RubyGems - pundit - Versions diffs - 1.1.0 → 2.1.0 - Mend

pundit 1.1.0 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

checksums.yaml +5 -5
data/.rubocop.yml +30 -49
data/.travis.yml +20 -10
data/CHANGELOG.md +42 -0
data/Gemfile +4 -1
data/LICENSE.txt +1 -1
data/README.md +241 -60
data/Rakefile +2 -1
data/lib/generators/pundit/install/install_generator.rb +1 -1
data/lib/generators/pundit/install/templates/application_policy.rb +2 -6
data/lib/generators/pundit/policy/policy_generator.rb +1 -1
data/lib/generators/pundit/policy/templates/policy.rb +1 -1
data/lib/generators/rspec/policy_generator.rb +1 -1
data/lib/generators/rspec/templates/policy_spec.rb +1 -2
data/lib/generators/test_unit/policy_generator.rb +1 -1
data/lib/generators/test_unit/templates/policy_test.rb +0 -1
data/lib/pundit.rb +103 -64
data/lib/pundit/policy_finder.rb +27 -31
data/lib/pundit/rspec.rb +13 -7
data/lib/pundit/version.rb +3 -1
data/pundit.gemspec +10 -9
data/spec/policies/post_policy_spec.rb +2 -0
data/spec/policy_finder_spec.rb +124 -0
data/spec/pundit_spec.rb +174 -53
data/spec/spec_helper.rb +87 -11
metadata +26 -26

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a2c188098c86ad5a0804044f80219014564501ef
-  data.tar.gz: 2ab7f79275d9ae66e5d04cf980c11e2c2983a4ef
+SHA256:
+  metadata.gz: 371516754ff155f90b2093a0ce80aacf097ab555027b19ea22b7c823de72a66a
+  data.tar.gz: 41e69a7d6a317b46ad35d1d1485d2119b443b8a430e5c78e62935ec502c7d08f
 SHA512:
-  metadata.gz: 55fbbf71ad514c0cfe4f8933dea59915314f749efa53ab5579f2da9dfcf2b4786343cefa53d3a35e26f4a346776c1c513884595a39561d280b259e6b6fb9b31a
-  data.tar.gz: bbcf9417801b22deac78afe2d5ea8a268193daf0e011f861006c25b1d0124d1f462aa37d4d38e623b9d438cb29ceb52b250575118e053862b74561795bbdd7a4
+  metadata.gz: c77a792bec5d87f487fd3ee419d00745dcab754bd1bd38504d9987b71d80be3bd32fb1aab8419a8e63ef3c3718e1bd8a255ff0117be8f8a5c743c221d87fccdd
+  data.tar.gz: 3086b4036cdbafb499f462f22405f185c83d12c8d8175136531dd053733320574b3d5d05c8379895940d854d54d7abb59d6a0958a9d0e6fdfc03f7691883c3ab

data/.rubocop.yml CHANGED Viewed

@@ -1,14 +1,22 @@
 AllCops:
+  DisplayCopNames: true
+  TargetRubyVersion: 2.2
   Exclude:
     - "gemfiles/**/*"
     - "vendor/**/*"
     - "lib/generators/**/*"
+Metrics/BlockLength:
+  Exclude:
+    - "**/*_spec.rb"
 Metrics/MethodLength:
   Max: 40
 Metrics/ModuleLength:
   Max: 200
+  Exclude:
+    - "**/*_spec.rb"
 Metrics/LineLength:
   Max: 120
@@ -22,74 +30,47 @@ Metrics/CyclomaticComplexity:
 Metrics/PerceivedComplexity:
   Enabled: false
-Style/StructInheritance:
-  Enabled: false
-Style/AlignParameters:
+Layout/AlignParameters:
   EnforcedStyle: with_fixed_indentation
-Style/StringLiterals:
-  EnforcedStyle: double_quotes
-Style/StringLiteralsInInterpolation:
-  EnforcedStyle: double_quotes
-Style/ClosingParenthesisIndentation:
-  Enabled: false
-Style/OneLineConditional:
-  Enabled: false
-Style/AndOr:
-  Enabled: false
-Style/Not:
-  Enabled: false
-Documentation:
-  Enabled: false # TODO: Enable again once we have more docs
-Style/CaseIndentation:
-  IndentWhenRelativeTo: case
+Layout/CaseIndentation:
+  EnforcedStyle: case
   SupportedStyles:
     - case
     - end
   IndentOneStep: true
-Style/PercentLiteralDelimiters:
-  PreferredDelimiters:
-    '%w': "[]"
-    '%W': "[]"
-Style/AccessModifierIndentation:
+Layout/AccessModifierIndentation:
   EnforcedStyle: outdent
-Style/SignalException:
-  Enabled: false
-Style/IndentationWidth:
-  Enabled: false
+Layout/EndAlignment:
+  EnforcedStyleAlignWith: variable
-Style/TrivialAccessors:
-  ExactNameMatch: true
+Style/FrozenStringLiteralComment:
+  Enabled: true
-Lint/EndAlignment:
-  AlignWith: variable
+Style/PercentLiteralDelimiters:
+  PreferredDelimiters:
+    '%w': "[]"
+    '%W': "[]"
-Lint/DefEndAlignment:
-  Enabled: false
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
-Lint/HandleExceptions:
-  Enabled: false
+Style/StringLiteralsInInterpolation:
+  EnforcedStyle: double_quotes
-Style/SpecialGlobalVars:
+Style/StructInheritance:
   Enabled: false
-Style/TrivialAccessors:
+Style/AndOr:
   Enabled: false
-Style/IndentHash:
+Style/Not:
   Enabled: false
 Style/DoubleNegation:
   Enabled: false
+Documentation:
+  Enabled: false # TODO: Enable again once we have more docs

data/.travis.yml CHANGED Viewed

@@ -1,11 +1,21 @@
 language: ruby
-sudo: false
-rvm:
-  - 2.0.0
-  - 2.1
-  - 2.2
-  - jruby-19mode
-  - rbx-2
-env:
-  - RSPEC_VERSION="<2.99"
-  - RSPEC_VERSION="~>3.0
+before_install:
+  - gem install bundler -v 1.17.3
+matrix:
+  include:
+    - rvm: 2.5.1 # Pre-installed Ruby version
+      script: bundle exec rake rubocop # ONLY lint once, first
+    - rvm: 2.1
+    - rvm: 2.2
+    - rvm: 2.3.5
+    - rvm: 2.4.6
+    - rvm: 2.5.5
+    - rvm: 2.6.3
+    - rvm: jruby-9.1.8.0
+      env:
+        - JRUBY_OPTS="--debug"
+      jdk: openjdk8
+    - rvm: jruby-9.2.8.0
+      env:
+        - JRUBY_OPTS="--debug"

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,47 @@
 # Pundit
+### Fixed
+- Avoid name clashes with the Error class. (#590)
+### Changed
+- Return a safer default NotAuthorizedError message. (#583)
+## 2.0.1 (2019-01-18)
+### Breaking changes
+None
+### Other changes
+- Improve exception handling for `#policy_scope` and `#policy_scope!`. (#550)
+- Add `:policy` metadata to RSpec template. (#566)
+## 2.0.0 (2018-07-21)
+No changes since beta1
+## 2.0.0.beta1 (2018-07-04)
+### Breaking changes
+- Only pass last element of "namespace array" to policy and scope. (#529)
+- Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
+- Return passed object from `#authorize` method to make chaining possible. (#385)
+### Other changes
+- Add `policy_class` option to `authorize` to be able to override the policy. (#441)
+- Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
+- Fix `param_key` issue when passed an array. (#529)
+- Allow specification of a `NilClassPolicy`. (#525)
+- Make sure `policy_class` override is called when passed an array. (#475)
+- Use `action_name` instead of `params[:action]`. (#419)
+- Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
 ## 1.1.0 (2016-01-14)
 - Can retrieve policies via an array of symbols/objects.

data/Gemfile CHANGED Viewed

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
 source "https://rubygems.org"
-gem "rspec", ENV["RSPEC_VERSION"] unless ENV["RSPEC_VERSION"].to_s.empty?
+ruby RUBY_VERSION
 gemspec

data/LICENSE.txt CHANGED Viewed

@@ -1,4 +1,4 @@
-Copyright (c) 2012 Jonas Nicklas, Elabs AB
+Copyright (c) 2019 Jonas Nicklas, Varvet AB
 MIT License

data/README.md CHANGED Viewed

@@ -1,8 +1,8 @@
 # Pundit
-[![Build Status](https://secure.travis-ci.org/elabs/pundit.svg?branch=master)](https://travis-ci.org/elabs/pundit)
-[![Code Climate](https://codeclimate.com/github/elabs/pundit.svg)](https://codeclimate.com/github/elabs/pundit)
-[![Inline docs](http://inch-ci.org/github/elabs/pundit.svg?branch=master)](http://inch-ci.org/github/elabs/pundit)
+[![Build Status](https://secure.travis-ci.org/varvet/pundit.svg?branch=master)](https://travis-ci.org/varvet/pundit)
+[![Code Climate](https://codeclimate.com/github/varvet/pundit.svg)](https://codeclimate.com/github/varvet/pundit)
+[![Inline docs](http://inch-ci.org/github/varvet/pundit.svg?branch=master)](http://inch-ci.org/github/varvet/pundit)
 [![Gem Version](https://badge.fury.io/rb/pundit.svg)](http://badge.fury.io/rb/pundit)
 Pundit provides a set of helpers which guide you in leveraging regular Ruby
@@ -12,13 +12,13 @@ scaleable authorization system.
 Links:
 - [API documentation](http://www.rubydoc.info/gems/pundit)
-- [Source Code](https://github.com/elabs/pundit)
-- [Contributing](https://github.com/elabs/pundit/blob/master/CONTRIBUTING.md)
-- [Code of Conduct](https://github.com/elabs/pundit/blob/master/CODE_OF_CONDUCT.md)
+- [Source Code](https://github.com/varvet/pundit)
+- [Contributing](https://github.com/varvet/pundit/blob/master/CONTRIBUTING.md)
+- [Code of Conduct](https://github.com/varvet/pundit/blob/master/CODE_OF_CONDUCT.md)
 Sponsored by:
-[<img src="http://d3cv91luii1z1d.cloudfront.net/logo-gh.png" alt="Elabs" height="50px"/>](http://elabs.se)
+[<img src="https://www.varvet.com/images/wordmark-red.svg" alt="Varvet" height="50px"/>](https://www.varvet.com)
 ## Installation
@@ -116,7 +116,9 @@ and the given record. It then infers from the action name, that it should call
 `authorize` would have done something like this:
 ``` ruby
-raise "not authorized" unless PostPolicy.new(current_user, @post).update?
+unless PostPolicy.new(current_user, @post).update?
+  raise Pundit::NotAuthorizedError, "not allowed to update? this #{@post.inspect}"
+end
 ```
 You can pass a second argument to `authorize` if the name of the permission you
@@ -131,6 +133,18 @@ def publish
 end
 ```
+You can pass an argument to override the policy class if necessary. For example:
+```ruby
+def create
+  @publication = find_publication # assume this method returns any model that behaves like a publication
+  # @publication.class => Post
+  authorize @publication, policy_class: PublicationPolicy
+  @publication.publish!
+  redirect_to @publication
+end
+```
 If you don't have an instance for the first argument to `authorize`, then you can pass
 the class. For example:
@@ -151,6 +165,15 @@ def admin_list
 end
 ```
+`authorize` returns the object passed to it, so you can chain it like this:
+Controller:
+```ruby
+def show
+  @user = authorize User.find(params[:id])
+end
+```
 You can easily get a hold of an instance of the policy through the `policy`
 method in both the view and controller. This is especially useful for
 conditionally showing links or buttons in the view:
@@ -172,6 +195,10 @@ class DashboardPolicy < Struct.new(:user, :dashboard)
 end
 ```
+Note that the headless policy still needs to accept two arguments. The
+second argument will just be the symbol `:dashboard` in this case which
+is what is passed as the record to `authorize` below.
 ```ruby
 # In controllers
 authorize :dashboard, :show?
@@ -184,54 +211,6 @@ authorize :dashboard, :show?
 <% end %>
 ```
-## Ensuring policies are used
-Pundit adds a method called `verify_authorized` to your controllers. This
-method will raise an exception if `authorize` has not yet been called. You
-should run this method in an `after_action` to ensure that you haven't
-forgotten to authorize the action. For example:
-``` ruby
-class ApplicationController < ActionController::Base
-  after_action :verify_authorized
-end
-```
-Likewise, Pundit also adds `verify_policy_scoped` to your controller.  This
-will raise an exception in the vein of `verify_authorized`.  However, it tracks
-if `policy_scope` is used instead of `authorize`.  This is mostly useful for
-controller actions like `index` which find collections with a scope and don't
-authorize individual instances.
-``` ruby
-class ApplicationController < ActionController::Base
-  after_action :verify_authorized, except: :index
-  after_action :verify_policy_scoped, only: :index
-end
-```
-If you're using `verify_authorized` in your controllers but need to
-conditionally bypass verification, you can use `skip_authorization`. For
-bypassing `verify_policy_scoped`, use `skip_policy_scope`. These are useful
-in circumstances where you don't want to disable verification for the
-entire action, but have some cases where you intend to not authorize.
-```ruby
-def show
-  record = Record.find_by(attribute: "value")
-  if record.present?
-    authorize record
-  else
-    skip_authorization
-  end
-end
-```
-If you need to perform some more sophisticated logic or you want to raise a custom
-exception you can use the two lower level methods `pundit_policy_authorized?`
-and `pundit_policy_scoped?` which return `true` or `false` depending on whether
-`authorize` or `policy_scope` have been called, respectively.
 ## Scopes
 Often, you will want to have some kind of view listing records which a
@@ -258,7 +237,7 @@ class PostPolicy < ApplicationPolicy
   end
   def update?
-    user.admin? or not post.published?
+    user.admin? or not record.published?
   end
 end
 ```
@@ -291,7 +270,7 @@ class PostPolicy < ApplicationPolicy
   end
   def update?
-    user.admin? or not post.published?
+    user.admin? or not record.published?
   end
 end
 ```
@@ -302,6 +281,19 @@ You can now use this class from your controller via the `policy_scope` method:
 def index
   @posts = policy_scope(Post)
 end
+def show
+  @post = policy_scope(Post).find(params[:id])
+end
+```
+Like with the authorize method, you can also override the policy scope class:
+``` ruby
+def index
+  # publication_class => Post
+  @publications = policy_scope(publication_class, policy_scope_class: PublicationPolicy::Scope)
+end
 ```
 Just as with your policy, this will automatically infer that you want to use
@@ -322,6 +314,70 @@ You can, and are encouraged to, use this method in views:
 <% end %>
 ```
+## Ensuring policies and scopes are used
+When you are developing an application with Pundit it can be easy to forget to
+authorize some action. People are forgetful after all. Since Pundit encourages
+you to add the `authorize` call manually to each controller action, it's really
+easy to miss one.
+Thankfully, Pundit has a handy feature which reminds you in case you forget.
+Pundit tracks whether you have called `authorize` anywhere in your controller
+action. Pundit also adds a method to your controllers called
+`verify_authorized`. This method will raise an exception if `authorize` has not
+yet been called. You should run this method in an `after_action` hook to ensure
+that you haven't forgotten to authorize the action. For example:
+``` ruby
+class ApplicationController < ActionController::Base
+  include Pundit
+  after_action :verify_authorized
+end
+```
+Likewise, Pundit also adds `verify_policy_scoped` to your controller. This
+will raise an exception similar to `verify_authorized`. However, it tracks
+if `policy_scope` is used instead of `authorize`. This is mostly useful for
+controller actions like `index` which find collections with a scope and don't
+authorize individual instances.
+``` ruby
+class ApplicationController < ActionController::Base
+  include Pundit
+  after_action :verify_authorized, except: :index
+  after_action :verify_policy_scoped, only: :index
+end
+```
+**This verification mechanism only exists to aid you while developing your
+application, so you don't forget to call `authorize`. It is not some kind of
+failsafe mechanism or authorization mechanism. You should be able to remove
+these filters without affecting how your app works in any way.**
+Some people have found this feature confusing, while many others
+find it extremely helpful. If you fall into the category of people who find it
+confusing then you do not need to use it. Pundit will work just fine without
+using `verify_authorized` and `verify_policy_scoped`.
+### Conditional verification
+If you're using `verify_authorized` in your controllers but need to
+conditionally bypass verification, you can use `skip_authorization`. For
+bypassing `verify_policy_scoped`, use `skip_policy_scope`. These are useful
+in circumstances where you don't want to disable verification for the
+entire action, but have some cases where you intend to not authorize.
+```ruby
+def show
+  record = Record.find_by(attribute: "value")
+  if record.present?
+    authorize record
+  else
+    skip_authorization
+  end
+end
+```
 ## Manually specifying policy classes
 Sometimes you might want to explicitly declare which policy to use for a given
@@ -362,7 +418,8 @@ rails g pundit:policy post
 In many applications, only logged in users are really able to do anything. If
 you're building such a system, it can be kind of cumbersome to check that the
-user in a policy isn't `nil` for every single permission.
+user in a policy isn't `nil` for every single permission. Aside from policies,
+you can add this check to the base class for scopes.
 We suggest that you define a filter that redirects unauthenticated users to the
 login page. As a secondary defence, if you've defined an ApplicationPolicy, it
@@ -376,6 +433,37 @@ class ApplicationPolicy
     @user   = user
     @record = record
   end
+  class Scope
+    attr_reader :user, :scope
+    def initialize(user, scope)
+      raise Pundit::NotAuthorizedError, "must be logged in" unless user
+      @user = user
+      @scope = scope
+    end
+  end
+end
+```
+## NilClassPolicy
+To support a [null object pattern](https://en.wikipedia.org/wiki/Null_Object_pattern)
+you may find that you want to implement a `NilClassPolicy`. This might be useful
+where you want to extend your ApplicationPolicy to allow some tolerance of, for
+example, associations which might be `nil`.
+```ruby
+class NilClassPolicy < ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      raise Pundit::NotDefinedError, "Cannot scope NilClass"
+    end
+  end
+  def show?
+    false # Nobody can see nothing
+  end
 end
 ```
@@ -402,6 +490,10 @@ class ApplicationController < ActionController::Base
 end
 ```
+Alternatively, you can globally handle Pundit::NotAuthorizedError's by having rails handle them as a 403 error and serving a 403 error page. Add the following to application.rb:
+```config.action_dispatch.rescue_responses["Pundit::NotAuthorizedError"] = :forbidden```
 ## Creating custom error messages
 `NotAuthorizedError`s provide information on what query (e.g. `:create?`), what
@@ -469,6 +561,48 @@ def pundit_user
 end
 ```
+## Policy Namespacing
+In some cases it might be helpful to have multiple policies that serve different contexts for a
+resource. A prime example of this is the case where User policies differ from Admin policies. To
+authorize with a namespaced policy, pass the namespace into the `authorize` helper in an array:
+```ruby
+authorize(post)                   # => will look for a PostPolicy
+authorize([:admin, post])         # => will look for an Admin::PostPolicy
+authorize([:foo, :bar, post])     # => will look for a Foo::Bar::PostPolicy
+policy_scope(Post)                # => will look for a PostPolicy::Scope
+policy_scope([:admin, Post])      # => will look for an Admin::PostPolicy::Scope
+policy_scope([:foo, :bar, Post])  # => will look for a Foo::Bar::PostPolicy::Scope
+```
+If you are using namespaced policies for something like Admin views, it can be useful to
+override the `policy_scope` and `authorize` helpers in your `AdminController` to automatically
+apply the namespacing:
+```ruby
+class AdminController < ApplicationController
+  def policy_scope(scope)
+    super([:admin, scope])
+  end
+  def authorize(record, query = nil)
+    super([:admin, record], query)
+  end
+end
+class Admin::PostController < AdminController
+  def index
+    policy_scope(Post)
+  end
+  def show
+    post = Post.find(params[:id])
+    authorize(post)
+  end
+end
+```
 ## Additional context
 Pundit strongly encourages you to model your application in such a way that the
@@ -564,6 +698,45 @@ class PostsController < ApplicationController
 end
 ```
+If you want to permit different attributes based on the current action, you can define a `permitted_attributes_for_#{action}` method on your policy:
+```ruby
+# app/policies/post_policy.rb
+class PostPolicy < ApplicationPolicy
+  def permitted_attributes_for_create
+    [:title, :body]
+  end
+  def permitted_attributes_for_edit
+    [:body]
+  end
+end
+```
+If you have defined an action-specific method on your policy for the current action, the `permitted_attributes` helper will call it instead of calling `permitted_attributes` on your controller.
+If you need to fetch parameters based on namespaces different from the suggested one, override the below method, in your controller, and return an instance of `ActionController::Parameters`.
+```ruby
+def pundit_params_for(record)
+  params.require(PolicyFinder.new(record).param_key)
+end
+```
+For example:
+```ruby
+# If you don't want to use require
+def pundit_params_for(record)
+  params.fetch(PolicyFinder.new(record).param_key, {})
+end
+# If you are using something like the JSON API spec
+def pundit_params_for(_record)
+  params.fetch(:data, {}).fetch(:attributes, {})
+end
+```
 ## RSpec
 ### Policy Specs
@@ -600,14 +773,22 @@ end
 An alternative approach to Pundit policy specs is scoping them to a user context as outlined in this
 [excellent post](http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/) and implemented in the third party [pundit-matchers](https://github.com/chrisalley/pundit-matchers) gem.
+### Scope Specs
+Pundit does not provide a DSL for testing scopes. Just test it like a regular Ruby class!
 # External Resources
 - [RailsApps Example Application: Pundit and Devise](https://github.com/RailsApps/rails-devise-pundit)
 - [Migrating to Pundit from CanCan](http://blog.carbonfive.com/2013/10/21/migrating-to-pundit-from-cancan/)
 - [Testing Pundit Policies with RSpec](http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/)
-- [Using Pundit outside of a Rails controller](https://github.com/elabs/pundit/pull/136)
+- [Using Pundit outside of a Rails controller](https://github.com/varvet/pundit/pull/136)
 - [Straightforward Rails Authorization with Pundit](http://www.sitepoint.com/straightforward-rails-authorization-with-pundit/)
+## Other implementations
+- [Flask-Pundit](https://github.com/anurag90x/flask-pundit) (Python) is a [Flask](http://flask.pocoo.org/) extension "heavily inspired by" Pundit
 # License
 Licensed under the MIT license, see the separate LICENSE.txt file.