jsonapi-authorization 2.0.0 โ 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.all-contributorsrc +11 -0
- data/.travis.yml +3 -1
- data/README.md +11 -4
- data/lib/jsonapi/authorization/authorizing_processor.rb +11 -23
- data/lib/jsonapi/authorization/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 278b251b6f19d74827e485421e8df96e4d34cd374f95da17f1f51d0007e9326d
|
4
|
+
data.tar.gz: d2416dc900f5303e36b6a1553b2e8833578e5313dbed6d6cf83c2bc810e6da1a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 01ae9ed91a1cb228137028c873a40a8456098ac63ab388c713b82472e182696554ede5ac0a7d364d6d45dba2231b5e19eae12f2df3836ca337523a50c2b307b9
|
7
|
+
data.tar.gz: 3a496d6e621e3da23f0bc9a24ae704b850c5026782bc4cee65e9240d4e3fb252e91a79b9d0398814ac63edda66e83e22b828cd76327256f375f45303adc924e2
|
data/.all-contributorsrc
CHANGED
@@ -137,6 +137,17 @@
|
|
137
137
|
"test",
|
138
138
|
"code"
|
139
139
|
]
|
140
|
+
},
|
141
|
+
{
|
142
|
+
"login": "brianswko",
|
143
|
+
"name": "brianswko",
|
144
|
+
"avatar_url": "https://avatars0.githubusercontent.com/u/3952486?v=4",
|
145
|
+
"profile": "https://github.com/brianswko",
|
146
|
+
"contributions": [
|
147
|
+
"bug",
|
148
|
+
"test",
|
149
|
+
"code"
|
150
|
+
]
|
140
151
|
}
|
141
152
|
],
|
142
153
|
"repoType": "github",
|
data/.travis.yml
CHANGED
@@ -1,4 +1,7 @@
|
|
1
1
|
language: ruby
|
2
|
+
branches:
|
3
|
+
only:
|
4
|
+
- master
|
2
5
|
rvm:
|
3
6
|
- 2.3
|
4
7
|
gemfile:
|
@@ -11,7 +14,6 @@ gemfile:
|
|
11
14
|
- gemfiles/rails_5_1_pundit_2.gemfile
|
12
15
|
- gemfiles/rails_5_2_pundit_2.gemfile
|
13
16
|
before_install:
|
14
|
-
- rvm @global do gem uninstall bundler -a -x
|
15
17
|
- gem install bundler -v '< 2'
|
16
18
|
notifications:
|
17
19
|
email: false
|
data/README.md
CHANGED
@@ -55,10 +55,18 @@ Or install it yourself as:
|
|
55
55
|
|
56
56
|
* `v0.6.x` supports JR `v0.7.x`
|
57
57
|
* `v0.8.x` supports JR `v0.8.x`
|
58
|
-
*
|
58
|
+
* Later releases support JR `v0.9.x`
|
59
59
|
|
60
60
|
We aim to support the same Ruby and Ruby on Rails versions as `jsonapi-resources` does. If that's not the case, please [open an issue][issues].
|
61
61
|
|
62
|
+
## Versioning and changelog
|
63
|
+
|
64
|
+
`jsonapi-authorization` follows [Semantic Versioning](https://semver.org/). We prefer to make more major version bumps when we do changes that are likely to be backwards incompatible. That holds true even when it's likely the changes would be backwards compatible for a majority of our users.
|
65
|
+
|
66
|
+
Given the nature of an authorization library, it is likely that most changes are major version bumps.
|
67
|
+
|
68
|
+
Whenever we do changes, we strive to write good changelogs in the [GitHub releases page](https://github.com/venuu/jsonapi-authorization/releases).
|
69
|
+
|
62
70
|
## Usage
|
63
71
|
|
64
72
|
First make sure you have a Pundit policy specified for every backing model that your JR resources use.
|
@@ -185,9 +193,8 @@ Thanks goes to these wonderful people ([emoji key](https://github.com/kentcdodds
|
|
185
193
|
|
186
194
|
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
|
187
195
|
<!-- prettier-ignore -->
|
188
|
-
|
189
|
-
|
190
|
-
| [<img src="https://avatars3.githubusercontent.com/u/4742306?v=3" width="100px;" alt="Greg Fisher"/><br /><sub><b>Greg Fisher</b></sub>](https://github.com/gnfisher)<br />[๐ป](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Code") [โ ๏ธ](https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher "Tests") | [<img src="https://avatars3.githubusercontent.com/u/370182?v=3" width="100px;" alt="Sam"/><br /><sub><b>Sam</b></sub>](http://samlh.com)<br />[๐ป](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Code") [โ ๏ธ](https://github.com/Venuu/jsonapi-authorization/commits?author=handlers "Tests") | [<img src="https://avatars0.githubusercontent.com/u/2738630?v=3" width="100px;" alt="Justas Palumickas"/><br /><sub><b>Justas Palumickas</b></sub>](https://jpalumickas.com)<br />[๐](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Ajpalumickas "Bug reports") [๐ป](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Code") [โ ๏ธ](https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas "Tests") | [<img src="https://avatars1.githubusercontent.com/u/26158?v=4" width="100px;" alt="Nicholas Rutherford"/><br /><sub><b>Nicholas Rutherford</b></sub>](http://www.google.co.uk/profiles/nick.rutherford)<br />[๐ป](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Code") [โ ๏ธ](https://github.com/Venuu/jsonapi-authorization/commits?author=nruth "Tests") [๐](#infra-nruth "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/5302372?v=4" width="100px;" alt="Matthijsy"/><br /><sub><b>Matthijsy</b></sub>](https://github.com/Matthijsy)<br />[๐](https://github.com/Venuu/jsonapi-authorization/issues?q=author%3AMatthijsy "Bug reports") [โ ๏ธ](https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy "Tests") [๐ป](https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy "Code") |
|
196
|
+
<table><tr><td align="center"><a href="http://vesalaakso.com"><img src="https://avatars.githubusercontent.com/u/482561?v=3" width="100px;" alt="Vesa Laakso"/><br /><sub><b>Vesa Laakso</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=valscion" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=valscion" title="Documentation">๐</a> <a href="#infra-valscion" title="Infrastructure (Hosting, Build-Tools, etc)">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=valscion" title="Tests">โ ๏ธ</a> <a href="https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Avalscion" title="Bug reports">๐</a> <a href="#question-valscion" title="Answering Questions">๐ฌ</a> <a href="#review-valscion" title="Reviewed Pull Requests">๐</a></td><td align="center"><a href="https://github.com/lime"><img src="https://avatars.githubusercontent.com/u/562204?v=3" width="100px;" alt="Emil Sรฅgfors"/><br /><sub><b>Emil Sรฅgfors</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=lime" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=lime" title="Documentation">๐</a> <a href="#infra-lime" title="Infrastructure (Hosting, Build-Tools, etc)">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=lime" title="Tests">โ ๏ธ</a> <a href="https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Alime" title="Bug reports">๐</a> <a href="#question-lime" title="Answering Questions">๐ฌ</a> <a href="#review-lime" title="Reviewed Pull Requests">๐</a></td><td align="center"><a href="https://github.com/matthias-g"><img src="https://avatars.githubusercontent.com/u/1591161?v=3" width="100px;" alt="Matthias Grundmann"/><br /><sub><b>Matthias Grundmann</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g" title="Documentation">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=matthias-g" title="Tests">โ ๏ธ</a> <a href="#question-matthias-g" title="Answering Questions">๐ฌ</a></td><td align="center"><a href="http://thibaud.gg"><img src="https://avatars.githubusercontent.com/u/1322?v=3" width="100px;" alt="Thibaud Guillaume-Gentil"/><br /><sub><b>Thibaud Guillaume-Gentil</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=thibaudgg" title="Code">๐ป</a></td><td align="center"><a href="http://netsteward.net"><img src="https://avatars.githubusercontent.com/u/71660?v=3" width="100px;" alt="Daniel Schweighรถfer"/><br /><sub><b>Daniel Schweighรถfer</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=acid" title="Code">๐ป</a></td><td align="center"><a href="https://github.com/bsofiato"><img src="https://avatars.githubusercontent.com/u/5076967?v=3" width="100px;" alt="Bruno Sofiato"/><br /><sub><b>Bruno Sofiato</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=bsofiato" title="Code">๐ป</a></td><td align="center"><a href="https://github.com/arcreative"><img src="https://avatars.githubusercontent.com/u/1896026?v=3" width="100px;" alt="Adam Robertson"/><br /><sub><b>Adam Robertson</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=arcreative" title="Documentation">๐</a></td></tr><tr><td align="center"><a href="https://github.com/gnfisher"><img src="https://avatars3.githubusercontent.com/u/4742306?v=3" width="100px;" alt="Greg Fisher"/><br /><sub><b>Greg Fisher</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=gnfisher" title="Tests">โ ๏ธ</a></td><td align="center"><a href="http://samlh.com"><img src="https://avatars3.githubusercontent.com/u/370182?v=3" width="100px;" alt="Sam"/><br /><sub><b>Sam</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=handlers" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=handlers" title="Tests">โ ๏ธ</a></td><td align="center"><a href="https://jpalumickas.com"><img src="https://avatars0.githubusercontent.com/u/2738630?v=3" width="100px;" alt="Justas Palumickas"/><br /><sub><b>Justas Palumickas</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Ajpalumickas" title="Bug reports">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=jpalumickas" title="Tests">โ ๏ธ</a></td><td align="center"><a href="http://www.google.co.uk/profiles/nick.rutherford"><img src="https://avatars1.githubusercontent.com/u/26158?v=4" width="100px;" alt="Nicholas Rutherford"/><br /><sub><b>Nicholas Rutherford</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/commits?author=nruth" title="Code">๐ป</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=nruth" title="Tests">โ ๏ธ</a> <a href="#infra-nruth" title="Infrastructure (Hosting, Build-Tools, etc)">๐</a></td><td align="center"><a href="https://github.com/Matthijsy"><img src="https://avatars2.githubusercontent.com/u/5302372?v=4" width="100px;" alt="Matthijsy"/><br /><sub><b>Matthijsy</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/issues?q=author%3AMatthijsy" title="Bug reports">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy" title="Tests">โ ๏ธ</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=Matthijsy" title="Code">๐ป</a></td><td align="center"><a href="https://github.com/brianswko"><img src="https://avatars0.githubusercontent.com/u/3952486?v=4" width="100px;" alt="brianswko"/><br /><sub><b>brianswko</b></sub></a><br /><a href="https://github.com/Venuu/jsonapi-authorization/issues?q=author%3Abrianswko" title="Bug reports">๐</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=brianswko" title="Tests">โ ๏ธ</a> <a href="https://github.com/Venuu/jsonapi-authorization/commits?author=brianswko" title="Code">๐ป</a></td></tr></table>
|
197
|
+
|
191
198
|
<!-- ALL-CONTRIBUTORS-LIST:END -->
|
192
199
|
|
193
200
|
This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
|
@@ -219,6 +219,10 @@ module JSONAPI
|
|
219
219
|
|
220
220
|
related_records = related_resources.map(&:_model)
|
221
221
|
|
222
|
+
if related_records.size != params[:associated_keys].uniq.size
|
223
|
+
fail JSONAPI::Exceptions::RecordNotFound, params[:associated_keys]
|
224
|
+
end
|
225
|
+
|
222
226
|
authorizer.remove_to_many_relationship(
|
223
227
|
source_record: source_record,
|
224
228
|
related_records: related_records,
|
@@ -298,25 +302,6 @@ module JSONAPI
|
|
298
302
|
resource_class_for_relationship(assoc_name)._model_class
|
299
303
|
end
|
300
304
|
|
301
|
-
def related_models
|
302
|
-
data = params[:data]
|
303
|
-
return [] if data.nil?
|
304
|
-
|
305
|
-
[:to_one, :to_many].flat_map do |rel_type|
|
306
|
-
data[rel_type].flat_map do |assoc_name, assoc_value|
|
307
|
-
case assoc_value
|
308
|
-
when Hash # polymorphic relationship
|
309
|
-
resource_class = @resource_klass.resource_for(assoc_value[:type].to_s)
|
310
|
-
resource_class.find_by_key(assoc_value[:id], context: context)._model
|
311
|
-
else
|
312
|
-
resource_class = resource_class_for_relationship(assoc_name)
|
313
|
-
primary_key = resource_class._primary_key
|
314
|
-
resource_class._model_class.where(primary_key => assoc_value)
|
315
|
-
end
|
316
|
-
end
|
317
|
-
end
|
318
|
-
end
|
319
|
-
|
320
305
|
def related_models_with_context
|
321
306
|
data = params[:data]
|
322
307
|
return { relationship: nil, relation_name: nil, records: nil } if data.nil?
|
@@ -330,12 +315,15 @@ module JSONAPI
|
|
330
315
|
when Hash # polymorphic relationship
|
331
316
|
resource_class = @resource_klass.resource_for(assoc_value[:type].to_s)
|
332
317
|
resource_class.find_by_key(assoc_value[:id], context: context)._model
|
333
|
-
when Array
|
334
|
-
resource_class = resource_class_for_relationship(assoc_name)
|
335
|
-
resource_class.find_by_keys(assoc_value, context: context).map(&:_model)
|
336
318
|
else
|
337
319
|
resource_class = resource_class_for_relationship(assoc_name)
|
338
|
-
resource_class.
|
320
|
+
resources = resource_class.find_by_keys(assoc_value, context: context)
|
321
|
+
resources.map(&:_model).tap do |scoped_records|
|
322
|
+
related_ids = Array.wrap(assoc_value).uniq
|
323
|
+
if scoped_records.count != related_ids.count
|
324
|
+
fail JSONAPI::Exceptions::RecordNotFound, related_ids
|
325
|
+
end
|
326
|
+
end
|
339
327
|
end
|
340
328
|
|
341
329
|
{
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jsonapi-authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Vesa Laakso
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2019-03-
|
12
|
+
date: 2019-03-28 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: jsonapi-resources
|