activerecord-tenant-level-security 0.0.1 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +4 -4
- data/Appraisals +4 -0
- data/CHANGELOG.md +16 -0
- data/CODE_OF_CONDUCT.md +1 -1
- data/README.md +6 -3
- data/activerecord-tenant-level-security.gemspec +3 -3
- data/gemfiles/rails_7.0.gemfile +7 -0
- data/lib/activerecord-tenant-level-security/tenant_level_security.rb +2 -0
- data/lib/activerecord-tenant-level-security/version.rb +1 -1
- metadata +11 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3962a9a504b44336d878715ba3d89f467a07144cd5c5c07d46cd2637deeaf1a5
|
|
4
|
+
data.tar.gz: 7c388aa4992d1f61e7ae7f3a3d25b4b4227b4009a4f19903516ef21c0357c8b8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ea3c4968b45c2059c7285b71789eef4316aca8bae012b7fe37e1964e2e4d228aee20bc60ac4f75a35cf4b0d8be8ac66e0adf5be9aa53f32dd1e8b619cf9983f0
|
|
7
|
+
data.tar.gz: c73a26a2c9f79ca1cbba777f11b3df177f9eecd55133ef4a9946d6c99a964c0fb302bbf51b8bd0bb0975db13ddb818e3966198dd4ab1b63ed897e29bd8ea5112
|
data/.circleci/config.yml
CHANGED
|
@@ -11,7 +11,7 @@ jobs:
|
|
|
11
11
|
type: string
|
|
12
12
|
docker:
|
|
13
13
|
- image: << parameters.ruby >>
|
|
14
|
-
- image:
|
|
14
|
+
- image: cimg/<< parameters.postgres >>
|
|
15
15
|
environment:
|
|
16
16
|
POSTGRES_HOST_AUTH_METHOD: trust
|
|
17
17
|
steps:
|
|
@@ -27,6 +27,6 @@ workflows:
|
|
|
27
27
|
- test:
|
|
28
28
|
matrix:
|
|
29
29
|
parameters:
|
|
30
|
-
ruby: ['ruby:2.7
|
|
31
|
-
rails: ['rails-6.0', 'rails-6.1']
|
|
32
|
-
postgres: ['postgres:11', 'postgres:12', 'postgres:13']
|
|
30
|
+
ruby: ['ruby:2.7', 'ruby:3.0', 'ruby:3.1']
|
|
31
|
+
rails: ['rails-6.0', 'rails-6.1', 'rails-7.0']
|
|
32
|
+
postgres: ['postgres:11.13', 'postgres:12.9', 'postgres:13.5', 'postgres:14.1']
|
data/Appraisals
CHANGED
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
## v0.1.0 (2023-01-23)
|
|
2
|
+
|
|
3
|
+
### BugFixes
|
|
4
|
+
|
|
5
|
+
- [#12](https://github.com/kufu/activerecord-tenant-level-security/pull/12): Clear query cache after switching
|
|
6
|
+
|
|
7
|
+
### Chores
|
|
8
|
+
|
|
9
|
+
- [#8](https://github.com/kufu/activerecord-tenant-level-security/pull/8): Project tweaks
|
|
10
|
+
- [#9](https://github.com/kufu/activerecord-tenant-level-security/pull/9): fix email
|
|
11
|
+
- [#10](https://github.com/kufu/activerecord-tenant-level-security/pull/10): CI against Rails 7.0/Ruby 3.1/PostgreSQL 14
|
|
12
|
+
- [#11](https://github.com/kufu/activerecord-tenant-level-security/pull/11): Fix typos in README.md
|
|
13
|
+
|
|
14
|
+
## v0.0.1 (2021-11-10)
|
|
15
|
+
|
|
16
|
+
Initial release 🥳
|
data/CODE_OF_CONDUCT.md
CHANGED
|
@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
|
|
|
55
55
|
## Enforcement
|
|
56
56
|
|
|
57
57
|
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
|
58
|
-
reported by contacting the project team at
|
|
58
|
+
reported by contacting the project team at dev@smarthr.co.jp. All
|
|
59
59
|
complaints will be reviewed and investigated and will result in a response that
|
|
60
60
|
is deemed necessary and appropriate to the circumstances. The project team is
|
|
61
61
|
obligated to maintain confidentiality with regard to the reporter of an incident.
|
data/README.md
CHANGED
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
# activerecord-tenant-level-security
|
|
2
|
+
[](https://circleci.com/gh/kufu/activerecord-tenant-level-security/tree/master)
|
|
3
|
+
[](https://rubygems.org/gems/activerecord-tenant-level-security)
|
|
4
|
+
[](https://github.com/kufu/activerecord-tenant-level-security/blob/master/LICENSE.txt)
|
|
2
5
|
|
|
3
6
|
An Active Record extension for Multitenancy with PostgreSQL Row Level Security.
|
|
4
7
|
|
|
@@ -57,7 +60,7 @@ When testing, be aware of the database user you are connecting to. The default u
|
|
|
57
60
|
If you want to use this gem, you first need to register a callback which gets the current tenant. This callback is invoked when checking out a new connection from a connection pool. Create an initializer and tell how it should resolve the current tenant like the following:
|
|
58
61
|
|
|
59
62
|
```ruby
|
|
60
|
-
|
|
63
|
+
TenantLevelSecurity.current_tenant_id { RequestStore.store[:current_tenant_id] }
|
|
61
64
|
```
|
|
62
65
|
|
|
63
66
|
The above is an example of getting the current tenant stored using [RequestStore](https://github.com/steveklabnik/request_store). You are responsible for storing the current tenant, such as at the beginning of the request.
|
|
@@ -65,7 +68,7 @@ The above is an example of getting the current tenant stored using [RequestStore
|
|
|
65
68
|
We strongly recommend using the [activerecord-multi-tenant](https://github.com/citusdata/activerecord-multi-tenant) for this config. activerecord-multi-tenant provides multi-tenant data isolation at the application layer by rewriting queries. On the other hand, this gem provides the isolation at the database layer by RLS. Multi-layered security is important.
|
|
66
69
|
|
|
67
70
|
```ruby
|
|
68
|
-
|
|
71
|
+
TenantLevelSecurity.current_tenant_id { MultiTenant.current_tenant_id }
|
|
69
72
|
```
|
|
70
73
|
|
|
71
74
|
Do not query the database in this callback. As mentioned above, this callback is invoked at checking out a connection, so it may be called recursively.
|
|
@@ -87,7 +90,7 @@ In the table in which the policy is created, only the rows that match the curren
|
|
|
87
90
|
|
|
88
91
|
```ruby
|
|
89
92
|
# Set default tenant to "tenant2"
|
|
90
|
-
|
|
93
|
+
TenantLevelSecurity.current_tenant_id { tenant2.id }
|
|
91
94
|
|
|
92
95
|
TenantLevelSecurity.with(tenant1.id) do # => SET tenant_level_security.tenant_id = '1'
|
|
93
96
|
Employee.pluck(:name)
|
|
@@ -28,8 +28,8 @@ Gem::Specification.new do |spec|
|
|
|
28
28
|
spec.add_dependency "activesupport", ">= 6.0"
|
|
29
29
|
spec.add_dependency "pg", ">= 1.0"
|
|
30
30
|
|
|
31
|
-
spec.add_development_dependency "bundler", "
|
|
32
|
-
spec.add_development_dependency "rake", "
|
|
33
|
-
spec.add_development_dependency "rspec", "
|
|
31
|
+
spec.add_development_dependency "bundler", ">= 2.0"
|
|
32
|
+
spec.add_development_dependency "rake", ">= 10.0"
|
|
33
|
+
spec.add_development_dependency "rspec", ">= 3.0"
|
|
34
34
|
spec.add_development_dependency "appraisal", "~> 2.4"
|
|
35
35
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: activerecord-tenant-level-security
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- SmartHR
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-01-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activerecord
|
|
@@ -56,42 +56,42 @@ dependencies:
|
|
|
56
56
|
name: bundler
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- - "
|
|
59
|
+
- - ">="
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
61
|
version: '2.0'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- - "
|
|
66
|
+
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '2.0'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rake
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
|
-
- - "
|
|
73
|
+
- - ">="
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
75
|
version: '10.0'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
|
-
- - "
|
|
80
|
+
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '10.0'
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: rspec
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
|
-
- - "
|
|
87
|
+
- - ">="
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
89
|
version: '3.0'
|
|
90
90
|
type: :development
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
|
-
- - "
|
|
94
|
+
- - ">="
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
96
|
version: '3.0'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
@@ -120,6 +120,7 @@ files:
|
|
|
120
120
|
- ".gitignore"
|
|
121
121
|
- ".rspec"
|
|
122
122
|
- Appraisals
|
|
123
|
+
- CHANGELOG.md
|
|
123
124
|
- CODE_OF_CONDUCT.md
|
|
124
125
|
- Gemfile
|
|
125
126
|
- LICENSE.txt
|
|
@@ -130,6 +131,7 @@ files:
|
|
|
130
131
|
- bin/setup
|
|
131
132
|
- gemfiles/rails_6.0.gemfile
|
|
132
133
|
- gemfiles/rails_6.1.gemfile
|
|
134
|
+
- gemfiles/rails_7.0.gemfile
|
|
133
135
|
- lib/activerecord-tenant-level-security.rb
|
|
134
136
|
- lib/activerecord-tenant-level-security/command_recorder.rb
|
|
135
137
|
- lib/activerecord-tenant-level-security/schema_dumper.rb
|
|
@@ -143,7 +145,7 @@ licenses:
|
|
|
143
145
|
metadata:
|
|
144
146
|
homepage_uri: https://github.com/kufu/activerecord-tenant-level-security
|
|
145
147
|
source_code_uri: https://github.com/kufu/activerecord-tenant-level-security
|
|
146
|
-
changelog_uri: https://github.com/kufu/activerecord-tenant-level-security/blob/v0.0
|
|
148
|
+
changelog_uri: https://github.com/kufu/activerecord-tenant-level-security/blob/v0.1.0/CHANGELOG.md
|
|
147
149
|
post_install_message:
|
|
148
150
|
rdoc_options: []
|
|
149
151
|
require_paths:
|