aptible-auth 1.4.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a41b77f6708abdde557d4763215fd5f6e18460716a25c94c29fdd15564588dc3
-  data.tar.gz: a74283bb27a4a0ac4b952b2c0dd7065f0e7b35640d6354af73ab01910101f4de
+  metadata.gz: 7fa3270646948b32ac4d6f467b2441757c28af525f0c2c1bf465c0a7ceda6cf4
+  data.tar.gz: d4869199daef0e8763be2bda7c4dd60bc59a35bb90664cade8ec81141df8551c
 SHA512:
-  metadata.gz: 9597770fc7f1a203eb2efbb0326a58e495912cc3fde1835737cb6d9850395ab1a0d341ccea701db3502137aef32cfdd6199ada643908048148690224f55d0614
-  data.tar.gz: 05e43ea50940aa25ba554db3b0eb78469d52c27e96ad9af0db46b6efb9803dc39e0fe916dbd3c0c608babc606dff23f4cd7804c436d87cedc6cdd8997a4aa2ae
+  metadata.gz: 53f90bf3f134007f0003edadb8a1bc254811c6e3ca76d473dde1a0447b03dc4e75176e6550c455d7bce55567a0bfc81789a2f22237faf3a6d85b931bba879370
+  data.tar.gz: 7b673c460863f56d6b9319314ccc291fade0fd3d678bb64f2de5716de86e6585541988f2078616774e661c8435d096df689d90e85aa8370ef214e3df34d61767

data/.github/workflows/release.yml

@@ -0,0 +1,26 @@
+on:
+  release:
+    types: [published]
+
+jobs:
+  push:
+    name: Push gem to RubyGems.org
+    runs-on: ubuntu-latest
+
+    permissions: 
+        id-token: write
+        contents: write
+
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        with:
+          persist-credentials: false
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@211ffaaa5f8dda97e9e8bca4e70d0fbaf2f8c41c
+        with:
+          bundler-cache: false
+          ruby-version: "3.3"
+
+      - run: bundle install
+
+      - uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b

data/Makefile

@@ -2,12 +2,18 @@
 export COMPOSE_IGNORE_ORPHANS ?= true
 export RUBY_VERSION ?= 2.3.1
 RUBY_VERSION_MAJOR = $(word 1,$(subst ., ,$(RUBY_VERSION)))
+RUBY_VERSION_MINOR = $(word 2,$(subst ., ,$(RUBY_VERSION)))
 export BUNDLER_VERSION ?=
 ifeq ($(BUNDLER_VERSION),)
 ifeq ($(RUBY_VERSION_MAJOR),2)
+# Use old bundler for Ruby 2.3-2.6; Ruby 2.7 needs bundler 2.x to avoid resolver bugs
+ifeq ($(RUBY_VERSION_MINOR),7)
+export BUNDLER_VERSION = 2.4.22
+else
 export BUNDLER_VERSION = 1.17.3
 endif
 endif
+endif
 PROJECT_NAME = $(shell ls *.gemspec | sed 's/\.gemspec//')
 export COMPOSE_PROJECT_NAME ?= $(PROJECT_NAME)-$(subst .,_,$(RUBY_VERSION))
 

data/aptible-auth.gemspec

@@ -26,6 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'oauth2', '2.0.9'
 
   spec.add_development_dependency 'aptible-tasks', '>= 0.6.0'
+  spec.add_development_dependency 'httplog'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec', '~> 3.0'

data/lib/aptible/auth/token.rb

@@ -40,6 +40,11 @@ module Aptible
                                                        cause: e)
       end
 
+      def self.current_token(token:)
+        url = "#{Aptible::Auth.configuration.root_url}/current_token"
+        find_by_url(url, token: token)
+      end
+
       def authenticate_user(email, password, options = {})
         options[:scope] ||= 'manage'
         oauth_token = oauth.password.get_token(email, password, options)

data/lib/aptible/auth/user.rb

@@ -24,6 +24,21 @@ module Aptible
         # TODO: Implement query params for /operations
         []
       end
+
+      # Returns roles with their organizations pre-loaded to avoid N+1 API calls
+      # when iterating through roles and accessing role.organization.
+      # Makes 2 backend requests: one for orgs, one for roles.
+      def roles_with_organizations
+        orgs_by_href = Organization.all(token: token, headers: headers)
+                                   .index_by(&:href)
+
+        roles.tap do |all_roles|
+          all_roles.each do |role|
+            org = orgs_by_href[role.links[:organization].href]
+            role.instance_variable_set(:@organization, org)
+          end
+        end
+      end
     end
   end
 end

data/lib/aptible/auth/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module Auth
-    VERSION = '1.4.0'.freeze
+    VERSION = '1.5.0'.freeze
   end
 end

data/spec/aptible/auth/token_spec.rb

@@ -229,4 +229,33 @@ describe Aptible::Auth::Token do
       expect(subject.send(:oauth)).to be(c)
     end
   end
+
+  describe '.current_token' do
+    let(:token_response) { double 'token_response' }
+    let(:access_token) { 'my_access_token' }
+    let(:root_url) { 'https://auth.example.com' }
+
+    before do
+      Aptible::Auth.configuration.root_url = root_url
+    end
+
+    it 'should fetch from /current_token endpoint with the provided token' do
+      expect(described_class).to receive(:find_by_url)
+        .with("#{root_url}/current_token", token: access_token)
+        .and_return(token_response)
+
+      expect(described_class.current_token(token: access_token)).to eq(token_response)
+    end
+
+    it 'should use configured root_url' do
+      custom_url = 'https://custom-auth.aptible.com'
+      Aptible::Auth.configuration.root_url = custom_url
+
+      expect(described_class).to receive(:find_by_url)
+        .with("#{custom_url}/current_token", token: access_token)
+        .and_return(token_response)
+
+      described_class.current_token(token: access_token)
+    end
+  end
 end

data/spec/aptible/auth/user_spec.rb

@@ -30,4 +30,95 @@ describe Aptible::Auth::User do
       expect(subject.organizations.count).to eq 1
     end
   end
+
+  describe '#roles_with_organizations' do
+    let(:token) { 'some-token' }
+    let(:headers) { { 'Authorization' => 'Bearer some-token' } }
+
+    let(:org1) do
+      double('Aptible::Auth::Organization', href: '/organizations/1', id: 1)
+    end
+    let(:org2) do
+      double('Aptible::Auth::Organization', href: '/organizations/2', id: 2)
+    end
+
+    let(:org1_link) do
+      double('Aptible::Auth::Organization::Link', href: '/organizations/1')
+    end
+    let(:org2_link) do
+      double('Aptible::Auth::Organization::Link', href: '/organizations/2')
+    end
+
+    let(:role1_links) { double('Role1::Links') }
+    let(:role2_links) { double('Role2::Links') }
+    let(:role3_links) { double('Role3::Links') }
+
+    let(:role1) { Aptible::Auth::Role.new }
+    let(:role2) { Aptible::Auth::Role.new }
+    let(:role3) { Aptible::Auth::Role.new }
+
+    before do
+      subject.stub(:token) { token }
+      subject.stub(:headers) { headers }
+
+      role1_links.stub(:[]).with(:organization) { org1_link }
+      role2_links.stub(:[]).with(:organization) { org2_link }
+      role3_links.stub(:[]).with(:organization) { org1_link }
+
+      role1.stub(:links) { role1_links }
+      role2.stub(:links) { role2_links }
+      role3.stub(:links) { role3_links }
+    end
+
+    it 'returns the roles' do
+      allow(Aptible::Auth::Organization).to receive(:all).and_return([org1])
+      subject.stub(:roles) { [role1] }
+
+      expect(subject.roles_with_organizations).to eq [role1]
+    end
+
+    it 'pre-populates @organization on each role' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([org1, org2])
+      subject.stub(:roles) { [role1, role2] }
+
+      subject.roles_with_organizations
+
+      expect(role1.instance_variable_get(:@organization)).to eq org1
+      expect(role2.instance_variable_get(:@organization)).to eq org2
+    end
+
+    it 'maps multiple roles to the same organization' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([org1, org2])
+      subject.stub(:roles) { [role1, role2, role3] }
+
+      subject.roles_with_organizations
+
+      expect(role1.instance_variable_get(:@organization)).to eq org1
+      expect(role2.instance_variable_get(:@organization)).to eq org2
+      expect(role3.instance_variable_get(:@organization)).to eq org1
+    end
+
+    it 'returns empty array when user has no roles' do
+      allow(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .and_return([])
+      subject.stub(:roles) { [] }
+
+      expect(subject.roles_with_organizations).to eq []
+    end
+
+    it 'makes exactly one call to Organization.all' do
+      expect(Aptible::Auth::Organization).to receive(:all)
+        .with(token: token, headers: headers)
+        .once
+        .and_return([org1])
+      subject.stub(:roles) { [role1] }
+
+      subject.roles_with_organizations
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aptible-auth
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Frank Macreery
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-12-17 00:00:00.000000000 Z
+date: 2025-12-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aptible-resource
@@ -80,6 +80,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.6.0
+- !ruby/object:Gem::Dependency
+  name: httplog
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -159,6 +173,7 @@ extra_rdoc_files: []
 files:
 - ".github/CODEOWNERS"
 - ".github/workflows/ci.yml"
+- ".github/workflows/release.yml"
 - ".gitignore"
 - ".rspec"
 - Dockerfile