drillbit 2.0.1 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/lib/drillbit/authorizable_resource.rb +4 -28
  5. data/lib/drillbit/authorizers/parameters/filtering.rb +17 -0
  6. data/lib/drillbit/authorizers/scope.rb +36 -10
  7. data/lib/drillbit/utilities/string.rb +18 -0
  8. data/lib/drillbit/version.rb +1 -1
  9. data/spec/drillbit/authorizers/scope_spec.rb +4 -5
  10. metadata +6 -4
  11. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 6d3a3b24d1a55b56e25bef531ba272d232b88866
4
- data.tar.gz: 03c5a523c82bd9dcaad960229d6dc10797299a8f
3
+ metadata.gz: 1b0722486e3348f08a8bdc4738993706215910d5
4
+ data.tar.gz: b978c35838ba619d4bf4ad1dc808b4f4b99dcd98
5
5
  SHA512:
6
- metadata.gz: fe8345734ccb77aa79440b4a24df55f97488a13bcdad277856337b6759499581ac5597923ec9aac7534baac6fd649973b03796c05df0c66a002a2100f52a05f1
7
- data.tar.gz: 64d7f04e658f77b83cbc12cad4a6fb6f2d81f227ce65bffcce4a2c346defafa7d3e5fff208ac0c498e86153c45a094c13cef0951dfb81b202b277eeed31825b1
6
+ metadata.gz: 37e73c70b11476d9e98cb25e3eee61703b00caba5c37fcd2e30e6de3f4c471c80782905578ee57b5a65fef98898d6e0a9adfd7806768b14b1a80e80fb6c0ce7d
7
+ data.tar.gz: 4512cbf49593cf627be82c63b7d8a594a20bcf375be78e679051d5e701cf51d7f5d67355b34498ba68ae6463a3c75155a90c7f533264fbaffc97ce175318b867
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/lib/drillbit/authorizable_resource.rb CHANGED
@@ -83,11 +83,10 @@ module AuthorizableResource
83
83
  @authorized_scope ||= self.
84
84
  class.
85
85
  authorizer_scope_class.
86
- new(token: token,
87
- user: authorized_user,
88
- scoped_user_id: scoped_user_id,
89
- params: authorized_params,
90
- scope_root: authorized_scope_root).
86
+ new(token: token,
87
+ user: authorized_user,
88
+ params: authorized_params,
89
+ scope_root: authorized_scope_root).
91
90
  call
92
91
  end
93
92
 
@@ -133,33 +132,10 @@ module AuthorizableResource
133
132
  constantize
134
133
  end
135
134
 
136
- def scoped_user_id
137
- @scoped_user_id ||= if requested_user_id.blank?
138
- nil
139
- else
140
- requested_user_id
141
- end
142
- end
143
-
144
- def requested_user_id
145
- @requested_user_id ||= params.
146
- fetch(:filter, {}).
147
- fetch(authorized_user_underscored_class_name,
148
- authorized_user.id)
149
- end
150
-
151
135
  def authorized_user
152
136
  current_user
153
137
  end
154
138
 
155
- def authorized_user_underscored_class_name
156
- @authorized_user_underscored_class_name ||= authorized_user.
157
- class.
158
- name[/([^:]+)\z/, 1].
159
- underscore.
160
- downcase
161
- end
162
-
163
139
  def authorization_query
164
140
  @authorization_query ||= "able_to_#{action_name}?"
165
141
  end
data/lib/drillbit/authorizers/parameters/filtering.rb CHANGED
@@ -45,6 +45,23 @@ class Filtering < Authorizers::Parameters
45
45
  add_filterable_parameter(name)
46
46
  end
47
47
  end
48
+
49
+ # :reek:ControlParameter
50
+ # :reek:BooleanParameter
51
+ # :reek:DuplicateMethodCall
52
+ def filter_by_authenticated_owner(owner_id_name:,
53
+ owner_id_value:,
54
+ even_if_not_passed_in: true,
55
+ override_if_admin: false)
56
+
57
+ return true if !override_if_admin && token.admin?
58
+
59
+ params[:filter] ||= {}
60
+
61
+ if params[:filter][owner_id_name] || even_if_not_passed_in
62
+ params[:filter][owner_id_name] = owner_id_value
63
+ end
64
+ end
48
65
  end
49
66
  end
50
67
  end
data/lib/drillbit/authorizers/scope.rb CHANGED
@@ -1,30 +1,56 @@
1
1
  # frozen_string_literal: true
2
+ require 'drillbit/utilities/string'
3
+
2
4
  module Drillbit
3
5
  module Authorizers
4
6
  class Scope
5
7
  attr_accessor :token,
6
8
  :user,
7
- :scoped_user_id,
8
9
  :params,
9
10
  :scope_root
10
11
 
11
- # rubocop:disable Metrics/ParameterLists
12
- def initialize(token:, user:, params:, scoped_user_id:, scope_root:, **other)
13
- self.token = token
14
- self.user = user
15
- self.params = params
16
- self.scoped_user_id = scoped_user_id
17
- self.scope_root = scope_root
12
+ def initialize(token:, user:, params:, scope_root:, **other)
13
+ self.token = token
14
+ self.user = user
15
+ self.params = params
16
+ self.scope_root = scope_root
18
17
 
19
18
  other.each do |name, value|
20
19
  public_send("#{name}=", value)
21
20
  end
22
21
  end
23
- # rubocop:enable Metrics/ParameterLists
24
22
 
25
- def call
23
+ def user_scope
24
+ scope_root.public_send("for_#{user_underscored_class_name}", scope_user_id)
25
+ end
26
+
27
+ def public_scope
26
28
  scope_root.none
27
29
  end
30
+
31
+ def call
32
+ if scope_user_id
33
+ user_scope
34
+ else
35
+ public_scope
36
+ end
37
+ end
38
+
39
+ private
40
+
41
+ def scope_user_id
42
+ @scope_user_id ||= params.
43
+ fetch(:filter, {}).
44
+ fetch(user_underscored_class_name, nil)
45
+ end
46
+
47
+ def user_underscored_class_name
48
+ @user_underscored_class_name ||= begin
49
+ base_user_class_name = user.class.name[/([^:]+)\z/, 1]
50
+
51
+ Utilities::String.underscore(base_user_class_name).downcase
52
+ end
53
+ end
28
54
  end
29
55
  end
30
56
  end
data/lib/drillbit/utilities/string.rb ADDED
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+ module Drillbit
3
+ module Utilities
4
+ class String
5
+ def self.underscore(other)
6
+ word = other.to_s.gsub('::', '/')
7
+ word.gsub!(/(?:([A-Za-z\d])|^)(?=\b|[^a-z])/) do
8
+ "#{Regexp.last_match(1)}#{Regexp.last_match(1) && ''}"
9
+ end
10
+ word.gsub!(/([A-Z\d]+)([A-Z][a-z])/, '\1_\2')
11
+ word.gsub!(/([a-z\d])([A-Z])/, '\1_\2')
12
+ word.tr!('-', '_')
13
+ word.downcase!
14
+ word
15
+ end
16
+ end
17
+ end
18
+ end
data/lib/drillbit/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
  module Drillbit
3
- VERSION = '2.0.1'
3
+ VERSION = '2.1.0'
4
4
  end
data/spec/drillbit/authorizers/scope_spec.rb CHANGED
@@ -7,11 +7,10 @@ module Drillbit
7
7
  module Authorizers
8
8
  describe Scope do
9
9
  it 'defaults to nothing' do
10
- scope = Scope.new(token: '123',
11
- user: 'my_user',
12
- scoped_user_id: '456',
13
- params: {},
14
- scope_root: OpenStruct.new(none: []))
10
+ scope = Scope.new(token: '123',
11
+ user: Object.new,
12
+ params: {},
13
+ scope_root: OpenStruct.new(none: []))
15
14
 
16
15
  expect(scope.call).to be_empty
17
16
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: drillbit
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - thegranddesign
@@ -31,7 +31,7 @@ cert_chain:
31
31
  zRIv8lqQM8QFT76rzP5SBCERwN+ltKAFbQ5/FwmZNGWYnmCP3RZMQiRnbh+9H9lh
32
32
  mlbwaYZTjgsXq6cy8N38EecewgBbZYS1IYJraE/M
33
33
  -----END CERTIFICATE-----
34
- date: 2016-06-02 00:00:00.000000000 Z
34
+ date: 2016-06-07 00:00:00.000000000 Z
35
35
  dependencies:
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: erratum
@@ -174,6 +174,7 @@ files:
174
174
  - lib/drillbit/tokens/json_web_tokens/null.rb
175
175
  - lib/drillbit/tokens/json_web_tokens/password_reset.rb
176
176
  - lib/drillbit/tokens/null.rb
177
+ - lib/drillbit/utilities/string.rb
177
178
  - lib/drillbit/version.rb
178
179
  - spec/drillbit/accept_header_spec.rb
179
180
  - spec/drillbit/authorizers/parameters/filtering_spec.rb
@@ -208,10 +209,11 @@ files:
208
209
  - spec/fixtures/test_rsa_key.pub
209
210
  - spec/spec_helper.rb
210
211
  - spec/support/private_keys.rb
211
- homepage:
212
+ homepage: ''
212
213
  licenses:
213
214
  - MIT
214
- metadata: {}
215
+ metadata:
216
+ allowed_push_host: https://rubygems.org
215
217
  post_install_message:
216
218
  rdoc_options: []
217
219
  require_paths:
metadata.gz.sig CHANGED
Binary file