miau 0.1.2 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rake.yml +1 -1
- data/.ruby-gemset +1 -1
- data/.ruby-version +1 -1
- data/Gemfile.lock +15 -53
- data/LICENSE +1 -1
- data/README.md +25 -10
- data/lib/miau/application_policy.rb +11 -0
- data/lib/miau/storage.rb +73 -16
- data/lib/miau/version.rb +2 -1
- data/lib/miau.rb +2 -2
- data/miau.gemspec +1 -6
- metadata +5 -60
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9f13c1ca4815ddfd75626afa968a0a5544facd84bd57e1d2f12c7c537fc5a1c2
|
4
|
+
data.tar.gz: 424d58b4351a0f6c6c84e3e16940ca7bc38f175af133bfb7f49550b3fb5a2645
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: de5c532eda2225455344017188f2e298bd57b4d8039a36a5e07234e04f44f9be485f1f33f7106c99df4e62340e7c102d8431d9585c25680e50c8b7c44413c333
|
7
|
+
data.tar.gz: 68f1825816a29c44ebb6c6597d8c9d93c2f7b751bb284a73b8e60f859060ea93d66d48881073ed42c804b6484145e296b1e1ef1010c3ba898d67e7a3f505c661
|
data/.github/workflows/rake.yml
CHANGED
@@ -13,7 +13,7 @@ jobs:
|
|
13
13
|
os: [ubuntu-latest]
|
14
14
|
# Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
|
15
15
|
# ruby: [2.5, 2.6, 2.7, '3.0', head, jruby, jruby-head, truffleruby, truffleruby-head]
|
16
|
-
ruby: ["2.7.2", "
|
16
|
+
ruby: ["2.7.2", "3.0.1", 3.1.0]
|
17
17
|
test_command: ["bundle exec rake test"]
|
18
18
|
runs-on: ${{ matrix.os }}
|
19
19
|
|
data/.ruby-gemset
CHANGED
@@ -1 +1 @@
|
|
1
|
-
rails-
|
1
|
+
rails-7.0
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
ruby-3.0
|
1
|
+
ruby-3.1.0
|
data/Gemfile.lock
CHANGED
@@ -1,78 +1,45 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
miau (0.
|
4
|
+
miau (1.0.0)
|
5
5
|
activesupport
|
6
6
|
|
7
7
|
GEM
|
8
8
|
remote: https://rubygems.org/
|
9
9
|
specs:
|
10
|
-
|
11
|
-
actionview (= 6.1.4.1)
|
12
|
-
activesupport (= 6.1.4.1)
|
13
|
-
rack (~> 2.0, >= 2.0.9)
|
14
|
-
rack-test (>= 0.6.3)
|
15
|
-
rails-dom-testing (~> 2.0)
|
16
|
-
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
17
|
-
actionview (6.1.4.1)
|
18
|
-
activesupport (= 6.1.4.1)
|
19
|
-
builder (~> 3.1)
|
20
|
-
erubi (~> 1.4)
|
21
|
-
rails-dom-testing (~> 2.0)
|
22
|
-
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
23
|
-
activemodel (6.1.4.1)
|
24
|
-
activesupport (= 6.1.4.1)
|
25
|
-
activesupport (6.1.4.1)
|
10
|
+
activesupport (7.0.1)
|
26
11
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
27
12
|
i18n (>= 1.6, < 2)
|
28
13
|
minitest (>= 5.1)
|
29
14
|
tzinfo (~> 2.0)
|
30
|
-
zeitwerk (~> 2.3)
|
31
15
|
ast (2.4.2)
|
32
16
|
benchmark-ips (2.9.2)
|
33
|
-
builder (3.2.4)
|
34
17
|
concurrent-ruby (1.1.9)
|
35
|
-
crass (1.0.6)
|
36
18
|
docile (1.4.0)
|
37
|
-
erubi (1.10.0)
|
38
19
|
i18n (1.8.11)
|
39
20
|
concurrent-ruby (~> 1.0)
|
40
|
-
|
41
|
-
crass (~> 1.0.2)
|
42
|
-
nokogiri (>= 1.5.9)
|
43
|
-
minitest (5.14.4)
|
44
|
-
nokogiri (1.12.5-x86_64-linux)
|
45
|
-
racc (~> 1.4)
|
21
|
+
minitest (5.15.0)
|
46
22
|
observr (1.0.5)
|
47
23
|
parallel (1.21.0)
|
48
|
-
parser (3.0.
|
24
|
+
parser (3.1.0.0)
|
49
25
|
ast (~> 2.4.1)
|
50
|
-
|
51
|
-
rack (2.2.3)
|
52
|
-
rack-test (1.1.0)
|
53
|
-
rack (>= 1.0, < 3)
|
54
|
-
rails-dom-testing (2.0.3)
|
55
|
-
activesupport (>= 4.2.0)
|
56
|
-
nokogiri (>= 1.6)
|
57
|
-
rails-html-sanitizer (1.4.2)
|
58
|
-
loofah (~> 2.3)
|
59
|
-
rainbow (3.0.0)
|
26
|
+
rainbow (3.1.1)
|
60
27
|
rake (13.0.6)
|
61
28
|
regexp_parser (2.2.0)
|
62
29
|
rexml (3.2.5)
|
63
|
-
ricecream (0.2.
|
64
|
-
rubocop (1.
|
30
|
+
ricecream (0.2.1)
|
31
|
+
rubocop (1.25.0)
|
65
32
|
parallel (~> 1.10)
|
66
|
-
parser (>= 3.
|
33
|
+
parser (>= 3.1.0.0)
|
67
34
|
rainbow (>= 2.2.2, < 4.0)
|
68
35
|
regexp_parser (>= 1.8, < 3.0)
|
69
36
|
rexml
|
70
|
-
rubocop-ast (>= 1.
|
37
|
+
rubocop-ast (>= 1.15.1, < 2.0)
|
71
38
|
ruby-progressbar (~> 1.7)
|
72
39
|
unicode-display_width (>= 1.4.0, < 3.0)
|
73
|
-
rubocop-ast (1.
|
40
|
+
rubocop-ast (1.15.1)
|
74
41
|
parser (>= 3.0.1.1)
|
75
|
-
rubocop-performance (1.
|
42
|
+
rubocop-performance (1.13.2)
|
76
43
|
rubocop (>= 1.7.0, < 2.0)
|
77
44
|
rubocop-ast (>= 0.4.0)
|
78
45
|
ruby-progressbar (1.11.0)
|
@@ -82,24 +49,19 @@ GEM
|
|
82
49
|
simplecov_json_formatter (~> 0.1)
|
83
50
|
simplecov-html (0.12.3)
|
84
51
|
simplecov_json_formatter (0.1.3)
|
85
|
-
standard (1.
|
86
|
-
rubocop (= 1.
|
87
|
-
rubocop-performance (= 1.
|
52
|
+
standard (1.7.0)
|
53
|
+
rubocop (= 1.25.0)
|
54
|
+
rubocop-performance (= 1.13.2)
|
88
55
|
tzinfo (2.0.4)
|
89
56
|
concurrent-ruby (~> 1.0)
|
90
57
|
unicode-display_width (2.1.0)
|
91
|
-
zeitwerk (2.5.1)
|
92
58
|
|
93
59
|
PLATFORMS
|
94
60
|
x86_64-linux
|
95
61
|
|
96
62
|
DEPENDENCIES
|
97
|
-
actionpack
|
98
|
-
activemodel
|
99
63
|
benchmark-ips
|
100
|
-
bundler
|
101
64
|
miau!
|
102
|
-
minitest
|
103
65
|
observr
|
104
66
|
rake
|
105
67
|
ricecream
|
@@ -107,4 +69,4 @@ DEPENDENCIES
|
|
107
69
|
standard
|
108
70
|
|
109
71
|
BUNDLED WITH
|
110
|
-
2.
|
72
|
+
2.3.3
|
data/LICENSE
CHANGED
data/README.md
CHANGED
@@ -2,7 +2,7 @@ Miau
|
|
2
2
|
====
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/miau.png)](http://badge.fury.io/rb/miau)
|
4
4
|
|
5
|
-
Miau (MIcro AUthorization) is a simple authorization
|
5
|
+
Miau (MIcro AUthorization) is a simple authorization gem for Rails
|
6
6
|
inspired by Pundit and Banken.
|
7
7
|
Miau provides a set of helpers which restricts what resources
|
8
8
|
a given user is allowed to access.
|
@@ -14,7 +14,6 @@ Installation
|
|
14
14
|
# Gemfile
|
15
15
|
gem "miau"
|
16
16
|
~~~
|
17
|
-
|
18
17
|
and run "bundle install".
|
19
18
|
|
20
19
|
Usage (as intended)
|
@@ -51,11 +50,6 @@ end
|
|
51
50
|
@user = user end
|
52
51
|
@resource = resource ...
|
53
52
|
end end
|
54
|
-
...
|
55
|
-
def update
|
56
|
-
false
|
57
|
-
end
|
58
|
-
...
|
59
53
|
end
|
60
54
|
~~~
|
61
55
|
|
@@ -64,6 +58,7 @@ in case a policy returns "false" or isn't available.
|
|
64
58
|
|
65
59
|
"authorized?" will return the value of the policy.
|
66
60
|
|
61
|
+
"app/policies/application_policy.rb" is included in the gem.
|
67
62
|
|
68
63
|
Internals
|
69
64
|
---------
|
@@ -84,7 +79,7 @@ The policy method has access to the "user" and the "resource".
|
|
84
79
|
...
|
85
80
|
~~~
|
86
81
|
|
87
|
-
The default value for "policy" is inferred from "params[:controller]"
|
82
|
+
The default value for "policy" is inferred from "params[:controller]",
|
88
83
|
i.e. "authorize!" called from "PostsController" will
|
89
84
|
set the "policy" to "PostsPolicy".
|
90
85
|
|
@@ -95,7 +90,7 @@ The default value for "action" is set by "params[:action]".
|
|
95
90
|
A full blown sample :
|
96
91
|
|
97
92
|
~~~
|
98
|
-
authorize! article, policy: :
|
93
|
+
authorize! article, policy: :posts, action: :show
|
99
94
|
~~~
|
100
95
|
|
101
96
|
Usage (more elaborated)
|
@@ -132,10 +127,30 @@ Rescue's may be inserted previously in the exception chain.
|
|
132
127
|
|
133
128
|
"verify_authorized" checks that an "authorize!" has been called.
|
134
129
|
|
130
|
+
DRYing
|
131
|
+
------
|
132
|
+
|
133
|
+
~~~ ruby
|
134
|
+
# app/policies/posts_policy.rb --> # app/policies/posts_policy.rb
|
135
|
+
class PostsPolicy < ApplicationPolicy class PostsPolicy < ApplicationPolicy
|
136
|
+
def new miau %i[create edit], :new
|
137
|
+
user.admin? && Time.now.monday?
|
138
|
+
end def new
|
139
|
+
user.admin? && Time.now.monday?
|
140
|
+
def create end
|
141
|
+
user.admin? && Time.now.monday? ...
|
142
|
+
end end
|
143
|
+
|
144
|
+
def edit
|
145
|
+
user.admin? && Time.now.monday?
|
146
|
+
end
|
147
|
+
...
|
148
|
+
end
|
149
|
+
~~~
|
135
150
|
|
136
151
|
PORO
|
137
152
|
----
|
138
|
-
Miau is a
|
153
|
+
Miau is a small gem, it just provides a few helpers.
|
139
154
|
All of the policy classes are just plain Ruby classes,
|
140
155
|
allowing DRY, encapsulation, aliasing and inheritance.
|
141
156
|
|
data/lib/miau/storage.rb
CHANGED
@@ -6,37 +6,94 @@ module Miau
|
|
6
6
|
class PolicyStorage
|
7
7
|
include Singleton
|
8
8
|
|
9
|
+
# Example @policies:
|
10
|
+
# {
|
11
|
+
# posts: {
|
12
|
+
# delete: :delete,
|
13
|
+
# remove: :delete
|
14
|
+
# },
|
15
|
+
# application: {
|
16
|
+
# admin: :check
|
17
|
+
# }
|
18
|
+
# }
|
9
19
|
attr_reader :policies
|
20
|
+
attr_reader :instances # { posts: PostsPolicy.new }
|
10
21
|
|
11
22
|
def initialize
|
23
|
+
reset
|
24
|
+
end
|
25
|
+
|
26
|
+
def reset
|
12
27
|
@policies = {}
|
28
|
+
@instances = {}
|
29
|
+
end
|
30
|
+
|
31
|
+
def add(klass, action, meth)
|
32
|
+
kls = klass.name.underscore[0..-8] # remove "_policy"
|
33
|
+
kls = kls.to_sym
|
34
|
+
@policies[kls] ||= {}
|
35
|
+
@instances[kls] ||= klass.new
|
36
|
+
@policies[kls][action.to_sym] = meth.to_sym
|
37
|
+
end
|
38
|
+
|
39
|
+
# return instance of policy (may be nil) and the method
|
40
|
+
# klass and action are symbols
|
41
|
+
# Priority:
|
42
|
+
# - method of <klass>Policy
|
43
|
+
# - method of <klass>Policy specified by "miau action, method"
|
44
|
+
# - method of ApplicationPolicy (independent of klass)
|
45
|
+
# - method of ApplicationPolicy specified by "miau action, method"
|
46
|
+
# - nil
|
47
|
+
|
48
|
+
# returns policy: [instance, method]
|
49
|
+
def find_policy(klass, action)
|
50
|
+
kls = instance_of(klass)
|
51
|
+
act = policy_method(klass, action)
|
52
|
+
return [kls, act] if kls.respond_to?(act)
|
53
|
+
|
54
|
+
klass = :application
|
55
|
+
kls = instance_of(klass)
|
56
|
+
act = policy_method(klass, action)
|
57
|
+
return [kls, act] if kls.respond_to?(act)
|
58
|
+
|
59
|
+
# return nil
|
13
60
|
end
|
14
61
|
|
15
62
|
def run(klass, action, user, resource)
|
16
|
-
|
17
|
-
|
63
|
+
arr = find_policy(klass, action)
|
64
|
+
unless arr
|
65
|
+
msg = "class <#{klass}> action <#{action}>"
|
66
|
+
raise Miau::NotDefinedError, msg
|
67
|
+
end
|
68
|
+
|
69
|
+
policy, meth = arr
|
70
|
+
policy.user = user
|
71
|
+
policy.resource = resource
|
72
|
+
policy.send(meth)
|
73
|
+
end
|
18
74
|
|
19
|
-
|
20
|
-
|
75
|
+
def to_yaml
|
76
|
+
"# === @policies ===\n" + YAML.dump(@policies) +
|
77
|
+
"# === @instances ===\n" + YAML.dump(@instances)
|
21
78
|
end
|
22
79
|
|
23
80
|
private
|
24
81
|
|
25
|
-
def
|
26
|
-
|
27
|
-
if
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
end
|
82
|
+
def instance_of(klass)
|
83
|
+
res = @instances[klass]
|
84
|
+
return res if res
|
85
|
+
|
86
|
+
name = "#{klass.to_s.camelcase}Policy"
|
87
|
+
return nil unless Object.const_defined?(name)
|
32
88
|
|
33
|
-
|
89
|
+
@instances[klass] = name.constantize.new
|
34
90
|
end
|
35
91
|
|
36
|
-
def
|
37
|
-
|
38
|
-
|
39
|
-
|
92
|
+
def policy_method(klass, action)
|
93
|
+
act = @policies[klass]
|
94
|
+
return action unless act
|
95
|
+
|
96
|
+
act[action] || action
|
40
97
|
end
|
41
98
|
end
|
42
99
|
end
|
data/lib/miau/version.rb
CHANGED
data/lib/miau.rb
CHANGED
@@ -4,6 +4,7 @@ require "active_support/concern"
|
|
4
4
|
require "miau/version"
|
5
5
|
require "miau/error"
|
6
6
|
require "miau/storage"
|
7
|
+
require "miau/application_policy"
|
7
8
|
|
8
9
|
module Miau
|
9
10
|
extend ActiveSupport::Concern
|
@@ -49,10 +50,9 @@ module Miau
|
|
49
50
|
|
50
51
|
def klass_action(hsh)
|
51
52
|
klass = hsh[:class]
|
52
|
-
klass ||= params[:controller]
|
53
|
+
klass ||= params[:controller]
|
53
54
|
action = hsh[:action]
|
54
55
|
action ||= params[:action]
|
55
|
-
|
56
56
|
[klass, action]
|
57
57
|
end
|
58
58
|
end
|
data/miau.gemspec
CHANGED
@@ -18,17 +18,12 @@ Gem::Specification.new do |s|
|
|
18
18
|
|
19
19
|
s.authors = ["Dittmar Krall"]
|
20
20
|
s.email = "dittmar.krall@matique.com"
|
21
|
-
s.homepage = "https://
|
21
|
+
s.homepage = "https://matique.com"
|
22
22
|
|
23
23
|
s.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|features)/}) }
|
24
24
|
|
25
25
|
s.add_runtime_dependency "activesupport"
|
26
|
-
|
27
|
-
s.add_development_dependency "activemodel"
|
28
|
-
s.add_development_dependency "actionpack"
|
29
|
-
s.add_development_dependency "bundler"
|
30
26
|
s.add_development_dependency "rake"
|
31
27
|
|
32
|
-
s.add_development_dependency "minitest"
|
33
28
|
s.add_development_dependency "ricecream"
|
34
29
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: miau
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dittmar Krall
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -24,48 +24,6 @@ dependencies:
|
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: activemodel
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: actionpack
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - ">="
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - ">="
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: bundler
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - ">="
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - ">="
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
69
27
|
- !ruby/object:Gem::Dependency
|
70
28
|
name: rake
|
71
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -80,20 +38,6 @@ dependencies:
|
|
80
38
|
- - ">="
|
81
39
|
- !ruby/object:Gem::Version
|
82
40
|
version: '0'
|
83
|
-
- !ruby/object:Gem::Dependency
|
84
|
-
name: minitest
|
85
|
-
requirement: !ruby/object:Gem::Requirement
|
86
|
-
requirements:
|
87
|
-
- - ">="
|
88
|
-
- !ruby/object:Gem::Version
|
89
|
-
version: '0'
|
90
|
-
type: :development
|
91
|
-
prerelease: false
|
92
|
-
version_requirements: !ruby/object:Gem::Requirement
|
93
|
-
requirements:
|
94
|
-
- - ">="
|
95
|
-
- !ruby/object:Gem::Version
|
96
|
-
version: '0'
|
97
41
|
- !ruby/object:Gem::Dependency
|
98
42
|
name: ricecream
|
99
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -127,11 +71,12 @@ files:
|
|
127
71
|
- README.md
|
128
72
|
- Rakefile
|
129
73
|
- lib/miau.rb
|
74
|
+
- lib/miau/application_policy.rb
|
130
75
|
- lib/miau/error.rb
|
131
76
|
- lib/miau/storage.rb
|
132
77
|
- lib/miau/version.rb
|
133
78
|
- miau.gemspec
|
134
|
-
homepage: https://
|
79
|
+
homepage: https://matique.com
|
135
80
|
licenses:
|
136
81
|
- MIT
|
137
82
|
metadata:
|
@@ -151,7 +96,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
151
96
|
- !ruby/object:Gem::Version
|
152
97
|
version: '0'
|
153
98
|
requirements: []
|
154
|
-
rubygems_version: 3.
|
99
|
+
rubygems_version: 3.3.3
|
155
100
|
signing_key:
|
156
101
|
specification_version: 4
|
157
102
|
summary: Simple and lightweight authorization solution for Rails.
|