caber 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 71093a528267100a6e810a9906de6dc3bde29357d54f9b4557926c0d9ce5852b
-  data.tar.gz: cdcfda7d716bc8e5f9fd307d803ce8eba968477e724a872e03f8e088c02da0a5
+  metadata.gz: f6bda935480f7b69fe515d693078cec12122b527fee405b593f83bda85dc6ba8
+  data.tar.gz: afde1293ded688ea93031794a4197465e9d799aa17c6ac8c8b0dca7897135e60
 SHA512:
-  metadata.gz: 47d31508f48f5390523980e2507e6654412f4eca34e5af152cbb704fb4b7b72a35020189edf1afe41e04db3f88cd080f69f815a0546578e1719734c88a147b06
-  data.tar.gz: 2b48730f693d2ca3425ae70d2df0f950dfaa6dc24a353cbcba06bd08696772ed3cf3c668b2cce7c28e2b99d536ef87ac79ba76adb342fc03e4d6bccd164f4f73
+  metadata.gz: fb3c8cbb9113114a4bb9d96686c839007b4809c445ead3a583d1f966a5ddb0aa1e824a612a49f31d517dcf167a56509327150182671b0d76ecee632a139c541e
+  data.tar.gz: 0dfa0445dbcfb9f78cf410b048b222809c6899ee31efe8ad12257468c1aac991ff552087913288638094e6f078bc853bf48db65ec551673dd99a76aa413e1e65

data/README.md

@@ -1,6 +1,11 @@
 # Caber
 
-A simple ReBAC / Zanzibar gem for Rails apps.
+![Gem Downloads (for latest version)](https://img.shields.io/gem/dtv/caber)
+![Libraries.io dependency status for latest release](https://img.shields.io/librariesio/release/rubygems/caber)
+![Dependent repos (via libraries.io)](https://img.shields.io/librariesio/dependent-repos/rubygems/caber)
+
+
+A simple [ReBAC](https://en.wikipedia.org/wiki/Relationship-based_access_control) / [Zanzibar](https://research.google/pubs/zanzibar-googles-consistent-global-authorization-system/) backend plugin for Rails apps. Allows you to easily specify permission relationships between pairs of objects, e.g. granting edit permission on a document to a specific user, like in Google Docs.
 
 ## Installation
 
@@ -123,6 +128,49 @@ Document.granted_to "viewer", user
 # => All the documents that user has "viewer" permission on
 ```
 
+## Usage with other gems
+
+### Pundit
+
+Caber makes for nice clear [Pundit](https://github.com/varvet/pundit) policies:
+
+```
+class DocumentPolicy < ApplicationPolicy
+  class Scope < ApplicationPolicy::Scope
+    def resolve
+      scope.granted_to(["viewer", "editor", "owner"], user)
+    end
+  end
+
+  def update?
+    record.grants_permission_to? ["editor", "owner"], user
+  end
+end
+```
+
+### Rolify
+
+Caber doesn't include groups specifically, but you can integrate it easily with a role management gem like [Rolify](https://github.com/RolifyCommunity/rolify) pretty easily. Make your Role class a subject, and you can grant permissions to roles:
+
+```
+class Document < ApplicationRecord
+  include Caber::Object
+  can_grant_permissions_to Role
+end
+
+class Role < ApplicationRecord
+  include Caber::Subject
+  can_have_permissions_on Document
+
+  scopify
+end
+
+document.grant_permission_to "editor", Role.find_by(name: "editor")
+
+User.with_role(document.permitted_roles.with_permission("editor"))
+# => all users with a role that can edit the document
+```
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests.
@@ -131,11 +179,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/manyfold3d/caber. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
-
-## Code of Conduct
-
-Everyone interacting in the Caber project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/manyfold3d/caber/blob/master/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/manyfold3d/caber. This project is intended to be a safe, welcoming space for collaboration; everyone interacting in the Caber project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/manyfold3d/caber/blob/master/CODE_OF_CONDUCT.md).
 
 ## Acknowledgements
 

data/app/models/concerns/caber/object.rb

@@ -11,15 +11,16 @@ module Caber::Object
 
     scope :granted_to, ->(permission, subject) {
                          includes(:caber_relations).where(
-                           "caber_relations.subject_id": subject.id,
-                           "caber_relations.subject_type": subject.class.name,
+                           "caber_relations.subject": subject,
                            "caber_relations.permission": permission
                          )
                        }
   end
 
   def grant_permission_to(permission, subject)
-    Caber::Relation.create!(subject: subject, permission: permission, object: self)
+    rel = Caber::Relation.find_or_initialize_by(subject: subject, object: self)
+    rel.permission = permission
+    rel.save!
   end
 
   def grants_permission_to?(permission, subject)

data/lib/caber/version.rb

@@ -1,3 +1,3 @@
 module Caber
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/lib/generators/caber/templates/install/migrations/01_create_caber_relations.rb.erb

@@ -6,6 +6,7 @@ class CreateCaberRelations < ActiveRecord::Migration<%= migration_version %>
       t.references :object, polymorphic: true, null: false
 
       t.timestamps
+      t.index [:subject_id, :subject_type, :object_id, :object_type], unique: true
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: caber
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - James Smith
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-29 00:00:00.000000000 Z
+date: 2024-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails