ae_declarative_authorization 0.11.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e24437f98ca9123a9e0c007325f8cfe0b88ed691b4cfcba2be9e9972d413b263
4
- data.tar.gz: 7c2b45c40951f5bc8ffc71f8c6b739727ee83aaaaea9f27f0d39f07640d3febb
3
+ metadata.gz: dc162ce05d6a603746d8a366aec4ff50e3e99a9974e205c14b013bbe7eafc3a5
4
+ data.tar.gz: a5c41a8a14d69eda89465e82ccb9b0f18c1e6db73a5c52d4486dac6f07b680d2
5
5
  SHA512:
6
- metadata.gz: 6e437f0d1a24441216a86efd1213973be469838819409445c5af8c892c80939a460c2d789493954ec5c5f74ae41c429e2dc66b39d02fbd505f28954c442ff1cb
7
- data.tar.gz: f25064eb69ea987a0387fc152dbf98cc1ac87e8b01de4fba54a87cfe2a5aa4acd5ecf525d39095a7a39f973c2e44ddc664b92ca90b814f3632b0fc79758cdd96
6
+ metadata.gz: 2ab1768fd4aabdd76d6bf9ee424d4247a9b24269c769c163bed14a1341176f34ec1d439a4f8610012fbff8a9cd16b11b59e0236ee60ed8c8c38b94aa60b08f0d
7
+ data.tar.gz: d2c5c5a9d73ecbacf81af77fc05cab0a714af9da20d40605a2d0de595e28ca81401d1373d8f6cfdc445a29b4c5643e9b70f143056bc9d6096ce9d8d6864b6132
@@ -8,12 +8,6 @@ commands:
8
8
  - run: bundle exec appraisal rake test
9
9
 
10
10
  jobs:
11
- test-ruby-233:
12
- docker:
13
- - image: circleci/ruby:2.3.3
14
- steps:
15
- - bundle_install_and_test
16
-
17
11
  test-ruby-253:
18
12
  docker:
19
13
  - image: circleci/ruby:2.5.3
@@ -29,8 +23,6 @@ jobs:
29
23
  workflows:
30
24
  rc:
31
25
  jobs:
32
- - test-ruby-233:
33
- context: appfolio_test_context
34
26
  - test-ruby-253:
35
27
  context: appfolio_test_context
36
28
  - test-ruby-263:
@@ -1 +1 @@
1
- ruby-2.3.3
1
+ ruby-2.6.3
data/Appraisals CHANGED
@@ -1,40 +1,26 @@
1
- case RUBY_VERSION
2
-
3
- when '2.3.3', '2.5.3', '2.6.3' then
4
-
5
- appraise "ruby-#{RUBY_VERSION}-rails507" do
6
- gem 'rails', '5.0.7'
7
- gem 'grape', '1.1.0'
8
- gem 'rails-controller-testing'
9
- end
10
-
11
- appraise "ruby-#{RUBY_VERSION}-rails516" do
12
- gem 'rails', '5.1.6'
13
- gem 'grape', '1.2.3'
14
- gem 'rails-controller-testing'
15
- end
1
+ RAILS_VERSIONS = ['5.2.2.1', '6.0.2.1']
2
+ GRAPE_VERSIONS = ['1.1.0', '1.2.3', '1.3.0']
16
3
 
17
- appraise "ruby-#{RUBY_VERSION}-rails521" do
18
- gem 'rails', '5.2.1'
19
- gem 'grape', '1.2.3'
20
- gem 'rails-controller-testing'
21
- end
22
-
23
- appraise "ruby-#{RUBY_VERSION}-rails522" do
24
- gem 'rails', '5.2.2'
25
- gem 'grape', '1.2.3'
26
- gem 'rails-controller-testing'
27
- end
4
+ case RUBY_VERSION
28
5
 
29
- if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.5.0')
30
- appraise "ruby-#{RUBY_VERSION}-rails6" do
31
- gem 'rails', '~> 6.0'
32
- gem 'grape', '1.2.3'
33
- gem 'rails-controller-testing'
34
- gem 'sqlite3', '~> 1.4'
6
+ when '2.5.3', '2.6.3' then
7
+ RAILS_VERSIONS.product(GRAPE_VERSIONS).each do |rails_version, grape_version|
8
+ appraise "ruby-#{RUBY_VERSION}-rails#{rails_version}-grape#{grape_version}" do
9
+ gem 'rails', rails_version
10
+ gem 'grape', grape_version
11
+
12
+ if Gem::Version.new(grape_version) < Gem::Version.new('1.3.0')
13
+ # https://github.com/ruby-grape/grape/pull/1956
14
+ gem "rack", "< 2.1.0"
15
+ end
16
+
17
+ if Gem::Version.new(rails_version) >= Gem::Version.new('6')
18
+ gem 'sqlite3', '~> 1.4'
19
+ else
20
+ gem 'sqlite3', '~> 1.3.0'
21
+ end
35
22
  end
36
23
  end
37
-
38
24
  else
39
25
  raise "Unsupported Ruby version #{RUBY_VERSION}"
40
26
 
data/Gemfile CHANGED
@@ -5,4 +5,5 @@ gemspec
5
5
  gem 'appraisal', '~> 2.1'
6
6
  gem 'mocha', '~> 1.0', require: false
7
7
  gem 'sprockets', '< 4'
8
- gem 'sqlite3', '~> 1.3.0'
8
+
9
+ gem 'rails-controller-testing'
@@ -175,6 +175,9 @@ module Authorization
175
175
 
176
176
  user, roles, privileges = user_roles_privleges_from_options(privilege, options)
177
177
 
178
+ callback = Rails.application.config.try(:ae_declarative_authorization_permit_callback)
179
+ callback.call(controller: options[:controller], privilege: privilege) if callback && options.include?(:controller)
180
+
178
181
  return true if roles.is_a?(Hash) && !(roles.keys & omnipotent_roles).empty?
179
182
 
180
183
  # find a authorization rule that matches for at least one of the roles and
@@ -57,13 +57,18 @@ module Authorization
57
57
  ::Rails.logger
58
58
  end
59
59
 
60
- protected
61
-
62
60
  def api_class
63
61
  if options[:for].respond_to?(:base)
64
- options[:for].base # Grape >= 1.2.0 controller
62
+ # Grape >= 1.2.0 endpoint
63
+ # Authorization::Controller::Grape can be included into either Grape::API
64
+ # or Grape::API::Instance, so we need to check both.
65
+ [
66
+ options[:for],
67
+ options[:for].base
68
+ ].detect { |api| api.respond_to?(:decl_auth_context) }
65
69
  else
66
- options[:for] # Grape < 1.2.0 controller
70
+ # Grape < 1.2.0 endpoint
71
+ options[:for]
67
72
  end
68
73
  end
69
74
  end
@@ -29,7 +29,8 @@ module Authorization
29
29
  :user => contr.send(:current_user),
30
30
  :object => object,
31
31
  :skip_attribute_test => !@attribute_check,
32
- :context => @context || controller_class(contr).decl_auth_context)
32
+ :context => @context || controller_class(contr).decl_auth_context,
33
+ :controller => contr)
33
34
  end
34
35
 
35
36
  def remove_actions(actions)
@@ -68,11 +69,7 @@ module Authorization
68
69
 
69
70
  def controller_class(contr)
70
71
  if defined?(Grape) && contr.class < Grape::Endpoint
71
- if contr.options[:for].respond_to?(:base)
72
- contr.options[:for].base # Grape >= 1.2.0 controller
73
- else
74
- contr.options[:for] # Grape < 1.2.0 controller
75
- end
72
+ contr.api_class
76
73
  else
77
74
  contr.class # Rails controller
78
75
  end
@@ -155,8 +155,14 @@ module DeclarativeAuthorization
155
155
  alias :access_tests_not_required :this_is_an_abstract_controller_so_it_needs_no_access_tests
156
156
 
157
157
  def all_public_actions
158
- actions = controller_class.public_instance_methods(false)
159
- actions += controller_class.superclass.public_instance_methods(false)
158
+ actions = []
159
+ if defined?(Grape) && [Grape::API, Grape::API::Instance].any? { |base| controller_class < base }
160
+ actions += controller_class.routes.map { |api| "#{api.request_method} #{api.origin}" }
161
+ else
162
+ actions += controller_class.public_instance_methods(false)
163
+ actions += controller_class.superclass.public_instance_methods(false)
164
+ end
165
+
160
166
  actions.reject! do |method|
161
167
  method =~ /^_/ ||
162
168
  method =~ /^rescue_action/ ||
@@ -1,3 +1,3 @@
1
1
  module DeclarativeAuthorization
2
- VERSION = '0.11.0'.freeze
2
+ VERSION = '0.13.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,15 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ae_declarative_authorization
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - AppFolio
8
8
  - Steffen Bartsch
9
- autorequire:
9
+ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-01-06 00:00:00.000000000 Z
12
+ date: 2020-11-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: blockenspiel
@@ -88,7 +88,7 @@ homepage: http://github.com/appfolio/ae_declarative_authorization
88
88
  licenses:
89
89
  - MIT
90
90
  metadata: {}
91
- post_install_message:
91
+ post_install_message:
92
92
  rdoc_options: []
93
93
  require_paths:
94
94
  - lib
@@ -104,7 +104,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
104
104
  version: '0'
105
105
  requirements: []
106
106
  rubygems_version: 3.0.3
107
- signing_key:
107
+ signing_key:
108
108
  specification_version: 4
109
109
  summary: ae_declarative_authorization is a Rails gem for maintainable authorization
110
110
  based on readable authorization rules.