pundit_roles 0.2.1 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d9d41f133e02bb2d62751987d703e9f1df6626ee
-  data.tar.gz: 1ca3ac5b8b5dbba131c29417e45e6fc62f154d55
+  metadata.gz: d24862dda5081913834ff5fc0063cc46c98e81c0
+  data.tar.gz: 8a426b027d8cf4889d4b11c466e11e6492dfa5fc
 SHA512:
-  metadata.gz: 456ee73a9e3145e0d2ca12daa6c65507a35a4eceff7f1e5aaba438a0a7784b0847edf33c1dc0c7ae01ed129879b1005ae5e34f146db482d5a792da0e25348ee6
-  data.tar.gz: 401da8afe1459ddb0b6dc36a9cfbea9b44ff2fdb165c9ff1d7b7fd459fb29837e4b81a2268ec3039732359adcb0ed181f9c6cf1a721629ed384f1c260121a2bb
+  metadata.gz: 41103de643378f38f4f55306f39010301a15ed09d4bc89c7effe183a29c011f0293fbbc478e4e0e925fab4f4e9d51647622d4ae4c66fd502798902b8b1817bea
+  data.tar.gz: 46fa3a352eb53d5d7a098d990255c96a4572793c0a20df4f3f6cb7b7712a9c9eb945670908e0fd6aadea2e6d9655e01c724f0f9eb1b5684e6d5e5d8b7c975e9a

data/CHANGELOG.md

@@ -1,10 +1,16 @@
 # PunditRoles
 
-## 0.2.0 (2017-10-30)
+## 0.2.1 (2017-10-30)
 
 - Roles and permitted options are no longer separately declared with `role` and 
   `permitted_for` methods. Declaration of options has been consolidated into the 
   `role` method.
 - Roles can no longer be inherited from the superclass.
 - Test conditions for the roles are now guessed from the name of the role, 
-  instead of being declared explicitly with the `authorize_with` option.
+  instead of being declared explicitly with the `authorize_with` option.
+- Policy instance variable @record renamed @resource
+
+## 0.5.0 (2017-11-08)
+
+- `authorize` method has been renamed to `authorize!`
+- added support for limiting scopes, can be called with `policy_scope!`

data/README.md

@@ -7,15 +7,15 @@
 
 PunditRoles is a helper gem which works on top of [Pundit](https://github.com/elabs/pundit)
 (if you are not familiar with Pundit, it is recommended you read it's documentation before continuing).
-It allows you to extend Pundit's authorization system to include attributes and associations.
+It allows you to extend Pundit's authorization system to include attributes and associations, and provides a couple of
+helpers for convenience.
 
 If you are already using Pundit, this should not conflict with any of Pundit's existing functionality. 
-You may use Pundit's features as well as the features from this gem interchangeably.
+You may use Pundit's features as well as the features from this gem interchangeably. There are
+some caveats however, see the [Porting over from Pundit](#Porting over from Pundit).
 
 Please note that this gem is not affiliated with Pundit or it's creators, but it very much
-appreciates the work that they did with their great authorization system. 
-
-* **Important**: This gem is **not** yet considered production ready.
+appreciates the work that they did with their great authorization system.
 
 ## Installation
 
@@ -44,8 +44,7 @@ end
 PunditRoles operates around the notion of _**roles**_. Each role needs to be defined at the Policy level
 and provided with a conditional method that determines whether the `@user`(the `current_user` in the context of a Policy) 
 falls into this role. Additionally, each role can have a set of permitted 
-_**attributes**_ and _**associations**_(from here on collectively referred to as _**options**_) 
-defined for it. A basic example for a UserPolicy would be:
+_**attributes**_ and _**associations**_ defined for it. A basic example for a UserPolicy would be:
 ```ruby
 class UserPolicy < ApplicationPolicy
   role :regular_user,
@@ -71,7 +70,8 @@ end
 This assumes that there are two methods defined in the UserPolicy called `regular_user?` and
 `correct_user?`.
 
-* Please note, that there was a breaking change since `0.1.2`. View the [changelog](https://github.com/StairwayB/pundit_roles/blob/master/CHANGELOG.md) for additional details.
+* Please note, that there were a couple of breaking change since `0.2.1`. View the 
+[changelog](https://github.com/StairwayB/pundit_roles/blob/master/CHANGELOG.md) for additional details.
 
 And then in you query method, you simply say:
 ```ruby
@@ -90,19 +90,19 @@ def show?
 end
 ```
 
-Finally, in your controller you call Pundit's `authorize` method and pass it's return value
+Finally, in your controller you call `authorize!` method and pass it's return value
 to a variable: 
 ```ruby
 class UserController < ApplicationController
   def show
     @user = User.find(params[:id])
-    permitted = authorize @user
+    permitted = authorize! @user
     # [...]
   end
 end
 ```
 
-The `authorize` method will return a hash of permitted attributes and associations for the corresponding action that the
+The `authorize!` method will return a hash of permitted attributes and associations for the corresponding action that the
 user has access to. What you do with that is your business. Accessors for each segment look like this: 
 ```ruby
 permitted[:attributes][:show] # ex. returns => [:username, :name, :avatar, :is_confirmed, :created_at]
@@ -112,7 +112,7 @@ permitted[:associations][:show]
 permitted[:associations][:update]
 ```
 
-It hash also contains the roles that the user has fulfilled:
+The hash also contains the roles that the user has fulfilled:
 ```ruby
 permitted[:roles] # ex. returns => [:regular_user, :correct_user]
 ```
@@ -122,37 +122,42 @@ If the user does not fall into any roles permitted by a query, the `authorize` m
 ### Defining roles
 
 Roles are defined with the `role` method. It receives the name of the role as it's first argument and the
-options for the role as it's second(multiple `roles` can be defined at once, if you wish to do that, 
-but all of these will have identical options, so what's the point, really). Valid options for the role are:
-`:attributes, :associations, :scope, :uses_db, :extend`. 
+options for the role as it's second. Additionally, you need to define a method which checks if
+the user falls into that role. This method's name must be the name of the role with a question
+mark at the end. For example, a `:correct_user` role's conditional method must be declared as
+`correct_user?`.
 
-Currently only attributes and associations are supported, scopes and db permissions will be coming Soon&trade;.
+Valid options for roles are:
+`:attributes, :associations, :scope`
 
 ```ruby
-role :regular_user,
+role :correct_user,
       attributes: {show: [:name]},
       associations: {show: [:posts]}
 
 private
 
-def regular_user?
-  @user.present?
+def correct_user?
+  @user.id == @resource.id
 end
 ```
 
 One thing to watch out for is that roles are not inherited, because each is unique to the model in question. 
 But since the name of the role is just the conditional method for the role,
 without the '?' question mark, it is encouraged to inherit from an `ApplicationPolicy`, 
-and define common `role` conditional methods there.
+and define common `role` conditionals there. 
+
+* see [Declaring attributes and associations](#Declaring attributes and associations) for how to declare 
+attributes and associations.
 
 ### Users with multiple roles
 
-You may have noticed that in the first example `correct_user` has fewer permitted options
+You may have noticed that in the first example `correct_user` has fewer permitted attributes and associations
 defined than `regular_user`. That is because PunditRoles does not treat roles as exclusionary.
 Users may have a single role or they may have multiple roles, within the context of the model they are trying to access.
 In the previous example, a `correct_user`, meaning a `regular_user` trying to access it's own model, is naturally 
-also a `regular_user`, so it will have access to all options a `regular_user` has access to plus the 
-options that a `correct_user` has access to. 
+also a `regular_user`, so it will have access to all attributes and associations a `regular_user` has access to plus the 
+ones that a `correct_user` has access to. 
 
 Take this example, to better illustrate what is happening: 
 
@@ -174,7 +179,7 @@ role :admin_user,
 ```
 
 Here, a user which fulfills the `admin_user` condition trying to access it's own model, would receive the 
-options of all three roles, without any duplicates, meaning the `permitted[:attributes][:show]` would look like: 
+attributes and associations of all three roles, without any duplicates, meaning the `permitted[:attributes][:show]` would look like: 
 ```ruby
 [:username, :name, :avatar, :email, :phone_number, :is_admin]
 ```
@@ -217,16 +222,106 @@ end
 with other roles. It is also the first role that is evaluated, and if the user is a `:guest`, it will return the guest
 attributes if `:guest` is allowed, or raise `Pundit::NotAuthorizedError` if not. 
 
-* Do **not** use a custom role for `nil` or `undefined` `@user`, use `:guest`. 
-If you do, it will most likely lead to unwanted exceptions.
+* Do **not** use a custom role for `nil` users, use `:guest`. 
+If you do, it will most likely lead to unwanted errors.
+
+### Scopes
+PunditRoles supports limiting scopes for actions which return a list of records. If you wish to do
+this, define a scope option for a role as a `lambda`, and then call `policy_scope!` for the list you want to 
+limit. It should look something like this: 
+```ruby
+role :guest,
+    attributes: {
+      show: %i(name avatar),
+    },
+    associations: {},
+    scope: lambda{resource.where(visible_publicly: true)}
+role :regular_user,
+   attributes: {
+     show: %i(username name avatar)
+   },
+   associations: {
+     show: %i(posts followers following)
+   },
+   scope: lambda{resource.where.not(id: user.id)}
+   
+def index?
+  allow :guest, :regular_user
+end
+```
+Then in your controller you pass the list you want to limit based on what role the current user fulfills:
+```ruby
+def index
+  @users = policy_scope!(User.all)
+end
+```
+The `policy_scope!` method returns the scope for the role, or raises `Pundit::NotAuthorizedError` if the user is not 
+allowed to perform the action. Since the syntax for permitting scopes is the same as the syntax for getting the permitted
+attributes and associations, you may use both `authorize!` and `policy_scope!` for the same action. A recommended usage is
+to use both(this example uses the excellent [jsonapi-rails](https://github.com/jsonapi-rb/jsonapi-rails) gem for serialization): 
+```ruby
+def index
+  @users = policy_scope!(User.all)
+  permitted = authorize! @users
+  render jsonapi: @users, fields: {users: permitted[:attributes][:show]}
+end
+```
+
+#### Important: Scope declaration order
+
+While attributes and associations for roles are merged, scopes are **not**! This means that whenever you wish to authorize a list of records,
+you must take care in what order you define the roles. PunditRoles will go over the allowed roles in a query method in the
+order in which they were defined, and when it finds a role that the user fulfills, it will return the scope for that role.
+
+Take this example, where there are two roles permitted for an `index` action: `regular_user` and `:admin_user`:
+```ruby
+
+role :regular_user, scope: lambda{resource.regular_user}
+role :admin_user, scope: lambda{resource.admin_user}
 
-### Explicit declaration of options
+def index?
+  allow :regular_user, :admin_user
+end
+
+private
+
+def regular_user?
+  @user.present?
+end
+
+def admin_user?
+  @user.admin?
+end
+```
+
+Whenever an admin tries to access the `index` action, PunditRoles will first check if the admin is a `regular_user`,
+which will be true, since admin is in fact logged in. Therefore, it will return the scope defined for `regular_user`,
+instead of the scope defined for `admin_user`. This is not the desired behaviour. In order to avoid this, the `index?` method
+needs to look like this:
+```ruby
+def index?
+  allow :admin_user, :regular_user
+end
+```
+In this case, `admin_user` is evaluated before `regular_user`, so admins will correctly get their own scope, instead of the
+`regular_user` scope.
+
+* The rule is: whenever a role supersedes another, declare that role first. If two or more roles are exclusionary,
+meaning that there is no way that a user can fulfill more than one of these roles, then the order in which they are declared
+does not matter. The guest role can be declared wherever, since PunditRoles will always evaluate whether the user is a 
+`guest` first. 
+
+### Declaring attributes and associations
+
+* Attributes and associations in this heading are referred to collectively as _options_
+
+##### Explicit declaration of options
 
 Options are declared with the `attributes` and `associations` options of the role method.
 
 Valid options for both `:attributes` and `:associations` are `:show`,`:create`,`:update` and `:save` or the implicit options.
 
-### Implicit declaration of options
+##### Implicit declaration of options
 
 PunditRoles provides a set of helpers to be able to implicitly declare the options of a role. 
 
@@ -299,17 +394,21 @@ RESTRICTED_SHOW_ATTRIBUTES = RESTRICTED_SHOW_ATTRIBUTES + [:attr_one, :attr_two]
 There are 8 `RESTRICTED_#{action}_#{option_type}` constants in total, where `option_type` refers
 to either `ATTRIBUTES` or `ASSOCIATIONS` and `action` refers to `SHOW`, `CREATE`, `UPDATE` or `SAVE`.
 
-## Planned updates
-
-Support for Pundit's scope method should be added in the near future, along with authorizing associations, 
-generators, and possibly rspec helpers.
+## Porting over from Pundit
+If you're already using Pundit, this gem should not conflict with any existing functionality. However, there
+are a couple of things to watch out for: 
+* PunditRoles uses `@resouce` instead of `@record` in the Policy. This change was made, to reflect the
+fact that the Policy can have scopes as well as records passed to it.
+* PunditRoles uses the bang methods `authorize!` and `policy_scope!`, instead of `authorize` and `policy_scope`.
+* PunditRoles does not use the `Scope` class of Pundit, but it is included in `Policy::Base` so you may use
+that as well, if you so choose.
 
+## Planned updates
+Authorizing associations, generators, and possibly rspec helpers will be coming in the near future.
 
 ## Contributing
-
 Bug reports are welcome on GitHub at [StairwayB](https://github.com/StairwayB/pundit_roles).
 
 ## License
-
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
 

data/lib/pundit_roles/policy/base.rb

@@ -8,7 +8,7 @@ module Policy
   # return a uniquely merged hash of permitted attributes and associations of each role the @user has.
   #
   # @attr_reader user [Object] the user that initiated the action
-  # @attr_reader record [Object] the object we're checking permissions of
+  # @attr_reader resource [Object] the object we're checking permissions of
   class Base
     extend Role
     include PolicyDefaults
@@ -25,62 +25,89 @@ module Policy
     # @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`)
     def resolve_query(query)
       permitted_roles = public_send(query)
-      if permitted_roles.is_a? TrueClass or permitted_roles.is_a? FalseClass
-        return permitted_roles
-      end
+      return permitted_roles if permitted_roles.is_a? TrueClass or permitted_roles.is_a? FalseClass
 
-      permissions_hash = self.class.permissions_hash
+      validate_permission_type(permitted_roles, query)
+      permissions = self.class.permissions
 
-      # Always checks if user is a guest, and return the appropriate permission if true
-      # the guest role cannot be merged with other roles
       if guest?
-        return handle_guest_user(permitted_roles, permissions_hash)
+        return handle_guest_options(permitted_roles, permissions)
       end
-      current_roles = determine_current_roles(permitted_roles, permissions_hash)
 
-      unless current_roles.present?
-        return false
-      end
+      current_roles = determine_current_roles(permitted_roles)
+      return false unless current_roles.present?
 
-      if current_roles.length == 1
-        return current_roles.values[0].merge({roles: [current_roles.keys[0]]})
+      return options_or_merge(current_roles, permissions)
+    end
+
+    # Retrieves the permitted roles for the current query and checks each role, until it finds one that
+    # that the user fulfills. It returns the defined scope for that role. Scopes do no merge with other scopes
+    #
+    # @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`)
+    def resolve_scope(query)
+      permitted_roles = public_send(query)
+      return permitted_roles if permitted_roles.is_a? TrueClass or permitted_roles.is_a? FalseClass
+
+      validate_permission_type(permitted_roles, query)
+      scopes = self.class.scopes
+
+      if guest?
+        return handle_guest_scope(permitted_roles, scopes)
       end
 
-      return unique_merge(current_roles)
+      current_roles =  determine_current_roles(permitted_roles)
+      return false unless current_roles.present?
+
+      return instance_eval &scopes[current_roles[0]]
     end
 
     private
 
-    # Return the default :guest role if guest is present in @permitted_roles. Return false otherwise
+    # Return the default :guest role if guest is present in permitted_roles. Return false otherwise
     #
     # @param permitted_roles [Hash] roles returned by the query
-    # @param permissions_hash [Hash] unrefined hash of options defined by all permitted_for methods
-    def handle_guest_user(permitted_roles, permissions_hash)
+    # @param permissions [Hash] unrefined hash of options defined by all permitted_for methods
+    def handle_guest_options(permitted_roles, permissions)
+      if permitted_roles.include? :guest
+        return permissions[:guest].merge({roles: [:guest]})
+      end
+      return false
+    end
+
+    def handle_guest_scope(permitted_roles, scopes)
       if permitted_roles.include? :guest
-        return permissions_hash[:guest].merge({roles: [:guest]})
+        return instance_eval &scopes[:guest]
       end
       return false
     end
 
-    # Build a hash of the roles that the user fulfills and the roles' attributes and associations,
-    # based on the test_condition of the role.
+    # inspects the current_roles and returns the appropriate option
+    #
+    # @param current_roles [Hash] roles that the current user fulfills
+    # @param permissions [Hash] unrefined hash of options defined by all permitted_for methods
+    def options_or_merge(current_roles, permissions)
+      return false unless current_roles.present?
+
+      if current_roles.length == 1
+        return permissions[current_roles[0]].merge({roles: [current_roles[0]]})
+      end
+
+      return unique_merge(current_roles, permissions)
+    end
+
+    # Build an Array of the roles that the user fulfills.
     #
     # @param permitted_roles [Hash] roles returned by the query
-    # @param permissions_hash [Hash] unrefined hash of options defined by all permitted_for methods
-    def determine_current_roles(permitted_roles, permissions_hash)
-      current_roles = {}
+    def determine_current_roles(permitted_roles)
+      current_roles = []
 
       permitted_roles.each do |permitted_role|
-        if permitted_role == :guest or permitted_role == :guest_user
+        if permitted_role == :guest
           next
         end
 
-        begin
-          if send("#{permitted_role}?")
-            current_roles[permitted_role] = permissions_hash[permitted_role]
-          end
-        rescue NoMethodError => e
-          raise NoMethodError, "Undefined test condition, it must be defined as 'role?', where, role is :#{permitted_role}, => #{e.message}"
+        if test_condition?(permitted_role)
+          current_roles << permitted_role
         end
       end
 
@@ -89,13 +116,13 @@ module Policy
 
     # Uniquely merge the options of all roles that the user fulfills
     #
-    # @param roles [Hash] roles and options that the user fulfills
-    def unique_merge(roles)
-      merged_hash = {attributes: {}, associations: {}, roles: []}
+    # @param roles [Hash] roles that the user fulfills
+    # @param permissions [Hash] the options for all roles
+    def unique_merge(roles, permissions)
+      merged_hash = {attributes: {}, associations: {}, roles: roles}
 
-      roles.each do |role, option|
-        merged_hash[:roles] << role
-        option.each do |type, actions|
+      roles.each do |role|
+        permissions[role].each do |type, actions|
           actions.each do |key, value|
             unless merged_hash[type][key]
               merged_hash[type][key] = []
@@ -108,6 +135,22 @@ module Policy
       return merged_hash
     end
 
+    # Helper method for testing the conditional of a role
+    #
+    # @param role [Symbol] the role to be tested
+    # @raise [NoMethodError] if the test condition is undefined
+    def test_condition?(role)
+      begin
+        if send("#{role}?")
+          return true
+        end
+      rescue NoMethodError => e
+        raise NoMethodError, "Undefined test condition, it must be defined as 'role?', where, role is :#{role}, => #{e.message}"
+      end
+
+      return false
+    end
+
     # Helper method to be able to define allow: :guest, :user, etc. in the query methods
     #
     # @param *roles [Array] an array of permitted roles for a particular action
@@ -120,8 +163,25 @@ module Policy
       @user.nil?
     end
 
-    # Scope class from Pundit, to be used for limiting scopes. Unchanged from Pundit,
-    # possible implementation forthcoming in a future update
+    # @api private
+    def validate_permission_type(permitted_roles, query)
+      valid = false
+      _allowed_permission_types.each do |type|
+        if permitted_roles.is_a? type
+          valid = true
+          break
+        end
+      end
+
+      raise ArgumentError, "expected #{_allowed_permission_types} in #{query}, got #{permitted_roles.inspect}" unless valid
+    end
+
+    # @api private
+    def _allowed_permission_types
+      [Array, FalseClass, TrueClass]
+    end
+
+    # Scope class from Pundit, not used in this gem
     class Scope
       attr_reader :user, :scope
 

data/lib/pundit_roles/policy/role.rb

@@ -3,21 +3,22 @@ require_relative 'role/option_builder'
 # Extended by Policy::Base. Defines the methods necessary for declaring roles.
 module Role
 
-  attr_accessor :permissions_hash
+  attr_accessor :permissions
+  attr_accessor :scopes
 
-  # Builds a new role by saving it into the #permissions_hash class instance variable
+  # Builds a new role by saving it into the #permissions class instance variable
   # Valid options are :attributes, :associations, :scope, :uses_db, :extend
   #
   # @param *opts [Array] the roles, and the options which define the roles
   # @raise [ArgumentError] if the options are incorrectly defined, or no options are present
-  # @return [Hash] Returns the permissions hash or the record
   def role(*opts)
     user_opts = opts.extract_options!.dup
     options = user_opts.slice(*_role_default_keys)
 
     raise ArgumentError, 'Please provide at least one role' unless opts.present?
 
-    @permissions_hash = {} if @permissions_hash.nil?
+    @permissions = {} if @permissions.nil?
+    @scopes = {} if @scopes.nil?
 
     options.each do |key, value|
       if value.present?
@@ -32,7 +33,8 @@ module Role
 
     opts.each do |role|
       raise ArgumentError, "Expected Symbol for #{role}, got #{role.class}" unless role.is_a? Symbol
-      @permissions_hash[role] = OptionBuilder.new(self, options[:attributes], options[:associations],  options[:scope]).permitted
+      @permissions[role] = OptionBuilder.new(self, options[:attributes], options[:associations],  options[:scope]).permitted
+      @scopes[role] = options[:scope]
     end
   end
 
@@ -43,7 +45,7 @@ module Role
 
   # @api private
   private def _role_option_validations
-    {attributes: [Hash, Symbol], associations: [Hash, Symbol], scope: [String], uses_db: [Symbol], extend: [Symbol]}
+    {attributes: [Hash, Symbol], associations: [Hash, Symbol], scope: [Proc], uses_db: [Symbol], extend: [Symbol]}
   end
 
 end

data/lib/pundit_roles/pundit.rb

@@ -1,32 +1,56 @@
 # Contains the overwritten #authorize method
 module PunditOverwrite
 
-  # Overwrite for Pundit's default authorization, to be able to use PunditRoles. Does not conflict with existing
-  # Pundit implementations
+  # A modified version of Pundit's default authorization. Returns a hash of permitted attributes or raises exception
+  # it the user is not authorized
   #
   # @param resource [Object] the object we're checking permissions of
   # @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`).
   #   If omitted then this defaults to the Rails controller action name.
   # @raise [NotAuthorizedError] if the given query method returned false
-  # @return [Object, Hash] Returns the permissions hash or the record
-  def authorize(resource, query = nil)
+  # @return [Object, Hash] Returns the permissions hash or the resource
+  def authorize!(resource, query = nil)
     query ||= params[:action].to_s + '?'
 
     @_pundit_policy_authorized = true
 
     policy = policy(resource)
-
     permitted_records = policy.resolve_query(query)
 
-    unless permitted_records
+    return determine_action(resource, query, policy, permitted_records)
+  end
+
+  # Returns the permitted scope or raises exception
+  #
+  # @param resource [Object] the object we're checking permissions of
+  # @param query [Symbol, String] the predicate method to check on the policy (e.g. `:show?`).
+  #   If omitted then this defaults to the Rails controller action name.
+  # @raise [NotAuthorizedError] if the given query method returned false
+  # @return [Object, ActiveRecord::Association] Returns the permissions hash or the resource
+  def policy_scope!(resource, query = nil)
+    query ||= params[:action].to_s + '?'
+
+    @_pundit_policy_scoped = true
+
+    policy = policy(resource)
+    permitted_scope = policy.resolve_scope(query)
+
+    return determine_action(resource, query, policy, permitted_scope)
+  end
+
+  private
+
+  # @api private
+  def determine_action(resource, query, policy, permitted)
+    unless permitted
       raise Pundit::NotAuthorizedError, query: query, record: resource, policy: policy
     end
 
-    if permitted_records.is_a? TrueClass
+    if permitted.is_a? TrueClass
       return resource
     end
 
-    return permitted_records
+    return permitted
   end
 end
 

data/lib/pundit_roles/version.rb

@@ -1,3 +1,3 @@
 module PunditRoles
-  VERSION = "0.2.1"
+  VERSION = "0.5.0"
 end

data/pundit_roles.gemspec

@@ -9,8 +9,8 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Daniel Balogh"]
   spec.email         = ["danielferencbalogh@gmail.com"]
 
-  spec.summary       = %q{Extends Pundit with roles, allowing attribute and association level authorizations}
-  spec.description   = %q{Extends Pundit with roles, allowing attribute and association level authorizations}
+  spec.summary       = %q{Extends Pundit with roles, allowing attribute and association level authorizations, suits modern APIs well}
+  spec.description   = %q{Extends Pundit with roles, allowing attribute and association level authorizations, suits modern APIs well}
   spec.homepage      = "https://github.com/StairwayB/pundit_roles"
   spec.license       = "MIT"
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pundit_roles
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Daniel Balogh
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-10-30 00:00:00.000000000 Z
+date: 2017-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -38,7 +38,8 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.1.0
-description: Extends Pundit with roles, allowing attribute and association level authorizations
+description: Extends Pundit with roles, allowing attribute and association level authorizations,
+  suits modern APIs well
 email:
 - danielferencbalogh@gmail.com
 executables: []
@@ -86,5 +87,6 @@ rubyforge_project:
 rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
-summary: Extends Pundit with roles, allowing attribute and association level authorizations
+summary: Extends Pundit with roles, allowing attribute and association level authorizations,
+  suits modern APIs well
 test_files: []