RubyGems - credible - Versions diffs - 0.6.0 → 0.8.0 - Mend

credible 0.6.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 05b3dba3b165af862258747b7e148aee774dee9cc216dc74e1b4078508babe09
-  data.tar.gz: c2ff97929becec3437a9158715d8e4b6e81d4dbed5f15777c4f6a3e7719b3b5b
+  metadata.gz: 61357e14d2d15acb05c8382cddc3d46da9cad63d3f64a1a30ea51855cd99111d
+  data.tar.gz: d785759b5a2a64fbdb99e747afef80af236417aa86885b63186980edd2045219
 SHA512:
-  metadata.gz: 7e95298a28975a795780892884d7948c425507d0ba66decea3ed61b9f3ecc4497ca61cbc7db218f7c75739a7cb9aa4ee4724207c8d5929be5d77c21dc825873d
-  data.tar.gz: 2cca460759ddb220a910cbb67fc3f29c5b5e0a097f44f890b2f76e49e9aa85178d20f132035f12b5c483af69f3bb4d7170155ca57cc8d0d8c13f9ee17c3bc578
+  metadata.gz: caf407bff7ada8ade260aa0617cebc191bf5cd132d5962aeaba2e51770d5135ad36b5a04727852eb85c00689bea3523ba132e761f18d97b3804d349b5e717838
+  data.tar.gz: b3e114d34cddacee014020349326a2a42ac2ef22cf374b585f6de199180e1fdac455cf7684e7202b3d94f5f2b18aff92e59b0b9788763eb4e59682b0cc4b4c4b

data/README.md CHANGED Viewed

@@ -35,11 +35,11 @@ Rails.application.routes.draw do
 end
 ```
-And in your Application Controller, inherit from `Credible::ApplicationController`:
+And in your Application Controller, inherit from `Credible::ControllerConcern`:
 ```ruby
 class ApplicationController < ActionController::Base
-  include Credible::ApplicationController
+  include Credible::ControllerConcern
 end
 ```

data/app/controllers/credible/authentication/sessions_controller.rb CHANGED Viewed

@@ -2,7 +2,9 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
   before_action :set_session, only: [:show, :destroy]
   skip_before_action :authenticate!, only: [:new, :create, :fail]
-  skip_after_action :verify_authorized, only: [:fail]
+  # skip_after_action :verify_authorized, only: [:fail]
+  # TODO: Reevaluate authorization without Pundit
   # GET /sessions
   # GET /sessions.json
@@ -17,14 +19,12 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
   # GET /sessions/new
   def new
     @session = ::Session.new
-    authorize @session
   end
   # POST /sessions
   # POST /sessions.json
   def create
-    @session = ::Session.authenticate(permitted_attributes(Session))
-    authorize @session
+    @session = ::Session.authenticate(session_params)
     if @session.save
       render :show, status: :created, location: @session
@@ -51,6 +51,9 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
     # Use callbacks to share common setup or constraints between actions.
     def set_session
       @session = current_session
-      authorize @session
+    end
+    def session_params
+      params.require(:session).permit(:login, :password)
     end
 end

data/app/controllers/credible/authentication/users_controller.rb CHANGED Viewed

@@ -3,6 +3,8 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   skip_before_action :authenticate!, only: [:new, :create, :confirm]
+  # TODO: Reevaluate authorization without Pundit
   # GET /users/1
   # GET /users/1.json
   def show
@@ -11,14 +13,12 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/new
   def new
     @user = ::User.new
-    authorize @user
   end
   # POST /users
   # POST /users.json
   def create
-    @user = ::User.new(permitted_attributes(User))
-    authorize @user
+    @user = ::User.new(user_params)
     if @user.save
       Credible::ConfirmationMailer.with(user: @user).confirmation_email.deliver_later
@@ -33,7 +33,6 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/confirm/:confirmation_token.json
   def confirm
     @user = ::User.find_by(email: params[:email])
-    authorize @user
     @user.confirm(params[:confirmation_token])
@@ -48,8 +47,7 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # POST /users/reset_password
   # POST /users/reset_password.json
   def reset_password
-    @user = ::User.find_by(email: permitted_attributes(User)[:email])
-    authorize @user
+    @user = ::User.find_by(email: user_params[:email])
     @user.reset_password
@@ -68,7 +66,7 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # PATCH/PUT /users/1
   # PATCH/PUT /users/1.json
   def update
-    if @user.update(permitted_attributes(@user))
+    if @user.update(user_params)
       render :show, status: :ok, location: @user
     else
       render json: @user.errors, status: :unprocessable_entity
@@ -86,6 +84,9 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
     # Use callbacks to share common setup or constraints between actions.
     def set_user
       @user = current_user
-      authorize @user
-    end
+    end
+    def user_params
+      params.require(:user).permit(:email, :password)
+    end
 end

data/app/controllers/credible/authentication_controller.rb CHANGED Viewed

@@ -1,16 +1,4 @@
 class Credible::AuthenticationController < ApplicationController
   # TODO: Authentication module is now redundant inside Credible Engine.
   #       Migrate out of namespace.
-  def policy_scope(scope)
-    super([:credible, :authentication, scope])
-  end
-  def authorize(record, query = nil)
-    super([:credible, :authentication, record], query)
-  end
-  def permitted_attributes(record, action = action_name)
-    super([:credible, :authentication, record], action)
-  end
 end

data/app/views/credible/authentication/users/_user.json.jbuilder CHANGED Viewed

@@ -1,4 +1,4 @@
-json.extract! user, :id, :name, :email, :created_at, :updated_at
+json.extract! user, :id, :email, :created_at, :updated_at
 json.jwt @session.jwt if @session

data/app/views/credible/confirmation_mailer/confirmation_email.html.haml CHANGED Viewed

@@ -1,4 +1,4 @@
-%h1= "Welcome to #{@app_name}, #{@user.name}"
+%h1= "Welcome to #{@app_name}, #{@user.email}"
 %p
   = "You have successfully signed up to #{@app_name}, your username is: #{@user.email}."

data/app/views/credible/confirmation_mailer/confirmation_email.text.haml CHANGED Viewed

@@ -1,4 +1,4 @@
-= "Welcome to #{@app_name}, #{@user.name}"
+= "Welcome to #{@app_name}, #{@user.email}"
 \===============================================
 = "You have successfully signed up to #{@app_name}, your username is: #{@user.email}."

data/lib/credible/{application_controller.rb → controller_concern.rb} RENAMED Viewed

@@ -1,26 +1,15 @@
 module Credible
-  module ApplicationController
+  module ControllerConcern
     extend ActiveSupport::Concern
     included do
       skip_before_action :verify_authenticity_token
-      include Pundit
-      after_action :verify_authorized
-      after_action :verify_policy_scoped, only: :index
-      rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
-      rescue_from Pundit::NotDefinedError, with: :user_not_authorized
       before_action :authenticate!, if: proc { request.env['HTTP_AUTHORIZATION'] || request.env['HTTP_API_TOKEN'] }
       helper_method :current_user
       helper_method :current_session
-      def pundit_user
-        current_session
-      end
       def current_user
         current_session.user
       end
@@ -40,11 +29,5 @@ module Credible
     class_methods do
     end
-    private
-    def user_not_authorized
-      render json: {}.to_json, status: :forbidden
-    end
   end
 end

data/lib/credible/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Credible
-  VERSION = '0.6.0'
+  VERSION = '0.8.0'
 end

data/lib/credible.rb CHANGED Viewed

@@ -2,7 +2,7 @@ require "active_support"
 require "credible/engine"
-require "credible/application_controller"
+require "credible/controller_concern"
 require "credible/user"
 require "credible/session"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: credible
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Thom Bruce
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-20 00:00:00.000000000 Z
+date: 2020-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -44,20 +44,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.8
-- !ruby/object:Gem::Dependency
-  name: pundit
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -133,10 +119,6 @@ files:
 - app/mailers/credible/reset_password_mailer.rb
 - app/mailers/credible_mailer.rb
 - app/models/credible/application_record.rb
-- app/policies/credible/application_policy.rb
-- app/policies/credible/authentication/session_policy.rb
-- app/policies/credible/authentication/user_policy.rb
-- app/policies/credible/authentication_policy.rb
 - app/views/credible/authentication/sessions/_session.json.jbuilder
 - app/views/credible/authentication/sessions/show.json.jbuilder
 - app/views/credible/authentication/users/_user.json.jbuilder
@@ -150,7 +132,7 @@ files:
 - config/initializers/warden.rb
 - config/routes.rb
 - lib/credible.rb
-- lib/credible/application_controller.rb
+- lib/credible/controller_concern.rb
 - lib/credible/engine.rb
 - lib/credible/session.rb
 - lib/credible/user.rb

data/app/policies/credible/application_policy.rb DELETED Viewed

@@ -1,61 +0,0 @@
-module Credible
-  class ApplicationPolicy
-    attr_reader :session, :record
-    def initialize(session, record)
-      @session = session
-      @record = record
-    end
-    def index?
-      user
-    end
-    def show?
-      user
-    end
-    def create?
-      user
-    end
-    def new?
-      create?
-    end
-    def update?
-      user
-    end
-    def edit?
-      update?
-    end
-    def destroy?
-      user
-    end
-    # Helper Methods
-    def user
-      session.user
-    end
-    class Scope
-      attr_reader :session, :scope
-      def initialize(session, scope)
-        @session = session
-        @scope = scope
-      end
-      def resolve
-        scope.all
-      end
-      # Helper Methods
-      def user
-        session.user
-      end
-    end
-  end
-end

data/app/policies/credible/authentication/session_policy.rb DELETED Viewed

@@ -1,9 +0,0 @@
-class Credible::Authentication::SessionPolicy < Credible::AuthenticationPolicy
-  def permitted_attributes
-    [:login, :password]
-  end
-  def update?
-    user && user == record.user
-  end
-end

data/app/policies/credible/authentication/user_policy.rb DELETED Viewed

@@ -1,17 +0,0 @@
-class Credible::Authentication::UserPolicy < Credible::AuthenticationPolicy
-  def permitted_attributes
-    [:name, :email, :password]
-  end
-  def confirm?
-    true
-  end
-  def reset_password?
-    true
-  end
-  def update?
-    user && user == record
-  end
-end

data/app/policies/credible/authentication_policy.rb DELETED Viewed

@@ -1,16 +0,0 @@
-class Credible::AuthenticationPolicy < Credible::ApplicationPolicy
-  # Authentication concerns the User and their single instance.
-  # The rules that apply to update? will always apply to show?
-  # and destroy? too.
-  def show?
-    update?
-  end
-  def create?
-    !user
-  end
-  def destroy?
-    update?
-  end
-end