graphql-permissions 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b19b42395768459f48d770eeca3d951f5322f7340dbe1bdd2229ba209ddac71a
-  data.tar.gz: 00d83aeec4b6ac80570c260e4175ff1933d11e0ecef922e0ee2474e12f8acdc6
+  metadata.gz: acad633b6804921ff87dd79146fc94ca570025f8193befafa6cfa72d7d96da17
+  data.tar.gz: 5e4271b38e08dd0d90ae6e577e378cbb804170ee2fecad4e38f08ac27c249497
 SHA512:
-  metadata.gz: e6ee32bb1a6624c5859a938c40cb19e2b529e91abb7df079d553fb972e64a94ac02f671934dfca232d4d2275ad7b0646b6c697fee96a4ae5dfc849107befdb1a
-  data.tar.gz: 9ee5d6ec4658bbf1b7ea5eb39308a4e9ad8bed8bf0e0bee03352a2a924e92f679bbbc9c1ea4a45ac60bf8e7f4d18233a6784a83a34ededf291887fbd8f299d91
+  metadata.gz: e75e87548d22f8f1d4c89e3b6019022fe93b0dc9bcc86c91bf7ceb43289467f64904dd9eaf57241d718717db2e54344d61e4dafb7c90fa38d4e760218d0e0bc8
+  data.tar.gz: 51bd2550553f9412c30a8509f332c3000f0f2acfb047e298777cf6aec2944ecf82959d834a55dbc82b5081b7db9a63379b76893c8bd1fe94b6e7e367e17aee51

data/Gemfile.lock

@@ -1,14 +1,14 @@
 PATH
   remote: .
   specs:
-    graphql-permissions (0.1.0)
-      graphql
+    graphql-permissions (0.1.1)
+      graphql (~> 2)
 
 GEM
   remote: https://rubygems.org/
   specs:
     ast (2.4.2)
-    graphql (2.0.7)
+    graphql (2.0.15)
     parallel (1.22.1)
     parser (3.1.2.0)
       ast (~> 2.4.1)

data/README.md

@@ -1,8 +1,24 @@
 # GraphQL::Permissions
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/graphql/permissions`. To experiment with that code, run `bin/console` for an interactive prompt.
+GraphQL Permissions allows you to model permissions directly in your GraphQL schema. It works together with your authorization library to communicate which actions are and are not allowed to your client.
 
-TODO: Delete this and the text above, and describe your gem
+At the highest level, it lets you write queries like this:
+```graphql
+query PostById($id: ID!) {
+  post(id: $id) {
+    id
+    body
+    permissions {
+      canEdit
+      canDelete
+    }
+  }
+}
+```
+
+This helps keep all of your authorization logic in one place, and prevent disagreements between the server and client about whether a user can perform an action.
+
+GraphQL Permissions was designed with the [Pundit](https://github.com/varvet/pundit) gem in mind, but should work with most authorization libraries.
 
 ## Installation
 
@@ -24,7 +40,21 @@ Then run the Rails generator:
 
     $ bin/rails generate graphql:permissions:install
 
-This will create the base permissions object and interface types, as well as an initializer under `config/initializers/graphql_permissions.rb`
+This will create the base permissions object and interface types, as well as an initializer in `config/initializers/graphql_permissions.rb`
+
+### Configuring a Permission Handler
+
+GraphQL Permissions requires a default permission handler callback to be defined by your application. This callback receives the action performed, the object being authorized, and your GraphQL context, and must return a Boolean value to indicate whether the action is or is not allowed.
+
+For example, integration for the Pundit gem might look like so:
+
+```ruby
+GraphQL::Permissions.default_permission_handler = lambda do |action, object, context|
+  Pundit.policy(context[:current_user], object).send(:"#{action}?")
+end
+```
+
+A stub permissions handler callback is defined under `config/initializers/graphql_permissions.rb` by the Rails generator.
 
 ## Usage
 

data/graphql-permissions.gemspec

@@ -30,5 +30,5 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'graphql'
+  spec.add_dependency 'graphql', '~> 2'
 end

data/lib/graphql/permissions/interface_permissions.rb

@@ -18,7 +18,7 @@ module GraphQL
 
       # @return [Array<Module>]
       def interfaces_with_permissions
-        own_interfaces.select { |interface| interface.respond_to?(:permissions_type) && interface.permissions_type }
+        interfaces.select { |interface| interface.respond_to?(:permissions_type) && interface.permissions_type }
       end
 
       def permissions(&block)

data/lib/graphql/permissions/version.rb

@@ -2,6 +2,6 @@
 
 module GraphQL
   module Permissions
-    VERSION = '0.1.0'
+    VERSION = '0.1.1'
   end
 end

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: graphql-permissions
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Minty Fresh
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-05-10 00:00:00.000000000 Z
+date: 2022-11-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2'
 description: Expose user permissions in your GraphQL schema
 email:
 - 7896757+mintyfresh@users.noreply.github.com
@@ -73,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.3.7
 signing_key: 
 specification_version: 4
 summary: Permissions DSL for GraphQL Ruby