RubyGems - grabli - Versions diffs - 0.1.0 - Mend

grabli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 22817abd7cf1fcd173e9c6d804fd9ce27df4c6b5ef3df83678e65c4d1a43c911
+  data.tar.gz: f59006fd5d79f420043a94bbf98fe9103802ac42f39bcc10543ac2310fff2af6
+SHA512:
+  metadata.gz: dc895810cd249c7646d188e73da2c2715356077bbe43eb5051a9bd12caef9b5b5a3fc458ee2f29d761dc5f82ba2d1854281d9e17582b3feb63cf208ed16af5db
+  data.tar.gz: ca971071066b83c562e2721c6eadc294f94fda1ae429842b6ce1e2fe4246753cae63fd9986023f32b80ec600e80e8118a245c3b0075a5d59eeb7afe6769d785c

data/.gitignore ADDED

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/.ruby-version

data/.rspec ADDED

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml ADDED

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.4.2
+before_install: gem install bundler -v 1.16.0

data/Gemfile ADDED

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+# Specify your gem's dependencies in grabli.gemspec
+gemspec

data/Gemfile.lock ADDED

@@ -0,0 +1,50 @@
+PATH
+  remote: .
+  specs:
+    grabli (0.1.0)
+      pundit (> 0)
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (5.1.5)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    concurrent-ruby (1.0.5)
+    diff-lcs (1.3)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    minitest (5.11.3)
+    pundit (1.1.0)
+      activesupport (>= 3.0.0)
+    rake (10.5.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.1)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  bundler (~> 1.16)
+  grabli!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+BUNDLED WITH
+   1.16.0

data/LICENSE.txt ADDED

@@ -0,0 +1,13 @@
+        DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                    Version 2, December 2004
+ Copyright (C) 2018 dikond <di.kondratenko@gmail.com>
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+  0. You just DO WHAT THE FUCK YOU WANT TO.

data/README.md ADDED

@@ -0,0 +1,73 @@
+# Grabli
+Hola :v:
+The very specific goal of this gem is to extract pundit policy permissions to something serializable... like a ruby array! Why do you need that? To tell the front-end application or API consumer what you think of the current user, hehe :smirk: As a bonus, I find it easier to write unit tests for policies. But to have a dependency on third-party gems for unit tests, even as awesome as this one, may be undesirable.
+## Usage
+With a given `UserPolicy` (e.g. the one defined in `/spec/spec_helper.rb`) you can do:
+```ruby
+require 'grabli'
+Grabli.new.collect(@user, @company)
+# => [:create?, :update?]
+Grabli.new.collect(@user, :company)
+# => [:create?]
+```
+Let's say your app have a public Rest API. It may look like:
+```ruby
+require 'grabli'
+class Api::UsersController < ApplicationController
+  def show
+    @user = User.find(params[:id])
+    authorize @user
+    permissions = Grabli.new.collect(current_user, @user)
+    render json: { user: @user.to_json, permissions: permissions }
+  end
+end
+```
+You can then create a helper and use it across your app, for example:
+```ruby
+# /app/controllers/application_controller.rb
+require 'grabli'
+class ApplicationController
+  def collect_permissions_for(subject)
+    Grabli.new.collect(current_user, subject)
+  end
+  helper_method :collect_permissions_for
+end
+# /app/controllers/api/users_controller.rb
+class Api::UsersController < ApplicationController
+  def show
+    @user = User.find(params[:id])
+    authorize @user
+    render json: { user: @user.to_json, permissions: collect_permissions_for(@user) }
+  end
+end
+```
+## Further plans
+1) Improve cases when subject is a `Symbol`
+Since pundit policy doesn't limit the subject types it can be anything, even a `Symbol`.
+Make `Intruder` a bit more clever proxy object which delegates to the subject and intercepts `NoMethodError` for cases when `Symbol` subject mean "no subject".
+## Contributing
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/grabli.

data/Rakefile ADDED

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec

data/bin/console ADDED

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+require "bundler/setup"
+require "grabli"
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+require "irb"
+IRB.start(__FILE__)

data/grabli.gemspec ADDED

@@ -0,0 +1,23 @@
+require_relative "lib/grabli/version"
+Gem::Specification.new do |spec|
+  spec.name          = "grabli"
+  spec.version       = Grabli::VERSION
+  spec.authors       = ["dikond"]
+  spec.email         = ["di.kondratenko@gmail.com"]
+  spec.license       = "wtfpl"
+  spec.summary       = "Grab permissions from your Pundit policies"
+  spec.homepage      = "https://github.com/dikond/grabli"
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.require_paths = ["lib"]
+  spec.add_runtime_dependency     "pundit", "> 0"
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/grabli.rb ADDED

@@ -0,0 +1,71 @@
+require "grabli/version"
+require "pundit"
+class Grabli
+  #
+  # Collect allowed policy permissions for the given user.
+  #
+  # @param user [Object] user object your policy work with
+  # @param subject [Symbol, Object] subject object your policy work with
+  # @return [Array<Symbol>] array of allowed policy permission
+  # @example
+  #
+  #   Grabli.new.collect(@user, @company)
+  #   #=> [:create?, :update?, :manage_occupied?]
+  #
+  #   Grabli.new.collect(@user, :company)
+  #   #=> [:create?]
+  #
+  def collect(user, subject)
+    policy_class(subject)
+      .public_instance_methods(false)
+      .reject! { |n| n =~ /permitted_attributes/ }
+      .each_with_object([]) do |permission, collection|
+        # allows to collect permissions without subject, for more @see Intruder
+        isubject = subject.is_a?(Symbol) ? Intruder.new(false) : subject
+        policy = policy_class(subject).new(user, isubject)
+        collection << permission if allowed? policy, permission
+      end
+      .sort
+  end
+  # Check whether certain permission is allowed.
+  #
+  # @param policy [ApplicationPolicy] instantiated policy
+  # @param permission [Symbol] permission name
+  # @return [Boolen, Object] true or false in case subject intruded
+  #   or whatever you policy permission returns
+  # @example
+  #
+  #   policy = Pundit.policy(@user, @company)
+  #   Grabli.new.allowed?(policy, :create?)
+  #   #=> true
+  #
+  def allowed?(policy, permission)
+    result = policy.public_send(permission)
+    return !policy.record.intruded if policy.record.is_a?(Intruder)
+    result
+  end
+  private def policy_class(record)
+    Pundit::PolicyFinder.new(record).policy
+  end
+  #
+  # When no subject specified by the user or the subject is a Symbol,
+  # we pass that object as a subject.
+  #
+  # If the subject isn't used it means we can add this permission as allowed.
+  # If it's used, CURRENTLY, we assume that the given permission isn't allowed.
+  #
+  # TODO: delegate to the original subject if it was given
+  #       and intercept NoMethodError
+  #
+  Intruder = Struct.new(:intruded) do
+    def method_missing(*)
+      self[:intruded] = true
+      self
+    end
+  end
+end

data/lib/grabli/version.rb ADDED

@@ -0,0 +1,3 @@
+class Grabli
+  VERSION = "0.1.0"
+end

metadata ADDED

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification
+name: grabli
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- dikond
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2018-03-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description:
+email:
+- di.kondratenko@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- grabli.gemspec
+- lib/grabli.rb
+- lib/grabli/version.rb
+homepage: https://github.com/dikond/grabli
+licenses:
+- wtfpl
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.7.6
+signing_key:
+specification_version: 4
+summary: Grab permissions from your Pundit policies
+test_files: []