pundit 2.0.0 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +5 -5
  2. data/.rubocop.yml +1 -1
  3. data/.travis.yml +4 -5
  4. data/CHANGELOG.md +20 -3
  5. data/LICENSE.txt +1 -1
  6. data/README.md +4 -0
  7. data/lib/generators/rspec/templates/policy_spec.rb +1 -1
  8. data/lib/pundit.rb +20 -8
  9. data/lib/pundit/version.rb +1 -1
  10. data/pundit.gemspec +1 -1
  11. data/spec/pundit_spec.rb +7 -0
  12. data/spec/spec_helper.rb +12 -0
  13. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA256:
3
- metadata.gz: 6b973703e2b1653c804d138fb24c204807e41885a81f5b172656d032d7c2a75a
4
- data.tar.gz: 01211cab222a4c16f274e041c074b2d2a1763a4943ab26b6dba938272297a48d
2
+ SHA1:
3
+ metadata.gz: dffd7b483c73feb3955b9f1eb6767d9fedb72eaf
4
+ data.tar.gz: 5de4a5628f75bfcd87879c52917634f1ddde7072
5
5
  SHA512:
6
- metadata.gz: 812528978ec4e8d3322af071c3ebd5b31f4123be449d3fe9bfea1e1fd2845704e0fee308d4cdd6e787636987b1d7a03527f8eae5fe5968483a1f4c5f751b40ef
7
- data.tar.gz: c433160a559102336b9a268ec1311a47e8f54e427ad8618b048634435259612a92d9b9187fefb6d7cc4a1ce5576a37f3e51b7adad1e3773d21c2bb6e9827c26f
6
+ metadata.gz: f21abdc81639b1d05209f1dfc71579294ba5226372493936ea9e6cfc2cc356e620223042f9f58679a2bb276dabab3f81e793a22d4b6e4bb69ef7edb467d399c1
7
+ data.tar.gz: fe50e431d42e21e415ad361a1a0f536373e4a90b6f0631321dce3ba1b8e804c13b3e1d44f0446b3b1e71c68dbd868b5881b7bbaf6367e69b92bf23acf34a1022
data/.rubocop.yml CHANGED
@@ -1,6 +1,6 @@
1
1
  AllCops:
2
2
  DisplayCopNames: true
3
- TargetRubyVersion: 2.1
3
+ TargetRubyVersion: 2.2
4
4
  Exclude:
5
5
  - "gemfiles/**/*"
6
6
  - "vendor/**/*"
data/.travis.yml CHANGED
@@ -1,21 +1,20 @@
1
1
  language: ruby
2
- sudo: false
3
2
  before_install:
4
- - gem update --system
5
- - gem install bundler
3
+ - gem install bundler -v 1.17.3
6
4
 
7
5
  matrix:
8
6
  include:
9
7
  - rvm: 2.5.1
10
8
  script: bundle exec rake rubocop # ONLY lint once, first
11
9
  - rvm: 2.1
12
- - rvm: 2.2.8
10
+ - rvm: 2.2
13
11
  - rvm: 2.3.5
14
12
  - rvm: 2.4.2
15
13
  - rvm: 2.5.1
14
+ - rvm: 2.6.0
16
15
  - rvm: jruby-9.1.8.0
17
16
  env:
18
17
  - JRUBY_OPTS="--debug"
19
- - rvm: jruby-9.2.0.0
18
+ - rvm: jruby-9.2.5.0
20
19
  env:
21
20
  - JRUBY_OPTS="--debug"
data/CHANGELOG.md CHANGED
@@ -1,21 +1,38 @@
1
1
  # Pundit
2
2
 
3
+ ## 2.0.1 (2019-01-18)
4
+
5
+ ### Breaking changes
6
+
7
+ None
8
+
9
+ ### Other changes
10
+
11
+ - Improve exception handling for `#policy_scope` and `#policy_scope!`. (#550)
12
+ - Add `:policy` metadata to RSpec template. (#566)
13
+
3
14
  ## 2.0.0 (2018-07-21)
4
15
 
5
16
  No changes since beta1
6
17
 
7
18
  ## 2.0.0.beta1 (2018-07-04)
8
19
 
20
+ ### Breaking changes
21
+
22
+ - Only pass last element of "namespace array" to policy and scope. (#529)
23
+ - Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
24
+ - Return passed object from `#authorize` method to make chaining possible. (#385)
25
+
26
+ ### Other changes
27
+
9
28
  - Add `policy_class` option to `authorize` to be able to override the policy. (#441)
10
29
  - Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
11
30
  - Fix `param_key` issue when passed an array. (#529)
12
- - Only pass last element of "namespace array" to policy and scope. (#529)
13
31
  - Allow specification of a `NilClassPolicy`. (#525)
14
32
  - Make sure `policy_class` override is called when passed an array. (#475)
15
- - Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
33
+
16
34
  - Use `action_name` instead of `params[:action]`. (#419)
17
35
  - Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
18
- - Return passed object from `#authorize` method to make chaining possible. (#385)
19
36
 
20
37
  ## 1.1.0 (2016-01-14)
21
38
 
data/LICENSE.txt CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2012 Jonas Nicklas, Elabs AB
1
+ Copyright (c) 2018 Jonas Nicklas, Varvet AB
2
2
 
3
3
  MIT License
4
4
 
data/README.md CHANGED
@@ -195,6 +195,10 @@ class DashboardPolicy < Struct.new(:user, :dashboard)
195
195
  end
196
196
  ```
197
197
 
198
+ Note that the headless policy still needs to accept two arguments. The
199
+ second argument will just be the symbol `:dashboard` in this case which
200
+ is what is passed as the record to `authorize` below.
201
+
198
202
  ```ruby
199
203
  # In controllers
200
204
  authorize :dashboard, :show?
data/lib/generators/rspec/templates/policy_spec.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require '<%= File.exists?('spec/rails_helper.rb') ? 'rails_helper' : 'spec_helper' %>'
2
2
 
3
- RSpec.describe <%= class_name %>Policy do
3
+ RSpec.describe <%= class_name %>Policy, type: :policy do
4
4
  let(:user) { User.new }
5
5
 
6
6
  subject { described_class }
data/lib/pundit.rb CHANGED
@@ -80,10 +80,16 @@ module Pundit
80
80
  # @raise [InvalidConstructorError] if the policy constructor called incorrectly
81
81
  # @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope
82
82
  def policy_scope(user, scope)
83
- policy_scope = PolicyFinder.new(scope).scope
84
- policy_scope.new(user, pundit_model(scope)).resolve if policy_scope
85
- rescue ArgumentError
86
- raise InvalidConstructorError, "Invalid #<#{policy_scope}> constructor is called"
83
+ policy_scope_class = PolicyFinder.new(scope).scope
84
+ return unless policy_scope_class
85
+
86
+ begin
87
+ policy_scope = policy_scope_class.new(user, pundit_model(scope))
88
+ rescue ArgumentError
89
+ raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
90
+ end
91
+
92
+ policy_scope.resolve
87
93
  end
88
94
 
89
95
  # Retrieves the policy scope for the given record.
@@ -95,10 +101,16 @@ module Pundit
95
101
  # @raise [InvalidConstructorError] if the policy constructor called incorrectly
96
102
  # @return [Scope{#resolve}] instance of scope class which can resolve to a scope
97
103
  def policy_scope!(user, scope)
98
- policy_scope = PolicyFinder.new(scope).scope!
99
- policy_scope.new(user, pundit_model(scope)).resolve
100
- rescue ArgumentError
101
- raise InvalidConstructorError, "Invalid #<#{policy_scope}> constructor is called"
104
+ policy_scope_class = PolicyFinder.new(scope).scope!
105
+ return unless policy_scope_class
106
+
107
+ begin
108
+ policy_scope = policy_scope_class.new(user, pundit_model(scope))
109
+ rescue ArgumentError
110
+ raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
111
+ end
112
+
113
+ policy_scope.resolve
102
114
  end
103
115
 
104
116
  # Retrieves the policy for the given record.
data/lib/pundit/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Pundit
4
- VERSION = "2.0.0".freeze
4
+ VERSION = "2.0.1".freeze
5
5
  end
data/pundit.gemspec CHANGED
@@ -5,7 +5,7 @@ require "pundit/version"
5
5
  Gem::Specification.new do |gem|
6
6
  gem.name = "pundit"
7
7
  gem.version = Pundit::VERSION
8
- gem.authors = ["Jonas Nicklas", "Elabs AB"]
8
+ gem.authors = ["Jonas Nicklas", "Varvet AB"]
9
9
  gem.email = ["jonas.nicklas@gmail.com", "dev@elabs.se"]
10
10
  gem.description = "Object oriented authorization for Rails applications"
11
11
  gem.summary = "OO authorization for Rails"
data/spec/pundit_spec.rb CHANGED
@@ -16,6 +16,7 @@ describe Pundit do
16
16
  let(:tag_four_five_six) { ProjectOneTwoThree::TagFourFiveSix.new(user) }
17
17
  let(:avatar_four_five_six) { ProjectOneTwoThree::AvatarFourFiveSix.new }
18
18
  let(:wiki) { Wiki.new }
19
+ let(:thread) { Thread.new }
19
20
 
20
21
  describe ".authorize" do
21
22
  it "infers the policy and authorizes based on it" do
@@ -88,6 +89,12 @@ describe Pundit do
88
89
  Pundit.policy_scope(user, Wiki)
89
90
  end.to raise_error(Pundit::InvalidConstructorError, "Invalid #<WikiPolicy::Scope> constructor is called")
90
91
  end
92
+
93
+ it "raises an original error with a policy scope that contains error" do
94
+ expect do
95
+ Pundit.policy_scope(user, Thread)
96
+ end.to raise_error(ArgumentError)
97
+ end
91
98
  end
92
99
 
93
100
  describe ".policy_scope!" do
data/spec/spec_helper.rb CHANGED
@@ -236,6 +236,18 @@ class WikiPolicy
236
236
  end
237
237
  end
238
238
 
239
+ class Thread
240
+ def self.all; end
241
+ end
242
+ class ThreadPolicy < Struct.new(:user, :thread)
243
+ class Scope < Struct.new(:user, :scope)
244
+ def resolve
245
+ # deliberate wrong useage of the method
246
+ scope.all(:unvalid, :parameters)
247
+ end
248
+ end
249
+ end
250
+
239
251
  class PostFourFiveSix < Struct.new(:user); end
240
252
 
241
253
  class CommentFourFiveSix; extend ActiveModel::Naming; end
metadata CHANGED
@@ -1,15 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pundit
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonas Nicklas
8
- - Elabs AB
8
+ - Varvet AB
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2018-07-21 00:00:00.000000000 Z
12
+ date: 2019-01-18 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -83,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
83
83
  version: '0'
84
84
  requirements: []
85
85
  rubyforge_project:
86
- rubygems_version: 2.7.6
86
+ rubygems_version: 2.5.2
87
87
  signing_key:
88
88
  specification_version: 4
89
89
  summary: OO authorization for Rails