isomorfeus-policy 2.5.5 → 22.9.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +7 -15
  3. data/lib/isomorfeus/policy/version.rb +1 -1
  4. data/lib/isomorfeus-policy.rb +3 -9
  5. data/lib/lucid_policy.rb +211 -0
  6. metadata +13 -45
  7. data/lib/isomorfeus_policy/lucid_policy/base.rb +0 -10
  8. data/lib/isomorfeus_policy/lucid_policy/exception.rb +0 -4
  9. data/lib/isomorfeus_policy/lucid_policy/helper.rb +0 -22
  10. data/lib/isomorfeus_policy/lucid_policy/mixin.rb +0 -191
  11. data/lib/lucid_props.rb +0 -90
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d4dd183a4eb8e1a50b194e9afd01dd113760048cb03b642383600f263fc0d2e4
4
- data.tar.gz: a8b119aa0ad9d27dcda8b0a7b41064ab43db480cd7be6f4354b34760ea86c4e4
3
+ metadata.gz: 9e0fb64bf98a281fecdc83a713a266fd1ec5f57071f886212afe6602217e40b6
4
+ data.tar.gz: 7e768fcfc03fe6f3a60f0d51b71e4291b2359dad18ddf584a40f73845e5d12bc
5
5
  SHA512:
6
- metadata.gz: 92a935d2311ff215f6da12f309731355f20b0bc11a03a7f774e2ed03ec6cdac08219d0fb4ec95abe8852ebcbca325968e8c9321dbbbba59fa7b99e3c98c1d970
7
- data.tar.gz: f3391138652fd1279ca1de27bc44c17c0c13e02c9bf084b4a4d9cecfe17c9875b47e2908e014e9088394a4db924b6bf772d6d70d106ef565af9b2fc9bbe6795e
6
+ metadata.gz: 80feefd0c628ebbc0ec908b0086b393f41d36f79005452db01155c0edb1adda5066b89d0e07468ba981858cf4c30efcb92428db6bb0d7ba0590c4b12dc72481a
7
+ data.tar.gz: ec9cab7fba10b3e42bee29685975f20d3fc0f1e505eb8eb84e6be50eeb3c1ff9f59b89767d02a404c3b5234ba4db2fd50acbe39ab8fef5f6fd32b1a4ef44e904
data/README.md CHANGED
@@ -13,15 +13,7 @@ Everything that is not explicitly allowed somewhere is denied.
13
13
 
14
14
  Place the policy files in your projects `app/policies` directory.
15
15
 
16
- Any class that would like to authorize for accessing a resource needs to include the `LucidAuthorization::Mixin`
17
- or inherit from `LucidAuthorization::Base`. Example:
18
-
19
- ```ruby
20
- class MyUser
21
- include LucdiAuthorization::Mixin
22
- end
23
- ```
24
- Any instance of that class then has the following methods available:
16
+ Any instance of a LucidUser class has the following methods available:
25
17
  - `authorized?(target_class, method_name, props)` - returning true or false
26
18
  - `authorized!(target_class, method_name, props)` - raising a exception if access is denied, otherwise returning true
27
19
 
@@ -33,7 +25,7 @@ For a class `MyUser` the policy class must be `MyUserPolicy`.
33
25
  ### Simple Rules
34
26
  Example Policy:
35
27
  ```ruby
36
- class MyUserPolicy < LucidPolicy::Base
28
+ class MyUserPolicy < LucidPolicy
37
29
  # allow access to all methods of a class
38
30
  allow BlaBlaGraph
39
31
  # class names can be given as strings which benefits autoload performance as the class can be loaded later on
@@ -100,8 +92,8 @@ which will raise a LucidPolicy::Exception unless authorized
100
92
  ### Custom Rules
101
93
  Besides calling methods or executing blocks from allow or deny, custom rules can be defined. Example:
102
94
  ```ruby
103
- class MyUserPolicy < LucidPolicy::Base
104
- rule BlaGraph, :load, :count do |user, target_class_name, target_method, props|
95
+ class MyUserPolicy < LucidPolicy
96
+ rule BlaGraph, :load, :count do |user, props|
105
97
  allow if user.verified?
106
98
  allow if user.admin?
107
99
  deny
@@ -120,8 +112,8 @@ The recommended default rule for combined policies is `deny others`.
120
112
 
121
113
  Given a:
122
114
  ```ruby
123
- class AdminRolePolicy < LucidPolicy::Base
124
- rule BlaGraph, :load, :count do |user, target_class_name, target_method, props|
115
+ class AdminRolePolicy < LucidPolicy
116
+ rule BlaGraph, :load, :count do |user, props|
125
117
  allow if user.verified?
126
118
  deny
127
119
  end
@@ -129,7 +121,7 @@ Given a:
129
121
  ```
130
122
  another policy can include the rules. Example:
131
123
  ```ruby
132
- class MyUserPolicy < LucidPolicy::Base
124
+ class MyUserPolicy < LucidPolicy
133
125
  combine_with AdminRolePolicy
134
126
 
135
127
  # conditions as for allow and deny can be used too
data/lib/isomorfeus/policy/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Isomorfeus
2
2
  module Policy
3
- VERSION = '2.5.5'
3
+ VERSION = '22.9.0.rc1'
4
4
  end
5
5
  end
data/lib/isomorfeus-policy.rb CHANGED
@@ -1,19 +1,13 @@
1
- require 'isomorfeus-preact'
1
+ require 'isomorfeus-transport'
2
2
  require 'isomorfeus/policy/config'
3
- require 'lucid_props'
3
+ require 'lucid_policy'
4
4
 
5
5
  if RUBY_ENGINE == 'opal'
6
- Isomorfeus.zeitwerk.push_dir('isomorfeus_policy')
7
- require_tree 'isomorfeus_policy', autoload: true
8
6
  Isomorfeus.zeitwerk.push_dir('policies')
9
7
  else
10
- require 'isomorfeus_policy/lucid_policy/exception'
11
- require 'isomorfeus_policy/lucid_policy/helper'
12
- require 'isomorfeus_policy/lucid_policy/mixin'
13
- require 'isomorfeus_policy/lucid_policy/base'
14
8
  require 'iso_opal'
15
-
16
9
  Opal.append_path(__dir__.untaint) unless IsoOpal.paths_include?(__dir__.untaint)
10
+
17
11
  path = File.expand_path(File.join('app', 'policies'))
18
12
  Isomorfeus.zeitwerk.push_dir(path) if Dir.exist?(path)
19
13
  end
data/lib/lucid_policy.rb ADDED
@@ -0,0 +1,211 @@
1
+ class LucidPolicy
2
+ class Exception < ::Exception
3
+ end
4
+
5
+ class Helper < BasicObject
6
+ attr_reader :result
7
+
8
+ def initialize
9
+ @result = :deny
10
+ end
11
+
12
+ def allow
13
+ @result = :allow
14
+ nil
15
+ end
16
+
17
+ def deny
18
+ nil
19
+ end
20
+
21
+ def current_user
22
+ Isomorfeus.current_user
23
+ end
24
+ end
25
+
26
+ class << self
27
+ def inherited(base)
28
+ if RUBY_ENGINE != 'opal'
29
+ Isomorfeus.add_valid_policy_class(base)
30
+ end
31
+ end
32
+
33
+ def authorization_rules
34
+ @authorization_rules ||= { rules: {}.dup, policies: {}.dup, others: :deny }.dup
35
+ end
36
+
37
+ def all
38
+ :all
39
+ end
40
+
41
+ def allow(*classes_and_methods_and_options)
42
+ _allow_or_deny(:allow, *classes_and_methods_and_options)
43
+ end
44
+
45
+ def deny(*classes_and_methods_and_options)
46
+ _allow_or_deny(:deny, *classes_and_methods_and_options)
47
+ end
48
+
49
+ def others
50
+ :others
51
+ end
52
+
53
+ def rule(*classes_and_methods, &block)
54
+ _allow_or_deny(:rule, *classes_and_methods, &block)
55
+ end
56
+
57
+ def combine_with(policy_class, **options)
58
+ authorization_rules[:policies] = { policy_class => options }
59
+ end
60
+
61
+ def _allow_or_deny(thing, *classes_methods_options, &block)
62
+ rules = authorization_rules
63
+
64
+ if %i[allow deny].include?(thing) && %i[others all].include?(classes_methods_options.first)
65
+ rules[:others] = thing
66
+ return
67
+ end
68
+
69
+ target_classes = []
70
+ target_methods = []
71
+ target_options = {}
72
+
73
+ classes_methods_options.each do |class_method_option|
74
+ if class_method_option.class == Hash
75
+ target_options = class_method_option
76
+ else
77
+ class_or_method_s = class_method_option.to_s
78
+ if class_method_option.class == Symbol && class_or_method_s[0].downcase == class_or_method_s[0]
79
+ target_methods << class_method_option
80
+ else
81
+ class_method_option = class_or_method_s unless class_method_option.class == String
82
+ target_classes << class_method_option
83
+ end
84
+ end
85
+ end
86
+
87
+ thing_or_block = block_given? ? block : thing
88
+
89
+ target_classes.each do |target_class|
90
+ target_class = target_class.split('>::').last if target_class.start_with?('#<')
91
+ rules[:rules][target_class] = {} unless rules[:rules].key?(target_class)
92
+
93
+ if target_methods.empty?
94
+ rules[:rules][target_class][:rule] = thing_or_block
95
+ rules[:rules][target_class][:options] = target_options unless target_options.empty?
96
+ else
97
+ rules[:rules][target_class][:rule] = :deny unless rules[:rules][target_class].key?(:rule)
98
+ rules[:rules][target_class][:methods] = {} unless rules[:rules][target_class].key?(:methods)
99
+ target_methods.each do |target_method|
100
+ rules[:rules][target_class][:methods][target_method] = { rule: thing_or_block }
101
+ rules[:rules][target_class][:methods][target_method][:options] = target_options unless target_options.empty?
102
+ end
103
+ end
104
+ end
105
+ end
106
+ end
107
+
108
+ attr_reader :reason
109
+
110
+ def initialize(object, record_reason = nil)
111
+ @object = object
112
+ @reason = nil
113
+ @record_reason = record_reason
114
+ if @record_reason
115
+ @class_name = self.class.name
116
+ @class_name = @class_name.split('>::').last if @class_name.start_with?('#<')
117
+ end
118
+ end
119
+
120
+ def authorized?(target_class, target_method = nil, props = nil)
121
+ Isomorfeus.raise_error(error_class: LucidPolicy::Exception, message: "#{self}: At least the class or class name must be given!") unless target_class
122
+
123
+ target_class = target_class.to_s unless target_class.class == String
124
+ target_class = target_class.split('>::').last if target_class.start_with?('#<')
125
+
126
+ rules = self.class.authorization_rules
127
+
128
+ result = if rules[:rules].key?(target_class)
129
+ if target_method && rules[:rules][target_class].key?(:methods) && rules[:rules][target_class][:methods].key?(target_method)
130
+ options = rules[:rules][target_class][:methods][target_method][:options]
131
+ rule = rules[:rules][target_class][:methods][target_method][:rule]
132
+ @reason = { policy_class: @class_name, class_name: target_class, method: target_method, rule: rule } if @record_reason
133
+ else
134
+ options = rules[:rules][target_class][:options]
135
+ rule = rules[:rules][target_class][:rule]
136
+ @reason = { policy_class: @class_name, class_name: target_class, rule: rule } if @record_reason
137
+ end
138
+
139
+ if rule.class == Symbol || rule.class == String
140
+ if options
141
+ condition, method_result = _get_condition_and_result(options, props)
142
+ if @record_reason
143
+ @reason[:condition] = condition
144
+ @reason[:condition_result] = method_result
145
+ end
146
+ rule if (condition == :if && method_result == true) || (condition == :if_not && method_result == false)
147
+ else
148
+ rule
149
+ end
150
+ else
151
+ policy_helper = LucidPolicy::Helper.new
152
+ policy_helper.instance_exec(@object, props, &rule)
153
+ r = policy_helper.result
154
+ @reason[:rule_result] = r if @record_reason
155
+ r
156
+ end
157
+ else
158
+ r = rules[:others]
159
+ @reason = { policy_class: @class_name, class_name: target_class, others: r } if @record_reason
160
+ r
161
+ end
162
+
163
+ return true if result == :allow
164
+
165
+ rules[:policies].each do |policy_class, options|
166
+ combined_policy_result = nil
167
+ if options.empty?
168
+ policy_instance = policy_class.new(@object, @record_reason)
169
+ combined_policy_result = policy_instance.authorized?(target_class, target_method, props)
170
+ @reason = @reason = { policy_class: @class_name, combined: policy_instance.reason } if @record_reason
171
+ else
172
+ condition, method_result = _get_condition_and_result(options, props)
173
+ if (condition == :if && method_result == true) || (condition == :if_not && method_result == false)
174
+ policy_instance = policy_class.new(@object, @record_reason)
175
+ combined_policy_result = policy_instance.authorized?(target_class, target_method, props)
176
+ @reason = { policy_class: @class_name, combined: policy_instance.reason, condition: condition, condition_result: method_result } if @record_reason
177
+ end
178
+ end
179
+ return true if combined_policy_result == true
180
+ end
181
+
182
+ result == :allow ? true : false
183
+ end
184
+
185
+ def authorized!(target_class, target_method = nil, props = nil)
186
+ result = authorized?(target_class, target_method, props)
187
+ reason_message = reason ? ", reason: #{reason}" : ''
188
+ return true if result
189
+ Isomorfeus.raise_error(error_class: LucidPolicy::Exception, message: "#{@object}: not authorized to call #{target_class}#{}#{target_method} #{props} #{reason_message}!")
190
+ end
191
+
192
+ def _get_condition_and_result(options, props)
193
+ condition = nil
194
+ method_name_or_block = if options.key?(:if)
195
+ condition = :if
196
+ options[:if]
197
+ elsif options.key?(:if_not)
198
+ condition = :if_not
199
+ options[:if_not]
200
+ elsif options.key?(:unless)
201
+ condition = :if_not
202
+ options[:unless]
203
+ end
204
+ method_result = if method_name_or_block && method_name_or_block.class == Symbol
205
+ @object.__send__(method_name_or_block)
206
+ else
207
+ method_name_or_block.call(@object, props)
208
+ end
209
+ [condition, method_result]
210
+ end
211
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: isomorfeus-policy
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.5.5
4
+ version: 22.9.0.rc1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jan Biedermann
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-06-01 00:00:00.000000000 Z
11
+ date: 2022-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: opal
@@ -16,70 +16,42 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.5.0
19
+ version: 1.5.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.5.0
27
- - !ruby/object:Gem::Dependency
28
- name: isomorfeus-asset-manager
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - "~>"
32
- - !ruby/object:Gem::Version
33
- version: 0.14.24
34
- type: :runtime
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - "~>"
39
- - !ruby/object:Gem::Version
40
- version: 0.14.24
41
- - !ruby/object:Gem::Dependency
42
- name: isomorfeus-preact
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: 10.7.2
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - "~>"
53
- - !ruby/object:Gem::Version
54
- version: 10.7.2
26
+ version: 1.5.1
55
27
  - !ruby/object:Gem::Dependency
56
28
  name: isomorfeus-redux
57
29
  requirement: !ruby/object:Gem::Requirement
58
30
  requirements:
59
- - - "~>"
31
+ - - '='
60
32
  - !ruby/object:Gem::Version
61
- version: 4.2.0
33
+ version: 22.9.0.rc1
62
34
  type: :runtime
63
35
  prerelease: false
64
36
  version_requirements: !ruby/object:Gem::Requirement
65
37
  requirements:
66
- - - "~>"
38
+ - - '='
67
39
  - !ruby/object:Gem::Version
68
- version: 4.2.0
40
+ version: 22.9.0.rc1
69
41
  - !ruby/object:Gem::Dependency
70
42
  name: isomorfeus
71
43
  requirement: !ruby/object:Gem::Requirement
72
44
  requirements:
73
45
  - - '='
74
46
  - !ruby/object:Gem::Version
75
- version: 2.5.5
47
+ version: 22.9.0.rc1
76
48
  type: :development
77
49
  prerelease: false
78
50
  version_requirements: !ruby/object:Gem::Requirement
79
51
  requirements:
80
52
  - - '='
81
53
  - !ruby/object:Gem::Version
82
- version: 2.5.5
54
+ version: 22.9.0.rc1
83
55
  - !ruby/object:Gem::Dependency
84
56
  name: rake
85
57
  requirement: !ruby/object:Gem::Requirement
@@ -119,11 +91,7 @@ files:
119
91
  - lib/isomorfeus-policy.rb
120
92
  - lib/isomorfeus/policy/config.rb
121
93
  - lib/isomorfeus/policy/version.rb
122
- - lib/isomorfeus_policy/lucid_policy/base.rb
123
- - lib/isomorfeus_policy/lucid_policy/exception.rb
124
- - lib/isomorfeus_policy/lucid_policy/helper.rb
125
- - lib/isomorfeus_policy/lucid_policy/mixin.rb
126
- - lib/lucid_props.rb
94
+ - lib/lucid_policy.rb
127
95
  homepage: https://isomorfeus.com
128
96
  licenses:
129
97
  - MIT
@@ -141,9 +109,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
141
109
  version: '0'
142
110
  required_rubygems_version: !ruby/object:Gem::Requirement
143
111
  requirements:
144
- - - ">="
112
+ - - ">"
145
113
  - !ruby/object:Gem::Version
146
- version: '0'
114
+ version: 1.3.1
147
115
  requirements: []
148
116
  rubygems_version: 3.3.7
149
117
  signing_key:
data/lib/isomorfeus_policy/lucid_policy/base.rb DELETED
@@ -1,10 +0,0 @@
1
- module LucidPolicy
2
- class Base
3
- def self.inherited(base)
4
- base.include LucidPolicy::Mixin
5
- if RUBY_ENGINE != 'opal'
6
- Isomorfeus.add_valid_policy_class(base)
7
- end
8
- end
9
- end
10
- end
data/lib/isomorfeus_policy/lucid_policy/exception.rb DELETED
@@ -1,4 +0,0 @@
1
- module LucidPolicy
2
- class Exception < ::Exception
3
- end
4
- end
data/lib/isomorfeus_policy/lucid_policy/helper.rb DELETED
@@ -1,22 +0,0 @@
1
- module LucidPolicy
2
- class Helper < BasicObject
3
- attr_reader :result
4
-
5
- def initialize
6
- @result = :deny
7
- end
8
-
9
- def allow
10
- @result = :allow
11
- nil
12
- end
13
-
14
- def deny
15
- nil
16
- end
17
-
18
- def current_user
19
- Isomorfeus.current_user
20
- end
21
- end
22
- end
data/lib/isomorfeus_policy/lucid_policy/mixin.rb DELETED
@@ -1,191 +0,0 @@
1
- module LucidPolicy
2
- module Mixin
3
- def self.included(base)
4
- base.instance_exec do
5
- if RUBY_ENGINE != 'opal'
6
- Isomorfeus.add_valid_policy_class(base) unless base == LucidPolicy::Base
7
- end
8
-
9
- def authorization_rules
10
- @authorization_rules ||= { rules: {}.dup, policies: {}.dup, others: :deny }.dup
11
- end
12
-
13
- def all
14
- :all
15
- end
16
-
17
- def allow(*classes_and_methods_and_options)
18
- _allow_or_deny(:allow, *classes_and_methods_and_options)
19
- end
20
-
21
- def deny(*classes_and_methods_and_options)
22
- _allow_or_deny(:deny, *classes_and_methods_and_options)
23
- end
24
-
25
- def others
26
- :others
27
- end
28
-
29
- def rule(*classes_and_methods, &block)
30
- _allow_or_deny(:rule, *classes_and_methods, &block)
31
- end
32
-
33
- def combine_with(policy_class, **options)
34
- authorization_rules[:policies] = { policy_class => options }
35
- end
36
-
37
- def _allow_or_deny(thing, *classes_methods_options, &block)
38
- rules = authorization_rules
39
-
40
- if %i[allow deny].include?(thing) && %i[others all].include?(classes_methods_options.first)
41
- rules[:others] = thing
42
- return
43
- end
44
-
45
- target_classes = []
46
- target_methods = []
47
- target_options = {}
48
-
49
- classes_methods_options.each do |class_method_option|
50
- if class_method_option.class == Hash
51
- target_options = class_method_option
52
- else
53
- class_or_method_s = class_method_option.to_s
54
- if class_method_option.class == Symbol && class_or_method_s[0].downcase == class_or_method_s[0]
55
- target_methods << class_method_option
56
- else
57
- class_method_option = class_or_method_s unless class_method_option.class == String
58
- target_classes << class_method_option
59
- end
60
- end
61
- end
62
-
63
- thing_or_block = block_given? ? block : thing
64
-
65
- target_classes.each do |target_class|
66
- target_class = target_class.split('>::').last if target_class.start_with?('#<')
67
- rules[:rules][target_class] = {} unless rules[:rules].key?(target_class)
68
-
69
- if target_methods.empty?
70
- rules[:rules][target_class][:rule] = thing_or_block
71
- rules[:rules][target_class][:options] = target_options unless target_options.empty?
72
- else
73
- rules[:rules][target_class][:rule] = :deny unless rules[:rules][target_class].key?(:rule)
74
- rules[:rules][target_class][:methods] = {} unless rules[:rules][target_class].key?(:methods)
75
- target_methods.each do |target_method|
76
- rules[:rules][target_class][:methods][target_method] = { rule: thing_or_block }
77
- rules[:rules][target_class][:methods][target_method][:options] = target_options unless target_options.empty?
78
- end
79
- end
80
- end
81
- end
82
- end
83
-
84
- attr_reader :reason
85
-
86
- def initialize(object, record_reason = nil)
87
- @object = object
88
- @reason = nil
89
- @record_reason = record_reason
90
- if @record_reason
91
- @class_name = self.class.name
92
- @class_name = @class_name.split('>::').last if @class_name.start_with?('#<')
93
- end
94
- end
95
-
96
- def authorized?(target_class, target_method = nil, props = nil)
97
- Isomorfeus.raise_error(error_class: LucidPolicy::Exception, message: "#{self}: At least the class or class name must be given!") unless target_class
98
-
99
- target_class = target_class.to_s unless target_class.class == String
100
- target_class = target_class.split('>::').last if target_class.start_with?('#<')
101
-
102
- rules = self.class.authorization_rules
103
-
104
- result = if rules[:rules].key?(target_class)
105
- if target_method && rules[:rules][target_class].key?(:methods) && rules[:rules][target_class][:methods].key?(target_method)
106
- options = rules[:rules][target_class][:methods][target_method][:options]
107
- rule = rules[:rules][target_class][:methods][target_method][:rule]
108
- @reason = { policy_class: @class_name, class_name: target_class, method: target_method, rule: rule } if @record_reason
109
- else
110
- options = rules[:rules][target_class][:options]
111
- rule = rules[:rules][target_class][:rule]
112
- @reason = { policy_class: @class_name, class_name: target_class, rule: rule } if @record_reason
113
- end
114
-
115
- if rule.class == Symbol || rule.class == String
116
- if options
117
- condition, method_result = _get_condition_and_result(options)
118
- if @record_reason
119
- @reason[:condition] = condition
120
- @reason[:condition_result] = method_result
121
- end
122
- rule if (condition == :if && method_result == true) || (condition == :if_not && method_result == false)
123
- else
124
- rule
125
- end
126
- else
127
- props = LucidProps.new(props) unless props.class == LucidProps
128
- policy_helper = LucidPolicy::Helper.new
129
- policy_helper.instance_exec(@object, target_class, target_method, props, &rule)
130
- r = policy_helper.result
131
- @reason[:rule_result] = r if @record_reason
132
- r
133
- end
134
- else
135
- r = rules[:others]
136
- @reason = { policy_class: @class_name, class_name: target_class, others: r } if @record_reason
137
- r
138
- end
139
-
140
- return true if result == :allow
141
-
142
- rules[:policies].each do |policy_class, options|
143
- combined_policy_result = nil
144
- if options.empty?
145
- policy_instance = policy_class.new(@object, @record_reason)
146
- combined_policy_result = policy_instance.authorized?(target_class, target_method, props)
147
- @reason = @reason = { policy_class: @class_name, combined: policy_instance.reason } if @record_reason
148
- else
149
- condition, method_result = _get_condition_and_result(options)
150
- if (condition == :if && method_result == true) || (condition == :if_not && method_result == false)
151
- policy_instance = policy_class.new(@object, @record_reason)
152
- combined_policy_result = policy_instance.authorized?(target_class, target_method, props)
153
- @reason = { policy_class: @class_name, combined: policy_instance.reason, condition: condition, condition_result: method_result } if @record_reason
154
- end
155
- end
156
- return true if combined_policy_result == true
157
- end
158
-
159
- result == :allow ? true : false
160
- end
161
-
162
- def authorized!(target_class, target_method = nil, props = nil)
163
- result = authorized?(target_class, target_method, props)
164
- reason_message = reason ? ", reason: #{reason}" : ''
165
- return true if result
166
- Isomorfeus.raise_error(error_class: LucidPolicy::Exception, message: "#{@object}: not authorized to call #{target_class}#{}#{target_method} #{props} #{reason_message}!")
167
- end
168
-
169
- def _get_condition_and_result(options)
170
- condition = nil
171
- method_name_or_block = if options.key?(:if)
172
- condition = :if
173
- options[:if]
174
- elsif options.key?(:if_not)
175
- condition = :if_not
176
- options[:if_not]
177
- elsif options.key?(:unless)
178
- condition = :if_not
179
- options[:unless]
180
- end
181
- method_result = if method_name_or_block && method_name_or_block.class == Symbol
182
- @object.__send__(method_name_or_block)
183
- else
184
- props = LucidProps.new(props) unless props.class == LucidProps
185
- method_name_or_block.call(@object, props)
186
- end
187
- [condition, method_result]
188
- end
189
- end
190
- end
191
- end
data/lib/lucid_props.rb DELETED
@@ -1,90 +0,0 @@
1
- class LucidProps
2
- def initialize(props_hash)
3
- props_hash = {} unless props_hash
4
- @props_hash = props_hash
5
- if RUBY_ENGINE != 'opal'
6
- @props_hash.freeze
7
- end
8
- end
9
-
10
- def any?
11
- @props_hash.keys.size > 0
12
- end
13
-
14
- def to_h
15
- @props_hash
16
- end
17
-
18
- def to_transport
19
- {}.merge(@props_hash)
20
- end
21
-
22
- if RUBY_ENGINE == 'opal'
23
- def [](prop_name)
24
- @props_hash[prop_name]
25
- end
26
-
27
- def key?(prop_name)
28
- @props_hash.key?(prop_name)
29
- end
30
-
31
- def keys
32
- @props_hash.keys
33
- end
34
-
35
- def method_missing(prop_name, *args, &block)
36
- return @props_hash[prop_name] if @props_hash.key?(prop_name)
37
- super(prop_name, *args, &block)
38
- end
39
-
40
- def set(prop_name, value)
41
- @props_hash[prop_name] = value
42
- end
43
-
44
- def to_json
45
- JSON.dump(to_transport)
46
- end
47
-
48
- def to_n
49
- @props_hash.to_n
50
- end
51
- else # RUBY_ENGINE
52
- def [](prop_name)
53
- name = prop_name.to_sym
54
- return @props_hash[name] if @props_hash.key?(name)
55
- name = prop_name.to_s
56
- return @props_hash[name] if @props_hash.key?(name)
57
- nil
58
- end
59
-
60
- def key?(prop_name)
61
- @props_hash.key?(prop_name.to_sym) || @props_hash.key?(prop_name.to_s)
62
- end
63
-
64
- def keys
65
- @props_hash.keys.map(&:to_sym)
66
- end
67
-
68
- def method_missing(prop_name, *args, &block)
69
- name = prop_name.to_sym
70
- return @props_hash[name] if @props_hash.key?(name)
71
- name = prop_name.to_s
72
- return @props_hash[name] if @props_hash.key?(name)
73
- super(prop_name, *args, &block)
74
- end
75
-
76
- def set(prop_name, value)
77
- @props_hash[prop_name.to_sym] = value
78
- end
79
-
80
- def to_json
81
- Oj.dump(to_transport, mode: :strict)
82
- end
83
-
84
- def to_n
85
- @props_hash
86
- end
87
- end # RUBY_ENGINE
88
-
89
- alias_method :has_key?, :key?
90
- end