iknow_view_models 3.6.1 → 3.6.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/gemfiles/rails_5_2.gemfile +1 -0
- data/gemfiles/rails_6_0.gemfile +1 -0
- data/gemfiles/rails_6_1.gemfile +1 -0
- data/gemfiles/rails_7_0.gemfile +1 -0
- data/iknow_view_models.gemspec +1 -0
- data/lib/iknow_view_models/version.rb +1 -1
- data/lib/view_model/access_control/composed.rb +50 -12
- data/lib/view_model/access_control.rb +8 -0
- data/test/unit/view_model/access_control_test.rb +48 -0
- data/test/unit/view_model/active_record/cache_test.rb +3 -8
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 267212f1572c3f81b65462be6c30e02a12a6562a29d01bd5e0c342a12396acbc
|
|
4
|
+
data.tar.gz: e8c4addd984351d6df889ba7d75abbe8d5bde7793a48791e24a1b42e7a3fdf42
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6039dcc05bed20bce4681c322c3509be3f2a276c0a755fb3e27240eec74fd9eddef68f3c272df33554407853065a98e0f4d03a068c8c0e068cfc02be6f73ab67
|
|
7
|
+
data.tar.gz: 95fb89d93724d5028905612d846534916c4bdacd1bb88009ae434090b183e17d7311bb2709bfa81b08ff3dff45940ced0ce080ff861529c59cbb96671a661b64
|
data/Gemfile
CHANGED
data/gemfiles/rails_5_2.gemfile
CHANGED
data/gemfiles/rails_6_0.gemfile
CHANGED
data/gemfiles/rails_6_1.gemfile
CHANGED
data/gemfiles/rails_7_0.gemfile
CHANGED
data/iknow_view_models.gemspec
CHANGED
|
@@ -39,7 +39,7 @@ class ViewModel::AccessControl::Composed < ViewModel::AccessControl
|
|
|
39
39
|
case
|
|
40
40
|
when new_allow
|
|
41
41
|
nil
|
|
42
|
-
when self.allow_error && other.allow_error
|
|
42
|
+
when mergeable_error?(self.allow_error) && mergeable_error?(other.allow_error)
|
|
43
43
|
self.allow_error.merge(other.allow_error)
|
|
44
44
|
else
|
|
45
45
|
self.allow_error || other.allow_error
|
|
@@ -48,6 +48,12 @@ class ViewModel::AccessControl::Composed < ViewModel::AccessControl
|
|
|
48
48
|
ComposedResult.new(new_allow, other.veto, new_allow_error, other.veto_error)
|
|
49
49
|
end
|
|
50
50
|
end
|
|
51
|
+
|
|
52
|
+
private
|
|
53
|
+
|
|
54
|
+
def mergeable_error?(err)
|
|
55
|
+
err&.is_a?(NoRequiredConditionsError)
|
|
56
|
+
end
|
|
51
57
|
end
|
|
52
58
|
|
|
53
59
|
PermissionsCheck = Struct.new(:location, :reason, :error_type, :checker) do
|
|
@@ -196,22 +202,54 @@ class ViewModel::AccessControl::Composed < ViewModel::AccessControl
|
|
|
196
202
|
protected
|
|
197
203
|
|
|
198
204
|
def check_delegates(env, ifs, unlesses)
|
|
199
|
-
|
|
205
|
+
veto, veto_error = detect_veto(env, unlesses)
|
|
206
|
+
allow, allow_error = detect_allow(env, ifs)
|
|
207
|
+
|
|
208
|
+
ComposedResult.new(allow, veto, allow_error, veto_error)
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
private
|
|
212
|
+
|
|
213
|
+
def detect_veto(env, checkers)
|
|
214
|
+
checkers.each do |checker|
|
|
215
|
+
result = checker.check(env)
|
|
216
|
+
next unless result
|
|
200
217
|
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
218
|
+
error =
|
|
219
|
+
if result.is_a?(StandardError)
|
|
220
|
+
result
|
|
221
|
+
else
|
|
222
|
+
checker.error_type.new('Action not permitted because: ' +
|
|
223
|
+
checker.reason,
|
|
224
|
+
env.view.blame_reference)
|
|
225
|
+
end
|
|
226
|
+
|
|
227
|
+
# short-circuit exit with failure
|
|
228
|
+
return true, error
|
|
206
229
|
end
|
|
207
230
|
|
|
208
|
-
|
|
231
|
+
return false, nil
|
|
232
|
+
end
|
|
233
|
+
|
|
234
|
+
def detect_allow(env, checkers)
|
|
235
|
+
error = nil
|
|
236
|
+
|
|
237
|
+
checkers.each do |checker|
|
|
238
|
+
result = checker.check(env)
|
|
239
|
+
next unless result
|
|
209
240
|
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
241
|
+
if result.is_a?(StandardError)
|
|
242
|
+
error ||= result
|
|
243
|
+
else
|
|
244
|
+
# short-circuit exit with success
|
|
245
|
+
return true, nil
|
|
246
|
+
end
|
|
213
247
|
end
|
|
214
248
|
|
|
215
|
-
|
|
249
|
+
error ||= NoRequiredConditionsError.new(
|
|
250
|
+
env.view.blame_reference,
|
|
251
|
+
checkers.map(&:name))
|
|
252
|
+
|
|
253
|
+
return false, error
|
|
216
254
|
end
|
|
217
255
|
end
|
|
@@ -149,6 +149,14 @@ class ViewModel::AccessControl
|
|
|
149
149
|
def raise_if_error!(result)
|
|
150
150
|
raise (result.error || yield) unless result.permit?
|
|
151
151
|
end
|
|
152
|
+
|
|
153
|
+
# Called from composed access controls via the `env`, this is used to make the
|
|
154
|
+
# if/unless DSL more readable when returning a custom failure error.
|
|
155
|
+
def failure(err)
|
|
156
|
+
raise ArgumentError.new("Unexpected failure type: #{err}") unless err.is_a?(StandardError)
|
|
157
|
+
|
|
158
|
+
err
|
|
159
|
+
end
|
|
152
160
|
end
|
|
153
161
|
|
|
154
162
|
require 'view_model/access_control/open'
|
|
@@ -156,6 +156,54 @@ class ViewModel::AccessControlTest < ActiveSupport::TestCase
|
|
|
156
156
|
assert_equal(2, ex.reasons.count)
|
|
157
157
|
end
|
|
158
158
|
|
|
159
|
+
def test_veto_ordering
|
|
160
|
+
TestAccessControl.visible_if!('always') { true }
|
|
161
|
+
|
|
162
|
+
TestAccessControl.visible_unless!('car starts with i') do
|
|
163
|
+
view.car =~ /^i/
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
TestAccessControl.visible_unless!('car ends with e') do
|
|
167
|
+
view.car =~ /e$/
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
assert_serializes(ListView, List.create!(car: 'ok'))
|
|
171
|
+
refute_serializes(ListView, List.create!(car: 'invisible'), /not permitted.*car starts with i/)
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
def test_custom_error_if
|
|
175
|
+
TestAccessControl.visible_if!('car is visible1') do
|
|
176
|
+
view.car == 'visible1' ||
|
|
177
|
+
# In principle a failure() may return any error, but by returning an
|
|
178
|
+
# AccessControlError we make it possible to test with refute_serializes
|
|
179
|
+
failure(ViewModel::AccessControlError.new('Custom Error Message', view.blame_reference))
|
|
180
|
+
end
|
|
181
|
+
|
|
182
|
+
TestAccessControl.visible_if!('car is visible2') do
|
|
183
|
+
view.car == 'visible2' ||
|
|
184
|
+
# Only the first failure() recorded by a failed if check will be
|
|
185
|
+
# raised as the error.
|
|
186
|
+
failure(ViewModel::AccessControlError.new('Should not be seen', view.blame_reference))
|
|
187
|
+
end
|
|
188
|
+
|
|
189
|
+
assert_serializes(ListView, List.create!(car: 'visible1'))
|
|
190
|
+
assert_serializes(ListView, List.create!(car: 'visible2'))
|
|
191
|
+
refute_serializes(ListView, List.create!(car: 'bad'), /Custom Error Message/)
|
|
192
|
+
end
|
|
193
|
+
|
|
194
|
+
def test_custom_error_unless
|
|
195
|
+
TestAccessControl.visible_if!('always') { true }
|
|
196
|
+
|
|
197
|
+
TestAccessControl.visible_unless!('car is invisible') do
|
|
198
|
+
if view.car == 'invisible'
|
|
199
|
+
failure(ViewModel::AccessControlError.new('Custom Error Message', view.blame_reference))
|
|
200
|
+
end
|
|
201
|
+
end
|
|
202
|
+
|
|
203
|
+
assert_serializes(ListView, List.create!(car: 'ok'))
|
|
204
|
+
refute_serializes(ListView, List.create!(car: 'invisible'), /Custom Error Message/)
|
|
205
|
+
end
|
|
206
|
+
|
|
159
207
|
def test_inheritance
|
|
160
208
|
child_access_control = Class.new(ViewModel::AccessControl::Composed)
|
|
161
209
|
child_access_control.include_from(TestAccessControl)
|
|
@@ -15,16 +15,11 @@ require 'view_model/active_record'
|
|
|
15
15
|
|
|
16
16
|
DUMMY_RAILS_CACHE = ActiveSupport::Cache::MemoryStore.new
|
|
17
17
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
end
|
|
18
|
+
IknowCache.configure! do
|
|
19
|
+
logger ::ActiveRecord::Base.logger
|
|
20
|
+
cache DUMMY_RAILS_CACHE
|
|
22
21
|
end
|
|
23
22
|
|
|
24
|
-
# Ensure we have a dummy Rails, and then prepend our dummy cache
|
|
25
|
-
module Rails; end
|
|
26
|
-
Rails.singleton_class.prepend(RailsDummyCache)
|
|
27
|
-
|
|
28
23
|
class ViewModel::ActiveRecord
|
|
29
24
|
class CacheTest < ActiveSupport::TestCase
|
|
30
25
|
using ViewModel::Utils::Collections
|
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: iknow_view_models
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.6.
|
|
4
|
+
version: 3.6.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- iKnow Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-02-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: actionpack
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '5.0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '5.0'
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: activerecord
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|