glib-web 0.4.2 → 0.4.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '00370028bd3cdc3097c1b40e128c34ec08271d2858b5a83d2c54ebceb5f18c6e'
-  data.tar.gz: 5021c723ca5ef541455c0497fc0a25f86945b7d99383698fb76d587d034f2f9b
+  metadata.gz: 38b5751f1b2684f0d68bacb791098fc4aab5ab6b42cb25f1891a1f27bbdbbc8f
+  data.tar.gz: eed1f00a5ccd846f36d7291620f45f8702a63f80ffe8b94364243a5f1ce3cb55
 SHA512:
-  metadata.gz: f7cc0a4fa5a08a8673e3306dfb91ca07e341c395b4a3f1e4cce985b7da72e394844ff5596087e657b15a1c610366aa34f5958446b40ba27c7a3ce3fc9afbd253
-  data.tar.gz: 9c4b027e7025dcb06a7734839fde49dc8138ae5865e442faebe0f0e715dc9d3077747f1e52b6f5198337d36635de9af89f52970abcf82a24929dc23ee5877948
+  metadata.gz: a464dbf43a08c5f9b131c5e18b48bda98d40ef29e0298827b78e901f667df0901f227be11809feb39be6d55aa1b9b09133cfa119d06829f5dd663a569ef2e6eb
+  data.tar.gz: ca3b4567e5344a9d057c66d772aded64ba86b810d650837b1581eb40a3a981eed7e646c58e5915964f3a612088b0451a8cd490542e51d288bd5e4f30ba5d28a3

data/app/controllers/concerns/glib/auth/policy.rb

@@ -0,0 +1,98 @@
+module Glib::Auth
+  module Policy
+    extend ActiveSupport::Concern
+
+    included do
+      include Pundit
+      include Overrides
+      extend ClassMethods
+      
+      # TODO: Ultimately we want to uncomment this line, but:
+      # - Need to be able to set aside some time to run rspec tests to ensure nothing gets broken
+      # - Need to find a solution where we can reuse a single public policy
+#      after_action :verify_authorized
+
+      helper_method :policy, :can?, :cannot?
+
+    end
+
+    module Overrides
+      public  # Override
+      def policy(record)
+        return @__pundit_policy if defined? @__pundit_policy
+
+        if record.is_a?(Symbol) && record.to_s.ends_with?('_admin')
+          policy_class = CommonAdminPolicy
+        else
+          policy_class = Pundit::PolicyFinder.new(record).policy
+        end
+        raise "Policy not found for #{record.class}" unless policy_class
+        @__pundit_policy = policy_class.new(current_user, record, self, request, params, *policy_class.args_builder.call(self))
+      end
+    end
+
+    public
+    def raise_access_denied(record)
+      # raise Pundit::NotAuthorizedError.new(record: record, policy: policy(record), query: "#{action_name}?")
+      raise UnauthorizedError.new(record: record, policy: policy(record), query: "#{action_name}?")
+    end
+
+    public
+    def can?(action, record)
+      policy(record).send("#{action}?")
+    end
+
+    public
+    def cannot?(action, record)
+      !policy(record).send("#{action}?")
+    end
+
+
+
+    class UnauthorizedError < Pundit::NotAuthorizedError
+    end
+
+
+    
+    module ClassMethods
+      # Inspired from https://github.com/ryanb/cancan/wiki/Non-RESTful-Controllers
+      public
+      def authorize_resource(*args)
+        options = args.extract_options!
+        resource_name = args.first
+
+        self.before_action(options.slice(:only, :except, :if, :unless)) do |controller|
+          resource_name ||= resource_name_from_controller
+          
+          if !(resource_key = options[:class]).nil?
+            resource = case resource_key
+            when false
+              resource_name.to_sym
+            when Symbol, Class
+              resource_key
+            else
+              raise "Invalid resource class: #{resource_key}"
+            end
+
+            authorize resource
+#            if (policy = policy(resource)) && policy.class.instance_variable_defined?(:@manage_permission)
+#              skip_authorization if policy.manage?
+#            else
+#              authorize resource
+#            end
+          elsif (resource_instance = controller.instance_variable_get("@#{resource_name}"))
+            authorize resource_instance
+          else
+            authorize resource_name.camelize.constantize
+          end
+
+          verify_authorized
+        end
+      end
+    end
+
+    def resource_name_from_controller
+      params[:controller].split('/').last.singularize
+    end
+  end
+end

data/app/controllers/concerns/glib/json/dynamic_text.rb

@@ -2,15 +2,14 @@ module Glib::Json::DynamicText
   def __json_dynamic_text_perform
     if (hash = json_transformation_start).is_a?(Hash)
       @__specs = {}
-      
+
       crawl hash['header']&.[]('childViews')
       crawl hash['body']&.[]('childViews')
       crawl hash['footer']&.[]('childViews')
 
-      # TODO: retrieve texts from dynamictextreader
-      # translated_texts = retrieve_remote_texts(@__specs.keys)
+      translated_texts = retrieve_remote_texts(@__specs.keys)
 
-      translated_texts = retrieve_example_texts(@__specs.keys)
+      # translated_texts = retrieve_example_texts(@__specs.keys)
       translated_texts.each do |key, value|
         @__specs[key].each do |spec|
           spec.substitute_with(value)
@@ -32,6 +31,11 @@ module Glib::Json::DynamicText
     translated_texts
   end
 
+  def retrieve_remote_texts(keys)
+    response = RestClient.get(ENV['DTR_URL'], { params: { keys: keys } })
+    JSON.parse(response)
+  end
+
   def crawl views
     Glib::Json::DynamicText::crawl_multiple views, ->(view) do
       extract_spec(view, 'text')
@@ -52,7 +56,7 @@ module Glib::Json::DynamicText
       view[prop] = text.gsub(/\{\{(\w+)\}\}/) { args.fetch($1, "{{#{$1}}}") }
     end
   end
-  
+
   def self.crawl_multiple views, block
     if views.is_a? Array
       views.each do |view|
@@ -85,7 +89,7 @@ module Glib::Json::DynamicText
     # panels/split
     # crawl_multiple view['leftViews'], block
     # crawl_multiple view['rightViews'], block
-    
+
     # Split panel
     crawl_vertical_content view['left'], block
     crawl_vertical_content view['center'], block

data/app/helpers/glib/json_ui/action_builder.rb

@@ -82,6 +82,7 @@ module Glib
           string :body
           string :tag
           int :timeout
+          action :onClick
         end
 
       end

data/app/policies/glib/application_policy.rb

@@ -0,0 +1,148 @@
+# The main purpose of this is for security. If it is important to display useful error message or to provide a "banana", then
+# it's better to perform an explicit check (e.g. as a validation in the model or using a before_action).
+module Glib
+  class ApplicationPolicy
+    attr_reader :user, :record, :controller, :request, :params
+
+    private
+    def initialize(user, record, controller, request, params)
+      @user = user
+      @record = record
+      @controller = controller
+      @request = request
+      # Don't get params from request because we might not have a proper request object. This might execute in Sidekiq. 
+      # See Presenter::Model::inside_mock_controller()
+      @params = params
+    end
+    
+    class << self
+      attr_reader :catch_all
+
+      # This is to define the authorization logic for an action (or a group of actions). It's different from controller's 
+      # authorize().
+      private  # Used by child
+      def authorize(*actions, &block)
+        actions.each do |action|
+          if action == :manage
+            # Serve as a catch-all to all actions that have not been specified in the policy.
+            @catch_all = block
+          else
+            method_name = "#{action}?"
+            # Avoid accidentally redefining multiple times from child policies. But it's okay if the child policy
+            # wants to override the parent's authorization method.
+            raise "Action authorization has been declared: #{action}" if instance_methods(false).include?(method_name.to_sym)
+            define_method method_name, &block
+          end
+        end
+      end
+    end
+    
+    private
+    def catch_all
+      self.class.catch_all
+    end
+    
+    private
+    # To ensure the block is called on the policy's instance instead class.
+    def call_catch_all
+      instance_eval(&catch_all)
+    end
+
+    authorize :index do
+      # We need this line because in `index` action, this method will be called instead of method_missing().
+      # Having this line ensures that the catch_all behaviour works according to the priority below:
+      # - child_policy#index?
+      # - child_policy#manage? -- catch_all
+      # - application_policy@index?
+      return call_catch_all if catch_all
+
+      false
+    end
+
+    authorize :show do
+      return call_catch_all if catch_all
+
+      scope.where(id: record.id).exists?
+    end
+
+    authorize :create do
+      return call_catch_all if catch_all
+      
+      false
+    end
+
+    authorize :new do
+      return call_catch_all if catch_all
+      
+      create?
+    end
+
+    authorize :update do
+      return call_catch_all if catch_all
+      
+      false
+    end
+
+    authorize :edit do
+      return call_catch_all if catch_all
+      
+      update?
+    end
+
+    authorize :destroy do
+      return call_catch_all if catch_all
+      
+      false
+    end
+
+    public
+    def method_missing(name, *args, &block)
+      if name.to_s.end_with?('?') && catch_all
+        call_catch_all
+      else
+        super
+      end
+    end
+
+    public
+    def scope
+      Pundit.policy_scope!(user, record.class)
+    end
+
+    private  # Used by child
+    def public?
+      true
+    end
+
+    # # TODO: Revise because it seems there is no justification for allowing owner to see any of the deleted entities, which include User, Guild, and Post
+    # private  # Used by child
+    # def not_deleted_unless_owner_or_moderator?(&block)
+    #   block ||= lambda { |unused_arg| @user.moderator? }
+    #   !@record.deleted? || (@user && (@user.id == @record.user_owner_id || block.call(@record)))
+    # end
+
+    # private  # Used by child
+    # def not_deleted_unless_moderator?(&block)
+    #   block ||= lambda { |unused_arg| @user.moderator? }
+    #   !@record.deleted? || (@user && block.call(@record))
+    # end
+
+    public
+    def self.args_builder
+      Proc.new { |controller| [] }
+    end
+    
+    class Scope
+      attr_reader :user, :scope
+
+      def initialize(user, scope)
+        @user = user
+        @scope = scope
+      end
+
+      def resolve
+        scope
+      end
+    end
+  end
+end

data/app/views/json_ui/garage/notifications/index.json.jbuilder

@@ -6,7 +6,9 @@ json_ui_page json do |page|
   page.list firstSection: ->(section) do
     section.rows builder: ->(template) do
       template.thumbnail title: 'Send Desktop Notification', onClick: ->(action) do
-        action.dialogs_notification title: 'Hello World', body: 'Body Message'
+        action.dialogs_notification title: 'Hello World', body: 'Body Message', onClick: ->(action) do
+          action.dialogs_alert message: 'TODO'
+        end
       end
     end
   end

data/app/views/json_ui/garage/panels/responsive.json.jbuilder

@@ -1,4 +1,4 @@
-json.title 'Panels'
+json.title 'Responsive Panels'
 
 json_ui_page json do |page|
   render "#{@path_prefix}/nav_menu", json: json, page: page
@@ -7,37 +7,49 @@ json_ui_page json do |page|
     scroll.label text: 'Shrink the browser\'s width to see how the column panels are rearranged. On mobile screens, they are always arranged vertically'
 
     scroll.spacer height: 20
-    scroll.h2 text: 'Responsive panel with 12 columns'
+    scroll.h2 text: 'With 12 columns'
     scroll.spacer height: 6
     scroll.panels_responsive width: 'matchParent', childViews: ->(horizontal) do
-      horizontal.panels_column lg: 8, backgroundColor: '#c3cad2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 8 }, backgroundColor: '#c3cad2', childViews: ->(column) do
         column.button text: '1'
       end
-      horizontal.panels_column lg: 4, backgroundColor: '#b3bac2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#b3bac2', childViews: ->(column) do
         column.button text: '2'
       end
     end
 
     scroll.spacer height: 20
-    scroll.h2 text: 'Responsive panel with more than 12 columns'
+    scroll.h2 text: 'With more than 12 columns'
     scroll.spacer height: 6
     scroll.panels_responsive width: 'matchParent', childViews: ->(horizontal) do
-      horizontal.panels_column lg: 4, backgroundColor: '#c3cad2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#c3cad2', childViews: ->(column) do
         column.button text: '1'
       end
-      horizontal.panels_column lg: 4, backgroundColor: '#b3bac2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#b3bac2', childViews: ->(column) do
         column.button text: '2'
       end
-      horizontal.panels_column lg: 4, backgroundColor: '#c3cad2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#c3cad2', childViews: ->(column) do
         column.button text: '3'
       end
-      horizontal.panels_column lg: 4, backgroundColor: '#b3bac2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#b3bac2', childViews: ->(column) do
         column.button text: '4'
       end
-      horizontal.panels_column lg: 4, backgroundColor: '#c3cad2', childViews: ->(column) do
+      horizontal.panels_column lg: { cols: 4 }, backgroundColor: '#c3cad2', childViews: ->(column) do
         column.button text: '5'
       end
     end
 
+    scroll.spacer height: 20
+    scroll.h2 text: 'With responsive paddings'
+    scroll.spacer height: 6
+    scroll.panels_responsive width: 'matchParent', childViews: ->(horizontal) do
+      horizontal.panels_column lg: { cols: 8, padding: { right: 20 } }, childViews: ->(column) do
+        column.button width: 'matchParent', text: '1'
+      end
+      horizontal.panels_column lg: { cols: 4 }, childViews: ->(column) do
+        column.button width: 'matchParent', text: '2'
+      end
+    end
+
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: glib-web
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.4.3
 platform: ruby
 authors:
 - ''
@@ -30,6 +30,34 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: 6.1.0
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
 description: 
 email: ''
 executables: []
@@ -40,6 +68,7 @@ files:
 - app/controllers/concerns/application/json/transformation.rb
 - app/controllers/concerns/application/json/ui.rb
 - app/controllers/concerns/application/json/validation.rb
+- app/controllers/concerns/glib/auth/policy.rb
 - app/controllers/concerns/glib/json/dynamic_text.rb
 - app/controllers/concerns/glib/json/libs.rb
 - app/controllers/concerns/glib/json/transformation.rb
@@ -63,6 +92,7 @@ files:
 - app/helpers/glib/json_ui/view_builder/panels.rb
 - app/models/glib/dynamic_text_record.rb
 - app/models/glib/text.rb
+- app/policies/glib/application_policy.rb
 - app/views/app/views/json_ui/vue/renderer.html.erb
 - app/views/json_ui/garage/_nav_menu.json.jbuilder
 - app/views/json_ui/garage/actions/index.json.jbuilder