kitty_policy 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/Gemfile.lock +3 -3
  4. data/README.md +29 -3
  5. data/kitty_policy.gemspec +1 -1
  6. data/lib/kitty_policy/graphql/field_authorization.rb +35 -1
  7. data/lib/kitty_policy/version.rb +1 -1
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 36bb0e98df928a03bb4e18761f8e23e7b7868da05d15bb70f81425d76f936da1
4
- data.tar.gz: 6a00a72433c6cc7016f5d62427395d52914bab78fea76e2cdd1faf3b6f526924
3
+ metadata.gz: '0159e69ff0c1cd85d24083361b3bcc707159b4999e3dd4a2282ecfae44d29168'
4
+ data.tar.gz: f5f5cf029c27f6f5994447c3076da6f25ac679addddef3d27e9a56114fc78ae6
5
5
  SHA512:
6
- metadata.gz: fc35eeb00ba8e1ec5d43ed4a20fa710fc2e1c347dea3d3f8424809f8eaf5a80300a99bb760d08660cb3ae5a9a32909fd61e6e2336bf95df27af3fdc59f5219ee
7
- data.tar.gz: 81905f36f0b2cc4f2b007b53b5599d05f9be8777818a713706ec93c687fad1fcb76a9f49f27a651c2542e1323c4e389219ea2129e870b0e2d5f97a93d9bd7c2a
6
+ metadata.gz: 52573700c0ab4b4e2128125394e90861499e45aed9bd9fb9996dd8053c0b1db5372e5e0d0981cf04749c65c038251029ab6a3e074b4d4789912c55966db05237
7
+ data.tar.gz: 0fabbfd1c4bcb1fe472fafd1dfc4911e718191b6a5c518f5b73712aa99e3be719ce1a8517a89c0447a9a36e9af2d95a33e15b40d5db2976af28f8db9b1daaacb
data/CHANGELOG.md CHANGED
@@ -1,5 +1,10 @@
1
1
  # Changelog
2
2
 
3
+ ## Version 0.1.3
4
+
5
+ * **[feature]** Added `authorize_object` for field authorization (@tgroutars)
6
+ - *no support for connections and arrays*
7
+
3
8
  ## Version 0.1.2
4
9
 
5
10
  * **[fix]** Allow `fallback: []` to work for Relay connections (@rstankov)
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- kitty_policy (0.1.2)
4
+ kitty_policy (0.1.3)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
@@ -14,7 +14,7 @@ GEM
14
14
  parser (2.6.3.0)
15
15
  ast (~> 2.4.0)
16
16
  rainbow (3.0.0)
17
- rake (10.5.0)
17
+ rake (13.0.1)
18
18
  rspec (3.8.0)
19
19
  rspec-core (~> 3.8.0)
20
20
  rspec-expectations (~> 3.8.0)
@@ -47,7 +47,7 @@ DEPENDENCIES
47
47
  bundler (~> 2.0)
48
48
  graphql (~> 1.8)
49
49
  kitty_policy!
50
- rake (~> 10.0)
50
+ rake (~> 13.0)
51
51
  rspec (~> 3.8)
52
52
  rspec-mocks (~> 3.8)
53
53
  rubocop (= 0.72.0)
data/README.md CHANGED
@@ -8,9 +8,9 @@ Minimalistic authorization library extracted from [Product Hunt](https://www.pro
8
8
 
9
9
  Features:
10
10
 
11
- * small DSL for defining abilities
12
- * not class initializations when performing abilities check
13
- * integrations with [GraphQL gem](https://rubygems.org/gems/graphql).
11
+ - small DSL for defining abilities
12
+ - not class initializations when performing abilities check
13
+ - integrations with [GraphQL gem](https://rubygems.org/gems/graphql).
14
14
 
15
15
  ## Installation
16
16
 
@@ -190,6 +190,32 @@ module Types
190
190
  end
191
191
  ```
192
192
 
193
+ ```ruby
194
+ module Types
195
+ class QueryType < BaseObject
196
+ # With fallback, same as:
197
+ # if ApplicationPolicy.can?(context[:current_user], :view, post)
198
+ # return post
199
+ # else
200
+ # return nil
201
+ # end
202
+ field :post, PostType, null: false, authorize_object: :view, fallback: nil do
203
+ argument :id, ID, required: true
204
+ end
205
+
206
+ # Without fallback, same as:
207
+ # if ApplicationPolicy.can?(context[:current_user], :view, post)
208
+ # return post
209
+ # else
210
+ # raise KittyPolicy::AccessDenied(context[:current_user], :view, post)
211
+ # end
212
+ field :post, PostType, null: false, authorize_object: :view do
213
+ argument :id, ID, required: true
214
+ end
215
+ end
216
+ end
217
+ ```
218
+
193
219
  #### Can resolver
194
220
 
195
221
  Exposes if current user can perform certain action.
data/kitty_policy.gemspec CHANGED
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
30
30
 
31
31
  spec.add_development_dependency 'bundler', '~> 2.0'
32
32
  spec.add_development_dependency 'graphql', '~> 1.8'
33
- spec.add_development_dependency 'rake', '~> 10.0'
33
+ spec.add_development_dependency 'rake', '~> 13.0'
34
34
  spec.add_development_dependency 'rspec', '~> 3.8'
35
35
  spec.add_development_dependency 'rspec-mocks', '~> 3.8'
36
36
  spec.add_development_dependency 'rubocop', '0.72.0'
data/lib/kitty_policy/graphql/field_authorization.rb CHANGED
@@ -9,8 +9,15 @@ module KittyPolicy
9
9
  end
10
10
 
11
11
  def instrument(_type, field)
12
- return field unless field.metadata.key?(:authorize)
12
+ return instrument_with_authorize(field) if field.metadata.key?(:authorize)
13
+ return instrument_with_authorize_object(field) if field.metadata.key?(:authorize_object)
13
14
 
15
+ field
16
+ end
17
+
18
+ private
19
+
20
+ def instrument_with_authorize(field)
14
21
  policy = @policy
15
22
  current_user_key = @current_user_key
16
23
 
@@ -40,6 +47,31 @@ module KittyPolicy
40
47
  resolve new_resolve
41
48
  end
42
49
  end
50
+
51
+ def instrument_with_authorize_object(field)
52
+ raise "Can't use `authorize_object` on a connection" if field.connection?
53
+ raise "Can't use `authorize_object` on an array" if field.type.list?
54
+
55
+ policy = @policy
56
+ current_user_key = @current_user_key
57
+
58
+ old_resolve = field.resolve_proc
59
+ new_resolve = lambda do |type_or_object, arguments, context|
60
+ object = old_resolve.call(type_or_object, arguments, context)
61
+ if object.nil?
62
+ object
63
+ elsif field.metadata.key?(:fallback)
64
+ policy.can?(context[current_user_key], field.metadata[:authorize_object], object) ? object : field.metadata[:fallback]
65
+ else
66
+ policy.authorize!(context[current_user_key], field.metadata[:authorize_object], object)
67
+ object
68
+ end
69
+ end
70
+
71
+ field.redefine do
72
+ resolve new_resolve
73
+ end
74
+ end
43
75
  end
44
76
 
45
77
  class AssignFallbackKey
@@ -60,10 +92,12 @@ if defined?(::GraphQL::Field)
60
92
  ::GraphQL::Field.accepts_definitions(
61
93
  fallback: KittyPolicy::GraphQL::AssignFallbackKey.new(:fallback),
62
94
  authorize: GraphQL::Define.assign_metadata_key(:authorize),
95
+ authorize_object: GraphQL::Define.assign_metadata_key(:authorize_object),
63
96
  )
64
97
  end
65
98
 
66
99
  if defined?(::GraphQL::Schema::Field)
67
100
  ::GraphQL::Schema::Field.accepts_definition(:fallback)
68
101
  ::GraphQL::Schema::Field.accepts_definition(:authorize)
102
+ ::GraphQL::Schema::Field.accepts_definition(:authorize_object)
69
103
  end
data/lib/kitty_policy/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module KittyPolicy
4
- VERSION = '0.1.2'
4
+ VERSION = '0.1.3'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kitty_policy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Radoslav Stankov
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-04 00:00:00.000000000 Z
11
+ date: 2020-03-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -44,14 +44,14 @@ dependencies:
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '10.0'
47
+ version: '13.0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '10.0'
54
+ version: '13.0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rspec
57
57
  requirement: !ruby/object:Gem::Requirement