authorizy 0.4.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: adf5a52d89eabb0dd6503d0f96fb44ae9d4268213a6da8b91fb758805db97371
-  data.tar.gz: 01bcedd187623c4364c38d0c4f53b5a12ee1877f4426df44b21cc3b7446f6b5d
+  metadata.gz: d473bd8a20f491dd718805097a7060d9c3b792657beb535441bdab3d2520e65f
+  data.tar.gz: 8dff226b40401c2acb2b09252022ecbf55c512c93180b61ef72c5d1ac0256692
 SHA512:
-  metadata.gz: 0623f322536c3a6de17848f3f6b3642d70041384e220d0417d028a045d59970c97dfa84e659dd6a95795fe30f2ed09bb7d6203cf0bc7b600fbea0e53ff63bec5
-  data.tar.gz: 4e4862f37eb92ef4c0eb247ecd0fa0abe0652d6d750b282bb20908fadaf3dbaf54738ed51167cfa5784e1d158a441d349c75f9a460981c800def31df30b1d002
+  metadata.gz: 26519151ed8c405d60f11958cb07768b17b2fc9cd0ecc0335473f1b9cee81ea46cff277f7be4fdf9afb1d071e18b26d10a5d66f5954fcf3bff0df9d6dca817a3
+  data.tar.gz: 2ad9b69333e08dd84b0f3124619877af35bf7966c63776d2920ff9b42d4deaee493b515b49714fc8d928884dda2a51ff3f0abb871ede0fdc258a5258a1cd947f

data/CHANGELOG.md

@@ -1,3 +1,16 @@
+# v0.6.0
+
+## Updates
+
+- Set `activesupport` as production dependency
+- Update gemspec to not include specs into the gem
+
+# v0.5.0
+
+## Fixes
+
+- The `authorizy?` helper now accepts custom parameters;
+
 # v0.4.1
 
 ## Fixes

data/README.md

@@ -1,10 +1,10 @@
 # Authorizy
 
-[![CI](https://github.com/wbotelhos/authorizy/workflows/CI/badge.svg)](https://github.com/wbotelhos/authorizy/actions)
+[![Tests](https://github.com/wbotelhos/authorizy/workflows/Tests/badge.svg)](https://github.com/wbotelhos/authorizy/actions?query=workflow:Tests)
 [![Gem Version](https://badge.fury.io/rb/authorizy.svg)](https://badge.fury.io/rb/authorizy)
-[![Maintainability](https://api.codeclimate.com/v1/badges/f312587b4f126bb13e85/maintainability)](https://codeclimate.com/github/wbotelhos/authorizy/maintainability)
+[![Maintainability](https://api.codeclimate.com/v1/badges/22ac7790d35a7c24410e/maintainability)](https://codeclimate.com/github/wbotelhos/authorizy/maintainability)
 [![Coverage](https://codecov.io/gh/wbotelhos/authorizy/branch/main/graph/badge.svg)](https://codecov.io/gh/wbotelhos/authorizy)
-[![Sponsor](https://img.shields.io/badge/sponsor-%3C3-green)](https://www.patreon.com/wbotelhos)
+[![Sponsor](https://img.shields.io/badge/sponsor-%3C3-green)](https://github.com/sponsors/wbotelhos)
 
 A JSON based Authorization.
 
@@ -22,7 +22,7 @@ Run the following task to create Authorizy migration and initialize.
 rails g authorizy:install
 ```
 
-Then execute the migration to adds the column `authorizy` to your `users` table.
+Then execute the migration to add the column `authorizy` to your `users` table.
 
 ```sh
 rake db:migrate
@@ -208,15 +208,29 @@ Using on view:
 <% end %>
 ```
 
+Usually, we use the helper to check DB permission, not the runtime permission using the Cop file, although you can do it. Just remember that the parameters will be related to the current page, not the action you're protecting.
+
 Using on jBuilder view:
 
 ```ruby
-json.create_link new_users_url if authorizy?(:users, :create)
+if authorizy?(:users, :create)
+  link_to('Create', new_users_url)
+end
+```
+
+But if you want to simulate the access on that resource you can manually provide the same parameters dispatched when you normally access that resource:
+
+```ruby
+if authorizy?(:users, :create, params: { role: 'admin' })
+  link_to('Create', new_users_url(role: 'admin'))
+end
 ```
 
+Now you're providing the same parameters used in runtime when the user accesses the link, so now, we can check the "future" access and prevent or allow it before happens.
+
 # Specs
 
-To test some routes you'll need to give or not permission to the user, for that you have to ways, where the first is give permission to the user via session:
+To test some routes you'll need to give or not permission to the user, for that you have two ways, where the first is the user via session:
 
 ```ruby
 before do
@@ -238,7 +252,7 @@ end
 
 ## Checks
 
-We have a couple of check, here is the order:
+We have a couple of checks, here is the order:
 
 1. `Authorizy::BaseCop#access?`;
 2. `session[:permissions]`;
@@ -247,15 +261,15 @@ We have a couple of check, here is the order:
 
 ## Performance
 
-If you have few permissions, you can save the permissions in the session and avoid hit database many times, but if you have a couple of them, maybe it's a good idea save it in some place like [Redis](https://redis.io).
+If you have few permissions, you can save the permissions in the session and avoid hitting the database many times, but if you have a couple of them, maybe it's a good idea to save them in some place like [Redis](https://redis.io).
 
 ## Management
 
-It's a good idea you keep your permissions in the database, so the customer can change it dynamic. You can load all permissions when the user is logged and cache it later. For cache expiration, you can trigger a refresh everytime that the permissions change.
+It's a good idea you keep your permissions in the database, so the customer can change it dynamically. You can load all permissions when the user is logged in and cache it later. For cache expiration, you can trigger a refresh every time that the permissions change.
 
 ## Database Structure
 
-Inside database you can use the following relation to dynamicly change your permissions:
+Inside the database, you can use the following relation to dynamically change your permissions:
 
 ```ruby
 plans -> plans_permissions <- permissions
@@ -269,7 +283,7 @@ plans -> plans_permissions <- permissions
 
 ## RSpec
 
-You can test you app passing through all authorizy layers:
+You can test your app by passing through all Authorizy layers:
 
 ```ruby
 user = User.create!(permission: { permissions: [[:users, :create]] })

data/lib/authorizy/config.rb

@@ -14,7 +14,7 @@ module Authorizy
 
         return context.render(json: { message: info }, status: 403) if context.request.xhr?
 
-        context.redirect_to(redirect_url.call(context), info: info)
+        context.redirect_to(redirect_url.call(context), info:)
       }
 
       @dependencies = {}

data/lib/authorizy/core.rb

@@ -2,7 +2,7 @@
 
 module Authorizy
   class Core
-    def initialize(user, params, session, cop:)
+    def initialize(user, params, session, cop: nil)
       @cop     = cop
       @params  = params
       @session = session
@@ -12,13 +12,13 @@ module Authorizy
     def access?
       return false if @user.blank?
 
-      return true if @cop.access? ||
-                     session_permissions.any? { |tuple| route_match?(tuple) } ||
-                     user_permissions.any? { |tuple| route_match?(tuple) }
+      return true if @cop&.access?
+      return true if session_permissions.any? { |tuple| route_match?(tuple) }
+      return true if user_permissions.any? { |tuple| route_match?(tuple) }
 
-      return @cop.public_send(cop_controller) == true if @cop.respond_to?(cop_controller)
+      return false unless @cop.respond_to?(cop_controller)
 
-      false
+      @cop.public_send(cop_controller) == true
     end
 
     private

data/lib/authorizy/expander.rb

@@ -19,7 +19,7 @@ module Authorizy
           end
         end
 
-        actions = [default_aliases[action]].flatten.compact
+        actions = [aliases[action]].flatten.compact
 
         next if actions.blank?
 
@@ -34,7 +34,12 @@ module Authorizy
     private
 
     def aliases
-      Authorizy.config.aliases.stringify_keys
+      default = {
+        'create' => 'new',
+        'update' => 'edit',
+      }
+
+      default.merge(Authorizy.config.aliases.stringify_keys)
     end
 
     def controller_dependency(controller, action)
@@ -44,15 +49,6 @@ module Authorizy
       permissions.map { |c, a| [c.to_s, a.to_s] }
     end
 
-    def default_aliases
-      {
-        'create' => 'new',
-        'edit'   => 'update',
-        'new'    => 'create',
-        'update' => 'edit',
-      }.merge(aliases)
-    end
-
     def dependencies
       Authorizy.config.dependencies.deep_stringify_keys
     end

data/lib/authorizy/extension.rb

@@ -13,21 +13,24 @@ module Authorizy
         Authorizy.config.denied.call(self)
       end
 
-      def authorizy?(controller, action)
+      def authorizy?(controller, action, custom_params: {})
         params['controller'] = controller
         params['action'] = action
 
-        Authorizy::Core.new(authorizy_user, params, session, cop: authorizy_cop).access?
+        parameters = params.merge(custom_params)
+        cop = authorizy_cop(parameters)
+
+        Authorizy::Core.new(authorizy_user, parameters, session, cop:).access?
       end
 
       private
 
-      def authorizy_user
-        Authorizy.config.current_user.call(self)
+      def authorizy_cop(parameters = params)
+        Authorizy.config.cop.new(authorizy_user, parameters, session)
       end
 
-      def authorizy_cop
-        Authorizy.config.cop.new(authorizy_user, params, session)
+      def authorizy_user
+        Authorizy.config.current_user.call(self)
       end
     end
   end

data/lib/authorizy/rspec.rb

@@ -4,13 +4,13 @@ require 'rspec/expectations'
 
 RSpec::Matchers.define :be_authorized do |controller, action, params: {}, session: {}|
   match do |user|
-    parameters = params.merge(controller: controller, action: action)
+    parameters = params.merge(controller:, action:)
 
     access?(user, parameters, session)
   end
 
   match_when_negated do |user|
-    parameters = params.merge(controller: controller, action: action)
+    parameters = params.merge(controller:, action:)
 
     !access?(user, parameters, session)
   end
@@ -28,7 +28,7 @@ RSpec::Matchers.define :be_authorized do |controller, action, params: {}, sessio
   def access?(user, params, session)
     cop = Authorizy.config.cop.new(user, params, session)
 
-    Authorizy::Core.new(user, params, session, cop: cop).access?
+    Authorizy::Core.new(user, params, session, cop:).access?
   end
 
   def maybe_params_or_session(message, params, session)

data/lib/authorizy/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Authorizy
-  VERSION = '0.4.1'
+  VERSION = '0.6.0'
 end

metadata

@@ -1,135 +1,22 @@
 --- !ruby/object:Gem::Specification
 name: authorizy
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Washington Botelho
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-12 00:00:00.000000000 Z
+date: 2025-04-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: activerecord
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: codecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry-byebug
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop-performance
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop-rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -159,42 +46,11 @@ files:
 - lib/generators/authorizy/install_generator.rb
 - lib/generators/authorizy/templates/config/initializers/authorizy.rb
 - lib/generators/authorizy/templates/db/migrate/add_authorizy_on_users.rb
-- spec/authorizy/base_cop/access_question_spec.rb
-- spec/authorizy/config/aliases_spec.rb
-- spec/authorizy/config/cop_spec.rb
-- spec/authorizy/config/current_user_spec.rb
-- spec/authorizy/config/denied_spec.rb
-- spec/authorizy/config/dependencies_spec.rb
-- spec/authorizy/config/field_spec.rb
-- spec/authorizy/config/initialize_spec.rb
-- spec/authorizy/config/redirect_url_spec.rb
-- spec/authorizy/cop/controller_spec.rb
-- spec/authorizy/cop/model_spec.rb
-- spec/authorizy/cop/namespaced_controller_spec.rb
-- spec/authorizy/core/access_spec.rb
-- spec/authorizy/expander/expand_spec.rb
-- spec/authorizy/extension/authorizy_question_spec.rb
-- spec/authorizy/extension/authorizy_spec.rb
-- spec/authorizy/rspec_spec.rb
-- spec/common_helper.rb
-- spec/spec_helper.rb
-- spec/support/application.rb
-- spec/support/common.rb
-- spec/support/controllers/admin/dummy_controller.rb
-- spec/support/controllers/dummy_controller.rb
-- spec/support/coverage.rb
-- spec/support/i18n.rb
-- spec/support/locales/en.yml
-- spec/support/models/authorizy_cop.rb
-- spec/support/models/empty_cop.rb
-- spec/support/models/user.rb
-- spec/support/routes.rb
-- spec/support/schema.rb
 homepage: https://github.com/wbotelhos/authorizy
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
@@ -209,39 +65,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.22
-signing_key:
+rubygems_version: 3.6.6
 specification_version: 4
 summary: A JSON based Authorization.
-test_files:
-- spec/authorizy/base_cop/access_question_spec.rb
-- spec/authorizy/config/aliases_spec.rb
-- spec/authorizy/config/cop_spec.rb
-- spec/authorizy/config/current_user_spec.rb
-- spec/authorizy/config/denied_spec.rb
-- spec/authorizy/config/dependencies_spec.rb
-- spec/authorizy/config/field_spec.rb
-- spec/authorizy/config/initialize_spec.rb
-- spec/authorizy/config/redirect_url_spec.rb
-- spec/authorizy/cop/controller_spec.rb
-- spec/authorizy/cop/model_spec.rb
-- spec/authorizy/cop/namespaced_controller_spec.rb
-- spec/authorizy/core/access_spec.rb
-- spec/authorizy/expander/expand_spec.rb
-- spec/authorizy/extension/authorizy_question_spec.rb
-- spec/authorizy/extension/authorizy_spec.rb
-- spec/authorizy/rspec_spec.rb
-- spec/common_helper.rb
-- spec/spec_helper.rb
-- spec/support/application.rb
-- spec/support/common.rb
-- spec/support/controllers/admin/dummy_controller.rb
-- spec/support/controllers/dummy_controller.rb
-- spec/support/coverage.rb
-- spec/support/i18n.rb
-- spec/support/locales/en.yml
-- spec/support/models/authorizy_cop.rb
-- spec/support/models/empty_cop.rb
-- spec/support/models/user.rb
-- spec/support/routes.rb
-- spec/support/schema.rb
+test_files: []

data/spec/authorizy/base_cop/access_question_spec.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::BaseCop, '#access?' do
-  let!(:params) { { 'controller' => 'controller', 'action' => 'action' } }
-  let(:cop) { described_class.new('current_user', params, 'session') }
-
-  it 'returns false as default' do
-    expect(cop.access?).to be(false)
-  end
-end

data/spec/authorizy/config/aliases_spec.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#aliases' do
-  let!(:config) { described_class.new }
-
-  it 'has default value and can receive a new one' do
-    expect(config.aliases).to eq({})
-
-    config.aliases = 'value'
-
-    expect(config.aliases).to eq('value')
-  end
-end

data/spec/authorizy/config/cop_spec.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#cop' do
-  let!(:config) { described_class.new }
-
-  it 'has default value and can receive a new one' do
-    expect(config.cop).to eq(Authorizy::BaseCop)
-
-    config.cop = 'value'
-
-    expect(config.cop).to eq('value')
-  end
-end

data/spec/authorizy/config/current_user_spec.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#current_user' do
-  let!(:config) { described_class.new }
-
-  context 'when uses default value' do
-    context 'when context responds to current_user' do
-      let!(:context) { OpenStruct.new(current_user: 'user') }
-
-      it 'is called' do
-        expect(config.current_user.call(context)).to eq('user')
-      end
-    end
-
-    context 'when context does not respond to current_user' do
-      let!(:context) { 'context' }
-
-      it { expect(config.current_user.call(context)).to be(nil) }
-    end
-  end
-
-  context 'when uses custom value' do
-    it 'executes what you want' do
-      config.current_user = ->(context) { context[:value] }
-
-      expect(config.current_user.call({ value: 'value' })).to eq('value')
-    end
-  end
-end

data/spec/authorizy/config/denied_spec.rb

@@ -1,51 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#denied' do
-  let!(:config) { described_class.new }
-
-  context 'with default denied callback' do
-    context 'when is a xhr request' do
-      let!(:context) do
-        double('context',
-          params: { controller: 'users', action: 'index' },
-          request: OpenStruct.new(xhr?: true)
-        )
-      end
-
-      it 'renders' do
-        allow(context).to receive(:render)
-
-        config.denied.call(context)
-
-        expect(context).to have_received(:render).with(json: { message: 'Action denied for users#index' }, status: 403)
-      end
-    end
-
-    context 'when is not a xhr request' do
-      let!(:context) do
-        double('context',
-          params: { controller: 'users', action: 'index' },
-          request: OpenStruct.new(xhr?: false),
-          root_url: 'root_url'
-        )
-      end
-
-      it 'redirects' do
-        allow(context).to receive(:redirect_to)
-        allow(context).to receive(:respond_to?).with(:root_url).and_return(true)
-
-        config.denied.call(context)
-
-        expect(context).to have_received(:redirect_to).with('root_url', info: 'Action denied for users#index')
-      end
-    end
-  end
-
-  context 'with custom denied callback' do
-    it 'calls the callback' do
-      config.denied = ->(context) { context[:key] }
-
-      expect(config.denied.call(key: :value)).to eq(:value)
-    end
-  end
-end

data/spec/authorizy/config/dependencies_spec.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#dependencies' do
-  let!(:config) { described_class.new }
-
-  it 'has default value and can receive a new one' do
-    expect(config.dependencies).to eq({})
-
-    config.dependencies = 'value'
-
-    expect(config.dependencies).to eq('value')
-  end
-end

data/spec/authorizy/config/field_spec.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config, '#field' do
-  let!(:config) { described_class.new }
-
-  context 'when uses default value' do
-    context 'when current_user responds to authorizy' do
-      let!(:current_user) { OpenStruct.new(authorizy: { permissions: [%i[users index]] }) }
-
-      it 'is called' do
-        expect(config.field.call(current_user)).to eq(permissions: [%i[users index]])
-      end
-    end
-
-    context 'when current_user does not respond to field' do
-      let!(:current_user) { nil }
-
-      it { expect(config.field.call(current_user)).to eq({}) }
-    end
-  end
-
-  context 'when uses custom value' do
-    it 'executes what you want' do
-      config.field = ->(current_user) { current_user[:value] }
-
-      expect(config.field.call({ value: 'value' })).to eq('value')
-    end
-  end
-end

data/spec/authorizy/config/initialize_spec.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.describe Authorizy::Config do
-  it 'starts with a default cop' do
-    expect(described_class.new.cop).to eq(Authorizy::BaseCop)
-  end
-end