ae_declarative_authorization 0.10.2 → 0.12.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 380a434297fb196dcfbf059509ee1a50cd7835d2
-  data.tar.gz: db8af9fcb8906a699ba3a2e602d7a83446772074
+SHA256:
+  metadata.gz: 719562dc167a376019c1cbf5ef98fd3156bbd0420345b49499fb4e2932f7760b
+  data.tar.gz: 5e730141340ca6205f1c43616c0e4585fb203d3f992848911a778433c01b7da9
 SHA512:
-  metadata.gz: fdf1b43b12a93c790af306c1a4c1158f6e7c6205bba57c0b39582481b7f2314d57c69893fef313871929e63c943211cde5d2a07a9f9ec5495f8f2da87f0fb12d
-  data.tar.gz: 4241e224613130471ea25351cc5b50204d1730f6986a8aa17302905ac17599b373a5df59ef5a51ad18cb116df109ae71dce7adcb6e488ec4ed53b4bf1dae7be4
+  metadata.gz: 954e5d140855c4db4c1be63431e64357bcb1c2a3cdf54fd36bd2ecdd3b45bbf75315da5ca6762af8cab7d6cb582831f5b57e0e57d87e7b9bb05ebbf4c065017c
+  data.tar.gz: 15132703089d3c1b7c84a474dbf5d3445c21d41580e128c7120bc6a6a3ae184a5c2945b397417463a3c4190ad17453dca442e8c37d93685629179c879cbc7d9c

data/.circleci/config.yml

@@ -8,30 +8,22 @@ commands:
       - run: bundle exec appraisal rake test
 
 jobs:
-  test-ruby-233:
-    docker:
-      - image: circleci/ruby:2.3.3
-    steps:
-      - bundle_install_and_test
-
   test-ruby-253:
     docker:
       - image: circleci/ruby:2.5.3
     steps:
       - bundle_install_and_test
 
-  test-ruby-262:
+  test-ruby-263:
     docker:
-      - image: circleci/ruby:2.6.2
+      - image: circleci/ruby:2.6.3
     steps:
       - bundle_install_and_test
 
 workflows:
   rc:
     jobs:
-      - test-ruby-233:
-          context: appfolio_test_context
       - test-ruby-253:
           context: appfolio_test_context
-      - test-ruby-262:
+      - test-ruby-263:
           context: appfolio_test_context

data/.ruby-version

@@ -1 +1 @@
-ruby-2.3.3
+ruby-2.6.3

data/Appraisals

@@ -1,31 +1,26 @@
-case RUBY_VERSION
+RAILS_VERSIONS = ['5.2.2.1', '6.0.2.1']
+GRAPE_VERSIONS = ['1.1.0', '1.2.3', '1.3.0']
 
-when '2.3.3', '2.5.3', '2.6.2' then
+case RUBY_VERSION
 
-  appraise "ruby-#{RUBY_VERSION}-rails507" do
-    gem 'rails', '5.0.7'
-    gem 'grape', '1.1.0'
-    gem 'rails-controller-testing'
-  end
+when '2.5.3', '2.6.3' then
+  RAILS_VERSIONS.product(GRAPE_VERSIONS).each do |rails_version, grape_version|
+    appraise "ruby-#{RUBY_VERSION}-rails#{rails_version}-grape#{grape_version}" do
+      gem 'rails', rails_version
+      gem 'grape', grape_version
 
-  appraise "ruby-#{RUBY_VERSION}-rails516" do
-    gem 'rails', '5.1.6'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
-  end
+      if Gem::Version.new(grape_version) < Gem::Version.new('1.3.0')
+        # https://github.com/ruby-grape/grape/pull/1956
+        gem "rack", "< 2.1.0"
+      end
 
-  appraise "ruby-#{RUBY_VERSION}-rails521" do
-    gem 'rails', '5.2.1'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
+      if Gem::Version.new(rails_version) >= Gem::Version.new('6')
+        gem 'sqlite3', '~> 1.4'
+      else
+        gem 'sqlite3', '~> 1.3.0'
+      end
+    end
   end
-
-  appraise "ruby-#{RUBY_VERSION}-rails522" do
-    gem 'rails', '5.2.2'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
-  end
-
 else
   raise "Unsupported Ruby version #{RUBY_VERSION}"
 

data/Gemfile

@@ -4,4 +4,6 @@ gemspec
 
 gem 'appraisal', '~> 2.1'
 gem 'mocha', '~> 1.0', require: false
-gem 'sqlite3', '~> 1.3.0'
+gem 'sprockets', '< 4'
+
+gem 'rails-controller-testing'

data/declarative_authorization.gemspec

@@ -20,5 +20,5 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
 
   s.add_dependency(%q<blockenspiel>, ['~> 0.5.0'])
-  s.add_dependency(%q<rails>, ['>= 4.2.5.2', '< 6'])
+  s.add_dependency(%q<rails>, ['>= 4.2.5.2', '< 7'])
 end

data/lib/declarative_authorization/controller/grape.rb

@@ -37,6 +37,12 @@ module Authorization
           end
 
           def filter_access_filter # :nodoc:
+            begin
+              route
+            rescue
+              # Acceessing route raises an exception when the response is a 405 MethodNotAllowed
+              return
+            end
             unless allowed?("#{request.request_method} #{route.origin}")
               if respond_to?(:permission_denied, true)
                 # permission_denied needs to render or redirect
@@ -51,13 +57,18 @@ module Authorization
             ::Rails.logger
           end
 
-          protected
-
           def api_class
             if options[:for].respond_to?(:base)
-              options[:for].base # Grape >= 1.2.0 controller
+              # Grape >= 1.2.0 endpoint
+              # Authorization::Controller::Grape can be included into either Grape::API
+              # or Grape::API::Instance, so we need to check both.
+              [
+                options[:for],
+                options[:for].base
+              ].detect { |api| api.respond_to?(:decl_auth_context) }
             else
-              options[:for]      # Grape  < 1.2.0 controller
+              # Grape < 1.2.0 endpoint
+              options[:for]
             end
           end
         end

data/lib/declarative_authorization/controller_permission.rb

@@ -68,11 +68,7 @@ module Authorization
 
     def controller_class(contr)
       if defined?(Grape) && contr.class < Grape::Endpoint
-        if contr.options[:for].respond_to?(:base)
-          contr.options[:for].base # Grape >= 1.2.0 controller
-        else
-          contr.options[:for]      # Grape  < 1.2.0 controller
-        end
+        contr.api_class
       else
         contr.class         # Rails controller
       end

data/lib/declarative_authorization/test/helpers.rb

@@ -155,8 +155,14 @@ module DeclarativeAuthorization
         alias :access_tests_not_required :this_is_an_abstract_controller_so_it_needs_no_access_tests
 
         def all_public_actions
-          actions = controller_class.public_instance_methods(false)
-          actions += controller_class.superclass.public_instance_methods(false)
+          actions = []
+          if defined?(Grape) && [Grape::API, Grape::API::Instance].any? { |base| controller_class < base }
+            actions += controller_class.routes.map { |api| "#{api.request_method} #{api.origin}" }
+          else
+            actions += controller_class.public_instance_methods(false)
+            actions += controller_class.superclass.public_instance_methods(false)
+          end
+
           actions.reject! do |method|
             method =~ /^_/ ||
               method =~ /^rescue_action/ ||

data/lib/declarative_authorization/version.rb

@@ -1,3 +1,3 @@
 module DeclarativeAuthorization
-  VERSION = '0.10.2'.freeze
+  VERSION = '0.12.1'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 0.10.2
+  version: 0.12.1
 platform: ruby
 authors:
 - AppFolio
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-18 00:00:00.000000000 Z
+date: 2020-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blockenspiel
@@ -34,7 +34,7 @@ dependencies:
         version: 4.2.5.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6'
+        version: '7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -44,7 +44,7 @@ dependencies:
         version: 4.2.5.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6'
+        version: '7'
 description: ae_declarative_authorization is a Rails gem for maintainable authorization
   based on readable authorization rules.
 email: dev@appfolio.com
@@ -103,8 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: ae_declarative_authorization is a Rails gem for maintainable authorization