jsonapi-authorization 0.8.1 → 0.8.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.rubocop.yml +24 -1
- data/.travis.yml +2 -0
- data/README.md +2 -0
- data/bin/phare +17 -0
- data/bin/rubocop +17 -0
- data/jsonapi-authorization.gemspec +2 -0
- data/lib/jsonapi/authorization/authorizing_processor.rb +14 -8
- data/lib/jsonapi/authorization/default_pundit_authorizer.rb +7 -7
- data/lib/jsonapi/authorization/pundit_scoped_resource.rb +14 -1
- data/lib/jsonapi/authorization/version.rb +1 -1
- metadata +32 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 829e3b94fc7a796418ffcb274fd822886bc8d7f3
|
4
|
+
data.tar.gz: e0280fef8a27a4c12b8d8550deab9dae76fbceb2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5ffaeb2569e05bb6e3eabb0aae2b28d26ccc12129c1015224cb4e0834fb8ff7ca9012106e0e38377e22a62ef38cbc7695dbc3cbe6543f206c9b58347d724e26e
|
7
|
+
data.tar.gz: d515f2990a4529a755133d8c21d713bc0fa5e8542fb4de5ac1e9d1d251c9a593f34bbd8426b1bc4d675a94135da62d196c48d6c5dbb9673337f95131e490590d
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
@@ -1,10 +1,27 @@
|
|
1
|
+
AllCops:
|
2
|
+
Exclude:
|
3
|
+
- 'bin/*'
|
4
|
+
- 'spec/dummy/db/schema.rb'
|
5
|
+
- 'vendor/bundle/**/*'
|
6
|
+
- 'tmp/**/*'
|
7
|
+
|
8
|
+
Style/FileName:
|
9
|
+
Exclude:
|
10
|
+
- lib/jsonapi-authorization.rb
|
11
|
+
|
1
12
|
Metrics/LineLength:
|
2
13
|
Enabled: true
|
3
14
|
Max: 100
|
15
|
+
Exclude:
|
16
|
+
- spec/requests/**/*.rb
|
17
|
+
- jsonapi-authorization.gemspec
|
4
18
|
|
5
19
|
Style/MultilineOperationIndentation:
|
6
20
|
EnforcedStyle: indented
|
7
21
|
|
22
|
+
Style/MultilineMethodCallIndentation:
|
23
|
+
EnforcedStyle: indented
|
24
|
+
|
8
25
|
Metrics/ClassLength:
|
9
26
|
Enabled: false
|
10
27
|
|
@@ -37,7 +54,10 @@ Style/SpaceInsideHashLiteralBraces:
|
|
37
54
|
EnforcedStyle: space
|
38
55
|
|
39
56
|
Style/IndentHash:
|
40
|
-
|
57
|
+
EnforcedStyle: consistent
|
58
|
+
|
59
|
+
Style/IndentArray:
|
60
|
+
EnforcedStyle: consistent
|
41
61
|
|
42
62
|
Style/ClassAndModuleChildren:
|
43
63
|
Enabled: false
|
@@ -86,3 +106,6 @@ Style/SingleLineBlockParams:
|
|
86
106
|
- inject:
|
87
107
|
- acc
|
88
108
|
- obj
|
109
|
+
|
110
|
+
Style/Alias:
|
111
|
+
EnforcedStyle: prefer_alias_method
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -18,6 +18,8 @@ branch. This may contain information that is not relevant to the release you are
|
|
18
18
|
|
19
19
|
Make sure to test for authorization in your application, too. We should have coverage of all operations, though. If that isn't the case, please [open an issue][issues].
|
20
20
|
|
21
|
+
If you're using custom processors, make sure that they extend `JSONAPI::Authorization::AuthorizingProcessor`, or authorization will not be performed for that resource.
|
22
|
+
|
21
23
|
This gem should work out-of-the box for simple cases. The default authorizer might be overly restrictive for [more complex cases][complex-case].
|
22
24
|
|
23
25
|
The API is subject to change between minor version bumps until we reach v1.0.0.
|
data/bin/phare
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
#
|
4
|
+
# This file was generated by Bundler.
|
5
|
+
#
|
6
|
+
# The application 'phare' is installed as part of a gem, and
|
7
|
+
# this file is here to facilitate running it.
|
8
|
+
#
|
9
|
+
|
10
|
+
require "pathname"
|
11
|
+
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
|
12
|
+
Pathname.new(__FILE__).realpath)
|
13
|
+
|
14
|
+
require "rubygems"
|
15
|
+
require "bundler/setup"
|
16
|
+
|
17
|
+
load Gem.bin_path("phare", "phare")
|
data/bin/rubocop
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
#
|
4
|
+
# This file was generated by Bundler.
|
5
|
+
#
|
6
|
+
# The application 'rubocop' is installed as part of a gem, and
|
7
|
+
# this file is here to facilitate running it.
|
8
|
+
#
|
9
|
+
|
10
|
+
require "pathname"
|
11
|
+
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
|
12
|
+
Pathname.new(__FILE__).realpath)
|
13
|
+
|
14
|
+
require "rubygems"
|
15
|
+
require "bundler/setup"
|
16
|
+
|
17
|
+
load Gem.bin_path("rubocop", "rubocop")
|
@@ -28,4 +28,6 @@ Gem::Specification.new do |spec|
|
|
28
28
|
spec.add_development_dependency "pry-byebug", "~> 1.3"
|
29
29
|
spec.add_development_dependency "pry-doc", "~> 0.6"
|
30
30
|
spec.add_development_dependency "pry-rails", "~> 0.3.4"
|
31
|
+
spec.add_development_dependency "rubocop", "~> 0.36.0"
|
32
|
+
spec.add_development_dependency "phare", "~> 0.7.1"
|
31
33
|
end
|
@@ -135,10 +135,13 @@ module JSONAPI
|
|
135
135
|
|
136
136
|
old_related_record = source_resource.records_for(params[:relationship_type].to_sym)
|
137
137
|
unless params[:key_value].nil?
|
138
|
-
new_related_resource = @resource_klass
|
139
|
-
params[:
|
140
|
-
|
141
|
-
|
138
|
+
new_related_resource = @resource_klass
|
139
|
+
._relationship(params[:relationship_type].to_sym)
|
140
|
+
.resource_klass
|
141
|
+
.find_by_key(
|
142
|
+
params[:key_value],
|
143
|
+
context: context
|
144
|
+
)
|
142
145
|
new_related_record = new_related_resource._model unless new_related_resource.nil?
|
143
146
|
end
|
144
147
|
|
@@ -183,10 +186,13 @@ module JSONAPI
|
|
183
186
|
)
|
184
187
|
source_record = source_resource._model
|
185
188
|
|
186
|
-
related_resource = @resource_klass
|
187
|
-
params[:
|
188
|
-
|
189
|
-
|
189
|
+
related_resource = @resource_klass
|
190
|
+
._relationship(params[:relationship_type].to_sym)
|
191
|
+
.resource_klass
|
192
|
+
.find_by_key(
|
193
|
+
params[:associated_key],
|
194
|
+
context: context
|
195
|
+
)
|
190
196
|
related_record = related_resource._model unless related_resource.nil?
|
191
197
|
|
192
198
|
authorizer.remove_to_many_relationship(
|
@@ -134,7 +134,7 @@ module JSONAPI
|
|
134
134
|
# * +old_related_record+ - The current associated record
|
135
135
|
# * +new_related_record+ - The new record replacing the +old_record+
|
136
136
|
# association, or +nil+ if the association is to be cleared
|
137
|
-
def replace_to_one_relationship(
|
137
|
+
def replace_to_one_relationship(_source_record, _old_related_record, _new_related_record)
|
138
138
|
raise NotImplementedError
|
139
139
|
end
|
140
140
|
|
@@ -146,7 +146,7 @@ module JSONAPI
|
|
146
146
|
#
|
147
147
|
# * +source_record+ - The record whose relationship is modified
|
148
148
|
# * +new_related_records+ - The new records to be added to the association
|
149
|
-
def create_to_many_relationship(
|
149
|
+
def create_to_many_relationship(_source_record, _new_related_records)
|
150
150
|
raise NotImplementedError
|
151
151
|
end
|
152
152
|
|
@@ -161,7 +161,7 @@ module JSONAPI
|
|
161
161
|
# association
|
162
162
|
#--
|
163
163
|
# TODO: Should probably take old records as well
|
164
|
-
def replace_to_many_relationship(
|
164
|
+
def replace_to_many_relationship(_source_record, _new_related_records)
|
165
165
|
raise NotImplementedError
|
166
166
|
end
|
167
167
|
|
@@ -175,7 +175,7 @@ module JSONAPI
|
|
175
175
|
#
|
176
176
|
# * +source_record+ - The record whose relationship is modified
|
177
177
|
# * +related_record+ - The record which will be deassociatied from +source_record+
|
178
|
-
def remove_to_many_relationship(
|
178
|
+
def remove_to_many_relationship(_source_record, _related_record)
|
179
179
|
raise NotImplementedError
|
180
180
|
end
|
181
181
|
|
@@ -187,7 +187,7 @@ module JSONAPI
|
|
187
187
|
#
|
188
188
|
# * +source_record+ - The record whose relationship is modified
|
189
189
|
# * +related_record+ - The record which will be deassociatied from +source_record+
|
190
|
-
def remove_to_one_relationship(
|
190
|
+
def remove_to_one_relationship(_source_record, _related_record)
|
191
191
|
raise NotImplementedError
|
192
192
|
end
|
193
193
|
|
@@ -206,7 +206,7 @@ module JSONAPI
|
|
206
206
|
# article.comments check
|
207
207
|
# * +record_class+ - The underlying record class for the relationships
|
208
208
|
# resource.
|
209
|
-
def include_has_many_resource(
|
209
|
+
def include_has_many_resource(_source_record, record_class)
|
210
210
|
::Pundit.authorize(user, record_class, 'index?')
|
211
211
|
end
|
212
212
|
|
@@ -221,7 +221,7 @@ module JSONAPI
|
|
221
221
|
# * +source_record+ — The source relationship record, e.g. an Article in
|
222
222
|
# article.author check
|
223
223
|
# * +related_record+ - The associated record to return
|
224
|
-
def include_has_one_resource(
|
224
|
+
def include_has_one_resource(_source_record, related_record)
|
225
225
|
::Pundit.authorize(user, related_record, 'show?')
|
226
226
|
end
|
227
227
|
end
|
@@ -14,7 +14,7 @@ module JSONAPI
|
|
14
14
|
|
15
15
|
def records_for(association_name)
|
16
16
|
record_or_records = @model.public_send(association_name)
|
17
|
-
relationship =
|
17
|
+
relationship = fetch_relationship(association_name)
|
18
18
|
|
19
19
|
case relationship
|
20
20
|
when JSONAPI::Relationship::ToOne
|
@@ -26,6 +26,19 @@ module JSONAPI
|
|
26
26
|
raise "Unknown relationship type #{relationship.inspect}"
|
27
27
|
end
|
28
28
|
end
|
29
|
+
|
30
|
+
private
|
31
|
+
|
32
|
+
def fetch_relationship(association_name)
|
33
|
+
relationships = self.class._relationships.select do |_k, v|
|
34
|
+
v.relation_name({}) == association_name
|
35
|
+
end
|
36
|
+
if relationships.empty?
|
37
|
+
nil
|
38
|
+
else
|
39
|
+
relationships.values.first
|
40
|
+
end
|
41
|
+
end
|
29
42
|
end
|
30
43
|
end
|
31
44
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jsonapi-authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Vesa Laakso
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2017-02-03 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: jsonapi-resources
|
@@ -151,6 +151,34 @@ dependencies:
|
|
151
151
|
- - "~>"
|
152
152
|
- !ruby/object:Gem::Version
|
153
153
|
version: 0.3.4
|
154
|
+
- !ruby/object:Gem::Dependency
|
155
|
+
name: rubocop
|
156
|
+
requirement: !ruby/object:Gem::Requirement
|
157
|
+
requirements:
|
158
|
+
- - "~>"
|
159
|
+
- !ruby/object:Gem::Version
|
160
|
+
version: 0.36.0
|
161
|
+
type: :development
|
162
|
+
prerelease: false
|
163
|
+
version_requirements: !ruby/object:Gem::Requirement
|
164
|
+
requirements:
|
165
|
+
- - "~>"
|
166
|
+
- !ruby/object:Gem::Version
|
167
|
+
version: 0.36.0
|
168
|
+
- !ruby/object:Gem::Dependency
|
169
|
+
name: phare
|
170
|
+
requirement: !ruby/object:Gem::Requirement
|
171
|
+
requirements:
|
172
|
+
- - "~>"
|
173
|
+
- !ruby/object:Gem::Version
|
174
|
+
version: 0.7.1
|
175
|
+
type: :development
|
176
|
+
prerelease: false
|
177
|
+
version_requirements: !ruby/object:Gem::Requirement
|
178
|
+
requirements:
|
179
|
+
- - "~>"
|
180
|
+
- !ruby/object:Gem::Version
|
181
|
+
version: 0.7.1
|
154
182
|
description: Adds generic authorization to the jsonapi-resources gem using Pundit.
|
155
183
|
email:
|
156
184
|
- laakso.vesa@gmail.com
|
@@ -170,6 +198,8 @@ files:
|
|
170
198
|
- README.md
|
171
199
|
- Rakefile
|
172
200
|
- bin/console
|
201
|
+
- bin/phare
|
202
|
+
- bin/rubocop
|
173
203
|
- bin/setup
|
174
204
|
- jsonapi-authorization.gemspec
|
175
205
|
- lib/jsonapi-authorization.rb
|
@@ -204,4 +234,3 @@ signing_key:
|
|
204
234
|
specification_version: 4
|
205
235
|
summary: Generic authorization for jsonapi-resources gem
|
206
236
|
test_files: []
|
207
|
-
has_rdoc:
|