kitty_policy 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/Gemfile.lock +3 -3
- data/README.md +29 -3
- data/kitty_policy.gemspec +1 -1
- data/lib/kitty_policy/graphql/field_authorization.rb +35 -1
- data/lib/kitty_policy/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0159e69ff0c1cd85d24083361b3bcc707159b4999e3dd4a2282ecfae44d29168'
|
|
4
|
+
data.tar.gz: f5f5cf029c27f6f5994447c3076da6f25ac679addddef3d27e9a56114fc78ae6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 52573700c0ab4b4e2128125394e90861499e45aed9bd9fb9996dd8053c0b1db5372e5e0d0981cf04749c65c038251029ab6a3e074b4d4789912c55966db05237
|
|
7
|
+
data.tar.gz: 0fabbfd1c4bcb1fe472fafd1dfc4911e718191b6a5c518f5b73712aa99e3be719ce1a8517a89c0447a9a36e9af2d95a33e15b40d5db2976af28f8db9b1daaacb
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
kitty_policy (0.1.
|
|
4
|
+
kitty_policy (0.1.3)
|
|
5
5
|
|
|
6
6
|
GEM
|
|
7
7
|
remote: https://rubygems.org/
|
|
@@ -14,7 +14,7 @@ GEM
|
|
|
14
14
|
parser (2.6.3.0)
|
|
15
15
|
ast (~> 2.4.0)
|
|
16
16
|
rainbow (3.0.0)
|
|
17
|
-
rake (
|
|
17
|
+
rake (13.0.1)
|
|
18
18
|
rspec (3.8.0)
|
|
19
19
|
rspec-core (~> 3.8.0)
|
|
20
20
|
rspec-expectations (~> 3.8.0)
|
|
@@ -47,7 +47,7 @@ DEPENDENCIES
|
|
|
47
47
|
bundler (~> 2.0)
|
|
48
48
|
graphql (~> 1.8)
|
|
49
49
|
kitty_policy!
|
|
50
|
-
rake (~>
|
|
50
|
+
rake (~> 13.0)
|
|
51
51
|
rspec (~> 3.8)
|
|
52
52
|
rspec-mocks (~> 3.8)
|
|
53
53
|
rubocop (= 0.72.0)
|
data/README.md
CHANGED
|
@@ -8,9 +8,9 @@ Minimalistic authorization library extracted from [Product Hunt](https://www.pro
|
|
|
8
8
|
|
|
9
9
|
Features:
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
- small DSL for defining abilities
|
|
12
|
+
- not class initializations when performing abilities check
|
|
13
|
+
- integrations with [GraphQL gem](https://rubygems.org/gems/graphql).
|
|
14
14
|
|
|
15
15
|
## Installation
|
|
16
16
|
|
|
@@ -190,6 +190,32 @@ module Types
|
|
|
190
190
|
end
|
|
191
191
|
```
|
|
192
192
|
|
|
193
|
+
```ruby
|
|
194
|
+
module Types
|
|
195
|
+
class QueryType < BaseObject
|
|
196
|
+
# With fallback, same as:
|
|
197
|
+
# if ApplicationPolicy.can?(context[:current_user], :view, post)
|
|
198
|
+
# return post
|
|
199
|
+
# else
|
|
200
|
+
# return nil
|
|
201
|
+
# end
|
|
202
|
+
field :post, PostType, null: false, authorize_object: :view, fallback: nil do
|
|
203
|
+
argument :id, ID, required: true
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
# Without fallback, same as:
|
|
207
|
+
# if ApplicationPolicy.can?(context[:current_user], :view, post)
|
|
208
|
+
# return post
|
|
209
|
+
# else
|
|
210
|
+
# raise KittyPolicy::AccessDenied(context[:current_user], :view, post)
|
|
211
|
+
# end
|
|
212
|
+
field :post, PostType, null: false, authorize_object: :view do
|
|
213
|
+
argument :id, ID, required: true
|
|
214
|
+
end
|
|
215
|
+
end
|
|
216
|
+
end
|
|
217
|
+
```
|
|
218
|
+
|
|
193
219
|
#### Can resolver
|
|
194
220
|
|
|
195
221
|
Exposes if current user can perform certain action.
|
data/kitty_policy.gemspec
CHANGED
|
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
|
|
|
30
30
|
|
|
31
31
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
|
32
32
|
spec.add_development_dependency 'graphql', '~> 1.8'
|
|
33
|
-
spec.add_development_dependency 'rake', '~>
|
|
33
|
+
spec.add_development_dependency 'rake', '~> 13.0'
|
|
34
34
|
spec.add_development_dependency 'rspec', '~> 3.8'
|
|
35
35
|
spec.add_development_dependency 'rspec-mocks', '~> 3.8'
|
|
36
36
|
spec.add_development_dependency 'rubocop', '0.72.0'
|
|
@@ -9,8 +9,15 @@ module KittyPolicy
|
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def instrument(_type, field)
|
|
12
|
-
return field
|
|
12
|
+
return instrument_with_authorize(field) if field.metadata.key?(:authorize)
|
|
13
|
+
return instrument_with_authorize_object(field) if field.metadata.key?(:authorize_object)
|
|
13
14
|
|
|
15
|
+
field
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
private
|
|
19
|
+
|
|
20
|
+
def instrument_with_authorize(field)
|
|
14
21
|
policy = @policy
|
|
15
22
|
current_user_key = @current_user_key
|
|
16
23
|
|
|
@@ -40,6 +47,31 @@ module KittyPolicy
|
|
|
40
47
|
resolve new_resolve
|
|
41
48
|
end
|
|
42
49
|
end
|
|
50
|
+
|
|
51
|
+
def instrument_with_authorize_object(field)
|
|
52
|
+
raise "Can't use `authorize_object` on a connection" if field.connection?
|
|
53
|
+
raise "Can't use `authorize_object` on an array" if field.type.list?
|
|
54
|
+
|
|
55
|
+
policy = @policy
|
|
56
|
+
current_user_key = @current_user_key
|
|
57
|
+
|
|
58
|
+
old_resolve = field.resolve_proc
|
|
59
|
+
new_resolve = lambda do |type_or_object, arguments, context|
|
|
60
|
+
object = old_resolve.call(type_or_object, arguments, context)
|
|
61
|
+
if object.nil?
|
|
62
|
+
object
|
|
63
|
+
elsif field.metadata.key?(:fallback)
|
|
64
|
+
policy.can?(context[current_user_key], field.metadata[:authorize_object], object) ? object : field.metadata[:fallback]
|
|
65
|
+
else
|
|
66
|
+
policy.authorize!(context[current_user_key], field.metadata[:authorize_object], object)
|
|
67
|
+
object
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
field.redefine do
|
|
72
|
+
resolve new_resolve
|
|
73
|
+
end
|
|
74
|
+
end
|
|
43
75
|
end
|
|
44
76
|
|
|
45
77
|
class AssignFallbackKey
|
|
@@ -60,10 +92,12 @@ if defined?(::GraphQL::Field)
|
|
|
60
92
|
::GraphQL::Field.accepts_definitions(
|
|
61
93
|
fallback: KittyPolicy::GraphQL::AssignFallbackKey.new(:fallback),
|
|
62
94
|
authorize: GraphQL::Define.assign_metadata_key(:authorize),
|
|
95
|
+
authorize_object: GraphQL::Define.assign_metadata_key(:authorize_object),
|
|
63
96
|
)
|
|
64
97
|
end
|
|
65
98
|
|
|
66
99
|
if defined?(::GraphQL::Schema::Field)
|
|
67
100
|
::GraphQL::Schema::Field.accepts_definition(:fallback)
|
|
68
101
|
::GraphQL::Schema::Field.accepts_definition(:authorize)
|
|
102
|
+
::GraphQL::Schema::Field.accepts_definition(:authorize_object)
|
|
69
103
|
end
|
data/lib/kitty_policy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kitty_policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Radoslav Stankov
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-03-
|
|
11
|
+
date: 2020-03-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '13.0'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '13.0'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: rspec
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|