RubyGems - jsonapi-authorization - Versions diffs - 1.0.0 → 2.0.0 - Mend

jsonapi-authorization 1.0.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/.all-contributorsrc +13 -1
data/README.md +3 -3
data/jsonapi-authorization.gemspec +1 -1
data/lib/jsonapi/authorization/authorizing_processor.rb +7 -3
data/lib/jsonapi/authorization/default_pundit_authorizer.rb +6 -5
data/lib/jsonapi/authorization/version.rb +1 -1
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9964c80bda556e297a4e6fc123a35d213debefa7d418ab60d627f9eb3401f334
-  data.tar.gz: 64e0146d4b454e7417b7e4afd2ee6c9b4d365a7c62d3a2993e44f2c006711542
+  metadata.gz: 51967700aa7fc54f56208840d0f71d789bccd43fb434e5d2b7d5931640ca1ca3
+  data.tar.gz: 31a03f59caf1aab5c5a6c5203bf1ac7125b05e15406010239e036ef6c3b8f489
 SHA512:
-  metadata.gz: f729a9f5b558008f1baa2c7760f4f31ce59b06e86d2d9bf56894a0e3f648eb985e05e998f3d8718b39f6d3b0d913757ff48ace6ae399cbd2519fa0f72afccad6
-  data.tar.gz: 68925bea3461cea96c3538b76c85b222e43bb8565e401a881f021d40a1a4c9ecc37021c0487d25efbdc66b339e17b2bb042d2c29da41a544a86416bc37c57b38
+  metadata.gz: 8f199b730e179e9c3b71460e4f4c8053809efe7fe3a3b4197b7e3e5c38f7bd1b24d52024348384aa690c9718e15b259dcd217670a4cca9980d87ab8615384eef
+  data.tar.gz: c4f8cd84c1e1883e73eb13b701015166ef104256842f44ce3c8713783271b226c799acdc7dfd3054cf79b8a69efcbd5bf79d9360489be9edd573b10c60f4f059

data/.all-contributorsrc CHANGED Viewed

@@ -126,7 +126,19 @@
         "test",
         "infra"
       ]
+    },
+    {
+      "login": "Matthijsy",
+      "name": "Matthijsy",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/5302372?v=4",
+      "profile": "https://github.com/Matthijsy",
+      "contributions": [
+        "bug",
+        "test",
+        "code"
+      ]
     }
   ],
-  "repoType": "github"
+  "repoType": "github",
+  "contributorsPerLine": 7
 }

data/README.md CHANGED Viewed

@@ -55,7 +55,7 @@ Or install it yourself as:
 * `v0.6.x` supports JR `v0.7.x`
 * `v0.8.x` supports JR `v0.8.x`
-* `v1.0.0` alpha and beta releases support JR `v0.9.x`
+* `v1.x.x` and `v2.0.x` releases support JR `v0.9.x`
 We aim to support the same Ruby and Ruby on Rails versions as `jsonapi-resources` does. If that's not the case, please [open an issue][issues].
@@ -185,9 +185,9 @@ Thanks goes to these wonderful people ([emoji key](https://github.com/kentcdodds
 <!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
 <!-- prettier-ignore -->
-| [<img src="https://avatars.githubusercontent.com/u/482561?v=3" width="100px;"/><br /><sub><b>Vesa Laakso</b></sub>](http://vesalaakso.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Documentation") [🚇](#infra-valscion "Infrastructure (Hosting, Build-Tools, etc)") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Tests") [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Avalscion "Bug reports") [💬](#question-valscion "Answering Questions") [👀](#review-valscion "Reviewed Pull Requests") | [<img src="https://avatars.githubusercontent.com/u/562204?v=3" width="100px;"/><br /><sub><b>Emil Sågfors</b></sub>](https://github.com/lime)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Documentation") [🚇](#infra-lime "Infrastructure (Hosting, Build-Tools, etc)") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Tests") [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Alime "Bug reports") [💬](#question-lime "Answering Questions") [👀](#review-lime "Reviewed Pull Requests") | [<img src="https://avatars.githubusercontent.com/u/1591161?v=3" width="100px;"/><br /><sub><b>Matthias Grundmann</b></sub>](https://github.com/matthias-g)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Documentation") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Tests") [💬](#question-matthias-g "Answering Questions") | [<img src="https://avatars.githubusercontent.com/u/1322?v=3" width="100px;"/><br /><sub><b>Thibaud Guillaume-Gentil</b></sub>](http://thibaud.gg)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=thibaudgg "Code") | [<img src="https://avatars.githubusercontent.com/u/71660?v=3" width="100px;"/><br /><sub><b>Daniel Schweighöfer</b></sub>](http://netsteward.net)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=acid "Code") | [<img src="https://avatars.githubusercontent.com/u/5076967?v=3" width="100px;"/><br /><sub><b>Bruno Sofiato</b></sub>](https://github.com/bsofiato)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=bsofiato "Code") | [<img src="https://avatars.githubusercontent.com/u/1896026?v=3" width="100px;"/><br /><sub><b>Adam Robertson</b></sub>](https://github.com/arcreative)<br />[📖](https://github.com/Venuu/jsonapi-authorization/commits?author=arcreative "Documentation") |
+| [<img src="https://avatars.githubusercontent.com/u/482561?v=3" width="100px;" alt="Vesa Laakso"/><br /><sub><b>Vesa Laakso</b></sub>](http://vesalaakso.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Documentation") [🚇](#infra-valscion "Infrastructure (Hosting, Build-Tools, etc)") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=valscion "Tests") [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Avalscion "Bug reports") [💬](#question-valscion "Answering Questions") [👀](#review-valscion "Reviewed Pull Requests") | [<img src="https://avatars.githubusercontent.com/u/562204?v=3" width="100px;" alt="Emil Sågfors"/><br /><sub><b>Emil Sågfors</b></sub>](https://github.com/lime)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Documentation") [🚇](#infra-lime "Infrastructure (Hosting, Build-Tools, etc)") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=lime "Tests") [🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Alime "Bug reports") [💬](#question-lime "Answering Questions") [👀](#review-lime "Reviewed Pull Requests") | [<img src="https://avatars.githubusercontent.com/u/1591161?v=3" width="100px;" alt="Matthias Grundmann"/><br /><sub><b>Matthias Grundmann</b></sub>](https://github.com/matthias-g)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Code") [📖](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Documentation") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g "Tests") [💬](#question-matthias-g "Answering Questions") | [<img src="https://avatars.githubusercontent.com/u/1322?v=3" width="100px;" alt="Thibaud Guillaume-Gentil"/><br /><sub><b>Thibaud Guillaume-Gentil</b></sub>](http://thibaud.gg)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=thibaudgg "Code") | [<img src="https://avatars.githubusercontent.com/u/71660?v=3" width="100px;" alt="Daniel Schweighöfer"/><br /><sub><b>Daniel Schweighöfer</b></sub>](http://netsteward.net)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=acid "Code") | [<img src="https://avatars.githubusercontent.com/u/5076967?v=3" width="100px;" alt="Bruno Sofiato"/><br /><sub><b>Bruno Sofiato</b></sub>](https://github.com/bsofiato)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=bsofiato "Code") | [<img src="https://avatars.githubusercontent.com/u/1896026?v=3" width="100px;" alt="Adam Robertson"/><br /><sub><b>Adam Robertson</b></sub>](https://github.com/arcreative)<br />[📖](https://github.com/Venuu/jsonapi-authorization/commits?author=arcreative "Documentation") |
 | :---: | :---: | :---: | :---: | :---: | :---: | :---: |
-| [<img src="https://avatars3.githubusercontent.com/u/4742306?v=3" width="100px;"/><br /><sub><b>Greg Fisher</b></sub>](https://github.com/gnfisher)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Tests") | [<img src="https://avatars3.githubusercontent.com/u/370182?v=3" width="100px;"/><br /><sub><b>Sam</b></sub>](http://samlh.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Tests") | [<img src="https://avatars0.githubusercontent.com/u/2738630?v=3" width="100px;"/><br /><sub><b>Justas Palumickas</b></sub>](https://jpalumickas.com)<br />[🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Ajpalumickas "Bug reports") [💻](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Tests") | [<img src="https://avatars1.githubusercontent.com/u/26158?v=4" width="100px;"/><br /><sub><b>Nicholas Rutherford</b></sub>](http://www.google.co.uk/profiles/nick.rutherford)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Tests") [🚇](#infra-nruth "Infrastructure (Hosting, Build-Tools, etc)") |
+| [<img src="https://avatars3.githubusercontent.com/u/4742306?v=3" width="100px;" alt="Greg Fisher"/><br /><sub><b>Greg Fisher</b></sub>](https://github.com/gnfisher)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Tests") | [<img src="https://avatars3.githubusercontent.com/u/370182?v=3" width="100px;" alt="Sam"/><br /><sub><b>Sam</b></sub>](http://samlh.com)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Tests") | [<img src="https://avatars0.githubusercontent.com/u/2738630?v=3" width="100px;" alt="Justas Palumickas"/><br /><sub><b>Justas Palumickas</b></sub>](https://jpalumickas.com)<br />[🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Ajpalumickas "Bug reports") [💻](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Tests") | [<img src="https://avatars1.githubusercontent.com/u/26158?v=4" width="100px;" alt="Nicholas Rutherford"/><br /><sub><b>Nicholas Rutherford</b></sub>](http://www.google.co.uk/profiles/nick.rutherford)<br />[💻](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Code") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Tests") [🚇](#infra-nruth "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/5302372?v=4" width="100px;" alt="Matthijsy"/><br /><sub><b>Matthijsy</b></sub>](https://github.com/Matthijsy)<br />[🐛](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3AMatthijsy "Bug reports") [⚠️](https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy "Tests") [💻](https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

data/jsonapi-authorization.gemspec CHANGED Viewed

@@ -31,5 +31,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "pry-rails"
   spec.add_development_dependency "rubocop", "~> 0.36.0"
   spec.add_development_dependency "phare", "~> 0.7.1"
-  spec.add_development_dependency "sqlite3"
+  spec.add_development_dependency "sqlite3", "~> 1.3.6"
 end

data/lib/jsonapi/authorization/authorizing_processor.rb CHANGED Viewed

@@ -101,12 +101,16 @@ module JSONAPI
       end
       def authorize_show_related_resources
-        source_record = params[:source_klass].find_by_key(
+        source_resource = params[:source_klass].find_by_key(
           params[:source_id],
           context: context
-        )._model
+        )
-        authorizer.show_related_resources(source_record: source_record)
+        source_record = source_resource._model
+        authorizer.show_related_resources(
+          source_record: source_record, related_record_class: @resource_klass._model_class
+        )
       end
       def authorize_replace_fields

data/lib/jsonapi/authorization/default_pundit_authorizer.rb CHANGED Viewed

@@ -3,10 +3,9 @@ module JSONAPI
     # An authorizer is a class responsible for linking JSONAPI operations to
     # your choice of authorization mechanism.
     #
-    # This class uses Pundit for authorization. It does not yet support all
-    # the available operations — you can use your own authorizer class instead
-    # if you have different needs. See the README.md for configuration
-    # information.
+    # This class uses Pundit for authorization. You can use your own authorizer
+    # class instead if you have different needs. See the README.md for
+    # configuration information.
     #
     # Fetching records is the concern of +PunditScopedResource+ which in turn
     # affects which records end up being passed here.
@@ -77,8 +76,10 @@ module JSONAPI
       # ==== Parameters
       #
       # * +source_record+ - The record whose relationship is queried
-      def show_related_resources(source_record:)
+      # * +related_record_class+ - The associated record class to show
+      def show_related_resources(source_record:, related_record_class:)
         ::Pundit.authorize(user, source_record, 'show?')
+        ::Pundit.authorize(user, related_record_class, 'index?')
       end
       # <tt>PATCH /resources/:id</tt>

data/lib/jsonapi/authorization/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module JSONAPI
   module Authorization
-    VERSION = "1.0.0".freeze
+    VERSION = "2.0.0".freeze
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jsonapi-authorization
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Vesa Laakso
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-01-22 00:00:00.000000000 Z
+date: 2019-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jsonapi-resources
@@ -203,16 +203,16 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
 description: Adds generic authorization to the jsonapi-resources gem using Pundit.
 email:
 - laakso.vesa@gmail.com