grabli 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 22817abd7cf1fcd173e9c6d804fd9ce27df4c6b5ef3df83678e65c4d1a43c911
+  data.tar.gz: f59006fd5d79f420043a94bbf98fe9103802ac42f39bcc10543ac2310fff2af6
+SHA512:
+  metadata.gz: dc895810cd249c7646d188e73da2c2715356077bbe43eb5051a9bd12caef9b5b5a3fc458ee2f29d761dc5f82ba2d1854281d9e17582b3feb63cf208ed16af5db
+  data.tar.gz: ca971071066b83c562e2721c6eadc294f94fda1ae429842b6ce1e2fe4246753cae63fd9986023f32b80ec600e80e8118a245c3b0075a5d59eeb7afe6769d785c

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/.ruby-version

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.4.2
+before_install: gem install bundler -v 1.16.0

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in grabli.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,50 @@
+PATH
+  remote: .
+  specs:
+    grabli (0.1.0)
+      pundit (> 0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (5.1.5)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    concurrent-ruby (1.0.5)
+    diff-lcs (1.3)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    minitest (5.11.3)
+    pundit (1.1.0)
+      activesupport (>= 3.0.0)
+    rake (10.5.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.1)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16)
+  grabli!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   1.16.0

data/LICENSE.txt

@@ -0,0 +1,13 @@
+        DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                    Version 2, December 2004
+
+ Copyright (C) 2018 dikond <di.kondratenko@gmail.com>
+
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. You just DO WHAT THE FUCK YOU WANT TO.

data/README.md

@@ -0,0 +1,73 @@
+# Grabli
+
+Hola :v:
+
+The very specific goal of this gem is to extract pundit policy permissions to something serializable... like a ruby array! Why do you need that? To tell the front-end application or API consumer what you think of the current user, hehe :smirk: As a bonus, I find it easier to write unit tests for policies. But to have a dependency on third-party gems for unit tests, even as awesome as this one, may be undesirable.
+
+## Usage
+
+With a given `UserPolicy` (e.g. the one defined in `/spec/spec_helper.rb`) you can do:
+
+```ruby
+require 'grabli'
+
+Grabli.new.collect(@user, @company)
+# => [:create?, :update?]
+
+Grabli.new.collect(@user, :company)
+# => [:create?]
+```
+
+Let's say your app have a public Rest API. It may look like:
+
+```ruby
+require 'grabli'
+
+class Api::UsersController < ApplicationController
+  def show
+    @user = User.find(params[:id])
+    authorize @user
+
+    permissions = Grabli.new.collect(current_user, @user)
+
+    render json: { user: @user.to_json, permissions: permissions }
+  end
+end
+```
+
+You can then create a helper and use it across your app, for example:
+
+```ruby
+# /app/controllers/application_controller.rb
+require 'grabli'
+
+class ApplicationController
+  def collect_permissions_for(subject)
+    Grabli.new.collect(current_user, subject)
+  end
+  helper_method :collect_permissions_for
+end
+
+
+# /app/controllers/api/users_controller.rb
+class Api::UsersController < ApplicationController
+  def show
+    @user = User.find(params[:id])
+    authorize @user
+
+    render json: { user: @user.to_json, permissions: collect_permissions_for(@user) }
+  end
+end
+```
+
+## Further plans
+
+1) Improve cases when subject is a `Symbol`
+
+Since pundit policy doesn't limit the subject types it can be anything, even a `Symbol`.
+
+Make `Intruder` a bit more clever proxy object which delegates to the subject and intercepts `NoMethodError` for cases when `Symbol` subject mean "no subject".
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/grabli.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "grabli"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/grabli.gemspec

@@ -0,0 +1,23 @@
+require_relative "lib/grabli/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "grabli"
+  spec.version       = Grabli::VERSION
+  spec.authors       = ["dikond"]
+  spec.email         = ["di.kondratenko@gmail.com"]
+  spec.license       = "wtfpl"
+
+  spec.summary       = "Grab permissions from your Pundit policies"
+  spec.homepage      = "https://github.com/dikond/grabli"
+
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency     "pundit", "> 0"
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/grabli.rb

@@ -0,0 +1,71 @@
+require "grabli/version"
+require "pundit"
+
+class Grabli
+  #
+  # Collect allowed policy permissions for the given user.
+  #
+  # @param user [Object] user object your policy work with
+  # @param subject [Symbol, Object] subject object your policy work with
+  # @return [Array<Symbol>] array of allowed policy permission
+  # @example
+  #
+  #   Grabli.new.collect(@user, @company)
+  #   #=> [:create?, :update?, :manage_occupied?]
+  #
+  #   Grabli.new.collect(@user, :company)
+  #   #=> [:create?]
+  #
+  def collect(user, subject)
+    policy_class(subject)
+      .public_instance_methods(false)
+      .reject! { |n| n =~ /permitted_attributes/ }
+      .each_with_object([]) do |permission, collection|
+        # allows to collect permissions without subject, for more @see Intruder
+        isubject = subject.is_a?(Symbol) ? Intruder.new(false) : subject
+        policy = policy_class(subject).new(user, isubject)
+
+        collection << permission if allowed? policy, permission
+      end
+      .sort
+  end
+
+  # Check whether certain permission is allowed.
+  #
+  # @param policy [ApplicationPolicy] instantiated policy
+  # @param permission [Symbol] permission name
+  # @return [Boolen, Object] true or false in case subject intruded
+  #   or whatever you policy permission returns
+  # @example
+  #
+  #   policy = Pundit.policy(@user, @company)
+  #   Grabli.new.allowed?(policy, :create?)
+  #   #=> true
+  #
+  def allowed?(policy, permission)
+    result = policy.public_send(permission)
+    return !policy.record.intruded if policy.record.is_a?(Intruder)
+    result
+  end
+
+  private def policy_class(record)
+    Pundit::PolicyFinder.new(record).policy
+  end
+
+  #
+  # When no subject specified by the user or the subject is a Symbol,
+  # we pass that object as a subject.
+  #
+  # If the subject isn't used it means we can add this permission as allowed.
+  # If it's used, CURRENTLY, we assume that the given permission isn't allowed.
+  #
+  # TODO: delegate to the original subject if it was given
+  #       and intercept NoMethodError
+  #
+  Intruder = Struct.new(:intruded) do
+    def method_missing(*)
+      self[:intruded] = true
+      self
+    end
+  end
+end

data/lib/grabli/version.rb

@@ -0,0 +1,3 @@
+class Grabli
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification
+name: grabli
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- dikond
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-03-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: 
+email:
+- di.kondratenko@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- grabli.gemspec
+- lib/grabli.rb
+- lib/grabli/version.rb
+homepage: https://github.com/dikond/grabli
+licenses:
+- wtfpl
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Grab permissions from your Pundit policies
+test_files: []