discretion 2.0.0.pre.alpha → 4.0.0.alpha

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +5 -5
  2. data/discretion.gemspec +9 -9
  3. data/lib/discretion/can.rb +15 -2
  4. data/lib/discretion/current_viewer.rb +13 -0
  5. data/lib/discretion/discreet_model.rb +25 -0
  6. data/lib/discretion/errors.rb +1 -0
  7. data/lib/discretion/helpers.rb +6 -6
  8. data/lib/discretion/middleware.rb +8 -2
  9. data/lib/discretion/version.rb +1 -1
  10. metadata +59 -23
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 356b1ea298c592e14cc0bee26238faf978a325da
4
- data.tar.gz: 68ea3e321eb97c0c718c7ce28e11d6f92cf6f3e2
2
+ SHA256:
3
+ metadata.gz: 467c36565f8b67d868763d6831b0d39d78a54e78aec042e0fb4d1cf532bbdf47
4
+ data.tar.gz: 5273fa43f51c2c2049f62aff8c3d4b35db6989bd16568621998a2dc383828ee5
5
5
  SHA512:
6
- metadata.gz: ea101402106c86b157f4741bdba29563b33d8d07620bc88b5e4031972dd92cb426134be70e14b40ddf7ecb274f015697ee71ee7cf8c1098e3f1dad882d729705
7
- data.tar.gz: '058fa5ae16167fab16beb478f630d3a7c7e0a9d8a9fd6d22cf81da1c5a1218e86c3863dae2196360c775f4ca5755311dd65da545deb5569cdbb48e30461c50f4'
6
+ metadata.gz: c805308c2ddcb9c3febea8de0192585fbfa7b1d6d2d865448d2bbbca323567efb62971f46160ffbc62b5fae4895557ce68727e90038273930285144f2e5df0c9
7
+ data.tar.gz: 7e518a0b48385d43f633e42392621b5aae75786568db75253452ac633270ba9cb5f4f3bae44d96ca3d25f271b4e0e56c1eb545a9ae4ee3742bc6eef21350eebc
data/discretion.gemspec CHANGED
@@ -14,9 +14,9 @@ Gem::Specification.new do |spec|
14
14
  spec.homepage = 'https://github.com/abeland/discretion'
15
15
  spec.license = 'MIT'
16
16
 
17
- spec.add_dependency 'activesupport'
17
+ spec.add_dependency 'activesupport', '~> 5.1', '>= 5.1.4'
18
18
  spec.add_dependency 'rails', '~>5'
19
- spec.add_dependency 'request_store', '~>1.3'
19
+ spec.add_dependency 'request_store', '~>1.4', '>= 1.4.1'
20
20
  spec.required_ruby_version = '>= 2.2.2'
21
21
 
22
22
  spec.files = `git ls-files -z`.split("\x0").reject do |f|
@@ -26,11 +26,11 @@ Gem::Specification.new do |spec|
26
26
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
27
27
  spec.require_paths = ['lib']
28
28
 
29
- spec.add_development_dependency 'activerecord'
30
- spec.add_development_dependency 'bundler', '~> 1.15'
31
- spec.add_development_dependency 'factory_bot_rails'
32
- spec.add_development_dependency 'rake', '~> 10.0'
33
- spec.add_development_dependency 'rspec'
34
- spec.add_development_dependency 'rspec-rails'
35
- spec.add_development_dependency 'sqlite3'
29
+ spec.add_development_dependency 'activerecord', '~> 5.1', '>= 5.1.4'
30
+ spec.add_development_dependency 'bundler', '~> 1.3'
31
+ spec.add_development_dependency 'factory_bot_rails', '~> 4.8', '>= 4.8.2'
32
+ spec.add_development_dependency 'rake', '~> 10.5'
33
+ spec.add_development_dependency 'rspec', '~> 3.7'
34
+ spec.add_development_dependency 'rspec-rails', '~> 3.7', '>= 3.7.2'
35
+ spec.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.13'
36
36
  end
data/lib/discretion/can.rb CHANGED
@@ -2,7 +2,8 @@ module Discretion
2
2
  class << self
3
3
  def can_see_record?(viewer, record)
4
4
  return true unless record.is_a?(Discretion::DiscreetModel)
5
- return true if Discretion::OMNISCIENT_VIEWER == viewer || Discretion::OMNIPOTENT_VIEWER == viewer
5
+ return true if Discretion.currently_acting_as?(Discretion::OMNISCIENT_VIEWER) ||
6
+ Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
6
7
 
7
8
  record.send(:can_see?, viewer)
8
9
  end
@@ -13,7 +14,7 @@ module Discretion
13
14
 
14
15
  def can_write_record?(viewer, record, changes, new_record)
15
16
  return true unless record.is_a?(Discretion::DiscreetModel)
16
- return true if Discretion::OMNIPOTENT_VIEWER == viewer
17
+ return true if Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
17
18
 
18
19
  record.respond_to?(:can_write?, true) ?
19
20
  record.send(:can_write?, viewer, changes, new_record) :
@@ -23,5 +24,17 @@ module Discretion
23
24
  def current_viewer_can_write_record?(record, changes, new_record)
24
25
  can_write_record?(Discretion.current_viewer, record, changes, new_record)
25
26
  end
27
+
28
+ def can_destroy_record?(viewer, record)
29
+ return true unless record.is_a?(Discretion::DiscreetModel)
30
+ return true if Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
31
+
32
+ record.respond_to?(:can_destroy?, true) ?
33
+ record.send(:can_destroy?, viewer) : can_write_record?(viewer, record, {}, false)
34
+ end
35
+
36
+ def current_viewer_can_destroy_record?(record)
37
+ can_destroy_record?(Discretion.current_viewer, record)
38
+ end
26
39
  end
27
40
  end
data/lib/discretion/current_viewer.rb CHANGED
@@ -4,6 +4,7 @@ module Discretion
4
4
 
5
5
  class << self
6
6
  CURRENT_VIEWER_KEY = :__discretion_current_viewer
7
+ CURRENTLY_ACTING_AS_KEY = :__discretion_currently_acting_as
7
8
 
8
9
  def current_viewer
9
10
  RequestStore[CURRENT_VIEWER_KEY]
@@ -12,5 +13,17 @@ module Discretion
12
13
  def set_current_viewer(current_viewer)
13
14
  RequestStore[CURRENT_VIEWER_KEY] = current_viewer
14
15
  end
16
+
17
+ def currently_acting_as
18
+ RequestStore[CURRENTLY_ACTING_AS_KEY]
19
+ end
20
+
21
+ def currently_acting_as?(as)
22
+ currently_acting_as == as
23
+ end
24
+
25
+ def set_currently_acting_as(as)
26
+ RequestStore[CURRENTLY_ACTING_AS_KEY] = as
27
+ end
15
28
  end
16
29
  end
data/lib/discretion/discreet_model.rb CHANGED
@@ -14,6 +14,31 @@ module Discretion
14
14
  raise Discretion::CannotWriteError
15
15
  end
16
16
  end
17
+
18
+ before_destroy ->(record) {
19
+ unless Discretion.current_viewer_can_destroy_record?(record)
20
+ raise Discretion::CannotDestroyError
21
+ end
22
+ }, prepend: true
23
+ end
24
+
25
+ class_methods do
26
+ def discreetly_read(attribute)
27
+ attribute = attribute.to_sym
28
+
29
+ define_method(attribute) {
30
+ can_read_attr = if Discretion.currently_acting_as?(Discretion::OMNISCIENT_VIEWER) ||
31
+ Discretion.currently_acting_as?(Discretion::OMNIPOTENT_VIEWER)
32
+ true
33
+ else
34
+ yield(Discretion.current_viewer, self)
35
+ end
36
+
37
+ raise Discretion::CannotSeeError unless can_read_attr
38
+
39
+ read_attribute(attribute)
40
+ }
41
+ end
17
42
  end
18
43
  end
19
44
  end
data/lib/discretion/errors.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  module Discretion
2
2
  class CannotSeeError < StandardError; end
3
3
  class CannotWriteError < StandardError; end
4
+ class CannotDestroyError < StandardError; end
4
5
  end
data/lib/discretion/helpers.rb CHANGED
@@ -23,24 +23,24 @@ module Discretion
23
23
  # Calling Proc.new will create a Proc from the implicitly given block to
24
24
  # the current method.
25
25
  # cf. http://ruby-doc.org/core-2.5.0/Proc.html#method-c-new
26
- with_viewer(Discretion::OMNISCIENT_VIEWER, &Proc.new)
26
+ acting_as(Discretion::OMNISCIENT_VIEWER, &Proc.new)
27
27
  end
28
28
 
29
29
  def omnipotently
30
30
  # Calling Proc.new will create a Proc from the implicitly given block to
31
31
  # the current method.
32
32
  # cf. http://ruby-doc.org/core-2.5.0/Proc.html#method-c-new
33
- with_viewer(Discretion::OMNIPOTENT_VIEWER, &Proc.new)
33
+ acting_as(Discretion::OMNIPOTENT_VIEWER, &Proc.new)
34
34
  end
35
35
 
36
36
  private
37
37
 
38
- def with_viewer(viewer)
39
- orig_viewer = Discretion.current_viewer
40
- Discretion.set_current_viewer(viewer)
38
+ def acting_as(as)
39
+ orig_as = Discretion.currently_acting_as
40
+ Discretion.set_currently_acting_as(as)
41
41
  yield
42
42
  ensure
43
- Discretion.set_current_viewer(orig_viewer)
43
+ Discretion.set_currently_acting_as(orig_as)
44
44
  end
45
45
  end
46
46
  end
data/lib/discretion/middleware.rb CHANGED
@@ -6,9 +6,15 @@ module Discretion
6
6
 
7
7
  def call(env)
8
8
  # From Clearance
9
- if env[:clearance]&.signed_in?
10
- Discretion.set_current_viewer(env[:clearance].current_user)
9
+
10
+ # Have to do this omnisciently so that when Clearance loads the signed in User, we
11
+ # can gurarantee can_see?() will return true.
12
+ Discretion.omnisciently do
13
+ if env[:clearance]&.signed_in?
14
+ Discretion.set_current_viewer(env[:clearance].current_user)
15
+ end
11
16
  end
17
+
12
18
  @app.call(env)
13
19
  end
14
20
  end
data/lib/discretion/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Discretion
2
- VERSION = '2.0.0.pre.alpha'.freeze
2
+ VERSION = '4.0.0.alpha'.freeze
3
3
  end
metadata CHANGED
@@ -1,29 +1,35 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: discretion
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0.pre.alpha
4
+ version: 4.0.0.alpha
5
5
  platform: ruby
6
6
  authors:
7
7
  - Abe Land
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-02-11 00:00:00.000000000 Z
11
+ date: 2018-08-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '5.1'
17
20
  - - ">="
18
21
  - !ruby/object:Gem::Version
19
- version: '0'
22
+ version: 5.1.4
20
23
  type: :runtime
21
24
  prerelease: false
22
25
  version_requirements: !ruby/object:Gem::Requirement
23
26
  requirements:
27
+ - - "~>"
28
+ - !ruby/object:Gem::Version
29
+ version: '5.1'
24
30
  - - ">="
25
31
  - !ruby/object:Gem::Version
26
- version: '0'
32
+ version: 5.1.4
27
33
  - !ruby/object:Gem::Dependency
28
34
  name: rails
29
35
  requirement: !ruby/object:Gem::Requirement
@@ -44,112 +50,142 @@ dependencies:
44
50
  requirements:
45
51
  - - "~>"
46
52
  - !ruby/object:Gem::Version
47
- version: '1.3'
53
+ version: '1.4'
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ version: 1.4.1
48
57
  type: :runtime
49
58
  prerelease: false
50
59
  version_requirements: !ruby/object:Gem::Requirement
51
60
  requirements:
52
61
  - - "~>"
53
62
  - !ruby/object:Gem::Version
54
- version: '1.3'
63
+ version: '1.4'
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: 1.4.1
55
67
  - !ruby/object:Gem::Dependency
56
68
  name: activerecord
57
69
  requirement: !ruby/object:Gem::Requirement
58
70
  requirements:
71
+ - - "~>"
72
+ - !ruby/object:Gem::Version
73
+ version: '5.1'
59
74
  - - ">="
60
75
  - !ruby/object:Gem::Version
61
- version: '0'
76
+ version: 5.1.4
62
77
  type: :development
63
78
  prerelease: false
64
79
  version_requirements: !ruby/object:Gem::Requirement
65
80
  requirements:
81
+ - - "~>"
82
+ - !ruby/object:Gem::Version
83
+ version: '5.1'
66
84
  - - ">="
67
85
  - !ruby/object:Gem::Version
68
- version: '0'
86
+ version: 5.1.4
69
87
  - !ruby/object:Gem::Dependency
70
88
  name: bundler
71
89
  requirement: !ruby/object:Gem::Requirement
72
90
  requirements:
73
91
  - - "~>"
74
92
  - !ruby/object:Gem::Version
75
- version: '1.15'
93
+ version: '1.3'
76
94
  type: :development
77
95
  prerelease: false
78
96
  version_requirements: !ruby/object:Gem::Requirement
79
97
  requirements:
80
98
  - - "~>"
81
99
  - !ruby/object:Gem::Version
82
- version: '1.15'
100
+ version: '1.3'
83
101
  - !ruby/object:Gem::Dependency
84
102
  name: factory_bot_rails
85
103
  requirement: !ruby/object:Gem::Requirement
86
104
  requirements:
105
+ - - "~>"
106
+ - !ruby/object:Gem::Version
107
+ version: '4.8'
87
108
  - - ">="
88
109
  - !ruby/object:Gem::Version
89
- version: '0'
110
+ version: 4.8.2
90
111
  type: :development
91
112
  prerelease: false
92
113
  version_requirements: !ruby/object:Gem::Requirement
93
114
  requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '4.8'
94
118
  - - ">="
95
119
  - !ruby/object:Gem::Version
96
- version: '0'
120
+ version: 4.8.2
97
121
  - !ruby/object:Gem::Dependency
98
122
  name: rake
99
123
  requirement: !ruby/object:Gem::Requirement
100
124
  requirements:
101
125
  - - "~>"
102
126
  - !ruby/object:Gem::Version
103
- version: '10.0'
127
+ version: '10.5'
104
128
  type: :development
105
129
  prerelease: false
106
130
  version_requirements: !ruby/object:Gem::Requirement
107
131
  requirements:
108
132
  - - "~>"
109
133
  - !ruby/object:Gem::Version
110
- version: '10.0'
134
+ version: '10.5'
111
135
  - !ruby/object:Gem::Dependency
112
136
  name: rspec
113
137
  requirement: !ruby/object:Gem::Requirement
114
138
  requirements:
115
- - - ">="
139
+ - - "~>"
116
140
  - !ruby/object:Gem::Version
117
- version: '0'
141
+ version: '3.7'
118
142
  type: :development
119
143
  prerelease: false
120
144
  version_requirements: !ruby/object:Gem::Requirement
121
145
  requirements:
122
- - - ">="
146
+ - - "~>"
123
147
  - !ruby/object:Gem::Version
124
- version: '0'
148
+ version: '3.7'
125
149
  - !ruby/object:Gem::Dependency
126
150
  name: rspec-rails
127
151
  requirement: !ruby/object:Gem::Requirement
128
152
  requirements:
153
+ - - "~>"
154
+ - !ruby/object:Gem::Version
155
+ version: '3.7'
129
156
  - - ">="
130
157
  - !ruby/object:Gem::Version
131
- version: '0'
158
+ version: 3.7.2
132
159
  type: :development
133
160
  prerelease: false
134
161
  version_requirements: !ruby/object:Gem::Requirement
135
162
  requirements:
163
+ - - "~>"
164
+ - !ruby/object:Gem::Version
165
+ version: '3.7'
136
166
  - - ">="
137
167
  - !ruby/object:Gem::Version
138
- version: '0'
168
+ version: 3.7.2
139
169
  - !ruby/object:Gem::Dependency
140
170
  name: sqlite3
141
171
  requirement: !ruby/object:Gem::Requirement
142
172
  requirements:
173
+ - - "~>"
174
+ - !ruby/object:Gem::Version
175
+ version: '1.3'
143
176
  - - ">="
144
177
  - !ruby/object:Gem::Version
145
- version: '0'
178
+ version: 1.3.13
146
179
  type: :development
147
180
  prerelease: false
148
181
  version_requirements: !ruby/object:Gem::Requirement
149
182
  requirements:
183
+ - - "~>"
184
+ - !ruby/object:Gem::Version
185
+ version: '1.3'
150
186
  - - ">="
151
187
  - !ruby/object:Gem::Version
152
- version: '0'
188
+ version: 1.3.13
153
189
  description: A simple privacy/authorization framework for Rails projects.
154
190
  email:
155
191
  - codeclimbcoffee@gmail.com
@@ -197,7 +233,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
197
233
  version: 1.3.1
198
234
  requirements: []
199
235
  rubyforge_project:
200
- rubygems_version: 2.6.11
236
+ rubygems_version: 2.7.6
201
237
  signing_key:
202
238
  specification_version: 4
203
239
  summary: A simple privacy/authorization framework for Rails projects.