clean-policy 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: faff212eed58fa49a34fc67bc82c48744e19537fb2f96c66cf0775cbba480b79
+  data.tar.gz: 65fe3b90662328845e112e5d1d0044a476429e7301cc54edb363c35f3a892c19
+SHA512:
+  metadata.gz: eeea961ffae6212d2d8cf2af530cc862009b4d56976bb57d9cbe607eb91df1c1917de5e05b66e429f1ecedbe438f260bbdd286e25b2a9974a5dbc49ed56e5606
+  data.tar.gz: 832a117414d81ab978b724f5aef199ea5c6d5c53047bfa2add622cfe3c2a2bf25deb8c8cd41bdc0dab802ebb75a5b354e2fe3e2ce14b0372bc154a405eef811e

data/.version

@@ -0,0 +1 @@
+0.2.0

data/lib/clean-policy.rb

@@ -0,0 +1,5 @@
+require_relative './clean-policy/base'
+require_relative './clean-policy/error'
+require_relative './clean-policy/proxy'
+require_relative './clean-policy/global'
+

data/lib/clean-policy/base.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+# base caller
+# Policy::User.new(model: @model, user: User.current).can?(:update) -> can current user update @model
+
+# block will capture error message and will triggered only if error are present
+# User.can?(:login) { |msg| http_error 401, "Err: #{msg}".red; return 'no access' }
+
+class Policy
+  attr_reader :model, :user, :action
+
+  def initialize model:, user:
+    @model = model
+    @user  = user
+  end
+
+  # pass block if you want to handle errors yourself
+  # return true if false if block is passed
+  def can? action, *args, &block
+    @action = action
+      .to_s
+      .gsub(/[^\w+]/, '')
+      .concat('?')
+      .to_sym
+
+    # pre check
+    raise RuntimeError, 'Method name not allowed' if %i(can).index(@action)
+    raise NoMethodError, %[Policy check "#{@action}" not found in #{self.class}] unless respond_to?(@action)
+
+    call *args, &block
+  end
+
+  # call has to be isolated because specific of error handling
+  def call *args, &block
+    raise Error.new 'User is not defined' unless @user
+
+    return true if before(@action)
+    return true if send(@action, *args)
+    raise Error.new('Access disabled in policy')
+  rescue Policy::Error => e
+    error = e.message
+    error += " - #{self.class}.#{@action}" if defined?(Lux) && Lux.config(:dump_errors)
+
+    if block
+      block.call(error)
+      false
+    else
+      raise Policy::Error, error
+    end
+  end
+
+  def can
+    Proxy.new self
+  end
+
+  ###
+
+  def before action
+    false
+  end
+
+  def error message
+    raise Policy::Error.new(message)
+  end
+
+end

data/lib/clean-policy/error.rb

@@ -0,0 +1,4 @@
+class Policy
+  class Error < StandardError
+  end
+end

data/lib/clean-policy/global.rb

@@ -0,0 +1,39 @@
+def Policy *args
+  opts = args.first.dup
+
+  unless opts.is_a?(Hash)
+    opts = { model: opts }
+    opts.merge! args[1] if args[1]
+  end
+
+  raise ArgumentError, 'User not defined' unless opts.key?(:user)
+
+  model = opts[:model]
+
+  klass =
+  if model
+    opts[:class] || ('%s_policy' % model.class).classify.constantize
+  else
+    ApplicationPolicy
+  end
+
+  klass.new(user: opts[:user], model: model)
+end
+
+# "smart" access that will fill current user if possible
+# fell free to overwrite this method
+class Object
+  def policy *args
+    opts = args.first.dup
+
+    unless opts.is_a?(Hash)
+      opts = { model: opts }
+      opts.merge! args[1] if args[1]
+    end
+
+    opts[:user] ||= user_current if respond_to?(:user_current)
+    opts[:user] ||= User.current if defined?(User) && User.respond_to?(:current)
+
+    Policy opts
+  end
+end

data/lib/clean-policy/proxy.rb

@@ -0,0 +1,38 @@
+# true / false
+# @model.can.write?
+#
+# raise error or return true
+# @model.can.write!
+#
+# redirect on error or return true
+# @model.can.write! { redirect_to '/login' }
+
+class Policy
+  class Proxy
+    def initialize policy
+      @policy = policy
+    end
+
+    def method_missing name, &block
+      name   = name.to_s.sub(/(.)$/, '')
+      action = $1
+
+      if action == '!'
+        @policy.can?(name, &block)
+        true
+      elsif action == '?'
+        raise "Block given, not allowed in boolean (?) policy, use bang .#{name}! { .. }" if block_given?
+
+        begin
+          @policy.can?(name)
+          true
+        rescue Policy::Error
+          yield if block_given?
+          false
+        end
+      else
+        raise ArgumentError.new('Bad policy method name')
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,48 @@
+--- !ruby/object:Gem::Specification
+name: clean-policy
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Dino Reic
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-10-06 00:00:00.000000000 Z
+dependencies: []
+description: Clean, simple explicit and strait-forward policy definitions.
+email: reic.dino@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- "./.version"
+- "./lib/clean-policy.rb"
+- "./lib/clean-policy/base.rb"
+- "./lib/clean-policy/error.rb"
+- "./lib/clean-policy/global.rb"
+- "./lib/clean-policy/proxy.rb"
+homepage: https://github.com/dux/clean-policy
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.6
+signing_key: 
+specification_version: 4
+summary: Ruby access policy library
+test_files: []