bullet_train-roles 1.19.1 → 1.19.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 63ff5664f63f6c6566064499f8a6c5989e3850ad0241d497a42070208d2b86a7
-  data.tar.gz: 43a6873072604a0b3118e1b7f3836a65ef11453c7636c6410fcf110517193952
+  metadata.gz: c3807b5a8e65e935d90be15987889beb281b43544d77e5bbfbad48323fd32d7e
+  data.tar.gz: 3cd6a7055bca8202f83c2fab416ed9085bc3c95ee8c91f6448418d485c06d177
 SHA512:
-  metadata.gz: 1c707a63d95a06429585cf04ea4396deb3743c3649a554b5d57e01ef87adfa3c002b7df31d1b3692bb32f00311736eaa47b9c24a9751bedfee331f8fdd25cf43
-  data.tar.gz: c0cca956a8b224b9beec1452285f699b94565e5d2ab271b672952bfb9bfe03e160f3b77e8777eb48e83185a6b79d48d9deb317257f5e1435d9088608fd2dc1c0
+  metadata.gz: abef243bca9f77d8d6d0f53e7e05b33aa6df7754eba590a1f4a3183482190ed3818142c83b2f4f726aa41ab318d5506d3b5d3a0f36692b9616186e89b4bfe965
+  data.tar.gz: 7b2e615fbc15374a210b1f5725130f52371a59ccc126e7052d7ca939e1fc40dd088a2923f58820659e26de4895b882d258e9018f50d63df96034278f620fe586

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    bullet_train-roles (1.19.1)
+    bullet_train-roles (1.19.2)
       active_hash (>= 3.3.1)
       activesupport
       cancancan

data/README.md

@@ -165,6 +165,12 @@ To access the array of all roles available for a particular model, use the `assi
 <% end %>
 ```
 
+You may want to restrict the roles considered at runtime too. To do this you can use the `included_roles` keyword of `permit`:
+
+```ruby
+permit user, through: :memberships, parent: :team, included_roles: Membership.assignable_roles
+```
+
 ## Checking user permissions
 
 Generally the CanCanCan helper method (`account_load_and_authorize_resource`) at the top of each controller will handle checking user permissions and will only load resources appropriate for the current user.

data/lib/bullet_train/roles/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Roles
-  VERSION = "1.19.1"
+  VERSION = "1.19.2"
 end

data/lib/roles/permit.rb

@@ -2,15 +2,15 @@
 
 module Roles
   module Permit
-    def permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil)
+    def permit(user, through:, parent:, debug: false, intermediary: nil, rails_cache_key: nil, included_roles: [])
       # When changing permissions during development, you may also want to do this on each request:
       # User.update_all ability_cache: nil if Rails.env.development?
       permissions = if rails_cache_key
         Rails.cache.fetch(rails_cache_key) do
-          build_permissions(user, through, parent, intermediary)
+          build_permissions(user, through, parent, intermediary, included_roles)
         end
       else
-        build_permissions(user, through, parent, intermediary)
+        build_permissions(user, through, parent, intermediary, included_roles)
       end
 
       begin
@@ -47,10 +47,13 @@ module Roles
       end
     end
 
-    def build_permissions(user, through, parent, intermediary)
+    def build_permissions(user, through, parent, intermediary, included_roles)
       added_roles = Set.new
       permissions = []
-      user.send(through).map(&:roles).flatten.uniq.each do |role|
+      user_roles = user.send(through).map(&:roles).flatten.uniq
+      user_roles &= included_roles if included_roles.any?
+
+      user_roles.each do |role|
         unless added_roles.include?(role)
           permissions << {is_debug: true, info: "########### ROLE: #{role.key}"}
           permissions += add_abilities_for(role, user, through, parent, intermediary)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullet_train-roles
 version: !ruby/object:Gem::Version
-  version: 1.19.1
+  version: 1.19.2
 platform: ruby
 authors:
 - Prabin Poudel
 - Andrew Culver
 bindir: bin
 cert_chain: []
-date: 2025-03-19 00:00:00.000000000 Z
+date: 2025-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: byebug