permits 0.1.4 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81ac6b69542c7d7b1f09688cbe4beb0896990b297c6057f2c714eccf479d1682
-  data.tar.gz: d3a0f82e5a9d7d2167a33f945b1cd6017451aea44912826c35da02aa84f01055
+  metadata.gz: 17d6289fc58da4116cf85b5cf7853ebfe67d6366a4e9c96b64b0d0d42533d1a4
+  data.tar.gz: '08f713827ae201b471163040ce273e2b7f5beb5e59f31c9af0d808e3d1248f7e'
 SHA512:
-  metadata.gz: 5e8cd3716c4741fa257cdee4bb9f5e205c7706266bc4d0cb9414223923e799daa14b730e62908f0d855dcc19727e3bf1ce27656c609bf562aac74059b1373e13
-  data.tar.gz: 98450a579ce833d512cd4b358c5f311e697c99d770471408297aed2892380d54c06374f4514834009d4b2f62243dd2512f73a4a3724e0bb1aed9cad22e916db6
+  metadata.gz: 45c24dc5c7c076e30644f57a9779d50d252551921fa3e7eb7de6d21fe588f5e5217c5f90638cf98bc570ec9daf75526f910f0f015bf4e72ec923e860f0ecb420
+  data.tar.gz: 4bec82908bb725ea9a36fac20d0d1ee091923509b2f3a52b2ce59649fb011a586e67e70c7d93e3ad1ce480f496432af84354787ea285753a75bc8eda67d3b8a3

data/README.md

@@ -76,6 +76,23 @@ CustomPolicy.authorize!(owner, resource, :some_action)
 CustomPolicy.authorized?(owner, resource, :some_action)
 ```
 
+### Invites
+`Permits` provides a simple pre-permissioned Invite system, with a `Permits::Invite` model, a `Permits::Form::NewInviteForm` form object for creating new invites, and a `Permits::Form::InviteForm` form object for accepting, declining and revoking invites. Invites can be pre-assigned permissions, so that when the invite is accepted, the invitee is automatically granted the permissions.
+
+```irb
+group = Group.create(name: "Group 1")
+group_user = User.create(name: "User 1")
+user_permission = Permits::Permission.create(owner: group_user, resource: group, action: :super_user)
+
+NewInviteForm.new(
+  invited_by: group_user,
+  email: "invitee@email-address.com",
+  permission_attributes: {
+    group => [:read, :edit]
+  }
+).save!
+```
+
 ## Installation
 Add this line to your application's Gemfile:
 

data/Rakefile

@@ -1,19 +1,19 @@
-require 'rake'
+require "rake"
 
 begin
-  require 'bundler/setup'
+  require "bundler/setup"
   Bundler::GemHelper.install_tasks
 rescue LoadError
-  puts 'although not required, bundler is recommended for running the tests'
+  puts "although not required, bundler is recommended for running the tests"
 end
 
 task default: :spec
 
-require 'rspec/core/rake_task'
+require "rspec/core/rake_task"
 RSpec::Core::RakeTask.new(:spec)
 
-require 'rubocop/rake_task'
+require "rubocop/rake_task"
 RuboCop::RakeTask.new do |task|
-  task.requires << 'rubocop-performance'
-  task.requires << 'rubocop-rspec'
+  task.requires << "rubocop-performance"
+  task.requires << "rubocop-rspec"
 end

data/lib/generators/permits/install/install_generator.rb

@@ -5,6 +5,7 @@ module Permits
 
       def copy_application_policy
         template "create_permits_permissions.rb", "db/migrate/#{Time.current.strftime("%Y%m%d%H%M%S")}_create_permits_permissions.rb"
+        template "create_permits_invites.rb", "db/migrate/#{Time.current.strftime("%Y%m%d%H%M%S")}_create_permits_invites.rb"
       end
     end
   end

data/lib/generators/permits/install/templates/create_permits_invites.rb

@@ -0,0 +1,14 @@
+class CreatePermitsInvites < ActiveRecord::Migration[7.1]
+  def change
+    create_table :permits_invites, id: :uuid do |t|
+      t.references :invited_by, polymorphic: true, index: true, type: :uuid, null: false
+      t.references :invitee, polymorphic: true, index: true, type: :uuid, null: true
+      t.string :email, null: false
+      t.string :aasm_state, null: false
+      t.string :slug, null: false
+      t.datetime :started_at
+      t.datetime :ended_at
+      t.timestamps
+    end
+  end
+end

data/lib/permits/concerns/has_permissions.rb

@@ -0,0 +1,11 @@
+require "active_support/concern"
+
+module Permits
+  module HasPermissions
+    extend ActiveSupport::Concern
+
+    included do
+      has_many :permissions, -> { active }, as: :owner, class_name: "::Permits::Permission", dependent: :destroy
+    end
+  end
+end

data/lib/permits/forms/invite_form.rb

@@ -0,0 +1,65 @@
+module Permits
+  module Forms
+    class InviteForm
+      include ActiveModel::Model
+      include ActiveModel::Attributes
+      include ActiveModel::Validations
+
+      attribute :invite_id
+      attribute :invited
+      attribute :token
+
+      validates :invite_id, presence: true
+      validates :invited, presence: true
+      validates :token, presence: true
+
+      def accept
+        return false unless valid_invite?
+
+        ActiveRecord::Base.transaction do
+          invite.accept!
+        end
+        true
+      end
+
+      def decline
+        return false unless valid_invite?
+
+        ActiveRecord::Base.transaction do
+          invite.decline!
+        end
+        true
+      end
+
+      def destroy
+        ActiveRecord::Base.transaction do
+          invite.permissions.destroy_all
+          invite.destroy
+        end
+        true
+      end
+
+      private
+
+      def valid_invite?
+        return false unless valid?
+
+        valid_email? && valid_token?
+      end
+
+      def valid_email?
+        raise I18n.t("errors.invited_does_not_respond_to_email") unless invited.respond_to?(:email)
+
+        invite.email == invited.email
+      end
+
+      def valid_token?
+        invite.slug == token
+      end
+
+      def invite
+        @invite ||= ::Permits::Invite.find(invite_id)
+      end
+    end
+  end
+end

data/lib/permits/forms/new_invite_form.rb

@@ -0,0 +1,58 @@
+module Permits
+  module Forms
+    class NewInviteForm
+      include ActiveModel::Model
+      include ActiveModel::Attributes
+      include ActiveModel::Validations
+
+      attribute :invited_by
+      attribute :email
+      attribute :permission_attributes
+
+      validates :invited_by, presence: true
+      validates :email, presence: true
+
+      def save
+        return false unless valid?
+
+        ActiveRecord::Base.transaction do
+          invite.save!
+          process_permissions if permission_attributes.present?
+        end
+        true
+      end
+
+      def invite
+        @invite ||= Invite.new(
+          invited_by: invited_by,
+          email: email,
+          started_at: Time.current
+        )
+      end
+
+      private
+
+      def process_permissions
+        permission_attributes.each do |resource, permissions|
+          policy_class = if resource.respond_to?(:policy_class)
+            resource.policy_class
+          else
+            ::Permits::Policy::Base
+          end
+          next unless policy_class.authorized?(invited_by, resource, :invite)
+
+          create_permissions(resource, permissions)
+        end
+      end
+
+      def create_permissions(resource, *permissions)
+        permissions.flatten.each do |permits|
+          invite.permissions.find_or_create_by!(
+            resource: resource,
+            permits: permits
+          )
+        end
+      end
+    end
+  end
+end

data/lib/permits/invite.rb

@@ -0,0 +1,54 @@
+require "timelines"
+
+module Permits
+  class Invite < ActiveRecord::Base
+    self.table_name = "permits_invites"
+
+    include ::AASM
+    include ::Timelines::Ephemeral
+    include ::Permits::HasPermissions
+
+    belongs_to :invited_by, polymorphic: true, required: true
+    belongs_to :invitee, polymorphic: true, optional: true
+
+    validates :email, presence: true
+    validates :aasm_state, presence: true
+    validates :slug, presence: true
+
+    scope :active, -> { where(ended_at: nil) }
+
+    attribute :slug, default: -> { SecureRandom.hex(3).upcase }
+
+    aasm do
+      state :pending, initial: true
+      state :accepted
+      state :declined
+
+      event :accept do
+        transitions from: :pending, to: :accepted, after: :add_invitee_permissions
+      end
+
+      event :decline do
+        transitions from: :pending, to: :declined, after: :end_invite_permissions
+      end
+    end
+
+    def add_invitee_permissions
+      ActiveRecord::Base.transaction do
+        permissions.each do |permission|
+          invitee_permission = permission.dup
+          invitee_permission.update!(owner: invitee, started_at: Time.current)
+          permission.destroy
+        end
+      end
+    end
+
+    def end_invite_permissions
+      ActiveRecord::Base.transaction do
+        permissions.each do |permission|
+          permission.update!(ended_at: Time.current)
+        end
+      end
+    end
+  end
+end

data/lib/permits/permission.rb

@@ -17,7 +17,7 @@ module Permits
     def permits_is_permissable
       return if Permits.config.permits&.include?(permits&.to_sym)
 
-      errors.add(:permits, "is not a valid permits for #{resource.class}")
+      errors.add(:permits, I18n.t("errors.invalid_permits_param", class: resource.class.name))
     end
 
     scope :permits_any, -> { all }

data/lib/permits/policy/base.rb

@@ -29,7 +29,7 @@ module Permits
         return false unless valid?
 
         if respond_to?("#{action}?")
-          return send("#{action}?")
+          send("#{action}?")
         else
           has_action_permissions?(action)
         end
@@ -40,7 +40,7 @@ module Permits
       def has_action_permissions?(action, for_resource: resource)
         return false unless owner_permissions.respond_to?("permits_#{action}")
 
-        return owner_permissions.send("permits_#{action}").where(resource: for_resource).exists?
+        owner_permissions.send("permits_#{action}").where(resource: for_resource).exists?
       end
 
       def owner_permissions

data/lib/permits/version.rb

@@ -1,3 +1,3 @@
 module Permits
-  VERSION = "0.1.4"
+  VERSION = "1.0.0"
 end

data/lib/permits.rb

@@ -1,9 +1,15 @@
-require "permits/version"
-require "permits/railtie"
+require "active_support/configurable"
+require "aasm"
+require "permits/concerns/has_permissions"
+require "permits/forms/new_invite_form"
+require "permits/forms/invite_form"
+require "permits/invite"
 require "permits/permission"
-require "permits/policy/base"
 require "permits/policy/unauthorized_error"
-require "active_support/configurable"
+require "permits/policy/base"
+require "permits/railtie"
+require "permits/version"
+require "timelines"
 
 module Permits
   include ActiveSupport::Configurable

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: permits
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 1.0.0
 platform: ruby
 authors:
 - Craig Gilchrist
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-11 00:00:00.000000000 Z
+date: 2024-02-26 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: aasm
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.5.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -134,8 +148,13 @@ files:
 - Rakefile
 - lib/generators/permits/install/USAGE
 - lib/generators/permits/install/install_generator.rb
+- lib/generators/permits/install/templates/create_permits_invites.rb
 - lib/generators/permits/install/templates/create_permits_permissions.rb
 - lib/permits.rb
+- lib/permits/concerns/has_permissions.rb
+- lib/permits/forms/invite_form.rb
+- lib/permits/forms/new_invite_form.rb
+- lib/permits/invite.rb
 - lib/permits/permission.rb
 - lib/permits/policy/base.rb
 - lib/permits/policy/unauthorized_error.rb
@@ -164,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.20
+rubygems_version: 3.5.4
 signing_key:
 specification_version: 4
 summary: A User and Role management gem for Rails 7