graphql-pundit 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/.travis.yml +3 -1
- data/README.md +11 -2
- data/graphql-pundit.gemspec +4 -4
- data/lib/graphql-pundit.rb +2 -1
- data/lib/graphql-pundit/instrumenters/authorization.rb +9 -2
- data/lib/graphql-pundit/version.rb +1 -1
- metadata +17 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b43400b6b949a08dc35c26cd42b42b164928291a
|
|
4
|
+
data.tar.gz: 04b488cd1da37c302fe8cf69f8f214cbc59d441c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 980afb0446cc26117a1ffdb11c619d8d157cf24d1aeb41e6474f6618d22679d0fd4d3d225d91ac4d9121e8b3cfe851ba15f9a0f126352717754389bbac94dcef
|
|
7
|
+
data.tar.gz: 0bf87b21c14a0545cdf32c83763aa9ed8336d399dd404ac9a308efc836b9049134c1559a3ffd9d52d33106cdc0abb2e1db4ff97b34fd00ffbb8ccbe1465f9d54
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.4.
|
|
1
|
+
2.4.2
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -67,12 +67,21 @@ Now, in some cases you'll want to use a different policy, or in case of mutation
|
|
|
67
67
|
|
|
68
68
|
```ruby
|
|
69
69
|
field :createUser
|
|
70
|
-
authorize! :create, User # or User.new; will use UserPolicy#create?
|
|
70
|
+
authorize! :create, policy: User # or User.new; will use UserPolicy#create?
|
|
71
71
|
resolve ...
|
|
72
72
|
end
|
|
73
73
|
```
|
|
74
74
|
|
|
75
|
-
This will use the `:create?` method of the `UserPolicy`. You can also pass in objects instead of a class, if you wish to authorize the user for the specific object.
|
|
75
|
+
This will use the `:create?` method of the `UserPolicy`. You can also pass in objects instead of a class (or symbol), if you wish to authorize the user for the specific object.
|
|
76
|
+
|
|
77
|
+
If you want to pass a different value to the policy, you can use the keyword argument `record`:
|
|
78
|
+
|
|
79
|
+
```ruby
|
|
80
|
+
field :createUser
|
|
81
|
+
authorize! :create, record: User.new # or User.new; will use UserPolicy#create?
|
|
82
|
+
resolve ...
|
|
83
|
+
end
|
|
84
|
+
```
|
|
76
85
|
|
|
77
86
|
You might have also noticed the use of `authorize!` instead of `authorize` in this example. The difference between the two is this:
|
|
78
87
|
|
data/graphql-pundit.gemspec
CHANGED
|
@@ -23,14 +23,14 @@ Gem::Specification.new do |spec|
|
|
|
23
23
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
24
24
|
spec.require_paths = ['lib']
|
|
25
25
|
|
|
26
|
-
spec.add_dependency 'graphql', '
|
|
26
|
+
spec.add_dependency 'graphql', '>= 1.6.4', '< 1.8.0'
|
|
27
27
|
spec.add_dependency 'pundit', '~> 1.1.0'
|
|
28
28
|
|
|
29
|
-
spec.add_development_dependency 'pry', '~> 0.
|
|
29
|
+
spec.add_development_dependency 'pry', '~> 0.11.0'
|
|
30
30
|
spec.add_development_dependency 'bundler', '~> 1.14'
|
|
31
31
|
spec.add_development_dependency 'rake', '~> 12.0'
|
|
32
32
|
spec.add_development_dependency 'rspec', '~> 3.6'
|
|
33
|
-
spec.add_development_dependency 'rubocop', '~> 0.
|
|
34
|
-
spec.add_development_dependency 'simplecov', '~> 0.
|
|
33
|
+
spec.add_development_dependency 'rubocop', '~> 0.50.0'
|
|
34
|
+
spec.add_development_dependency 'simplecov', '~> 0.15.1'
|
|
35
35
|
spec.add_development_dependency 'codecov', '~> 0.1.10'
|
|
36
36
|
end
|
data/lib/graphql-pundit.rb
CHANGED
|
@@ -8,9 +8,10 @@ require 'graphql'
|
|
|
8
8
|
# Define `authorize` and `authorize!` helpers
|
|
9
9
|
module GraphQL
|
|
10
10
|
def self.assign_authorize(raise_unauthorized)
|
|
11
|
-
lambda do |defn, query = nil, record
|
|
11
|
+
lambda do |defn, query = nil, policy: nil, record: nil|
|
|
12
12
|
opts = {record: record,
|
|
13
13
|
query: query || defn.name,
|
|
14
|
+
policy: policy,
|
|
14
15
|
raise: raise_unauthorized}
|
|
15
16
|
if query.respond_to?(:call)
|
|
16
17
|
opts = {proc: query, raise: raise_unauthorized}
|
|
@@ -34,9 +34,16 @@ module GraphQL
|
|
|
34
34
|
else
|
|
35
35
|
query = options[:query].to_s + '?'
|
|
36
36
|
record = options[:record] || obj
|
|
37
|
-
|
|
37
|
+
policy = options[:policy] || record
|
|
38
|
+
policy = ::Pundit::PolicyFinder.new(policy).policy!
|
|
39
|
+
policy = policy.new(ctx[current_user], record)
|
|
40
|
+
policy.public_send(query)
|
|
38
41
|
end
|
|
39
|
-
|
|
42
|
+
unless result
|
|
43
|
+
raise ::Pundit::NotAuthorizedError, query: query,
|
|
44
|
+
record: record,
|
|
45
|
+
policy: policy
|
|
46
|
+
end
|
|
40
47
|
old_resolve.call(obj, args, ctx)
|
|
41
48
|
rescue ::Pundit::NotAuthorizedError
|
|
42
49
|
if options[:raise]
|
metadata
CHANGED
|
@@ -1,29 +1,35 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: graphql-pundit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ontohub Core Developers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-10-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: graphql
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: 1.6.4
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: 1.8.0
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: 1.6.4
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: 1.8.0
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: pundit
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -44,14 +50,14 @@ dependencies:
|
|
|
44
50
|
requirements:
|
|
45
51
|
- - "~>"
|
|
46
52
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.
|
|
53
|
+
version: 0.11.0
|
|
48
54
|
type: :development
|
|
49
55
|
prerelease: false
|
|
50
56
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
57
|
requirements:
|
|
52
58
|
- - "~>"
|
|
53
59
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.
|
|
60
|
+
version: 0.11.0
|
|
55
61
|
- !ruby/object:Gem::Dependency
|
|
56
62
|
name: bundler
|
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,28 +106,28 @@ dependencies:
|
|
|
100
106
|
requirements:
|
|
101
107
|
- - "~>"
|
|
102
108
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
109
|
+
version: 0.50.0
|
|
104
110
|
type: :development
|
|
105
111
|
prerelease: false
|
|
106
112
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
113
|
requirements:
|
|
108
114
|
- - "~>"
|
|
109
115
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
116
|
+
version: 0.50.0
|
|
111
117
|
- !ruby/object:Gem::Dependency
|
|
112
118
|
name: simplecov
|
|
113
119
|
requirement: !ruby/object:Gem::Requirement
|
|
114
120
|
requirements:
|
|
115
121
|
- - "~>"
|
|
116
122
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
123
|
+
version: 0.15.1
|
|
118
124
|
type: :development
|
|
119
125
|
prerelease: false
|
|
120
126
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
127
|
requirements:
|
|
122
128
|
- - "~>"
|
|
123
129
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
130
|
+
version: 0.15.1
|
|
125
131
|
- !ruby/object:Gem::Dependency
|
|
126
132
|
name: codecov
|
|
127
133
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -185,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
185
191
|
version: '0'
|
|
186
192
|
requirements: []
|
|
187
193
|
rubyforge_project:
|
|
188
|
-
rubygems_version: 2.6.
|
|
194
|
+
rubygems_version: 2.6.13
|
|
189
195
|
signing_key:
|
|
190
196
|
specification_version: 4
|
|
191
197
|
summary: Pundit authorization support for graphql
|