ae_declarative_authorization 0.11.0 → 0.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e24437f98ca9123a9e0c007325f8cfe0b88ed691b4cfcba2be9e9972d413b263
-  data.tar.gz: 7c2b45c40951f5bc8ffc71f8c6b739727ee83aaaaea9f27f0d39f07640d3febb
+  metadata.gz: dc162ce05d6a603746d8a366aec4ff50e3e99a9974e205c14b013bbe7eafc3a5
+  data.tar.gz: a5c41a8a14d69eda89465e82ccb9b0f18c1e6db73a5c52d4486dac6f07b680d2
 SHA512:
-  metadata.gz: 6e437f0d1a24441216a86efd1213973be469838819409445c5af8c892c80939a460c2d789493954ec5c5f74ae41c429e2dc66b39d02fbd505f28954c442ff1cb
-  data.tar.gz: f25064eb69ea987a0387fc152dbf98cc1ac87e8b01de4fba54a87cfe2a5aa4acd5ecf525d39095a7a39f973c2e44ddc664b92ca90b814f3632b0fc79758cdd96
+  metadata.gz: 2ab1768fd4aabdd76d6bf9ee424d4247a9b24269c769c163bed14a1341176f34ec1d439a4f8610012fbff8a9cd16b11b59e0236ee60ed8c8c38b94aa60b08f0d
+  data.tar.gz: d2c5c5a9d73ecbacf81af77fc05cab0a714af9da20d40605a2d0de595e28ca81401d1373d8f6cfdc445a29b4c5643e9b70f143056bc9d6096ce9d8d6864b6132

data/.circleci/config.yml

@@ -8,12 +8,6 @@ commands:
       - run: bundle exec appraisal rake test
 
 jobs:
-  test-ruby-233:
-    docker:
-      - image: circleci/ruby:2.3.3
-    steps:
-      - bundle_install_and_test
-
   test-ruby-253:
     docker:
       - image: circleci/ruby:2.5.3
@@ -29,8 +23,6 @@ jobs:
 workflows:
   rc:
     jobs:
-      - test-ruby-233:
-          context: appfolio_test_context
       - test-ruby-253:
           context: appfolio_test_context
       - test-ruby-263:

data/.ruby-version

@@ -1 +1 @@
-ruby-2.3.3
+ruby-2.6.3

data/Appraisals

@@ -1,40 +1,26 @@
-case RUBY_VERSION
-
-when '2.3.3', '2.5.3', '2.6.3' then
-
-  appraise "ruby-#{RUBY_VERSION}-rails507" do
-    gem 'rails', '5.0.7'
-    gem 'grape', '1.1.0'
-    gem 'rails-controller-testing'
-  end
-
-  appraise "ruby-#{RUBY_VERSION}-rails516" do
-    gem 'rails', '5.1.6'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
-  end
+RAILS_VERSIONS = ['5.2.2.1', '6.0.2.1']
+GRAPE_VERSIONS = ['1.1.0', '1.2.3', '1.3.0']
 
-  appraise "ruby-#{RUBY_VERSION}-rails521" do
-    gem 'rails', '5.2.1'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
-  end
-
-  appraise "ruby-#{RUBY_VERSION}-rails522" do
-    gem 'rails', '5.2.2'
-    gem 'grape', '1.2.3'
-    gem 'rails-controller-testing'
-  end
+case RUBY_VERSION
 
-  if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.5.0')
-    appraise "ruby-#{RUBY_VERSION}-rails6" do
-      gem 'rails', '~> 6.0'
-      gem 'grape', '1.2.3'
-      gem 'rails-controller-testing'
-      gem 'sqlite3', '~> 1.4'
+when '2.5.3', '2.6.3' then
+  RAILS_VERSIONS.product(GRAPE_VERSIONS).each do |rails_version, grape_version|
+    appraise "ruby-#{RUBY_VERSION}-rails#{rails_version}-grape#{grape_version}" do
+      gem 'rails', rails_version
+      gem 'grape', grape_version
+
+      if Gem::Version.new(grape_version) < Gem::Version.new('1.3.0')
+        # https://github.com/ruby-grape/grape/pull/1956
+        gem "rack", "< 2.1.0"
+      end
+
+      if Gem::Version.new(rails_version) >= Gem::Version.new('6')
+        gem 'sqlite3', '~> 1.4'
+      else
+        gem 'sqlite3', '~> 1.3.0'
+      end
     end
   end
-
 else
   raise "Unsupported Ruby version #{RUBY_VERSION}"
 

data/Gemfile

@@ -5,4 +5,5 @@ gemspec
 gem 'appraisal', '~> 2.1'
 gem 'mocha', '~> 1.0', require: false
 gem 'sprockets', '< 4'
-gem 'sqlite3', '~> 1.3.0'
+
+gem 'rails-controller-testing'

data/lib/declarative_authorization/authorization.rb

@@ -175,6 +175,9 @@ module Authorization
 
       user, roles, privileges = user_roles_privleges_from_options(privilege, options)
 
+      callback = Rails.application.config.try(:ae_declarative_authorization_permit_callback)
+      callback.call(controller: options[:controller], privilege: privilege) if callback && options.include?(:controller)
+
       return true if roles.is_a?(Hash) && !(roles.keys & omnipotent_roles).empty?
 
       # find a authorization rule that matches for at least one of the roles and

data/lib/declarative_authorization/controller/grape.rb

@@ -57,13 +57,18 @@ module Authorization
             ::Rails.logger
           end
 
-          protected
-
           def api_class
             if options[:for].respond_to?(:base)
-              options[:for].base # Grape >= 1.2.0 controller
+              # Grape >= 1.2.0 endpoint
+              # Authorization::Controller::Grape can be included into either Grape::API
+              # or Grape::API::Instance, so we need to check both.
+              [
+                options[:for],
+                options[:for].base
+              ].detect { |api| api.respond_to?(:decl_auth_context) }
             else
-              options[:for]      # Grape  < 1.2.0 controller
+              # Grape < 1.2.0 endpoint
+              options[:for]
             end
           end
         end

data/lib/declarative_authorization/controller_permission.rb

@@ -29,7 +29,8 @@ module Authorization
                                          :user => contr.send(:current_user),
                                          :object => object,
                                          :skip_attribute_test => !@attribute_check,
-                                         :context => @context || controller_class(contr).decl_auth_context)
+                                         :context => @context || controller_class(contr).decl_auth_context,
+                                         :controller => contr)
     end
 
     def remove_actions(actions)
@@ -68,11 +69,7 @@ module Authorization
 
     def controller_class(contr)
       if defined?(Grape) && contr.class < Grape::Endpoint
-        if contr.options[:for].respond_to?(:base)
-          contr.options[:for].base # Grape >= 1.2.0 controller
-        else
-          contr.options[:for]      # Grape  < 1.2.0 controller
-        end
+        contr.api_class
       else
         contr.class         # Rails controller
       end

data/lib/declarative_authorization/test/helpers.rb

@@ -155,8 +155,14 @@ module DeclarativeAuthorization
         alias :access_tests_not_required :this_is_an_abstract_controller_so_it_needs_no_access_tests
 
         def all_public_actions
-          actions = controller_class.public_instance_methods(false)
-          actions += controller_class.superclass.public_instance_methods(false)
+          actions = []
+          if defined?(Grape) && [Grape::API, Grape::API::Instance].any? { |base| controller_class < base }
+            actions += controller_class.routes.map { |api| "#{api.request_method} #{api.origin}" }
+          else
+            actions += controller_class.public_instance_methods(false)
+            actions += controller_class.superclass.public_instance_methods(false)
+          end
+
           actions.reject! do |method|
             method =~ /^_/ ||
               method =~ /^rescue_action/ ||

data/lib/declarative_authorization/version.rb

@@ -1,3 +1,3 @@
 module DeclarativeAuthorization
-  VERSION = '0.11.0'.freeze
+  VERSION = '0.13.0'.freeze
 end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.13.0
 platform: ruby
 authors:
 - AppFolio
 - Steffen Bartsch
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-01-06 00:00:00.000000000 Z
+date: 2020-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blockenspiel
@@ -88,7 +88,7 @@ homepage: http://github.com/appfolio/ae_declarative_authorization
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -104,7 +104,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.3
-signing_key: 
+signing_key:
 specification_version: 4
 summary: ae_declarative_authorization is a Rails gem for maintainable authorization
   based on readable authorization rules.