pundit 2.4.0 → 2.5.1

data/lib/pundit.rb

@@ -1,65 +1,32 @@
 # frozen_string_literal: true
 
+require "active_support"
+
 require "pundit/version"
+require "pundit/error"
 require "pundit/policy_finder"
-require "active_support/concern"
-require "active_support/core_ext/string/inflections"
-require "active_support/core_ext/object/blank"
-require "active_support/core_ext/module/introspection"
-require "active_support/dependencies/autoload"
-require "pundit/authorization"
 require "pundit/context"
+require "pundit/authorization"
+require "pundit/helper"
+require "pundit/cache_store"
 require "pundit/cache_store/null_store"
 require "pundit/cache_store/legacy_store"
+require "pundit/railtie" if defined?(Rails)
 
-# @api private
-# To avoid name clashes with common Error naming when mixing in Pundit,
-# keep it here with compact class style definition.
-class Pundit::Error < StandardError; end # rubocop:disable Style/ClassAndModuleChildren
-
+# Hello? Yes, this is Pundit.
+#
 # @api public
 module Pundit
-  SUFFIX = "Policy"
+  # @api private
+  # @since v1.0.0
+  # @deprecated See {Pundit::PolicyFinder}
+  SUFFIX = Pundit::PolicyFinder::SUFFIX
 
   # @api private
+  # @private
+  # @since v0.1.0
   module Generators; end
 
-  # Error that will be raised when authorization has failed
-  class NotAuthorizedError < Error
-    attr_reader :query, :record, :policy
-
-    def initialize(options = {})
-      if options.is_a? String
-        message = options
-      else
-        @query  = options[:query]
-        @record = options[:record]
-        @policy = options[:policy]
-
-        message = options.fetch(:message) do
-          record_name = record.is_a?(Class) ? record.to_s : "this #{record.class}"
-          "not allowed to #{policy.class}##{query} #{record_name}"
-        end
-      end
-
-      super(message)
-    end
-  end
-
-  # Error that will be raised if a policy or policy scope constructor is not called correctly.
-  class InvalidConstructorError < Error; end
-
-  # Error that will be raised if a controller action has not called the
-  # `authorize` or `skip_authorization` methods.
-  class AuthorizationNotPerformedError < Error; end
-
-  # Error that will be raised if a controller action has not called the
-  # `policy_scope` or `skip_policy_scope` methods.
-  class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
-
-  # Error that will be raised if a policy or policy scope is not defined.
-  class NotDefinedError < Error; end
-
   def self.included(base)
     location = caller_locations(1, 1).first
     warn <<~WARNING
@@ -70,10 +37,12 @@ module Pundit
   end
 
   class << self
-    # @see [Pundit::Context#authorize]
+    # @see Pundit::Context#authorize
+    # @since v1.0.0
     def authorize(user, record, query, policy_class: nil, cache: nil)
       context = if cache
-        Context.new(user: user, policy_cache: cache)
+        policy_cache = CacheStore::LegacyStore.new(cache)
+        Context.new(user: user, policy_cache: policy_cache)
       else
         Context.new(user: user)
       end
@@ -81,31 +50,28 @@ module Pundit
       context.authorize(record, query: query, policy_class: policy_class)
     end
 
-    # @see [Pundit::Context#policy_scope]
+    # @see Pundit::Context#policy_scope
+    # @since v0.1.0
     def policy_scope(user, *args, **kwargs, &block)
       Context.new(user: user).policy_scope(*args, **kwargs, &block)
     end
 
-    # @see [Pundit::Context#policy_scope!]
+    # @see Pundit::Context#policy_scope!
+    # @since v0.1.0
     def policy_scope!(user, *args, **kwargs, &block)
       Context.new(user: user).policy_scope!(*args, **kwargs, &block)
     end
 
-    # @see [Pundit::Context#policy]
+    # @see Pundit::Context#policy
+    # @since v0.1.0
     def policy(user, *args, **kwargs, &block)
       Context.new(user: user).policy(*args, **kwargs, &block)
     end
 
-    # @see [Pundit::Context#policy!]
+    # @see Pundit::Context#policy!
+    # @since v0.1.0
     def policy!(user, *args, **kwargs, &block)
       Context.new(user: user).policy!(*args, **kwargs, &block)
     end
   end
-
-  # @api private
-  module Helper
-    def policy_scope(scope)
-      pundit_policy_scope(scope)
-    end
-  end
 end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: pundit
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.5.1
 platform: ruby
 authors:
 - Jonas Nicklas
 - Varvet AB
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-26 00:00:00.000000000 Z
+date: 2025-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -25,146 +25,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.0.0
-- !ruby/object:Gem::Dependency
-  name: actionpack
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-- !ruby/object:Gem::Dependency
-  name: activemodel
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: railties
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.0.0
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.17.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.17.0
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: Object oriented authorization for Rails applications
 email:
 - jonas.nicklas@gmail.com
@@ -173,56 +33,43 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/ISSUE_TEMPLATE/bug_report.md"
-- ".github/ISSUE_TEMPLATE/feature_request.md"
-- ".github/PULL_REQUEST_TEMPLATE/gem_release_template.md"
-- ".github/pull_request_template.md"
-- ".github/workflows/main.yml"
-- ".github/workflows/push_gem.yml"
-- ".gitignore"
-- ".rubocop.yml"
-- ".yardopts"
 - CHANGELOG.md
-- CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - SECURITY.md
-- config/rubocop-rspec.yml
 - lib/generators/pundit/install/USAGE
 - lib/generators/pundit/install/install_generator.rb
-- lib/generators/pundit/install/templates/application_policy.rb
+- lib/generators/pundit/install/templates/application_policy.rb.tt
 - lib/generators/pundit/policy/USAGE
 - lib/generators/pundit/policy/policy_generator.rb
-- lib/generators/pundit/policy/templates/policy.rb
+- lib/generators/pundit/policy/templates/policy.rb.tt
 - lib/generators/rspec/policy_generator.rb
-- lib/generators/rspec/templates/policy_spec.rb
+- lib/generators/rspec/templates/policy_spec.rb.tt
 - lib/generators/test_unit/policy_generator.rb
-- lib/generators/test_unit/templates/policy_test.rb
+- lib/generators/test_unit/templates/policy_test.rb.tt
 - lib/pundit.rb
 - lib/pundit/authorization.rb
+- lib/pundit/cache_store.rb
 - lib/pundit/cache_store/legacy_store.rb
 - lib/pundit/cache_store/null_store.rb
 - lib/pundit/context.rb
+- lib/pundit/error.rb
+- lib/pundit/helper.rb
 - lib/pundit/policy_finder.rb
+- lib/pundit/railtie.rb
 - lib/pundit/rspec.rb
 - lib/pundit/version.rb
-- pundit.gemspec
-- spec/authorization_spec.rb
-- spec/dsl_spec.rb
-- spec/generators_spec.rb
-- spec/policies/post_policy_spec.rb
-- spec/policy_finder_spec.rb
-- spec/pundit_spec.rb
-- spec/spec_helper.rb
 homepage: https://github.com/varvet/pundit
 licenses:
 - MIT
 metadata:
   rubygems_mfa_required: 'true'
-post_install_message: 
+  bug_tracker_uri: https://github.com/varvet/pundit/issues
+  changelog_uri: https://github.com/varvet/pundit/blob/main/CHANGELOG.md
+  documentation_uri: https://github.com/varvet/pundit/blob/main/README.md
+  homepage_uri: https://github.com/varvet/pundit
+  source_code_uri: https://github.com/varvet/pundit
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -238,14 +85,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.5.11
-signing_key: 
+signing_key:
 specification_version: 4
 summary: OO authorization for Rails
-test_files:
-- spec/authorization_spec.rb
-- spec/dsl_spec.rb
-- spec/generators_spec.rb
-- spec/policies/post_policy_spec.rb
-- spec/policy_finder_spec.rb
-- spec/pundit_spec.rb
-- spec/spec_helper.rb
+test_files: []

data/.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,20 +0,0 @@
----
-name: Bug report
-about: Create a bug report to report a problem
-title: ''
-labels: problem
-assignees: ''
-
----
-
-**Describe the bug**
-A clear and concise description of what the bug is.
-
-**To Reproduce**
-Steps or runnable code to reproduce the problem.
-
-**Expected behavior**
-A clear and concise description of what you expected to happen.
-
-**Additional context**
-Add any other context about the problem here.

data/.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,26 +0,0 @@
----
-name: Feature request
-about: Suggest an idea
-title: ''
-labels: ['feature request']
-assignees: ''
----
-
-**Please consider**
-- Could this feature break backwards-compatibility?
-- Could this feature benefit the many who use Pundit?
-- Could this feature be useful in _most_ projects that use Pundit?
-- Would this feature require Rails?
-- Am I open to creating a Pull Request with the necessary changes?
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of how you'd like to approach solving the problem.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context. Ex. if you've solved this problem in your own projects already, how that worked, and why the feature should be moved and maintained in Pundit instead.

data/.github/PULL_REQUEST_TEMPLATE/gem_release_template.md

@@ -1,8 +0,0 @@
-## To do
-
-- [ ] Make changes:
-  - [ ] Bump `Pundit::VERSION` in `lib/pundit/version.rb`.
-  - [ ] Update `CHANGELOG.md`.
-- [ ] Open pull request 🚀 and merge it.
-- [ ] Run [push gem](https://github.com/varvet/pundit/actions/workflows/push_gem.yml) GitHub Action.
-- [ ] Make an announcement in [Pundit discussions](https://github.com/varvet/pundit/discussions/categories/announcements)

data/.github/pull_request_template.md

@@ -1,9 +0,0 @@
-## To do
-
-- [ ] I have read the [contributing guidelines](https://github.com/varvet/pundit/contribute).
-- [ ] I have added relevant tests.
-- [ ] I have adjusted relevant documentation.
-- [ ] I have made sure the individual commits are meaningful.
-- [ ] I have added relevant lines to the CHANGELOG.
-
-PS: Thank you for contributing to Pundit ❤️

data/.github/workflows/main.yml

@@ -1,112 +0,0 @@
-name: Main
-
-on:
-  push:
-    branches: [ "main" ]
-  pull_request:
-    branches: [ "main" ]
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-env:
-  CC_TEST_REPORTER_ID: "ac477089fe20ab4fc7e0d304cab75f72d73d58a7596d366935d18fcc7d51f8f9"
-
-  # `github.ref` points to the *merge commit* when running tests on a pull request, which will be a commit
-  # that doesn't exists in our code base. Since this workflow triggers from a PR, we use the HEAD SHA instead.
-  #
-  # NOTE: These are both used by Code Climate (cc-test-reporter).
-  GIT_COMMIT_SHA: ${{ github.event.pull_request.head.sha }}
-  GIT_BRANCH: ${{ github.head_ref }}
-
-jobs:
-  matrix-test:
-    runs-on: ubuntu-latest
-    continue-on-error: ${{ matrix.allow-failure || false }}
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby-version:
-          - '3.1'
-          - '3.2'
-          - '3.3'
-          - 'jruby-9.3.10' # oldest supported jruby
-          - 'jruby'
-        include: # HEAD-versions
-          - ruby-version: 'head'
-            allow-failure: true
-          - ruby-version: 'jruby-head'
-            allow-failure: true
-          - ruby-version: 'truffleruby-head'
-            allow-failure: true
-
-    steps:
-    - uses: actions/checkout@v4
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        rubygems: latest
-        ruby-version: ${{ matrix.ruby-version }}
-        bundler-cache: ${{ !startsWith(matrix.ruby-version, 'jruby') }}
-    - name: Bundler install (JRuby workaround)
-      if: ${{ startsWith(matrix.ruby-version, 'jruby') }}
-      run: |
-        gem install psych
-        bundle install
-    - name: Run tests
-      run: bundle exec rspec
-
-  test:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        rubygems: latest
-        ruby-version: 'ruby'
-        bundler-cache: true
-    - name: "Download cc-test-reporter from codeclimate.com"
-      run: |
-        curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
-        chmod +x ./cc-test-reporter
-    - name: "Report to Code Climate that we will send a coverage report."
-      run: ./cc-test-reporter before-build
-    - name: Run tests
-      run: bundle exec rspec
-      env:
-        COVERAGE: 1
-    - name: Upload code coverage to Code Climate
-      run: |
-        ./cc-test-reporter after-build \
-          --coverage-input-type simplecov \
-          ./coverage/.resultset.json
-
-  rubocop:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        rubygems: default
-        ruby-version: 'ruby'
-        bundler-cache: false
-    - run: bundle install
-    - name: Run RuboCop
-      run: bundle exec rubocop
-
-  required-checks:
-    runs-on: ubuntu-latest
-    if: ${{ always() }}
-    needs:
-      - test
-      - matrix-test
-      - rubocop
-    steps:
-      - name: failure
-        if: ${{ failure() || contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: success
-        run: exit 0

data/.github/workflows/push_gem.yml

@@ -1,33 +0,0 @@
-name: Push Gem
-
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  push:
-    if: github.repository == 'varvet/pundit'
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: write
-      id-token: write
-
-    steps:
-      # Set up
-      - name: Harden Runner
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0
-        with:
-          bundler-cache: true
-          ruby-version: ruby
-
-      # Release
-      - uses: rubygems/release-gem@612653d273a73bdae1df8453e090060bb4db5f31 # v1+ unreleased

data/.gitignore

@@ -1,19 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.coverage
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp
-bin

data/.rubocop.yml

@@ -1,63 +0,0 @@
-AllCops:
-  TargetRubyVersion: 3.1
-  Exclude:
-    - "lib/generators/**/templates/**/*"
-    <% `git status --ignored --porcelain`.lines.grep(/^!! /).each do |path| %>
-    - <%= path.sub(/^!! /, '').sub(/\/$/, '/**/*') %>
-    <% end %>
-  SuggestExtensions: false
-  NewCops: disable
-
-Metrics/BlockLength:
-  Exclude:
-    - "**/*_spec.rb"
-
-Metrics/MethodLength:
-  Max: 40
-
-Metrics/ModuleLength:
-  Max: 200
-  Exclude:
-    - "**/*_spec.rb"
-
-Layout/LineLength:
-  Max: 120
-
-Gemspec/RequiredRubyVersion:
- Enabled: false
-
-Layout/ParameterAlignment:
-  EnforcedStyle: with_fixed_indentation
-
-Layout/CaseIndentation:
-  EnforcedStyle: case
-  SupportedStyles:
-    - case
-    - end
-  IndentOneStep: true
-
-Layout/EndAlignment:
-  EnforcedStyleAlignWith: variable
-
-Style/PercentLiteralDelimiters:
-  PreferredDelimiters:
-    '%w': "[]"
-    '%W': "[]"
-
-Style/StringLiterals:
-  EnforcedStyle: double_quotes
-
-Style/StringLiteralsInInterpolation:
-  EnforcedStyle: double_quotes
-
-Style/StructInheritance:
-  Enabled: false
-
-Style/DoubleNegation:
-  Enabled: false
-
-Style/Documentation:
-  Enabled: false # TODO: Enable again once we have more docs
-
-Style/HashSyntax:
-  EnforcedShorthandSyntax: never

data/.yardopts

@@ -1 +0,0 @@
---api public --hide-void-return --markup markdown