passpartu 1.1.1 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +19 -1
  3. data/lib/passpartu/block_verify.rb +10 -0
  4. data/lib/passpartu/patcher.rb +3 -4
  5. data/lib/passpartu/validate_result.rb +7 -6
  6. data/lib/passpartu/verify.rb +5 -7
  7. data/lib/passpartu/version.rb +1 -1
  8. data/lib/passpartu.rb +2 -0
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 10de14cce11b5f7b38f3ff759c2d24b5a7044744f137b5f2e46ab65975b5b6c2
4
- data.tar.gz: 7731b1ad92a9f96da5f54c1d2f018f0925297464c15fdfc5aa7bdc464da637a6
3
+ metadata.gz: 396d094c919ae767cf6653747b219b0018a95c0672fd8beb9da5c1f0c64fd7c6
4
+ data.tar.gz: fdca15a751308a1c2a6bcf818f21572b7cb1a8e95a8f59c8f363d5431758375a
5
5
  SHA512:
6
- metadata.gz: 6b5072898c8144f59252a1b74fd10c671a84b328d9920344eaf7ceca7ace5c642faea0a782cc114ec240db3552cf14549cd094a555c545566a5df5c0a46eba31
7
- data.tar.gz: 4424887961ea98e0b405c4f0768a9c0a7a6e3280a4e131c805d0b7b5ba3aa18fa52fb826f8f0fca55e80ee10b9acdce97639b71c595a259a6b09d9486b2b8811
6
+ metadata.gz: 9e548a9a7493741c606bfdb93f6bbe90a082496e76b739645d658e91b531671170053fb1342272d76e5116093184d548aef593c11cbb1e715227427be295d637
7
+ data.tar.gz: e945766a4d0157bc22ce976a4552fd72b62c2ffc5a153c1e1c44fd9dc5996c88f729bc2eba49b6fbc90d6f6472aaf6e46fedc7c52db687aed8d2aa433bc20708
data/README.md CHANGED
@@ -87,7 +87,6 @@ It's possible to use `crud` key to set values for `create`, `read`, `update`, `d
87
87
 
88
88
  In case `crud: true` and `delete: false` - result `false`
89
89
 
90
-
91
90
  ### Only
92
91
 
93
92
  It's possible to include specific roles to checks
@@ -160,6 +159,25 @@ Check user roles AND policy rule
160
159
  user_agent.agent_can?(:orders, :edit, except: [:admin, :manager]) { user_agent.orders.include?(order) }
161
160
  ```
162
161
 
162
+ ### 'Maybe' option
163
+
164
+ Option 'maybe' means that user can do something if the block returns true. In this case block is required
165
+ and error is raised when option is maybe and no block given.
166
+
167
+ ```yml
168
+ manager:
169
+ products:
170
+ create: true
171
+ delete: false
172
+ bookings:
173
+ update: maybe
174
+ ```
175
+
176
+ ```ruby
177
+ manager.can?(:bookings, :update) # raises error
178
+ manager.can?(:bookings, :update) { user.bookings.include?(booking) } # returns true or false
179
+ ```
180
+
163
181
  ### Waterfall check
164
182
 
165
183
  Allow or restrict absolutely everything for particular role or/and particular domain.
data/lib/passpartu/block_verify.rb CHANGED
@@ -2,11 +2,21 @@
2
2
 
3
3
  module Passpartu
4
4
  class BlockVerify < ::Passpartu::Verify
5
+ class BlockMissedError < StandardError; end
6
+ MAYBE_VALUE = 'maybe'
7
+
5
8
  def call
6
9
  policy_result = super
10
+ raise BlockMissedError, "Block is required for 'maybe' allowed resource" if maybe? && block.nil?
7
11
  return policy_result if block.nil?
8
12
 
9
13
  policy_result && block.call
10
14
  end
15
+
16
+ private
17
+
18
+ def maybe?
19
+ result == MAYBE_VALUE
20
+ end
11
21
  end
12
22
  end
data/lib/passpartu/patcher.rb CHANGED
@@ -15,7 +15,6 @@ module Passpartu
15
15
  end
16
16
 
17
17
  def call
18
- phash = respond_to?(:policy_hash) ? {} : Passpartu.policy
19
18
  role_method = Passpartu.config.role_access_method
20
19
 
21
20
  klass.class_eval do
@@ -26,12 +25,12 @@ module Passpartu
26
25
  only: only,
27
26
  except: except,
28
27
  skip: skip,
29
- policy_hash: phash,
28
+ policy_hash: -> { respond_to?(:policy_hash) ? policy_hash : Passpartu.policy }.call,
30
29
  &block
31
30
  )
32
31
  end
33
32
 
34
- phash.each_key do |policy_role|
33
+ Passpartu.policy.each_key do |policy_role|
35
34
  define_method("#{policy_role}_can?") do |*keys, only: nil, except: nil, skip: nil, &block|
36
35
  send(role_method).to_s == policy_role &&
37
36
  Passpartu::BlockVerify.call(
@@ -40,7 +39,7 @@ module Passpartu
40
39
  only: only,
41
40
  except: except,
42
41
  skip: skip,
43
- policy_hash: phash,
42
+ policy_hash: -> { respond_to?(:policy_hash) ? policy_hash : Passpartu.policy }.call,
44
43
  &block
45
44
  )
46
45
  end
data/lib/passpartu/validate_result.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  module Passpartu
4
4
  class ValidateResult
5
5
  class PolicyMissedError < StandardError; end
6
+ class InvalidResultError < StandardError; end
6
7
 
7
8
  attr_reader :result
8
9
 
@@ -15,20 +16,20 @@ module Passpartu
15
16
  end
16
17
 
17
18
  def call
18
- raise PolicyMissedError if raise_error?
19
- return false unless boolean?
19
+ raise PolicyMissedError if raise_policy_missed_error?
20
+ return false if result_not_defined?
20
21
 
21
22
  result
22
23
  end
23
24
 
24
25
  private
25
26
 
26
- def boolean?
27
- [true, false].include?(result)
27
+ def raise_policy_missed_error?
28
+ result_not_defined? && Passpartu.config.raise_policy_missed_error
28
29
  end
29
30
 
30
- def raise_error?
31
- !boolean? && Passpartu.config.raise_policy_missed_error
31
+ def result_not_defined?
32
+ result.nil? || result.is_a?(Hash)
32
33
  end
33
34
  end
34
35
  end
data/lib/passpartu/verify.rb CHANGED
@@ -31,12 +31,10 @@ module Passpartu
31
31
 
32
32
  validate_result
33
33
  rescue StandardError => e
34
- if ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
35
- raise WaterfallError,
36
- "Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
37
- else
38
- raise e
39
- end
34
+ raise e unless ['TrueClass does not have #dig method', 'FalseClass does not have #dig method'].include?(e.message)
35
+
36
+ raise WaterfallError,
37
+ "Looks like you want to use check_waterfall feature, but it's set to 'false'. Otherwise check your #{Passpartu.config.policy_file} for validness"
40
38
  end
41
39
 
42
40
  private
@@ -49,7 +47,7 @@ module Passpartu
49
47
  end
50
48
 
51
49
  def default_check
52
- @result = policy_hash.dig(role, *keys)
50
+ @result = policy_hash.has_key?(role) ? policy_hash.dig(role, *keys) : policy_hash.dig(*keys)
53
51
  end
54
52
 
55
53
  def check_crud_if
data/lib/passpartu/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Passpartu
4
- VERSION = '1.1.1'
4
+ VERSION = '1.2.1'
5
5
  end
data/lib/passpartu.rb CHANGED
@@ -83,6 +83,8 @@ module Passpartu
83
83
  value.define_singleton_method(:dig) { |*_keys| true }
84
84
  when false
85
85
  value.define_singleton_method(:dig) { |*_keys| false }
86
+ when 'maybe'
87
+ value.define_singleton_method(:dig) { |*_keys| 'maybe' }
86
88
  else
87
89
  patch_policy_booleans_if(value)
88
90
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passpartu
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - OrestF
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-03-23 00:00:00.000000000 Z
11
+ date: 2023-10-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
145
  - !ruby/object:Gem::Version
146
146
  version: '0'
147
147
  requirements: []
148
- rubygems_version: 3.4.6
148
+ rubygems_version: 3.4.21
149
149
  signing_key:
150
150
  specification_version: 4
151
151
  summary: Passpartu makes policies great again