RubyGems - credible - Versions diffs - 0.6.0 → 0.8.0 - Mend

credible 0.6.0 → 0.8.0

Files changed (16) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 05b3dba3b165af862258747b7e148aee774dee9cc216dc74e1b4078508babe09
-  data.tar.gz: c2ff97929becec3437a9158715d8e4b6e81d4dbed5f15777c4f6a3e7719b3b5b
+  metadata.gz: 61357e14d2d15acb05c8382cddc3d46da9cad63d3f64a1a30ea51855cd99111d
+  data.tar.gz: d785759b5a2a64fbdb99e747afef80af236417aa86885b63186980edd2045219
 SHA512:
-  metadata.gz: 7e95298a28975a795780892884d7948c425507d0ba66decea3ed61b9f3ecc4497ca61cbc7db218f7c75739a7cb9aa4ee4724207c8d5929be5d77c21dc825873d
-  data.tar.gz: 2cca460759ddb220a910cbb67fc3f29c5b5e0a097f44f890b2f76e49e9aa85178d20f132035f12b5c483af69f3bb4d7170155ca57cc8d0d8c13f9ee17c3bc578
+  metadata.gz: caf407bff7ada8ade260aa0617cebc191bf5cd132d5962aeaba2e51770d5135ad36b5a04727852eb85c00689bea3523ba132e761f18d97b3804d349b5e717838
+  data.tar.gz: b3e114d34cddacee014020349326a2a42ac2ef22cf374b585f6de199180e1fdac455cf7684e7202b3d94f5f2b18aff92e59b0b9788763eb4e59682b0cc4b4c4b

data/README.md CHANGED Viewed

@@ -35,11 +35,11 @@ Rails.application.routes.draw do
 end
 ```
-And in your Application Controller, inherit from `Credible::ApplicationController`:
+And in your Application Controller, inherit from `Credible::ControllerConcern`:
 ```ruby
 class ApplicationController < ActionController::Base
-  include Credible::ApplicationController
+  include Credible::ControllerConcern
 end
 ```

data/app/controllers/credible/authentication/sessions_controller.rb CHANGED Viewed

@@ -2,7 +2,9 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
   before_action :set_session, only: [:show, :destroy]
   skip_before_action :authenticate!, only: [:new, :create, :fail]
-  skip_after_action :verify_authorized, only: [:fail]
+  # skip_after_action :verify_authorized, only: [:fail]
+  # TODO: Reevaluate authorization without Pundit
   # GET /sessions
   # GET /sessions.json
@@ -17,14 +19,12 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
   # GET /sessions/new
   def new
     @session = ::Session.new
-    authorize @session
   end
   # POST /sessions
   # POST /sessions.json
   def create
-    @session = ::Session.authenticate(permitted_attributes(Session))
-    authorize @session
+    @session = ::Session.authenticate(session_params)
     if @session.save
       render :show, status: :created, location: @session
@@ -51,6 +51,9 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
     # Use callbacks to share common setup or constraints between actions.
     def set_session
       @session = current_session
-      authorize @session
+    end
+    def session_params
+      params.require(:session).permit(:login, :password)
     end
 end

data/app/controllers/credible/authentication/users_controller.rb CHANGED Viewed

@@ -3,6 +3,8 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   skip_before_action :authenticate!, only: [:new, :create, :confirm]
+  # TODO: Reevaluate authorization without Pundit
   # GET /users/1
   # GET /users/1.json
   def show
@@ -11,14 +13,12 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/new
   def new
     @user = ::User.new
-    authorize @user
   end
   # POST /users
   # POST /users.json
   def create
-    @user = ::User.new(permitted_attributes(User))
-    authorize @user
+    @user = ::User.new(user_params)
     if @user.save
       Credible::ConfirmationMailer.with(user: @user).confirmation_email.deliver_later
@@ -33,7 +33,6 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/confirm/:confirmation_token.json
   def confirm
     @user = ::User.find_by(email: params[:email])
-    authorize @user
     @user.confirm(params[:confirmation_token])
@@ -48,8 +47,7 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # POST /users/reset_password
   # POST /users/reset_password.json
   def reset_password
-    @user = ::User.find_by(email: permitted_attributes(User)[:email])
-    authorize @user
+    @user = ::User.find_by(email: user_params[:email])
     @user.reset_password
@@ -68,7 +66,7 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # PATCH/PUT /users/1
   # PATCH/PUT /users/1.json
   def update
-    if @user.update(permitted_attributes(@user))
+    if @user.update(user_params)
       render :show, status: :ok, location: @user
     else
       render json: @user.errors, status: :unprocessable_entity
@@ -86,6 +84,9 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
     # Use callbacks to share common setup or constraints between actions.
     def set_user
       @user = current_user
-      authorize @user
-    end
+    end
+    def user_params
+      params.require(:user).permit(:email, :password)
+    end
 end

data/app/controllers/credible/authentication_controller.rb CHANGED Viewed

@@ -1,16 +1,4 @@
 class Credible::AuthenticationController < ApplicationController
   # TODO: Authentication module is now redundant inside Credible Engine.
   #       Migrate out of namespace.
-  def policy_scope(scope)
-    super([:credible, :authentication, scope])
-  end
-  def authorize(record, query = nil)
-    super([:credible, :authentication, record], query)
-  end
-  def permitted_attributes(record, action = action_name)
-    super([:credible, :authentication, record], action)
-  end
 end

data/app/views/credible/authentication/users/_user.json.jbuilder CHANGED Viewed

@@ -1,4 +1,4 @@
-json.extract! user, :id, :name, :email, :created_at, :updated_at
+json.extract! user, :id, :email, :created_at, :updated_at
 json.jwt @session.jwt if @session

data/app/views/credible/confirmation_mailer/confirmation_email.html.haml CHANGED Viewed

@@ -1,4 +1,4 @@
-%h1= "Welcome to #{@app_name}, #{@user.name}"
+%h1= "Welcome to #{@app_name}, #{@user.email}"
 %p
   = "You have successfully signed up to #{@app_name}, your username is: #{@user.email}."

data/app/views/credible/confirmation_mailer/confirmation_email.text.haml CHANGED Viewed

@@ -1,4 +1,4 @@
-= "Welcome to #{@app_name}, #{@user.name}"
+= "Welcome to #{@app_name}, #{@user.email}"
 \===============================================
 = "You have successfully signed up to #{@app_name}, your username is: #{@user.email}."

data/lib/credible/{application_controller.rb → controller_concern.rb} RENAMED Viewed

@@ -1,26 +1,15 @@
 module Credible
-  module ApplicationController
+  module ControllerConcern
     extend ActiveSupport::Concern
     included do
       skip_before_action :verify_authenticity_token
-      include Pundit
-      after_action :verify_authorized
-      after_action :verify_policy_scoped, only: :index
-      rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
-      rescue_from Pundit::NotDefinedError, with: :user_not_authorized
       before_action :authenticate!, if: proc { request.env['HTTP_AUTHORIZATION'] || request.env['HTTP_API_TOKEN'] }
       helper_method :current_user
       helper_method :current_session
-      def pundit_user
-        current_session
-      end
       def current_user
         current_session.user
       end
@@ -40,11 +29,5 @@ module Credible
     class_methods do
     end
-    private
-    def user_not_authorized
-      render json: {}.to_json, status: :forbidden
-    end
   end
 end

data/lib/credible/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Credible
-  VERSION = '0.6.0'
+  VERSION = '0.8.0'
 end

data/lib/credible.rb CHANGED Viewed

@@ -2,7 +2,7 @@ require "active_support"
 require "credible/engine"
-require "credible/application_controller"
+require "credible/controller_concern"
 require "credible/user"
 require "credible/session"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: credible
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Thom Bruce
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-20 00:00:00.000000000 Z
+date: 2020-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -44,20 +44,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.8
-- !ruby/object:Gem::Dependency
-  name: pundit
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -133,10 +119,6 @@ files:
 - app/mailers/credible/reset_password_mailer.rb
 - app/mailers/credible_mailer.rb
 - app/models/credible/application_record.rb
-- app/policies/credible/application_policy.rb
-- app/policies/credible/authentication/session_policy.rb
-- app/policies/credible/authentication/user_policy.rb
-- app/policies/credible/authentication_policy.rb
 - app/views/credible/authentication/sessions/_session.json.jbuilder
 - app/views/credible/authentication/sessions/show.json.jbuilder
 - app/views/credible/authentication/users/_user.json.jbuilder
@@ -150,7 +132,7 @@ files:
 - config/initializers/warden.rb
 - config/routes.rb
 - lib/credible.rb
-- lib/credible/application_controller.rb
+- lib/credible/controller_concern.rb
 - lib/credible/engine.rb
 - lib/credible/session.rb
 - lib/credible/user.rb

data/app/policies/credible/application_policy.rb DELETED Viewed

@@ -1,61 +0,0 @@
-module Credible
-  class ApplicationPolicy
-    attr_reader :session, :record
-    def initialize(session, record)
-      @session = session
-      @record = record
-    end
-    def index?
-      user
-    end
-    def show?
-      user
-    end
-    def create?
-      user
-    end
-    def new?
-      create?
-    end
-    def update?
-      user
-    end
-    def edit?
-      update?
-    end
-    def destroy?
-      user
-    end
-    # Helper Methods
-    def user
-      session.user
-    end
-    class Scope
-      attr_reader :session, :scope
-      def initialize(session, scope)
-        @session = session
-        @scope = scope
-      end
-      def resolve
-        scope.all
-      end
-      # Helper Methods
-      def user
-        session.user
-      end
-    end
-  end
-end

data/app/policies/credible/authentication/session_policy.rb DELETED Viewed

@@ -1,9 +0,0 @@
-class Credible::Authentication::SessionPolicy < Credible::AuthenticationPolicy
-  def permitted_attributes
-    [:login, :password]
-  end
-  def update?
-    user && user == record.user
-  end
-end

data/app/policies/credible/authentication/user_policy.rb DELETED Viewed

@@ -1,17 +0,0 @@
-class Credible::Authentication::UserPolicy < Credible::AuthenticationPolicy
-  def permitted_attributes
-    [:name, :email, :password]
-  end
-  def confirm?
-    true
-  end
-  def reset_password?
-    true
-  end
-  def update?
-    user && user == record
-  end
-end

data/app/policies/credible/authentication_policy.rb DELETED Viewed

@@ -1,16 +0,0 @@
-class Credible::AuthenticationPolicy < Credible::ApplicationPolicy
-  # Authentication concerns the User and their single instance.
-  # The rules that apply to update? will always apply to show?
-  # and destroy? too.
-  def show?
-    update?
-  end
-  def create?
-    !user
-  end
-  def destroy?
-    update?
-  end
-end