ez-permissions 0.2.3 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +18 -15
  3. data/app/models/ez/permissions/permission.rb +2 -0
  4. data/app/models/ez/permissions/role.rb +4 -0
  5. data/lib/ez/permissions.rb +2 -0
  6. data/lib/ez/permissions/api/authorize.rb +17 -8
  7. data/lib/ez/permissions/api/roles.rb +4 -0
  8. data/lib/ez/permissions/dsl.rb +7 -0
  9. data/lib/ez/permissions/engine.rb +0 -1
  10. data/lib/ez/permissions/version.rb +1 -1
  11. data/lib/tasks/ez/permissions_tasks.rake +23 -4
  12. metadata +12 -8
  13. data/lib/ez/permissions/railtie.rb +0 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 283631e0353e45353ed08297b64b0d2b00b44264b8b1b98b941834236c8313e1
4
- data.tar.gz: 0f4281977ff55d2e57fc6d845cd06854334544f0bc3ba5742819c5602c3d41a7
3
+ metadata.gz: 2561daddeb0d81e3d7916f64a0d334eeb181cc1bc1244fbfd96090abb6d0b5a3
4
+ data.tar.gz: 648bd08668a2def0f908fa5be6125fbce12d186a760f1c2e51bc87b1e935041d
5
5
  SHA512:
6
- metadata.gz: 8a0a0d1d268c6ee6a9358eaeb75d6ea2d3ab311670fbe1ffa03e3f35257869630b488cddd02c3f7762ac8fe0355f67f82ed165ac19ccd7f1f86adf5f06f7e307
7
- data.tar.gz: 3b7072cefc9aaa7ec1311b4775c6486ec092e8de3af7b5aa7c31c5249d526d92e51190bc7c5048158d567d216580830cd3c8e4ab2783302773ae283d50227f20
6
+ metadata.gz: a43ee4b3d8416de6d87e2dec796528698a3dc51e44e1b4357153f59081033ebdf8525fb9acf9c4b3263df7a745292ba9a7095a93dd119624f7844c18a5e4d3cf
7
+ data.tar.gz: f945fff2beff8c9543e8e6d1fa8742c8e8dc5259d055b82b31930010be0e1f37a2d0196af9b57855e7c786b3a87406b5d5b532a28039abf68726f5abe19e76e9
data/README.md CHANGED
@@ -97,7 +97,7 @@ user.permissions #=> [user available permissions through assigned_roles]
97
97
 
98
98
  **Please, do not use direct rails code like:** `Ez::Permissions::Permission.create(name: 'admin')`
99
99
 
100
- Instead you should use public api. You can extend you custom module with `API` mixin
100
+ Instead you should use `Ez::Permissions` public API. Please, extend your custom module with `API` mixin
101
101
  ```ruby
102
102
  # Use engine facade methods
103
103
  Ez::Permissions::API
@@ -117,6 +117,9 @@ end
117
117
  Permissions.create_role(:user)
118
118
  Permissions.create_role(:admin)
119
119
 
120
+ # List all roles
121
+ Permissions.list_roles # => [#<Ez::Permissions::Role..., #<Ez::Permissions::Role...]
122
+
120
123
  # Get role object by name
121
124
  Permissions.get_role(:user)
122
125
 
@@ -174,8 +177,10 @@ Permissions.authorize!(user, :create, :users, scoped: project) do
174
177
  # for user creation in particular project
175
178
  end
176
179
 
177
- # otherwise catch exception
178
- Ez::Permissions::API::Authrozation::NotAuthorized
180
+ # otherwise you will get an exception
181
+ Ez::Permissions::NotAuthorized
182
+
183
+ # Both .authrorize and .authorize! methods can be used without blocks.
179
184
 
180
185
  # if you don't want raise exception, just use
181
186
  Permissions.authorize(user, :create, :users) { puts 'Yeahh!' } #=> false
@@ -221,6 +226,14 @@ mock_model_role(:worker, user)
221
226
  mock_permission(:users, :create)
222
227
  ```
223
228
 
229
+ ### Cleaup redundant permissions
230
+ If you changed your permissions DSL and removed redundant resources and actions
231
+
232
+ ```sh
233
+ rake ez:permissions:outdated # display list of outdated permissions
234
+ rake ez:permissions:cleanup # remove outdated permissions from the DB
235
+ ```
236
+
224
237
  ### Kepp it excplicit!
225
238
  You can wonder, why we just not add authorization methods to user instance, like:
226
239
  ```ruby
@@ -240,19 +253,9 @@ Of course, you can use them as mixins, but it's up to you.
240
253
  - User with scoped role - can't access global resources.
241
254
 
242
255
  ## TODO
243
- - [x] Add README
244
- - [x] Add Role model
245
- - [x] Add Permissions model
246
- - [x] Add PermissionsRole model
247
- - [x] Add rails generators for migrations
248
- - [x] Add rails generators for configuration
249
- - [x] Add configuration DSL
250
- - [x] Add Permissions API for managing relationships
251
- - [x] User can has multiple roles
252
- - [x] Better errors for non-existing records
253
- - [x] Add permissions helpers `authorize` and `authorize!`
254
- - [x] Move all erros under `Ez::Permissions::API` namespace and add `Error` suffix
255
256
  - [ ] Add helper methods for seed grant permissions
257
+ - [ ] Cached permissions. If single UI has multiple checks for one user - we can cache it!
258
+ - [ ] Not all permissions should be manageable through UI, like roles and permissions.
256
259
 
257
260
  ## Contributing
258
261
  Contribution directions go here.
data/app/models/ez/permissions/permission.rb CHANGED
@@ -7,6 +7,8 @@ module Ez
7
7
 
8
8
  validates :resource, presence: true
9
9
  validates :action, presence: true
10
+
11
+ has_many :permission_roles, dependent: :destroy
10
12
  end
11
13
  end
12
14
  end
data/app/models/ez/permissions/role.rb CHANGED
@@ -9,6 +9,10 @@ module Ez
9
9
 
10
10
  validates :name, presence: true
11
11
  validates :name, uniqueness: true
12
+
13
+ before_validation do
14
+ self.name = name&.parameterize
15
+ end
12
16
  end
13
17
  end
14
18
  end
data/lib/ez/permissions.rb CHANGED
@@ -15,5 +15,7 @@ module Ez
15
15
  config.models_roles_table_name = 'ez_permissions_model_roles'
16
16
  config.permissions_roles_table_name = 'ez_permissions_permissions_roles'
17
17
  end
18
+
19
+ NotAuthorizedError = Class.new(StandardError)
18
20
  end
19
21
  end
data/lib/ez/permissions/api/authorize.rb CHANGED
@@ -4,23 +4,32 @@ module Ez
4
4
  module Permissions
5
5
  module API
6
6
  module Authorize
7
- NotAuthorized = Class.new(StandardError)
8
-
9
7
  def authorize!(model, *actions, resource, scoped: nil, &block)
10
8
  authorize(model, *actions, resource, scoped: scoped, raise_exception: true, &block)
11
9
  end
12
10
 
11
+ # TODO: Extract object
12
+ # rubocop:disable all
13
13
  def authorize(model, *actions, resource, scoped: nil, raise_exception: false)
14
14
  return handle_no_permission_model_callback.call(self) if handle_no_permission_model_callback && !model
15
15
 
16
- return yield if can?(model, *actions, resource, scoped: scoped)
17
-
18
- return handle_not_authorized_callback.call(self) if handle_not_authorized_callback
19
-
20
- raise NotAuthorized, not_authorized_msg(model, actions, resource, scoped) if raise_exception
16
+ if can?(model, *actions, resource, scoped: scoped)
17
+ if block_given?
18
+ return yield
19
+ else
20
+ return true
21
+ end
22
+ end
21
23
 
22
- false
24
+ if handle_not_authorized_callback
25
+ handle_not_authorized_callback.call(self)
26
+ elsif raise_exception
27
+ raise NotAuthorizedError, not_authorized_msg(model, actions, resource, scoped)
28
+ else
29
+ false
30
+ end
23
31
  end
32
+ # rubocop:enable all
24
33
 
25
34
  def can?(model, *actions, resource, scoped: nil)
26
35
  permissions(model, *actions, resource, scoped: scoped).any?
data/lib/ez/permissions/api/roles.rb CHANGED
@@ -6,6 +6,10 @@ module Ez
6
6
  module Roles
7
7
  RoleNotFound = Class.new(StandardError)
8
8
 
9
+ def list_roles
10
+ Role.all
11
+ end
12
+
9
13
  def create_role(name)
10
14
  Role.create(name: name)
11
15
  end
data/lib/ez/permissions/dsl.rb CHANGED
@@ -19,6 +19,13 @@ module Ez
19
19
  DSL.instance.resources.find { |r| r.name.to_sym == name.to_sym }
20
20
  end
21
21
 
22
+ def self.resource_action?(resource_name, action_name)
23
+ registed_resource = resource(resource_name)
24
+ action = registed_resource.actions.include?(action_name.to_sym) if registed_resource
25
+
26
+ registed_resource && action ? true : false
27
+ end
28
+
22
29
  attr_reader :resources
23
30
 
24
31
  def initialize
data/lib/ez/permissions/engine.rb CHANGED
@@ -3,7 +3,6 @@
3
3
  module Ez
4
4
  module Permissions
5
5
  class Engine < ::Rails::Engine
6
- isolate_namespace Ez::Permissions
7
6
  end
8
7
  end
9
8
  end
data/lib/ez/permissions/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Ez
4
4
  module Permissions
5
- VERSION = '0.2.3'
5
+ VERSION = '0.3.0'
6
6
  end
7
7
  end
data/lib/tasks/ez/permissions_tasks.rake CHANGED
@@ -1,6 +1,25 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- # desc "Explaining what the task does"
4
- # task :ez_permissions do
5
- # # Task goes here
6
- # end
3
+ desc 'List outdated permissions that present in the DB but not using anymore in the DSL'
4
+ namespace :ez do
5
+ namespace :permissions do
6
+ task outdated: :environment do
7
+ Ez::Permissions::Permission.find_each do |permission|
8
+ next if Ez::Permissions::DSL.resource_action?(permission.resource, permission.action)
9
+
10
+ STDOUT.puts "[WARNING] Ez::Permissions: \n"
11
+ "Permission##{permission.id} [#{permission.resource} -> #{permission.action}] is redundant"
12
+ end
13
+ end
14
+
15
+ task cleanup: :environment do
16
+ Ez::Permissions::Permission.find_each do |permission|
17
+ next if Ez::Permissions::DSL.resource_action?(permission.resource, permission.action)
18
+
19
+ permission.destroy
20
+ STDOUT.puts "[WARNING] Ez::Permissions: \n"
21
+ "Permission##{permission.id} [#{permission.resource} -> #{permission.action}] is removed"
22
+ end
23
+ end
24
+ end
25
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ez-permissions
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.3
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Volodya Sveredyuk
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-15 00:00:00.000000000 Z
11
+ date: 2019-12-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ez-core
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.1.1
19
+ version: '0.2'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.1.1
26
+ version: '0.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rails
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -31,6 +31,9 @@ dependencies:
31
31
  - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '5.2'
34
+ - - "<="
35
+ - !ruby/object:Gem::Version
36
+ version: '7.0'
34
37
  type: :runtime
35
38
  prerelease: false
36
39
  version_requirements: !ruby/object:Gem::Requirement
@@ -38,6 +41,9 @@ dependencies:
38
41
  - - ">="
39
42
  - !ruby/object:Gem::Version
40
43
  version: '5.2'
44
+ - - "<="
45
+ - !ruby/object:Gem::Version
46
+ version: '7.0'
41
47
  - !ruby/object:Gem::Dependency
42
48
  name: bundler
43
49
  requirement: !ruby/object:Gem::Requirement
@@ -53,7 +59,7 @@ dependencies:
53
59
  - !ruby/object:Gem::Version
54
60
  version: '2.0'
55
61
  - !ruby/object:Gem::Dependency
56
- name: faker
62
+ name: capybara
57
63
  requirement: !ruby/object:Gem::Requirement
58
64
  requirements:
59
65
  - - ">="
@@ -175,7 +181,6 @@ files:
175
181
  - lib/ez/permissions/api/roles.rb
176
182
  - lib/ez/permissions/dsl.rb
177
183
  - lib/ez/permissions/engine.rb
178
- - lib/ez/permissions/railtie.rb
179
184
  - lib/ez/permissions/resource.rb
180
185
  - lib/ez/permissions/rspec_helpers.rb
181
186
  - lib/ez/permissions/version.rb
@@ -202,8 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
202
207
  - !ruby/object:Gem::Version
203
208
  version: '0'
204
209
  requirements: []
205
- rubyforge_project:
206
- rubygems_version: 2.7.6
210
+ rubygems_version: 3.0.6
207
211
  signing_key:
208
212
  specification_version: 4
209
213
  summary: Easy permissions engine for Rails app.
data/lib/ez/permissions/railtie.rb DELETED
@@ -1,9 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # TODO: Use this for potential UI or API features
4
- # module Ez
5
- # module Permissions
6
- # class Railtie < ::Rails::Railtie
7
- # end
8
- # end
9
- # end