maestrano-connector-rails 2.1.3 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7584b14f55bfa93f3c87fe25af6b3e39ef682d21
-  data.tar.gz: 0f6fe8db8fd9b034975e302a33c0347750e8010d
+  metadata.gz: 6aacb721d865456e02851131b118f16891870268
+  data.tar.gz: ab5b6a2fa521f79c7e42d8028387504d0a6e5929
 SHA512:
-  metadata.gz: f5cccf86f6b684398321102b4cc8adbf1fd3ff12afbf4cd036f870c8ee4338c0d44970a99ce01f0b533998b32f97b1d63271ee72a717f1746936df55f96ea714
-  data.tar.gz: 0e24c79572f5675f261ada81e53632a1605a13a22f01f887887d7ea21054e9c502068bb898c02b8ef8445d39b6b9bc7de3e522fa7b43bd24e28d8f2a3d7b40cc
+  metadata.gz: 824bde6273b0f0bcecfd4a8b390c14851860cae5c5cc36ff133fbbbdd1b58105f8614244fc198dc0d1e28ba199790e2527399a3fa9764629aeac82957e135a65
+  data.tar.gz: 7f62f2ace833c722ee02fc37228393b054f119a6634cfdc8dbf263e9e5ec882b9f610d88c391a67222da19b8f12998c8b2df7d73123846ce907d61b4eedb8105

data/.rubocop.yml

@@ -29,7 +29,7 @@ Metrics/LineLength:
 Metrics/MethodLength:
   Max: 50
 
-Style/IndentationConsistency:
+Layout/IndentationConsistency:
   EnforcedStyle: rails
 
 # Missing top-level class documentation comment
@@ -40,7 +40,7 @@ Style/ClassAndModuleChildren:
   Enabled: false
 
 # Space inside braces => only for blocks (not for literal)
-Style/SpaceInsideHashLiteralBraces:
+Layout/SpaceInsideHashLiteralBraces:
   EnforcedStyle: no_space
 
 # Checks for unused block arguments

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2017-06-06 10:23:17 +0100 using RuboCop version 0.45.0.
+# on 2017-09-19 10:17:44 +0100 using RuboCop version 0.49.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -28,7 +28,7 @@ Metrics/CyclomaticComplexity:
 # Offense count: 3
 # Configuration parameters: CountComments.
 Metrics/ModuleLength:
-  Max: 217
+  Max: 212
 
 # Offense count: 2
 # Configuration parameters: CountKeywordArgs.
@@ -46,6 +46,14 @@ Performance/FlatMap:
   Exclude:
     - 'app/models/maestrano/connector/rails/concerns/complex_entity.rb'
 
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: Whitelist.
+# Whitelist: find_by_sql
+Rails/DynamicFindBy:
+  Exclude:
+    - 'app/controllers/maestrano/api/api_controller.rb'
+
 # Offense count: 6
 # Configuration parameters: EnforcedStyle, SupportedStyles.
 # SupportedStyles: strict, flexible
@@ -81,15 +89,7 @@ Style/DoubleNegation:
   Exclude:
     - 'app/controllers/maestrano/auth/saml_controller.rb'
 
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, SupportedStyles.
-# SupportedStyles: empty_lines, empty_lines_except_namespace, no_empty_lines
-Style/EmptyLinesAroundModuleBody:
-  Exclude:
-    - 'app/jobs/maestrano/connector/rails/push_to_connec_worker.rb'
-
-# Offense count: 52
+# Offense count: 56
 # Cop supports --auto-correct.
 # Configuration parameters: EnforcedStyle, SupportedStyles.
 # SupportedStyles: when_needed, always
@@ -113,11 +113,3 @@ Style/PredicateName:
 Style/RegexpLiteral:
   Exclude:
     - 'app/models/maestrano/connector/rails/concerns/entity.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, SupportedStyles.
-# SupportedStyles: final_newline, final_blank_line
-Style/TrailingBlankLines:
-  Exclude:
-    - 'app/helpers/maestrano/connector/rails/session_helper.rb'

data/.travis.yml

@@ -0,0 +1,7 @@
+language: ruby
+rvm:
+ - 2.3
+services:
+  - redis-server
+before_install:
+  - gem install bundler # Update bundler version

data/Gemfile

@@ -7,3 +7,11 @@ group :development do
   gem 'activerecord-jdbcsqlite3-adapter', platforms: :jruby
   gem 'sqlite3', platforms: :ruby
 end
+
+group :test do
+  gem 'jsonapi-resources'
+  gem 'jsonapi-resources-matchers', require: false
+  gem 'pundit'
+  gem 'pundit-matchers'
+  gem 'pundit-resources'
+end

data/app/controllers/maestrano/api/account_controller.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Maestrano
+  module Api
+    class AccountController < ApiController
+      include Maestrano::Api::Concerns::AccountController
+    end
+  end
+end

data/app/controllers/maestrano/api/api_controller.rb

@@ -0,0 +1,42 @@
+module Maestrano
+  module Api
+    class ApiController < JSONAPI::ResourceController
+      protect_from_forgery
+      before_action :authenticate_client!
+
+      # Return the current API client (tenant)
+      attr_accessor :client
+
+      def context
+        {client: client, params: params, current_user: client, policy_used: -> { @policy_used = true }}
+      end
+
+      protected
+
+        def current_user
+          @client
+        end
+
+        def authorize(record, query = nil)
+          context[:policy_used]&.call
+          super
+        end
+
+      private
+
+        def authenticate_client!
+          authenticate_tenant || unauthorized!
+        end
+
+        def unauthorized!
+          head :unauthorized
+        end
+
+        def authenticate_tenant
+          @client = authenticate_with_http_basic do |api_key, api_secret|
+            Maestrano.find_by_app_id_and_app_key(api_key, api_secret)
+          end
+        end
+    end
+  end
+end

data/app/controllers/maestrano/api/concerns/account_controller.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Maestrano
+  module Api
+    module Concerns
+      module AccountController
+        extend ActiveSupport::Concern
+
+        #==================================================================
+        # Included methods
+        #==================================================================
+        # 'included do' causes the included code to be evaluated in the
+        # context where it is included rather than being executed in the
+        # module's context
+        included do
+        end
+
+        #==================================================================
+        # Class methods
+        #==================================================================
+        module ClassMethods
+        end
+
+        #==================================================================
+        # Instance methods
+        #==================================================================
+        def setup_form
+          form = {
+            schema: {
+              type: 'object',
+              properties: {
+                array: {
+                  title: 'You have not configured your schema form',
+                  type: 'array',
+                  items: {
+                    type: 'string',
+                    enum: [
+                      "Ok I'll do it right away",
+                      "I'll let someone else do it for me"
+                    ]
+                  }
+                }
+              }
+            }
+          }
+          render json: form.to_json
+        end
+
+        def link_account
+          render json: {error: 'Method to link account has not been implemented'}
+        end
+
+        def unlink_account
+          organization = Maestrano::Connector::Rails::Organization.find_by(uid: params[:uid])
+          organization.clear_omniauth
+          render json: {status: 'ok'}.to_json
+        end
+      end
+    end
+  end
+end

data/app/controllers/maestrano/api/id_maps_controller.rb

@@ -0,0 +1,6 @@
+module Maestrano
+  module Api
+    class IdMapsController < ApiController
+    end
+  end
+end

data/app/controllers/maestrano/api/organizations_controller.rb

@@ -0,0 +1,6 @@
+module Maestrano
+  module Api
+    class OrganizationsController < ApiController
+    end
+  end
+end

data/app/controllers/maestrano/api/synchronizations_controller.rb

@@ -0,0 +1,6 @@
+module Maestrano
+  module Api
+    class SynchronizationsController < ApiController
+    end
+  end
+end

data/app/controllers/maestrano/api/users_controller.rb

@@ -0,0 +1,6 @@
+module Maestrano
+  module Api
+    class UsersController < ApiController
+    end
+  end
+end

data/app/controllers/maestrano/synchronizations_controller.rb

@@ -17,6 +17,9 @@ class Maestrano::SynchronizationsController < Maestrano::Rails::WebHookControlle
     organization = Maestrano::Connector::Rails::Organization.find_by(uid: uid, tenant: tenant)
     return render json: {errors: [{message: 'Organization not found', code: 404}]}, status: :not_found unless organization
 
+    organization.sync_enabled = organization.synchronized_entities.values.any? { |settings| settings.values.any? { |v| v } }
+    organization.save if organization.sync_enabled_changed?
+
     status = organization_status(organization)
 
     unless %w[RUNNING ENQUEUED].include?(status)

data/app/helpers/maestrano/connector/rails/session_helper.rb

@@ -16,4 +16,4 @@ module Maestrano::Connector::Rails
       @is_admin ||= current_user && current_organization && is_admin?(current_user, current_organization)
     end
   end
-end
+end

data/app/jobs/maestrano/connector/rails/push_to_connec_worker.rb

@@ -1,5 +1,4 @@
 module Maestrano::Connector::Rails
-
   # This class process the push to Connec, it use PushToConnecJob for retrocompatibility
   # By using sidekiq-unique-jobs, it makes sure that 2 calls on the same entity, are processed in order
   class PushToConnecWorker

data/app/policies/maestrano/connector/rails/application_policy.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+# Abstract base class for all policies
+# @abstract
+# @!attribute [r] user
+#   @return [User] the current user
+# @!attribute [r] record
+#   @return [Object] some kind of model object, whose authorization you want to check
+class Maestrano::Connector::Rails::ApplicationPolicy
+  attr_reader :user, :record
+
+  # Returns a new instance of {BasePolicy}
+  # @param [User] user the current user
+  # @param [Object] record some kind of model object, whose authorization you want to check
+  # @return [ApplicationPolicy]
+  def initialize(user, record)
+    # Closed system: must be logged in to do anything
+    raise Pundit::NotAuthorizedError, 'must be logged in' unless user
+    @user = user
+    @record = record
+  end
+
+  def create?
+    false
+  end
+
+  def new?
+    create?
+  end
+
+  def update?
+    create?
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    false
+  end
+
+  def scope
+    Pundit.policy_scope!(user, record.class)
+  end
+
+  class Scope
+    attr_reader :user, :scope
+
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+
+    def resolve
+      scope_to_tenant
+    end
+
+    def scope_to_tenant
+      scope.where(tenant: user)
+    end
+  end
+end

data/app/policies/maestrano/connector/rails/id_map_policy.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class Maestrano::Connector::Rails::IdMapPolicy < Maestrano::Connector::Rails::ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      scope.includes(:organization).where('organizations.tenant': user)
+    end
+  end
+end

data/app/policies/maestrano/connector/rails/organization_policy.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class Maestrano::Connector::Rails::OrganizationPolicy < Maestrano::Connector::Rails::ApplicationPolicy
+  def create?
+    true
+  end
+end

data/app/policies/maestrano/connector/rails/synchronization_policy.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class Maestrano::Connector::Rails::SynchronizationPolicy < Maestrano::Connector::Rails::ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      scope.includes(:organization).where('organizations.tenant': user)
+    end
+  end
+end

data/app/policies/maestrano/connector/rails/user_policy.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class Maestrano::Connector::Rails::UserPolicy < Maestrano::Connector::Rails::ApplicationPolicy
+  def create?
+    true
+  end
+end

data/app/resources/maestrano/api/base_resource.rb

@@ -0,0 +1,67 @@
+module Maestrano
+  module Api
+    class BaseResource < JSONAPI::Resource
+      abstract
+      include Pundit::Resource
+
+      API_SQL_OPERATOR_MAPPING = {
+        gt: '>',
+        gte: '>=',
+        lt: '<',
+        lte: '<=',
+        ne: '<>',
+        like: 'LIKE'
+      }.freeze
+
+      def self.all_filters
+        # Skipping if there is no tables as calling columns_hash in attribute_type is causing issue
+        return unless tables_exists?
+        _attributes.keys.each do |attribute|
+          type = attribute_type(attribute)
+          if type == :boolean
+            # https://github.com/cerebris/jsonapi-resources/issues/852
+            # make sure filter applied on boolean works
+            filter(attribute, verify: :verify_boolean_filter)
+          else
+            filter(attribute)
+          end
+        end
+        generate_composite_filters
+      end
+
+      def self.generate_composite_filters
+        _allowed_filters.keys.each do |key|
+          # iterating through all the api operator and adding them as custom filter
+          # name.gt, name.like etc...
+          next unless _model_class
+          field = "#{_model_class.table_name}.#{key}"
+
+          API_SQL_OPERATOR_MAPPING.each do |api_operator, sql_operator|
+            filter "#{key}.#{api_operator}",
+                   apply: ->(records, value, _options) { records.where("#{field} #{sql_operator} ?", value[0]) }
+          end
+          filter "#{key}.none",
+                 apply: ->(records, value, _options) { records.where("#{field} IS NULL") }
+          filter "#{key}.not",
+                 apply: ->(records, value, _options) { value[0] ? records.where("#{field} <> ?", value[0]) : records.where("#{field} IS NOT NULL") }
+          filter "#{key}.nin",
+                 apply: ->(records, value, _options) { records.where("#{field} NOT IN (?)", value) }
+          filter "#{key}.in",
+                 apply: ->(records, value, _options) { records.where("#{field} IN (?)", value) }
+        end
+      end
+
+      def self.attribute_type(attribute)
+        _model_class.columns_hash[attribute.to_s]&.type || :string
+      rescue
+        :string
+      end
+
+      # If the code is loaded before table are created (during a schema:load for example) this will return false
+      def self.tables_exists?
+        @tables_exists = ActiveRecord::Base.connection.table_exists?('users') if @tables_exists.nil?
+        @tables_exists
+      end
+    end
+  end
+end

data/app/resources/maestrano/api/id_map_resource.rb

@@ -0,0 +1,38 @@
+module Maestrano
+  module Api
+    class IdMapResource < BaseResource
+      @model_class = Maestrano::Connector::Rails::IdMap
+
+      # == Attributes ===========================================================
+      attribute :connec_id
+      attribute :external_entity
+      attribute :external_id
+      attribute :name
+      attribute :message
+
+      all_filters
+
+      filter :uid, apply: lambda { |records, value, _options|
+        records.joins(:organization).where('organizations.uid = ?', value)
+      }
+      filter :external_entity
+
+      has_many :synchronizations
+
+      def account_linked?
+        @model.oauth_uid.present?
+      end
+
+      alias has_account_linked account_linked?
+
+      def account_creation_link
+        Maestrano::Connector::Rails::External.create_account_link(@model || nil)
+      end
+
+      def save
+        @model.tenant = context[:client]
+        super
+      end
+    end
+  end
+end

data/app/resources/maestrano/api/organization_resource.rb

@@ -0,0 +1,43 @@
+module Maestrano
+  module Api
+    class OrganizationResource < BaseResource
+      @model_class = Maestrano::Connector::Rails::Organization
+
+      # == Attributes ===========================================================
+      attribute :name
+      attribute :has_account_linked
+      attribute :uid
+      attribute :org_uid
+      attribute :account_creation_link
+      attribute :displayable_synchronized_entities
+      attribute :date_filtering_limit
+      attribute :tenant
+      attribute :provider
+      attribute :sync_enabled
+      attribute :entities_types
+
+      filter :uid
+
+      has_many :synchronizations
+
+      def account_linked?
+        @model.oauth_uid.present?
+      end
+
+      alias has_account_linked account_linked?
+
+      def account_creation_link
+        Maestrano::Connector::Rails::External.create_account_link(@model || nil)
+      end
+
+      def save
+        @model.tenant = context[:client]
+        super
+      end
+
+      def entities_types
+        ['All', *Maestrano::Connector::Rails::IdMap.uniq.pluck(:external_entity)]
+      end
+    end
+  end
+end

data/app/resources/maestrano/api/synchronization_resource.rb

@@ -0,0 +1,19 @@
+module Maestrano
+  module Api
+    class SynchronizationResource < BaseResource
+      @model_class = Maestrano::Connector::Rails::Synchronization
+
+      # == Attributes ===========================================================
+      attribute :status
+      attribute :message
+      attribute :updated_at
+      attribute :created_at
+
+      has_one :organization
+
+      filter :uid, apply: lambda { |records, value, _options|
+        records.joins(:organization).where('organizations.uid = ?', value)
+      }
+    end
+  end
+end

data/app/resources/maestrano/api/user_resource.rb

@@ -0,0 +1,23 @@
+module Maestrano
+  module Api
+    class UserResource < BaseResource
+      @model_class = Maestrano::Connector::Rails::User
+
+      # == Attributes ===========================================================
+      attribute :first_name
+      attribute :provider
+      attribute :last_name
+      attribute :email
+      attribute :tenant
+      attribute :uid
+
+      def save
+        @model.tenant = context[:client]
+        super
+        return unless org_uid == context.dig(:params, :org_uid)
+        org = Maestrano::Connector::Rails::Organization.find_by(org_uid: org_uid)
+        org.add_member(@model) unless !org || org.member?(@model)
+      end
+    end
+  end
+end

data/config/initializers/json_api.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# Configuration
+JSONAPI.configure do |config|
+  #:underscored_key, :camelized_key, :dasherized_key, or custom
+  config.json_key_format = :underscored_key
+
+  #:underscored_route, :camelized_route, :dasherized_route, or custom
+  config.route_format = :underscored_route
+
+  #:integer, :uuid, :string, or custom (provide a proc)
+  config.resource_key_type = :string
+
+  # optional request features
+  config.allow_include = true
+  config.allow_sort = true
+  config.allow_filter = true
+
+  # How to handle unsupported attributes and relationships which are provided in the request
+  # true => raises an error
+  # false => allows the request to continue. A warning is included in the response meta data indicating
+  # the fields which were ignored. This is useful for client libraries which send extra parameters.
+  config.raise_if_parameters_not_allowed = true
+
+  # :none, :offset, :paged, or a custom paginator name
+  config.default_paginator = :paged
+
+  # Output pagination links at top level
+  config.top_level_links_include_pagination = true
+
+  config.default_page_size = 30
+  config.maximum_page_size = 100
+
+  # Output the record count in top level meta data for find operations
+  config.top_level_meta_include_record_count = true
+  config.top_level_meta_record_count_key = :record_count
+
+  # For :paged paginators, the following are also available
+  config.top_level_meta_include_page_count = false
+  config.top_level_meta_page_count_key = :page_count
+
+  config.use_text_errors = false
+
+  # List of classes that should not be rescued by the operations processor.
+  # For example, if you use Pundit for authorization, you might
+  # raise a Pundit::NotAuthorizedError at some point during operations
+  # processing. If you want to use Rails' `rescue_from` macro to
+  # catch this error and render a 403 status code, you should add
+  # the `Pundit::NotAuthorizedError` to the `exception_class_whitelist`.
+  # Subclasses of the whitelisted classes will also be whitelisted.
+  config.exception_class_whitelist = []
+
+  # Resource Linkage
+  # Controls the serialization of resource linkage for non compound documents
+  # NOTE: always_include_to_many_linkage_data is not currently implemented
+  config.always_include_to_one_linkage_data = false
+
+  config.resource_cache = Rails.cache
+end

data/config/routes.rb

@@ -17,5 +17,16 @@ Maestrano::Connector::Rails::Engine.routes.draw do
         end
       end
     end
+
+    namespace :api do
+      get 'account/setup_form'
+      post 'account/link_account'
+      post 'account/unlink_account'
+
+      jsonapi_resources :organizations
+      jsonapi_resources :users
+      jsonapi_resources :synchronizations
+      jsonapi_resources :id_maps
+    end
   end
 end

data/lib/generators/connector/install_generator.rb

@@ -35,7 +35,7 @@ module Connector
 
     def copy_icons_and_logos
       copy_file 'logos/to_connec.png', 'app/assets/images/logos/to_connec.png'
-      copy_file 'logos/to_external.png', 'spec/assets/images/logos/to_external.png'
+      copy_file 'logos/to_external.png', 'app/assets/images/logos/to_external.png'
     end
 
     def copy_controllers_and_views
@@ -53,6 +53,9 @@ module Connector
       copy_file 'shared_entities_index.haml', 'app/views/shared_entities/index.html.haml'
 
       copy_file 'layouts.haml', 'app/views/layouts/application.html.haml'
+
+      mkdir_p 'app/controllers/maestrano/api'
+      copy_file 'account_controller.rb', 'app/controllers/maestrano/api/account_controller.rb'
     end
 
     def copy_stylesheets

data/lib/generators/connector/templates/account_controller.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Maestrano
+  module Api
+    class AccountController < ApiController
+      include Maestrano::Api::Concerns::AccountController
+
+      # def setup_form
+      # TODO return the json angular schema form
+      # that will be used for the user to link their account
+      # See https://github.com/json-schema-form/angular-schema-form/
+      # end
+
+      # def link_account
+      # TODO similar to oauth_controller#request, method that allows
+      # the user to link their account.
+      # Params will be the ones from the setup_form +
+      # 'org-uid': the channel_id (e.g: org-fbba)
+      # end
+    end
+  end
+end

data/lib/maestrano/connector/rails/version.rb

@@ -1,7 +1,7 @@
 module Maestrano
   module Connector
     module Rails
-      VERSION = '2.1.3'.freeze
+      VERSION = '2.2.0'.freeze
     end
   end
 end

data/lib/testing_support/shared_examples/json_api_controller.rb

@@ -0,0 +1,16 @@
+module JsonApiController
+  shared_examples 'an app IDM endpoint' do
+    subject { get :index }
+
+    context 'without authentication' do
+      it { is_expected.to have_http_status(:unauthorized), "response.code: #{response.code}" }
+    end
+
+    context 'with authentication' do
+      let(:config) { Maestrano.configs.values.first }
+      before { @request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64.encode64("#{config.param('api.id')}:#{config.param('api.key')}") }
+
+      it { is_expected.to have_http_status(:ok), "response.code: #{response.code}" }
+    end
+  end
+end

data/lib/testing_support/shared_examples/shared_pundit_example.rb

@@ -0,0 +1,12 @@
+module SharedPunditExample
+  shared_examples 'a model scoped to the tenant' do
+    let(:klass) { described_class.to_s.gsub('Policy', '').constantize }
+    let(:scope) { klass.all }
+
+    subject { described_class::Scope.new('default', scope).resolve }
+
+    context 'when scoped to the right tenant' do
+      it { is_expected.to eq([instance1]) }
+    end
+  end
+end

data/maestrano-connector-rails.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
     "README.md"
   ]
 
-  s.add_runtime_dependency('rails', '~> 4.2.7.1')
+  s.add_runtime_dependency('rails', '~> 4.2.9')
   s.add_runtime_dependency('maestrano-rails', '~> 1.0.4')
   s.add_runtime_dependency('attr_encrypted', '~> 1.4.0')
   s.add_runtime_dependency('autoprefixer-rails')
@@ -32,9 +32,11 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency('config')
   s.add_runtime_dependency('figaro')
   s.add_runtime_dependency('jquery-rails', '>= 4.0.4')
+  s.add_runtime_dependency('jsonapi-resources')
   s.add_runtime_dependency('haml-rails')
   s.add_runtime_dependency('hash_mapper', '>= 0.2.2')
-
+  s.add_runtime_dependency('pundit')
+  s.add_runtime_dependency('pundit-resources')
   s.add_runtime_dependency('sidekiq', '~> 4.2.9')
   s.add_runtime_dependency('sidekiq-cron')
   s.add_runtime_dependency('sidekiq-unique-jobs')
@@ -51,5 +53,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency('shoulda-matchers')
   s.add_development_dependency('simplecov', '>= 0')
   s.add_development_dependency('timecop')
-  s.add_development_dependency('webmock', '~> 1.24.1')
+  s.add_development_dependency('webmock')
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: maestrano-connector-rails
 version: !ruby/object:Gem::Version
-  version: 2.1.3
+  version: 2.2.0
 platform: ruby
 authors:
 - Maestrano
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-05 00:00:00.000000000 Z
+date: 2017-11-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.2.7.1
+        version: 4.2.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.2.7.1
+        version: 4.2.9
 - !ruby/object:Gem::Dependency
   name: maestrano-rails
   requirement: !ruby/object:Gem::Requirement
@@ -122,6 +122,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.0.4
+- !ruby/object:Gem::Dependency
+  name: jsonapi-resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: haml-rails
   requirement: !ruby/object:Gem::Requirement
@@ -150,6 +164,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.2.2
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pundit-resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sidekiq
   requirement: !ruby/object:Gem::Requirement
@@ -364,16 +406,16 @@ dependencies:
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.24.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.24.1
+        version: '0'
 description: Maestrano is the next generation marketplace for SME applications. See
   https://sme.maestrano.com for details.
 email: developers@maestrano.com
@@ -388,6 +430,7 @@ files:
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
 - ".ruby-version"
+- ".travis.yml"
 - CHANGELOG.md
 - CODESHIP.md
 - DEVELOPER.md
@@ -397,6 +440,13 @@ files:
 - Rakefile
 - app/controllers/maestrano/account/group_users_controller.rb
 - app/controllers/maestrano/account/groups_controller.rb
+- app/controllers/maestrano/api/account_controller.rb
+- app/controllers/maestrano/api/api_controller.rb
+- app/controllers/maestrano/api/concerns/account_controller.rb
+- app/controllers/maestrano/api/id_maps_controller.rb
+- app/controllers/maestrano/api/organizations_controller.rb
+- app/controllers/maestrano/api/synchronizations_controller.rb
+- app/controllers/maestrano/api/users_controller.rb
 - app/controllers/maestrano/application_controller.rb
 - app/controllers/maestrano/auth/saml_controller.rb
 - app/controllers/maestrano/connec_controller.rb
@@ -437,6 +487,17 @@ files:
 - app/models/maestrano/connector/rails/synchronization.rb
 - app/models/maestrano/connector/rails/user.rb
 - app/models/maestrano/connector/rails/user_organization_rel.rb
+- app/policies/maestrano/connector/rails/application_policy.rb
+- app/policies/maestrano/connector/rails/id_map_policy.rb
+- app/policies/maestrano/connector/rails/organization_policy.rb
+- app/policies/maestrano/connector/rails/synchronization_policy.rb
+- app/policies/maestrano/connector/rails/user_policy.rb
+- app/resources/maestrano/api/base_resource.rb
+- app/resources/maestrano/api/id_map_resource.rb
+- app/resources/maestrano/api/organization_resource.rb
+- app/resources/maestrano/api/synchronization_resource.rb
+- app/resources/maestrano/api/user_resource.rb
+- config/initializers/json_api.rb
 - config/routes.rb
 - db/migrate/20151122162100_create_users.rb
 - db/migrate/20151122162414_create_organizations.rb
@@ -455,6 +516,7 @@ files:
 - lib/generators/connector/USAGE
 - lib/generators/connector/complex_entity_generator.rb
 - lib/generators/connector/install_generator.rb
+- lib/generators/connector/templates/account_controller.rb
 - lib/generators/connector/templates/complex_entity_example/contact.rb
 - lib/generators/connector/templates/complex_entity_example/contact_and_lead.rb
 - lib/generators/connector/templates/complex_entity_example/contact_mapper.rb
@@ -488,6 +550,8 @@ files:
 - lib/maestrano/connector/rails/version.rb
 - lib/maestrano_connector_rails.rb
 - lib/maestrano_connector_rails/factories.rb
+- lib/testing_support/shared_examples/json_api_controller.rb
+- lib/testing_support/shared_examples/shared_pundit_example.rb
 - maestrano-connector-rails.gemspec
 - maestrano.png
 - release_notes.md
@@ -511,7 +575,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: Rails framework to build connector with Maestrano