graphql-pundit 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/.travis.yml +3 -1
- data/README.md +11 -2
- data/graphql-pundit.gemspec +4 -4
- data/lib/graphql-pundit.rb +2 -1
- data/lib/graphql-pundit/instrumenters/authorization.rb +9 -2
- data/lib/graphql-pundit/version.rb +1 -1
- metadata +17 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b43400b6b949a08dc35c26cd42b42b164928291a
|
|
4
|
+
data.tar.gz: 04b488cd1da37c302fe8cf69f8f214cbc59d441c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 980afb0446cc26117a1ffdb11c619d8d157cf24d1aeb41e6474f6618d22679d0fd4d3d225d91ac4d9121e8b3cfe851ba15f9a0f126352717754389bbac94dcef
|
|
7
|
+
data.tar.gz: 0bf87b21c14a0545cdf32c83763aa9ed8336d399dd404ac9a308efc836b9049134c1559a3ffd9d52d33106cdc0abb2e1db4ff97b34fd00ffbb8ccbe1465f9d54
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.4.
|
|
1
|
+
2.4.2
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -67,12 +67,21 @@ Now, in some cases you'll want to use a different policy, or in case of mutation
|
|
|
67
67
|
|
|
68
68
|
```ruby
|
|
69
69
|
field :createUser
|
|
70
|
-
authorize! :create, User # or User.new; will use UserPolicy#create?
|
|
70
|
+
authorize! :create, policy: User # or User.new; will use UserPolicy#create?
|
|
71
71
|
resolve ...
|
|
72
72
|
end
|
|
73
73
|
```
|
|
74
74
|
|
|
75
|
-
This will use the `:create?` method of the `UserPolicy`. You can also pass in objects instead of a class, if you wish to authorize the user for the specific object.
|
|
75
|
+
This will use the `:create?` method of the `UserPolicy`. You can also pass in objects instead of a class (or symbol), if you wish to authorize the user for the specific object.
|
|
76
|
+
|
|
77
|
+
If you want to pass a different value to the policy, you can use the keyword argument `record`:
|
|
78
|
+
|
|
79
|
+
```ruby
|
|
80
|
+
field :createUser
|
|
81
|
+
authorize! :create, record: User.new # or User.new; will use UserPolicy#create?
|
|
82
|
+
resolve ...
|
|
83
|
+
end
|
|
84
|
+
```
|
|
76
85
|
|
|
77
86
|
You might have also noticed the use of `authorize!` instead of `authorize` in this example. The difference between the two is this:
|
|
78
87
|
|
data/graphql-pundit.gemspec
CHANGED
|
@@ -23,14 +23,14 @@ Gem::Specification.new do |spec|
|
|
|
23
23
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
24
24
|
spec.require_paths = ['lib']
|
|
25
25
|
|
|
26
|
-
spec.add_dependency 'graphql', '
|
|
26
|
+
spec.add_dependency 'graphql', '>= 1.6.4', '< 1.8.0'
|
|
27
27
|
spec.add_dependency 'pundit', '~> 1.1.0'
|
|
28
28
|
|
|
29
|
-
spec.add_development_dependency 'pry', '~> 0.
|
|
29
|
+
spec.add_development_dependency 'pry', '~> 0.11.0'
|
|
30
30
|
spec.add_development_dependency 'bundler', '~> 1.14'
|
|
31
31
|
spec.add_development_dependency 'rake', '~> 12.0'
|
|
32
32
|
spec.add_development_dependency 'rspec', '~> 3.6'
|
|
33
|
-
spec.add_development_dependency 'rubocop', '~> 0.
|
|
34
|
-
spec.add_development_dependency 'simplecov', '~> 0.
|
|
33
|
+
spec.add_development_dependency 'rubocop', '~> 0.50.0'
|
|
34
|
+
spec.add_development_dependency 'simplecov', '~> 0.15.1'
|
|
35
35
|
spec.add_development_dependency 'codecov', '~> 0.1.10'
|
|
36
36
|
end
|
data/lib/graphql-pundit.rb
CHANGED
|
@@ -8,9 +8,10 @@ require 'graphql'
|
|
|
8
8
|
# Define `authorize` and `authorize!` helpers
|
|
9
9
|
module GraphQL
|
|
10
10
|
def self.assign_authorize(raise_unauthorized)
|
|
11
|
-
lambda do |defn, query = nil, record
|
|
11
|
+
lambda do |defn, query = nil, policy: nil, record: nil|
|
|
12
12
|
opts = {record: record,
|
|
13
13
|
query: query || defn.name,
|
|
14
|
+
policy: policy,
|
|
14
15
|
raise: raise_unauthorized}
|
|
15
16
|
if query.respond_to?(:call)
|
|
16
17
|
opts = {proc: query, raise: raise_unauthorized}
|
|
@@ -34,9 +34,16 @@ module GraphQL
|
|
|
34
34
|
else
|
|
35
35
|
query = options[:query].to_s + '?'
|
|
36
36
|
record = options[:record] || obj
|
|
37
|
-
|
|
37
|
+
policy = options[:policy] || record
|
|
38
|
+
policy = ::Pundit::PolicyFinder.new(policy).policy!
|
|
39
|
+
policy = policy.new(ctx[current_user], record)
|
|
40
|
+
policy.public_send(query)
|
|
38
41
|
end
|
|
39
|
-
|
|
42
|
+
unless result
|
|
43
|
+
raise ::Pundit::NotAuthorizedError, query: query,
|
|
44
|
+
record: record,
|
|
45
|
+
policy: policy
|
|
46
|
+
end
|
|
40
47
|
old_resolve.call(obj, args, ctx)
|
|
41
48
|
rescue ::Pundit::NotAuthorizedError
|
|
42
49
|
if options[:raise]
|
metadata
CHANGED
|
@@ -1,29 +1,35 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: graphql-pundit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ontohub Core Developers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-10-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: graphql
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: 1.6.4
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: 1.8.0
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: 1.6.4
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: 1.8.0
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: pundit
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -44,14 +50,14 @@ dependencies:
|
|
|
44
50
|
requirements:
|
|
45
51
|
- - "~>"
|
|
46
52
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.
|
|
53
|
+
version: 0.11.0
|
|
48
54
|
type: :development
|
|
49
55
|
prerelease: false
|
|
50
56
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
57
|
requirements:
|
|
52
58
|
- - "~>"
|
|
53
59
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.
|
|
60
|
+
version: 0.11.0
|
|
55
61
|
- !ruby/object:Gem::Dependency
|
|
56
62
|
name: bundler
|
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,28 +106,28 @@ dependencies:
|
|
|
100
106
|
requirements:
|
|
101
107
|
- - "~>"
|
|
102
108
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
109
|
+
version: 0.50.0
|
|
104
110
|
type: :development
|
|
105
111
|
prerelease: false
|
|
106
112
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
113
|
requirements:
|
|
108
114
|
- - "~>"
|
|
109
115
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
116
|
+
version: 0.50.0
|
|
111
117
|
- !ruby/object:Gem::Dependency
|
|
112
118
|
name: simplecov
|
|
113
119
|
requirement: !ruby/object:Gem::Requirement
|
|
114
120
|
requirements:
|
|
115
121
|
- - "~>"
|
|
116
122
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
123
|
+
version: 0.15.1
|
|
118
124
|
type: :development
|
|
119
125
|
prerelease: false
|
|
120
126
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
127
|
requirements:
|
|
122
128
|
- - "~>"
|
|
123
129
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
130
|
+
version: 0.15.1
|
|
125
131
|
- !ruby/object:Gem::Dependency
|
|
126
132
|
name: codecov
|
|
127
133
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -185,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
185
191
|
version: '0'
|
|
186
192
|
requirements: []
|
|
187
193
|
rubyforge_project:
|
|
188
|
-
rubygems_version: 2.6.
|
|
194
|
+
rubygems_version: 2.6.13
|
|
189
195
|
signing_key:
|
|
190
196
|
specification_version: 4
|
|
191
197
|
summary: Pundit authorization support for graphql
|