rabarber 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: defa329a94240744ede0911a0d2724a93d5820637614d68c9d4eedd925459951
-  data.tar.gz: ef33ca54c1d80bc2986435eb61462e5a47c37ba7c3d04cdd33a2a8a5d2ce2d73
+  metadata.gz: 44ae657744209c8401cc25faff3aba718ce00993d4ba6f1ccd8b833cd7b2e48f
+  data.tar.gz: a5ede8519ed62a197873b8b9f955a38d9a7cb7d34a5a7ef9518ed672b029745b
 SHA512:
-  metadata.gz: 54a16170222252d4f067686a4c129e61ff92a649504d815e11f76d74e4fb33984cf76eaa048d7b474b4dd93f89f8f816bface0456bdd9a19a6b1b17bbd12a5ae
-  data.tar.gz: fc89759b5cce5e8adc0dbd87aacbba28dd728a89342a72f69ff1a8366d485ec987f716febc005e8e3405d805d51d5e74523abcf830442dfbb120d4a9cb727026
+  metadata.gz: 03be3074d4a98d2b9c4cf81a1686d411e9f899f9543a82ee0879a4f8935841cbc0916ce7ca739ea44181a0db2dc2b57e2cafd251b3ab7e3389ae3d15fa86fc92
+  data.tar.gz: 647f11032bf0f935f1822f45f3edaec8e8b9db11ba786c72ffef722dcb650a0b3688dbefd9bbe0822aab0d7608f88827b3e7ff2a554f58b93c04a27bd04ec251

data/.rspec

@@ -1,4 +1,4 @@
---format documentation
+--format progress
 --color
 --require spec_helper
 --order rand

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.1.5
+
+- Add missing `foreign_key` option to `CreateRabarberRoles` migration
+- Allow only lowercase alphanumeric characters and underscores in role names
+
 ## 0.1.4
 
 - Remove `role?` method as unnecessary

data/README.md

@@ -1,12 +1,35 @@
 # Rabarber: Simplified Authorization for Rails
 
-Rabarber is an authorization library primarily designed for use in the web layer of your application, specifically in controllers and views.
+[![Gem Version](https://badge.fury.io/rb/rabarber.svg)](http://badge.fury.io/rb/rabarber)
+[![Github Actions badge](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml/badge.svg)](https://github.com/enjaku4/rabarber/actions/workflows/ci.yml)
 
-Rabarber takes a slightly different approach compared to some popular libraries. Rabarber focuses on the question: "Who can access this endpoint?". In Rabarber, authorization is expressed not as "A user with the role 'editor' can edit a post," but rather as "A user with the role 'editor' can access a post editing endpoint."
+Rabarber is an authorization library for Ruby on Rails, primarily designed for use in the web layer of your application but not limited to that. It provides a set of useful tools for managing user roles and defining authorization rules.
+
+---
 
 #### Example of Usage:
 
-Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices and orders but cannot access marketing information, while the role 'marketer' has access to marketing-related data.
+Consider a CRM where users with different roles have distinct access levels. For instance, the role 'accountant' can interact with invoices but cannot access marketing information, while the role 'marketer' has access to marketing-related data. Such authorization rules can be easily defined with Rabarber.
+
+---
+
+And this is how your controller might look with Rabarber:
+
+```rb
+class TicketsController < ApplicationController
+  grant_access roles: :admin
+
+  grant_access action: :index, roles: :manager
+  def index
+    ...
+  end
+
+  def delete
+    ...
+  end
+end
+```
+This means that `admin` users can access everything in `TicketsController`, while `manager` role can access only `index` action.
 
 ## Installation
 
@@ -28,6 +51,10 @@ Next, generate a migration to create tables for storing roles in the database:
 rails g rabarber:roles
 ```
 
+This will create a migration file in `db/migrate` directory.
+
+Replace `raise(Rabarber::Error, "Please specify your user model's table name")` in that file with the name of your user model's table.
+
 Finally, run the migration to apply the changes to the database:
 
 ```
@@ -123,7 +150,7 @@ If you need to list all the role names available in your application, use:
 Rabarber::Role.names
 ```
 
-Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). Adapt them to fit the requirements of your application.
+Utilize these methods to manipulate user roles. For example, create a custom UI for managing roles or assign necessary roles during migration or runtime (e.g., when the user is created). You can also write custom authorization policies based on `#has_role?` method (e.g., to scope the data that the user can access). Adapt these methods to fit the requirements of your application.
 
 ---
 

data/lib/generators/rabarber/templates/create_rabarber_roles.rb.erb

@@ -8,8 +8,8 @@ class CreateRabarberRoles < ActiveRecord::Migration[<%= ActiveRecord::Migration.
     end
 
     create_table :rabarber_roles_roleables, id: false do |t|
-      t.belongs_to :role, index: true
-      t.belongs_to :roleable, index: true
+      t.belongs_to :role, index: true, foreign_key: { to_table: :rabarber_roles }
+      t.belongs_to :roleable, index: true, foreign_key: { to_table: raise(Rabarber::Error, "Please specify your user model's table name") }
     end
 
     add_index :rabarber_roles_roleables, %i[role_id roleable_id], unique: true

data/lib/rabarber/configuration.rb

@@ -21,7 +21,7 @@ module Rabarber
     end
 
     def current_user_method=(method_name)
-      unless method_name.is_a?(Symbol) || method_name.is_a?(String)
+      unless [Symbol, String].include?(method_name.class)
         raise ArgumentError, "Method name must be a symbol or a string"
       end
 

data/lib/rabarber/models/concerns/has_roles.rb

@@ -15,31 +15,41 @@ module Rabarber
     end
 
     def has_role?(*role_names)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+      validate_role_names(role_names)
 
       roles.exists?(name: role_names)
     end
 
     def assign_roles(*role_names, create_new: true)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+      validate_role_names(role_names)
 
-      if create_new && (new_roles = role_names - Role.names).any?
-        new_roles.each { |role| Role.create!(name: role) }
-      end
+      create_new_roles(role_names) if create_new
 
       roles << Role.where(name: role_names) - roles
     end
 
     def revoke_roles(*role_names)
-      unless role_names.all? { |arg| arg.is_a?(Symbol) || arg.is_a?(String) }
-        raise(ArgumentError, "Role names must be symbols or strings")
-      end
+      validate_role_names(role_names)
 
       self.roles = roles - Role.where(name: role_names)
     end
+
+    private
+
+    def validate_role_names(role_names)
+      return if role_names.all? do |role_name|
+        [Symbol, String].include?(role_name.class) && role_name.match?(/\A[a-z0-9_]+\z/)
+      end
+
+      raise(
+        ArgumentError,
+        "Role names must be symbols or strings and may only contain lowercase letters and underscores"
+      )
+    end
+
+    def create_new_roles(role_names)
+      new_roles = role_names - Role.names
+      new_roles.each { |role_name| Role.create!(name: role_name) }
+    end
   end
 end

data/lib/rabarber/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rabarber
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rabarber
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - enjaku4
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-16 00:00:00.000000000 Z
+date: 2023-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails