passpartu 1.1.1 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +19 -1
  3. data/lib/passpartu/block_verify.rb +10 -0
  4. data/lib/passpartu/patcher.rb +3 -4
  5. data/lib/passpartu/validate_result.rb +7 -6
  6. data/lib/passpartu/verify.rb +5 -7
  7. data/lib/passpartu/version.rb +1 -1
  8. data/lib/passpartu.rb +2 -0
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 10de14cce11b5f7b38f3ff759c2d24b5a7044744f137b5f2e46ab65975b5b6c2
4
- data.tar.gz: 7731b1ad92a9f96da5f54c1d2f018f0925297464c15fdfc5aa7bdc464da637a6
3
+ metadata.gz: 396d094c919ae767cf6653747b219b0018a95c0672fd8beb9da5c1f0c64fd7c6
4
+ data.tar.gz: fdca15a751308a1c2a6bcf818f21572b7cb1a8e95a8f59c8f363d5431758375a
5
5
  SHA512:
6
- metadata.gz: 6b5072898c8144f59252a1b74fd10c671a84b328d9920344eaf7ceca7ace5c642faea0a782cc114ec240db3552cf14549cd094a555c545566a5df5c0a46eba31
7
- data.tar.gz: 4424887961ea98e0b405c4f0768a9c0a7a6e3280a4e131c805d0b7b5ba3aa18fa52fb826f8f0fca55e80ee10b9acdce97639b71c595a259a6b09d9486b2b8811
6
+ metadata.gz: 9e548a9a7493741c606bfdb93f6bbe90a082496e76b739645d658e91b531671170053fb1342272d76e5116093184d548aef593c11cbb1e715227427be295d637
7
+ data.tar.gz: e945766a4d0157bc22ce976a4552fd72b62c2ffc5a153c1e1c44fd9dc5996c88f729bc2eba49b6fbc90d6f6472aaf6e46fedc7c52db687aed8d2aa433bc20708
data/README.md CHANGED
@@ -87,7 +87,6 @@ It's possible to use `crud` key to set values for `create`, `read`, `update`, `d
87
87
 
88
88
  In case `crud: true` and `delete: false` - result `false`
89
89
 
90
-
91
90
  ### Only
92
91
 
93
92
  It's possible to include specific roles to checks
@@ -160,6 +159,25 @@ Check user roles AND policy rule
160
159
  user_agent.agent_can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
161
160
  ```
162
161
 
162
+ ### 'Maybe' option
163
+
164
+ Option 'maybe' means that user can do something if the block returns true. In this case block is required
165
+ and error is raised when option is maybe and no block given.
166
+
167
+ ```yml
168
+ manager:
169
+ products:
170
+ create: true
171
+ delete: false
172
+ bookings:
173
+ update: maybe
174
+ ```
175
+
176
+ ```ruby
177
+ manager.can?(:bookings, :update) # raises error
178
+ manager.can?(:bookings, :update) { user.bookings.include?(booking) } # returns true or false
179
+ ```
180
+
163
181
  ### Waterfall check
164
182
 
165
183
  Allow or restrict absolutely everything for particular role or/and particular domain.
data/lib/passpartu/block_verify.rb CHANGED
@@ -2,11 +2,21 @@
2
2
 
3
3
  module Passpartu
4
4
  class BlockVerify < ::Passpartu::Verify
5
+ class BlockMissedError < StandardError; end
6
+ MAYBE_VALUE = 'maybe'
7
+
5
8
  def call
6
9
  policy_result = super
10
+ raise BlockMissedError, "Block is required for 'maybe' allowed resource" if maybe? && block.nil?
7
11
  return policy_result if block.nil?
8
12
 
9
13
  policy_result && block.call
10
14
  end
15
+
16
+ private
17
+
18
+ def maybe?
19
+ result == MAYBE_VALUE
20
+ end
11
21
  end
12
22
  end
data/lib/passpartu/patcher.rb CHANGED
@@ -15,7 +15,6 @@ module Passpartu
15
15
  end
16
16
 
17
17
  def call
18
- phash = respond_to?(:policy_hash) ? {} : Passpartu.policy
19
18
  role_method = Passpartu.config.role_access_method
20
19
 
21
20
  klass.class_eval do
@@ -26,12 +25,12 @@ module Passpartu
26
25
  only: only,
27
26
  except: except,
28
27
  skip: skip,
29
- policy_hash: phash,
28
+ policy_hash: -> { respond_to?(:policy_hash) ? policy_hash : Passpartu.policy }.call,
30
29
  &block
31
30
  )
32
31
  end
33
32
 
34
- phash.each_key do |policy_role|
33
+ Passpartu.policy.each_key do |policy_role|
35
34
  define_method("#{policy_role}_can?") do |*keys, only: nil, except: nil, skip: nil, &block|
36
35
  send(role_method).to_s == policy_role &&
37
36
  Passpartu::BlockVerify.call(
@@ -40,7 +39,7 @@ module Passpartu
40
39
  only: only,
41
40
  except: except,
42
41
  skip: skip,
43
- policy_hash: phash,
42
+ policy_hash: -> { respond_to?(:policy_hash) ? policy_hash : Passpartu.policy }.call,
44
43
  &block
45
44
  )
46
45
  end
data/lib/passpartu/validate_result.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  module Passpartu
4
4
  class ValidateResult
5
5
  class PolicyMissedError < StandardError; end
6
+ class InvalidResultError < StandardError; end
6
7
 
7
8
  attr_reader :result
8
9
 
@@ -15,20 +16,20 @@ module Passpartu
15
16
  end
16
17
 
17
18
  def call
18
- raise PolicyMissedError if raise_error?
19
- return false unless boolean?
19
+ raise PolicyMissedError if raise_policy_missed_error?
20
+ return false if result_not_defined?
20
21
 
21
22
  result
22
23
  end
23
24
 
24
25
  private
25
26
 
26
- def boolean?
27
- [true, false].include?(result)
27
+ def raise_policy_missed_error?
28
+ result_not_defined? && Passpartu.config.raise_policy_missed_error
28
29
  end
29
30
 
30
- def raise_error?
31
- !boolean? && Passpartu.config.raise_policy_missed_error
31
+ def result_not_defined?
32
+ result.nil? || result.is_a?(Hash)
32
33
  end
33
34
  end
34
35
  end
data/lib/passpartu/verify.rb CHANGED
@@ -31,12 +31,10 @@ module Passpartu
31
31
 
32
32
  validate_result
33
33
  rescue StandardError => e
34
- if ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
35
- raise WaterfallError,
36
- "Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
37
- else
38
- raise e
39
- end
34
+ raise e unless ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
35
+
36
+ raise WaterfallError,
37
+ "Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
40
38
  end
41
39
 
42
40
  private
@@ -49,7 +47,7 @@ module Passpartu
49
47
  end
50
48
 
51
49
  def default_check
52
- @result = policy_hash.dig(role, *keys)
50
+ @result = policy_hash.has_key?(role) ? policy_hash.dig(role, *keys) : policy_hash.dig(*keys)
53
51
  end
54
52
 
55
53
  def check_crud_if
data/lib/passpartu/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Passpartu
4
- VERSION = '1.1.1'
4
+ VERSION = '1.2.1'
5
5
  end
data/lib/passpartu.rb CHANGED
@@ -83,6 +83,8 @@ module Passpartu
83
83
  value.define_singleton_method(:dig) { |*_keys| true }
84
84
  when false
85
85
  value.define_singleton_method(:dig) { |*_keys| false }
86
+ when 'maybe'
87
+ value.define_singleton_method(:dig) { |*_keys| 'maybe' }
86
88
  else
87
89
  patch_policy_booleans_if(value)
88
90
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passpartu
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - OrestF
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-03-23 00:00:00.000000000 Z
11
+ date: 2023-10-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
145
  - !ruby/object:Gem::Version
146
146
  version: '0'
147
147
  requirements: []
148
- rubygems_version: 3.4.6
148
+ rubygems_version: 3.4.21
149
149
  signing_key:
150
150
  specification_version: 4
151
151
  summary: Passpartu makes policies great again