drillbit 2.8.0 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fec9e9fdc03cb3d4b5ec5977ba97e7732979d35e
4
- data.tar.gz: 1eb9aeaa0634e5d47e6a6c80e95fbc2124e08900
3
+ metadata.gz: df937a00a4c1c57a662407c726abf38c6630afa8
4
+ data.tar.gz: fe694633fe98cc22888ca02252ea667bcb0100a5
5
5
  SHA512:
6
- metadata.gz: 86d163daf5b5523fa2d156f093a8ea257591e15ae155138a6c6b147fb9e34eb8c11d3cfb136481f8cc0f40c932a456c7514caae7ad5c64e6effe92191e733eb0
7
- data.tar.gz: 00471ebf723e9042d801d66e2dfa27847bb7a11b3314a57c391d99402cfdc3b0486652555b466ea55fa80ad8803765f642cbdc1fc702a7fe7984028c64a9cba1
6
+ metadata.gz: 800b83bb991f6517bd4e89ce42bb9eb57124e80c3fa85971e55d8a026367059c714b59a4ba65c4013e86c0e53c042e865a91c13f70d2ad481f1732cfa48adeb6
7
+ data.tar.gz: 57e8d41ee03aff8ee7819fe6fb794a62a64d51e25c83a7ac0587322de8f52cf533f00e6fd9f5b3e85cf1ccaff0b5395bd35924d82f2b84c0c6369c2d45248f01
Binary file
data.tar.gz.sig CHANGED
Binary file
@@ -3,6 +3,7 @@ require 'drillbit/version'
3
3
 
4
4
  require 'drillbit/authorizers/parameters'
5
5
  require 'drillbit/authorizers/parameters/filtering'
6
+ require 'drillbit/authorizers/parameters/inclusions'
6
7
  require 'drillbit/authorizers/parameters/resource'
7
8
  require 'drillbit/authorizers/query'
8
9
  require 'drillbit/authorizers/scope'
@@ -49,6 +49,16 @@ module AuthorizableResource
49
49
  rescue NameError
50
50
  'Drillbit::Authorizers::Parameters::Filtering'.constantize
51
51
  end
52
+
53
+ def authorizer_inclusions_params_class
54
+ @authorizer_inclusions_params_class ||= "#{authorizer_prefix}" \
55
+ "Authorizers::" \
56
+ "#{resource_class_name}::" \
57
+ "InclusionParameters".
58
+ constantize
59
+ rescue NameError
60
+ 'Drillbit::Authorizers::Parameters::Inclusions'.constantize
61
+ end
52
62
  end
53
63
 
54
64
  def self.included(base)
@@ -92,6 +102,17 @@ module AuthorizableResource
92
102
  call
93
103
  end
94
104
 
105
+ def authorized_inclusions
106
+ @authorized_inclusions ||= self.
107
+ class.
108
+ authorizer_inclusions_params_class.
109
+ new(token: token,
110
+ user: authorized_user,
111
+ issuer: authorized_issuer,
112
+ params: authorized_params).
113
+ call
114
+ end
115
+
95
116
  def authorized_params
96
117
  @authorized_params ||= authorizer_params_class.
97
118
  new(token: token,
@@ -19,6 +19,7 @@ class Filtering < Authorizers::Parameters
19
19
  :token_jwt,
20
20
  :format,
21
21
  :accept,
22
+ :include,
22
23
  page: %i{
23
24
  number
24
25
  size
@@ -39,9 +40,9 @@ class Filtering < Authorizers::Parameters
39
40
  fetch(name, nil)
40
41
 
41
42
  if param.class == Array
42
- authorized_params[6][:filter][1][name] = []
43
+ authorized_params[7][:filter][1][name] = []
43
44
  else
44
- authorized_params[6][:filter] << name
45
+ authorized_params[7][:filter] << name
45
46
  end
46
47
  end
47
48
 
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+ require 'drillbit/authorizers/parameters'
3
+ require 'drillbit/errors/unpermitted_inclusions'
4
+
5
+ module Drillbit
6
+ module Authorizers
7
+ class Parameters
8
+ class Inclusions < Authorizers::Parameters
9
+ attr_accessor :authorized_inclusions
10
+
11
+ # rubocop:disable Style/RaiseArgs
12
+ def call
13
+ fail Errors::UnpermittedInclusions.new(inclusions: requested_inclusions) \
14
+ if inclusion_differences.any?
15
+
16
+ authorized_inclusions
17
+ end
18
+ # rubocop:enable Style/RaiseArgs
19
+
20
+ protected
21
+
22
+ def authorized_inclusions
23
+ @authorized_inclusions ||= []
24
+ end
25
+
26
+ private
27
+
28
+ def add_includable_resource(resource_name)
29
+ authorized_inclusions << resource_name
30
+ end
31
+
32
+ def add_includable_resources(*resource_names)
33
+ resource_names.each do |resource_name|
34
+ add_includable_resource(resource_name)
35
+ end
36
+ end
37
+
38
+ def requested_inclusions
39
+ @requested_inclusions ||= params.
40
+ fetch(:include, '').
41
+ split(',').
42
+ map(&:to_sym)
43
+ end
44
+
45
+ def inclusion_differences
46
+ @inclusion_differences ||= requested_inclusions - authorized_inclusions
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
@@ -19,6 +19,7 @@ class Resource < Authorizers::Parameters
19
19
  :token_jwt,
20
20
  :format,
21
21
  :accept,
22
+ :include,
22
23
  data: [
23
24
  :type,
24
25
  :id,
@@ -39,9 +40,9 @@ class Resource < Authorizers::Parameters
39
40
  fetch(name, nil)
40
41
 
41
42
  if param.class == Array
42
- authorized_params[6][:data][2][:attributes][0][name] = []
43
+ authorized_params[7][:data][2][:attributes][0][name] = []
43
44
  else
44
- authorized_params[6][:data][2][:attributes] << name
45
+ authorized_params[7][:data][2][:attributes] << name
45
46
  end
46
47
  end
47
48
 
@@ -67,9 +68,9 @@ class Resource < Authorizers::Parameters
67
68
  embedded = first.fetch(:attributes, nil)
68
69
 
69
70
  if param.nil?
70
- authorized_params[6][:data][2][:relationships][name] = [:data]
71
+ authorized_params[7][:data][2][:relationships][name] = [:data]
71
72
  elsif embedded
72
- authorized_params[6][:data][2][:relationships][name] = {
73
+ authorized_params[7][:data][2][:relationships][name] = {
73
74
  data: [
74
75
  :type,
75
76
  {
@@ -78,7 +79,7 @@ class Resource < Authorizers::Parameters
78
79
  ],
79
80
  }
80
81
  else
81
- authorized_params[6][:data][2][:relationships][name] = { data: %i{type id} }
82
+ authorized_params[7][:data][2][:relationships][name] = { data: %i{type id} }
82
83
  end
83
84
  end
84
85
  # rubocop:enable Metrics/AbcSize
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+ require 'erratum'
3
+
4
+ module Drillbit
5
+ module Errors
6
+ class UnpermittedInclusions < RuntimeError
7
+ include Erratum::Error
8
+
9
+ attr_accessor :inclusions
10
+
11
+ def http_status
12
+ 422
13
+ end
14
+
15
+ def title
16
+ 'Unpermitted Inclusion'
17
+ end
18
+
19
+ def detail
20
+ 'One or more of the inclusions you attempted to pass via the "include" parameter ' \
21
+ 'are either not available or not authorized.'
22
+ end
23
+
24
+ def source
25
+ { inclusions: inclusions }
26
+ end
27
+ end
28
+ end
29
+ end
@@ -1,4 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
  module Drillbit
3
- VERSION = '2.8.0'
3
+ VERSION = '2.9.0'
4
4
  end
@@ -26,6 +26,7 @@ describe Filtering do
26
26
  :token_jwt,
27
27
  :format,
28
28
  :accept,
29
+ :include,
29
30
  include(
30
31
  filter: include(:name, :age),
31
32
  ))
@@ -55,6 +56,7 @@ describe Filtering do
55
56
  :token_jwt,
56
57
  :format,
57
58
  :accept,
59
+ :include,
58
60
  include(
59
61
  filter: include(:name, ary: []),
60
62
  ))
@@ -77,6 +79,7 @@ describe Filtering do
77
79
  :token_jwt,
78
80
  :format,
79
81
  :accept,
82
+ :include,
80
83
  page: %i{
81
84
  number
82
85
  size
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: drillbit
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.8.0
4
+ version: 2.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - thegranddesign
@@ -131,6 +131,7 @@ files:
131
131
  - lib/drillbit/authorizable_resource.rb
132
132
  - lib/drillbit/authorizers/parameters.rb
133
133
  - lib/drillbit/authorizers/parameters/filtering.rb
134
+ - lib/drillbit/authorizers/parameters/inclusions.rb
134
135
  - lib/drillbit/authorizers/parameters/resource.rb
135
136
  - lib/drillbit/authorizers/query.rb
136
137
  - lib/drillbit/authorizers/scope.rb
@@ -140,6 +141,7 @@ files:
140
141
  - lib/drillbit/errors/invalid_request_body.rb
141
142
  - lib/drillbit/errors/invalid_subdomain.rb
142
143
  - lib/drillbit/errors/invalid_token.rb
144
+ - lib/drillbit/errors/unpermitted_inclusions.rb
143
145
  - lib/drillbit/matchers/accept_header.rb
144
146
  - lib/drillbit/matchers/generic.rb
145
147
  - lib/drillbit/matchers/subdomain.rb
metadata.gz.sig CHANGED
Binary file