pundit 2.0.0 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.rubocop.yml +1 -1
- data/.travis.yml +4 -5
- data/CHANGELOG.md +20 -3
- data/LICENSE.txt +1 -1
- data/README.md +4 -0
- data/lib/generators/rspec/templates/policy_spec.rb +1 -1
- data/lib/pundit.rb +20 -8
- data/lib/pundit/version.rb +1 -1
- data/pundit.gemspec +1 -1
- data/spec/pundit_spec.rb +7 -0
- data/spec/spec_helper.rb +12 -0
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: dffd7b483c73feb3955b9f1eb6767d9fedb72eaf
|
4
|
+
data.tar.gz: 5de4a5628f75bfcd87879c52917634f1ddde7072
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f21abdc81639b1d05209f1dfc71579294ba5226372493936ea9e6cfc2cc356e620223042f9f58679a2bb276dabab3f81e793a22d4b6e4bb69ef7edb467d399c1
|
7
|
+
data.tar.gz: fe50e431d42e21e415ad361a1a0f536373e4a90b6f0631321dce3ba1b8e804c13b3e1d44f0446b3b1e71c68dbd868b5881b7bbaf6367e69b92bf23acf34a1022
|
data/.rubocop.yml
CHANGED
data/.travis.yml
CHANGED
@@ -1,21 +1,20 @@
|
|
1
1
|
language: ruby
|
2
|
-
sudo: false
|
3
2
|
before_install:
|
4
|
-
- gem
|
5
|
-
- gem install bundler
|
3
|
+
- gem install bundler -v 1.17.3
|
6
4
|
|
7
5
|
matrix:
|
8
6
|
include:
|
9
7
|
- rvm: 2.5.1
|
10
8
|
script: bundle exec rake rubocop # ONLY lint once, first
|
11
9
|
- rvm: 2.1
|
12
|
-
- rvm: 2.2
|
10
|
+
- rvm: 2.2
|
13
11
|
- rvm: 2.3.5
|
14
12
|
- rvm: 2.4.2
|
15
13
|
- rvm: 2.5.1
|
14
|
+
- rvm: 2.6.0
|
16
15
|
- rvm: jruby-9.1.8.0
|
17
16
|
env:
|
18
17
|
- JRUBY_OPTS="--debug"
|
19
|
-
- rvm: jruby-9.2.
|
18
|
+
- rvm: jruby-9.2.5.0
|
20
19
|
env:
|
21
20
|
- JRUBY_OPTS="--debug"
|
data/CHANGELOG.md
CHANGED
@@ -1,21 +1,38 @@
|
|
1
1
|
# Pundit
|
2
2
|
|
3
|
+
## 2.0.1 (2019-01-18)
|
4
|
+
|
5
|
+
### Breaking changes
|
6
|
+
|
7
|
+
None
|
8
|
+
|
9
|
+
### Other changes
|
10
|
+
|
11
|
+
- Improve exception handling for `#policy_scope` and `#policy_scope!`. (#550)
|
12
|
+
- Add `:policy` metadata to RSpec template. (#566)
|
13
|
+
|
3
14
|
## 2.0.0 (2018-07-21)
|
4
15
|
|
5
16
|
No changes since beta1
|
6
17
|
|
7
18
|
## 2.0.0.beta1 (2018-07-04)
|
8
19
|
|
20
|
+
### Breaking changes
|
21
|
+
|
22
|
+
- Only pass last element of "namespace array" to policy and scope. (#529)
|
23
|
+
- Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
|
24
|
+
- Return passed object from `#authorize` method to make chaining possible. (#385)
|
25
|
+
|
26
|
+
### Other changes
|
27
|
+
|
9
28
|
- Add `policy_class` option to `authorize` to be able to override the policy. (#441)
|
10
29
|
- Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
|
11
30
|
- Fix `param_key` issue when passed an array. (#529)
|
12
|
-
- Only pass last element of "namespace array" to policy and scope. (#529)
|
13
31
|
- Allow specification of a `NilClassPolicy`. (#525)
|
14
32
|
- Make sure `policy_class` override is called when passed an array. (#475)
|
15
|
-
|
33
|
+
|
16
34
|
- Use `action_name` instead of `params[:action]`. (#419)
|
17
35
|
- Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
|
18
|
-
- Return passed object from `#authorize` method to make chaining possible. (#385)
|
19
36
|
|
20
37
|
## 1.1.0 (2016-01-14)
|
21
38
|
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -195,6 +195,10 @@ class DashboardPolicy < Struct.new(:user, :dashboard)
|
|
195
195
|
end
|
196
196
|
```
|
197
197
|
|
198
|
+
Note that the headless policy still needs to accept two arguments. The
|
199
|
+
second argument will just be the symbol `:dashboard` in this case which
|
200
|
+
is what is passed as the record to `authorize` below.
|
201
|
+
|
198
202
|
```ruby
|
199
203
|
# In controllers
|
200
204
|
authorize :dashboard, :show?
|
data/lib/pundit.rb
CHANGED
@@ -80,10 +80,16 @@ module Pundit
|
|
80
80
|
# @raise [InvalidConstructorError] if the policy constructor called incorrectly
|
81
81
|
# @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope
|
82
82
|
def policy_scope(user, scope)
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
83
|
+
policy_scope_class = PolicyFinder.new(scope).scope
|
84
|
+
return unless policy_scope_class
|
85
|
+
|
86
|
+
begin
|
87
|
+
policy_scope = policy_scope_class.new(user, pundit_model(scope))
|
88
|
+
rescue ArgumentError
|
89
|
+
raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
|
90
|
+
end
|
91
|
+
|
92
|
+
policy_scope.resolve
|
87
93
|
end
|
88
94
|
|
89
95
|
# Retrieves the policy scope for the given record.
|
@@ -95,10 +101,16 @@ module Pundit
|
|
95
101
|
# @raise [InvalidConstructorError] if the policy constructor called incorrectly
|
96
102
|
# @return [Scope{#resolve}] instance of scope class which can resolve to a scope
|
97
103
|
def policy_scope!(user, scope)
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
104
|
+
policy_scope_class = PolicyFinder.new(scope).scope!
|
105
|
+
return unless policy_scope_class
|
106
|
+
|
107
|
+
begin
|
108
|
+
policy_scope = policy_scope_class.new(user, pundit_model(scope))
|
109
|
+
rescue ArgumentError
|
110
|
+
raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
|
111
|
+
end
|
112
|
+
|
113
|
+
policy_scope.resolve
|
102
114
|
end
|
103
115
|
|
104
116
|
# Retrieves the policy for the given record.
|
data/lib/pundit/version.rb
CHANGED
data/pundit.gemspec
CHANGED
@@ -5,7 +5,7 @@ require "pundit/version"
|
|
5
5
|
Gem::Specification.new do |gem|
|
6
6
|
gem.name = "pundit"
|
7
7
|
gem.version = Pundit::VERSION
|
8
|
-
gem.authors = ["Jonas Nicklas", "
|
8
|
+
gem.authors = ["Jonas Nicklas", "Varvet AB"]
|
9
9
|
gem.email = ["jonas.nicklas@gmail.com", "dev@elabs.se"]
|
10
10
|
gem.description = "Object oriented authorization for Rails applications"
|
11
11
|
gem.summary = "OO authorization for Rails"
|
data/spec/pundit_spec.rb
CHANGED
@@ -16,6 +16,7 @@ describe Pundit do
|
|
16
16
|
let(:tag_four_five_six) { ProjectOneTwoThree::TagFourFiveSix.new(user) }
|
17
17
|
let(:avatar_four_five_six) { ProjectOneTwoThree::AvatarFourFiveSix.new }
|
18
18
|
let(:wiki) { Wiki.new }
|
19
|
+
let(:thread) { Thread.new }
|
19
20
|
|
20
21
|
describe ".authorize" do
|
21
22
|
it "infers the policy and authorizes based on it" do
|
@@ -88,6 +89,12 @@ describe Pundit do
|
|
88
89
|
Pundit.policy_scope(user, Wiki)
|
89
90
|
end.to raise_error(Pundit::InvalidConstructorError, "Invalid #<WikiPolicy::Scope> constructor is called")
|
90
91
|
end
|
92
|
+
|
93
|
+
it "raises an original error with a policy scope that contains error" do
|
94
|
+
expect do
|
95
|
+
Pundit.policy_scope(user, Thread)
|
96
|
+
end.to raise_error(ArgumentError)
|
97
|
+
end
|
91
98
|
end
|
92
99
|
|
93
100
|
describe ".policy_scope!" do
|
data/spec/spec_helper.rb
CHANGED
@@ -236,6 +236,18 @@ class WikiPolicy
|
|
236
236
|
end
|
237
237
|
end
|
238
238
|
|
239
|
+
class Thread
|
240
|
+
def self.all; end
|
241
|
+
end
|
242
|
+
class ThreadPolicy < Struct.new(:user, :thread)
|
243
|
+
class Scope < Struct.new(:user, :scope)
|
244
|
+
def resolve
|
245
|
+
# deliberate wrong useage of the method
|
246
|
+
scope.all(:unvalid, :parameters)
|
247
|
+
end
|
248
|
+
end
|
249
|
+
end
|
250
|
+
|
239
251
|
class PostFourFiveSix < Struct.new(:user); end
|
240
252
|
|
241
253
|
class CommentFourFiveSix; extend ActiveModel::Naming; end
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pundit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonas Nicklas
|
8
|
-
-
|
8
|
+
- Varvet AB
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2019-01-18 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
@@ -83,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
83
83
|
version: '0'
|
84
84
|
requirements: []
|
85
85
|
rubyforge_project:
|
86
|
-
rubygems_version: 2.
|
86
|
+
rubygems_version: 2.5.2
|
87
87
|
signing_key:
|
88
88
|
specification_version: 4
|
89
89
|
summary: OO authorization for Rails
|