machina-auth 0.1.5 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca27cf7dd475d64e5bbf876084d6e7445a56ac65dbf9967d5b9b50a91f04f155
-  data.tar.gz: ad165e21c3628da603b016a7e40911f7efc3e60131cbad506ee1c5cb2dde48c8
+  metadata.gz: 779a01d0ee76aefd789279497b06a5eb82bafc444d783d6f279cf75e31e37b57
+  data.tar.gz: 3533cf0c697aa3698225c9527df313f7d09643cd04e641af597d0b0d874ab518
 SHA512:
-  metadata.gz: 3830bfe8f9b10c30bfedf347d3efa00ecc36feb09a028ed9372512c7c0a3f6817bee27a321c008394c6361b68c85e2aeb5ad0d71b41a72fd779ea8340d7e7fe6
-  data.tar.gz: f6c04f4aea2b6ad6f01c5632c3e49e92291a8341bb01c751f11eb22d6612aaad8e7f9b4c1124d77d9138c34094de00f41195cbabd60d6957293613111fa60bef
+  metadata.gz: 4d896e66034311c92ef6b5b99f1ffd6d0adfa8033f78922305d354c5009500e516ebbd49b766f615758cbaee4003246017a2fed1209cdbbb2539b3e614e78d5f
+  data.tar.gz: e7276fa8589250b587754784882592380d20bf30e05b0dcf71b352b7d5664375decc54907c18821d8369e4aa83ae5f6c00d208ff0efe8f1ecd0f8e86873a3c00

data/lib/machina/middleware/authentication.rb

@@ -117,7 +117,6 @@ module Machina
       def cache_key(token)
         "machina:session:#{token}"
       end
-
     end
   end
 end

data/lib/machina/permission_sync.rb

@@ -14,13 +14,12 @@ module Machina
     def call!
       manifest = load_manifest
 
-      product_id = manifest[:product_id] || Machina.config.product_id
-      if product_id.blank?
-        raise Machina::ConfigurationError, 'product_id is required for permission sync (set in machina.yml or Machina.config)'
+      if Machina.config.product_id.blank?
+        raise Machina::ConfigurationError, 'product_id is required for permission sync (set Machina.config.product_id)'
       end
 
       Machina.identity_client.sync_permissions(
-        product_id:,
+        product_id: Machina.config.product_id,
         policies: manifest.fetch(:policies, []),
         permissions: manifest.fetch(:permissions),
       )

data/lib/machina/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Machina
-  VERSION = '0.1.5'
+  VERSION = '0.1.6'
 end

data/lib/machina.rb

@@ -101,7 +101,8 @@ module Machina
       callback = config.identity_callback_uri
 
       if callback.blank?
-        raise ConfigurationError, 'identity_callback_uri must be configured to use authorize_url without an explicit redirect_to'
+        raise ConfigurationError,
+              'identity_callback_uri must be configured to use authorize_url without an explicit redirect_to'
       end
 
       return_to.present? ? "#{callback}?return_to=#{CGI.escape(return_to)}" : callback

data/spec/machina/current_spec.rb

@@ -19,10 +19,10 @@ RSpec.describe Machina::Current do
       # but each CurrentAttributes subclass has its own thread-local storage.
       described_class.authorized = authorized
 
-      expect(::Current.authorized).to be_nil
+      expect(Current.authorized).to be_nil
       expect(described_class.authorized).to eq(authorized)
     ensure
-      ::Current.reset
+      Current.reset
     end
 
     it 'returns nil when nothing is set' do

data/spec/machina/permission_sync_spec.rb

@@ -4,9 +4,10 @@ require_relative '../rails_helper'
 
 RSpec.describe Machina::PermissionSync do
   let(:client) { instance_double(Machina::IdentityClient) }
+  let(:config_product_id) { 'a1b2c3d4-e5f6-7890-abcd-ef1234567890' }
 
   before do
-    Machina.config.product_id = 'a1b2c3d4-e5f6-7890-abcd-ef1234567890'
+    Machina.config.product_id = config_product_id
     allow(Machina).to receive(:identity_client).and_return(client)
     allow(client).to receive(:sync_permissions)
   end
@@ -15,7 +16,7 @@ RSpec.describe Machina::PermissionSync do
     described_class.call!
 
     expect(client).to have_received(:sync_permissions).with(
-      product_id: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890',
+      product_id: config_product_id,
       permissions: [{ key: 'sessions.view', description: 'View sessions' }],
       policies: [{ name: 'Viewer', api_name: 'viewer', permissions: ['sessions.view'] }],
     )
@@ -31,8 +32,6 @@ RSpec.describe Machina::PermissionSync do
     let(:tmpfile) do
       file = Tempfile.new(['machina', '.yml'])
       file.write(<<~YAML)
-        product_id: flat-product-id
-
         permissions:
           - key: items.view
             description: View items
@@ -54,7 +53,7 @@ RSpec.describe Machina::PermissionSync do
       described_class.call!
 
       expect(client).to have_received(:sync_permissions).with(
-        product_id: 'flat-product-id',
+        product_id: config_product_id,
         permissions: [{ key: 'items.view', description: 'View items' }],
         policies: [{ name: 'Reader', api_name: 'reader', permissions: ['items.view'] }],
       )
@@ -66,14 +65,12 @@ RSpec.describe Machina::PermissionSync do
       file = Tempfile.new(['machina', '.yml'])
       file.write(<<~YAML)
         test:
-          product_id: test-product-id
           permissions:
             - key: reports.view
               description: View reports
           policies: []
 
         production:
-          product_id: prod-product-id
           permissions:
             - key: reports.view
               description: View reports
@@ -85,18 +82,14 @@ RSpec.describe Machina::PermissionSync do
       file
     end
 
-    before do
-      Machina.config.manifest = tmpfile.path
-      Machina.config.product_id = nil
-    end
-
+    before { Machina.config.manifest = tmpfile.path }
     after { tmpfile.unlink }
 
     it 'loads the manifest scoped to the current Rails environment' do
       described_class.call!
 
       expect(client).to have_received(:sync_permissions).with(
-        product_id: 'test-product-id',
+        product_id: config_product_id,
         permissions: [{ key: 'reports.view', description: 'View reports' }],
         policies: [],
       )
@@ -107,8 +100,6 @@ RSpec.describe Machina::PermissionSync do
     let(:tmpfile) do
       file = Tempfile.new(['machina', '.yml'])
       file.write(<<~YAML)
-        product_id: <%= "erb-product-id" %>
-
         permissions:
           - key: tasks.view
             description: View tasks
@@ -119,51 +110,20 @@ RSpec.describe Machina::PermissionSync do
       file
     end
 
-    before do
-      Machina.config.manifest = tmpfile.path
-      Machina.config.product_id = nil
-    end
-
+    before { Machina.config.manifest = tmpfile.path }
     after { tmpfile.unlink }
 
     it 'evaluates ERB before parsing YAML' do
       described_class.call!
 
       expect(client).to have_received(:sync_permissions).with(
-        product_id: 'erb-product-id',
+        product_id: config_product_id,
         permissions: [{ key: 'tasks.view', description: 'View tasks' }],
         policies: [],
       )
     end
   end
 
-  context 'when manifest product_id is absent but config product_id is set' do
-    let(:tmpfile) do
-      file = Tempfile.new(['machina', '.yml'])
-      file.write(<<~YAML)
-        permissions:
-          - key: items.view
-            description: View items
-        policies: []
-      YAML
-      file.close
-      file
-    end
-
-    before { Machina.config.manifest = tmpfile.path }
-    after { tmpfile.unlink }
-
-    it 'falls back to Machina.config.product_id' do
-      described_class.call!
-
-      expect(client).to have_received(:sync_permissions).with(
-        product_id: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890',
-        permissions: [{ key: 'items.view', description: 'View items' }],
-        policies: [],
-      )
-    end
-  end
-
   context 'when policies key is omitted from manifest' do
     let(:tmpfile) do
       file = Tempfile.new(['machina', '.yml'])
@@ -183,7 +143,7 @@ RSpec.describe Machina::PermissionSync do
       described_class.call!
 
       expect(client).to have_received(:sync_permissions).with(
-        product_id: 'a1b2c3d4-e5f6-7890-abcd-ef1234567890',
+        product_id: config_product_id,
         permissions: [{ key: 'items.view', description: 'View items' }],
         policies: [],
       )

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: machina-auth
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: ruby
 authors:
 - ZAR