RubyGems - rabarber - Versions diffs - 1.4.0 → 1.4.1 - Mend

rabarber 1.4.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bcddaf07627eb382c58a733150e460348527476d2234f65fe0db2760bce6206f
-  data.tar.gz: 3d1bbfab2a57d860bcb9656cadb5606d09674f887a58b96db0897c3516aed5d2
+  metadata.gz: 23a3e2a6c83a827ad3cd468761de12d2124cdd2f1b022e18661fdf97f21302e7
+  data.tar.gz: 1b56b41289ce816796856832f07e76453ecfa0c290f1cd8f37f4a83690227abc
 SHA512:
-  metadata.gz: e5ae51e17b580757cc427f269b43155ca3ea5eda5b4813be5d023c273f2271d96108639e24c1921ace823de4cc06b43c03372eb98d64f6d4376f9628e7b6d616
-  data.tar.gz: 232a9ded49264955b8cf7d22de5a1443947dd84d90f44f15f6dc9c9346ee7b1cee56afa85a55bf44bf5325bb1d26e17e6fcf0b8076d3f14381a9bb43254038ab
+  metadata.gz: ac4af855dc20a41b78633fa4c4e946d1c54fad1df93e5f8505954bc4ff2cd43307fc94789718e1f9a563b44a57d3266660b84057f9de1d61afdab1111eb5b506
+  data.tar.gz: 17408ae706718e23ac594cd7c3144413c78aa69ce1ae0d0a230e5f62400917e1d5a82a22bd727df19391c7cbf235510cbaea8bbf6edc7aba47b8bcab06e6de81

data/CHANGELOG.md CHANGED Viewed

@@ -1,27 +1,31 @@
-## 1.4.0
+## v1.4.1
+- Fix an issue where an error could be raised when using controller-wide dynamic rules
+## v1.4.0
 - Add 'Audit trail' feature: Logging of role assignments, revocations, and unauthorized access attempts
 - Add `audit_trail_enabled` configuration option, allowing to enable or disable the audit trail
 - Deprecate `when_actions_missing` and `when_roles_missing` configuration options (see [the discussion](https://github.com/enjaku4/rabarber/discussions/48))
-## 1.3.1
+## v1.3.1
 - Add `Rabarber::Role.assignees_for` method
 - Fix inconsistent behavior where passing `nil` as a role name to role management methods would raise an `ActiveRecord` error instead of `Rabarber` error
 - Various minor code improvements
-## 1.3.0
+## v1.3.0
 - Add methods to directly add, rename, and remove roles
 - Modify `Rabarber::HasRoles#assign_roles` and `Rabarber::HasRoles#revoke_roles` methods to return the list of roles assigned to the user
 - Minor performance improvements
-## 1.2.2
+## v1.2.2
 - Refactor to improve readability and maintainability
 - Fix minor code errors
-## 1.2.1
+## v1.2.1
 - Cache roles to avoid unnecessary database queries
 - Introduce `cache_enabled` configuration option allowing to enable or disable role caching
@@ -29,61 +33,61 @@
 - Fix an issue where an error would be raised if the user is not authenticated
 - Various minor improvements
-## 1.2.0
+## v1.2.0
 - Enhance handling of missing actions and roles specified in `grant_access` method by raising an error for missing actions and logging a warning for missing roles
 - Introduce `when_actions_missing` and `when_roles_missing` configuration options, allowing to customize the behavior when actions or roles are not found
-## 1.1.0
+## v1.1.0
 - Add support for `unless` argument in `grant_access` method, allowing to define negated dynamic rules
 - Fix a bug where specifying a dynamic rule as a symbol without specifying an action would result in an error
-## 1.0.5
+## v1.0.5
 - Add co-author: [trafium](https://github.com/trafium)
-## 1.0.4
+## v1.0.4
 - Allow to use strings as role names
-## 1.0.3
+## v1.0.3
 - Enhance clarity by improving error types and messages
 - Resolve inconsistency in types of role names
-## 1.0.2
+## v1.0.2
 - Various enhancements for gem development and release
 - Modify `Rabarber::HasRoles#roles` method to return an array of role names instead of `Rabarber::Role` objects
-## 1.0.1
+## v1.0.1
 - Various enhancements for gem development
-## 1.0.0
+## v1.0.0
 - Drop support for Ruby 2.7
 - Add support for Ruby 3.3
 - Various minor improvements
-## 0.1.5
+## v0.1.5
 - Add missing `foreign_key` option to `CreateRabarberRoles` migration
 - Allow only lowercase alphanumeric characters and underscores in role names
-## 0.1.4
+## v0.1.4
 - Remove `Rabarber::HasRoles#role?` method as unnecessary
-## 0.1.3
+## v0.1.3
 - Fully revise and update README for clarity
-## 0.1.2
+## v0.1.2
 - Fix check that `Rabarber::HasRoles` can only be included once
-## 0.1.1
+## v0.1.1
 - Initial release

data/README.md CHANGED Viewed

@@ -88,7 +88,6 @@ end
 The following configuration options are deprecated and will be removed in the next major version (see [the discussion](https://github.com/enjaku4/rabarber/discussions/48)):
 - `when_actions_missing` must be a proc where you can define the behaviour when the action specified in `grant_access` method cannot be found in the controller. Lambda argument `missing_actions` is an array of symbols, e.g., `[:index]`, while `context` argument is a hash that looks like this: `{ controller: "InvoicesController" }`. This check is performed when the application is initialized if `eager_load` configuration is enabled in Rails and also on every request. _By default, an error is raised when action is missing._
 - `when_roles_missing` must be a proc where you can define the behaviour when the roles specified in `grant_access` method cannot be found in the database. Lambda argument `missing_roles` is an array of symbols, e.g., `[:admin]`, while `context` argument is a hash that looks like this: `{ controller: "InvoicesController", action: "index" }`. This check is performed when the application is initialized if `eager_load` configuration is enabled in Rails and also on every request. _By default, a warning is logged when roles are missing._
 ## Roles
@@ -223,16 +222,18 @@ The most basic usage of the method is as follows:
 class InvoicesController < ApplicationController
   grant_access action: :index, roles: [:accountant, :admin]
   def index
+    @invoices = Invoice.all
+    @invoices = @invoices.paid if current_user.has_role?(:accountant)
     ...
   end
-  grant_access action: :delete, roles: :admin
-  def delete
+  grant_access action: :destroy, roles: :admin
+  def destroy
     ...
   end
 end
 ```
-This grants access to `index` action for users with `accountant` or `admin` role, and access to `delete` action for `admin` users only.
+This grants access to `index` action for users with `accountant` or `admin` role, and access to `destroy` action for `admin` users only.
 You can also define controller-wide rules (without `action` argument):
@@ -285,14 +286,16 @@ For more complex cases, Rabarber provides dynamic rules:
 ```rb
 class OrdersController < ApplicationController
-  grant_access if: :current_company_accountant?
-  grant_access unless: :fired?
-  ...
+  grant_access roles: :manager, if: :company_manager?, unless: :fired?
+  def index
+    ...
+  end
   private
-  def current_company_accountant?
-    current_company.accountant == current_user
+  def company_manager?
+    Company.find(params[:company_id]).manager == current_user
   end
   def fired?
@@ -301,12 +304,17 @@ class OrdersController < ApplicationController
 end
 class InvoicesController < ApplicationController
-  grant_access action: :index, roles: :accountant, if: -> { current_user.passed_probation_period? }
+  grant_access roles: :senior_accountant
+  grant_access action: :index, roles: [:secretary, :accountant], if: -> { InvoicesPolicy.new(current_user).can_access?(:index) }
   def index
+    @invoices = Invoice.all
+    @invoices = @invoices.where("total < 10000") if current_user.has_role?(:accountant)
+    @invoices = @invoices.unpaid if current_user.has_role?(:secretary)
     ...
   end
-  grant_access action: :show, roles: :client, unless: -> { current_user.banned? }
+  grant_access action: :show, roles: :accountant, unless: -> { Invoice.find(params[:id]).total > 10_000 }
   def show
     ...
   end

data/lib/rabarber/core/access.rb CHANGED Viewed

@@ -9,20 +9,14 @@ module Rabarber
       end
       def controller_accessible?(roles, controller, dynamic_rule_receiver)
-        accessible_controllers(roles, dynamic_rule_receiver).any? do |accessible_controller|
-          controller <= accessible_controller
+        controller_rules.any? do |rule_controller, rule|
+          controller <= rule_controller && rule.verify_access(roles, dynamic_rule_receiver)
         end
       end
       def action_accessible?(roles, controller, action, dynamic_rule_receiver)
         action_rules[controller].any? { |rule| rule.verify_access(roles, dynamic_rule_receiver, action) }
       end
-      private
-      def accessible_controllers(roles, dynamic_rule_receiver)
-        controller_rules.select { |_, rule| rule.verify_access(roles, dynamic_rule_receiver) }.keys
-      end
     end
   end
 end

data/lib/rabarber/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Rabarber
-  VERSION = "1.4.0"
+  VERSION = "1.4.1"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.1
 platform: ruby
 authors:
 - enjaku4
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-17 00:00:00.000000000 Z
+date: 2024-04-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails