miau 1.1.1 → 1.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d207e809bfd3a605612092afc04287df2def3175e71a0a0b2c98c0ce491e1402
-  data.tar.gz: 4d5985b0b22a467848c0d5e1bc3fd14a22b3231b928e42fafa922f1faa5520fc
+  metadata.gz: 4ff4fcf400151bdd20347e5bc2cd8f215a11e8ea6b519840c6032ed3ac18a57b
+  data.tar.gz: bc678ee4c5c2029d66a5f9d7970ae81e0eb334bb4a493cde94f3445f5d1a9e25
 SHA512:
-  metadata.gz: ba62cbe78a200045d483bb6b3c544fdbd57aa1a7b24a20ed73b8d5a3304d31420d088441edee0c2d16feaa4223c468375f1e985a78e38263c427e6e139173d6f
-  data.tar.gz: ff00545b68b70128919cc417ba69906e38eaf5decab73681bed88dc291fc648e8cdfa0c40e32942d08ed82605384ad5c76dd0723514f2a95cf6ec7e8deefdb62
+  metadata.gz: a2f4c5d1a4b5947fe6d5ff836291909d5428de7e0745d7e50654327637b173c573646446c4846ca62789b1f590e13fe43f057fa82eac7a03c85faf7483115014
+  data.tar.gz: f87d22f71705710792a13a2490d71a632a3c55fd0f40bd7cf5e342d58b58c6066777e23dab777af0a0e674103182dec768caf04a73d9f6db58a35ed5453f2e9a

data/.github/workflows/rake.yml

@@ -8,7 +8,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby_version: ["3.0", "3.2", head]
+        ruby_version: ["3.0", 3.2, 3.3]
         gemfile:
           - Gemfile
           - gemfiles/Gemfile.rails-7.1

data/.gitignore

@@ -1,7 +1,10 @@
 /.bundle/
-/Gemfile.lock
+/tmp/
 /coverage/
-.watchr
+/.watchr
 
-/doc/
-/tmp/
+*.gem
+*.log
+*.lock
+
+**/db/test.sqlite*

data/Gemfile

@@ -1,10 +1,12 @@
 source "https://rubygems.org"
-
 gemspec
 
+gem "rails"
+
 group :test do
+  gem "benchmark-ips"
   gem "observr"
-  gem "standard", require: false
+  gem "ricecream"
   gem "simplecov", require: false
-  gem "benchmark-ips"
+  gem "standard", require: false
 end

data/Gemfile.lock

@@ -1,12 +1,75 @@
 PATH
   remote: .
   specs:
-    miau (1.1.1)
-      activesupport
+    miau (1.1.6)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actioncable (7.1.2)
+      actionpack (= 7.1.2)
+      activesupport (= 7.1.2)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+      zeitwerk (~> 2.6)
+    actionmailbox (7.1.2)
+      actionpack (= 7.1.2)
+      activejob (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
+      mail (>= 2.7.1)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.1.2)
+      actionpack (= 7.1.2)
+      actionview (= 7.1.2)
+      activejob (= 7.1.2)
+      activesupport (= 7.1.2)
+      mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
+      rails-dom-testing (~> 2.2)
+    actionpack (7.1.2)
+      actionview (= 7.1.2)
+      activesupport (= 7.1.2)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    actiontext (7.1.2)
+      actionpack (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
+      globalid (>= 0.6.0)
+      nokogiri (>= 1.8.5)
+    actionview (7.1.2)
+      activesupport (= 7.1.2)
+      builder (~> 3.1)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (7.1.2)
+      activesupport (= 7.1.2)
+      globalid (>= 0.3.6)
+    activemodel (7.1.2)
+      activesupport (= 7.1.2)
+    activerecord (7.1.2)
+      activemodel (= 7.1.2)
+      activesupport (= 7.1.2)
+      timeout (>= 0.4.0)
+    activestorage (7.1.2)
+      actionpack (= 7.1.2)
+      activejob (= 7.1.2)
+      activerecord (= 7.1.2)
+      activesupport (= 7.1.2)
+      marcel (~> 1.0)
     activesupport (7.1.2)
       base64
       bigdecimal
@@ -25,27 +88,116 @@ GEM
     base64 (0.2.0)
     benchmark-ips (2.13.0)
     bigdecimal (3.1.5)
+    builder (3.2.4)
+    combustion (1.3.7)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
+      thor (>= 0.14.6)
     concurrent-ruby (1.2.2)
     connection_pool (2.4.1)
+    crass (1.0.6)
+    date (3.3.4)
     docile (1.4.0)
     drb (2.2.0)
       ruby2_keywords
+    erubi (1.12.0)
+    globalid (1.2.1)
+      activesupport (>= 6.1)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
+    io-console (0.7.1)
+    irb (1.11.1)
+      rdoc
+      reline (>= 0.4.2)
     json (2.7.1)
     language_server-protocol (3.17.0.3)
     lint_roller (1.1.0)
-    minitest (5.20.0)
+    loofah (2.22.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mail (2.8.1)
+      mini_mime (>= 0.1.1)
+      net-imap
+      net-pop
+      net-smtp
+    marcel (1.0.2)
+    mini_mime (1.1.5)
+    minitest (5.21.1)
     mutex_m (0.2.0)
+    net-imap (0.4.9.1)
+      date
+      net-protocol
+    net-pop (0.1.2)
+      net-protocol
+    net-protocol (0.2.2)
+      timeout
+    net-smtp (0.4.0.1)
+      net-protocol
+    nio4r (2.7.0)
+    nokogiri (1.16.0-aarch64-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.0-arm-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.0-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.0-x86-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.0-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.0-x86_64-linux)
+      racc (~> 1.4)
     observr (1.0.5)
     parallel (1.24.0)
-    parser (3.3.0.0)
+    parser (3.3.0.3)
       ast (~> 2.4.1)
       racc
+    psych (5.1.2)
+      stringio
     racc (1.7.3)
+    rack (3.0.8)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
+    rack-test (2.1.0)
+      rack (>= 1.3)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails (7.1.2)
+      actioncable (= 7.1.2)
+      actionmailbox (= 7.1.2)
+      actionmailer (= 7.1.2)
+      actionpack (= 7.1.2)
+      actiontext (= 7.1.2)
+      actionview (= 7.1.2)
+      activejob (= 7.1.2)
+      activemodel (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
+      bundler (>= 1.15.0)
+      railties (= 7.1.2)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
+    railties (7.1.2)
+      actionpack (= 7.1.2)
+      activesupport (= 7.1.2)
+      irb
+      rackup (>= 1.0.0)
+      rake (>= 12.2)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
     rainbow (3.1.1)
     rake (13.1.0)
-    regexp_parser (2.8.3)
+    rdoc (6.6.2)
+      psych (>= 4.0.0)
+    regexp_parser (2.9.0)
+    reline (0.4.2)
+      io-console (~> 0.5)
     rexml (3.2.6)
     ricecream (0.2.1)
     rubocop (1.59.0)
@@ -61,7 +213,7 @@ GEM
       unicode-display_width (>= 2.4.0, < 3.0)
     rubocop-ast (1.30.0)
       parser (>= 3.2.1.0)
-    rubocop-performance (1.20.1)
+    rubocop-performance (1.20.2)
       rubocop (>= 1.48.1, < 2.0)
       rubocop-ast (>= 1.30.0, < 2.0)
     ruby-progressbar (1.13.0)
@@ -72,6 +224,12 @@ GEM
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
+    sqlite3 (1.7.0-aarch64-linux)
+    sqlite3 (1.7.0-arm-linux)
+    sqlite3 (1.7.0-arm64-darwin)
+    sqlite3 (1.7.0-x86-linux)
+    sqlite3 (1.7.0-x86_64-darwin)
+    sqlite3 (1.7.0-x86_64-linux)
     standard (1.33.0)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
@@ -81,26 +239,40 @@ GEM
     standard-custom (1.0.2)
       lint_roller (~> 1.0)
       rubocop (~> 1.50)
-    standard-performance (1.3.0)
+    standard-performance (1.3.1)
       lint_roller (~> 1.1)
-      rubocop-performance (~> 1.20.1)
+      rubocop-performance (~> 1.20.2)
+    stringio (3.1.0)
     thor (1.3.0)
+    timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
+    webrick (1.8.1)
+    websocket-driver (0.7.6)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
+    zeitwerk (2.6.12)
 
 PLATFORMS
-  ruby
+  aarch64-linux
+  arm-linux
+  arm64-darwin
+  x86-linux
+  x86_64-darwin
   x86_64-linux
 
 DEPENDENCIES
   appraisal
   benchmark-ips
+  combustion
   miau!
   minitest
   observr
+  rails
   ricecream
   simplecov
+  sqlite3
   standard
 
 BUNDLED WITH

data/README.md

@@ -44,13 +44,12 @@ end
 ```ruby
 # app/policies/application_policy.rb             # app/policies/posts_policy.rb
   class ApplicationPolicy                          class PostsPolicy < ApplicationPolicy
-    attr_reader :user, :resource                     ...
+    attr_reader :user, :resource, :action                     ...
                                                      def update
-    def initalize(user, resource)                      user.admin? && resource.published?
-      @user = user                                   end
-      @resource = resource                           ...
-    end                                            end
-  end
+    ...                                                user.admin? && resource.published?
+  end                                                end
+                                                     ...
+                                                   end
 ```
 
 "authorize!" will raise an exception (which can be handled by "rescue")
@@ -67,6 +66,8 @@ a corresponding policy method is called.
 
 The policy method has access to the "user" and the "resource".
 
+The "controller" policy method has access to the "user" and the "action".
+
 "user" is set by the default method "miau_user" (can be overwritten) as:
 
 ```ruby

data/Rakefile

@@ -1,12 +1,10 @@
-require "rubygems"
-require "bundler/gem_tasks"
 require "rake/testtask"
 
-desc "Run all tests"
+desc "Run the tests."
 Rake::TestTask.new do |t|
-  t.libs.push "test"
-  t.pattern = "test/*_test.rb"
+  t.libs << "test"
+  t.pattern = "test/**/*_test.rb"
+  t.verbose = false
 end
 
-desc "Default: run unit tests."
 task default: :test

data/gemfiles/rails_6.1.gemfile

@@ -6,10 +6,11 @@ gem "rails", "~> 6.1"
 gem "dryer-config", "~> 6.0"
 
 group :test do
+  gem "benchmark-ips"
   gem "observr"
-  gem "standard", require: false
+  gem "ricecream"
   gem "simplecov", require: false
-  gem "benchmark-ips"
+  gem "standard", require: false
 end
 
 gemspec path: "../"

data/gemfiles/rails_7.0.gemfile

@@ -6,10 +6,11 @@ gem "rails", "~> 7.0"
 gem "dryer-config", "~> 7.0"
 
 group :test do
+  gem "benchmark-ips"
   gem "observr"
-  gem "standard", require: false
+  gem "ricecream"
   gem "simplecov", require: false
-  gem "benchmark-ips"
+  gem "standard", require: false
 end
 
 gemspec path: "../"

data/gemfiles/rails_7.1.gemfile

@@ -5,10 +5,11 @@ source "https://rubygems.org"
 gem "rails", "~> 7.1"
 
 group :test do
+  gem "benchmark-ips"
   gem "observr"
-  gem "standard", require: false
+  gem "ricecream"
   gem "simplecov", require: false
-  gem "benchmark-ips"
+  gem "standard", require: false
 end
 
 gemspec path: "../"

data/lib/miau/application_policy.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class ApplicationPolicy
-  attr_accessor :user, :resource
+  attr_accessor :user, :resource, :action
 
   def self.miau(actions, meth = nil, &block)
     kls = name.underscore[0..-8] # remove "_policy"

data/lib/miau/run.rb

@@ -7,7 +7,7 @@ module Miau
   class PolicyRun
     include Singleton
 
-    # return instance of policy (may be nil) and the method
+    # return method[s]
     # klass and action are symbols
     # Priority:
     #   - method of <klass>Policy
@@ -17,7 +17,7 @@ module Miau
     #   - nil
     # returns method_name[s]
 
-    def find_policy(policy, klass, action)
+    def find_methods(policy, klass, action)
       return action if policy.respond_to?(action)
 
       hsh = PolicyStorage.instance.policies[klass]
@@ -26,22 +26,23 @@ module Miau
       hsh[action]
     end
 
-    def run(klass, action, user, resource)
-      policy = PolicyStorage.instance.find_or_create_policy(klass)
-      meth = find_policy policy, klass, action if policy
-      meth ||= find_policy ApplicationPolicy, :application, action
+    def runs(policy, actions)
+      [actions].flatten.each { |action|
+        raise_undef(policy, action) unless policy&.respond_to?(action)
 
-      unless meth
-        msg = "class <#{klass}> action <#{action}>"
-        raise NotDefinedError, msg
-      end
-
-      policy.user = user
-      policy.resource = resource
-      [meth].flatten.each { |m|
-        return false unless policy.send(m)
+        return false unless policy.send(action)
       }
       true
     end
+
+    def raise_undef(policy, action)
+      msg = "NotDefined policy <#{policy}> action <#{action}>"
+      raise NotDefinedError, msg
+    end
+
+    def raise_authorize(controller, action)
+      msg = "NotAuthorized controller <#{controller}> action <#{action}>"
+      raise NotAuthorizedError, msg
+    end
   end
 end

data/lib/miau/storage.rb

@@ -18,7 +18,7 @@ module Miau
     #   }
     # }
     attr_reader :policies
-    attr_reader :instances # { posts: PostsPolicy.new }
+    attr_reader :instances # e.g. { posts: PostsPolicy.new }
 
     def initialize
       reset
@@ -38,7 +38,7 @@ module Miau
       end
 
       if meth.is_a?(Array)
-        meths = [meth].flatten.collect { |m| m.to_sym }
+        meths = [meth].flatten.collect(&:to_sym)
         @policies[kls][action] = meths
       else
         @policies[kls][action] = meth.to_sym

data/lib/miau/version.rb

@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module Miau
-  VERSION = "1.1.1" # 2024-01-06
+  VERSION = "1.1.6" # 2024-01-13
+  # VERSION = "1.1.1" # 2024-01-06
   # VERSION = "1.1.0" # 2024-01-06
   # VERSION = "1.0.3" # 2023-12-13
   # VERSION = "1.0.2" # 2023-11-05

data/lib/miau.rb

@@ -21,14 +21,36 @@ module Miau
     @_miau_authorization_performed = true
     return true if authorized?(resource, hsh)
 
-    klass, action = klass_action
-    msg = "class <#{klass} action <#{action}>"
-    raise NotAuthorizedError, msg
+    controller = params[:controller].to_sym
+    action = params[:action].to_sym
+    PolicyRun.instance.raise_authorize(controller, action)
   end
 
   def authorized?(resource = nil, hsh = {})
-    klass, action = klass_action
-    PolicyRun.instance.run(klass, action, miau_user, resource)
+    controller = params[:controller].to_sym
+    action = params[:action].to_sym
+    policy = PolicyStorage.instance.find_or_create_policy(controller)
+    PolicyRun.instance.raise_undef(policy, action) unless policy
+
+    policy.user = miau_user
+    policy.resource = resource
+    methods = PolicyRun.instance.find_methods(policy, controller, action)
+    PolicyRun.instance.raise_undef(policy, action) unless methods
+
+    PolicyRun.instance.runs(policy, methods)
+  end
+
+  def authorize_controller!
+    controller = params[:controller].to_sym
+    action = params[:action].to_sym
+    policy = PolicyStorage.instance.find_or_create_policy(controller)
+    policy.user = miau_user
+    policy.action = action
+
+    @_miau_authorization_performed = true
+    return true if PolicyRun.instance.runs(policy, :controller)
+
+    PolicyRun.instance.raise_authorize policy, action
   end
 
   def miau_user
@@ -42,18 +64,4 @@ module Miau
   def miau_authorization_performed?
     !!@_miau_authorization_performed
   end
-
-  def authorize_controller!
-    name = params[:controller].to_sym
-    policy = PolicyStorage.instance.find_or_create_policy(name)
-    raise NotDefinedError unless policy&.respond_to?(:controller)
-
-    policy.send(:controller)
-  end
-
-  private
-
-  def klass_action
-    [params[:controller].to_sym, params[:action].to_sym]
-  end
 end

data/miau.gemspec

@@ -8,22 +8,20 @@ Gem::Specification.new do |s|
   s.license = "MIT"
 
   s.description = <<~EOS
-    MIAU (MIcro AUthorization) provides a set of helpers which restricts what
-    resources a given user is allowed to access.
+    MIAU (MIcro AUthorization) provides some helpers which
+    raises an exception if a given user violates a policy.
   EOS
 
-  s.executables = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  s.require_paths = ["lib"]
-
   s.authors = ["Dittmar Krall"]
   s.email = "dittmar.krall@matiq.com"
   s.homepage = "https://github.com/matique/miau"
 
-  s.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|features)/}) }
-
-  s.add_runtime_dependency "activesupport"
+  s.files = `git ls-files`.split("\n")
+  s.require_paths = ["lib"]
 
   s.add_development_dependency "appraisal"
+  s.add_development_dependency "combustion"
   s.add_development_dependency "minitest"
   s.add_development_dependency "ricecream"
+  s.add_development_dependency "sqlite3"
 end

data/test/authorization_test.rb

@@ -0,0 +1,28 @@
+require "test_helper"
+
+describe Miau, "performed authorization" do
+  let(:user) { "User" }
+  let(:post) { Post.new(user, 1) }
+  let(:params) { {action: "si", controller: "posts"} }
+  let(:posts_controller) { PostsController.new(user, params) }
+
+  def test_does_nothing_when_authorized
+    posts_controller.authorize!(post)
+    posts_controller.verify_authorized
+  end
+
+  def test_exception_when_not_authorized
+    assert_raises(Miau::AuthorizationNotPerformedError) {
+      posts_controller.verify_authorized
+    }
+  end
+
+  def test_authorization_performed
+    posts_controller.authorize!(post)
+    assert posts_controller.miau_authorization_performed?
+  end
+
+  def test_authorization_not_performed
+    refute posts_controller.miau_authorization_performed?
+  end
+end

data/test/benchmark_test.rb

@@ -0,0 +1,34 @@
+require "test_helper"
+require "benchmark"
+require "benchmark/ips"
+
+describe "Internal timings" do
+  let(:user) { "User" }
+  let(:params) { {action: "si", controller: "posts"} }
+  let(:posts_controller) { PostsController.new(user, params) }
+  let(:storage) { Miau::PolicyStorage.instance }
+
+  # run_flag = true
+  run_flag ||= false
+
+  it "times ips" do
+    return unless run_flag
+
+    Benchmark.ips do |x|
+      x.report("empty       ") {}
+      x.report("authorize!  ") { posts_controller.authorize! }
+      x.report("authorized? ") { posts_controller.authorized? }
+      # x.report("PostsPolicy.new") { PostsPolicy.new }
+      # x.report("find_or_create_policy") {
+      #   storage.find_or_create_policy "application"
+      # }
+      # x.report("name & constantize.new") {
+      #   klass = :posts
+      #   name = "#{klass.to_s.camelcase}Policy"
+      #   name.constantize.new
+      # }
+
+      x.compare!
+    end
+  end
+end