ae_declarative_authorization 1.4.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58d5ae47fcb1b37a3bc09ff1f327c5b4bc1c17e0e10dfb41abe7b320d05455df
-  data.tar.gz: eedc2584682aa79790b12236a070d14799e85102706db150239c58f460a962d7
+  metadata.gz: 5e11a2b5e7153658db82ba4882cf04c2dc4f7e1ec22d21908365af7a860de466
+  data.tar.gz: 01cc82ce6c960d11af9199fa142334de736b7957fd8b30dd81a95822964bca64
 SHA512:
-  metadata.gz: 3610179d19f7119d9639a7b3c4423bcc2230c5298f88c1de8ffa8bd66d5213a276fabe6162a68deec057c8457b3b094cb221703617fe841a6bd134672ae9ed8b
-  data.tar.gz: 1354377a7af061f622fba2970f327d24e725f418738bc9294580237a72201157eb5a9ef4cc4eac183b24d3278cbcd7049fbfc387adc58dc74e17741bf7fc2ea5
+  metadata.gz: c9c061d3055fdf6d84d81699a53e653e67bb42f6162dd4c27eac31e473d145e9cb14268cbe886114ba781428aafd179be2ea9449ba7b9e79ddbc4c2dfd3f6734
+  data.tar.gz: 708873a0ad5ab828bb8615d211b41d5a80cab0af1e4b7a985be167ef61267a6eba1add3f63b059677c5c9c212a31c891739c7200ab321b64e32bb2e0c9d8655b

data/lib/declarative_authorization/version.rb

@@ -1,3 +1,3 @@
 module DeclarativeAuthorization
-  VERSION = '1.4.0'.freeze
+  VERSION = '1.5.0'.freeze
 end

data/lib/rubocop/cop/decl_auth/before_actions_precede_access_filter.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module DeclAuth
+      # Enforces placing all `before_action` statements prior to the first `filter_access_to` statement.
+      # This ensures that any data required by the access filters is available before the filter is applied.
+      # See the documentation above the `filter_access_to` method in Authorization::Controller::DSL for more information
+      #
+      # @example
+      #   # bad
+      #   before_action: :do_something
+      #   filter_access_to :all
+      #   before_action :find_object
+      #
+      #   # good
+      #   before_action: :do_something
+      #   before_action :find_object
+      #
+      #   filter_access_to :all
+      #
+      class BeforeActionsPrecedeAccessFilter < RuboCop::Cop::Base
+        def_node_search :before_actions, '(send nil? :before_action ...)'
+        def_node_search :access_filters, '(send nil? :filter_access_to ...)'
+
+        MSG = '`:filter_access_to` statements should be placed after all other `:before_action` statements.'
+
+        def on_class(node)
+          before_actions = before_actions(node)
+          access_filters = access_filters(node)
+
+          return if before_actions.count.zero? || access_filters.count.zero?
+
+          last_before_action = before_actions.to_a.last
+          first_access_filter = access_filters.to_a.first
+
+          return if last_before_action.sibling_index < first_access_filter.sibling_index
+
+          add_offense(access_filters.first, message: MSG)
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.5.0
 platform: ruby
 authors:
 - AppFolio
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-01 00:00:00.000000000 Z
+date: 2025-01-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blockenspiel
@@ -77,13 +76,13 @@ files:
 - lib/generators/authorization/install/install_generator.rb
 - lib/generators/authorization/rules/rules_generator.rb
 - lib/generators/authorization/rules/templates/authorization_rules.rb
+- lib/rubocop/cop/decl_auth/before_actions_precede_access_filter.rb
 - lib/tasks/authorization_tasks.rake
 homepage: https://github.com/appfolio/ae_declarative_authorization
 licenses:
 - MIT
 metadata:
   allowed_push_host: https://rubygems.org
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -98,8 +97,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.7
-signing_key:
+rubygems_version: 3.6.3
 specification_version: 4
 summary: Rails gem for maintainable authorization based on readable authorization
   rules.