RubyGems - graphql-pundit - Versions diffs - 0.5.1 → 0.6.0 - Mend

graphql-pundit 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

checksums.yaml +5 -5
data/.rubocop.yml +53 -1411
data/.ruby-version +1 -1
data/.stickler.yml +7 -0
data/.travis.yml +4 -4
data/README.md +5 -8
data/graphql-pundit.gemspec +2 -3
data/lib/graphql-pundit.rb +12 -3
data/lib/graphql-pundit/instrumenter.rb +13 -7
data/lib/graphql-pundit/instrumenters/after_scope.rb +24 -0
data/lib/graphql-pundit/instrumenters/before_scope.rb +30 -0
data/lib/graphql-pundit/instrumenters/scope.rb +13 -12
data/lib/graphql-pundit/version.rb +1 -1
metadata +10 -10
data/.rubocop_disabled.yml +0 -119
data/.rubocop_enabled.yml +0 -1745
data/.rubocop_modified.yml +0 -21

data/.ruby-version CHANGED

	@@ -1 +1 @@
1	- 2.~~4.2~~
1	+ 2.5

data/.stickler.yml ADDED

@@ -0,0 +1,7 @@
+linters:
+  rubocop:
+    fixer: true
+  shellcheck:
+    shell: bash
+fixers:
+  enable: true

data/.travis.yml CHANGED

@@ -4,9 +4,9 @@ dist: trusty
 language: ruby
 rvm:
-  - 2.2.7
-  - 2.3.5
-  - 2.4.2
+  - 2.2.9
+  - 2.3.6
+  - 2.4.3
   - 2.5.0
 notifications:
@@ -15,7 +15,7 @@ notifications:
 matrix:
   fast_finish: true
   allow_failures:
-    - rvm: 2.5.0
+    - rvm: 2.2.9
 script:
   - bundle exec rspec --format progress

data/README.md CHANGED

@@ -2,7 +2,6 @@
 [![Build Status](https://travis-ci.org/ontohub/graphql-pundit.svg?branch=master)](https://travis-ci.org/ontohub/graphql-pundit)
 [![Coverage Status](https://codecov.io/gh/ontohub/graphql-pundit/branch/master/graph/badge.svg)](https://codecov.io/gh/ontohub/graphql-pundit)
 [![Code Climate](https://codeclimate.com/github/ontohub/graphql-pundit/badges/gpa.svg)](https://codeclimate.com/github/ontohub/graphql-pundit)
-[![Dependency Status](https://gemnasium.com/badges/github.com/ontohub/graphql-pundit.svg)](https://gemnasium.com/github.com/ontohub/graphql-pundit)
 [![GitHub issues](https://img.shields.io/github/issues/ontohub/graphql-pundit.svg?maxAge=2592000)](https://waffle.io/ontohub/ontohub-backend?source=ontohub%2Fgraphql-pundit)
 # GraphQL::Pundit
@@ -105,29 +104,27 @@ If the lambda returns a falsy value or raises a `Pundit::UnauthorizedError` the
 ### Scopes
-Pundit scopes are supported by using `scope` in the field definition
+Pundit scopes are supported by using `before_scope` and `after_scope` in the field definition
 ```ruby
 field :posts
-  scope
+  after_scope
   resolve ...
 end
 ```
-By default, this will use the Scope definied in the `PostPolicy`. If you do not want to define a scope inside of the policy, you can also pass a lambda to `scope`. The return value will be passed to `resolve` as first argument.
+Passing no arguments to `after_scope` and `before_scope` will infer the policy to use from the value it is passed: `before_scope` is run before `resolve` and will receive the parent object, `after_scope` will be run after `resolve` and receives the output of `resolve`. You can also pass a proc or a policy class to both `_scope`s:
 ```ruby
 field :posts
-  scope ->(_root, _args, ctx) { Post.where(owner: ctx[:current_user]) }
+  before_scope ->(_root, _args, ctx) { Post.where(owner: ctx[:current_user]) }
   resolve ->(posts, args, ctx) { ... }
 end
 ```
-In case you only want to specify the Policy class containing the Scope explicitly, you can pass the Policy class explicitly:
 ```ruby
 field :posts
-  scope PostablePolicy
+  after_scope PostablePolicy
   resolve ...
 end
 ```

data/graphql-pundit.gemspec CHANGED

@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 lib = File.expand_path('../lib', __FILE__)
@@ -28,13 +27,13 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '~> 1.14'
   spec.add_development_dependency 'codecov', '~> 0.1.10'
-  spec.add_development_dependency 'fuubar', '~> 2.2.0'
+  spec.add_development_dependency 'fuubar', '~> 2.3.0'
   spec.add_development_dependency 'pry', '~> 0.11.0'
   spec.add_development_dependency 'pry-byebug', '~> 3.5.0'
   spec.add_development_dependency 'pry-rescue', '~> 1.4.4'
   spec.add_development_dependency 'pry-stack_explorer', '~> 0.4.9.2'
   spec.add_development_dependency 'rake', '~> 12.0'
   spec.add_development_dependency 'rspec', '~> 3.6'
-  spec.add_development_dependency 'rubocop', '~> 0.51.0'
+  spec.add_development_dependency 'rubocop', '~> 0.52.1'
   spec.add_development_dependency 'simplecov', '~> 0.15.1'
 end

data/lib/graphql-pundit.rb CHANGED

@@ -30,13 +30,22 @@ module GraphQL
   # Defines `scope` helper
   class ScopeHelper
+    def initialize(before_or_after, deprecated: false)
+      @before_or_after = before_or_after
+      @deprecated = deprecated
+    end
     def call(defn, proc = :infer_scope)
-      Define::InstanceDefinable::AssignMetadataKey.new(:scope).
-        call(defn, proc)
+      opts = {proc: proc, deprecated: @deprecated}
+      Define::InstanceDefinable::AssignMetadataKey.
+        new(:"#{@before_or_after}_scope").
+        call(defn, opts)
     end
   end
   Field.accepts_definitions(authorize: AuthorizationHelper.new(false),
                             authorize!: AuthorizationHelper.new(true),
-                            scope: ScopeHelper.new)
+                            after_scope: ScopeHelper.new(:after),
+                            before_scope: ScopeHelper.new(:before),
+                            scope: ScopeHelper.new(:before, deprecated: true))
 end

data/lib/graphql-pundit/instrumenter.rb CHANGED

@@ -2,7 +2,8 @@
 require 'pundit'
 require 'graphql-pundit/instrumenters/authorization'
-require 'graphql-pundit/instrumenters/scope'
+require 'graphql-pundit/instrumenters/before_scope'
+require 'graphql-pundit/instrumenters/after_scope'
 module GraphQL
   module Pundit
@@ -10,18 +11,23 @@ module GraphQL
     class Instrumenter
       attr_reader :current_user,
                   :authorization_instrumenter,
-                  :scope_instrumenter
+                  :before_scope_instrumenter,
+                  :after_scope_instrumenter
       def initialize(current_user = :current_user)
         @current_user = current_user
-        @authorization_instrumenter = Instrumenters::Authorization.
-          new(current_user)
-        @scope_instrumenter = Instrumenters::Scope.new(current_user)
+        @authorization_instrumenter =
+          Instrumenters::Authorization.new(current_user)
+        @before_scope_instrumenter =
+          Instrumenters::BeforeScope.new(current_user)
+        @after_scope_instrumenter = Instrumenters::AfterScope.new(current_user)
       end
       def instrument(type, field)
-        scoped_field = scope_instrumenter.instrument(type, field)
-        authorization_instrumenter.instrument(type, scoped_field)
+        before_scoped_field = before_scope_instrumenter.instrument(type, field)
+        after_scoped_field = after_scope_instrumenter.
+          instrument(type, before_scoped_field)
+        authorization_instrumenter.instrument(type, after_scoped_field)
       end
     end
   end

data/lib/graphql-pundit/instrumenters/after_scope.rb ADDED

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require 'pundit'
+require_relative 'scope'
+module GraphQL
+  module Pundit
+    module Instrumenters
+      # Instrumenter that supplies `after_scope`
+      class AfterScope < Scope
+        SCOPE_KEY = :after_scope
+        # Applies the scoping to the passed object
+        class ScopeResolver < ScopeResolver
+          def call(root, arguments, context)
+            resolver_result = old_resolver.call(root, arguments, context)
+            scope_proc = new_scope(scope)
+            scope_proc.call(resolver_result, arguments, context)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/graphql-pundit/instrumenters/before_scope.rb ADDED

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+require 'pundit'
+require_relative 'scope'
+module GraphQL
+  module Pundit
+    module Instrumenters
+      # Instrumenter that supplies `before_scope`
+      class BeforeScope < Scope
+        SCOPE_KEY = :before_scope
+        # Applies the scoping to the passed object
+        class ScopeResolver < ScopeResolver
+          def call(root, arguments, context)
+            if field.metadata[:before_scope][:deprecated]
+              Kernel.warn <<~DEPRECATION_WARNING
+                Using `scope` is deprecated and might be removed in the future.
+                Please use `before_scope` or `after_scope` instead.
+              DEPRECATION_WARNING
+            end
+            scope_proc = new_scope(scope)
+            resolver_result = scope_proc.call(root, arguments, context)
+            old_resolver.call(resolver_result, arguments, context)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/graphql-pundit/instrumenters/scope.rb CHANGED

@@ -5,15 +5,16 @@ require 'pundit'
 module GraphQL
   module Pundit
     module Instrumenters
-      # Instrumenter that supplies `scope`
+      # Base instrumenter for `before_scope` and `after_scope`
       class Scope
         # Applies the scoping to the passed object
         class ScopeResolver
-          attr_reader :current_user, :scope, :old_resolver
+          attr_reader :current_user, :scope, :old_resolver, :field
-          def initialize(current_user, scope, old_resolver)
+          def initialize(current_user, scope, old_resolver, field)
             @current_user = current_user
             @old_resolver = old_resolver
+            @field = field
             unless valid_value?(scope)
               raise ArgumentError, 'Invalid value passed to `scope`'
@@ -22,12 +23,6 @@ module GraphQL
             @scope = scope
           end
-          def call(root, arguments, context)
-            scope_proc = new_scope(scope)
-            new_scope = scope_proc.call(root, arguments, context)
-            old_resolver.call(new_scope, arguments, context)
-          end
           private
           def new_scope(scope)
@@ -73,12 +68,18 @@ module GraphQL
           @current_user = current_user
         end
+        # rubocop:disable Metrics/MethodLength
         def instrument(_type, field)
-          scope = field.metadata[:scope]
-          return field unless scope
+          # rubocop:enable Metrics/MethodLength
+          scope_metadata = field.metadata[self.class::SCOPE_KEY]
+          return field unless scope_metadata
+          scope = scope_metadata[:proc]
           old_resolver = field.resolve_proc
-          resolver = ScopeResolver.new(current_user, scope, old_resolver)
+          resolver = self.class::ScopeResolver.new(current_user,
+                                                   scope,
+                                                   old_resolver,
+                                                   field)
           field.redefine do
             resolve resolver

data/lib/graphql-pundit/version.rb CHANGED

@@ -2,6 +2,6 @@
 module GraphQL
   module Pundit
-    VERSION = '0.5.1'
+    VERSION = '0.6.0'
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: graphql-pundit
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Ontohub Core Developers
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2017-11-27 00:00:00.000000000 Z
+date: 2018-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
@@ -78,14 +78,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.0
+        version: 2.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.0
+        version: 2.3.0
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -176,14 +176,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.51.0
+        version: 0.52.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.51.0
+        version: 0.52.1
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -210,10 +210,8 @@ files:
 - ".hound.yml"
 - ".rspec"
 - ".rubocop.yml"
-- ".rubocop_disabled.yml"
-- ".rubocop_enabled.yml"
-- ".rubocop_modified.yml"
 - ".ruby-version"
+- ".stickler.yml"
 - ".travis.yml"
 - Gemfile
 - LICENSE.txt
@@ -224,7 +222,9 @@ files:
 - graphql-pundit.gemspec
 - lib/graphql-pundit.rb
 - lib/graphql-pundit/instrumenter.rb
+- lib/graphql-pundit/instrumenters/after_scope.rb
 - lib/graphql-pundit/instrumenters/authorization.rb
+- lib/graphql-pundit/instrumenters/before_scope.rb
 - lib/graphql-pundit/instrumenters/scope.rb
 - lib/graphql-pundit/version.rb
 homepage: https://github.com/ontohub/graphql-pundit
@@ -247,7 +247,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.13
+rubygems_version: 2.6.14
 signing_key:
 specification_version: 4
 summary: Pundit authorization support for graphql

data/.rubocop_disabled.yml DELETED

@@ -1,119 +0,0 @@
-# These are all the cops that are disabled in the default configuration.
-Layout/FirstArrayElementLineBreak:
-  Description: >-
-                 Checks for a line break before the first element in a
-                 multi-line array.
-  Enabled: false
-Layout/FirstHashElementLineBreak:
-  Description: >-
-                 Checks for a line break before the first element in a
-                 multi-line hash.
-  Enabled: false
-Layout/FirstMethodArgumentLineBreak:
-  Description: >-
-                 Checks for a line break before the first argument in a
-                 multi-line method call.
-  Enabled: false
-Layout/FirstMethodParameterLineBreak:
-  Description: >-
-                 Checks for a line break before the first parameter in a
-                 multi-line method parameter definition.
-  Enabled: false
-Layout/MultilineAssignmentLayout:
-  Description: 'Check for a newline after the assignment operator in multi-line assignments.'
-  StyleGuide: '#indent-conditional-assignment'
-  Enabled: false
-# By default, the rails cops are not run. Override in project or home
-# directory .rubocop.yml files, or by giving the -R/--rails option.
-Rails:
-  Enabled: false
-Rails/SaveBang:
-  Description: 'Identifies possible cases where Active Record save! or related should be used.'
-  StyleGuide: 'https://github.com/bbatsov/rails-style-guide#save-bang'
-  Enabled: false
-Style/AutoResourceCleanup:
-  Description: 'Suggests the usage of an auto resource cleanup version of a method (if available).'
-  Enabled: false
-Style/CollectionMethods:
-  Description: 'Preferred collection methods.'
-  StyleGuide: '#map-find-select-reduce-size'
-  Enabled: false
-Style/Copyright:
-  Description: 'Include a copyright notice in each file before any code.'
-  Enabled: false
-Style/DocumentationMethod:
-  Description: 'Public methods.'
-  Enabled: false
-  Exclude:
-    - 'spec/**/*'
-    - 'test/**/*'
-Style/Encoding:
-  Description: 'Use UTF-8 as the source file encoding.'
-  StyleGuide: '#utf-8'
-  Enabled: false
-Style/ImplicitRuntimeError:
-  Description: >-
-                 Use `raise` or `fail` with an explicit exception class and
-                 message, rather than just a message.
-  Enabled: false
-Style/InlineComment:
-  Description: 'Avoid trailing inline comments.'
-  Enabled: false
-Style/MethodCallWithArgsParentheses:
-  Description: 'Use parentheses for method calls with arguments.'
-  StyleGuide: '#method-invocation-parens'
-  Enabled: false
-Style/MethodCalledOnDoEndBlock:
-  Description: 'Avoid chaining a method call on a do...end block.'
-  StyleGuide: '#single-line-blocks'
-  Enabled: false
-Style/MissingElse:
-  Description: >-
-                Require if/case expressions to have an else branches.
-                If enabled, it is recommended that
-                Style/UnlessElse and Style/EmptyElse be enabled.
-                This will conflict with Style/EmptyElse if
-                Style/EmptyElse is configured to style "both"
-  Enabled: false
-  EnforcedStyle: both
-  SupportedStyles:
-    # if - warn when an if expression is missing an else branch
-    # case - warn when a case expression is missing an else branch
-    # both - warn when an if or case expression is missing an else branch
-    - if
-    - case
-    - both
-Style/OptionHash:
-  Description: "Don't use option hashes when you can use keyword arguments."
-  Enabled: false
-Style/Send:
-  Description: 'Prefer `Object#__send__` or `Object#public_send` to `send`, as `send` may overlap with existing methods.'
-  StyleGuide: '#prefer-public-send'
-  Enabled: false
-Style/StringMethods:
-  Description: 'Checks if configured preferred methods are used over non-preferred.'
-  Enabled: false
-Style/SingleLineBlockParams:
-  Description: 'Enforces the names of some block params.'
-  Enabled: false