pundit 2.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.rubocop.yml +1 -1
- data/.travis.yml +4 -5
- data/CHANGELOG.md +20 -3
- data/LICENSE.txt +1 -1
- data/README.md +4 -0
- data/lib/generators/rspec/templates/policy_spec.rb +1 -1
- data/lib/pundit.rb +20 -8
- data/lib/pundit/version.rb +1 -1
- data/pundit.gemspec +1 -1
- data/spec/pundit_spec.rb +7 -0
- data/spec/spec_helper.rb +12 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: dffd7b483c73feb3955b9f1eb6767d9fedb72eaf
|
|
4
|
+
data.tar.gz: 5de4a5628f75bfcd87879c52917634f1ddde7072
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f21abdc81639b1d05209f1dfc71579294ba5226372493936ea9e6cfc2cc356e620223042f9f58679a2bb276dabab3f81e793a22d4b6e4bb69ef7edb467d399c1
|
|
7
|
+
data.tar.gz: fe50e431d42e21e415ad361a1a0f536373e4a90b6f0631321dce3ba1b8e804c13b3e1d44f0446b3b1e71c68dbd868b5881b7bbaf6367e69b92bf23acf34a1022
|
data/.rubocop.yml
CHANGED
data/.travis.yml
CHANGED
|
@@ -1,21 +1,20 @@
|
|
|
1
1
|
language: ruby
|
|
2
|
-
sudo: false
|
|
3
2
|
before_install:
|
|
4
|
-
- gem
|
|
5
|
-
- gem install bundler
|
|
3
|
+
- gem install bundler -v 1.17.3
|
|
6
4
|
|
|
7
5
|
matrix:
|
|
8
6
|
include:
|
|
9
7
|
- rvm: 2.5.1
|
|
10
8
|
script: bundle exec rake rubocop # ONLY lint once, first
|
|
11
9
|
- rvm: 2.1
|
|
12
|
-
- rvm: 2.2
|
|
10
|
+
- rvm: 2.2
|
|
13
11
|
- rvm: 2.3.5
|
|
14
12
|
- rvm: 2.4.2
|
|
15
13
|
- rvm: 2.5.1
|
|
14
|
+
- rvm: 2.6.0
|
|
16
15
|
- rvm: jruby-9.1.8.0
|
|
17
16
|
env:
|
|
18
17
|
- JRUBY_OPTS="--debug"
|
|
19
|
-
- rvm: jruby-9.2.
|
|
18
|
+
- rvm: jruby-9.2.5.0
|
|
20
19
|
env:
|
|
21
20
|
- JRUBY_OPTS="--debug"
|
data/CHANGELOG.md
CHANGED
|
@@ -1,21 +1,38 @@
|
|
|
1
1
|
# Pundit
|
|
2
2
|
|
|
3
|
+
## 2.0.1 (2019-01-18)
|
|
4
|
+
|
|
5
|
+
### Breaking changes
|
|
6
|
+
|
|
7
|
+
None
|
|
8
|
+
|
|
9
|
+
### Other changes
|
|
10
|
+
|
|
11
|
+
- Improve exception handling for `#policy_scope` and `#policy_scope!`. (#550)
|
|
12
|
+
- Add `:policy` metadata to RSpec template. (#566)
|
|
13
|
+
|
|
3
14
|
## 2.0.0 (2018-07-21)
|
|
4
15
|
|
|
5
16
|
No changes since beta1
|
|
6
17
|
|
|
7
18
|
## 2.0.0.beta1 (2018-07-04)
|
|
8
19
|
|
|
20
|
+
### Breaking changes
|
|
21
|
+
|
|
22
|
+
- Only pass last element of "namespace array" to policy and scope. (#529)
|
|
23
|
+
- Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
|
|
24
|
+
- Return passed object from `#authorize` method to make chaining possible. (#385)
|
|
25
|
+
|
|
26
|
+
### Other changes
|
|
27
|
+
|
|
9
28
|
- Add `policy_class` option to `authorize` to be able to override the policy. (#441)
|
|
10
29
|
- Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
|
|
11
30
|
- Fix `param_key` issue when passed an array. (#529)
|
|
12
|
-
- Only pass last element of "namespace array" to policy and scope. (#529)
|
|
13
31
|
- Allow specification of a `NilClassPolicy`. (#525)
|
|
14
32
|
- Make sure `policy_class` override is called when passed an array. (#475)
|
|
15
|
-
|
|
33
|
+
|
|
16
34
|
- Use `action_name` instead of `params[:action]`. (#419)
|
|
17
35
|
- Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
|
|
18
|
-
- Return passed object from `#authorize` method to make chaining possible. (#385)
|
|
19
36
|
|
|
20
37
|
## 1.1.0 (2016-01-14)
|
|
21
38
|
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -195,6 +195,10 @@ class DashboardPolicy < Struct.new(:user, :dashboard)
|
|
|
195
195
|
end
|
|
196
196
|
```
|
|
197
197
|
|
|
198
|
+
Note that the headless policy still needs to accept two arguments. The
|
|
199
|
+
second argument will just be the symbol `:dashboard` in this case which
|
|
200
|
+
is what is passed as the record to `authorize` below.
|
|
201
|
+
|
|
198
202
|
```ruby
|
|
199
203
|
# In controllers
|
|
200
204
|
authorize :dashboard, :show?
|
data/lib/pundit.rb
CHANGED
|
@@ -80,10 +80,16 @@ module Pundit
|
|
|
80
80
|
# @raise [InvalidConstructorError] if the policy constructor called incorrectly
|
|
81
81
|
# @return [Scope{#resolve}, nil] instance of scope class which can resolve to a scope
|
|
82
82
|
def policy_scope(user, scope)
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
83
|
+
policy_scope_class = PolicyFinder.new(scope).scope
|
|
84
|
+
return unless policy_scope_class
|
|
85
|
+
|
|
86
|
+
begin
|
|
87
|
+
policy_scope = policy_scope_class.new(user, pundit_model(scope))
|
|
88
|
+
rescue ArgumentError
|
|
89
|
+
raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
policy_scope.resolve
|
|
87
93
|
end
|
|
88
94
|
|
|
89
95
|
# Retrieves the policy scope for the given record.
|
|
@@ -95,10 +101,16 @@ module Pundit
|
|
|
95
101
|
# @raise [InvalidConstructorError] if the policy constructor called incorrectly
|
|
96
102
|
# @return [Scope{#resolve}] instance of scope class which can resolve to a scope
|
|
97
103
|
def policy_scope!(user, scope)
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
104
|
+
policy_scope_class = PolicyFinder.new(scope).scope!
|
|
105
|
+
return unless policy_scope_class
|
|
106
|
+
|
|
107
|
+
begin
|
|
108
|
+
policy_scope = policy_scope_class.new(user, pundit_model(scope))
|
|
109
|
+
rescue ArgumentError
|
|
110
|
+
raise InvalidConstructorError, "Invalid #<#{policy_scope_class}> constructor is called"
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
policy_scope.resolve
|
|
102
114
|
end
|
|
103
115
|
|
|
104
116
|
# Retrieves the policy for the given record.
|
data/lib/pundit/version.rb
CHANGED
data/pundit.gemspec
CHANGED
|
@@ -5,7 +5,7 @@ require "pundit/version"
|
|
|
5
5
|
Gem::Specification.new do |gem|
|
|
6
6
|
gem.name = "pundit"
|
|
7
7
|
gem.version = Pundit::VERSION
|
|
8
|
-
gem.authors = ["Jonas Nicklas", "
|
|
8
|
+
gem.authors = ["Jonas Nicklas", "Varvet AB"]
|
|
9
9
|
gem.email = ["jonas.nicklas@gmail.com", "dev@elabs.se"]
|
|
10
10
|
gem.description = "Object oriented authorization for Rails applications"
|
|
11
11
|
gem.summary = "OO authorization for Rails"
|
data/spec/pundit_spec.rb
CHANGED
|
@@ -16,6 +16,7 @@ describe Pundit do
|
|
|
16
16
|
let(:tag_four_five_six) { ProjectOneTwoThree::TagFourFiveSix.new(user) }
|
|
17
17
|
let(:avatar_four_five_six) { ProjectOneTwoThree::AvatarFourFiveSix.new }
|
|
18
18
|
let(:wiki) { Wiki.new }
|
|
19
|
+
let(:thread) { Thread.new }
|
|
19
20
|
|
|
20
21
|
describe ".authorize" do
|
|
21
22
|
it "infers the policy and authorizes based on it" do
|
|
@@ -88,6 +89,12 @@ describe Pundit do
|
|
|
88
89
|
Pundit.policy_scope(user, Wiki)
|
|
89
90
|
end.to raise_error(Pundit::InvalidConstructorError, "Invalid #<WikiPolicy::Scope> constructor is called")
|
|
90
91
|
end
|
|
92
|
+
|
|
93
|
+
it "raises an original error with a policy scope that contains error" do
|
|
94
|
+
expect do
|
|
95
|
+
Pundit.policy_scope(user, Thread)
|
|
96
|
+
end.to raise_error(ArgumentError)
|
|
97
|
+
end
|
|
91
98
|
end
|
|
92
99
|
|
|
93
100
|
describe ".policy_scope!" do
|
data/spec/spec_helper.rb
CHANGED
|
@@ -236,6 +236,18 @@ class WikiPolicy
|
|
|
236
236
|
end
|
|
237
237
|
end
|
|
238
238
|
|
|
239
|
+
class Thread
|
|
240
|
+
def self.all; end
|
|
241
|
+
end
|
|
242
|
+
class ThreadPolicy < Struct.new(:user, :thread)
|
|
243
|
+
class Scope < Struct.new(:user, :scope)
|
|
244
|
+
def resolve
|
|
245
|
+
# deliberate wrong useage of the method
|
|
246
|
+
scope.all(:unvalid, :parameters)
|
|
247
|
+
end
|
|
248
|
+
end
|
|
249
|
+
end
|
|
250
|
+
|
|
239
251
|
class PostFourFiveSix < Struct.new(:user); end
|
|
240
252
|
|
|
241
253
|
class CommentFourFiveSix; extend ActiveModel::Naming; end
|
metadata
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pundit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonas Nicklas
|
|
8
|
-
-
|
|
8
|
+
- Varvet AB
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2019-01-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
@@ -83,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
83
83
|
version: '0'
|
|
84
84
|
requirements: []
|
|
85
85
|
rubyforge_project:
|
|
86
|
-
rubygems_version: 2.
|
|
86
|
+
rubygems_version: 2.5.2
|
|
87
87
|
signing_key:
|
|
88
88
|
specification_version: 4
|
|
89
89
|
summary: OO authorization for Rails
|