jsonapi-authorization 0.8.0 → 0.8.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 746cc565a11f9da30e6d9bf9d0f3125e8dea9230
4
- data.tar.gz: b7648d6d517b0b7d20f4afe57bf199cc5e62f23d
3
+ metadata.gz: 751afd97ddd82dc898f56d56a984fc87bd592ad1
4
+ data.tar.gz: aa5b7a07c85f5df1cf3682b5c193bc4cb3895269
5
5
  SHA512:
6
- metadata.gz: d2eba2b987e0ff085c67428f9c73d5b5cf95674789cd51dc0ba66d6a102334e850f8fd3d28085118f46645f804f65b1480c6b712720e66241b4aff5643dbc2f8
7
- data.tar.gz: 743a1b1b9639490aea94fa9bc4d1648afc21a9e6926869dcdb61ba48e40e8890d32aa8432cb28d64b508fd8f3bd17933412b7568c1d06f44b18645420524a673
6
+ metadata.gz: 3362227f0b26e62998d04d2956228b31605b56948f8a582579c23cd7409ab1d26870cb117faddc0c7da1916208e49007fe285b97b8ea38d0836b2a40d1a796a4
7
+ data.tar.gz: 4d2e7bd7071be875afa1303f2e249bc87654646f2f97684292b808a1207456b630cf506826d2b8a6de42abcbc1ef5ae80a57bfc0f36d5fa9426976d580649d1f
data/README.md CHANGED
@@ -99,6 +99,16 @@ JSONAPI::Authorization.configure do |config|
99
99
  end
100
100
  ```
101
101
 
102
+ By default JSONAPI::Authorization uses the `:user` key from the JSONAPI context hash as the Pundit user. If you would like to use `:current_user` or some other key, it can be configured as well.
103
+
104
+ ```ruby
105
+ JSONAPI::Authorization.configure do |config|
106
+ config.pundit_user = :current_user
107
+ # or a block can be provided
108
+ config.pundit_user = ->(context){ context[:current_user] }
109
+ end
110
+ ```
111
+
102
112
  ## Troubleshooting
103
113
 
104
114
  ### "Unable to find policy" exception for a request
@@ -4,9 +4,19 @@ module JSONAPI
4
4
  module Authorization
5
5
  class Configuration
6
6
  attr_accessor :authorizer
7
+ attr_accessor :pundit_user
7
8
 
8
9
  def initialize
9
- self.authorizer = ::JSONAPI::Authorization::DefaultPunditAuthorizer
10
+ self.authorizer = ::JSONAPI::Authorization::DefaultPunditAuthorizer
11
+ self.pundit_user = :user
12
+ end
13
+
14
+ def user_context(context)
15
+ if pundit_user.is_a?(Symbol)
16
+ context[pundit_user]
17
+ else
18
+ pundit_user.call(context)
19
+ end
10
20
  end
11
21
  end
12
22
 
@@ -19,7 +19,7 @@ module JSONAPI
19
19
  #
20
20
  # * +context+ - The context passed down from the controller layer
21
21
  def initialize(context)
22
- @user = context[:user]
22
+ @user = JSONAPI::Authorization.configuration.user_context(context)
23
23
  end
24
24
 
25
25
  # <tt>GET /resources</tt>
@@ -7,7 +7,8 @@ module JSONAPI
7
7
 
8
8
  module ClassMethods
9
9
  def records(options = {})
10
- ::Pundit.policy_scope!(options[:context][:user], _model_class)
10
+ user_context = JSONAPI::Authorization.configuration.user_context(options[:context])
11
+ ::Pundit.policy_scope!(user_context, _model_class)
11
12
  end
12
13
  end
13
14
 
@@ -19,7 +20,8 @@ module JSONAPI
19
20
  when JSONAPI::Relationship::ToOne
20
21
  record_or_records
21
22
  when JSONAPI::Relationship::ToMany
22
- ::Pundit.policy_scope!(context[:user], record_or_records)
23
+ user_context = JSONAPI::Authorization.configuration.user_context(context)
24
+ ::Pundit.policy_scope!(user_context, record_or_records)
23
25
  else
24
26
  raise "Unknown relationship type #{relationship.inspect}"
25
27
  end
@@ -1,5 +1,5 @@
1
1
  module JSONAPI
2
2
  module Authorization
3
- VERSION = "0.8.0".freeze
3
+ VERSION = "0.8.1".freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jsonapi-authorization
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.0
4
+ version: 0.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Vesa Laakso
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-08-04 00:00:00.000000000 Z
12
+ date: 2016-09-04 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: jsonapi-resources