pundit 2.0.0 → 2.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/pull_request_template.md +9 -0
- data/.gitignore +1 -0
- data/.rubocop.yml +21 -52
- data/.travis.yml +20 -14
- data/CHANGELOG.md +85 -3
- data/CONTRIBUTING.md +1 -4
- data/Gemfile +2 -11
- data/LICENSE.txt +1 -1
- data/README.md +91 -57
- data/Rakefile +2 -0
- data/SECURITY.md +19 -0
- data/config/rubocop-rspec.yml +5 -0
- data/lib/generators/pundit/install/install_generator.rb +4 -2
- data/lib/generators/pundit/install/templates/application_policy.rb +7 -3
- data/lib/generators/pundit/policy/policy_generator.rb +4 -2
- data/lib/generators/pundit/policy/templates/policy.rb +4 -3
- data/lib/generators/rspec/policy_generator.rb +4 -2
- data/lib/generators/rspec/templates/policy_spec.rb +2 -2
- data/lib/generators/test_unit/policy_generator.rb +4 -2
- data/lib/pundit/authorization.rb +168 -0
- data/lib/pundit/policy_finder.rb +3 -1
- data/lib/pundit/rspec.rb +6 -14
- data/lib/pundit/version.rb +1 -1
- data/lib/pundit.rb +47 -184
- data/pundit.gemspec +17 -3
- data/spec/authorization_spec.rb +258 -0
- data/spec/generators_spec.rb +43 -0
- data/spec/policies/post_policy_spec.rb +3 -1
- data/spec/policy_finder_spec.rb +82 -17
- data/spec/pundit_spec.rb +61 -218
- data/spec/spec_helper.rb +44 -26
- metadata +158 -10
data/spec/pundit_spec.rb
CHANGED
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "spec_helper"
|
2
4
|
|
3
|
-
describe Pundit do
|
5
|
+
RSpec.describe Pundit do
|
4
6
|
let(:user) { double }
|
5
7
|
let(:post) { Post.new(user) }
|
6
8
|
let(:customer_post) { Customer::Post.new(user) }
|
@@ -8,11 +10,10 @@ describe Pundit do
|
|
8
10
|
let(:comment) { Comment.new }
|
9
11
|
let(:comment_four_five_six) { CommentFourFiveSix.new }
|
10
12
|
let(:article) { Article.new }
|
11
|
-
let(:controller) { Controller.new(user, "update", {}) }
|
12
13
|
let(:artificial_blog) { ArtificialBlog.new }
|
13
14
|
let(:article_tag) { ArticleTag.new }
|
14
|
-
let(:comments_relation) { CommentsRelation.new }
|
15
|
-
let(:empty_comments_relation) { CommentsRelation.new(true) }
|
15
|
+
let(:comments_relation) { CommentsRelation.new(empty: false) }
|
16
|
+
let(:empty_comments_relation) { CommentsRelation.new(empty: true) }
|
16
17
|
let(:tag_four_five_six) { ProjectOneTwoThree::TagFourFiveSix.new(user) }
|
17
18
|
let(:avatar_four_five_six) { ProjectOneTwoThree::AvatarFourFiveSix.new }
|
18
19
|
let(:wiki) { Wiki.new }
|
@@ -22,10 +23,35 @@ describe Pundit do
|
|
22
23
|
expect(Pundit.authorize(user, post, :update?)).to be_truthy
|
23
24
|
end
|
24
25
|
|
26
|
+
it "returns the record on successful authorization" do
|
27
|
+
expect(Pundit.authorize(user, post, :update?)).to eq(post)
|
28
|
+
end
|
29
|
+
|
30
|
+
it "returns the record when passed record with namespace " do
|
31
|
+
expect(Pundit.authorize(user, [:project, comment], :update?)).to eq(comment)
|
32
|
+
end
|
33
|
+
|
34
|
+
it "returns the record when passed record with nested namespace " do
|
35
|
+
expect(Pundit.authorize(user, [:project, :admin, comment], :update?)).to eq(comment)
|
36
|
+
end
|
37
|
+
|
38
|
+
it "returns the policy name symbol when passed record with headless policy" do
|
39
|
+
expect(Pundit.authorize(user, :publication, :create?)).to eq(:publication)
|
40
|
+
end
|
41
|
+
|
42
|
+
it "returns the class when passed record not a particular instance" do
|
43
|
+
expect(Pundit.authorize(user, Post, :show?)).to eq(Post)
|
44
|
+
end
|
45
|
+
|
25
46
|
it "can be given a different policy class" do
|
26
47
|
expect(Pundit.authorize(user, post, :create?, policy_class: PublicationPolicy)).to be_truthy
|
27
48
|
end
|
28
49
|
|
50
|
+
it "can be given a different policy class using namespaces" do
|
51
|
+
expect(PublicationPolicy).to receive(:new).with(user, comment).and_call_original
|
52
|
+
expect(Pundit.authorize(user, [:project, comment], :create?, policy_class: PublicationPolicy)).to be_truthy
|
53
|
+
end
|
54
|
+
|
29
55
|
it "works with anonymous class policies" do
|
30
56
|
expect(Pundit.authorize(user, article_tag, :show?)).to be_truthy
|
31
57
|
expect { Pundit.authorize(user, article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
|
@@ -35,7 +61,7 @@ describe Pundit do
|
|
35
61
|
# rubocop:disable Style/MultilineBlockChain
|
36
62
|
expect do
|
37
63
|
Pundit.authorize(user, post, :destroy?)
|
38
|
-
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this
|
64
|
+
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this Post") do |error|
|
39
65
|
expect(error.query).to eq :destroy?
|
40
66
|
expect(error.record).to eq post
|
41
67
|
expect(error.policy).to eq Pundit.policy(user, post)
|
@@ -43,6 +69,18 @@ describe Pundit do
|
|
43
69
|
# rubocop:enable Style/MultilineBlockChain
|
44
70
|
end
|
45
71
|
|
72
|
+
it "raises an error with a the record, query and action when the record is namespaced" do
|
73
|
+
# rubocop:disable Style/MultilineBlockChain
|
74
|
+
expect do
|
75
|
+
Pundit.authorize(user, [:project, :admin, comment], :destroy?)
|
76
|
+
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this Comment") do |error|
|
77
|
+
expect(error.query).to eq :destroy?
|
78
|
+
expect(error.record).to eq comment
|
79
|
+
expect(error.policy).to eq Pundit.policy(user, [:project, :admin, comment])
|
80
|
+
end
|
81
|
+
# rubocop:enable Style/MultilineBlockChain
|
82
|
+
end
|
83
|
+
|
46
84
|
it "raises an error with a invalid policy constructor" do
|
47
85
|
expect do
|
48
86
|
Pundit.authorize(user, wiki, :update?)
|
@@ -88,6 +126,12 @@ describe Pundit do
|
|
88
126
|
Pundit.policy_scope(user, Wiki)
|
89
127
|
end.to raise_error(Pundit::InvalidConstructorError, "Invalid #<WikiPolicy::Scope> constructor is called")
|
90
128
|
end
|
129
|
+
|
130
|
+
it "raises an original error with a policy scope that contains error" do
|
131
|
+
expect do
|
132
|
+
Pundit.policy_scope(user, Thread)
|
133
|
+
end.to raise_error(ArgumentError)
|
134
|
+
end
|
91
135
|
end
|
92
136
|
|
93
137
|
describe ".policy_scope!" do
|
@@ -351,223 +395,22 @@ describe Pundit do
|
|
351
395
|
end
|
352
396
|
end
|
353
397
|
|
354
|
-
describe "
|
355
|
-
it "
|
356
|
-
|
357
|
-
controller.verify_authorized
|
358
|
-
end
|
398
|
+
describe ".included" do
|
399
|
+
it "includes Authorization module" do
|
400
|
+
klass = Class.new
|
359
401
|
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
end
|
364
|
-
|
365
|
-
describe "#verify_policy_scoped" do
|
366
|
-
it "does nothing when policy_scope is used" do
|
367
|
-
controller.policy_scope(Post)
|
368
|
-
controller.verify_policy_scoped
|
369
|
-
end
|
370
|
-
|
371
|
-
it "raises an exception when policy_scope is not used" do
|
372
|
-
expect { controller.verify_policy_scoped }.to raise_error(Pundit::PolicyScopingNotPerformedError)
|
373
|
-
end
|
374
|
-
end
|
375
|
-
|
376
|
-
describe "#pundit_policy_authorized?" do
|
377
|
-
it "is true when authorized" do
|
378
|
-
controller.authorize(post)
|
379
|
-
expect(controller.pundit_policy_authorized?).to be true
|
380
|
-
end
|
381
|
-
|
382
|
-
it "is false when not authorized" do
|
383
|
-
expect(controller.pundit_policy_authorized?).to be false
|
384
|
-
end
|
385
|
-
end
|
386
|
-
|
387
|
-
describe "#pundit_policy_scoped?" do
|
388
|
-
it "is true when policy_scope is used" do
|
389
|
-
controller.policy_scope(Post)
|
390
|
-
expect(controller.pundit_policy_scoped?).to be true
|
391
|
-
end
|
392
|
-
|
393
|
-
it "is false when policy scope is not used" do
|
394
|
-
expect(controller.pundit_policy_scoped?).to be false
|
395
|
-
end
|
396
|
-
end
|
397
|
-
|
398
|
-
describe "#authorize" do
|
399
|
-
it "infers the policy name and authorizes based on it" do
|
400
|
-
expect(controller.authorize(post)).to be_truthy
|
401
|
-
end
|
402
|
-
|
403
|
-
it "returns the record on successful authorization" do
|
404
|
-
expect(controller.authorize(post)).to be(post)
|
405
|
-
end
|
406
|
-
|
407
|
-
it "can be given a different permission to check" do
|
408
|
-
expect(controller.authorize(post, :show?)).to be_truthy
|
409
|
-
expect { controller.authorize(post, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
|
410
|
-
end
|
411
|
-
|
412
|
-
it "can be given a different policy class" do
|
413
|
-
expect(controller.authorize(post, :create?, policy_class: PublicationPolicy)).to be_truthy
|
414
|
-
end
|
415
|
-
|
416
|
-
it "works with anonymous class policies" do
|
417
|
-
expect(controller.authorize(article_tag, :show?)).to be_truthy
|
418
|
-
expect { controller.authorize(article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
|
419
|
-
end
|
420
|
-
|
421
|
-
it "throws an exception when the permission check fails" do
|
422
|
-
expect { controller.authorize(Post.new) }.to raise_error(Pundit::NotAuthorizedError)
|
423
|
-
end
|
424
|
-
|
425
|
-
it "throws an exception when a policy cannot be found" do
|
426
|
-
expect { controller.authorize(Article) }.to raise_error(Pundit::NotDefinedError)
|
427
|
-
end
|
428
|
-
|
429
|
-
it "caches the policy" do
|
430
|
-
expect(controller.policies[post]).to be_nil
|
431
|
-
controller.authorize(post)
|
432
|
-
expect(controller.policies[post]).not_to be_nil
|
433
|
-
end
|
434
|
-
|
435
|
-
it "raises an error when the given record is nil" do
|
436
|
-
expect { controller.authorize(nil, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
|
437
|
-
end
|
438
|
-
|
439
|
-
it "raises an error with a invalid policy constructor" do
|
440
|
-
expect { controller.authorize(wiki, :destroy?) }.to raise_error(Pundit::InvalidConstructorError)
|
441
|
-
end
|
442
|
-
end
|
443
|
-
|
444
|
-
describe "#skip_authorization" do
|
445
|
-
it "disables authorization verification" do
|
446
|
-
controller.skip_authorization
|
447
|
-
expect { controller.verify_authorized }.not_to raise_error
|
448
|
-
end
|
449
|
-
end
|
450
|
-
|
451
|
-
describe "#skip_policy_scope" do
|
452
|
-
it "disables policy scope verification" do
|
453
|
-
controller.skip_policy_scope
|
454
|
-
expect { controller.verify_policy_scoped }.not_to raise_error
|
455
|
-
end
|
456
|
-
end
|
457
|
-
|
458
|
-
describe "#pundit_user" do
|
459
|
-
it "returns the same thing as current_user" do
|
460
|
-
expect(controller.pundit_user).to eq controller.current_user
|
461
|
-
end
|
462
|
-
end
|
463
|
-
|
464
|
-
describe "#policy" do
|
465
|
-
it "returns an instantiated policy" do
|
466
|
-
policy = controller.policy(post)
|
467
|
-
expect(policy.user).to eq user
|
468
|
-
expect(policy.post).to eq post
|
469
|
-
end
|
470
|
-
|
471
|
-
it "throws an exception if the given policy can't be found" do
|
472
|
-
expect { controller.policy(article) }.to raise_error(Pundit::NotDefinedError)
|
473
|
-
end
|
474
|
-
|
475
|
-
it "raises an error with a invalid policy constructor" do
|
476
|
-
expect { controller.policy(wiki) }.to raise_error(Pundit::InvalidConstructorError)
|
477
|
-
end
|
478
|
-
|
479
|
-
it "allows policy to be injected" do
|
480
|
-
new_policy = OpenStruct.new
|
481
|
-
controller.policies[post] = new_policy
|
482
|
-
|
483
|
-
expect(controller.policy(post)).to eq new_policy
|
484
|
-
end
|
485
|
-
end
|
486
|
-
|
487
|
-
describe "#policy_scope" do
|
488
|
-
it "returns an instantiated policy scope" do
|
489
|
-
expect(controller.policy_scope(Post)).to eq :published
|
490
|
-
end
|
491
|
-
|
492
|
-
it "allows policy scope class to be overriden" do
|
493
|
-
expect(controller.policy_scope(Post, policy_scope_class: PublicationPolicy::Scope)).to eq :published
|
494
|
-
end
|
495
|
-
|
496
|
-
it "throws an exception if the given policy can't be found" do
|
497
|
-
expect { controller.policy_scope(Article) }.to raise_error(Pundit::NotDefinedError)
|
498
|
-
end
|
499
|
-
|
500
|
-
it "raises an error with a invalid policy scope constructor" do
|
501
|
-
expect { controller.policy_scope(Wiki) }.to raise_error(Pundit::InvalidConstructorError)
|
502
|
-
end
|
503
|
-
|
504
|
-
it "allows policy_scope to be injected" do
|
505
|
-
new_scope = OpenStruct.new
|
506
|
-
controller.policy_scopes[Post] = new_scope
|
507
|
-
|
508
|
-
expect(controller.policy_scope(Post)).to eq new_scope
|
509
|
-
end
|
510
|
-
end
|
511
|
-
|
512
|
-
describe "#permitted_attributes" do
|
513
|
-
it "checks policy for permitted attributes" do
|
514
|
-
params = ActionController::Parameters.new(post: {
|
515
|
-
title: "Hello",
|
516
|
-
votes: 5,
|
517
|
-
admin: true
|
518
|
-
})
|
519
|
-
|
520
|
-
action = "update"
|
521
|
-
|
522
|
-
expect(Controller.new(user, action, params).permitted_attributes(post).to_h).to eq(
|
523
|
-
"title" => "Hello",
|
524
|
-
"votes" => 5
|
525
|
-
)
|
526
|
-
expect(Controller.new(double, action, params).permitted_attributes(post).to_h).to eq("votes" => 5)
|
527
|
-
end
|
528
|
-
|
529
|
-
it "checks policy for permitted attributes for record of a ActiveModel type" do
|
530
|
-
params = ActionController::Parameters.new(customer_post: {
|
531
|
-
title: "Hello",
|
532
|
-
votes: 5,
|
533
|
-
admin: true
|
534
|
-
})
|
535
|
-
|
536
|
-
action = "update"
|
402
|
+
expect do
|
403
|
+
klass.include Pundit
|
404
|
+
end.to output.to_stderr
|
537
405
|
|
538
|
-
expect(
|
539
|
-
"title" => "Hello",
|
540
|
-
"votes" => 5
|
541
|
-
)
|
542
|
-
expect(Controller.new(double, action, params).permitted_attributes(customer_post).to_h).to eq(
|
543
|
-
"votes" => 5
|
544
|
-
)
|
406
|
+
expect(klass).to include Pundit::Authorization
|
545
407
|
end
|
546
|
-
end
|
547
408
|
|
548
|
-
|
549
|
-
|
550
|
-
|
551
|
-
|
552
|
-
|
553
|
-
votes: 5,
|
554
|
-
admin: true
|
555
|
-
})
|
556
|
-
|
557
|
-
action = "revise"
|
558
|
-
expect(Controller.new(user, action, params).permitted_attributes(post).to_h).to eq("body" => "blah")
|
559
|
-
end
|
560
|
-
|
561
|
-
it "can be explicitly set" do
|
562
|
-
params = ActionController::Parameters.new(post: {
|
563
|
-
title: "Hello",
|
564
|
-
body: "blah",
|
565
|
-
votes: 5,
|
566
|
-
admin: true
|
567
|
-
})
|
568
|
-
|
569
|
-
action = "update"
|
570
|
-
expect(Controller.new(user, action, params).permitted_attributes(post, :revise).to_h).to eq("body" => "blah")
|
409
|
+
it "warns about deprecation" do
|
410
|
+
klass = Class.new
|
411
|
+
expect do
|
412
|
+
klass.include Pundit
|
413
|
+
end.to output(a_string_starting_with("'include Pundit' is deprecated")).to_stderr
|
571
414
|
end
|
572
415
|
end
|
573
416
|
|
data/spec/spec_helper.rb
CHANGED
@@ -1,3 +1,10 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "simplecov"
|
4
|
+
SimpleCov.start do
|
5
|
+
add_filter "/spec/"
|
6
|
+
end
|
7
|
+
|
1
8
|
require "pundit"
|
2
9
|
require "pundit/rspec"
|
3
10
|
|
@@ -9,22 +16,6 @@ require "active_support/core_ext"
|
|
9
16
|
require "active_model/naming"
|
10
17
|
require "action_controller/metal/strong_parameters"
|
11
18
|
|
12
|
-
I18n.enforce_available_locales = false
|
13
|
-
|
14
|
-
module PunditSpecHelper
|
15
|
-
extend RSpec::Matchers::DSL
|
16
|
-
|
17
|
-
matcher :be_truthy do
|
18
|
-
match do |actual|
|
19
|
-
actual
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
RSpec.configure do |config|
|
25
|
-
config.include PunditSpecHelper
|
26
|
-
end
|
27
|
-
|
28
19
|
class PostPolicy < Struct.new(:user, :post)
|
29
20
|
class Scope < Struct.new(:user, :scope)
|
30
21
|
def resolve
|
@@ -84,15 +75,12 @@ module Customer
|
|
84
75
|
def self.policy_class
|
85
76
|
PostPolicy
|
86
77
|
end
|
87
|
-
|
88
|
-
def policy_class
|
89
|
-
self.class.policy_class
|
90
|
-
end
|
91
78
|
end
|
92
79
|
end
|
93
80
|
|
94
81
|
class CommentScope
|
95
82
|
attr_reader :original_object
|
83
|
+
|
96
84
|
def initialize(original_object)
|
97
85
|
@original_object = original_object
|
98
86
|
end
|
@@ -127,7 +115,7 @@ class Comment
|
|
127
115
|
end
|
128
116
|
|
129
117
|
class CommentsRelation
|
130
|
-
def initialize(empty
|
118
|
+
def initialize(empty: false)
|
131
119
|
@empty = empty
|
132
120
|
end
|
133
121
|
|
@@ -135,7 +123,7 @@ class CommentsRelation
|
|
135
123
|
@empty
|
136
124
|
end
|
137
125
|
|
138
|
-
def model_name
|
126
|
+
def self.model_name
|
139
127
|
Comment.model_name
|
140
128
|
end
|
141
129
|
end
|
@@ -172,6 +160,10 @@ class CriteriaPolicy < Struct.new(:user, :criteria); end
|
|
172
160
|
|
173
161
|
module Project
|
174
162
|
class CommentPolicy < Struct.new(:user, :comment)
|
163
|
+
def update?
|
164
|
+
true
|
165
|
+
end
|
166
|
+
|
175
167
|
class Scope < Struct.new(:user, :scope)
|
176
168
|
def resolve
|
177
169
|
scope
|
@@ -188,6 +180,18 @@ module Project
|
|
188
180
|
end
|
189
181
|
end
|
190
182
|
end
|
183
|
+
|
184
|
+
module Admin
|
185
|
+
class CommentPolicy < Struct.new(:user, :comment)
|
186
|
+
def update?
|
187
|
+
true
|
188
|
+
end
|
189
|
+
|
190
|
+
def destroy?
|
191
|
+
false
|
192
|
+
end
|
193
|
+
end
|
194
|
+
end
|
191
195
|
end
|
192
196
|
|
193
197
|
class DenierPolicy < Struct.new(:user, :record)
|
@@ -197,11 +201,11 @@ class DenierPolicy < Struct.new(:user, :record)
|
|
197
201
|
end
|
198
202
|
|
199
203
|
class Controller
|
200
|
-
include Pundit
|
204
|
+
include Pundit::Authorization
|
201
205
|
# Mark protected methods public so they may be called in test
|
202
|
-
# rubocop:disable
|
203
|
-
public(*Pundit.protected_instance_methods)
|
204
|
-
# rubocop:enable
|
206
|
+
# rubocop:disable Style/AccessModifierDeclarations
|
207
|
+
public(*Pundit::Authorization.protected_instance_methods)
|
208
|
+
# rubocop:enable Style/AccessModifierDeclarations
|
205
209
|
|
206
210
|
attr_reader :current_user, :action_name, :params
|
207
211
|
|
@@ -229,6 +233,7 @@ class NilClassPolicy < Struct.new(:user, :record)
|
|
229
233
|
end
|
230
234
|
|
231
235
|
class Wiki; end
|
236
|
+
|
232
237
|
class WikiPolicy
|
233
238
|
class Scope
|
234
239
|
# deliberate typo method
|
@@ -236,6 +241,19 @@ class WikiPolicy
|
|
236
241
|
end
|
237
242
|
end
|
238
243
|
|
244
|
+
class Thread
|
245
|
+
def self.all; end
|
246
|
+
end
|
247
|
+
|
248
|
+
class ThreadPolicy < Struct.new(:user, :thread)
|
249
|
+
class Scope < Struct.new(:user, :scope)
|
250
|
+
def resolve
|
251
|
+
# deliberate wrong useage of the method
|
252
|
+
scope.all(:unvalid, :parameters)
|
253
|
+
end
|
254
|
+
end
|
255
|
+
end
|
256
|
+
|
239
257
|
class PostFourFiveSix < Struct.new(:user); end
|
240
258
|
|
241
259
|
class CommentFourFiveSix; extend ActiveModel::Naming; end
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pundit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonas Nicklas
|
8
|
-
-
|
9
|
-
autorequire:
|
8
|
+
- Varvet AB
|
9
|
+
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2023-07-17 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
@@ -25,14 +25,155 @@ dependencies:
|
|
25
25
|
- - ">="
|
26
26
|
- !ruby/object:Gem::Version
|
27
27
|
version: 3.0.0
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: actionpack
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: 3.0.0
|
35
|
+
type: :development
|
36
|
+
prerelease: false
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: 3.0.0
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: activemodel
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - ">="
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: 3.0.0
|
49
|
+
type: :development
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - ">="
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: 3.0.0
|
56
|
+
- !ruby/object:Gem::Dependency
|
57
|
+
name: bundler
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ">="
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0'
|
63
|
+
type: :development
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: pry
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
type: :development
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: railties
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: 3.0.0
|
91
|
+
type: :development
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: 3.0.0
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: rake
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
type: :development
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
112
|
+
- !ruby/object:Gem::Dependency
|
113
|
+
name: rspec
|
114
|
+
requirement: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - ">="
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: 3.0.0
|
119
|
+
type: :development
|
120
|
+
prerelease: false
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - ">="
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: 3.0.0
|
126
|
+
- !ruby/object:Gem::Dependency
|
127
|
+
name: rubocop
|
128
|
+
requirement: !ruby/object:Gem::Requirement
|
129
|
+
requirements:
|
130
|
+
- - '='
|
131
|
+
- !ruby/object:Gem::Version
|
132
|
+
version: 1.24.0
|
133
|
+
type: :development
|
134
|
+
prerelease: false
|
135
|
+
version_requirements: !ruby/object:Gem::Requirement
|
136
|
+
requirements:
|
137
|
+
- - '='
|
138
|
+
- !ruby/object:Gem::Version
|
139
|
+
version: 1.24.0
|
140
|
+
- !ruby/object:Gem::Dependency
|
141
|
+
name: simplecov
|
142
|
+
requirement: !ruby/object:Gem::Requirement
|
143
|
+
requirements:
|
144
|
+
- - ">="
|
145
|
+
- !ruby/object:Gem::Version
|
146
|
+
version: 0.17.0
|
147
|
+
type: :development
|
148
|
+
prerelease: false
|
149
|
+
version_requirements: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - ">="
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: 0.17.0
|
154
|
+
- !ruby/object:Gem::Dependency
|
155
|
+
name: yard
|
156
|
+
requirement: !ruby/object:Gem::Requirement
|
157
|
+
requirements:
|
158
|
+
- - ">="
|
159
|
+
- !ruby/object:Gem::Version
|
160
|
+
version: '0'
|
161
|
+
type: :development
|
162
|
+
prerelease: false
|
163
|
+
version_requirements: !ruby/object:Gem::Requirement
|
164
|
+
requirements:
|
165
|
+
- - ">="
|
166
|
+
- !ruby/object:Gem::Version
|
167
|
+
version: '0'
|
28
168
|
description: Object oriented authorization for Rails applications
|
29
169
|
email:
|
30
170
|
- jonas.nicklas@gmail.com
|
31
|
-
-
|
171
|
+
- info@varvet.com
|
32
172
|
executables: []
|
33
173
|
extensions: []
|
34
174
|
extra_rdoc_files: []
|
35
175
|
files:
|
176
|
+
- ".github/pull_request_template.md"
|
36
177
|
- ".gitignore"
|
37
178
|
- ".rubocop.yml"
|
38
179
|
- ".travis.yml"
|
@@ -44,6 +185,8 @@ files:
|
|
44
185
|
- LICENSE.txt
|
45
186
|
- README.md
|
46
187
|
- Rakefile
|
188
|
+
- SECURITY.md
|
189
|
+
- config/rubocop-rspec.yml
|
47
190
|
- lib/generators/pundit/install/USAGE
|
48
191
|
- lib/generators/pundit/install/install_generator.rb
|
49
192
|
- lib/generators/pundit/install/templates/application_policy.rb
|
@@ -55,10 +198,13 @@ files:
|
|
55
198
|
- lib/generators/test_unit/policy_generator.rb
|
56
199
|
- lib/generators/test_unit/templates/policy_test.rb
|
57
200
|
- lib/pundit.rb
|
201
|
+
- lib/pundit/authorization.rb
|
58
202
|
- lib/pundit/policy_finder.rb
|
59
203
|
- lib/pundit/rspec.rb
|
60
204
|
- lib/pundit/version.rb
|
61
205
|
- pundit.gemspec
|
206
|
+
- spec/authorization_spec.rb
|
207
|
+
- spec/generators_spec.rb
|
62
208
|
- spec/policies/post_policy_spec.rb
|
63
209
|
- spec/policy_finder_spec.rb
|
64
210
|
- spec/pundit_spec.rb
|
@@ -66,8 +212,9 @@ files:
|
|
66
212
|
homepage: https://github.com/varvet/pundit
|
67
213
|
licenses:
|
68
214
|
- MIT
|
69
|
-
metadata:
|
70
|
-
|
215
|
+
metadata:
|
216
|
+
rubygems_mfa_required: 'true'
|
217
|
+
post_install_message:
|
71
218
|
rdoc_options: []
|
72
219
|
require_paths:
|
73
220
|
- lib
|
@@ -82,12 +229,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
82
229
|
- !ruby/object:Gem::Version
|
83
230
|
version: '0'
|
84
231
|
requirements: []
|
85
|
-
|
86
|
-
|
87
|
-
signing_key:
|
232
|
+
rubygems_version: 3.4.10
|
233
|
+
signing_key:
|
88
234
|
specification_version: 4
|
89
235
|
summary: OO authorization for Rails
|
90
236
|
test_files:
|
237
|
+
- spec/authorization_spec.rb
|
238
|
+
- spec/generators_spec.rb
|
91
239
|
- spec/policies/post_policy_spec.rb
|
92
240
|
- spec/policy_finder_spec.rb
|
93
241
|
- spec/pundit_spec.rb
|