ibrain-core 0.5.9 → 0.5.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0aa56d8f68330f8af35bb32ce99381926e593797720f0264534e09f468de4251
-  data.tar.gz: bc507c9b0b4f58b2ee9994773956d7682ba3344166ece3a216e2a432c069281c
+  metadata.gz: 330ce67ab6f228e04d3b6ca92feeb6dd7c6d604861abe797c8e582f2b15d431d
+  data.tar.gz: d77dc76e8f9665b905dcdc927200db46ce7cc535d730dc54a5841f0cc42fe54b
 SHA512:
-  metadata.gz: f500616cf858dd72c2cb638de7af1ddb781705bb794764beb5a6c3158eed9cd8748378ede513d615dce23cc5b194b78f7d2ecb8d684bd986e9308ea745cdfdb1
-  data.tar.gz: 77fa6f8f757ece450078226a519eb26b35840956bb7f2d1d78ccf7266e78bba93be09498a94310059fbd9b2c0b73bc4e3c3e26bdfc6a1558117ef52625b7c74c
+  metadata.gz: 69a63bc198060fd596b93fbd164827950261da9bcd8105426a3f5965b2442b0141844725f6906b70c1244b1567396be548535b6916c18a4dc9a01d137edbf63d
+  data.tar.gz: 192d6dc9fe457cd124eeb240bd111d44bab696db7e414b1ef16f3ac10b5d979c6f50d08bd010986bcd7b8b86dea51d9eeb9fd2c8a02c8b7671fb0ec39692afbe

data/app/graphql/ibrain/extentions/active_required.rb

@@ -4,7 +4,7 @@ module Ibrain
   module Extentions
     class ActiveRequired < GraphQL::Schema::FieldExtension
       def resolve(object:, arguments:, **rest)
-        raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated') if is_invalid_session(object)
+        raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.session.is_deactivated') if is_inactivated(object)
 
         # yield the current time as `memo`
         yield(object, arguments, rest)
@@ -12,9 +12,9 @@ module Ibrain
 
       private
 
-      def is_activated(object)
+      def is_inactivated(object)
         current_user = object.try(:context).try(:fetch, :current_user, nil)
-        current_user.try(:is_activated?) && options.try(:fetch, :active_required, false)
+        current_user.try(:is_activated?)
       end
     end
   end

data/app/graphql/ibrain/extentions/authorize_required.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Ibrain
+  module Extentions
+    class AuthorizeRequired < GraphQL::Schema::FieldExtension
+      def resolve(object:, arguments:, **rest)
+        raise IbrainErrors::PermissionError.new("You not have permission to access #{field&.name}") unless is_authorized(object)
+
+        # yield the current time as `memo`
+        yield(object, arguments, rest)
+      end
+
+      private
+
+      def is_authorized(object)
+        required_roles = Ibrain::Config.authorize_resource_enabled_with_roles
+        current_user = object.try(:context).try(:fetch, :current_user, nil)
+
+        role = current_user.try(:role) || current_user.try(:graphql_role)
+
+        return true unless required_roles.include?(role)
+
+        current_user.try(:is_authorized?, field.name)
+      end
+    end
+  end
+end

data/app/graphql/ibrain/types/base_api_field.rb

@@ -5,7 +5,7 @@ module Ibrain
     class BaseApiField < GraphQL::Schema::Field
       argument_class ::Ibrain::Types::BaseArgument
 
-      def initialize(*args, session_required: true, roles: nil, active_required: true, **kwargs, &block)
+      def initialize(*args, session_required: true, roles: nil, active_required: true, authorize_required: true, **kwargs, &block)
         super(*args, camelize: false, **kwargs, &block)
 
         extension(Ibrain::Extentions::SessionRequired, session_required: session_required) if session_required
@@ -14,6 +14,11 @@ module Ibrain
         if Ibrain::Config.is_require_activated_account && active_required
           extension(Ibrain::Extentions::ActiveRequired)
         end
+
+        required_roles = Ibrain::Config.authorize_resource_enabled_with_roles || []
+        if required_roles.size.positive? && authorize_required
+          extension(Ibrain::Extentions::AuthorizeRequired)
+        end
       end
     end
   end

data/lib/generators/ibrain/install/templates/config/initializers/ibrain.rb.tt

@@ -56,6 +56,9 @@ Ibrain.config do |config|
 
   # Enable require active
   config.is_require_activated_account = false
+
+  # Enabled authorize resource by user
+  config.authorize_resource_enabled_with_roles = %w[]
 end
 
 <% if defined?(Ibrain::Api::Engine) -%>

data/lib/ibrain/app_configuration.rb

@@ -59,6 +59,9 @@ module Ibrain
 
     preference :is_require_activated_account, :boolean, default: false
 
+    # Enabled authorize resource by user
+    preference :authorize_resource_enabled_with_roles, :array, default: []
+
     def static_model_preferences
       @static_model_preferences ||= Ibrain::Preferences::StaticModelPreferences.new
     end

data/lib/ibrain/core/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Ibrain
-  VERSION = "0.5.9"
+  VERSION = "0.5.10"
 
   def self.ibrain_version
     VERSION

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ibrain-core
 version: !ruby/object:Gem::Version
-  version: 0.5.9
+  version: 0.5.10
 platform: ruby
 authors:
 - Tai Nguyen Van
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-31 00:00:00.000000000 Z
+date: 2023-02-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord-session_store
@@ -166,6 +166,7 @@ files:
 - app/controllers/ibrain/core/graphql_controller.rb
 - app/graphql/ibrain/base_schema.rb
 - app/graphql/ibrain/extentions/active_required.rb
+- app/graphql/ibrain/extentions/authorize_required.rb
 - app/graphql/ibrain/extentions/default_value.rb
 - app/graphql/ibrain/extentions/roles.rb
 - app/graphql/ibrain/extentions/session_required.rb