rabarber 1.2.1 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ae0f6a7f272a6d718ddf591e61b236a20b26da7c7eddc56f838637e6fd16b72
-  data.tar.gz: 07bb483c2ed0fc8e04b12fab9183d333cddae5ef4d3b3690d98119e1d9d97c5b
+  metadata.gz: 77a15b7eb4164c74d70e81d34630d6051915acc2abe35896df8938d9cc53e473
+  data.tar.gz: 847f675e00e9a85a158032af7ddc158f3189df78d4e6dae4ce15e2fe5024515e
 SHA512:
-  metadata.gz: 8c87020ec8feb37dc344f332843eb49498197edbeab72d3c7b57edfb5e727029627aa5b8289fa506bdcb262d2df47fc378ca3d17f138879b3a64e51e998d22ab
-  data.tar.gz: d4e83ff02a8dfc17e8a2706756fa84f4e93035bd09c98455e8f5f2eb92f9c48636135200ed42fe6b6a6bda94671c187de97c1a85d6a21425d93191423c38711f
+  metadata.gz: 7d16835ed84fd9ee2c2e7871080c5256bad34944ee0c1a3448c609f14732f1c7901539c0287bc5206feddb79ef77ee4aa001dd26a642d7c23b05498f5a668659
+  data.tar.gz: 0bd35329a6608d4f6680b4aba7882d015df36f38e0b0d963c9df988edd40e490e67180e504b1901f05c957e27f8bffe585372f6494ccad2989310daaa7feec68

data/CHANGELOG.md

@@ -1,3 +1,14 @@
+## 1.3.0
+
+- Add methods to directly add, rename, and remove roles
+- `HasRoles#assign_roles` and `HasRoles#revoke_roles` methods now return the list of roles assigned to the user
+- Minor performance improvements
+
+## 1.2.2
+
+- Refactor to improve readability and maintainability
+- Fix minor code errors
+
 ## 1.2.1
 
 - Cache roles to avoid unnecessary database queries

data/README.md

@@ -67,16 +67,16 @@ Rabarber can be configured by using `.configure` method in an initializer:
 
 ```rb
 Rabarber.configure do |config|
-  config.cache_enabled = false
-  config.current_user_method = :authenticated_user
-  config.must_have_roles = true
+  config.cache_enabled = true
+  config.current_user_method = :current_user
+  config.must_have_roles = false
   config.when_actions_missing = -> (missing_actions, context) { ... }
   config.when_roles_missing = -> (missing_roles, context) { ... }
   config.when_unauthorized = -> (controller) { ... }
 end
 ```
 
-- `cache_enabled` must be a boolean determining whether roles are cached. Roles are cached by default to avoid unnecessary database queries. If you want to disable caching, set this option to `false`. If caching is enabled and you need to clear the cache, use the `Rabarber::Cache.clear` method.
+- `cache_enabled` must be a boolean determining whether roles are cached. Roles are cached by default to avoid unnecessary database queries. If you want to disable caching, set this option to `false`. If caching is enabled and you need to clear the cache, use `Rabarber::Cache.clear` method.
 
 - `current_user_method` must be a symbol representing the method that returns the currently authenticated user. The default value is `:current_user`.
 
@@ -112,6 +112,7 @@ By default, `#assign_roles` method will automatically create any roles that don'
 ```rb
 user.assign_roles(:accountant, :marketer, create_new: false)
 ```
+The method returns an array of roles assigned to the user.
 
 **`#revoke_roles`**
 
@@ -122,6 +123,8 @@ user.revoke_roles(:accountant, :marketer)
 ```
 If any of the specified roles doesn't exist or the user doesn't have the role you want to revoke, it will be ignored.
 
+The method returns an array of roles assigned to the user.
+
 **`#has_role?`**
 
 To check whether the user has a role, use:
@@ -140,6 +143,51 @@ To view all the roles assigned to the user, use:
 user.roles
 ```
 
+---
+
+To manipulate roles directly, you can use `Rabarber::Role` methods:
+
+**`.add`**
+
+To add a new role, use:
+
+```rb
+Rabarber::Role.add(:admin)
+```
+
+This will create a new role with the specified name and return `true`. If the role already exists, it will return `false`.
+
+**`.rename`**
+
+To rename a role, use:
+
+```rb
+Rabarber::Role.rename(:admin, :administrator)
+```
+The first argument is the old name, and the second argument is the new name. This will rename the role and return `true`. If a role with the new name already exists, it will return `false`.
+
+The method won't rename the role if it is assigned to any user. To force the rename, use the method with `force: true` argument:
+```rb
+Rabarber::Role.rename(:admin, :administrator, force: true)
+```
+
+**`.remove`**
+
+To remove a role, use:
+
+```rb
+Rabarber::Role.remove(:admin)
+```
+
+This will remove the role and return `true`. If the role doesn't exist, it will return `false`.
+
+The method won't remove the role if it is assigned to any user. To force the removal, use the method with `force: true` argument:
+```rb
+Rabarber::Role.remove(:admin, force: true)
+```
+
+**`.names`**
+
 If you need to list all the role names available in your application, use:
 
 ```rb
@@ -218,24 +266,26 @@ end
 
 This allows everyone to access `OrdersController` and its children and `index` action in `InvoicesController`. This also extends to scenarios where there is no user present, i.e. when the method responsible for returning the currently authenticated user in your application returns `nil`.
 
+Be aware that if the user is not authenticated (the method responsible for returning the currently authenticated user in your application returns `nil`), Rabarber will treat this situation as if the user with no roles assigned was authenticated.
+
 If you've set `must_have_roles` setting to `true`, then, only the users with at least one role can have access. This setting can be useful if your requirements are such that users without roles are not allowed to access anything.
 
 For more complex cases, Rabarber provides dynamic rules:
 
 ```rb
 class OrdersController < ApplicationController
-  grant_access if: :user_has_access?
-  grant_access unless: :user_has_no_access?
+  grant_access if: :current_company_accountant?
+  grant_access unless: :fired?
   ...
 
   private
 
-  def user_has_access?
-    ...
+  def current_company_accountant?
+    current_company.accountant == current_user
   end
 
-  def user_has_no_access?
-    ...
+  def fired?
+    current_user.fired?
   end
 end
 

data/lib/rabarber/cache.rb

@@ -10,16 +10,16 @@ module Rabarber
       enabled? ? Rails.cache.fetch(key, options, &block) : yield
     end
 
-    def delete(key)
-      Rails.cache.delete(key) if enabled?
+    def delete(*keys)
+      Rails.cache.delete_multi(keys) if enabled?
     end
 
     def enabled?
       Rabarber::Configuration.instance.cache_enabled
     end
 
-    def key_for(record)
-      "rabarber:roles_#{record.public_send(record.class.primary_key)}"
+    def key_for(id)
+      "rabarber:roles_#{id}"
     end
 
     def clear

data/lib/rabarber/configuration.rb

@@ -78,13 +78,13 @@ module Rabarber
       -> (missing_roles, context) {
         delimiter = context[:action] ? "#" : ""
         message = "Missing roles: #{missing_roles}, context: #{context[:controller]}#{delimiter}#{context[:action]}"
-        Rails.logger.tagged("Rabarber") { Rails.logger.warn message }
+        Rabarber::Logger.log(:warn, message)
       }
     end
 
     def default_when_unauthorized
       -> (controller) do
-        Rails.logger.tagged("Rabarber") { Rails.logger.warn "Unauthorized attempt" }
+        Rabarber::Logger.log(:warn, "Unauthorized attempt")
         if controller.request.format.html?
           controller.redirect_back fallback_location: controller.main_app.root_path
         else

data/lib/rabarber/logger.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Logger
+    module_function
+
+    def log(log_level, message)
+      Rails.logger.tagged("Rabarber") { Rails.logger.public_send(log_level, message) }
+    end
+  end
+end

data/lib/rabarber/missing/base.rb

@@ -41,7 +41,7 @@ module Rabarber
 
       def controller_rules
         if controller
-          { controller => Rabarber::Permissions.controller_rules[controller] }
+          Rabarber::Permissions.controller_rules.slice(controller)
         else
           Rabarber::Permissions.controller_rules
         end
@@ -49,7 +49,7 @@ module Rabarber
 
       def action_rules
         if controller
-          { controller => Rabarber::Permissions.action_rules[controller] }
+          Rabarber::Permissions.action_rules.slice(controller)
         else
           Rabarber::Permissions.action_rules
         end

data/lib/rabarber/missing/roles.rb

@@ -7,8 +7,8 @@ module Rabarber
 
       def check_controller_rules
         controller_rules.each do |controller, controller_rule|
-          missing_roles = controller_rule.roles - all_roles if controller_rule.present?
-          missing_list << Rabarber::Missing::Item.new(missing_roles, controller, nil) if missing_roles.present?
+          missing_roles = controller_rule.roles - all_roles
+          missing_list << Rabarber::Missing::Item.new(missing_roles, controller, nil) unless missing_roles.empty?
         end
       end
 

data/lib/rabarber/models/concerns/has_roles.rb

@@ -17,7 +17,7 @@ module Rabarber
     end
 
     def roles
-      Rabarber::Cache.fetch(Rabarber::Cache.key_for(self), expires_in: 1.hour, race_condition_ttl: 5.seconds) do
+      Rabarber::Cache.fetch(Rabarber::Cache.key_for(roleable_id), expires_in: 1.hour, race_condition_ttl: 5.seconds) do
         rabarber_roles.names
       end
     end
@@ -31,15 +31,25 @@ module Rabarber
 
       create_new_roles(roles_to_assign) if create_new
 
-      rabarber_roles << Rabarber::Role.where(name: roles_to_assign) - rabarber_roles
+      new_roles = Rabarber::Role.where(name: roles_to_assign) - rabarber_roles
 
-      delete_cache
+      if new_roles.any?
+        delete_roleable_cache
+        rabarber_roles << new_roles
+      end
+
+      roles
     end
 
     def revoke_roles(*role_names)
-      self.rabarber_roles = rabarber_roles - Rabarber::Role.where(name: process_role_names(role_names))
+      new_roles = rabarber_roles - Rabarber::Role.where(name: process_role_names(role_names))
+
+      if rabarber_roles != new_roles
+        delete_roleable_cache
+        self.rabarber_roles = new_roles
+      end
 
-      delete_cache
+      roles
     end
 
     private
@@ -53,8 +63,12 @@ module Rabarber
       Rabarber::Input::Roles.new(role_names).process
     end
 
-    def delete_cache
-      Rabarber::Cache.delete(Rabarber::Cache.key_for(self))
+    def delete_roleable_cache
+      Rabarber::Cache.delete(Rabarber::Cache.key_for(roleable_id))
+    end
+
+    def roleable_id
+      public_send(self.class.primary_key)
     end
   end
 end

data/lib/rabarber/models/role.rb

@@ -6,16 +6,66 @@ module Rabarber
 
     validates :name, presence: true, uniqueness: true, format: { with: Rabarber::Input::Roles::REGEX }
 
-    after_commit :delete_cache
+    has_and_belongs_to_many :roleables, join_table: "rabarber_roles_roleables"
 
-    def self.names
-      pluck(:name).map(&:to_sym)
-    end
+    class << self
+      def names
+        pluck(:name).map(&:to_sym)
+      end
+
+      def add(name)
+        name = process_role_name(name)
+
+        return false if exists?(name: name)
+
+        delete_roles_cache
+
+        !!create!(name: name)
+      end
+
+      def rename(old_name, new_name, force: false)
+        role = find_by(name: process_role_name(old_name))
+        name = process_role_name(new_name)
+
+        return false if !role || exists?(name: name) || assigned_to_roleables(role).any? && !force
+
+        delete_roles_cache
+        delete_roleables_cache(role)
+
+        role.update!(name: name)
+      end
+
+      def remove(name, force: false)
+        role = find_by(name: process_role_name(name))
+
+        return false if !role || assigned_to_roleables(role).any? && !force
+
+        delete_roles_cache
+        delete_roleables_cache(role)
+
+        !!role.destroy!
+      end
+
+      private
+
+      def delete_roles_cache
+        Rabarber::Cache.delete(Rabarber::Cache::ALL_ROLES_KEY)
+      end
+
+      def delete_roleables_cache(role)
+        keys = assigned_to_roleables(role).map { |roleable_id| Rabarber::Cache.key_for(roleable_id) }
+        Rabarber::Cache.delete(*keys) if keys.any?
+      end
 
-    private
+      def assigned_to_roleables(role)
+        ActiveRecord::Base.connection.select_values(
+          "SELECT roleable_id FROM rabarber_roles_roleables WHERE role_id = #{role.id}"
+        )
+      end
 
-    def delete_cache
-      Rabarber::Cache.delete(Rabarber::Cache::ALL_ROLES_KEY)
+      def process_role_name(name)
+        Rabarber::Input::Roles.new(name).process[0]
+      end
     end
   end
 end

data/lib/rabarber/permissions.rb

@@ -15,22 +15,24 @@ module Rabarber
       @storage = { controller_rules: Hash.new({}), action_rules: Hash.new([]) }
     end
 
-    def self.add(controller, action, roles, dynamic_rule, negated_dynamic_rule)
-      rule = Rabarber::Rule.new(action, roles, dynamic_rule, negated_dynamic_rule)
-
-      if action
-        instance.storage[:action_rules][controller] += [rule]
-      else
-        instance.storage[:controller_rules][controller] = rule
+    class << self
+      def add(controller, action, roles, dynamic_rule, negated_dynamic_rule)
+        rule = Rabarber::Rule.new(action, roles, dynamic_rule, negated_dynamic_rule)
+
+        if action
+          instance.storage[:action_rules][controller] += [rule]
+        else
+          instance.storage[:controller_rules][controller] = rule
+        end
       end
-    end
 
-    def self.controller_rules
-      instance.storage[:controller_rules]
-    end
+      def controller_rules
+        instance.storage[:controller_rules]
+      end
 
-    def self.action_rules
-      instance.storage[:action_rules]
+      def action_rules
+        instance.storage[:action_rules]
+      end
     end
   end
 end

data/lib/rabarber/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rabarber
-  VERSION = "1.2.1"
+  VERSION = "1.3.0"
 end

data/lib/rabarber.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "rabarber/version"
+require_relative "rabarber/logger"
 require_relative "rabarber/configuration"
 
 require "active_record"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 1.3.0
 platform: ruby
 authors:
 - enjaku4
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-07 00:00:00.000000000 Z
+date: 2024-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -50,6 +50,7 @@ files:
 - lib/rabarber/input/types/booleans.rb
 - lib/rabarber/input/types/procs.rb
 - lib/rabarber/input/types/symbols.rb
+- lib/rabarber/logger.rb
 - lib/rabarber/missing/actions.rb
 - lib/rabarber/missing/base.rb
 - lib/rabarber/missing/roles.rb
@@ -79,7 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.33
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: Simple authorization library for Ruby on Rails.