passpartu 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +44 -9
- data/lib/passpartu/patcher.rb +25 -8
- data/lib/passpartu/{user.rb → test_user.rb} +10 -2
- data/lib/passpartu/validate_result.rb +2 -1
- data/lib/passpartu/verify.rb +15 -16
- data/lib/passpartu/version.rb +1 -1
- data/lib/passpartu.rb +60 -22
- data/passpartu.gemspec +7 -3
- metadata +69 -14
- data/lib/passpartu/check_waterfall.rb +0 -33
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f9a34533883b1c070612ecd73c34299a9c05f899e31256b8f51f0b9edf50c6e4
|
4
|
+
data.tar.gz: 625c359af9f1d4560f28d63fe47b426351f1cf7f5e0f68da3e7aaafb2bfec08f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bb08f025f855506ea084cf9010dddb38d6f9f499d12e837fb015bf061163b48b86312da2e20e3a223559ebf1800b1fd332adfecb7769e52e6fcd3cbbd503f717
|
7
|
+
data.tar.gz: b10e9806c7eb0dee1e0332b5f651a4ab82da93a52cf1c955681f3d3c5be9cb32fd4346dd18da26f5d7af78c0a6876b289ce075a01a1ba2049a5becd0f5d25afe
|
data/README.md
CHANGED
@@ -1,8 +1,14 @@
|
|
1
|
-
# Passpartu v1.0
|
1
|
+
# Passpartu v1.1.0 - [changelog](https://github.com/coaxsoft/passpartu/blob/master/CHANGELOG.md)
|
2
2
|
|
3
3
|
Passpartu makes policies great again (works awesome with [Pundit](https://rubygems.org/gems/pundit)).
|
4
4
|
|
5
|
+
### Tested with ruby:
|
6
|
+
- 3.1.1
|
7
|
+
- 3.0.0
|
8
|
+
- 2.7.3
|
9
|
+
|
5
10
|
Instead of this:
|
11
|
+
|
6
12
|
```ruby
|
7
13
|
class PostPolicy < ApplicationPolicy
|
8
14
|
def update?
|
@@ -12,6 +18,7 @@ end
|
|
12
18
|
```
|
13
19
|
|
14
20
|
just this:
|
21
|
+
|
15
22
|
```ruby
|
16
23
|
class PostPolicy < ApplicationPolicy
|
17
24
|
def update?
|
@@ -19,19 +26,24 @@ class PostPolicy < ApplicationPolicy
|
|
19
26
|
end
|
20
27
|
end
|
21
28
|
```
|
29
|
+
|
22
30
|
## Usage
|
31
|
+
|
23
32
|
Include `Passpartu` into your policy model.
|
33
|
+
|
24
34
|
```ruby
|
25
35
|
class User
|
26
36
|
include Passpartu
|
27
37
|
end
|
28
38
|
```
|
39
|
+
|
29
40
|
NOTE: Your `User` model must respond to `role` method that returns a string or a symbol!
|
30
41
|
|
31
42
|
Keep all your policies in one place.
|
32
43
|
Create `./config/passpartu.yml` and start writing your policies.
|
33
44
|
|
34
45
|
#### Example of `passpartu.yml`
|
46
|
+
|
35
47
|
```yml
|
36
48
|
# ./config/passpartu.yml
|
37
49
|
manager: &manager
|
@@ -65,18 +77,25 @@ admin:
|
|
65
77
|
```
|
66
78
|
|
67
79
|
## Features
|
68
|
-
|
80
|
+
|
81
|
+
### CRUD
|
82
|
+
|
69
83
|
It's possible to use `crud` key to set values for `create`, `read`, `update`, `delete` at once.
|
70
84
|
`create`, `read`, `update`, `delete` has higher priority than `crud`
|
85
|
+
|
71
86
|
In case `crud: true` and `delete: false` - result `false`
|
72
87
|
|
73
|
-
|
88
|
+
|
89
|
+
### Only
|
90
|
+
|
74
91
|
It's possible to include specific roles to checks
|
92
|
+
|
75
93
|
```ruby
|
76
94
|
user_admin.can?(:orders, :edit) # check policy for admin and returns true if policy true
|
77
95
|
user_admin.can?(:orders, :edit, only: :admin) # returns true because the user is an admin and we included only admin
|
78
96
|
user_manager.can?(:orders, :edit, only: :admin) # returns false because user is manager and we included only admin
|
79
97
|
```
|
98
|
+
|
80
99
|
It's possible to give an array as only attribute
|
81
100
|
|
82
101
|
```ruby
|
@@ -85,18 +104,21 @@ It's possible to give an array as only attribute
|
|
85
104
|
```
|
86
105
|
|
87
106
|
Note: `only` has higher priority than `except/skip`. Do not use both.
|
107
|
+
|
88
108
|
```ruby
|
89
109
|
user_admin.can?(:orders, :edit, only: :admin, except: :admin) # returns true
|
90
110
|
```
|
91
111
|
|
112
|
+
### Skip (except)
|
92
113
|
|
93
|
-
#### Skip (except)
|
94
114
|
It's possible to exclude roles from checks
|
115
|
+
|
95
116
|
```ruby
|
96
117
|
user_admin.can?(:orders, :edit) # check policy for admin and returns true if policy true
|
97
118
|
user_admin.can?(:orders, :edit, except: :admin) # returns false because user is admin and we excluded admin
|
98
119
|
|
99
120
|
```
|
121
|
+
|
100
122
|
It's possible to give an array as except attribute
|
101
123
|
|
102
124
|
```ruby
|
@@ -107,14 +129,17 @@ It's possible to give an array as except attribute
|
|
107
129
|
`skip` alias to `except`
|
108
130
|
|
109
131
|
Note: `expect` has higher priority than `skip`. Do not use both.
|
132
|
+
|
110
133
|
```ruby
|
111
134
|
user_agent.can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
|
112
135
|
# equals to
|
113
136
|
user_agent.can?(:orders, :edit, skip: [:admin, :manager]) { user_agent.orders.include?(order) }
|
114
137
|
```
|
115
138
|
|
116
|
-
|
139
|
+
### Per role methods
|
140
|
+
|
117
141
|
Check user roles AND policy rule
|
142
|
+
|
118
143
|
```ruby
|
119
144
|
# check if user admin AND returns true if policy true
|
120
145
|
user_admin.admin_can?(:orders, :edit) # true
|
@@ -123,7 +148,8 @@ Check user roles AND policy rule
|
|
123
148
|
user_admin.manager_can?(:orders, :edit) # false
|
124
149
|
```
|
125
150
|
|
126
|
-
|
151
|
+
### Code blocks
|
152
|
+
|
127
153
|
```ruby
|
128
154
|
# check rules as usual AND code in the block
|
129
155
|
user_agent.can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
|
@@ -132,8 +158,10 @@ Check user roles AND policy rule
|
|
132
158
|
user_agent.agent_can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
|
133
159
|
```
|
134
160
|
|
135
|
-
|
161
|
+
### Waterfall check
|
162
|
+
|
136
163
|
Allow or restrict absolutely everything for particular role or/and particular domain.
|
164
|
+
|
137
165
|
```ruby
|
138
166
|
# ./config/initializers/passpartu.rb
|
139
167
|
|
@@ -153,6 +181,7 @@ medium_looser:
|
|
153
181
|
delete: false
|
154
182
|
products: true
|
155
183
|
```
|
184
|
+
|
156
185
|
```ruby
|
157
186
|
user_super_admin.can?(:do, :whatever, :want) # true
|
158
187
|
user_super_loser.can?(:do, :whatever, :want) # false
|
@@ -161,10 +190,10 @@ user_medium_loser.can?(:orders, :delete) # false
|
|
161
190
|
user_medium_loser.can?(:products, :create) # true
|
162
191
|
user_medium_loser.can?(:products, :create, :and_delete) # true
|
163
192
|
```
|
193
|
+
#### Real life example
|
164
194
|
|
165
|
-
|
166
|
-
##### Real life example
|
167
195
|
You need to check custom rule for agent
|
196
|
+
|
168
197
|
```yml
|
169
198
|
# ./config/passpartu.yml
|
170
199
|
|
@@ -202,9 +231,14 @@ You can configure Passpartu by creating `./config/initializers/passpartu.rb`.
|
|
202
231
|
Passpartu.configure do |config|
|
203
232
|
config.policy_file = './config/passpartu.yml'
|
204
233
|
config.raise_policy_missed_error = true
|
234
|
+
config.check_waterfall = false
|
235
|
+
config.role_access_method = :role
|
205
236
|
end
|
237
|
+
|
206
238
|
```
|
239
|
+
|
207
240
|
### Raise policy missed errors
|
241
|
+
|
208
242
|
By default Passpartu will raise an PolicyMissedError if policy is missed in `passpartu.yml`. In initializer set `config.raise_policy_missed_error = false` in order to return `false` in case when policy is not defined. This is a good approach to write only "positive" policies (only true) and automatically restricts everything that is not mentioned in `passpartu.yml`
|
209
243
|
|
210
244
|
## Installation
|
@@ -244,4 +278,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
244
278
|
Everyone interacting in the Passpartu project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/coaxsoft/passpartu/blob/master/CODE_OF_CONDUCT.md).
|
245
279
|
|
246
280
|
## Idea
|
281
|
+
|
247
282
|
Initially designed and created by [Orest Falchuk](https://github.com/OrestF)
|
data/lib/passpartu/patcher.rb
CHANGED
@@ -3,6 +3,7 @@
|
|
3
3
|
module Passpartu
|
4
4
|
class Patcher
|
5
5
|
attr_reader :klass
|
6
|
+
|
6
7
|
def initialize(klass)
|
7
8
|
raise PolicyYmlNotFoundError if Passpartu.policy.nil?
|
8
9
|
|
@@ -14,18 +15,34 @@ module Passpartu
|
|
14
15
|
end
|
15
16
|
|
16
17
|
def call
|
18
|
+
phash = respond_to?(:policy_hash) ? {} : Passpartu.policy
|
19
|
+
role_method = Passpartu.config.role_access_method
|
20
|
+
|
17
21
|
klass.class_eval do
|
18
|
-
define_method(
|
19
|
-
Passpartu::BlockVerify.call(
|
22
|
+
define_method(:can?) do |*keys, only: nil, except: nil, skip: nil, &block|
|
23
|
+
Passpartu::BlockVerify.call(
|
24
|
+
send(role_method),
|
25
|
+
keys,
|
26
|
+
only: only,
|
27
|
+
except: except,
|
28
|
+
skip: skip,
|
29
|
+
policy_hash: phash,
|
30
|
+
&block
|
31
|
+
)
|
20
32
|
end
|
21
33
|
|
22
|
-
|
34
|
+
phash.each_key do |policy_role|
|
23
35
|
define_method("#{policy_role}_can?") do |*keys, only: nil, except: nil, skip: nil, &block|
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
36
|
+
send(role_method).to_s == policy_role &&
|
37
|
+
Passpartu::BlockVerify.call(
|
38
|
+
send(role_method),
|
39
|
+
keys,
|
40
|
+
only: only,
|
41
|
+
except: except,
|
42
|
+
skip: skip,
|
43
|
+
policy_hash: phash,
|
44
|
+
&block
|
45
|
+
)
|
29
46
|
end
|
30
47
|
end
|
31
48
|
end
|
@@ -3,7 +3,7 @@
|
|
3
3
|
# for testing only
|
4
4
|
|
5
5
|
module Passpartu
|
6
|
-
class
|
6
|
+
class TestUser
|
7
7
|
attr_reader :role
|
8
8
|
|
9
9
|
def initialize(role)
|
@@ -11,11 +11,19 @@ module Passpartu
|
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
14
|
-
class
|
14
|
+
class TestPerson
|
15
15
|
attr_reader :role
|
16
16
|
|
17
17
|
def initialize(role)
|
18
18
|
@role = role
|
19
19
|
end
|
20
20
|
end
|
21
|
+
|
22
|
+
class TestUserWithOtherRoleMethod
|
23
|
+
attr_reader :other_role_method
|
24
|
+
|
25
|
+
def initialize(role)
|
26
|
+
@other_role_method = role
|
27
|
+
end
|
28
|
+
end
|
21
29
|
end
|
@@ -5,6 +5,7 @@ module Passpartu
|
|
5
5
|
class PolicyMissedError < StandardError; end
|
6
6
|
|
7
7
|
attr_reader :result
|
8
|
+
|
8
9
|
def initialize(result)
|
9
10
|
@result = result
|
10
11
|
end
|
@@ -23,7 +24,7 @@ module Passpartu
|
|
23
24
|
private
|
24
25
|
|
25
26
|
def boolean?
|
26
|
-
[
|
27
|
+
[true, false].include?(result)
|
27
28
|
end
|
28
29
|
|
29
30
|
def raise_error?
|
data/lib/passpartu/verify.rb
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
|
2
|
+
require 'byebug'
|
3
3
|
module Passpartu
|
4
4
|
class Verify
|
5
5
|
CRUD_KEY = 'crud'
|
6
6
|
|
7
|
-
attr_reader :role, :keys, :result, :only, :except, :block
|
7
|
+
attr_reader :role, :keys, :result, :only, :except, :block, :policy_hash
|
8
8
|
|
9
|
-
def initialize(role, keys, only, except, skip, block)
|
9
|
+
def initialize(role, keys, only, except, skip, policy_hash, &block)
|
10
10
|
exclusion = except || skip # alias
|
11
11
|
|
12
12
|
@role = role.to_s
|
@@ -14,25 +14,26 @@ module Passpartu
|
|
14
14
|
@only = Array(only).map(&:to_s) if present?(only)
|
15
15
|
@except = Array(exclusion).map(&:to_s) if present?(exclusion) && !@only
|
16
16
|
@block = block
|
17
|
+
@policy_hash = deep_stringify_keys(policy_hash)
|
17
18
|
|
18
19
|
raise PolicyYmlNotFoundError if Passpartu.policy.nil?
|
19
20
|
end
|
20
21
|
|
21
|
-
def self.call(role, keys, only: nil, except: nil, skip: nil, &block)
|
22
|
-
new(role, keys, only, except, skip, block).call
|
22
|
+
def self.call(role, keys, only: nil, except: nil, skip: nil, policy_hash: Passpartu.policy, &block)
|
23
|
+
new(role, keys, only, except, skip, policy_hash, &block).call
|
23
24
|
end
|
24
25
|
|
25
26
|
def call
|
26
27
|
return false if role_ignore?
|
27
28
|
|
28
|
-
check_waterfall_if
|
29
29
|
default_check
|
30
30
|
check_crud_if
|
31
31
|
|
32
32
|
validate_result
|
33
33
|
rescue StandardError => e
|
34
34
|
if ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
|
35
|
-
raise WaterfallError
|
35
|
+
raise WaterfallError,
|
36
|
+
"Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
|
36
37
|
else
|
37
38
|
raise e
|
38
39
|
end
|
@@ -48,9 +49,7 @@ module Passpartu
|
|
48
49
|
end
|
49
50
|
|
50
51
|
def default_check
|
51
|
-
|
52
|
-
|
53
|
-
@result = Passpartu.policy.dig(role, *keys)
|
52
|
+
@result = policy_hash.dig(role, *keys)
|
54
53
|
end
|
55
54
|
|
56
55
|
def check_crud_if
|
@@ -72,12 +71,6 @@ module Passpartu
|
|
72
71
|
%w[create read update delete].include?(keys[-1])
|
73
72
|
end
|
74
73
|
|
75
|
-
def check_waterfall_if
|
76
|
-
return unless Passpartu.config.check_waterfall && policy_missed?
|
77
|
-
|
78
|
-
@result = Passpartu::CheckWaterfall.call(role, keys)
|
79
|
-
end
|
80
|
-
|
81
74
|
def blank?(item)
|
82
75
|
item.respond_to?(:empty?) ? !!item.empty? : !item
|
83
76
|
end
|
@@ -85,5 +78,11 @@ module Passpartu
|
|
85
78
|
def present?(item)
|
86
79
|
!blank?(item)
|
87
80
|
end
|
81
|
+
|
82
|
+
def deep_stringify_keys(hash)
|
83
|
+
return hash.deep_stringify_keys if hash.respond_to?(:deep_stringify_keys)
|
84
|
+
|
85
|
+
JSON.parse(JSON.dump(hash))
|
86
|
+
end
|
88
87
|
end
|
89
88
|
end
|
data/lib/passpartu/version.rb
CHANGED
data/lib/passpartu.rb
CHANGED
@@ -6,42 +6,42 @@ require_relative 'passpartu/patcher'
|
|
6
6
|
require_relative 'passpartu/verify'
|
7
7
|
require_relative 'passpartu/block_verify'
|
8
8
|
require_relative 'passpartu/validate_result'
|
9
|
-
require_relative 'passpartu/
|
10
|
-
require_relative 'passpartu/user' # for testing only
|
9
|
+
require_relative 'passpartu/test_user' # for testing only
|
11
10
|
|
12
11
|
module Passpartu
|
13
12
|
class Error < StandardError; end
|
14
13
|
class PolicyYmlNotFoundError < StandardError; end
|
15
14
|
class WaterfallError < StandardError; end
|
16
15
|
|
17
|
-
def self.included(policy_class)
|
18
|
-
Passpartu::Patcher.call(policy_class)
|
19
|
-
end
|
20
|
-
|
21
|
-
def self.policy
|
22
|
-
config.policy
|
23
|
-
end
|
24
|
-
|
25
16
|
class << self
|
26
17
|
attr_accessor :config
|
27
|
-
end
|
28
18
|
|
29
|
-
|
30
|
-
|
31
|
-
|
19
|
+
def included(policy_class)
|
20
|
+
Passpartu::Patcher.call(policy_class)
|
21
|
+
end
|
22
|
+
|
23
|
+
def policy
|
24
|
+
config.policy
|
25
|
+
end
|
26
|
+
|
27
|
+
def configure
|
28
|
+
self.config ||= Config.new
|
29
|
+
yield(config)
|
30
|
+
end
|
32
31
|
end
|
33
32
|
|
34
33
|
class Config
|
35
|
-
attr_accessor :
|
36
|
-
attr_reader :policy_file, :check_waterfall
|
34
|
+
attr_accessor :raise_policy_missed_error, :role_access_method
|
35
|
+
attr_reader :policy_file, :check_waterfall, :policy
|
37
36
|
|
38
37
|
DEFAULT_POLICY_FILE = './config/passpartu.yml'
|
39
38
|
|
40
39
|
def initialize
|
41
40
|
@policy_file = DEFAULT_POLICY_FILE
|
42
|
-
|
41
|
+
self.policy = load_policy_file(policy_file) if File.exist?(policy_file)
|
43
42
|
@raise_policy_missed_error = true
|
44
43
|
@check_waterfall = false
|
44
|
+
@role_access_method = :role
|
45
45
|
end
|
46
46
|
|
47
47
|
def policy_file=(file = nil)
|
@@ -49,18 +49,56 @@ module Passpartu
|
|
49
49
|
|
50
50
|
raise PolicyYmlNotFoundError unless File.exist?(policy_file)
|
51
51
|
|
52
|
-
|
52
|
+
self.policy = load_policy_file(policy_file)
|
53
53
|
end
|
54
54
|
|
55
55
|
def check_waterfall=(value)
|
56
56
|
@check_waterfall = value
|
57
|
-
@raise_policy_missed_error = false if @check_waterfall
|
58
57
|
|
59
|
-
@check_waterfall
|
58
|
+
@check_waterfall.tap do |check_waterfall|
|
59
|
+
if check_waterfall
|
60
|
+
@raise_policy_missed_error = false
|
61
|
+
self.policy = @policy
|
62
|
+
end
|
63
|
+
end
|
60
64
|
end
|
61
|
-
end
|
62
65
|
|
63
|
-
|
66
|
+
private
|
67
|
+
|
68
|
+
def load_policy_file(path)
|
69
|
+
RUBY_VERSION.to_f >= 3.1 ? YAML.load_file(path, aliases: true) : YAML.load_file(path)
|
70
|
+
end
|
71
|
+
|
72
|
+
def policy=(value)
|
73
|
+
@policy = patch_policy_booleans_if(value)
|
74
|
+
end
|
75
|
+
|
76
|
+
# patch all booleans in hash to support check_waterfall
|
77
|
+
def patch_policy_booleans_if(hash)
|
78
|
+
return hash unless @check_waterfall
|
79
|
+
|
80
|
+
hash.transform_values! do |value|
|
81
|
+
case value
|
82
|
+
when true
|
83
|
+
value.define_singleton_method(:dig) { |*_keys| true }
|
84
|
+
when false
|
85
|
+
value.define_singleton_method(:dig) { |*_keys| false }
|
86
|
+
else
|
87
|
+
patch_policy_booleans_if(value)
|
88
|
+
end
|
89
|
+
|
90
|
+
value
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
def blank?(item)
|
95
|
+
item.respond_to?(:empty?) ? !!item.empty? : !item
|
96
|
+
end
|
97
|
+
|
98
|
+
def present?(item)
|
99
|
+
!blank?(item)
|
100
|
+
end
|
101
|
+
end
|
64
102
|
end
|
65
103
|
|
66
104
|
initializer = './config/initializers/passpartu.rb'
|
data/passpartu.gemspec
CHANGED
@@ -38,7 +38,11 @@ Gem::Specification.new do |spec|
|
|
38
38
|
spec.require_paths = ['lib']
|
39
39
|
spec.files = Dir['README.md', 'lib/**/*', 'lib/*', 'passpartu.gemspec']
|
40
40
|
|
41
|
-
spec.add_development_dependency 'bundler', '~> 2.
|
42
|
-
spec.add_development_dependency '
|
43
|
-
spec.add_development_dependency '
|
41
|
+
spec.add_development_dependency 'bundler', '~> 2.3'
|
42
|
+
spec.add_development_dependency 'byebug'
|
43
|
+
spec.add_development_dependency 'rake', '~> 13.0'
|
44
|
+
spec.add_development_dependency 'rspec', '~> 3.11'
|
45
|
+
spec.add_development_dependency 'codecov', '~> 0.6'
|
46
|
+
spec.add_development_dependency 'dotenv', '~> 2.7'
|
47
|
+
spec.add_development_dependency 'simplecov', '~> 0.21'
|
44
48
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: passpartu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OrestF
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-04-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -16,42 +16,98 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '2.
|
19
|
+
version: '2.3'
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '2.
|
26
|
+
version: '2.3'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: byebug
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
27
41
|
- !ruby/object:Gem::Dependency
|
28
42
|
name: rake
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
30
44
|
requirements:
|
31
45
|
- - "~>"
|
32
46
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
47
|
+
version: '13.0'
|
34
48
|
type: :development
|
35
49
|
prerelease: false
|
36
50
|
version_requirements: !ruby/object:Gem::Requirement
|
37
51
|
requirements:
|
38
52
|
- - "~>"
|
39
53
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
54
|
+
version: '13.0'
|
41
55
|
- !ruby/object:Gem::Dependency
|
42
56
|
name: rspec
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
44
58
|
requirements:
|
45
59
|
- - "~>"
|
46
60
|
- !ruby/object:Gem::Version
|
47
|
-
version: '3.
|
61
|
+
version: '3.11'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '3.11'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: codecov
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0.6'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0.6'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: dotenv
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '2.7'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '2.7'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: simplecov
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0.21'
|
48
104
|
type: :development
|
49
105
|
prerelease: false
|
50
106
|
version_requirements: !ruby/object:Gem::Requirement
|
51
107
|
requirements:
|
52
108
|
- - "~>"
|
53
109
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
110
|
+
version: '0.21'
|
55
111
|
description: |-
|
56
112
|
Passpartu is a great tool to manage your policies.
|
57
113
|
Keep all your policy rules in one file - passpartu.yml.
|
@@ -64,9 +120,8 @@ files:
|
|
64
120
|
- README.md
|
65
121
|
- lib/passpartu.rb
|
66
122
|
- lib/passpartu/block_verify.rb
|
67
|
-
- lib/passpartu/check_waterfall.rb
|
68
123
|
- lib/passpartu/patcher.rb
|
69
|
-
- lib/passpartu/
|
124
|
+
- lib/passpartu/test_user.rb
|
70
125
|
- lib/passpartu/validate_result.rb
|
71
126
|
- lib/passpartu/verify.rb
|
72
127
|
- lib/passpartu/version.rb
|
@@ -75,7 +130,7 @@ homepage: https://github.com/coaxsoft/passpartu
|
|
75
130
|
licenses:
|
76
131
|
- MIT
|
77
132
|
metadata: {}
|
78
|
-
post_install_message:
|
133
|
+
post_install_message:
|
79
134
|
rdoc_options: []
|
80
135
|
require_paths:
|
81
136
|
- lib
|
@@ -90,8 +145,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
90
145
|
- !ruby/object:Gem::Version
|
91
146
|
version: '0'
|
92
147
|
requirements: []
|
93
|
-
rubygems_version: 3.
|
94
|
-
signing_key:
|
148
|
+
rubygems_version: 3.3.7
|
149
|
+
signing_key:
|
95
150
|
specification_version: 4
|
96
151
|
summary: Passpartu makes policies great again
|
97
152
|
test_files: []
|
@@ -1,33 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Passpartu
|
4
|
-
class CheckWaterfall
|
5
|
-
attr_reader :waterfall, :policy_hash
|
6
|
-
def initialize(role, keys)
|
7
|
-
@waterfall = [role] + keys
|
8
|
-
@policy_hash = Passpartu.policy
|
9
|
-
end
|
10
|
-
|
11
|
-
def self.call(role, keys)
|
12
|
-
new(role, keys).call
|
13
|
-
end
|
14
|
-
|
15
|
-
def call
|
16
|
-
patch_boolean_classes
|
17
|
-
@result = policy_hash.dig(*waterfall)
|
18
|
-
reset_boolean_classes
|
19
|
-
|
20
|
-
@result
|
21
|
-
end
|
22
|
-
|
23
|
-
def patch_boolean_classes
|
24
|
-
TrueClass.define_method(:dig) { |*_keys| true }
|
25
|
-
FalseClass.define_method(:dig) { |*_keys| false }
|
26
|
-
end
|
27
|
-
|
28
|
-
def reset_boolean_classes
|
29
|
-
TrueClass.undef_method(:dig)
|
30
|
-
FalseClass.undef_method(:dig)
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|