pundit_can 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6a70b76f365ad9d949e7db20d9fd1eebc689915d18c835801fb2078d98628b3b
+  data.tar.gz: b30f0f0ce6095d46818f7d47bbe3f95b8e7df58664929d0aa1e1e4a93122ab7e
+SHA512:
+  metadata.gz: a96f83508916a9650fe4f14c24f0ff13d0d730cf14558e764070da4ec1eaf215c4ef1e06a91adaf09f0d013fb9e07193243a080b9bc737ea3e48dbcc866ed3c8
+  data.tar.gz: e755108ea59470ed01e17a81a8522657b787032c8a2c7fe50459f1353389f47ba9aa2700f6517ee094788a90771e0777fe630fa3f4d5a375edd7b37af8419758

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2023 candland
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,102 @@
+# PunditCan
+
+[Pundit](https://github.com/varvet/pundit) with [cancan](https://github.com/CanCanCommunity/cancancan)
+style load_and_authorize functionality.
+
+## Usage
+
+Include `PunditCan::LoadAndAuthorize` into `ApplicationController` or in each controller.
+
+Call `load_resource` in the controller to load and authorize the resource.
+
+```ruby
+class UsersController < ApplicationController
+  load_resource
+end
+```
+
+This will load `@user` from `User` using the `UserPolicy` to authorize and scope the loading.
+
+### Advanced usage
+
+There is support for loading multiple models. However, there isn't a `:through` option, like cancan,
+instead loading still goes through Pundit scopes.
+
+There are options to customize the loaded instance_name, model, and policy classes.
+
+#### Parent / nested
+
+This is a example of loading User and Posts.
+```ruby
+class PostsController < ApplicationController
+  load_resource model_class: User, parent: true
+  load_resource
+
+  ...
+end
+```
+
+That will load `@user` from the `UserPolicy` into a `User` class, using `:user_id` to find the user.
+And it will lost `@post` or `@posts` using the `PostPolicy` with the `:id` param.
+
+#### Customized loading
+
+You can customize the loading for cases when the model, controller, and policies don't match up name-wise.
+```ruby
+class MisMatchedController < ApplicationController
+  load_resource instance_name: :special_user,
+    model_class: User,
+    policy_class: SpecialUserPolicy,
+    policy_scope_class: SpecialUserPolicy::Scope
+
+  ...
+
+  # Pundit method to override the model param key
+  def pundit_params_for(record)
+    params.require(:special_user)
+  end
+end
+```
+
+This will set `@special_user` with the `User` class, using the `SpecialUserPolicy` and
+`SpecialUserPolicy::Scope` classes to authorize and scope the loading.
+
+#### Skiping checks
+
+By default, `verify_authorized` and `verify_policy_scoped` after actions are setup. If
+you need to skip those for an action, there are `skip_authorized_check` and `skip_scoped_check`
+methods to skip the verify actions for the given actions.
+
+```ruby
+class SkipsController < ApplicationController
+  skip_authorized_check :index, :show
+  skip_scoped_check :index, :show
+
+  ...
+end
+```
+
+## Installation
+
+Add this line to your application's Gemfile:
+```ruby
+gem "pundit_can"
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install pundit_can
+```
+
+## Contributing
+
+Contribution directions go here.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,3 @@
+require "bundler/setup"
+
+require "bundler/gem_tasks"

data/lib/pundit_can/load_and_authorize.rb

@@ -0,0 +1,145 @@
+require "pundit"
+
+module PunditCan
+  module LoadAndAuthorize
+    extend ActiveSupport::Concern
+    include Pundit::Authorization
+
+    included do
+      after_action :verify_authorized, unless: -> { respond_to?(:devise_controller?) && devise_controller? }
+      after_action :verify_policy_scoped, except: [:new, :create], unless: -> { respond_to?(:devise_controller?) && devise_controller? }
+    end
+
+    class_methods do
+      # skip_authorized_check
+      #
+      # Skip the +verify_authorized+ after action for the provided actions
+      #
+      # @example
+      #
+      #   skip_authorized_check :new, :edit
+      #
+      # @param [*Symbol] actions
+      #
+      def skip_authorized_check *actions
+        if actions.any?
+          skip_after_action :verify_authorized, only: actions
+        end
+      end
+
+      # skip_scoped_check
+      #
+      # Skip the +verify_policy_scoped+ after action for the provided actions
+      #
+      # @example
+      #
+      #   skip_scoped_check :new, :edit
+      #
+      # @param [*Symbol] actions
+      #
+      def skip_scoped_check *actions
+        if actions.any?
+          skip_after_action :verify_policy_scoped, only: actions
+        end
+      end
+
+      # load_resource
+      #
+      # @example
+      #
+      #   load_resource
+      #
+      # @example
+      #
+      #   load_resource instance_name: :user, model_class: User, param_key: :user_id, parent: true
+      #
+      # @param [String] instance_name Optional. Defaults from the +model_class+ if
+      # provided, otherwise from the controller name.
+      #
+      # @param [Constant] model_class Optional. Tries to create model from the controller name when missing.
+      #
+      # @param [String] param_key Optional. The key for the Id in params. Defaults to +:id+, otherwise tries
+      # to guess from the +instance_name+ or +model_class+.
+      #
+      # @param [Boolean] parent Optional. Changes the loading for parent classes. Default +false+
+      #
+      # @param [Constant] policy_class Optional. The policy class to use. Defaults from controller name.
+      #
+      # @param [Constant] policy_scope_class Optional. The policy scope class to use. Defaults from controller name.
+      #
+      def load_resource **options
+        before_action(**options.extract!(:only, :except, :if, :unless)) do
+          load_scoped(**options)
+        end
+      end
+    end
+
+    private
+
+    def resource_class_name
+      self.class.name[0..-11].singularize.demodulize
+    end
+
+    def load_scoped **options
+      model_class = options[:model_class] || resource_class_name.demodulize.constantize
+      instance_name = (options[:instance_name] || model_instance_name(options) || resource_class_name.underscore).to_s
+      param_key = get_param_key(options, instance_name, model_class)
+
+      loaded = if options[:parent]
+        load_parent_instance_var(model_class, param_key, options.extract!(:policy_class), options.extract!(:policy_scope_class))
+      else
+        load_instance_var(model_class, param_key, options.extract!(:policy_class), options.extract!(:policy_scope_class))
+      end
+
+      instance_name = instance_name.pluralize unless loaded.is_a?(model_class)
+      instance_variable_set("@#{instance_name}", loaded)
+    end
+
+    def get_param_key options, instance_name, model_class
+      if options[:parent]
+        options.fetch(:param_key, :"#{instance_name || model_class&.name&.underscore}_id")
+      else
+        options.fetch(:param_key, :id)
+      end
+    end
+
+    # if a model_name option is given use that otherwise nil
+    # and is parent
+    def model_instance_name options
+      options[:model_class].name.underscore if options[:model_class].present? && options[:parent]
+    end
+
+    def load_instance_var model_class, param_key, policy_kwopts, policy_scope_kwopts
+      case params[:action]
+      when "index"
+        load_scope(model_class, policy_kwopts, policy_scope_kwopts)
+      when "new"
+        authorize(model_class.new, **policy_kwopts)
+      when "create"
+        authorize(model_class.new(permitted_attributes(model_class)), **policy_kwopts)
+      when "edit", "update", "show", "destroy"
+        load_model(model_class, param_key, policy_kwopts, policy_scope_kwopts)
+      else
+        if params[param_key]
+          load_model(model_class, param_key, policy_kwopts, policy_scope_kwopts)
+        else
+          load_scope(model_class, policy_kwopts, policy_scope_kwopts)
+        end
+      end
+    end
+
+    def load_parent_instance_var model_class, param_key, policy_kwopts, policy_scope_kwopts
+      if params[param_key]
+        load_model(model_class, param_key, policy_kwopts, policy_scope_kwopts, :show?)
+      end
+    end
+
+    def load_model model_class, param_key, policy_kwopts, policy_scope_kwopts, query = nil
+      authorize(policy_scope(model_class, **policy_scope_kwopts).find(params[param_key]), query, **policy_kwopts)
+    end
+
+    def load_scope model_class, policy_kwopts, policy_scope_kwopts
+      authorize(policy_scope(model_class, **policy_scope_kwopts), **policy_kwopts)
+    end
+  end
+end

data/lib/pundit_can/railtie.rb

@@ -0,0 +1,4 @@
+module PunditCan
+  class Railtie < ::Rails::Railtie
+  end
+end

data/lib/pundit_can/version.rb

@@ -0,0 +1,3 @@
+module PunditCan
+  VERSION = "0.1.0"
+end

data/lib/pundit_can.rb

@@ -0,0 +1,12 @@
+require "pundit_can/version"
+require "pundit_can/railtie"
+require "pundit"
+require "active_support/concern"
+require "active_support/core_ext/string/inflections"
+require "active_support/core_ext/object/blank"
+require "active_support/core_ext/module/introspection"
+require "active_support/dependencies/autoload"
+require "pundit_can/load_and_authorize"
+
+module PunditCan
+end

data/lib/tasks/pundit_can_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :pundit_can do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: pundit_can
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- candland
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-05-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.4.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.4.2
+- !ruby/object:Gem::Dependency
+  name: pundit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: rails-controller-testing
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Add cancan like load and authorize to controllers.
+email:
+- candland@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/pundit_can.rb
+- lib/pundit_can/load_and_authorize.rb
+- lib/pundit_can/railtie.rb
+- lib/pundit_can/version.rb
+- lib/tasks/pundit_can_tasks.rake
+homepage: https://candland.net/pundit_can
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://candland.net/pundit_can
+  source_code_uri: https://github.com/candland/pundit_can
+  changelog_uri: https://github.com/candland/pundit_can/CHANGES.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.7
+signing_key:
+specification_version: 4
+summary: Add cancan like load and authorize to controllers.
+test_files: []