RubyGems - graphql-guard - Versions diffs - 0.4.0 → 1.0.0 - Mend

graphql-guard 0.4.0 → 1.0.0

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: edc74c4db940ec20e1daa0907380a2db57c57bd5
-  data.tar.gz: 984fc4fb2913d17f4c6a331ac8f628aace746125
+  metadata.gz: 2fee7151ba4f1b935f9bb185bc1ecef61920d0bc
+  data.tar.gz: d5286b90482d2e5a99827f05a3587d9f596a0669
 SHA512:
-  metadata.gz: e2ab0b88f3daf2acdfdba60814b62fdbb3d36c34aec3f4441da3ebdc83daff068c1115d0680959c552cdd894ecc0d55c59fa3db6ca9bcd80039493b08d2158c5
-  data.tar.gz: d3987791bdd7cf4a494572ab2bedd08a5992cd71b1909a9d84572fe048e5bdf47fbd0796af38e21d12bfeaefcebf6506d362f315147d2dd51e4c648cd0fc0e51
+  metadata.gz: 36f519bf2ed0879655eced44f1a8062e13fcfc01d08565c7c92d33ee50cef08278e430054cc42ed9834a629dc16d3512b19cf14ef2c395a19f37929c615488c0
+  data.tar.gz: c9873f1af3b37a07398e853871f661bb45d232d79cc833aa6f0bc2aca1104e961b8e2ecf2bda3a38950de7ad91181918dbe62447cb2267ac88966b88df9c3c26

data/CHANGELOG.md CHANGED Viewed

@@ -8,10 +8,49 @@ one of the following labels: `Added`, `Changed`, `Deprecated`,
 to manage the versions of this gem so
 that you can set version constraints properly.
-#### [Unreleased](https://github.com/exAspArk/graphql-guard/compare/v0.4.0...HEAD)
+#### [Unreleased](https://github.com/exAspArk/graphql-guard/compare/v1.0.0...HEAD)
 * WIP
+#### [v1.0.0](https://github.com/exAspArk/graphql-guard/compare/v0.4.0...v1.0.0) – 2017-07-31
+* `Changed`: guards for every `*` field also accepts arguments: `->(object, arguments, context) { ... }`:
+  * Before:
+<pre>
+GraphQL::ObjectType.define do
+  name "Post"
+  guard ->(obj, ctx) { ... }
+  ...
+end
+</pre>
+  * After:
+<pre>
+GraphQL::ObjectType.define do
+  name "Post"
+  guard ->(obj, <b>args</b>, ctx) { ... }
+  ...
+end
+</pre>
+* `Changed`: `.field_with_guard` from `graphql/guard/testing` module accepts policy object as a second argument:
+  * Before:
+<pre>
+guard_object = GraphQL::Guard.new(policy_object: GraphqlPolicy)
+posts_field = QueryType.field_with_guard('posts', <b>guard_object</b>)
+</pre>
+  * After:
+<pre>
+posts_field = QueryType.field_with_guard('posts', <b>GraphqlPolicy</b>)
+</pre>
 #### [v0.4.0](https://github.com/exAspArk/graphql-guard/compare/v0.3.0...v0.4.0) – 2017-07-25
 * `Added`: ability to test `guard` lambdas via field.

data/README.md CHANGED Viewed

@@ -6,7 +6,7 @@
 [![Downloads](https://img.shields.io/gem/dt/graphql-guard.svg)](https://rubygems.org/gems/graphql-guard)
 [![Latest Version](https://img.shields.io/gem/v/graphql-guard.svg)](https://rubygems.org/gems/graphql-guard)
-This tiny gem provides a field-level authorization for [graphql-ruby](https://github.com/rmosolgo/graphql-ruby).
+This gem provides a field-level authorization for [graphql-ruby](https://github.com/rmosolgo/graphql-ruby).
 ## Contents
@@ -44,7 +44,7 @@ QueryType = GraphQL::ObjectType.define do
   field :posts, !types[PostType] do
     argument :user_id, !types.ID
-    resolve ->(_, args, _) { Post.where(user_id: args[:user_id]) }
+    resolve ->(obj, args, ctx) { Post.where(user_id: args[:user_id]) }
   end
 end
@@ -82,12 +82,12 @@ QueryType = GraphQL::ObjectType.define do
 end
 </pre>
-You can also define `guard`, which will be executed for every (`*`) field in the type:
+You can also define `guard`, which will be executed for every `*` field in the type:
 <pre>
 PostType = GraphQL::ObjectType.define do
   name "Post"
-  <b>guard ->(obj, ctx) {</b> ctx[:current_user].admin? <b>}</b>
+  <b>guard ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b>
   ...
 end
 </pre>
@@ -105,7 +105,7 @@ class <b>GraphqlPolicy</b>
       <b>posts: ->(obj, args, ctx) {</b> args[:user_id] == ctx[:current_user].id <b>}</b>
     },
     PostType => {
-      <b>'*': ->(obj, ctx) {</b> ctx[:current_user].admin? <b>}</b>
+      <b>'*': ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b>
     }
   }
@@ -137,8 +137,8 @@ end
 class <b>GraphqlPolicy</b>
   RULES = {
     PostType => {
-      <b>'*': ->(_, ctx) {</b> ctx[:current_user].admin? <b>}</b>,                               # <=== <b>4</b>
-      <b>title: ->(_, _, ctx) {</b> ctx[:current_user].admin? <b>}</b>                           # <=== <b>2</b>
+      <b>'*': ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b>,                           # <=== <b>4</b>
+      <b>title: ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b>                          # <=== <b>2</b>
     }
   }
@@ -149,8 +149,8 @@ end
 PostType = GraphQL::ObjectType.define do
   name "Post"
-  <b>guard ->(_, ctx) {</b> ctx[:current_user].admin? <b>}</b>                                  # <=== <b>3</b>
-  <b>field :title</b>, !types.String, <b>guard: ->(_, _, ctx) {</b> ctx[:current_user].admin? <b>}</b> # <=== <b>1</b>
+  <b>guard ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b>                               # <=== <b>3</b>
+  <b>field :title</b>, !types.String, <b>guard: ->(obj, args, ctx) {</b> ctx[:current_user].admin? <b>}</b> # <=== <b>1</b>
 end
 Schema = GraphQL::Schema.define do
@@ -211,7 +211,7 @@ end
 # Use the ability in your guard
 PostType = GraphQL::ObjectType.define do
   name "Post"
-  <b>guard ->(post, ctx) { ctx[:current_ability].can?(:read, post) }</b>
+  <b>guard ->(post, args, ctx) { ctx[:current_ability].can?(:read, post) }</b>
   ...
 end
@@ -232,7 +232,7 @@ end
 # Use the ability in your guard
 PostType = GraphQL::ObjectType.define do
   name "Post"
-  <b>guard ->(post, ctx) { PostPolicy.new(ctx[:current_user], post).show? }</b>
+  <b>guard ->(post, args, ctx) { PostPolicy.new(ctx[:current_user], post).show? }</b>
   ...
 end
@@ -288,16 +288,14 @@ end
 # Your policy object
 class <b>GraphqlPolicy</b>
   def self.<b>guard</b>(type, field)
-    <b>->(_obj, args, ctx) {</b> ... <b>}</b>
+    <b>->(obj, args, ctx) {</b> ... <b>}</b>
   end
 end
 # Your test
 <b>require "graphql/guard/testing"</b>
-<b>guard_object</b> = <b>GraphQL::Guard.new(policy_object: PolicyObject::GraphqlPolicy)</b>
-posts = QueryType.<b>field_with_guard('posts', guard_object)</b>
+posts = QueryType.<b>field_with_guard('posts', GraphqlPolicy)</b>
 result = posts.<b>guard(obj, args, ctx)</b>
 expect(result).to eq(true)
 </pre>

data/lib/graphql/guard/testing.rb CHANGED Viewed

@@ -5,29 +5,30 @@ module GraphQL
     NoGuardError = Class.new(StandardError)
     def guard(*args)
-      raise NoGuardError.new("Get your field by calling: Type.field_with_guard('#{name}')") unless @guard_type
-      guard_proc = @guard_object.field_guard_proc(@guard_type, self) || @guard_object.type_guard_proc(@guard_type, self)
-      raise NoGuardError.new("Guard lambda does not exist for #{@guard_type}.#{name}") unless guard_proc
+      raise NoGuardError.new("Get your field by calling: Type.field_with_guard('#{name}')") unless @__guard_type
+      guard_proc = @__guard_object.guard_proc(@__guard_type, self)
+      raise NoGuardError.new("Guard lambda does not exist for #{@__guard_type}.#{name}") unless guard_proc
       guard_proc.call(*args)
     end
-    def __guard_object=(guard_object)
-      @guard_object = guard_object || GraphQL::Guard.new
+    def __policy_object=(policy_object)
+      @__policy_object = policy_object
+      @__guard_object = GraphQL::Guard.new(policy_object: policy_object)
     end
     def __guard_type=(guard_type)
-      @guard_type = guard_type
+      @__guard_type = guard_type
     end
   end
   class ObjectType
-    def field_with_guard(field_name, guard_object = nil)
+    def field_with_guard(field_name, policy_object = nil)
       field = get_field(field_name)
       return unless field
       field.clone.tap do |f|
-        f.__guard_object = guard_object
+        f.__policy_object = policy_object
         f.__guard_type = self
       end
     end

data/lib/graphql/guard/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module GraphQL
   class Guard
-    VERSION = "0.4.0"
+    VERSION = "1.0.0"
   end
 end

data/lib/graphql/guard.rb CHANGED Viewed

@@ -25,18 +25,12 @@ module GraphQL
     end
     def instrument(type, field)
-      field_guard_proc = field_guard_proc(type, field)
-      type_guard_proc = type_guard_proc(type, field)
-      return field if !field_guard_proc && !type_guard_proc
+      guard_proc = guard_proc(type, field)
+      return field unless guard_proc
       old_resolve_proc = field.resolve_proc
       new_resolve_proc = ->(object, arguments, context) do
-        authorized =
-          if field_guard_proc
-            field_guard_proc.call(object, arguments, context)
-          elsif type_guard_proc
-            type_guard_proc.call(object, context)
-          end
+        authorized = guard_proc.call(object, arguments, context)
         if authorized
           old_resolve_proc.call(object, arguments, context)
@@ -48,12 +42,11 @@ module GraphQL
       field.redefine { resolve(new_resolve_proc) }
     end
-    def field_guard_proc(type, field)
-      inline_field_guard(field) || policy_object_guard(type, field.name.to_sym)
-    end
-    def type_guard_proc(type, field)
-      inline_type_guard(type) || policy_object_guard(type, ANY_FIELD_NAME)
+    def guard_proc(type, field)
+      inline_field_guard(field) ||
+        policy_object_guard(type, field.name.to_sym) ||
+        inline_type_guard(type) ||
+        policy_object_guard(type, ANY_FIELD_NAME)
     end
     private

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql-guard
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 1.0.0
 platform: ruby
 authors:
 - exAspArk
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2017-07-25 00:00:00.000000000 Z
+date: 2017-07-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql