rabarber 1.0.1 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5f7d080588bb06feadb9a4f9759415e24828907c520c95bd4174a242820774cf
-  data.tar.gz: 40a1c865a5fdcfd84980718d61c74cc23ab342a00e1bb933a82ed13b6fbc2a9c
+  metadata.gz: f83c97e518621ea7749eab381d5e1e4f84785c8197036e923220fa0d29fcc43e
+  data.tar.gz: 9fe75afecf6c3066c0cbf779ffdf79a2e67716a8acdc0f15c72e85008528f5ab
 SHA512:
-  metadata.gz: 0a4f3c2b737c6ad4dff2179aec47835f206b6b750b59a7a3210ba83a905840da679003dad71a9d2b62e07227ad57d861373178cacc2b5ff61431bbbf11aa7023
-  data.tar.gz: d8a6723c767a24b7653c29b46a2df9ea95a9f2c8994c89e9f2be56d0e00e5024b2b8462aa89a754786322ebf780477fae0db791891e2423ea8d5a28a50866b0a
+  metadata.gz: 407ed9c374cbe8dafd964aa939f342d47a307bd101e2932bf8ae12c526f48a75524df6eb6f6f35a6a3fb4a023f7db5e50a7c04b580f56fde06ccfcc09f431df8
+  data.tar.gz: 4cfcde7d7b6ed23faff8d0e6f8f036c641ecf6dfb18e1b075dbdfd6aaa5f8391dfdf13ea7e25b70b7881489fc3b292791f663c6c70b1a32a634e7caf681a2355

data/CHANGELOG.md

@@ -1,6 +1,16 @@
+## 1.0.3
+
+- Enhance clarity by improving error types and messages
+- Resolve inconsistency in types of role names
+
+## 1.0.2
+
+- Various enhancements for gem development and release
+- Modify `HasRoles#roles` method to return an array of role names instead of `Rabarber::Role` objects
+
 ## 1.0.1
 
-- Various improvements for gem development
+- Various enhancements for gem development
 
 ## 1.0.0
 
@@ -15,7 +25,7 @@
 
 ## 0.1.4
 
-- Remove `role?` method as unnecessary
+- Remove `HasRoles#role?` method as unnecessary
 
 ## 0.1.3
 

data/README.md

@@ -7,7 +7,7 @@ Rabarber is an authorization library for Ruby on Rails, primarily designed for u
 
 ---
 
-#### Example of Usage:
+**Example of Usage**:
 
 Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices but cannot access marketing information, while the role 'marketer' has access to marketing-related data. Such authorization rules can be easily defined with Rabarber.
 
@@ -78,7 +78,7 @@ end
 - `must_have_roles` must be a boolean determining whether a user with no roles can access endpoints permitted to everyone. The default value is `false` (allowing users without roles to access endpoints permitted to everyone).
 - `when_unauthorized` must be a lambda where you can define your actions when access is not authorized (`controller` is an instance of the controller where the code is executed). By default, the user is redirected back if the request format is HTML; otherwise, a 401 Unauthorized response is sent.
 
-## Usage
+## Roles
 
 Include `Rabarber::HasRoles` module in your model representing users in your application:
 
@@ -89,9 +89,9 @@ class User < ApplicationRecord
 end
 ```
 
-### This adds the following methods:
+This adds the following methods:
 
-#### `#assign_roles`
+**`#assign_roles`**
 
 To assign roles to the user, use:
 
@@ -110,7 +110,7 @@ Rabarber::Role.create(name: "manager")
 ```
 The role names are unique.
 
-#### `#revoke_roles`
+**`#revoke_roles`**
 
 To revoke roles, use:
 
@@ -119,7 +119,7 @@ user.revoke_roles(:accountant, :marketer)
 ```
 If any of the specified roles doesn't exist or the user doesn't have the role you want to revoke, it will be ignored.
 
-#### `#has_role?`
+**`#has_role?`**
 
 To check whether the user has a role, use:
 
@@ -129,20 +129,13 @@ user.has_role?(:accountant, :marketer)
 
 It returns `true` if the user has at least one role and `false` otherwise.
 
-#### `#roles`
+**`#roles`**
 
 To view all the roles assigned to the user, use:
 
 ```rb
 user.roles
 ```
-This will return an array of `Rabarber::Role` objects.
-
-If you need the list of role names, use:
-
-```rb
-user.roles.names
-```
 
 If you need to list all the role names available in your application, use:
 
@@ -150,11 +143,11 @@ If you need to list all the role names available in your application, use:
 Rabarber::Role.names
 ```
 
-Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). You can also write custom authorization policies based on `#has_role?` method (e.g., to scope the data that the user can access). Adapt these methods to fit the requirements of your application.
+`Rabarber::Role` is a model that represents roles within your application. It has a single attribute, `name`, which is validated for both uniqueness and presence. You can treat `Rabarber::Role` as a regular Rails model and use Active Record methods on it if necessary.
 
----
+Utilize the aforementioned methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). You can also write custom authorization policies based on `#has_role?` method (e.g., to scope the data that the user can access). Adapt these methods to fit the requirements of your application.
 
-### Authorization Rules
+## Authorization Rules
 
 Include `Rabarber::Authorization` module into the controller that needs authorization rules to be applied (authorization rules will be applied to the controller and its children). Typically, it is `ApplicationController`, but it can be any controller.
 
@@ -164,7 +157,7 @@ class ApplicationController < ActionController::Base
   ...
 end
 ```
-This adds `.grant_access` method to the controller and its children. This method allows you to define the authorization rules.
+This adds `.grant_access` method which allows you to define the authorization rules.
 
 The most basic usage of the method is as follows:
 
@@ -265,9 +258,7 @@ end
 ```
 This means that `Crm::InvoicesController` is still accessible to `admin` but is also accessible to `accountant`.
 
----
-
-### View Helpers
+## View Helpers
 
 Rabarber also provides a couple of helpers that can be used in views: `visible_to` and `hidden_from`. The usage is straightforward:
 

data/lib/rabarber/configuration.rb

@@ -21,21 +21,19 @@ module Rabarber
     end
 
     def current_user_method=(method_name)
-      unless [Symbol, String].include?(method_name.class)
-        raise ArgumentError, "Method name must be a symbol or a string"
-      end
+      raise ConfigurationError, "current_user_method must be a symbol" unless method_name.is_a?(Symbol)
 
       @current_user_method = method_name.to_sym
     end
 
     def must_have_roles=(value)
-      raise ArgumentError, "Value must be a boolean" unless [true, false].include?(value)
+      raise ConfigurationError, "must_have_roles must be a boolean" unless [true, false].include?(value)
 
       @must_have_roles = value
     end
 
     def when_unauthorized=(callable)
-      raise ArgumentError, "Proc is expected" unless callable.is_a?(Proc)
+      raise ConfigurationError, "when_unauthorized must be a proc" unless callable.is_a?(Proc)
 
       @when_unauthorized = callable
     end

data/lib/rabarber/controllers/concerns/authorization.rb

@@ -18,7 +18,7 @@ module Rabarber
 
     def verify_access
       return if Permissions.access_granted?(
-        send(::Rabarber::Configuration.instance.current_user_method).roles.names, self.class, action_name.to_sym, self
+        send(::Rabarber::Configuration.instance.current_user_method).roles, self.class, action_name.to_sym, self
       )
 
       ::Rabarber::Configuration.instance.when_unauthorized.call(self)

data/lib/rabarber/models/concerns/has_roles.rb

@@ -9,15 +9,19 @@ module Rabarber
 
       @@included = name
 
-      has_and_belongs_to_many :roles, class_name: "Rabarber::Role",
-                                      foreign_key: "roleable_id",
-                                      join_table: "rabarber_roles_roleables"
+      has_and_belongs_to_many :rabarber_roles, class_name: "Rabarber::Role",
+                                               foreign_key: "roleable_id",
+                                               join_table: "rabarber_roles_roleables"
+    end
+
+    def roles
+      rabarber_roles.names
     end
 
     def has_role?(*role_names)
       validate_role_names(role_names)
 
-      roles.exists?(name: role_names)
+      (roles & role_names).any?
     end
 
     def assign_roles(*role_names, create_new: true)
@@ -25,25 +29,23 @@ module Rabarber
 
       create_new_roles(role_names) if create_new
 
-      roles << Role.where(name: role_names) - roles
+      rabarber_roles << Role.where(name: role_names) - rabarber_roles
     end
 
     def revoke_roles(*role_names)
       validate_role_names(role_names)
 
-      self.roles = roles - Role.where(name: role_names)
+      self.rabarber_roles = rabarber_roles - Role.where(name: role_names)
     end
 
     private
 
     def validate_role_names(role_names)
-      return if role_names.all? do |role_name|
-        [Symbol, String].include?(role_name.class) && role_name.match?(/\A[a-z0-9_]+\z/)
-      end
+      return if role_names.all? { |role_name| role_name.is_a?(Symbol) && role_name.to_s.match?(Role::NAME_REGEX) }
 
       raise(
-        ArgumentError,
-        "Role names must be symbols or strings and may only contain lowercase letters and underscores"
+        InvalidArgumentError,
+        "Role names must be symbols and may only contain lowercase letters, numbers and underscores"
       )
     end
 

data/lib/rabarber/models/role.rb

@@ -4,7 +4,9 @@ module Rabarber
   class Role < ActiveRecord::Base
     self.table_name = "rabarber_roles"
 
-    validates :name, presence: true, uniqueness: true
+    NAME_REGEX = /\A[a-z0-9_]+\z/
+
+    validates :name, presence: true, uniqueness: true, format: { with: NAME_REGEX }
 
     def self.names
       pluck(:name).map(&:to_sym)

data/lib/rabarber/rule.rb

@@ -5,9 +5,9 @@ module Rabarber
     attr_reader :action, :roles, :custom
 
     def initialize(action, roles, custom)
-      @action = action
-      @roles = Array(roles)
-      @custom = custom
+      @action = validate_action(action)
+      @roles = validate_roles(roles)
+      @custom = validate_custom_rule(custom)
     end
 
     def verify_access(user_roles, custom_rule_receiver, action_name = nil)
@@ -37,5 +37,30 @@ module Rabarber
         custom_rule_receiver.send(custom)
       end
     end
+
+    def validate_action(action)
+      return action if action.nil? || action.is_a?(Symbol)
+
+      raise InvalidArgumentError, "Action name must be a symbol"
+    end
+
+    def validate_roles(roles)
+      roles_array = Array(roles)
+
+      return roles_array if roles_array.empty? || roles_array.all? do |role|
+        role.is_a?(Symbol) && role.match?(Role::NAME_REGEX)
+      end
+
+      raise(
+        InvalidArgumentError,
+        "Role names must be symbols and may only contain lowercase letters, numbers and underscores"
+      )
+    end
+
+    def validate_custom_rule(custom)
+      return custom if custom.nil? || custom.is_a?(Symbol) || custom.is_a?(Proc)
+
+      raise InvalidArgumentError, "Custom rule must be a symbol or a proc"
+    end
   end
 end

data/lib/rabarber/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rabarber
-  VERSION = "1.0.1"
+  VERSION = "1.0.3"
 end

data/lib/rabarber.rb

@@ -23,4 +23,6 @@ module Rabarber
   end
 
   class Error < StandardError; end
+  class ConfigurationError < Error; end
+  class InvalidArgumentError < Error; end
 end

data/rabarber.gemspec

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require_relative "lib/rabarber/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "rabarber"
+  spec.version = Rabarber::VERSION
+  spec.authors = ["enjaku4"]
+  spec.email = ["enjaku4@gmail.com"]
+
+  spec.summary = "Simple authorization library for Ruby on Rails."
+  spec.homepage = "https://github.com/enjaku4/rabarber"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 3.0"
+
+  spec.files = [
+    "rabarber.gemspec", "README.md", "CHANGELOG.md", "LICENSE.txt"
+  ] + `git ls-files | grep -E '^(lib)'`.split("\n")
+
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "rails", ">= 6.1"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.3
 platform: ruby
 authors:
 - enjaku4
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-31 00:00:00.000000000 Z
+date: 2024-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -31,13 +31,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".rspec"
-- ".rubocop.yml"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - lib/generators/rabarber/roles_generator.rb
 - lib/generators/rabarber/templates/create_rabarber_roles.rb.erb
 - lib/rabarber.rb
@@ -50,6 +46,7 @@ files:
 - lib/rabarber/permissions.rb
 - lib/rabarber/rule.rb
 - lib/rabarber/version.rb
+- rabarber.gemspec
 homepage: https://github.com/enjaku4/rabarber
 licenses:
 - MIT

data/.rspec

@@ -1,4 +0,0 @@
---format progress
---color
---require spec_helper
---order rand

data/.rubocop.yml

@@ -1,69 +0,0 @@
-require:
-  - rubocop-rails
-  - rubocop-rake
-  - rubocop-rspec
-
-AllCops:
-  TargetRubyVersion: 3.0
-
-Layout/LineLength:
-  Max: 120
-
-Metrics/BlockLength:
-  Enabled: false
-
-Naming/PredicateName:
-  Enabled: false
-
-Rails/ApplicationController:
-  Exclude:
-    - spec/support/controllers.rb
-
-Rails/ApplicationRecord:
-  Exclude:
-    - lib/rabarber/models/role.rb
-    - spec/support/models.rb
-
-RSpec/ContextWording:
-  Enabled: false
-
-RSpec/ExampleLength:
-  Enabled: false
-
-RSpec/FilePath:
-  Enabled: false
-
-RSpec/MultipleExpectations:
-  Enabled: false
-
-RSpec/NamedSubject:
-  Enabled: false
-
-RSpec/NestedGroups:
-  Enabled: false
-
-Style/ClassVars:
-  Enabled: false
-
-Style/Documentation:
-  Enabled: false
-
-Style/Lambda:
-  Enabled: true
-  EnforcedStyle: literal
-
-Style/StringLiterals:
-  Enabled: true
-  EnforcedStyle: double_quotes
-
-Style/StringLiteralsInInterpolation:
-  Enabled: true
-  EnforcedStyle: double_quotes
-
-Style/SymbolArray:
-  Enabled: true
-  EnforcedStyle: brackets
-
-Style/WordArray:
-  Enabled: true
-  EnforcedStyle: brackets

data/Gemfile

@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-source "https://rubygems.org"
-
-gemspec
-
-ENV["RAILS_VERSION"] ? gem("rails", ENV["RAILS_VERSION"]) : gem("rails", ">= 6.1")
-
-gem "database_cleaner-active_record", "~> 2.1"
-gem "rake", "~> 13.1"
-gem "rspec", "~> 3.12"
-gem "rspec-rails", "~> 6.1"
-gem "rubocop", "~> 1.59"
-gem "rubocop-rails", "~> 2.23"
-gem "rubocop-rake", "~> 0.6"
-gem "rubocop-rspec", "~> 2.25"
-gem "sqlite3", "~> 1.7"

data/Rakefile

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-
-RSpec::Core::RakeTask.new(:spec)
-
-require "rubocop/rake_task"
-
-RuboCop::RakeTask.new
-
-task default: [:spec, :rubocop]