globalid 0.3.7 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 16fab50b5f1ed999f159d4e28507577d1e240e2a
-  data.tar.gz: 00c55d5c1b1b3b09178e3c1e75dc343389acb92f
+SHA256:
+  metadata.gz: 91ad4d8c34957591df10703702ee81e259afaebe296bf0163788952bc3acdcd6
+  data.tar.gz: 1bd763051bf53016df8faf674dfab0f38aae178db11d0b66ca416cdd9ba0910d
 SHA512:
-  metadata.gz: ee2a00103d0a6890701acd2674a7817335391f54e67d44746c1883711329e5707d3c26089f5fe9823322fe044d52e9b7167ae8f0b7d86af1c88ff379d269f6e1
-  data.tar.gz: 5da58eabadc4ddc3af4231520db1c3b09bc780ac8b842e4a93f70a6ab1523a81c7112d5377569b2643b755e4c06cb9e764b75e9b1078fa41b48f909f02ed25d3
+  metadata.gz: 00ece65591def5d2420aa732d8a7482c14922f45bd10c6b3be55f4340587d90985e967e9f68951fb840440c1584785a6c9a5f6ff0db8c38e2539cbd6ea842c94
+  data.tar.gz: c34a0627c13e63e3535be150787eca885d0bbb717e66f5b0700cb5a9ccb30446af260defa7b3a79ad0371f4f1235d77079520c6e67148d10edc6f2bf458a700a

data/README.md

@@ -24,17 +24,17 @@ Mix `GlobalID::Identification` into any model with a `#find(id)` class method.
 Support is automatically included in Active Record.
 
 ```ruby
->> person_gid = Person.find(1).to_global_id
-=> #<GlobalID ...
+person_gid = Person.find(1).to_global_id
+# => #<GlobalID ...
 
->> person_gid.uri
-=> #<URI ...
+person_gid.uri
+# => #<URI ...
 
->> person_gid.to_s
-=> "gid://app/Person/1"
+person_gid.to_s
+# => "gid://app/Person/1"
 
->> GlobalID::Locator.locate person_gid
-=> #<Person:0x007fae94bf6298 @id="1">
+GlobalID::Locator.locate person_gid
+# => #<Person:0x007fae94bf6298 @id="1">
 ```
 
 ### Signed Global IDs
@@ -42,53 +42,125 @@ Support is automatically included in Active Record.
 For added security GlobalIDs can also be signed to ensure that the data hasn't been tampered with.
 
 ```ruby
->> person_sgid = Person.find(1).to_signed_global_id
-=> #<SignedGlobalID:0x007fea1944b410
+person_sgid = Person.find(1).to_signed_global_id
+# => #<SignedGlobalID:0x007fea1944b410>
 
->> person_sgid = Person.find(1).to_sgid
-=> #<SignedGlobalID:0x007fea1944b410
+person_sgid = Person.find(1).to_sgid
+# => #<SignedGlobalID:0x007fea1944b410>
 
->> person_sgid.to_s
-=> "BAhJIh5naWQ6Ly9pZGluYWlkaS9Vc2VyLzM5NTk5BjoGRVQ=--81d7358dd5ee2ca33189bb404592df5e8d11420e"
+person_sgid.to_s
+# => "BAhJIh5naWQ6Ly9pZGluYWlkaS9Vc2VyLzM5NTk5BjoGRVQ=--81d7358dd5ee2ca33189bb404592df5e8d11420e"
 
->> GlobalID::Locator.locate_signed person_sgid
-=> #<Person:0x007fae94bf6298 @id="1">
+GlobalID::Locator.locate_signed person_sgid
+# => #<Person:0x007fae94bf6298 @id="1">
+```
+
+**Expiration**
+
+Signed Global IDs can expire some time in the future. This is useful if there's a resource
+people shouldn't have indefinite access to, like a share link.
+
+```ruby
+expiring_sgid = Document.find(5).to_sgid(expires_in: 2.hours, for: 'sharing')
+# => #<SignedGlobalID:0x008fde45df8937 ...>
 
+# Within 2 hours...
+GlobalID::Locator.locate_signed(expiring_sgid.to_s, for: 'sharing')
+# => #<Document:0x007fae94bf6298 @id="5">
+
+# More than 2 hours later...
+GlobalID::Locator.locate_signed(expiring_sgid.to_s, for: 'sharing')
+# => nil
 ```
-You can even bump the security up some more by explaining what purpose a Signed Global ID is for.
-In this way evildoers can't reuse a sign-up form's SGID on the login page. For example.
+
+**In Rails, an auto-expiry of 1 month is set by default.** You can alter that deal
+in an initializer with:
 
 ```ruby
->> signup_person_sgid = Person.find(1).to_sgid(for: 'signup_form')
-=> #<SignedGlobalID:0x007fea1984b520
+# config/initializers/global_id.rb
+Rails.application.config.global_id.expires_in = 3.months
+```
+
+You can assign a default SGID lifetime like so:
 
->> GlobalID::Locator.locate_signed(signup_person_sgid.to_s, for: 'signup_form')
-=> #<Person:0x007fae94bf6298 @id="1">
+```ruby
+SignedGlobalID.expires_in = 1.month
 ```
 
-You can also have SGIDs that expire some time in the future. This is useful if there's a resource,
-people shouldn't have indefinite access to, like a share link.
+This way any generated SGID will use that relative expiry.
+
+It's worth noting that _expiring SGIDs are not idempotent_ because they encode the current timestamp; repeated calls to `to_sgid` will produce different results. For example, in Rails
 
 ```ruby
->> expiring_sgid = Document.find(5).to_sgid(expires_in: 2.hours, for: 'sharing')
-=> #<SignedGlobalID:0x008fde45df8937
+Document.find(5).to_sgid.to_s == Document.find(5).to_sgid.to_s
+# => false
+```
 
-# Within 2 hours...
->> GlobalID::Locator.locate_signed(expiring_sgid.to_s, for: 'sharing')
-=> #<Document:0x007fae94bf6298 @id="5">
+You need to explicitly pass `expires_in: nil` to generate a permanent SGID that will not expire,
 
-# More than 2 hours later...
->> GlobalID::Locator.locate_signed(expiring_sgid.to_s, for: 'sharing')
-=> nil
+```ruby
+# Passing a false value to either expiry option turns off expiration entirely.
+never_expiring_sgid = Document.find(5).to_sgid(expires_in: nil)
+# => #<SignedGlobalID:0x008fde45df8937 ...>
 
->> explicit_expiring_sgid = SecretAgentMessage.find(5).to_sgid(expires_at: Time.now.advance(hours: 1))
-=> #<SignedGlobalID:0x008fde45df8937
+# Any time later...
+GlobalID::Locator.locate_signed never_expiring_sgid
+# => #<Document:0x007fae94bf6298 @id="5">
+```
+
+It's also possible to pass a specific expiry time
+
+```ruby
+explicit_expiring_sgid = SecretAgentMessage.find(5).to_sgid(expires_at: Time.now.advance(hours: 1))
+# => #<SignedGlobalID:0x008fde45df8937 ...>
 
 # 1 hour later...
->> GlobalID::Locator.locate_signed explicit_expiring_sgid.to_s
-=> nil
+GlobalID::Locator.locate_signed explicit_expiring_sgid.to_s
+# => nil
+```
+Note that an explicit `:expires_at` takes precedence over a relative `:expires_in`.
+
+**Purpose**
+
+You can even bump the security up some more by explaining what purpose a Signed Global ID is for.
+In this way evildoers can't reuse a sign-up form's SGID on the login page. For example.
+
+```ruby
+signup_person_sgid = Person.find(1).to_sgid(for: 'signup_form')
+# => #<SignedGlobalID:0x007fea1984b520
+
+GlobalID::Locator.locate_signed(signup_person_sgid.to_s, for: 'signup_form')
+# => #<Person:0x007fae94bf6298 @id="1">
+```
+
+### Locating many Global IDs
+
+When needing to locate many Global IDs use `GlobalID::Locator.locate_many` or `GlobalID::Locator.locate_many_signed` for Signed Global IDs to allow loading
+Global IDs more efficiently.
+
+For instance, the default locator passes every `model_id` per `model_name` thus
+using `model_name.where(id: model_ids)` versus `GlobalID::Locator.locate`'s `model_name.find(id)`.
+
+In the case of looking up Global IDs from a database, it's only necessary to query
+once per `model_name` as shown here:
+
+```ruby
+gids = users.concat(people).sort_by(&:id).map(&:to_global_id)
+# => [#<GlobalID:0x00007ffd6a8411a0 @uri=#<URI::GID gid://app/User/1>>,
+#<GlobalID:0x00007ffd675d32b8 @uri=#<URI::GID gid://app/Student/1>>,
+#<GlobalID:0x00007ffd6a840b10 @uri=#<URI::GID gid://app/User/2>>,
+#<GlobalID:0x00007ffd675d2c28 @uri=#<URI::GID gid://app/Student/2>>,
+#<GlobalID:0x00007ffd6a840480 @uri=#<URI::GID gid://app/User/3>>,
+#<GlobalID:0x00007ffd675d2598 @uri=#<URI::GID gid://app/Student/3>>]
+
+GlobalID::Locator.locate_many gids
+# SELECT "users".* FROM "users" WHERE "users"."id" IN ($1, $2, $3)  [["id", 1], ["id", 2], ["id", 3]]
+# SELECT "students".* FROM "students" WHERE "students"."id" IN ($1, $2, $3)  [["id", 1], ["id", 2], ["id", 3]]
+# => [#<User id: 1>, #<Student id: 1>, #<User id: 2>, #<Student id: 2>, #<User id: 3>, #<Student id: 3>]
 ```
 
+Note the order is maintained in the returned results.
+
 ### Custom App Locator
 
 A custom locator can be set for an app by calling `GlobalID::Locator.use` and providing an app locator to use for that app.

data/lib/global_id.rb

@@ -1,8 +1,19 @@
 require 'global_id/global_id'
+require 'active_support'
 
 autoload :SignedGlobalID, 'global_id/signed_global_id'
 
 class GlobalID
-  autoload :Locator, 'global_id/locator'
-  autoload :Identification, 'global_id/identification'
+  extend ActiveSupport::Autoload
+
+  eager_autoload do
+    autoload :Locator
+    autoload :Identification
+    autoload :Verifier
+  end
+
+  def self.eager_load!
+    super
+    require 'global_id/signed_global_id'
+  end
 end

data/lib/global_id/global_id.rb

@@ -63,6 +63,11 @@ class GlobalID
   def ==(other)
     other.is_a?(GlobalID) && @uri == other.uri
   end
+  alias_method :eql?, :==
+
+  def hash
+    self.class.hash | @uri.hash
+  end
 
   def to_param
     # remove the = padding character for a prettier param -- it'll be added back in parse_encoded_gid

data/lib/global_id/identification.rb

@@ -1,11 +1,7 @@
-require 'active_support/concern'
-
 class GlobalID
   module Identification
-    extend ActiveSupport::Concern
-
     def to_global_id(options = {})
-      @global_id ||= GlobalID.create(self, options)
+      GlobalID.create(self, options)
     end
     alias to_gid to_global_id
 

data/lib/global_id/railtie.rb

@@ -5,24 +5,28 @@ else
 require 'global_id'
 require 'active_support'
 require 'active_support/core_ext/string/inflections'
+require 'active_support/core_ext/integer/time'
 
 class GlobalID
   # = GlobalID Railtie
   # Set up the signed GlobalID verifier and include Active Record support.
   class Railtie < Rails::Railtie # :nodoc:
     config.global_id = ActiveSupport::OrderedOptions.new
+    config.eager_load_namespaces << GlobalID
 
     initializer 'global_id' do |app|
+      default_expires_in = 1.month
+      default_app_name = app.railtie_name.remove('_application').dasherize
 
-      app.config.global_id.app ||= app.railtie_name.remove('_application').dasherize
-      GlobalID.app = app.config.global_id.app
-
-      app.config.global_id.expires_in ||= 1.month
-      SignedGlobalID.expires_in = app.config.global_id.expires_in
+      GlobalID.app = app.config.global_id.app ||= default_app_name
+      SignedGlobalID.expires_in = app.config.global_id.fetch(:expires_in, default_expires_in)
 
       config.after_initialize do
+        GlobalID.app = app.config.global_id.app ||= default_app_name
+        SignedGlobalID.expires_in = app.config.global_id.fetch(:expires_in, default_expires_in)
+
         app.config.global_id.verifier ||= begin
-          app.message_verifier(:signed_global_ids)
+          GlobalID::Verifier.new(app.key_generator.generate_key('signed_global_ids'))
         rescue ArgumentError
           nil
         end

data/lib/global_id/uri/gid.rb

@@ -173,5 +173,9 @@ module URI
       end
   end
 
-  @@schemes['GID'] = GID
+  if respond_to?(:register_scheme)
+    register_scheme('GID', GID)
+  else
+    @@schemes['GID'] = GID
+  end
 end

data/lib/global_id/verifier.rb

@@ -0,0 +1,15 @@
+require 'active_support'
+require 'active_support/message_verifier'
+
+class GlobalID
+  class Verifier < ActiveSupport::MessageVerifier
+    private
+      def encode(data)
+        ::Base64.urlsafe_encode64(data)
+      end
+
+      def decode(data)
+        ::Base64.urlsafe_decode64(data)
+      end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: globalid
 version: !ruby/object:Gem::Version
-  version: 0.3.7
+  version: 0.5.1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-07-26 00:00:00.000000000 Z
+date: 2021-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.1.0
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.1.0
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -53,6 +53,7 @@ files:
 - lib/global_id/railtie.rb
 - lib/global_id/signed_global_id.rb
 - lib/global_id/uri/gid.rb
+- lib/global_id/verifier.rb
 - lib/globalid.rb
 homepage: http://www.rubyonrails.org
 licenses:
@@ -66,15 +67,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.3
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 3.2.24
 signing_key: 
 specification_version: 4
 summary: 'Refer to any model with a URI: gid://app/class/id'