checkpoint 1.1.2 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bf2a734d88636479dc383bd75b0766440d7446aa969867ec6917893f2452963a
-  data.tar.gz: 1fa12e10adc19d5cef6a57a56e4e0476a85f4d07f00345e33b69b574597d0455
+  metadata.gz: d6e1f38df526120f3c876818d47b8ca2474cdda3cf01bb369ed85e785231a064
+  data.tar.gz: b1dc9721eb030b185f599bef7f406e2f06f122e2cda507b4c3b8ba2119b530bc
 SHA512:
-  metadata.gz: b8f372415ce564a3ee70f5540208a0898b120c24780303ae6a0b3cf715c81bd7f3bfa7d74b6b505d783e86641c76d36d6d4ea4b3523792f4e2ba259cd3732cac
-  data.tar.gz: 2d9bd9bb04764d28e0bd202285651ef7656dce7d669722a82b82f1fea8651a0b92705ebbc6e8eca9e9f09356633146c8ea452d7604770a993aa68a6f836ea2d0
+  metadata.gz: d15bfc9d3e20a6bdaa5d58eb4c3670f0be7cb8501f62da37441d6a8f6d5afddb03a7961d4f596aaad46ee694e67c858fb7e12aaaba22811dc40e05f7b8fdc220
+  data.tar.gz: cd2f5a448180b3c22ef86d3190bd02b336805d489b35198629fe1b3fa0ee2923acb4743e67295cd42a3b1a1eed10c4811cbecd679bdc917c5af24997b7b4db20

data/.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "daily"

data/.github/workflows/test.yml

@@ -0,0 +1,32 @@
+name: Tests
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: [ ubuntu-latest ]
+        ruby-version: [3.2, 3.3, 3.4, 4.0]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v6
+    - name: Set up Ruby ${{ matrix.ruby-version }}
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true
+    - name: Run linter for Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }}
+      run: bin/standardrb
+    - name: Run tests for Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }}
+      run: bin/rspec
+    - name: Report to Coveralls
+      uses: coverallsapp/github-action@v2
+      with:
+        github-token: ${{ secrets.github_token }}

data/.standard.yml

@@ -0,0 +1 @@
+ruby_version: 3.0.0

data/CHANGELOG.md

@@ -0,0 +1,10 @@
+# Change Log
+
+## v1.2.0 - 2026-01-26
+
+### Changes
+
+In v1.2.0, there is a large jump in Ruby version support and requirements.
+The `sqlite3` gem is upgraded to 2.9, and the minimum Ruby version is **3.2**.
+The `sequel` gem is upgraded many versions to `5.100.0` However, there are no
+API changes to Checkpoint.

data/README.md

@@ -1,5 +1,6 @@
-[![Build Status](https://travis-ci.org/mlibrary/checkpoint.svg?branch=master)](https://travis-ci.org/mlibrary/checkpoint?branch=master)
-[![Coverage Status](https://coveralls.io/repos/github/mlibrary/checkpoint/badge.svg?branch=master)](https://coveralls.io/github/mlibrary/checkpoint?branch=master)
+[![Tests](https://github.com/mlibrary/checkpoint/actions/workflows/test.yml/badge.svg)](https://github.com/mlibrary/checkpoint/actions/workflows/test.yml)
+[![Coverage Status](https://coveralls.io/repos/github/mlibrary/checkpoint/badge.svg?branch=main)](https://coveralls.io/github/mlibrary/checkpoint?branch=main)
+[![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/testdouble/standard)
 [![User Docs](https://img.shields.io/badge/user_docs-readthedocs-blue.svg)](https://checkpoint.readthedocs.io/en/latest)
 [![API Docs](https://img.shields.io/badge/API_docs-rubydoc.info-blue.svg)](https://www.rubydoc.info/gems/checkpoint)
 
@@ -20,6 +21,20 @@ And then execute:
 
     $ bundle
 
+## Compatibility
+
+Checkpoint is intended to be compatible with all community-supported Ruby branches (i.e., minor versions), currently:
+
+ - 3.2
+ - 3.3
+ - 3.4
+ - 4.0
+
+We prefer the newest syntax and linting rules that preserve compatibility with the oldest branch in normal maintenance.
+When the security maintenance for a branch expires, Checkpoint's compatibility should be considered unsupported.
+
+See also, [Ruby's branch maintenance policy](https://www.ruby-lang.org/en/downloads/branches/).
+
 ## Documentation
 
 User documentation source is available in the `docs` directory and in rendered format

data/Rakefile

@@ -5,7 +5,7 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-load 'lib/tasks/migrate.rake'
+load "lib/tasks/migrate.rake"
 
 task default: :spec
 

data/bin/standardrb

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'standardrb' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("standard", "standardrb")

data/checkpoint.gemspec

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('lib', __dir__)
+lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "checkpoint/version"
 
 Gem::Specification.new do |spec|
-  spec.name    = "checkpoint"
+  spec.name = "checkpoint"
   spec.version = Checkpoint::VERSION
-  spec.authors = ["Noah Botimer"]
-  spec.email   = ["botimer@umich.edu"]
+  spec.authors = ["Noah Botimer", "Aaron Elkiss"]
+  spec.email = ["botimer@umich.edu", "aelkiss@umich.edu"]
   spec.license = "BSD-3-Clause"
 
   spec.summary = <<~SUMMARY
@@ -21,22 +21,25 @@ Gem::Specification.new do |spec|
   spec.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.required_ruby_version = ">= 3.2.0"
+
   spec.add_dependency "ettin", "~> 1.1"
-  spec.add_dependency "sequel", "~> 5.6"
+  spec.add_dependency "sequel", "~> 5.100"
 
-  spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "coveralls", "~> 0.8"
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "logger"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "simplecov-lcov"
+  spec.add_development_dependency "ostruct"
   spec.add_development_dependency "pry"
   spec.add_development_dependency "pry-byebug"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.0"
-  spec.add_development_dependency "rubocop", "~> 0.52"
-  spec.add_development_dependency "rubocop-rails", "~> 1.1"
-  spec.add_development_dependency "rubocop-rspec", "~> 1.16"
-  spec.add_development_dependency "sqlite3", "~> 1.3"
+  spec.add_development_dependency "standard", "~> 1.53"
+  spec.add_development_dependency "sqlite3", "~> 2.9"
   spec.add_development_dependency "yard", "~> 0.9"
 end

data/db/migrations/1_create_grants.rb

@@ -4,16 +4,16 @@ Sequel.migration do
   change do
     create_table :grants do
       primary_key :id
-      column :agent_type,       String, size: 100, null: false
-      column :agent_id,         String, size: 100, null: false
-      column :agent_token,      String, size: 201, null: false
-      column :credential_type,  String, size: 100, null: false
-      column :credential_id,    String, size: 100, null: false
+      column :agent_type, String, size: 100, null: false
+      column :agent_id, String, size: 100, null: false
+      column :agent_token, String, size: 201, null: false
+      column :credential_type, String, size: 100, null: false
+      column :credential_id, String, size: 100, null: false
       column :credential_token, String, size: 201, null: false
-      column :resource_type,    String, size: 100, null: false
-      column :resource_id,      String, size: 100, null: false
-      column :resource_token,   String, size: 201, null: false
-      column :zone_id,          String, size: 100, null: false
+      column :resource_type, String, size: 100, null: false
+      column :resource_id, String, size: 100, null: false
+      column :resource_token, String, size: 201, null: false
+      column :zone_id, String, size: 100, null: false
     end
   end
 end

data/lib/checkpoint/agent/token.rb

@@ -50,10 +50,10 @@ module Checkpoint
         to_s.hash
       end
 
-      alias == eql?
-      alias inspect uri
-      alias agent_id id
-      alias agent_type type
+      alias_method :==, :eql?
+      alias_method :inspect, :uri
+      alias_method :agent_id, :id
+      alias_method :agent_type, :type
     end
   end
 end

data/lib/checkpoint/agent.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'checkpoint/agent/resolver'
-require 'checkpoint/agent/token'
+require "checkpoint/agent/resolver"
+require "checkpoint/agent/token"
 
 module Checkpoint
   # An Agent is an any person or entity that might be granted various

data/lib/checkpoint/authority.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
-require 'checkpoint/agent/resolver'
-require 'checkpoint/credential/resolver'
-require 'checkpoint/resource/resolver'
-require 'checkpoint/grants'
+require "checkpoint/agent/resolver"
+require "checkpoint/credential/resolver"
+require "checkpoint/resource/resolver"
+require "checkpoint/grants"
 
 module Checkpoint
   # An Authority is the central point of contact for authorization questions in
@@ -14,12 +14,12 @@ module Checkpoint
       agent_resolver: Agent::Resolver.new,
       credential_resolver: Credential::Resolver.new,
       resource_resolver: Resource::Resolver.new,
-      grants: Grants.new)
-
-      @agent_resolver      = agent_resolver
+      grants: Grants.new
+    )
+      @agent_resolver = agent_resolver
       @credential_resolver = credential_resolver
-      @resource_resolver   = resource_resolver
-      @grants              = grants
+      @resource_resolver = resource_resolver
+      @grants = grants
     end
 
     # Check whether there are any matching grants that would allow this actor

data/lib/checkpoint/credential/permission.rb

@@ -18,7 +18,7 @@ module Checkpoint
     # the actual behavior of the Permission objects, rather than just which
     # ones are resolved.
     class Permission < Credential
-      TYPE = 'permission'
+      TYPE = "permission"
 
       def type
         TYPE

data/lib/checkpoint/credential/role.rb

@@ -15,7 +15,7 @@ module Checkpoint
     # should only be necessary if the application needs to extend the actual
     # behavior of the Role objects, rather than just which ones are resolved.
     class Role < Credential
-      TYPE = 'role'
+      TYPE = "role"
 
       def type
         TYPE

data/lib/checkpoint/credential/role_map_resolver.rb

@@ -45,7 +45,7 @@ class Checkpoint::Credential
 
     def roles_granting(action)
       if permission_map.key?(action)
-        permission_map[action].map {|role| Role.new(role) }
+        permission_map[action].map { |role| Role.new(role) }
       else
         []
       end

data/lib/checkpoint/credential/token.rb

@@ -49,10 +49,10 @@ module Checkpoint
         to_s.hash
       end
 
-      alias == eql?
-      alias inspect uri
-      alias credential_type type
-      alias credential_id id
+      alias_method :==, :eql?
+      alias_method :inspect, :uri
+      alias_method :credential_type, :type
+      alias_method :credential_id, :id
     end
   end
 end

data/lib/checkpoint/credential.rb

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
-require 'checkpoint/credential/resolver'
-require 'checkpoint/credential/role_map_resolver'
-require 'checkpoint/credential/role'
-require 'checkpoint/credential/permission'
-require 'checkpoint/credential/token'
+require "checkpoint/credential/resolver"
+require "checkpoint/credential/role_map_resolver"
+require "checkpoint/credential/role"
+require "checkpoint/credential/permission"
+require "checkpoint/credential/token"
 
 module Checkpoint
   # A Credential is the permission to take a particular action, or any
@@ -19,7 +19,7 @@ module Checkpoint
   # possibly bound to a {Resource}.
   class Credential
     attr_reader :type, :id
-    alias name id
+    alias_method :name, :id
 
     # Create a new generic Credential. This should generally not be called,
     # preferring to use a factory or instantiate a {Permission}, {Role}, or
@@ -38,8 +38,8 @@ module Checkpoint
     #
     # @param name [String|Symbol] the name of this credential
     def initialize(name)
-      @id   = name.to_s
-      @type = 'credential'
+      @id = name.to_s
+      @type = "credential"
     end
 
     # Return the list of Credentials that would grant this one.
@@ -90,6 +90,6 @@ module Checkpoint
       type.eql?(other.type) && name.eql?(other.id)
     end
 
-    alias == eql?
+    alias_method :==, :eql?
   end
 end

data/lib/checkpoint/db/grant.rb

@@ -8,16 +8,16 @@ module Checkpoint
       # resource, credential).
       def self.from(agent, credential, resource, zone: default_zone)
         new(
-          agent_type: agent.type,           agent_id: agent.id,           agent_token: agent.token,
+          agent_type: agent.type, agent_id: agent.id, agent_token: agent.token,
           credential_type: credential.type, credential_id: credential.id, credential_token: credential.token,
-          resource_type: resource.type,     resource_id: resource.id,     resource_token: resource.token,
+          resource_type: resource.type, resource_id: resource.id, resource_token: resource.token,
           zone_id: zone
         )
       end
 
       # The default/system zone
       def self.default_zone
-        '(all)'
+        "(all)"
       end
     end
   end

data/lib/checkpoint/db/params.rb

@@ -11,7 +11,7 @@ module Checkpoint
       attr_reader :items, :prefix
 
       def initialize(items, prefix)
-        @items  = [items].flatten
+        @items = [items].flatten
         @prefix = prefix
       end
 
@@ -24,10 +24,10 @@ module Checkpoint
       def values
         items.map.with_index do |item, i|
           value = if item.respond_to?(:sql_value)
-                    item.sql_value
-                  else
-                    item.to_s
-                  end
+            item.sql_value
+          else
+            item.to_s
+          end
           [:"#{prefix}_#{i}", value]
         end
       end

data/lib/checkpoint/db/query/ac.rb

@@ -15,32 +15,30 @@ module Checkpoint::DB
 
       def initialize(agents, credentials, scope: Grant)
         super(scope: scope)
-        @agents      = tokenize(agents)
+        @agents = tokenize(agents)
         @credentials = tokenize(credentials)
       end
 
       def conditions
         super.merge(
-          agent_token:      agent_params.placeholders,
+          agent_token: agent_params.placeholders,
           credential_token: credential_params.placeholders
         )
       end
 
       def parameters
-        super.merge(Hash[
-          agent_params.values +
-          credential_params.values
-        ])
+        super.merge((agent_params.values +
+          credential_params.values).to_h)
       end
 
       protected
 
       def agent_params
-        Params.new(agents, 'at')
+        Params.new(agents, "at")
       end
 
       def credential_params
-        Params.new(credentials, 'ct')
+        Params.new(credentials, "ct")
       end
     end
   end

data/lib/checkpoint/db/query/acr.rb

@@ -15,39 +15,37 @@ module Checkpoint::DB
 
       def initialize(agents, credentials, resources, scope: Grant)
         super(scope: scope)
-        @agents      = tokenize(agents)
+        @agents = tokenize(agents)
         @credentials = tokenize(credentials)
-        @resources   = tokenize(resources)
+        @resources = tokenize(resources)
       end
 
       def conditions
         super.merge(
-          agent_token:      agent_params.placeholders,
+          agent_token: agent_params.placeholders,
           credential_token: credential_params.placeholders,
-          resource_token:   resource_params.placeholders
+          resource_token: resource_params.placeholders
         )
       end
 
       def parameters
-        super.merge(Hash[
-          agent_params.values +
+        super.merge((agent_params.values +
           credential_params.values +
-          resource_params.values
-        ])
+          resource_params.values).to_h)
       end
 
       protected
 
       def agent_params
-        Params.new(agents, 'at')
+        Params.new(agents, "at")
       end
 
       def credential_params
-        Params.new(credentials, 'ct')
+        Params.new(credentials, "ct")
       end
 
       def resource_params
-        Params.new(resources, 'rt')
+        Params.new(resources, "rt")
       end
     end
   end

data/lib/checkpoint/db/query/ar.rb

@@ -15,32 +15,30 @@ module Checkpoint::DB
 
       def initialize(agents, resources, scope: Grant)
         super(scope: scope)
-        @agents      = tokenize(agents)
-        @resources   = tokenize(resources)
+        @agents = tokenize(agents)
+        @resources = tokenize(resources)
       end
 
       def conditions
         super.merge(
-          agent_token:      agent_params.placeholders,
-          resource_token:   resource_params.placeholders
+          agent_token: agent_params.placeholders,
+          resource_token: resource_params.placeholders
         )
       end
 
       def parameters
-        super.merge(Hash[
-          agent_params.values +
-          resource_params.values
-        ])
+        super.merge((agent_params.values +
+          resource_params.values).to_h)
       end
 
       protected
 
       def agent_params
-        Params.new(agents, 'at')
+        Params.new(agents, "at")
       end
 
       def resource_params
-        Params.new(resources, 'rt')
+        Params.new(resources, "rt")
       end
     end
   end

data/lib/checkpoint/db/query/cr.rb

@@ -16,31 +16,29 @@ module Checkpoint::DB
       def initialize(credentials, resources, scope: Grant)
         super(scope: scope)
         @credentials = tokenize(credentials)
-        @resources   = tokenize(resources)
+        @resources = tokenize(resources)
       end
 
       def conditions
         super.merge(
           credential_token: credential_params.placeholders,
-          resource_token:   resource_params.placeholders
+          resource_token: resource_params.placeholders
         )
       end
 
       def parameters
-        super.merge(Hash[
-          credential_params.values +
-          resource_params.values
-        ])
+        super.merge((credential_params.values +
+          resource_params.values).to_h)
       end
 
       protected
 
       def credential_params
-        Params.new(credentials, 'ct')
+        Params.new(credentials, "ct")
       end
 
       def resource_params
-        Params.new(resources, 'rt')
+        Params.new(resources, "rt")
       end
     end
   end

data/lib/checkpoint/db.rb

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
-require 'ostruct'
-require 'logger'
-require 'yaml'
+require "ostruct"
+require "logger"
+require "yaml"
 
-require_relative 'db/cartesian_select'
-require_relative 'db/params'
-require_relative 'db/query/acr'
-require_relative 'db/query/ac'
-require_relative 'db/query/ar'
-require_relative 'db/query/cr'
+require_relative "db/cartesian_select"
+require_relative "db/params"
+require_relative "db/query/acr"
+require_relative "db/query/ac"
+require_relative "db/query/ar"
+require_relative "db/query/cr"
 
 module Checkpoint
   # Module for everything related to the Checkpoint database.
@@ -17,9 +17,9 @@ module Checkpoint
     # Any error with the database that Checkpoint itself detects but cannot handle.
     class DatabaseError < StandardError; end
 
-    CONNECTION_ERROR = 'The Checkpoint database is not initialized. Call initialize! first.'
+    CONNECTION_ERROR = "The Checkpoint database is not initialized. Call initialize! first."
 
-    ALREADY_CONNECTED = 'Already connected; refusing to connect to another database.'
+    ALREADY_CONNECTED = "Already connected; refusing to connect to another database."
 
     MISSING_CONFIG = <<~MSG
       CHECKPOINT_DATABASE_URL and DATABASE_URL are both missing and a connection
@@ -91,7 +91,7 @@ module Checkpoint
       def migrate!
         connect! unless connected?
         Sequel.extension :migration
-        Sequel::Migrator.run(db, File.join(__dir__, '../../db/migrations'), table: schema_table)
+        Sequel::Migrator.run(db, File.join(__dir__, "../../db/migrations"), table: schema_table)
       end
 
       def schema_table
@@ -99,7 +99,7 @@ module Checkpoint
       end
 
       def schema_file
-        'db/checkpoint.yml'
+        "db/checkpoint.yml"
       end
 
       def dump_schema!
@@ -117,19 +117,19 @@ module Checkpoint
 
       def model_files
         [
-          'db/grant'
+          "db/grant"
         ]
       end
 
       # Merge url, opts, or db settings from a hash into our config
       def merge_config!(config = {})
-        self.config.url  = config[:url]  if config.key?(:url)
+        self.config.url = config[:url] if config.key?(:url)
         self.config.opts = config[:opts] if config.key?(:opts)
-        self.config.db   = config[:db]   if config.key?(:db)
+        self.config.db = config[:db] if config.key?(:db)
       end
 
       def conn_opts
-        log = { logger: Logger.new('db/checkpoint.log') }
+        log = {logger: Logger.new("db/checkpoint.log")}
         url = config.url
         opts = config.opts
         if url
@@ -143,7 +143,7 @@ module Checkpoint
 
       def config
         @config ||= OpenStruct.new(
-          url: ENV['CHECKPOINT_DATABASE_URL'] || ENV['DATABASE_URL']
+          url: ENV["CHECKPOINT_DATABASE_URL"] || ENV["DATABASE_URL"]
         )
       end
 

data/lib/checkpoint/grants.rb

@@ -7,7 +7,7 @@
 # application, there should be an initializer that reads whatever appropriate
 # configuration and does the initialization.
 
-require 'checkpoint/db'
+require "checkpoint/db"
 
 module Checkpoint
   # The repository of grants -- a simple wrapper for the Sequel Datastore / grants table.
@@ -104,7 +104,7 @@ module Checkpoint
     private
 
     def scope
-      { scope: grants }
+      {scope: grants}
     end
 
     def where(agents, credentials, resources)

data/lib/checkpoint/query/action_permitted.rb

@@ -20,11 +20,11 @@ module Checkpoint
         user,
         action,
         target = Checkpoint::Resource.all,
-        authority: Authority::RejectAll.new)
-
-        @user      = user
-        @action    = action.to_sym
-        @target    = target
+        authority: Authority::RejectAll.new
+      )
+        @user = user
+        @action = action.to_sym
+        @target = target
         @authority = authority
       end
 

data/lib/checkpoint/query/role_granted.rb

@@ -37,9 +37,9 @@ module Checkpoint
       # @param authority [Checkpoint::Authority] the authority to ask about
       #   this role-grant
       def initialize(user, role, target = Resource.all, authority: Authority::RejectAll.new)
-        @user      = user
-        @role      = role.to_sym
-        @target    = target
+        @user = user
+        @role = role.to_sym
+        @target = target
         @authority = authority
       end
 

data/lib/checkpoint/query.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'checkpoint/query/role_granted'
-require 'checkpoint/query/action_permitted'
+require "checkpoint/query/role_granted"
+require "checkpoint/query/action_permitted"
 
 module Checkpoint
   # The Query module is a container for the various types of checks or

data/lib/checkpoint/railtie.rb

@@ -68,9 +68,9 @@ module Checkpoint
       unless config.url
         case Rails.env
         when "development"
-          config[:opts] = { adapter: 'sqlite', database: 'db/checkpoint_development.sqlite3' }
+          config[:opts] = {adapter: "sqlite", database: "db/checkpoint_development.sqlite3"}
         when "test"
-          config[:opts] = { adapter: 'sqlite' }
+          config[:opts] = {adapter: "sqlite"}
         end
       end
 
@@ -95,8 +95,8 @@ module Checkpoint
     end
 
     def rake_files
-      base = Pathname(__dir__) + '../tasks/'
-      [base + 'migrate.rake']
+      base = Pathname(__dir__) + "../tasks/"
+      [base + "migrate.rake"]
     end
 
     rake_tasks do

data/lib/checkpoint/resource/all_of_type.rb

@@ -22,7 +22,7 @@ module Checkpoint
         other.is_a?(Resource) && type == other.type
       end
 
-      alias == eql?
+      alias_method :==, :eql?
     end
   end
 end

data/lib/checkpoint/resource/any_entity_of_type.rb

@@ -23,7 +23,7 @@ module Checkpoint
         other.respond_to?(:type) && type == other.type
       end
 
-      alias == eql?
+      alias_method :==, :eql?
     end
   end
 end

data/lib/checkpoint/resource/token.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'checkpoint/resource/resolver'
+require "checkpoint/resource/resolver"
 
 module Checkpoint
   class Resource
@@ -78,10 +78,10 @@ module Checkpoint
         to_s.hash
       end
 
-      alias == eql?
-      alias inspect uri
-      alias resource_type type
-      alias resource_id id
+      alias_method :==, :eql?
+      alias_method :inspect, :uri
+      alias_method :resource_type, :type
+      alias_method :resource_id, :id
     end
   end
 end

data/lib/checkpoint/resource.rb

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
-require 'checkpoint/resource/token'
-require 'checkpoint/resource/all_of_type'
-require 'checkpoint/resource/all_of_any_type'
-require 'checkpoint/resource/any_entity'
-require 'checkpoint/resource/any_entity_of_type'
+require "checkpoint/resource/token"
+require "checkpoint/resource/all_of_type"
+require "checkpoint/resource/all_of_any_type"
+require "checkpoint/resource/any_entity"
+require "checkpoint/resource/any_entity_of_type"
 
 module Checkpoint
   # A Resource is any application object that should be considered for
@@ -37,7 +37,7 @@ module Checkpoint
 
     # Special string to be used when granting or searching for grants on all
     # types or all resources
-    ALL = '(all)'
+    ALL = "(all)"
 
     # Creates a Resource for this entity. Prefer the factory method {::from},
     # which applies default conversion rules. This constructor does not

data/lib/checkpoint/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Checkpoint
-  VERSION = "1.1.2"
+  VERSION = "1.2.0"
 end

data/lib/checkpoint.rb

@@ -2,8 +2,8 @@
 
 require "checkpoint/version"
 
-require 'sequel'
-require 'ettin'
+require "sequel"
+require "ettin"
 
 # All of the Checkpoint components are contained within this top-level module.
 module Checkpoint
@@ -12,9 +12,9 @@ module Checkpoint
   class NoIdentifierError < StandardError; end
 end
 
-require 'checkpoint/agent'
-require 'checkpoint/credential'
-require 'checkpoint/resource'
-require 'checkpoint/authority'
-require 'checkpoint/query'
-require 'checkpoint/railtie' if defined?(Rails)
+require "checkpoint/agent"
+require "checkpoint/credential"
+require "checkpoint/resource"
+require "checkpoint/authority"
+require "checkpoint/query"
+require "checkpoint/railtie" if defined?(Rails)

data/lib/tasks/migrate.rake

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
-require 'bundler/setup'
-require 'checkpoint'
+require "bundler/setup"
+require "checkpoint"
 
 if defined?(Rails)
   # When db:schema:dump is called directly, we can tack this on.
   # If we do it unconditionally, db:migrate will try to dump before we have
   # been able to migrate the checkpoint tables.
-  if Rake.application.top_level_tasks.include?('db:schema:dump')
-    Rake::Task['db:schema:dump'].enhance do
-      Rake::Task['checkpoint:schema:dump'].invoke
+  if Rake.application.top_level_tasks.include?("db:schema:dump")
+    Rake::Task["db:schema:dump"].enhance do
+      Rake::Task["checkpoint:schema:dump"].invoke
     end
   end
 
@@ -17,13 +17,13 @@ if defined?(Rails)
   # schema_info, so migrations don't try to double-run. The actual table
   # structure is handled by the Rails schema:dump and schema:load.
   # A db:setup will trigger this, so we don't have to handle it separately.
-  Rake::Task['db:schema:load'].enhance do
-    Rake::Task['checkpoint:schema:load'].invoke
+  Rake::Task["db:schema:load"].enhance do
+    Rake::Task["checkpoint:schema:load"].invoke
   end
 
   # We hook into db:migrate for convenience.
-  Rake::Task['db:migrate'].enhance do
-    Rake::Task['checkpoint:migrate'].invoke
+  Rake::Task["db:migrate"].enhance do
+    Rake::Task["checkpoint:migrate"].invoke
   end
 
 end
@@ -36,7 +36,7 @@ namespace :checkpoint do
       # The Railtie is smart enough to know whether we are in a Rake task,
       # so it can avoid initializing and we can migrate safely before the
       # models are loaded.
-      Rake::Task['environment'].invoke
+      Rake::Task["environment"].invoke
     end
 
     # After migrating, we initialize here, even though it isn't strictly
@@ -54,21 +54,21 @@ namespace :checkpoint do
     namespace :schema do
       desc "Dump the Checkpoint version to db/checkpoint.yml"
       task :dump do
-        Rake::Task['environment'].invoke
+        Rake::Task["environment"].invoke
         Checkpoint::DB.dump_schema!
       end
 
       desc "Load the Checkpoint version from db/checkpoint.yml"
       task :load do
-        Rake::Task['environment'].invoke
+        Rake::Task["environment"].invoke
         Checkpoint::DB.load_schema!
       end
 
       # When running under Rails, we dump the schema after migrating so
       # everything stays synced up for db:setup against a new database.
       # Rake::Task['checkpoint:schema:dump'].invoke
-      Rake::Task['checkpoint:migrate'].enhance do
-        Rake::Task['checkpoint:schema:dump'].invoke
+      Rake::Task["checkpoint:migrate"].enhance do
+        Rake::Task["checkpoint:schema:dump"].invoke
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: checkpoint
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.2.0
 platform: ruby
 authors:
 - Noah Botimer
-autorequire: 
+- Aaron Elkiss
 bindir: exe
 cert_chain: []
-date: 2019-05-23 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ettin
@@ -30,44 +30,44 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.6'
+        version: '5.100'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.6'
+        version: '5.100'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: logger
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -81,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry-byebug
+  name: simplecov-lcov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -95,89 +95,103 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: ostruct
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.52'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.52'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rails
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: standard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '1.53'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '1.53'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.9'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -192,19 +206,22 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.9'
-description: 
 email:
 - botimer@umich.edu
+- aelkiss@umich.edu
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".envrc"
+- ".github/dependabot.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
-- ".rubocop.yml"
+- ".standard.yml"
 - ".travis.yml"
 - ".yardopts"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.md
 - README.md
@@ -214,6 +231,7 @@ files:
 - bin/rspec
 - bin/sequel
 - bin/setup
+- bin/standardrb
 - bin/yard
 - bin/yardoc
 - checkpoint.gemspec
@@ -262,7 +280,6 @@ homepage: https://github.com/mlibrary/checkpoint
 licenses:
 - BSD-3-Clause
 metadata: {}
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -270,16 +287,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
-signing_key: 
+rubygems_version: 4.0.3
 specification_version: 4
 summary: Checkpoint provides a model and infrastructure for policy-based authorization,
   especially in Rails applications.

data/.rubocop.yml

@@ -1,45 +0,0 @@
-Rails:
-  Enabled: true
-
-Rails/Delegate:
-  Enabled: false
-
-# inherit_gem:
-#   rubocop-rails:
-#     - config/rails.yml
-
-AllCops:
-  DisplayCopNames: true
-  TargetRubyVersion: 2.4
-  Exclude:
-    - 'bin/**/*'
-    - 'vendor/**/*'
-
-Layout/EmptyLineAfterGuardClause:
-  Enabled: false
-
-Layout/MultilineMethodDefinitionBraceLayout:
-  EnforcedStyle: same_line
-
-Metrics/LineLength:
-  Max: 110
-
-Metrics/BlockLength:
-  Exclude:
-    - '*.gemspec'
-  ExcludedMethods: ['describe', 'context', 'xdescribe', 'xcontext']
-
-Layout/SpaceInsideBlockBraces:
-  Enabled: false
-
-Layout/IndentArray:
-  EnforcedStyle: consistent
-
-Style/ClassAndModuleChildren:
-  Enabled: false
-
-Style/StringLiterals:
-  Enabled: false
-
-Style/SymbolArray:
-  EnforcedStyle: brackets