RubyGems - rabarber - Versions diffs - 0.1.3 → 0.1.5 - Mend

rabarber 0.1.3 → 0.1.5

Files changed (11) hide show

checksums.yaml +4 -4
data/.rspec +1 -1
data/.rubocop.yml +3 -0
data/CHANGELOG.md +10 -0
data/README.md +39 -4
data/lib/generators/rabarber/templates/create_rabarber_roles.rb.erb +2 -2
data/lib/rabarber/configuration.rb +1 -1
data/lib/rabarber/controllers/concerns/authorization.rb +2 -2
data/lib/rabarber/models/concerns/has_roles.rb +23 -15
data/lib/rabarber/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: efe276f264ab3b14fb15221050a9876054fc9cda73cd62af4a68b177658af585
-  data.tar.gz: be88e7ead8056ba296ede08d74da565ebb3c2e1ea53d203d0b68b29c38cb2076
+  metadata.gz: 44ae657744209c8401cc25faff3aba718ce00993d4ba6f1ccd8b833cd7b2e48f
+  data.tar.gz: a5ede8519ed62a197873b8b9f955a38d9a7cb7d34a5a7ef9518ed672b029745b
 SHA512:
-  metadata.gz: 8136281097de32e13774e3beafb60a55bdd031d6f9fec9e2d09a43e746d6a044c13b269e02b086037b8c538c0d35b514ac509ad21c5dfdcf9173013dbeb35f5a
-  data.tar.gz: 9479c30544c7ce6a56b418fc6c25fb0470dbdfd6e0a069114bc3616b7b6aaa03756881b6ef2173dd2d4f332e2a3cea0751e322764aa241a70eccd0cc7c45e675
+  metadata.gz: 03be3074d4a98d2b9c4cf81a1686d411e9f899f9543a82ee0879a4f8935841cbc0916ce7ca739ea44181a0db2dc2b57e2cafd251b3ab7e3389ae3d15fa86fc92
+  data.tar.gz: 647f11032bf0f935f1822f45f3edaec8e8b9db11ba786c72ffef722dcb650a0b3688dbefd9bbe0822aab0d7608f88827b3e7ff2a554f58b93c04a27bd04ec251

data/.rspec CHANGED Viewed

@@ -1,4 +1,4 @@
---format documentation
+--format progress
 --color
 --require spec_helper
 --order rand

data/.rubocop.yml CHANGED Viewed

@@ -11,6 +11,9 @@ Layout/LineLength:
 Metrics/BlockLength:
   Enabled: false
+Naming/PredicateName:
+  Enabled: false
 Rails/ApplicationController:
   Exclude:
     - spec/support/controllers.rb

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,13 @@
+## 0.1.5
+- Add missing `foreign_key` option to `CreateRabarberRoles` migration
+- Allow only lowercase alphanumeric characters and underscores in role names
+## 0.1.4
+- Remove `role?` method as unnecessary
+- Update README
 ## 0.1.3
 - Revise and update README for clarity

data/README.md CHANGED Viewed

@@ -1,12 +1,35 @@
 # Rabarber: Simplified Authorization for Rails
-Rabarber is an authorization library primarily designed for use in the web layer of your application, specifically in controllers and views.
+[![Gem Version](https://badge.fury.io/rb/rabarber.svg)](http://badge.fury.io/rb/rabarber)
+[![Github Actions badge](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml/badge.svg)](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml)
-Rabarber takes a slightly different approach compared to some popular libraries. Rabarber focuses on the question: "Who can access this endpoint?". In Rabarber, authorization is expressed not as "A user with the role 'editor' can edit a post," but rather as "A user with the role 'editor' can access a post editing endpoint."
+Rabarber is an authorization library for Ruby on Rails, primarily designed for use in the web layer of your application but not limited to that. It provides a set of useful tools for managing user roles and defining authorization rules.
+---
 #### Example of Usage:
-Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices and orders but cannot access marketing information, while the role 'marketer' has access to marketing-related data.
+Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices but cannot access marketing information, while the role 'marketer' has access to marketing-related data. Such authorization rules can be easily defined with Rabarber.
+---
+And this is how your controller might look with Rabarber:
+```rb
+class TicketsController < ApplicationController
+  grant_access roles: :admin
+  grant_access action: :index, roles: :manager
+  def index
+    ...
+  end
+  def delete
+    ...
+  end
+end
+```
+This means that `admin` users can access everything in `TicketsController`, while `manager` role can access only `index` action.
 ## Installation
@@ -28,6 +51,10 @@ Next, generate a migration to create tables for storing roles in the database:
 rails g rabarber:roles
 ```
+This will create a migration file in `db/migrate` directory.
+Replace `raise(Rabarber::Error, "Please specify your user model's table name")` in that file with the name of your user model's table.
 Finally, run the migration to apply the changes to the database:
 ```
@@ -109,13 +136,21 @@ To view all the roles assigned to the user, use:
 ```rb
 user.roles
 ```
+This will return an array of `Rabarber::Role` objects.
+If you need the list of role names, use:
+```rb
+user.roles.names
+```
 If you need to list all the role names available in your application, use:
 ```rb
 Rabarber::Role.names
 ```
-Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). Adapt them to fit the requirements of your application.
+Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). You can also write custom authorization policies based on `#has_role?` method (e.g., to scope the data that the user can access). Adapt these methods to fit the requirements of your application.
 ---

data/lib/generators/rabarber/templates/create_rabarber_roles.rb.erb CHANGED Viewed

@@ -8,8 +8,8 @@ class CreateRabarberRoles < ActiveRecord::Migration[<%= ActiveRecord::Migration.
     end
     create_table :rabarber_roles_roleables, id: false do |t|
-      t.belongs_to :role, index: true
-      t.belongs_to :roleable, index: true
+      t.belongs_to :role, index: true, foreign_key: { to_table: :rabarber_roles }
+      t.belongs_to :roleable, index: true, foreign_key: { to_table: raise(Rabarber::Error, "Please specify your user model's table name") }
     end
     add_index :rabarber_roles_roleables, %i[role_id roleable_id], unique: true

data/lib/rabarber/configuration.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Rabarber
     end
     def current_user_method=(method_name)
-      unless method_name.is_a?(Symbol) || method_name.is_a?(String)
+      unless [Symbol, String].include?(method_name.class)
         raise ArgumentError, "Method name must be a symbol or a string"
       end

data/lib/rabarber/controllers/concerns/authorization.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Rabarber
     extend ActiveSupport::Concern
     included do
-      before_action :check_permissions
+      before_action :verify_access
     end
     class_methods do
@@ -16,7 +16,7 @@ module Rabarber
     private
-    def check_permissions
+    def verify_access
       return if Permissions.access_granted?(
         send(::Rabarber::Configuration.instance.current_user_method).roles.names, self.class, action_name.to_sym, self
       )

data/lib/rabarber/models/concerns/has_roles.rb CHANGED Viewed

@@ -12,36 +12,44 @@ module Rabarber
       has_and_belongs_to_many :roles, class_name: "Rabarber::Role",
                                       foreign_key: "roleable_id",
                                       join_table: "rabarber_roles_roleables"
-      alias_method :has_role?, :role?
     end
-    def role?(*role_names)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+    def has_role?(*role_names)
+      validate_role_names(role_names)
       roles.exists?(name: role_names)
     end
     def assign_roles(*role_names, create_new: true)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+      validate_role_names(role_names)
-      if create_new && (new_roles = role_names - Role.names).any?
-        new_roles.each { |role| Role.create!(name: role) }
-      end
+      create_new_roles(role_names) if create_new
       roles << Role.where(name: role_names) - roles
     end
     def revoke_roles(*role_names)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+      validate_role_names(role_names)
       self.roles = roles - Role.where(name: role_names)
     end
+    private
+    def validate_role_names(role_names)
+      return if role_names.all? do |role_name|
+        [Symbol, String].include?(role_name.class) && role_name.match?(/\A[a-z0-9_]+\z/)
+      end
+      raise(
+        ArgumentError,
+        "Role names must be symbols or strings and may only contain lowercase letters and underscores"
+      )
+    end
+    def create_new_roles(role_names)
+      new_roles = role_names - Role.names
+      new_roles.each { |role_name| Role.create!(name: role_name) }
+    end
   end
 end

data/lib/rabarber/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Rabarber
-  VERSION = "0.1.3"
+  VERSION = "0.1.5"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.5
 platform: ruby
 authors:
 - enjaku4
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-16 00:00:00.000000000 Z
+date: 2023-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails