apiphobic-authorization 1.3.1 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2e52789dfd4bdcb81496f57b65640060f9b5507dfb88dea346e6e4e70a00338
-  data.tar.gz: 8b7d3db6a3afd89a0d373957b0441469c1b07f9566e91ccd460cd4ec5aff842a
+  metadata.gz: ebe1b6813491f637fc907e1d68455b3eb94550c52a77297a12ddfc26d8847975
+  data.tar.gz: ecc7acaaee95c033c6b5a9c22c54127abcffe03553890b48a5b89c8c07765008
 SHA512:
-  metadata.gz: e1e9d81247767c12439d0e168dbdf8369d8a8aeb122b1e53288db5f567f017691d13d45038f265c31a8566178c8fb7fd67ca808d926ce35c85d1a9a3460ef0a6
-  data.tar.gz: dff1d9610235548089b9081da50588b46e9c3e0167a7b78511f5e5765d0919816b9f31e257b9a6eeccbc36df3ec98c00dc36ac0ae090479279fc0d7ef7aff807
+  metadata.gz: 04ca46de212a7b5fb46db8a4f94b809df95ed744e0ea5e0e2a73a8a79359499ddb347d96f8466d54c770eeb67fd356545f037cc36f254dc18ffde4358a956e4c
+  data.tar.gz: d853205773ad8b0de8ebfb1ae2704c06ddfe99c296ea7117df5de0f9b431d3c6ed5dd770e837fcb518f55ffb7cb77d7f2b42313b32a74ae60b27c08049588a1b

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2010-2016 The Kompanee, Ltd
+Copyright (c) 2010-2019 The Kompanee, Ltd
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/lib/apiphobic/authorization/authorizer.rb

@@ -7,21 +7,21 @@ class   Authorizer
                 :parameters,
                 :resource,
                 :token,
-                :user
+                :audience
 
-  # rubocop:disable Metrics/ParameterLists
-  def initialize(action:, token:, user:, issuer:, parameters:, resource:, **other)
+  def initialize(action:, token:, audience:, issuer:, parameters:, resource:, **other) # rubocop:disable Metrics/ParameterLists
     self.action     = action
-    self.token      = token
-    self.user       = user
+    self.audience   = audience
     self.parameters = parameters
     self.resource   = resource
+    self.token      = token
 
     other.each do |name, value|
       public_send("#{name}=", value)
     end
   end
-  # rubocop:enable Metrics/ParameterLists
+
+  alias user audience
 
   def able_to_index?
     false

data/lib/apiphobic/authorization/authorizers/parameters.rb

@@ -4,7 +4,6 @@ require 'apple_core/refinements/deep_dup'
 require 'apiphobic/errors/unpermitted_inclusions'
 require 'apiphobic/errors/unpermitted_sorts'
 
-# rubocop:disable Metrics/ClassLength
 module  Apiphobic
 module  Authorization
 module  Authorizers
@@ -12,9 +11,9 @@ class   Parameters
   using ::AppleCore::Refinements::DeepDup
 
   attr_accessor :action,
+                :audience,
                 :parameters,
-                :token,
-                :user
+                :token
 
   attr_writer   :authorized_attributes,
                 :authorized_filters,
@@ -23,18 +22,18 @@ class   Parameters
                 :authorized_sorts,
                 :ignored_attributes
 
-  # rubocop:disable Metrics/ParameterLists
-  def initialize(action:, token:, user:, issuer:, parameters:, **other)
+  def initialize(action:, token:, audience:, issuer:, parameters:, **other) # rubocop:disable Metrics/ParameterLists
     self.action     = action
+    self.audience   = audience
     self.parameters = parameters.deep_dup
     self.token      = token
-    self.user       = user
 
     other.each do |name, value|
       public_send("#{name}=", value)
     end
   end
-  # rubocop:enable Metrics/ParameterLists
+
+  alias user audience
 
   def authorized_parameters
     @authorized_parameters || [
@@ -92,8 +91,7 @@ class   Parameters
     @ignored_attributes || []
   end
 
-  # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity
-  def call
+  def call # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
     sliced_parameters = authorized_parameters.map { |v| v.is_a?(::Hash) ? v[:name] : v }
 
     parameters.slice!(*sliced_parameters)
@@ -136,7 +134,6 @@ class   Parameters
 
     parameters.permit(*authorization)
   end
-  # rubocop:enable Metrics/AbcSize, Metrics/CyclomaticComplexity
 
   private
 
@@ -195,10 +192,10 @@ class   Parameters
   def authorize_parameter(name:,
                           value:,
                           authorization_parameters:,
-                          authorization_value: nil,
                           raw_parameters:,
-                          allowed_values: nil,
-                          override: {})
+                          authorization_value: nil,
+                          allowed_values:      nil,
+                          override:            {})
 
     value = override_parameter(name:     name,
                                value:    value,
@@ -209,7 +206,7 @@ class   Parameters
 
     if authorization_value
       authorization_parameters[0][name] = authorization_value
-    elsif value.class == ::Array
+    elsif value.instance_of?(::Array)
       authorization_parameters[0][name] = []
     else
       authorization_parameters << name
@@ -246,24 +243,25 @@ class   Parameters
   end
 
   def ignore_attribute(name:)
-    raw_parameter_attributes.delete(name)
+    key_match = ->(k, _v) { k.to_s == name.to_s }
+
+    parameters[:data][:attributes]    = raw_parameter_attributes.delete_if(&key_match)
+    parameters[:data][:relationships] = raw_parameter_relationships.delete_if(&key_match)
   end
 
-  # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
-  def override_parameter(name:, value:, hash:, override:)
+  def override_parameter(name:, value:, hash:, override:) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
     override = { with: nil, if_admin: false, if_absent: true, if_blank: true }
                  .merge(override)
 
-    return value unless override[:with] &&
-                        (!token.admin? || override[:if_admin]) &&
-                        (hash.has_key?(name) || override[:if_absent]) &&
-                        (!hash.has_key?(name) || !value.nil? || override[:if_blank])
+    return value if !override[:with] ||
+                    (token.admin? && !override[:if_admin]) ||
+                    (!hash.has_key?(name) && !override[:if_absent]) ||
+                    (hash.has_key?(name) && value.nil? && !override[:if_blank])
 
     hash[name] = override[:with]
 
     override[:with]
   end
-  # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
 
   def authorized_data_parameter
     authorization[0][:data][2]
@@ -281,16 +279,14 @@ class   Parameters
     authorization[0][:filter] ||= [{}]
   end
 
-  # rubocop:disable Layout/ExtraSpacing
   def raw_parameter_attributes
     @raw_parameter_attributes ||= begin
-      parameters[:data]              ||= {}
-      parameters[:data][:attributes] ||= {}
+                                    parameters[:data]              ||= {}
+                                    parameters[:data][:attributes] ||= {}
 
-      parameters[:data][:attributes]
-    end
+                                    parameters[:data][:attributes]
+                                  end
   end
-  # rubocop:enable Layout/ExtraSpacing
 
   def raw_parameter_filters
     @raw_parameter_filters ||= parameters[:filter] ||= {}
@@ -301,9 +297,12 @@ class   Parameters
   end
 
   def raw_parameter_relationships
-    @raw_parameter_relationships ||= parameters
-                                       .fetch(:data,          {})
-                                       .fetch(:relationships, {})
+    @raw_parameter_relationships        ||= begin
+                                              parameters[:data]                 ||= {}
+                                              parameters[:data][:relationships] ||= {}
+
+                                              parameters[:data][:relationships]
+                                            end
   end
 
   def raw_parameter_sorts
@@ -329,4 +328,3 @@ end
 end
 end
 end
-# rubocop:enable Metrics/ClassLength

data/lib/apiphobic/authorization/authorizers/scope.rb

@@ -9,24 +9,24 @@ class   Scope
   using ::AppleCore::Refinements::String
 
   attr_accessor :action,
-                :token,
-                :user,
+                :audience,
                 :raw_parameters,
-                :scope_root
+                :scope_root,
+                :token
 
-  # rubocop:disable Metrics/ParameterLists
-  def initialize(action:, token:, user:, issuer:, parameters:, scope_root:, **other)
+  def initialize(action:, token:, audience:, issuer:, parameters:, scope_root:, **other) # rubocop:disable Metrics/ParameterLists
     self.action         = action
-    self.token          = token
-    self.user           = user
+    self.audience       = audience
     self.raw_parameters = parameters
     self.scope_root     = scope_root
+    self.token          = token
 
     other.each do |name, value|
       public_send("#{name}=", value)
     end
   end
-  # rubocop:enable Metrics/ParameterLists
+
+  alias user audience
 
   def user_scope
     scope_root.public_send("for_#{user_underscored_class_name}", scope_user_id)
@@ -52,10 +52,12 @@ class   Scope
 
   def user_underscored_class_name
     @user_underscored_class_name ||= begin
-      base_user_class_name         = user.class.name[/([^:]+)\z/, 1]
+                                       base_user_class_name = user
+                                                                .class
+                                                                .name[/([^:]+)\z/, 1]
 
-      base_user_class_name.underscore.downcase
-    end
+                                       base_user_class_name.underscore.downcase
+                                     end
   end
 
   def authorized_scope_id(name:, default:)

data/lib/apiphobic/authorization/resource.rb

@@ -68,10 +68,10 @@ module  Resource
                                  .class
                                  .authorizer_parameters_class
                                  .new(action:     action_name,
-                                      token:      token,
-                                      user:       authorized_user,
+                                      audience:   authorized_audience,
                                       issuer:     authorized_issuer,
-                                      parameters: params)
+                                      parameters: params,
+                                      token:      token)
                                  .call
   end
 
@@ -84,11 +84,11 @@ module  Resource
                             .class
                             .authorizer_scope_class
                             .new(action:     action_name,
-                                 token:      token,
-                                 user:       authorized_user,
+                                 audience:   authorized_audience,
                                  issuer:     authorized_issuer,
                                  parameters: authorized_parameters,
-                                 scope_root: self.class.authorized_scope_root_class)
+                                 scope_root: self.class.authorized_scope_root_class,
+                                 token:      token)
                             .call
   end
 
@@ -103,11 +103,11 @@ module  Resource
                       .class
                       .authorizer_class
                       .new(action:     action_name,
-                           token:      token,
-                           user:       authorized_user,
+                           audience:   authorized_audience,
                            issuer:     authorized_issuer,
                            parameters: authorized_parameters,
-                           resource:   authorized_resource&.processed)
+                           resource:   authorized_resource&.processed,
+                           token:      token)
   end
 
   def authorized_resource
@@ -129,8 +129,8 @@ module  Resource
              parameters: authorized_parameters)
   end
 
-  def authorized_user
-    current_user
+  def authorized_audience
+    current_audience
   end
 
   def authorized_issuer

data/lib/apiphobic/authorization/version.rb

@@ -2,6 +2,6 @@
 
 module Apiphobic
 module Authorization
-  VERSION = '1.3.1'
+  VERSION = '1.6.0'
 end
 end

data/lib/apiphobic/errors/unpermitted_inclusions.rb

@@ -19,7 +19,7 @@ class   UnpermittedInclusions < RuntimeError
 
   def detail
     'One or more of the inclusions you attempted to pass via the "include" parameter ' \
-    'are either not available or not authorized.'
+      'are either not available or not authorized.'
   end
 
   def source

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: apiphobic-authorization
 version: !ruby/object:Gem::Version
-  version: 1.3.1
+  version: 1.6.0
 platform: ruby
 authors:
 - thegranddesign
@@ -10,28 +10,34 @@ bindir: bin
 cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
-  MIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQUFADBNMREwDwYDVQQDDAhydWJ5
-  Z2VtczEjMCEGCgmSJomT8ixkARkWE2xpdmluZ2hpZ2hvbnRoZWJsb2cxEzARBgoJ
-  kiaJk/IsZAEZFgNjb20wHhcNMTcwODAyMjI1OTM1WhcNMTgwODAyMjI1OTM1WjBN
-  MREwDwYDVQQDDAhydWJ5Z2VtczEjMCEGCgmSJomT8ixkARkWE2xpdmluZ2hpZ2hv
-  bnRoZWJsb2cxEzARBgoJkiaJk/IsZAEZFgNjb20wggEiMA0GCSqGSIb3DQEBAQUA
-  A4IBDwAwggEKAoIBAQDtLa7+7p49gW15OgOyRZad/F92iZcMdDjZ2kAxZlviXgVe
-  PCtjfdURobH+YMdt++6eRkE25utIFqHyN51Shxfdc21T3fPQe/ZEoMyiJK4tYzbh
-  7VjNJG4ldvKKpS1p7iVz9imnyTxNwb0JaIOsOFCA04T0u6aCQi2acNvAPLviXk0q
-  xJ/CKjI4QUTZKVrBt8Q1Egrp2yzmEnSNftDuTbBb8m4vDR+w325CwbKCgycHJ1/g
-  YZ3FO76TzJuRVbsYS/bU5XKHVEpkeFmWBqEXsk4DuUIWLa6WZEJcoZf+YP+1pycG
-  7YqSbydpINtEdopD+EEI+g+zNJ4nSI8/eQcQyEjBAgMBAAGjgZQwgZEwCQYDVR0T
-  BAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFDWuVrg4ve0vLu71kqiGdyBnzJGV
-  MCsGA1UdEQQkMCKBIHJ1YnlnZW1zQGxpdmluZ2hpZ2hvbnRoZWJsb2cuY29tMCsG
-  A1UdEgQkMCKBIHJ1YnlnZW1zQGxpdmluZ2hpZ2hvbnRoZWJsb2cuY29tMA0GCSqG
-  SIb3DQEBBQUAA4IBAQDJIpHjbBPGiaY4wOHcXlltQ+BMmhWQNh+1fZtyajQd+7Ay
-  fv23mO7Mf25Q38gopQlpaODkfxq54Jt8FvQbr5RYRS4j+JEKb75NgrAtehd8USUd
-  CiJJGH+yvGNWug9IGZCGX91HIbTsLQ5IUUWQasC5jGP8nxXufUr9xgAJZZenewny
-  B2qKu8q1A/kj6cw62RCY7yBmUXxlcJBj8g+JKYAFbYYKUdQSzf50k9IiWLWunJM+
-  Y2GAoHKstmfIVhc4XHOPpmTd2o/C29O9oaRgjrkfQEhF/KvJ/PhoV5hvokzsCyI5
-  iUeXPfvrGD/itYIBCgk+fnzyQQ4QtE5hTQaWQ3o2
+  MIIEyjCCAzKgAwIBAgIBATANBgkqhkiG9w0BAQsFADBVMSIwIAYDVQQDDBlsb2Nh
+  bGV1bmtub3duODEwX3J1YnlnZW1zMRowGAYKCZImiZPyLGQBGRYKcHJvdG9ubWFp
+  bDETMBEGCgmSJomT8ixkARkWA2NvbTAeFw0yMjA3MDkwNTMxMjJaFw0yMzA3MDkw
+  NTMxMjJaMFUxIjAgBgNVBAMMGWxvY2FsZXVua25vd244MTBfcnVieWdlbXMxGjAY
+  BgoJkiaJk/IsZAEZFgpwcm90b25tYWlsMRMwEQYKCZImiZPyLGQBGRYDY29tMIIB
+  ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0otlhSPyU7jLLW1p786Mo/pV
+  5cJ1Ed8D/bJK78PqGFO2h0ZUefupxT5PRMokLYNNGRPopnAAxZ0zVxJ68aOyYCBW
+  Wk3/XFcXCrtk/OcFwLTltgeMjyqCBd/zRRx6CCjY4uOfH0E3n1gQ6Fbmewjg83XJ
+  nOs7Gu/hzj5+feEQ1Exmg6z1oCM/8BTIBtK+p++HvcDK3AhJ7x3fc6P9WS+22w6j
+  7jpi3p9YtoAjrXIzw3lsobiX+bEt+N+T47e8gOATVgapuZ/QmJzNU6LWepehs4V1
+  8J+FUaIMV7nAMKmpkbYL51uHEiGV+HDx1HUdOsCFx8zD4h49KRT2t6AcumJ5P1Cj
+  c7NX2xl85ShHDNNFkozuC2c5cwj6F20EVaVjGwv2OFq0S2tUw9EJXHTN9RpfRUmn
+  IHwS9M4gcJO7IzV39a1YL6+9hrabF4+JTSYDehq8oxTdcOPLYyvH54aJWVqCrnLO
+  KNa/p6hMmwxTWNS5Vz0uxuEGyE9E0tHbtjIs2XX5AgMBAAGjgaQwgaEwCQYDVR0T
+  BAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFAK3RicwO0f6+puFN6lRVMOKMJuu
+  MDMGA1UdEQQsMCqBKGxvY2FsZXVua25vd244MTArcnVieWdlbXNAcHJvdG9ubWFp
+  bC5jb20wMwYDVR0SBCwwKoEobG9jYWxldW5rbm93bjgxMCtydWJ5Z2Vtc0Bwcm90
+  b25tYWlsLmNvbTANBgkqhkiG9w0BAQsFAAOCAYEAQwV6pOp5gm8141pyXeQFI/5E
+  rZYO3MvdyZM8O3HMD51LDS8mtMURceaKZM6WTambe2RVX4A++0qUiEnn9K4Fexm/
+  SEGaC/Gp+Fg9D1SKfkdq9bgdIhOEUwiGqjczgzNC806AtWZ+awI940oydFYZlpo0
+  jMQihPPJEqF1U6JBDMZYV5tX/dJYSGRl9L3s1k2tjoN98q+beNaZQDn21Amml4eK
+  KEkMeTTJ2E4GVzR9eKEETLq2LygdUWWZ5NdWOYTxJMdg1GZp3b6X8hJrwfOiizqt
+  /ANlIEh11/pOnWa6WPUVpGIMpYdquvmJXnF2LX6zxkKK1hbrebt+vAEAGczgw1Ri
+  rkLM6y+BHQdkOTj3VG4MjIU8D4h1Z73Exzxds/VbVKMEz+8JrFjGJ/tYa0PZ8U5p
+  3yXL4G6eW3rdBW/OiLF7GgG2o26d02OMzf4+ubUVS5LQDOcd4vgNPLWzJSBt1YIh
+  TgBsED7Me5YdMVXxtTWYsF1VMzaL9hReD3UXGcxe
   -----END CERTIFICATE-----
-date: 2018-07-09 00:00:00.000000000 Z
+date: 2022-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: apiphobic-resource
@@ -39,14 +45,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: apple_core
   requirement: !ruby/object:Gem::Requirement
@@ -65,50 +71,44 @@ dependencies:
   name: erratum
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.1.1
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.1.1
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '7.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.7'
+        version: '3.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.7'
+        version: '3.11'
 - !ruby/object:Gem::Dependency
   name: rspeckled
   requirement: !ruby/object:Gem::Requirement
@@ -158,11 +158,18 @@ files:
 - lib/apiphobic/json_api/relationship.rb
 - lib/apiphobic/rails/api_controller_compatibility.rb
 - lib/apiphobic/rails/controller.rb
-homepage: ''
+homepage: https://github.com/thekompanee/apiphobic-authorization
 licenses:
 - MIT
 metadata:
   allowed_push_host: https://rubygems.org
+  bug_tracker_uri: https://github.com/thekompanee/apiphobic-authorization/issues
+  changelog_uri: https://github.com/thekompanee/apiphobic-authorization/blob/master/CHANGELOG.md
+  documentation_uri: https://github.com/thekompanee/apiphobic-authorization/tree/releases/v1.6.0
+  homepage_uri: https://github.com/thekompanee/apiphobic-authorization
+  source_code_uri: https://github.com/thekompanee/apiphobic-authorization
+  wiki_uri: https://github.com/thekompanee/apiphobic-authorization/wiki
+  rubygems_mfa_required: 'true'
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -178,8 +185,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.3.7
 signing_key: 
 specification_version: 4
 summary: Authorization for API Requests