jsonapi-authorization 0.8.2 → 1.0.0.alpha1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 829e3b94fc7a796418ffcb274fd822886bc8d7f3
-  data.tar.gz: e0280fef8a27a4c12b8d8550deab9dae76fbceb2
+  metadata.gz: 50a06e5fdcd473f0bcd5ea8b1881d11933476d6c
+  data.tar.gz: 4bef789a4172b7c93a0ee20092e2da33fe2704dd
 SHA512:
-  metadata.gz: 5ffaeb2569e05bb6e3eabb0aae2b28d26ccc12129c1015224cb4e0834fb8ff7ca9012106e0e38377e22a62ef38cbc7695dbc3cbe6543f206c9b58347d724e26e
-  data.tar.gz: d515f2990a4529a755133d8c21d713bc0fa5e8542fb4de5ac1e9d1d251c9a593f34bbd8426b1bc4d675a94135da62d196c48d6c5dbb9673337f95131e490590d
+  metadata.gz: 36ae7c80e93eb5cc1f07be3f14869723982419681cd15f6d71b760d78a53305f3824b90f1edd71fc1dd4c8fd26f04ae51a0a26e9e92abb1396ff5944f06a7718
+  data.tar.gz: 0f91ba98fc0774febee9634c7e0ee28bbf0cd7f9e69703dd0b5b7f0f1e48132ffd446d0e9be4a6c1f8b7797e699b49bcb4b37b6bf989fef27c05dc523ff31bf2

data/.all-contributorsrc

@@ -0,0 +1,109 @@
+{
+  "projectName": "jsonapi-authorization",
+  "projectOwner": "Venuu",
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 100,
+  "commit": true,
+  "contributors": [
+    {
+      "login": "valscion",
+      "name": "Vesa Laakso",
+      "avatar_url": "https://avatars.githubusercontent.com/u/482561?v=3",
+      "profile": "http://vesalaakso.com",
+      "contributions": [
+        "code",
+        "doc",
+        "infra",
+        "test",
+        "bug",
+        "question",
+        "review"
+      ]
+    },
+    {
+      "login": "lime",
+      "name": "Emil Sågfors",
+      "avatar_url": "https://avatars.githubusercontent.com/u/562204?v=3",
+      "profile": "https://github.com/lime",
+      "contributions": [
+        "code",
+        "doc",
+        "infra",
+        "test",
+        "bug",
+        "question",
+        "review"
+      ]
+    },
+    {
+      "login": "matthias-g",
+      "name": "Matthias Grundmann",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1591161?v=3",
+      "profile": "https://github.com/matthias-g",
+      "contributions": [
+        "code",
+        "doc",
+        "test",
+        "question"
+      ]
+    },
+    {
+      "login": "thibaudgg",
+      "name": "Thibaud Guillaume-Gentil",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1322?v=3",
+      "profile": "http://thibaud.gg",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "acid",
+      "name": "Daniel Schweighöfer",
+      "avatar_url": "https://avatars.githubusercontent.com/u/71660?v=3",
+      "profile": "http://netsteward.net",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bsofiato",
+      "name": "Bruno Sofiato",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5076967?v=3",
+      "profile": "https://github.com/bsofiato",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "arcreative",
+      "name": "Adam Robertson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1896026?v=3",
+      "profile": "https://github.com/arcreative",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "gnfisher",
+      "name": "Greg Fisher",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/4742306?v=3",
+      "profile": "https://github.com/gnfisher",
+      "contributions": [
+        "code",
+        "test"
+      ]
+    },
+    {
+      "login": "handlers",
+      "name": "Sam",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/370182?v=3",
+      "profile": "http://samlh.com",
+      "contributions": [
+        "code",
+        "test"
+      ]
+    }
+  ]
+}

data/.travis.yml

@@ -2,18 +2,13 @@ language: ruby
 cache: bundler
 sudo: false
 env:
-  - JSONAPI_RESOURCES_VERSION=0.8.0.beta1 RAILS_VERSION=4.1.0
-  - JSONAPI_RESOURCES_VERSION=0.8.0.beta1 RAILS_VERSION=4.2.0
-  - JSONAPI_RESOURCES_VERSION=master RAILS_VERSION=4.2.0
-  - JSONAPI_RESOURCES_VERSION=master RAILS_VERSION=4.1.0
+  - JSONAPI_RESOURCES_VERSION=0.9 RAILS_VERSION=4.1.0
+  - JSONAPI_RESOURCES_VERSION=0.9 RAILS_VERSION=4.2.0
 rvm:
   - 2.1.2
 before_install: gem install bundler -v 1.11.2
 notifications:
   email: false
-matrix:
-  allow_failures:
-    - env: JSONAPI_RESOURCES_VERSION=master RAILS_VERSION=4.2.0
-    - env: JSONAPI_RESOURCES_VERSION=master RAILS_VERSION=4.1.0
 script:
   - ./bin/phare
+  - bundle exec rake

data/Gemfile

@@ -18,10 +18,8 @@ else
 end
 
 case jsonapi_resources_version
-when 'master'
-  gem 'jsonapi-resources', git: 'https://github.com/cerebris/jsonapi-resources.git'
 when 'default'
-  gem 'jsonapi-resources', '0.8.0.beta1'
+  gem 'jsonapi-resources', '0.9'
 else
   gem 'jsonapi-resources', jsonapi_resources_version
 end

data/README.md

@@ -91,6 +91,39 @@ class BaseResource < JSONAPI::Resource
 end
 ```
 
+### Policies
+
+To check whether an action is allowed JSONAPI::Authorization calls the respective actions of your pundit policies
+(`index?`, `show?`, `create?`, `update?`, `destroy?`).
+
+For relationship operations by default `update?` is being called for all affected resources.
+For a finer grained control you can define `add_to_<relation>?`, `replace_<relation>?`, and `remove_from_<relation>?`
+as the following example shows.
+
+```ruby
+class ArticlePolicy
+
+  # (...)
+
+  def add_to_comments?(new_comments)
+    record.published && new_comments.all? { |comment| comment.author == user }
+  end
+
+  def replace_comments?(new_comments)
+    allowed = record.comments.all? { |comment| new_comments.include?(comment) || add_to_comments?([comment])}
+    allowed && new_comments.all? { |comment| record.comments.include?(comment) || remove_from_comments?(comment) }
+  end
+
+  def remove_from_comments?(comment)
+    comment.author == user || user.admin?
+  end
+end
+```
+
+Caveat: In case a relationship is modifiable through multiple ways it is your responsibility to ensure consistency.
+For example if you have a many-to-many relationship with users and projects make sure that
+`ProjectPolicy#add_to_users?(users)` and `UserPolicy#add_to_projects?(projects)` match up.
+
 ## Configuration
 
 You can use a custom authorizer class by specifying a configure block in an initializer file. If using a custom authorizer class, be sure to require them at the top of the initializer before usage.
@@ -138,3 +171,15 @@ Originally based on discussion and code samples by [@barelyknown](https://github
 Bug reports and pull requests are welcome on GitHub at https://github.com/venuu/jsonapi-authorization.
 
   [issues]: https://github.com/venuu/jsonapi-authorization/issues
+
+## Contributors
+
+Thanks goes to these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)):
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+| [<img src="https://avatars.githubusercontent.com/u/482561?v=3" width="100px;"/><br /><sub>Vesa Laakso</sub>](http://vesalaakso.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion) [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion) 🚇 [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion) [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Avalscion) 💬 👀 | [<img src="https://avatars.githubusercontent.com/u/562204?v=3" width="100px;"/><br /><sub>Emil Sågfors</sub>](https://github.com/lime)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=lime) [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=lime) 🚇 [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=lime) [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Alime) 💬 👀 | [<img src="https://avatars.githubusercontent.com/u/1591161?v=3" width="100px;"/><br /><sub>Matthias Grundmann</sub>](https://github.com/matthias-g)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g) [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g) [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g) 💬 | [<img src="https://avatars.githubusercontent.com/u/1322?v=3" width="100px;"/><br /><sub>Thibaud Guillaume-Gentil</sub>](http://thibaud.gg)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=thibaudgg) | [<img src="https://avatars.githubusercontent.com/u/71660?v=3" width="100px;"/><br /><sub>Daniel Schweighöfer</sub>](http://netsteward.net)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=acid) | [<img src="https://avatars.githubusercontent.com/u/5076967?v=3" width="100px;"/><br /><sub>Bruno Sofiato</sub>](https://github.com/bsofiato)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=bsofiato) | [<img src="https://avatars.githubusercontent.com/u/1896026?v=3" width="100px;"/><br /><sub>Adam Robertson</sub>](https://github.com/arcreative)<br />[📖](https://github.com/Venuu/jsonapi-authorization/commits?author=arcreative) |
+| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
+| [<img src="https://avatars3.githubusercontent.com/u/4742306?v=3" width="100px;"/><br /><sub>Greg Fisher</sub>](https://github.com/gnfisher)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher) [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher) | [<img src="https://avatars3.githubusercontent.com/u/370182?v=3" width="100px;"/><br /><sub>Sam</sub>](http://samlh.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers) [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers) |
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

data/jsonapi-authorization.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "jsonapi-resources", "~> 0.8.0.beta1"
+  spec.add_dependency "jsonapi-resources", "~> 0.9"
   spec.add_dependency "pundit", "~> 1.0"
 
   spec.add_development_dependency "bundler", "~> 1.11"

data/lib/jsonapi/authorization/authorizing_processor.rb

@@ -12,10 +12,10 @@ module JSONAPI
       set_callback :remove_resource, :before, :authorize_remove_resource
       set_callback :replace_fields, :before, :authorize_replace_fields
       set_callback :replace_to_one_relationship, :before, :authorize_replace_to_one_relationship
-      set_callback :create_to_many_relationship, :before, :authorize_create_to_many_relationship
-      set_callback :replace_to_many_relationship, :before, :authorize_replace_to_many_relationship
-      set_callback :remove_to_many_relationship, :before, :authorize_remove_to_many_relationship
       set_callback :remove_to_one_relationship, :before, :authorize_remove_to_one_relationship
+      set_callback :create_to_many_relationships, :before, :authorize_create_to_many_relationships
+      set_callback :replace_to_many_relationships, :before, :authorize_replace_to_many_relationships
+      set_callback :remove_to_many_relationships, :before, :authorize_remove_to_many_relationships
 
       [
         :find,
@@ -107,13 +107,11 @@ module JSONAPI
           params[:resource_id],
           context: context
         )._model
-
-        authorizer.replace_fields(source_record, related_models)
+        authorizer.replace_fields(source_record, related_models_with_context)
       end
 
       def authorize_create_resource
-        source_class = @resource_klass._model_class
-
+        source_class = resource_klass._model_class
         authorizer.create_resource(source_class, related_models)
       end
 
@@ -127,91 +125,95 @@ module JSONAPI
       end
 
       def authorize_replace_to_one_relationship
+        return authorize_remove_to_one_relationship if params[:key_value].nil?
+
         source_resource = @resource_klass.find_by_key(
           params[:resource_id],
           context: context
         )
         source_record = source_resource._model
 
-        old_related_record = source_resource.records_for(params[:relationship_type].to_sym)
-        unless params[:key_value].nil?
-          new_related_resource = @resource_klass
-            ._relationship(params[:relationship_type].to_sym)
-            .resource_klass
-            .find_by_key(
-              params[:key_value],
-              context: context
-            )
-          new_related_record = new_related_resource._model unless new_related_resource.nil?
-        end
+        relationship_type = params[:relationship_type].to_sym
+        new_related_resource = @resource_klass
+          ._relationship(relationship_type)
+          .resource_klass
+          .find_by_key(
+            params[:key_value],
+            context: context
+          )
+        new_related_record = new_related_resource._model unless new_related_resource.nil?
 
         authorizer.replace_to_one_relationship(
           source_record,
-          old_related_record,
-          new_related_record
+          new_related_record,
+          relationship_type
         )
       end
 
-      def authorize_create_to_many_relationship
+      def authorize_create_to_many_relationships
         source_record = @resource_klass.find_by_key(
           params[:resource_id],
           context: context
         )._model
 
-        related_models =
-          model_class_for_relationship(params[:relationship_type].to_sym).find(params[:data])
+        relationship_type = params[:relationship_type].to_sym
+        related_models = model_class_for_relationship(relationship_type).find(params[:data])
 
-        authorizer.create_to_many_relationship(source_record, related_models)
+        authorizer.create_to_many_relationship(source_record, related_models, relationship_type)
       end
 
-      def authorize_replace_to_many_relationship
+      def authorize_replace_to_many_relationships
         source_resource = @resource_klass.find_by_key(
           params[:resource_id],
           context: context
         )
         source_record = source_resource._model
 
-        related_records = source_resource.records_for(params[:relationship_type].to_sym)
+        relationship_type = params[:relationship_type].to_sym
+        new_related_records = model_class_for_relationship(relationship_type).find(params[:data])
 
         authorizer.replace_to_many_relationship(
           source_record,
-          related_records
+          new_related_records,
+          relationship_type
         )
       end
 
-      def authorize_remove_to_many_relationship
+      def authorize_remove_to_many_relationships
         source_resource = @resource_klass.find_by_key(
           params[:resource_id],
           context: context
         )
         source_record = source_resource._model
 
-        related_resource = @resource_klass
-          ._relationship(params[:relationship_type].to_sym)
+        relationship_type = params[:relationship_type].to_sym
+
+        related_resources = @resource_klass
+          ._relationship(relationship_type)
           .resource_klass
-          .find_by_key(
-            params[:associated_key],
+          .find_by_keys(
+            params[:associated_keys],
             context: context
           )
-        related_record = related_resource._model unless related_resource.nil?
+
+        related_records = related_resources.map(&:_model)
 
         authorizer.remove_to_many_relationship(
           source_record,
-          related_record
+          related_records,
+          relationship_type
         )
       end
 
       def authorize_remove_to_one_relationship
-        source_resource = @resource_klass.find_by_key(
+        source_record = @resource_klass.find_by_key(
           params[:resource_id],
           context: context
-        )
+        )._model
 
-        related_resource = source_resource.public_send(params[:relationship_type].to_sym)
+        relationship_type = params[:relationship_type].to_sym
 
-        source_record = source_resource._model
-        related_record = related_resource._model unless related_resource.nil?
-        authorizer.remove_to_one_relationship(source_record, related_record)
+        authorizer.remove_to_one_relationship(source_record, relationship_type)
       end
 
       private
@@ -259,6 +261,34 @@ module JSONAPI
         end
       end
 
+      def related_models_with_context
+        data = params[:data]
+        return { relationship: nil, relation_name: nil, records: nil } if data.nil?
+
+        [:to_one, :to_many].flat_map do |rel_type|
+          data[rel_type].flat_map do |assoc_name, assoc_value|
+            related_models =
+              case assoc_value
+              when Hash # polymorphic relationship
+                resource_class = @resource_klass.resource_for(assoc_value[:type].to_s)
+                resource_class.find_by_key(assoc_value[:id], context: context)._model
+              when Array
+                resource_class = resource_class_for_relationship(assoc_name)
+                resource_class.find_by_keys(assoc_value, context: context).map(&:_model)
+              else
+                resource_class = resource_class_for_relationship(assoc_name)
+                resource_class.find_by_key(assoc_value[:id], context: context)._model
+              end
+
+            {
+              relation_type: rel_type,
+              relation_name: assoc_name,
+              records: related_models
+            }
+          end
+        end
+      end
+
       def authorize_model_includes(source_record)
         if params[:include_directives]
           params[:include_directives].model_includes.each do |include_item|

data/lib/jsonapi/authorization/default_pundit_authorizer.rb

@@ -86,17 +86,11 @@ module JSONAPI
       # ==== Parameters
       #
       # * +source_record+ - The record to be modified
-      # * +new_related_records+ - An array of records to be associated to the
-      #   +source_record+. This will contain the records specified in the
-      #   "relationships" key in the request
-      #--
-      # TODO: Should probably take old records as well
-      def replace_fields(source_record, new_related_records)
+      # * +related_records_with_context+ - A hash with the association type,
+      # the relationship name, an Array of new related records.
+      def replace_fields(source_record, related_records_with_context)
         ::Pundit.authorize(user, source_record, 'update?')
-
-        new_related_records.each do |record|
-          ::Pundit.authorize(user, record, 'update?')
-        end
+        authorize_related_records(source_record, related_records_with_context)
       end
 
       # <tt>POST /resources</tt>
@@ -131,11 +125,11 @@ module JSONAPI
       # ==== Parameters
       #
       # * +source_record+ - The record whose relationship is modified
-      # * +old_related_record+ - The current associated record
-      # * +new_related_record+ - The new record replacing the +old_record+
-      #   association, or +nil+ if the association is to be cleared
-      def replace_to_one_relationship(_source_record, _old_related_record, _new_related_record)
-        raise NotImplementedError
+      # * +new_related_record+ - The new record replacing the old record
+      # * +relationship_type+ - The relationship type
+      def replace_to_one_relationship(source_record, new_related_record, relationship_type)
+        relationship_method = "replace_#{relationship_type}?"
+        authorize_relationship_operation(source_record, relationship_method, new_related_record)
       end
 
       # <tt>POST /resources/:id/relationships/other-resources</tt>
@@ -146,8 +140,10 @@ module JSONAPI
       #
       # * +source_record+ - The record whose relationship is modified
       # * +new_related_records+ - The new records to be added to the association
-      def create_to_many_relationship(_source_record, _new_related_records)
-        raise NotImplementedError
+      # * +relationship_type+ - The relationship type
+      def create_to_many_relationship(source_record, new_related_records, relationship_type)
+        relationship_method = "add_to_#{relationship_type}?"
+        authorize_relationship_operation(source_record, relationship_method, new_related_records)
       end
 
       # <tt>PATCH /resources/:id/relationships/other-resources</tt>
@@ -159,36 +155,37 @@ module JSONAPI
       # * +source_record+ - The record whose relationship is modified
       # * +new_related_records+ - The new records replacing the entire +has_many+
       #   association
-      #--
-      # TODO: Should probably take old records as well
-      def replace_to_many_relationship(_source_record, _new_related_records)
-        raise NotImplementedError
+      # * +relationship_type+ - The relationship type
+      def replace_to_many_relationship(source_record, new_related_records, relationship_type)
+        relationship_method = "replace_#{relationship_type}?"
+        authorize_relationship_operation(source_record, relationship_method, new_related_records)
       end
 
       # <tt>DELETE /resources/:id/relationships/other-resources</tt>
       #
-      # A request to deassociate elements of a +has_many+ association
-      #
-      # NOTE: this is called once per related record, not all at once
+      # A request to disassociate elements of a +has_many+ association
       #
       # ==== Parameters
       #
       # * +source_record+ - The record whose relationship is modified
-      # * +related_record+ - The record which will be deassociatied from +source_record+
-      def remove_to_many_relationship(_source_record, _related_record)
-        raise NotImplementedError
+      # * +related_records+ - The records which will be disassociated from +source_record+
+      # * +relationship_type+ - The relationship type
+      def remove_to_many_relationship(source_record, related_records, relationship_type)
+        relationship_method = "remove_from_#{relationship_type}?"
+        authorize_relationship_operation(source_record, relationship_method, related_records)
       end
 
       # <tt>DELETE /resources/:id/relationships/another-resource</tt>
       #
-      # A request to deassociate a +has_one+ association
+      # A request to disassociate a +has_one+ association
       #
       # ==== Parameters
       #
       # * +source_record+ - The record whose relationship is modified
-      # * +related_record+ - The record which will be deassociatied from +source_record+
-      def remove_to_one_relationship(_source_record, _related_record)
-        raise NotImplementedError
+      # * +relationship_type+ - The relationship type
+      def remove_to_one_relationship(source_record, relationship_type)
+        relationship_method = "remove_#{relationship_type}?"
+        authorize_relationship_operation(source_record, relationship_method)
       end
 
       # Any request including <tt>?include=other-resources</tt>
@@ -224,6 +221,36 @@ module JSONAPI
       def include_has_one_resource(_source_record, related_record)
         ::Pundit.authorize(user, related_record, 'show?')
       end
+
+      private
+
+      def authorize_relationship_operation(source_record, relationship_method, *args)
+        policy = ::Pundit.policy(user, source_record)
+        if policy.respond_to?(relationship_method)
+          unless policy.public_send(relationship_method, *args)
+            raise ::Pundit::NotAuthorizedError,
+                  query: relationship_method,
+                  record: source_record,
+                  policy: policy
+          end
+        else
+          ::Pundit.authorize(user, source_record, 'update?')
+        end
+      end
+
+      def authorize_related_records(source_record, related_records_with_context)
+        related_records_with_context.each do |data|
+          relation_type = data[:relation_type]
+          relation_name = data[:relation_name]
+          records = data[:records]
+          case relation_type
+          when :to_many
+            replace_to_many_relationship(source_record, records, relation_name)
+          when :to_one
+            replace_to_one_relationship(source_record, records, relation_name)
+          end
+        end
+      end
     end
   end
 end

data/lib/jsonapi/authorization/version.rb

@@ -1,5 +1,5 @@
 module JSONAPI
   module Authorization
-    VERSION = "0.8.2".freeze
+    VERSION = "1.0.0.alpha1".freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jsonapi-authorization
 version: !ruby/object:Gem::Version
-  version: 0.8.2
+  version: 1.0.0.alpha1
 platform: ruby
 authors:
 - Vesa Laakso
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-03 00:00:00.000000000 Z
+date: 2017-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jsonapi-resources
@@ -17,14 +17,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.0.beta1
+        version: '0.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.0.beta1
+        version: '0.9'
 - !ruby/object:Gem::Dependency
   name: pundit
   requirement: !ruby/object:Gem::Requirement
@@ -187,6 +187,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".all-contributorsrc"
 - ".editorconfig"
 - ".gitignore"
 - ".rspec"
@@ -224,9 +225,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.2.2