RubyGems - rabarber - Versions diffs - 4.1.4 → 5.1.0 - Mend

rabarber 4.1.4 → 5.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +43 -3
data/README.md +200 -385
data/lib/rabarber/configuration.rb +14 -11
data/lib/rabarber/controllers/concerns/authorization.rb +11 -11
data/lib/rabarber/core/integrity_checker.rb +44 -0
data/lib/rabarber/core/permissions.rb +5 -0
data/lib/rabarber/core/roleable.rb +10 -3
data/lib/rabarber/core/rule.rb +6 -4
data/lib/rabarber/helpers/helpers.rb +4 -4
data/lib/rabarber/helpers/migration_helpers.rb +29 -0
data/lib/rabarber/input/ar_model.rb +23 -0
data/lib/rabarber/models/concerns/has_roles.rb +11 -24
data/lib/rabarber/models/role.rb +20 -33
data/lib/rabarber/railtie.rb +26 -1
data/lib/rabarber/version.rb +1 -1
data/lib/rabarber.rb +4 -6
data/rabarber.gemspec +3 -4
metadata +13 -23
data/lib/rabarber/audit/events/base.rb +0 -49
data/lib/rabarber/audit/events/roles_assigned.rb +0 -31
data/lib/rabarber/audit/events/roles_revoked.rb +0 -31
data/lib/rabarber/audit/events/unauthorized_attempt.rb +0 -27
data/lib/rabarber/audit/logger.rb +0 -23
data/lib/rabarber/core/null_roleable.rb +0 -23
data/lib/rabarber/core/permissions_integrity_checker.rb +0 -36

data/lib/rabarber/audit/events/base.rb DELETED Viewed

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-require_relative "../logger"
-module Rabarber
-  module Audit
-    module Events
-      class Base
-        attr_reader :roleable, :specifics
-        def self.trigger(roleable, specifics)
-          new(roleable, specifics).send(:log)
-        end
-        private
-        def initialize(roleable, specifics)
-          @roleable = roleable
-          @specifics = specifics
-        end
-        def log
-          Rabarber::Audit::Logger.log(log_level, message)
-        end
-        def log_level
-          raise NotImplementedError
-        end
-        def message
-          raise NotImplementedError
-        end
-        def identity
-          roleable.log_identity
-        end
-        def human_context
-          case context
-          in { context_type: nil, context_id: nil } then "Global"
-          in { context_type:, context_id: nil } then context_type
-          in { context_type:, context_id: } then "#{context_type}##{context_id}"
-          else raise Rabarber::Error, "Unexpected context: #{context.inspect}"
-          end
-        end
-      end
-    end
-  end
-end

data/lib/rabarber/audit/events/roles_assigned.rb DELETED Viewed

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-module Rabarber
-  module Audit
-    module Events
-      class RolesAssigned < Base
-        private
-        def log_level
-          :info
-        end
-        def message
-          "[Role Assignment] #{identity} | context: #{human_context} | assigned: #{roles_to_assign} | current: #{current_roles}"
-        end
-        def context
-          specifics.fetch(:context)
-        end
-        def roles_to_assign
-          specifics.fetch(:roles_to_assign)
-        end
-        def current_roles
-          specifics.fetch(:current_roles)
-        end
-      end
-    end
-  end
-end

data/lib/rabarber/audit/events/roles_revoked.rb DELETED Viewed

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-module Rabarber
-  module Audit
-    module Events
-      class RolesRevoked < Base
-        private
-        def log_level
-          :info
-        end
-        def message
-          "[Role Revocation] #{identity} | context: #{human_context} | revoked: #{roles_to_revoke} | current: #{current_roles}"
-        end
-        def context
-          specifics.fetch(:context)
-        end
-        def roles_to_revoke
-          specifics.fetch(:roles_to_revoke)
-        end
-        def current_roles
-          specifics.fetch(:current_roles)
-        end
-      end
-    end
-  end
-end

data/lib/rabarber/audit/events/unauthorized_attempt.rb DELETED Viewed

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-module Rabarber
-  module Audit
-    module Events
-      class UnauthorizedAttempt < Base
-        private
-        def log_level
-          :warn
-        end
-        def message
-          "[Unauthorized Attempt] #{identity} | request: #{request_method} #{path}"
-        end
-        def path
-          specifics.fetch(:path)
-        end
-        def request_method
-          specifics.fetch(:request_method)
-        end
-      end
-    end
-  end
-end

data/lib/rabarber/audit/logger.rb DELETED Viewed

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-require "singleton"
-module Rabarber
-  module Audit
-    class Logger
-      include Singleton
-      attr_reader :logger
-      def initialize
-        @logger = ::Logger.new(Rails.root.join("log/rabarber_audit.log"))
-      end
-      def self.log(log_level, message)
-        return unless Rabarber::Configuration.instance.audit_trail_enabled
-        instance.logger.public_send(log_level, message)
-      end
-    end
-  end
-end

data/lib/rabarber/core/null_roleable.rb DELETED Viewed

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-module Rabarber
-  module Core
-    class NullRoleable
-      def roles(context:) # rubocop:disable Lint/UnusedMethodArgument
-        []
-      end
-      def all_roles
-        {}
-      end
-      def has_role?(*role_names, context: nil) # rubocop:disable Lint/UnusedMethodArgument
-        false
-      end
-      def log_identity
-        "Unauthenticated #{Rabarber::HasRoles.roleable_class.model_name.human.downcase}"
-      end
-    end
-  end
-end

data/lib/rabarber/core/permissions_integrity_checker.rb DELETED Viewed

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-module Rabarber
-  module Core
-    class PermissionsIntegrityChecker
-      attr_reader :controller
-      def initialize(controller = nil)
-        @controller = controller
-      end
-      def run!
-        return if missing_list.empty?
-        raise(
-          Rabarber::Error,
-          "Following actions were passed to 'grant_access' method but are not defined in the controller:\n#{missing_list.to_yaml}"
-        )
-      end
-      private
-      def missing_list
-        @missing_list ||= action_rules.each_with_object([]) do |(controller, hash), arr|
-          missing_actions = hash.keys - controller.action_methods.map(&:to_sym)
-          arr << { controller => missing_actions } if missing_actions.any?
-        end
-      end
-      def action_rules
-        rules = Rabarber::Core::Permissions.action_rules
-        controller ? rules.slice(controller) : rules
-      end
-    end
-  end
-end