rabarber 1.4.0 → 2.0.0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 2.0.0
 platform: ruby
 authors:
 - enjaku4
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-17 00:00:00.000000000 Z
+date: 2024-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -18,6 +18,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -25,6 +28,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7.2'
 description:
 email:
 - rabarber_gem@icloud.com
@@ -38,11 +44,18 @@ files:
 - lib/generators/rabarber/roles_generator.rb
 - lib/generators/rabarber/templates/create_rabarber_roles.rb.erb
 - lib/rabarber.rb
-- lib/rabarber/cache.rb
+- lib/rabarber/audit/events/base.rb
+- lib/rabarber/audit/events/roles_assigned.rb
+- lib/rabarber/audit/events/roles_revoked.rb
+- lib/rabarber/audit/events/unauthorized_attempt.rb
+- lib/rabarber/audit/logger.rb
 - lib/rabarber/configuration.rb
 - lib/rabarber/controllers/concerns/authorization.rb
 - lib/rabarber/core/access.rb
+- lib/rabarber/core/cache.rb
 - lib/rabarber/core/permissions.rb
+- lib/rabarber/core/permissions_integrity_checker.rb
+- lib/rabarber/core/roleable.rb
 - lib/rabarber/core/rule.rb
 - lib/rabarber/helpers/helpers.rb
 - lib/rabarber/input/action.rb
@@ -53,10 +66,6 @@ files:
 - lib/rabarber/input/types/boolean.rb
 - lib/rabarber/input/types/proc.rb
 - lib/rabarber/input/types/symbol.rb
-- lib/rabarber/logger.rb
-- lib/rabarber/missing/actions.rb
-- lib/rabarber/missing/base.rb
-- lib/rabarber/missing/roles.rb
 - lib/rabarber/models/concerns/has_roles.rb
 - lib/rabarber/models/role.rb
 - lib/rabarber/railtie.rb
@@ -76,6 +85,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
   - - ">="
     - !ruby/object:Gem::Version
       version: '3.0'
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '3.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/lib/rabarber/cache.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-module Rabarber
-  module Cache
-    module_function
-
-    ALL_ROLES_KEY = "rabarber:roles"
-
-    def fetch(key, options, &block)
-      enabled? ? Rails.cache.fetch(key, options, &block) : yield
-    end
-
-    def delete(*keys)
-      Rails.cache.delete_multi(keys) if enabled?
-    end
-
-    def enabled?
-      Rabarber::Configuration.instance.cache_enabled
-    end
-
-    def key_for(id)
-      "rabarber:roles_#{id}"
-    end
-
-    def clear
-      Rails.cache.delete_matched(/^rabarber/)
-    end
-  end
-end

data/lib/rabarber/logger.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-module Rabarber
-  class Logger
-    include Singleton
-
-    attr_reader :rails_logger, :audit_logger
-
-    def initialize
-      @rails_logger = Rails.logger
-      @audit_logger = ::Logger.new(Rails.root.join("log/rabarber_audit.log"))
-    end
-
-    class << self
-      def log(log_level, message)
-        instance.rails_logger.tagged("Rabarber") { instance.rails_logger.public_send(log_level, message) }
-      end
-
-      def audit(log_level, message)
-        return unless Rabarber::Configuration.instance.audit_trail_enabled
-
-        instance.audit_logger.public_send(log_level, message)
-      end
-
-      def roleable_identity(roleable, with_roles:)
-        if roleable
-          model_name = roleable.model_name.human
-          primary_key = roleable.class.primary_key
-          roleable_id = roleable.public_send(primary_key)
-
-          roles = with_roles ? ", roles: #{roleable.roles}" : ""
-
-          "#{model_name} with #{primary_key}: '#{roleable_id}'#{roles}"
-        else
-          "Unauthenticated user"
-        end
-      end
-    end
-  end
-end

data/lib/rabarber/missing/actions.rb

@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-
-module Rabarber
-  module Missing
-    class Actions < Rabarber::Missing::Base
-      private
-
-      def check_controller_rules
-        nil
-      end
-
-      def check_action_rules
-        action_rules.each do |controller, controller_action_rules|
-          missing_actions = controller_action_rules.map(&:action) - controller.action_methods.map(&:to_sym)
-          missing_list << Rabarber::Missing::Item.new(missing_actions, controller, nil) if missing_actions.present?
-        end
-      end
-
-      def configuration_name
-        :when_actions_missing
-      end
-    end
-  end
-end

data/lib/rabarber/missing/base.rb

@@ -1,61 +0,0 @@
-# frozen_string_literal: true
-
-module Rabarber
-  module Missing
-    class Base
-      attr_reader :controller
-
-      def initialize(controller = nil)
-        @controller = controller
-      end
-
-      def handle
-        check_controller_rules
-        check_action_rules
-
-        return if missing_list.empty?
-
-        missing_list.each do |item|
-          context = item.action ? { controller: item.controller, action: item.action } : { controller: item.controller }
-          Rabarber::Configuration.instance.public_send(configuration_name).call(item.missing, context)
-        end
-      end
-
-      private
-
-      def check_controller_rules
-        raise NotImplementedError
-      end
-
-      def check_action_rules
-        raise NotImplementedError
-      end
-
-      def configuration_name
-        raise NotImplementedError
-      end
-
-      def missing_list
-        @missing_list ||= []
-      end
-
-      def controller_rules
-        if controller
-          Rabarber::Core::Permissions.controller_rules.slice(controller)
-        else
-          Rabarber::Core::Permissions.controller_rules
-        end
-      end
-
-      def action_rules
-        if controller
-          Rabarber::Core::Permissions.action_rules.slice(controller)
-        else
-          Rabarber::Core::Permissions.action_rules
-        end
-      end
-    end
-
-    Item = Struct.new(:missing, :controller, :action)
-  end
-end

data/lib/rabarber/missing/roles.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-module Rabarber
-  module Missing
-    class Roles < Rabarber::Missing::Base
-      private
-
-      def check_controller_rules
-        controller_rules.each do |controller, controller_rule|
-          missing_roles = controller_rule.roles - all_roles
-          missing_list << Rabarber::Missing::Item.new(missing_roles, controller, nil) unless missing_roles.empty?
-        end
-      end
-
-      def check_action_rules
-        action_rules.each do |controller, controller_action_rules|
-          controller_action_rules.each do |action_rule|
-            missing_roles = action_rule.roles - all_roles
-            missing_list << Rabarber::Missing::Item.new(missing_roles, controller, action_rule.action) if missing_roles.any?
-          end
-        end
-      end
-
-      def configuration_name
-        :when_roles_missing
-      end
-
-      def all_roles
-        @all_roles ||= Rabarber::Cache.fetch(
-          Rabarber::Cache::ALL_ROLES_KEY, expires_in: 1.day, race_condition_ttl: 10.seconds
-        ) { Rabarber::Role.names }
-      end
-    end
-  end
-end