ae_declarative_authorization 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d3a61732493a7f1dfa8698fa016e257e119204c7bf878397b5caa62080c360b
-  data.tar.gz: 5d05fbeb9f859e393a42aa86108278037377225ddbe02160a5a6ad5ef4f199fa
+  metadata.gz: 0a7b71e8b588137b1b2b96bc7e214cb6ab58ca778b9bdbafd34d6887897d7537
+  data.tar.gz: 98662f0d7b0d3ef4fcbec3bae6b71bb3ab8f97051e7fe3c9042c55f1f9c5391b
 SHA512:
-  metadata.gz: 01ec7768b90fcdb701456f254519acce547a635cc6b49a0fad4080c41cc3d72901bf6443c44de132a5f10df63d7c7bf866189f8d1f6a3e79a4e11e51bfa92547
-  data.tar.gz: 7bf88799408d3883d41ecbb5e5616d1d12323e6f2e535c9d39ada2bea149ce349e6696750c57901d0059e930863e0f4b7a4caab2b7c770c683d1c7ac64f1fd91
+  metadata.gz: f7c3fe0957edf2aebac772624e17ba87157a0c99181ec7e64794cec22865acd1d74ab2f051b5429fe2a25abbee2665a4cef7b63235b6e26999df5c998bf51ad5
+  data.tar.gz: cc90c97438fc87fef2a014296abed704e56f37a810d8e858327caaec39cf71d3a46201a82cd4640106d7b70ffe3708163f8db0b9a72ed9612580f9c4d2d23944

data/declarative_authorization.gemspec

@@ -19,5 +19,5 @@ Gem::Specification.new do |spec|
   spec.metadata['allowed_push_host'] = 'https://rubygems.org'
 
   spec.add_dependency('blockenspiel', ['>= 0.5', '< 1'])
-  spec.add_dependency('rails', ['>= 7', '< 8.1'])
+  spec.add_dependency('rails', ['>= 7.2', '< 8.2'])
 end

data/lib/declarative_authorization/authorization.rb

@@ -3,6 +3,7 @@ require File.dirname(__FILE__) + '/reader.rb'
 require "set"
 require "forwardable"
 require 'rails'
+require 'uri'
 
 module Authorization
   # An exception raised if anything goes wrong in the Authorization realm
@@ -218,12 +219,16 @@ module Authorization
                      options[:controller].route&.request_method
                    end
 
-          Authorization.config.authorization_denied_callback&.call(
+          referer_url = options[:controller]&.respond_to?(:request) ? options[:controller].request&.referer : nil
+          referer_path = referer_url ? (URI.parse(referer_url).path rescue nil) : nil
+
+          Authorization.config.authorization_denied_callback.call(
             {
               action: action,
               path: options[:controller]&.respond_to?(:request) ? options[:controller].request&.path : nil,
               context: options[:context].to_s,
-              attribute_check_denial: !rules.empty?
+              attribute_check_denial: !rules.empty?,
+              referer: referer_path
             }
           )
         end

data/lib/declarative_authorization/version.rb

@@ -1,3 +1,3 @@
 module DeclarativeAuthorization
-  VERSION = '2.1.0'.freeze
+  VERSION = '2.2.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - AppFolio
@@ -35,20 +35,20 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.1'
+        version: '8.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.1'
+        version: '8.2'
 description: Rails gem for maintainable authorization based on readable authorization
   rules.
 email: opensource@appfolio.com