rabarber 4.1.4 → 5.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +43 -3
  3. data/README.md +200 -385
  4. data/lib/rabarber/configuration.rb +14 -11
  5. data/lib/rabarber/controllers/concerns/authorization.rb +11 -11
  6. data/lib/rabarber/core/integrity_checker.rb +44 -0
  7. data/lib/rabarber/core/permissions.rb +5 -0
  8. data/lib/rabarber/core/roleable.rb +10 -3
  9. data/lib/rabarber/core/rule.rb +6 -4
  10. data/lib/rabarber/helpers/helpers.rb +4 -4
  11. data/lib/rabarber/helpers/migration_helpers.rb +29 -0
  12. data/lib/rabarber/input/ar_model.rb +23 -0
  13. data/lib/rabarber/models/concerns/has_roles.rb +11 -24
  14. data/lib/rabarber/models/role.rb +20 -33
  15. data/lib/rabarber/railtie.rb +26 -1
  16. data/lib/rabarber/version.rb +1 -1
  17. data/lib/rabarber.rb +4 -6
  18. data/rabarber.gemspec +3 -4
  19. metadata +13 -23
  20. data/lib/rabarber/audit/events/base.rb +0 -49
  21. data/lib/rabarber/audit/events/roles_assigned.rb +0 -31
  22. data/lib/rabarber/audit/events/roles_revoked.rb +0 -31
  23. data/lib/rabarber/audit/events/unauthorized_attempt.rb +0 -27
  24. data/lib/rabarber/audit/logger.rb +0 -23
  25. data/lib/rabarber/core/null_roleable.rb +0 -23
  26. data/lib/rabarber/core/permissions_integrity_checker.rb +0 -36
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5152a05ff663a5216b2fc2f546bf3b111f3e78a4c44c0088e72f2f73ac89464f
4
- data.tar.gz: f6f24ff379055cfd5f4f7e93377a548289fd8f7b30b2f06053fd958f6ab8e5a3
3
+ metadata.gz: 874cd3840269f288baec19fd5e240afdd6b06e3e5b81d703eb30e8e62283fb32
4
+ data.tar.gz: 117d060ffe53ae884b657c1d79a94d9762de1de8b6726659128d7be805c77e24
5
5
  SHA512:
6
- metadata.gz: e31e2c7fa58d42096203d1f8027acea031a720fafe21fd44b179a8c2e66818686ebd55abf2ec0d3229c93fc7e04b514a68fa20feebef25b7e11048caac4e58e7
7
- data.tar.gz: 6b7143de48cc95ead0caf5256c9e3d28a54a515f4ea50cf33fc87271d5d13071782fad1926dda698e7842047f7bbed4a2cfe8254be3390af0ab1fde2608a9b30
6
+ metadata.gz: c2207e66e0743b7e5a81acfcc2707d00313fa2a8e9d8e652c7f0dc41b331d8cfa0c4d3504ff5e857606666f0145023a68e8c6d961d6285d48e36c435d4597a38
7
+ data.tar.gz: ea1ab97b91cb45611f4ca24a6418484a0b7634d00b0f96cec8485ba543500fc763a33f1e0cbaf7027a8a375623e91481ca1de74d47f50cf86fe5b91bfe456d0b
data/CHANGELOG.md CHANGED
@@ -1,3 +1,43 @@
1
+ ## v5.1.0
2
+
3
+ ### Features:
4
+
5
+ - Added `revoke_all_roles` method to revoke all user roles at once
6
+
7
+ ### Bugs:
8
+
9
+ - Fixed HTTP status code for unauthorized non-HTML requests from 401 to 403
10
+ - Fixed some error types for consistency
11
+
12
+ ## v5.0.0
13
+
14
+ ### Breaking:
15
+
16
+ - Dropped support for Ruby 3.1
17
+ - Dropped support for Rails 7.0
18
+ - Removed the `must_have_roles` configuration option and its associated behavior
19
+ - Completely removed Audit Trail feature
20
+ - Introduced a new `user_model_name` configuration option
21
+ - Added `with_authorization` method for more granular authorization control
22
+ - `Rabarber::Role.rename` and `Rabarber::Role.remove` now require the role to exist
23
+
24
+ To upgrade to v5.0.0, please refer to the [migration guide](https://github.com/brownboxdev/rabarber/discussions/77)
25
+
26
+ ### Features:
27
+
28
+ - Added migration helpers to assist with context renaming and removal
29
+
30
+ ### Bugs:
31
+
32
+ - Fixed an error that occurred when Rabarber was used with eager loading disabled
33
+ - Fixed an issue where authorization rules weren’t cleared on code reload when eager loading was disabled
34
+
35
+ ### Misc:
36
+
37
+ - Optimized various parts of the code and database queries for improved performance
38
+ - Streamlined the authorization process by requiring the user to be authenticated before access is verified
39
+ - Rabarber now skips roles with missing instance context and prunes them automatically; missing class context still raises errors
40
+
1
41
  ## v4.1.4
2
42
 
3
43
  ### Misc:
@@ -86,7 +126,7 @@
86
126
 
87
127
  - Changed Rabarber roles table structure
88
128
 
89
- To upgrade to v3.0.0, please refer to the [migration guide](https://github.com/enjaku4/rabarber/discussions/58)
129
+ To upgrade to v3.0.0, please refer to the [migration guide](https://github.com/brownboxdev/rabarber/discussions/58)
90
130
 
91
131
  ### Features:
92
132
 
@@ -110,7 +150,7 @@ To upgrade to v3.0.0, please refer to the [migration guide](https://github.com/e
110
150
  - Replaced `when_unauthorized` configuration option with an overridable controller method
111
151
  - Renamed `Rabarber::Role.assignees_for` method to `Rabarber::Role.assignees`
112
152
 
113
- To upgrade to v2.0.0, please refer to the [migration guide](https://github.com/enjaku4/rabarber/discussions/52)
153
+ To upgrade to v2.0.0, please refer to the [migration guide](https://github.com/brownboxdev/rabarber/discussions/52)
114
154
 
115
155
  ### Features:
116
156
 
@@ -132,7 +172,7 @@ To upgrade to v2.0.0, please refer to the [migration guide](https://github.com/e
132
172
 
133
173
  - Add 'Audit trail' feature: Logging of role assignments, revocations, and unauthorized access attempts
134
174
  - Add `audit_trail_enabled` configuration option, allowing to enable or disable the audit trail
135
- - Deprecate `when_actions_missing` and `when_roles_missing` configuration options (see [the discussion](https://github.com/enjaku4/rabarber/discussions/48))
175
+ - Deprecate `when_actions_missing` and `when_roles_missing` configuration options
136
176
 
137
177
  ## v1.3.1
138
178