nexus_cqrs_auth 1.2.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/nexus_cqrs_auth/helper.rb +16 -7
- data/lib/nexus_cqrs_auth/permission_provider.rb +1 -1
- data/lib/nexus_cqrs_auth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a4e4dd0ea8f63b000ef78595be9e6241dc162d50e644c24c7291a8150fa6e98f
|
4
|
+
data.tar.gz: 6f14589729a606b05c4792d8b3e7ca04d182f2961c9454303a77c2a4ea138e48
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fd99e19cd0512e8905ae4d8d454ef6f70d428731e0d2b6afef7d3e7f023d91f5be2fb44443bcbdb2fec23c3fb67c2e0e635f1a8406a61d2bce153e10908f0aec
|
7
|
+
data.tar.gz: 0a47018533846a9c4500331e9c2ade3147d3059533f3dc2de1492a5d88d24c8c0f43520d6b1ec1bc4f777d4b542b54803708c47b19bdfe9619a85ff884904bb8
|
@@ -5,13 +5,22 @@ require 'strings-case'
|
|
5
5
|
module NexusCqrsAuth
|
6
6
|
include Pundit
|
7
7
|
def authorize(command, record, query = nil, policy_class: nil)
|
8
|
+
|
9
|
+
# Populate the query from the command, or the params if it's being overriden
|
8
10
|
query ||= Strings::Case.snakecase(command.demodularised_class_name) + '?'
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
11
|
+
|
12
|
+
# Retreive the policy class object from the type of record we are passing in
|
13
|
+
policy_class ||= PolicyFinder.new(record).policy
|
14
|
+
|
15
|
+
# Pull context variables from command
|
16
|
+
user = command.metadata[:current_user]
|
17
|
+
global_permissions = command.metadata[:global_permissions]
|
18
|
+
|
19
|
+
# Instantiate new policy class, with context
|
20
|
+
policy = policy_class.new(UserContext.new(user, global_permissions), record)
|
21
|
+
raise NotAuthorizedError, query: query, record: record, policy: policy unless policy.public_send(query)
|
22
|
+
|
23
|
+
record.is_a?(Array) ? record.last : record
|
15
24
|
end
|
16
25
|
|
17
26
|
# Helper method for creating a permissions provider object from a query object. This allows certain permissions
|
@@ -21,7 +30,7 @@ module NexusCqrsAuth
|
|
21
30
|
end
|
22
31
|
|
23
32
|
def pundit_user
|
24
|
-
|
33
|
+
nil
|
25
34
|
end
|
26
35
|
|
27
36
|
def current_user
|
@@ -22,7 +22,7 @@ module NexusCqrsAuth
|
|
22
22
|
# check entity-specific permissions
|
23
23
|
unless permission_model.nil?
|
24
24
|
return true if permission_model.where(permission: permission_key, entity_id: entity_id,
|
25
|
-
user_id: @user_id).exists?
|
25
|
+
user_id: @user_id.id).exists?
|
26
26
|
end
|
27
27
|
|
28
28
|
false
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nexus_cqrs_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Harrison
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-11-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nexus_cqrs
|