rabarber 5.1.1 → 5.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 841b259e40b7e446647ee02fcca64cd183c64978c194edb6917ba344d9f12e92
-  data.tar.gz: 044c1aa8248f7b1b16f1c78648a0b4cafb0451f31d8fed5b72f6d3343a645c48
+  metadata.gz: bcf3063fc3e0bb700ae4e372cec9807b3796863f8e94e5b2f8e79d9594d50b10
+  data.tar.gz: 82abf396141f483ca0ec10982bb9ef35ea8a1d79f0a1e111f2c8b483a0e480e5
 SHA512:
-  metadata.gz: a0880247a0c7f1af21dbb8099880d24ec200295e54f976855aac577fba55b692fee41a7ddfaf10f83848dfba20e2c0ac8289eb7bc94df21cabceb04da47925c1
-  data.tar.gz: 024e3093a753d53f158532c829ca245b159448d19901d884b4c09518e70b81d39d710ee0867339ca064bc0519fd06ef53a7af507149d29e80a2a2216ad92a096
+  metadata.gz: 023fddca28a49a89534c1d5c0b716e7f518a3a975e2b6a5883f156f75acd73a28564b475080fd5abdf7ffce294b21c1af07be276141ac747d92b9087b8cbac96
+  data.tar.gz: 7ae10c74e73ee844d22011a6678a8b9af579d2657d3020fe28958912c3b4a1fb033ed0a11c7af126c7367e30fcd54a1058f529b39acf0cac31391f5bc0a76146

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## v5.1.2
+
+### Misc:
+
+- Minor performance improvements and code cleanup
+- Relaxed dependency versions
+
 ## v5.1.1
 
 ### Misc:

data/README.md

@@ -181,11 +181,6 @@ class TicketsController < ApplicationController
   def index
     # Accessible to admin, manager, and support roles
   end
-
-  grant_access action: :destroy, roles: :owner, context: -> { Ticket.find(params[:id]) }
-  def destroy
-    # Accessible to admin and owner of the ticket
-  end
 end
 ```
 
@@ -244,9 +239,7 @@ class ApplicationController < ActionController::Base
   private
 
   def when_unauthorized
-    # Default behavior: redirect back (HTML) or return 403 (other formats)
-    # Custom behavior example:
-    head :not_found # Hide existence of protected resources
+    head :not_found # Custom behavior to hide existence of protected resources
   end
 end
 ```
@@ -288,7 +281,7 @@ end
 
 ## Multi-tenancy / Context
 
-All Rabarber methods accept a `context` parameter, allowing you to work with roles within specific scopes rather than globally.
+All Rabarber methods accept a `context` parameter, allowing you to work with roles within specific scopes. By default, context is `nil`, meaning roles are global.
 
 ### Contextual Role Assignment
 
@@ -304,6 +297,9 @@ user.assign_roles(:admin, context: Project)
 user.has_role?(:owner, context: project)
 user.has_role?(:admin, context: Project)
 
+# Revoke roles within a specific context
+user.revoke_roles(:owner, context: project)
+
 # Get roles within context
 user.roles(context: project)
 Rabarber::Role.names(context: Project)
@@ -341,11 +337,11 @@ end
 Handle context changes when models are renamed or removed. These are irreversible data migrations.
 
 ```rb
-# Rename a context class (e.g., when you rename your Project model to Campaign)
-migrate_authorization_context!("Project", "Campaign")
+# Rename a context class (e.g., when you rename your Ticket model to Task)
+migrate_authorization_context!("Ticket", "Task")
 
-# Remove orphaned context data (e.g., when you delete a model entirely)
-delete_authorization_context!("DeletedModel")
+# Remove orphaned context data (e.g., when you delete the Ticket model entirely)
+delete_authorization_context!("Ticket")
 ```
 
 ## View Helpers

data/lib/rabarber/configuration.rb

@@ -12,43 +12,39 @@ module Rabarber
             default: true,
             reader: true,
             constructor: -> (value) do
-              Rabarber::Inputs.process(
+              Rabarber::Inputs::Boolean.new(
                 value,
-                as: :boolean,
                 error: Rabarber::ConfigurationError,
                 message: "Invalid configuration `cache_enabled`, expected a boolean, got #{value.inspect}"
-              )
+              ).process
             end
     setting :current_user_method,
             default: :current_user,
             reader: true,
             constructor: -> (value) do
-              Rabarber::Inputs.process(
+              Rabarber::Inputs::Symbol.new(
                 value,
-                as: :symbol,
                 error: Rabarber::ConfigurationError,
                 message: "Invalid configuration `current_user_method`, expected a symbol or a string, got #{value.inspect}"
-              )
+              ).process
             end
     setting :user_model_name,
             default: "User",
             reader: true,
             constructor: -> (value) do
-              Rabarber::Inputs.process(
+              Rabarber::Inputs::NonEmptyString.new(
                 value,
-                as: :string,
                 error: Rabarber::ConfigurationError,
                 message: "Invalid configuration `user_model_name`, expected an ActiveRecord model name, got #{value.inspect}"
-              )
+              ).process
             end
 
     def user_model
-      Rabarber::Inputs.process(
+      Rabarber::Inputs::Model.new(
         user_model_name,
-        as: :model,
         error: Rabarber::ConfigurationError,
         message: "Invalid configuration `user_model_name`, expected an ActiveRecord model name, got #{user_model_name.inspect}"
-      )
+      ).process
     end
   end
 end

data/lib/rabarber/controllers/concerns/authorization.rb

@@ -19,36 +19,35 @@ module Rabarber
       end
 
       def grant_access(action: nil, roles: nil, context: nil, if: nil, unless: nil)
+        if_rule = binding.local_variable_get(:if)
+        unless_rule = binding.local_variable_get(:unless)
+
         Rabarber::Core::Permissions.add(
           self,
-          Rabarber::Inputs.process(
+          Rabarber::Inputs::Symbol.new(
             action,
-            as: :symbol,
             optional: true,
             message: "Expected a symbol or a string, got #{action.inspect}"
-          ),
-          Rabarber::Inputs.process(
+          ).process,
+          Rabarber::Inputs::Roles.new(
             roles,
-            as: :roles,
             message: "Expected an array of symbols or strings containing only lowercase letters, numbers, and underscores, got #{roles.inspect}"
-          ),
-          Rabarber::Inputs.process(
+          ).process,
+          Rabarber::Inputs::Contexts::Authorizational.new(
             context,
-            as: :authorization_context,
+            error: Rabarber::InvalidContextError,
             message: "Expected a Class, an instance of ActiveRecord model, a symbol, a string, or a proc, got #{context.inspect}"
-          ),
-          Rabarber::Inputs.process(
-            binding.local_variable_get(:if),
-            as: :dynamic_rule,
+          ).resolve,
+          Rabarber::Inputs::DynamicRule.new(
+            if_rule,
             optional: true,
-            message: "Expected a symbol, a string, or a proc, got #{binding.local_variable_get(:if).inspect}"
-          ),
-          Rabarber::Inputs.process(
-            binding.local_variable_get(:unless),
-            as: :dynamic_rule,
+            message: "Expected a symbol, a string, or a proc, got #{if_rule.inspect}"
+          ).process,
+          Rabarber::Inputs::DynamicRule.new(
+            unless_rule,
             optional: true,
-            message: "Expected a symbol, a string, or a proc, got #{binding.local_variable_get(:unless).inspect}"
-          )
+            message: "Expected a symbol, a string, or a proc, got #{unless_rule.inspect}"
+          ).process
         )
       end
     end

data/lib/rabarber/core/permissions.rb

@@ -22,7 +22,7 @@ module Rabarber
       class << self
         def add(controller, action, roles, context, dynamic_rule, negated_dynamic_rule)
           rule = Rabarber::Core::Rule.new(roles, context, dynamic_rule, negated_dynamic_rule)
-          action ? action_rules[controller][action] += [rule] : controller_rules[controller] += [rule]
+          action ? action_rules[controller][action] << rule : controller_rules[controller] << rule
         end
 
         def controller_rules

data/lib/rabarber/core/rule.rb

@@ -3,8 +3,6 @@
 module Rabarber
   module Core
     class Rule
-      attr_reader :roles, :context, :dynamic_rule, :negated_dynamic_rule
-
       DEFAULT_DYNAMIC_RULE = -> { true }.freeze
       DEFAULT_NEGATED_DYNAMIC_RULE = -> { false }.freeze
       private_constant :DEFAULT_DYNAMIC_RULE, :DEFAULT_NEGATED_DYNAMIC_RULE
@@ -21,11 +19,11 @@ module Rabarber
       end
 
       def roles_permitted?(roleable, controller_instance)
-        roles.empty? || roleable.has_role?(*roles, context: resolve_context(controller_instance))
+        @roles.empty? || roleable.has_role?(*@roles, context: resolve_context(controller_instance))
       end
 
       def dynamic_rules_followed?(controller_instance)
-        execute_rule(controller_instance, dynamic_rule) && !execute_rule(controller_instance, negated_dynamic_rule)
+        execute_rule(controller_instance, @dynamic_rule) && !execute_rule(controller_instance, @negated_dynamic_rule)
       end
 
       private
@@ -35,12 +33,17 @@ module Rabarber
       end
 
       def resolve_context(controller_instance)
-        resolved_context = case context
-                           when Proc then controller_instance.instance_exec(&context)
-                           when Symbol then controller_instance.send(context)
-                           else context
-                           end
-        Rabarber::Inputs.process(resolved_context, as: :role_context, message: "Expected an instance of ActiveRecord model, a Class, or nil, got #{resolved_context.inspect}")
+        context = case @context
+                  when Proc then controller_instance.instance_exec(&@context)
+                  when Symbol then controller_instance.send(@context)
+                  else @context
+                  end
+
+        Rabarber::Inputs::Context.new(
+          context,
+          error: Rabarber::InvalidContextError,
+          message: "Expected an instance of ActiveRecord model, a Class, or nil, got #{context.inspect}"
+        ).resolve
       end
     end
   end

data/lib/rabarber/inputs/base.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require "dry-types"
+
+module Rabarber
+  module Inputs
+    class Base
+      include Dry.Types()
+
+      def initialize(value, optional: false, error: Rabarber::InvalidArgumentError, message: nil)
+        @value = value
+        @optional = optional
+        @error = error
+        @message = message
+      end
+
+      def process
+        type_checker = @optional ? type.optional : type
+        type_checker[@value]
+      rescue Dry::Types::CoercionError
+        raise_error
+      end
+
+      private
+
+      def type
+        raise NotImplementedError
+      end
+
+      def raise_error
+        raise @error, @message
+      end
+    end
+  end
+end

data/lib/rabarber/inputs/boolean.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Boolean < Base
+      private
+
+      def type = self.class::Strict::Bool
+    end
+  end
+end

data/lib/rabarber/inputs/context.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Context < Base
+      def resolve
+        case context = process
+        when nil
+          { context_type: nil, context_id: nil }
+        when Class
+          { context_type: context.to_s, context_id: nil }
+        when ActiveRecord::Base
+          raise_error unless context.persisted?
+          { context_type: context.class.to_s, context_id: context.public_send(context.class.primary_key) }
+        else
+          context
+        end
+      end
+
+      private
+
+      def type
+        self.class::Strict::Class |
+          self.class::Instance(ActiveRecord::Base) |
+          self.class::Hash.schema(
+            context_type: self.class::Strict::String | self.class::Nil,
+            context_id: self.class::Strict::String | self.class::Strict::Integer | self.class::Nil
+          ) |
+          self.class::Nil
+      end
+    end
+  end
+end

data/lib/rabarber/inputs/contexts/authorizational.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    module Contexts
+      class Authorizational < Context
+        private
+
+        def type = self.class::Coercible::Symbol.constrained(min_size: 1) | self.class::Instance(Proc) | super
+      end
+    end
+  end
+end

data/lib/rabarber/inputs/dynamic_rule.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class DynamicRule < Base
+      private
+
+      def type = self.class::Coercible::Symbol.constrained(min_size: 1) | self.class::Instance(Proc)
+    end
+  end
+end

data/lib/rabarber/inputs/model.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Model < Base
+      private
+
+      def type = self.class::Strict::Class.constructor { _1.try(:safe_constantize) }.constrained(lt: ActiveRecord::Base)
+    end
+  end
+end

data/lib/rabarber/inputs/non_empty_string.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class NonEmptyString < Base
+      private
+
+      def type = self.class::Strict::String.constrained(min_size: 1)
+    end
+  end
+end

data/lib/rabarber/inputs/role.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Role < Base
+      private
+
+      def type = self.class::Coercible::Symbol.constrained(min_size: 1, format: /\A[a-z0-9_]+\z/)
+    end
+  end
+end

data/lib/rabarber/inputs/roles.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Roles < Base
+      private
+
+      def type
+        self.class::Array.of(self.class::Coercible::Symbol.constrained(min_size: 1, format: /\A[a-z0-9_]+\z/)).constructor { Kernel::Array(_1) }
+      end
+    end
+  end
+end

data/lib/rabarber/inputs/symbol.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Rabarber
+  module Inputs
+    class Symbol < Base
+      private
+
+      def type = self.class::Coercible::Symbol.constrained(min_size: 1)
+    end
+  end
+end

data/lib/rabarber/models/concerns/has_roles.rb

@@ -81,19 +81,18 @@ module Rabarber
     end
 
     def process_role_names(role_names)
-      Rabarber::Inputs.process(
+      Rabarber::Inputs::Roles.new(
         role_names,
-        as: :roles,
         message: "Expected an array of symbols or strings containing only lowercase letters, numbers, and underscores, got #{role_names.inspect}"
-      )
+      ).process
     end
 
     def process_context(context)
-      Rabarber::Inputs.process(
+      Rabarber::Inputs::Context.new(
         context,
-        as: :role_context,
+        error: Rabarber::InvalidContextError,
         message: "Expected an instance of ActiveRecord model, a Class, or nil, got #{context.inspect}"
-      )
+      ).resolve
     end
 
     def delete_roleable_cache(contexts:)

data/lib/rabarber/models/role.rb

@@ -69,25 +69,22 @@ module Rabarber
       private
 
       def delete_roleables_cache(role, context:)
-        role.roleables.in_batches(of: 1000) do |batch|
-          Rabarber::Core::Cache.delete(*batch.pluck(:id).flat_map { [[_1, context], [_1, :all]] })
-        end
+        Rabarber::Core::Cache.delete(*role.roleables.pluck(:id).flat_map { [[_1, context], [_1, :all]] })
       end
 
       def process_role_name(name)
-        Rabarber::Inputs.process(
+        Rabarber::Inputs::Role.new(
           name,
-          as: :role,
           message: "Expected a symbol or a string containing only lowercase letters, numbers, and underscores, got #{name.inspect}"
-        )
+        ).process
       end
 
       def process_context(context)
-        Rabarber::Inputs.process(
+        Rabarber::Inputs::Context.new(
           context,
-          as: :role_context,
+          error: Rabarber::InvalidContextError,
           message: "Expected an instance of ActiveRecord model, a Class, or nil, got #{context.inspect}"
-        )
+        ).resolve
       end
     end
 

data/lib/rabarber/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rabarber
-  VERSION = "5.1.1"
+  VERSION = "5.1.2"
 end

data/lib/rabarber.rb

@@ -5,14 +5,24 @@ require_relative "rabarber/version"
 require "active_record"
 require "active_support"
 
-require_relative "rabarber/inputs"
+require_relative "rabarber/inputs/base"
+require_relative "rabarber/inputs/boolean"
+require_relative "rabarber/inputs/context"
+require_relative "rabarber/inputs/contexts/authorizational"
+require_relative "rabarber/inputs/dynamic_rule"
+require_relative "rabarber/inputs/model"
+require_relative "rabarber/inputs/non_empty_string"
+require_relative "rabarber/inputs/role"
+require_relative "rabarber/inputs/roles"
+require_relative "rabarber/inputs/symbol"
 
 require_relative "rabarber/configuration"
 
 module Rabarber
   class Error < StandardError; end
-  class ConfigurationError < Rabarber::Error; end
   class InvalidArgumentError < Rabarber::Error; end
+  class ConfigurationError < Rabarber::InvalidArgumentError; end
+  class InvalidContextError < Rabarber::InvalidArgumentError; end
   class NotFoundError < Rabarber::Error; end
 
   delegate :configure, to: Rabarber::Configuration

data/rabarber.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
 
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "dry-configurable", "~> 1.3"
-  spec.add_dependency "dry-types", "~> 1.8"
+  spec.add_dependency "dry-configurable", "~> 1.1"
+  spec.add_dependency "dry-types", "~> 1.7"
   spec.add_dependency "rails", ">= 7.1", "< 8.1"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 5.1.1
+  version: 5.1.2
 platform: ruby
 authors:
 - enjaku4
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: dry-types
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -78,7 +78,16 @@ files:
 - lib/rabarber/core/rule.rb
 - lib/rabarber/helpers/helpers.rb
 - lib/rabarber/helpers/migration_helpers.rb
-- lib/rabarber/inputs.rb
+- lib/rabarber/inputs/base.rb
+- lib/rabarber/inputs/boolean.rb
+- lib/rabarber/inputs/context.rb
+- lib/rabarber/inputs/contexts/authorizational.rb
+- lib/rabarber/inputs/dynamic_rule.rb
+- lib/rabarber/inputs/model.rb
+- lib/rabarber/inputs/non_empty_string.rb
+- lib/rabarber/inputs/role.rb
+- lib/rabarber/inputs/roles.rb
+- lib/rabarber/inputs/symbol.rb
 - lib/rabarber/models/concerns/has_roles.rb
 - lib/rabarber/models/role.rb
 - lib/rabarber/railtie.rb

data/lib/rabarber/inputs.rb

@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-
-require "dry-types"
-
-module Rabarber
-  module Inputs
-    extend self
-
-    include Dry.Types()
-
-    PROC_TYPE = self::Instance(Proc)
-    SYMBOL_TYPE = self::Coercible::Symbol.constrained(min_size: 1)
-    ROLE_TYPE = self::SYMBOL_TYPE.constrained(format: /\A[a-z0-9_]+\z/)
-
-    CONTEXT_TYPE = self::Strict::Class | self::Instance(ActiveRecord::Base) | self::Hash.schema(
-      context_type: self::Strict::String | self::Nil,
-      context_id: self::Strict::String | self::Strict::Integer | self::Nil
-    ) | self::Nil
-
-    TYPES = {
-      boolean: self::Strict::Bool,
-      string: self::Strict::String.constrained(min_size: 1).constructor { _1.is_a?(::String) ? _1.strip : _1 },
-      symbol: self::SYMBOL_TYPE,
-      role: self::ROLE_TYPE,
-      roles: self::Array.of(self::ROLE_TYPE).constructor { Kernel::Array(_1) },
-      model: self::Strict::Class.constructor { _1.try(:safe_constantize) }.constrained(lt: ActiveRecord::Base),
-      dynamic_rule: self::SYMBOL_TYPE | self::PROC_TYPE,
-      role_context: self::CONTEXT_TYPE,
-      authorization_context: self::SYMBOL_TYPE | self::PROC_TYPE | self::CONTEXT_TYPE
-    }.freeze
-
-    def process(value, as:, optional: false, error: Rabarber::InvalidArgumentError, message: nil)
-      checker = type_for(as)
-      checker = checker.optional if optional
-
-      result = checker[value]
-
-      [:role_context, :authorization_context].include?(as) ? resolve_context(result) : result
-    rescue Dry::Types::CoercionError => e
-      raise error, message || e.message
-    end
-
-    private
-
-    def type_for(name) = self::TYPES.fetch(name)
-
-    def resolve_context(value)
-      case value
-      when nil
-        { context_type: nil, context_id: nil }
-      when Class
-        { context_type: value.to_s, context_id: nil }
-      when ActiveRecord::Base
-        raise Dry::Types::CoercionError, "instance context not persisted" unless value.persisted?
-
-        { context_type: value.class.to_s, context_id: value.public_send(value.class.primary_key) }
-      else
-        value
-      end
-    end
-  end
-end