activerecord-tenant-level-security 0.5.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +2 -2
- data/CHANGELOG.md +10 -0
- data/README.md +19 -1
- data/compose.yml +11 -0
- data/lib/activerecord-tenant-level-security/reconnectable_adapter.rb +9 -0
- data/lib/activerecord-tenant-level-security/tenant_level_security.rb +23 -10
- data/lib/activerecord-tenant-level-security/version.rb +1 -1
- data/lib/activerecord-tenant-level-security.rb +4 -1
- metadata +6 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 875e923faf98a07af0be7bee342de4e9706019f96049ad069e5ffd0498749aff
|
|
4
|
+
data.tar.gz: 30f876d2f357d0213f47a54ed15e4d6a8ce52298e66b07af42c5ffdd205748c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b31646aaa832922f12a2e3165d71c814e2c56bd24ad5edca2b42218a2e03b5db9308cf87d1f4e54797ddda324dc5c584296ea26374b5e55f5ca1ed793b06d16f
|
|
7
|
+
data.tar.gz: d3cd62cc22504af43ed0e10d644af101022de14e684ef8929bd9919fe68db92c53925cbfc01c481e7b5f41bbf34e734068998cb6c11956a50f5257cdbcaa0d5a
|
data/.circleci/config.yml
CHANGED
|
@@ -28,6 +28,6 @@ workflows:
|
|
|
28
28
|
- test:
|
|
29
29
|
matrix:
|
|
30
30
|
parameters:
|
|
31
|
-
ruby: ['ruby:3.
|
|
31
|
+
ruby: ['ruby:3.3', 'ruby:3.4', 'ruby:4.0']
|
|
32
32
|
rails: ['rails_7.2', 'rails_8.0', 'rails_8.1']
|
|
33
|
-
postgres: ['postgres:14.
|
|
33
|
+
postgres: ['postgres:14.20', 'postgres:15.15', 'postgres:16.11', 'postgres:17.7', 'postgres:18.1']
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
## v0.7.0 (2026-04-07)
|
|
2
|
+
|
|
3
|
+
### Enhancements
|
|
4
|
+
- [#35](https://github.com/kufu/activerecord-tenant-level-security/pull/35): Preserve RLS context across automatic reconnections
|
|
5
|
+
|
|
6
|
+
## v0.6.0 (2026-03-11)
|
|
7
|
+
|
|
8
|
+
### Breaking Changes
|
|
9
|
+
- [#37](https://github.com/kufu/activerecord-tenant-level-security/pull/37): Drop support for Ruby 3.2. Add support for Ruby 4.0.
|
|
10
|
+
|
|
1
11
|
## v0.5.0 (2025-12-12)
|
|
2
12
|
|
|
3
13
|
### Breaking Changes
|
data/README.md
CHANGED
|
@@ -193,7 +193,25 @@ end
|
|
|
193
193
|
|
|
194
194
|
## Development
|
|
195
195
|
|
|
196
|
-
After checking out the repo, run `bin/setup` to install dependencies.
|
|
196
|
+
After checking out the repo, run `bin/setup` to install dependencies.
|
|
197
|
+
|
|
198
|
+
To run tests locally, start PostgreSQL with Docker Compose and then execute the test suite:
|
|
199
|
+
|
|
200
|
+
```bash
|
|
201
|
+
docker compose up -d
|
|
202
|
+
bundle exec rake spec
|
|
203
|
+
```
|
|
204
|
+
|
|
205
|
+
The test helper connects to PostgreSQL at `localhost:5432` with the `postgres` user/password (`postgres`), and creates the app role (`activerecord_tenant_level_security_test`) when needed.
|
|
206
|
+
|
|
207
|
+
If you want a clean database state (for example, when re-initializing roles), recreate the database volume:
|
|
208
|
+
|
|
209
|
+
```bash
|
|
210
|
+
docker compose down -v
|
|
211
|
+
docker compose up -d
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
197
215
|
|
|
198
216
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
199
217
|
|
data/compose.yml
ADDED
|
@@ -1,6 +1,19 @@
|
|
|
1
1
|
module TenantLevelSecurity
|
|
2
2
|
DEFAULT_PARTITION_KEY = 'tenant_id'.freeze
|
|
3
3
|
|
|
4
|
+
class TenantContext < ActiveSupport::CurrentAttributes
|
|
5
|
+
attribute :tenant_id
|
|
6
|
+
|
|
7
|
+
def tenant_id=(val)
|
|
8
|
+
super
|
|
9
|
+
TenantLevelSecurity.switch_with_connection!(ActiveRecord::Base.connection, val)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
resets do
|
|
13
|
+
TenantLevelSecurity.switch_with_connection!(ActiveRecord::Base.connection, nil)
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
4
17
|
class << self
|
|
5
18
|
# The current_tenant_id sets the default tenant from the outside.
|
|
6
19
|
# Be sure to register in advance as `TenantLevelSecurity.current_tenant_id { id }` with initializers.
|
|
@@ -14,19 +27,19 @@ module TenantLevelSecurity
|
|
|
14
27
|
end
|
|
15
28
|
end
|
|
16
29
|
|
|
17
|
-
def with(tenant_id)
|
|
18
|
-
|
|
19
|
-
return yield if old_tenant_id == tenant_id
|
|
20
|
-
begin
|
|
21
|
-
switch! tenant_id
|
|
22
|
-
yield
|
|
23
|
-
ensure
|
|
24
|
-
switch! old_tenant_id
|
|
25
|
-
end
|
|
30
|
+
def with(tenant_id, &block)
|
|
31
|
+
TenantContext.with(tenant_id: tenant_id, &block)
|
|
26
32
|
end
|
|
27
33
|
|
|
28
34
|
def switch!(tenant_id)
|
|
29
|
-
|
|
35
|
+
TenantContext.tenant_id = tenant_id
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def switch_current_tenant_context!(conn = ActiveRecord::Base.connection)
|
|
39
|
+
TenantLevelSecurity.switch_with_connection!(
|
|
40
|
+
conn,
|
|
41
|
+
TenantLevelSecurity::TenantContext.tenant_id || TenantLevelSecurity.current_tenant_id
|
|
42
|
+
)
|
|
30
43
|
end
|
|
31
44
|
|
|
32
45
|
def switch_with_connection!(conn, tenant_id)
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'active_support'
|
|
2
|
+
require 'active_support/current_attributes'
|
|
2
3
|
require 'active_record'
|
|
3
4
|
require 'pg'
|
|
4
5
|
|
|
@@ -7,9 +8,11 @@ require_relative 'activerecord-tenant-level-security/command_recorder'
|
|
|
7
8
|
require_relative 'activerecord-tenant-level-security/schema_dumper'
|
|
8
9
|
require_relative 'activerecord-tenant-level-security/schema_statements'
|
|
9
10
|
require_relative 'activerecord-tenant-level-security/sidekiq'
|
|
11
|
+
require_relative 'activerecord-tenant-level-security/reconnectable_adapter'
|
|
10
12
|
|
|
11
13
|
ActiveSupport.on_load(:active_record) do
|
|
12
14
|
ActiveRecord::ConnectionAdapters::AbstractAdapter.include TenantLevelSecurity::SchemaStatements
|
|
15
|
+
ActiveRecord::ConnectionAdapters::AbstractAdapter.prepend TenantLevelSecurity::ReconnectableAdapter
|
|
13
16
|
ActiveRecord::Migration::CommandRecorder.include TenantLevelSecurity::CommandRecorder
|
|
14
17
|
ActiveRecord::SchemaDumper.prepend TenantLevelSecurity::SchemaDumper
|
|
15
18
|
|
|
@@ -17,6 +20,6 @@ ActiveSupport.on_load(:active_record) do
|
|
|
17
20
|
# Make sure that TenantLevelSecurity.current_tenant_id does not depend on database connections.
|
|
18
21
|
# If a new connection is needed to get the current_tenant_id, the callback may be invoked recursively.
|
|
19
22
|
ActiveRecord::ConnectionAdapters::AbstractAdapter.set_callback :checkout, :after do |conn|
|
|
20
|
-
TenantLevelSecurity.
|
|
23
|
+
TenantLevelSecurity.switch_current_tenant_context!(conn)
|
|
21
24
|
end
|
|
22
25
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: activerecord-tenant-level-security
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- SmartHR
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: activerecord
|
|
@@ -115,11 +114,13 @@ files:
|
|
|
115
114
|
- activerecord-tenant-level-security.gemspec
|
|
116
115
|
- bin/console
|
|
117
116
|
- bin/setup
|
|
117
|
+
- compose.yml
|
|
118
118
|
- gemfiles/rails_7.2.gemfile
|
|
119
119
|
- gemfiles/rails_8.0.gemfile
|
|
120
120
|
- gemfiles/rails_8.1.gemfile
|
|
121
121
|
- lib/activerecord-tenant-level-security.rb
|
|
122
122
|
- lib/activerecord-tenant-level-security/command_recorder.rb
|
|
123
|
+
- lib/activerecord-tenant-level-security/reconnectable_adapter.rb
|
|
123
124
|
- lib/activerecord-tenant-level-security/schema_dumper.rb
|
|
124
125
|
- lib/activerecord-tenant-level-security/schema_statements.rb
|
|
125
126
|
- lib/activerecord-tenant-level-security/sidekiq.rb
|
|
@@ -131,8 +132,7 @@ licenses:
|
|
|
131
132
|
metadata:
|
|
132
133
|
homepage_uri: https://github.com/kufu/activerecord-tenant-level-security
|
|
133
134
|
source_code_uri: https://github.com/kufu/activerecord-tenant-level-security
|
|
134
|
-
changelog_uri: https://github.com/kufu/activerecord-tenant-level-security/blob/v0.
|
|
135
|
-
post_install_message:
|
|
135
|
+
changelog_uri: https://github.com/kufu/activerecord-tenant-level-security/blob/v0.7.0/CHANGELOG.md
|
|
136
136
|
rdoc_options: []
|
|
137
137
|
require_paths:
|
|
138
138
|
- lib
|
|
@@ -147,8 +147,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
147
147
|
- !ruby/object:Gem::Version
|
|
148
148
|
version: '0'
|
|
149
149
|
requirements: []
|
|
150
|
-
rubygems_version: 3.
|
|
151
|
-
signing_key:
|
|
150
|
+
rubygems_version: 3.6.9
|
|
152
151
|
specification_version: 4
|
|
153
152
|
summary: An Active Record extension for Multitenancy with PostgreSQL Row Level Security
|
|
154
153
|
test_files: []
|