3d39ca2063e095ca585ef951033b1
-  data.tar.gz: b3c7af25eb3864129781d0cdc564c33a65ba14da22001601b5450a517267466fa865e1dd63b0b48d6d26b89137c61b9f227c8a06ddbfe7675ba50abe5ce9b719
+  metadata.gz: bcc3b88d74ee20f89e6b8bf61c247dc98f8a154445210ef724a4dd3dfcd4183a130a814a5d383976b3fedb93163cf4f77639f0dc56aef7f447a7c10e1038ead7
+  data.tar.gz: 8a9e09b0e5f75aff12eebfe6e5b961c8a4ed391dfea65fb642ce56db2310eb99e8bd02a13cffcee03aabdc5a14a8d3743765eb0dc2edf7ffb5dd65d6ab6d3fe7

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    active_record_api-rest (1.0.3)
+    active_record_api-rest (1.0.4)
       active_attr
       active_model_serializers
       rails (>= 5.1)

data/lib/active_record_api/rest/application_policy.rb

@@ -2,10 +2,10 @@ module ActiveRecordApi
   module Rest
     class ApplicationPolicy
       class Scope
-        attr_reader :user, :scope
+        attr_reader :session, :scope
 
-        def initialize(user, scope)
-          @user  = user
+        def initialize(session, scope)
+          @session = session
           @scope = scope
         end
 
@@ -14,14 +14,14 @@ module ActiveRecordApi
         end
       end
 
-      attr_reader :user
+      attr_reader :session
       attr_reader :model_class
 
       READ = 'read'.freeze
       MANAGE = 'manage'.freeze
 
-      def initialize(user, model_class)
-        @user = user
+      def initialize(session, model_class)
+        @session = session
         @model_class = model_class
       end
 
@@ -48,7 +48,7 @@ module ActiveRecordApi
       protected
 
       def can?(action)
-        user.full_permissions.include?("#{service_name}__#{@model_class.name.downcase}:#{action}")
+        session.permissions.include?("#{service_name}__#{@model_class.name.downcase}:#{action}")
       end
 
       private

data/lib/active_record_api/rest/controller.rb

@@ -68,16 +68,16 @@ module ActiveRecordApi
       end
 
       def authorize
-        raise BadSessionException.new(controller_name, action_name) if current_user.nil?
+        raise BadSessionException.new(controller_name, action_name) if session_data.nil?
         raise AccessDeniedException.new(controller_name, action_name, 'Insufficient permissions') unless policy.send("#{action_name}?")
       end
 
       def scope_filter(scope)
-        "#{policy.class.name}::Scope".constantize.new(current_user, scope).resolve
+        "#{policy.class.name}::Scope".constantize.new(session_data, scope).resolve
       end
 
       def policy
-        @policy ||= ("#{controller_name.classify}Policy".safe_constantize) ? "#{controller_name.classify}Policy".constantize.new(current_user, model_klass) : ApplicationPolicy.new(current_user, model_klass)
+        @policy ||= ("#{controller_name.classify}Policy".safe_constantize) ? "#{controller_name.classify}Policy".constantize.new(session_data, model_klass) : ApplicationPolicy.new(session_data, model_klass)
       end
     end
   end

data/lib/active_record_api/rest/session_data.rb

@@ -0,0 +1,14 @@
+module ActiveRecordApi
+  module Rest
+    class SessionData
+      attr_reader :user_id
+      attr_reader :permissions
+      attr_reader :permission_attributes
+      def initialize(user_id, permissions, permission_attributes)
+        @user_id = user_id
+        @permissions = permissions
+        @permission_attributes = permission_attributes
+      end
+    end
+  end
+end

data/lib/active_record_api/rest/version.rb

@@ -2,6 +2,6 @@
 
 module ActiveRecordApi
   module Rest
-    VERSION = '1.0.4'.freeze
+    VERSION = '1.0.5'.freeze
   end
 end

data/lib/active_record_api-rest.rb

@@ -11,6 +11,7 @@ module ActiveRecordApi
     autoload :Controller
     autoload :GracefulErrors
     autoload :RequestUrlGenerator
+    autoload :SessionData
     autoload :VERSION
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: active_record_api-rest
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: ruby
 authors:
 - Full Measure Education
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-03-19 00:00:00.000000000 Z
+date: 2019-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -151,6 +151,7 @@ files:
 - lib/active_record_api/rest/graceful_errors.rb
 - lib/active_record_api/rest/index_controller.rb
 - lib/active_record_api/rest/request_url_generator.rb
+- lib/active_record_api/rest/session_data.rb
 - lib/active_record_api/rest/spec.rb
 - lib/active_record_api/rest/spec/rest_controller_shared_example.rb
 - lib/active_record_api/rest/version.rb