rails_ops 1.0.19 → 1.0.20

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2a74561e958b919219da242d588f60e5a7e53791ef359af0f3acdfc842af63e4
-  data.tar.gz: 30b3180d590e03be6331ba5aa7b242e57bc02f5c331fccf750a49d0d60ca2fa2
+  metadata.gz: '0926954940928d36670c2390e05b6304e604d720b4a23fafa38b15d0dd32ed1a'
+  data.tar.gz: 589ff18749fb09feb6b2e396374bf710fb6d76c531f8e67fe1a6ad836ece0f60
 SHA512:
-  metadata.gz: 7064ce97b74fe5e558352672c7a3c5a44cb35709fe7cb072ad0461ec0c0f721a77ebae05370ab91be6919f2a65806e625254c1bffbef09a248e05d8d28c260b0
-  data.tar.gz: 534e08d05e1f0746e761cc1c8a8f729889681b0a9f76917685b7c9aedcf95e37a95c3d0dc456191bbe0265f28378657e2d7eb44c6530cfa2f14b183aa079d0a0
+  metadata.gz: 1638ef069a9827415f529d890fa4e91f0348b59f2c3f02312bb38825250c25160e6d83800d18db770c6abdfdcb5d1f244478de8d2b551f36f6a9c329c63ba6ef
+  data.tar.gz: 72c282d6acd1f3151844daa01843f80610200be564e7ae8a251ee1e8fd3bf91ae1c12e448a78f3a37ad4af2fc514625f5f25f207ad0a00a4cdf707c2d70638fa

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change log
 
+## 1.0.20 (2020-02-13)
+
+* Add param authorization functionality using `authorize_param`
+
 ## 1.0.19 (2020-02-11)
 
 * Fix examples in readme

data/README.md

@@ -769,6 +769,59 @@ end
 This method otherwise does exactly the same as `authorize!` (in fact, it's the
 underlying method used by it).
 
+### Param authorization
+
+Using the static operation method `authorize_param`, you can perform additional
+authorization checks when specific params are passed to the operation. This
+allows you to disallow certain params, i.e. when updating a model and wanting to
+restrict the user to certain fields.
+
+When using non-model operations (operations not inheriting from
+`RailsOps::Operation::Model` or one of its subclasses), `authorize_param`
+requires you to specify an `action` and optional, additional args or a block
+that performs custom authorization:
+
+```ruby
+class Operations::User::DoSomething < RailsOps::Operation
+  schema do
+    opt :user do
+      opt :name
+      opt :group_id
+    end
+  end
+
+  # Example with passing an action and additional args
+  authorize_param %i(user group_id), :update_group_id, :some_subject
+
+  # Example with passing a block
+  authorize_param %i(user group_id) do
+    # This is executed in the context of the op instance
+    fail 'Some message' unless user_has_permission?
+  end
+```
+
+The first param always provides the path to the param to be checked for
+existence. Note that this only works with nested hash structures, but not with
+arrays and other objects. The first level of the `params` hash is always using
+indifferent access, so it does not matter whether you pass a symbol or a string
+as the first path segment. For additional path segments, it needs to match the
+actual type that is used as hash key. For example: `[:user, 'group_id']`.
+
+For model operations, you only need to pass a `path` and an `action` if you want
+to perform authorization on your model:
+
+```ruby
+class Operations::User::Create < RailsOps::Operation::Model::Create
+  schema do
+    opt :user do
+      opt :name
+      opt :group_id
+    end
+  end
+
+  authorize_param %i(user group_id), :assign_group_id
+```
+
 ### Disabling authorization
 
 Sometimes you don't want a specific operation to perform authorization, or you

data/VERSION

@@ -1 +1 @@
-1.0.19
+1.0.20

data/lib/rails_ops/authorization_backend/abstract.rb

@@ -3,5 +3,12 @@ module RailsOps::AuthorizationBackend
     def authorize!(_operation, *_args)
       fail NotImplementedError
     end
+
+    def exception_class
+      @exception_class ||= self.class::EXCEPTION_CLASS.constantize
+    rescue NameError
+      fail "Unable to constantize exception class #{self.class::EXCEPTION_CLASS.inspect} "\
+           "for authorization backend #{self.class.name}. Is the library loaded?"
+    end
   end
 end

data/lib/rails_ops/authorization_backend/can_can_can.rb

@@ -1,8 +1,13 @@
+require 'cancan'
+
 module RailsOps::AuthorizationBackend
   class CanCanCan < Abstract
+    EXCEPTION_CLASS = 'CanCan::AccessDenied'
+
     def initialize
       unless defined?(CanCanCan)
-        fail "RailsOps is configured to use CanCanCan authorization backend, but the Gem 'cancancan' does not appear to be installed."
+        fail 'RailsOps is configured to use CanCanCan authorization'\
+             "backend, but the Gem 'cancancan' does not appear to be installed."
       end
     end
 

data/lib/rails_ops/mixins/model/authorization.rb

@@ -19,6 +19,28 @@ module RailsOps::Mixins::Model::Authorization
 
       return _model_authorization_action
     end
+
+    # This wraps the original method
+    # {RailsOps::Mixins::ParamAuthorization::ClassClassMethods.authorize_param}
+    # to automatically use `authorize_model_with_authorize_only` and pass the
+    # operations `model` to it (besides the given `action` and optional,
+    # additional `*args`.
+    #
+    # If a block or no action is given, the original method will be called. See
+    # the original method documentation for more information.
+    def authorize_param(path, action = nil, *args, &block)
+      if block_given? || action.blank?
+        super
+      else
+        super(path) do
+          authorize_model_with_authorize_only!(
+            action,
+            model,
+            *args
+          )
+        end
+      end
+    end
   end
 
   def model_authorization_action

data/lib/rails_ops/mixins/param_authorization.rb

@@ -0,0 +1,64 @@
+module RailsOps::Mixins::ParamAuthorization
+  extend ActiveSupport::Concern
+
+  included do
+    class_attribute :_param_authorizations
+
+    self._param_authorizations = [].freeze
+  end
+
+  module ClassMethods
+    # Call this method to perform authorization if a specific parameter is
+    # passed in the operations `params` hash.
+    #
+    # Note that this does not work for params contained in other structures than
+    # nested hashes. I.e. params within arrays can not be extracted.
+    #
+    # @param path [Array] An array, usually of symbols or strings, which can be
+    #   used to dig for the respective parameter you want to authorize.
+    #
+    # @param action [Object] The `action` passed to the authorization backend.
+    #
+    # @param *args [Array<Object>] Additional arguments passed to the
+    #   authorization backend.
+    #
+    # @yield A block used for custom authorization. The block is only called if
+    #   the specified parameter is contained in the `params` hash and is supposed
+    #   to throw an authorization exception if the authorization failed. The
+    #   exception must be of the exception class specified in your configured
+    #   authorization backend. The block receives no arguments and is executed
+    #   in context of the operation instance.
+    def authorize_param(path, action = nil, *args, &block)
+      # Validate parameters
+      if block_given? && (action || args.any?)
+        fail ArgumentError,
+             'If you pass an authorization block, no action and additional args are supported.'
+      elsif !block_given? && !action
+        fail ArgumentError,
+             'You need to supply an action and additional args if no authorization block is provided.'
+      end
+
+      policy do
+        # Abort unless param is given
+        if path.size > 1
+          next unless params.dig(*path[0..-2])&.include?(path.last)
+        else
+          next unless params.include?(path.first)
+        end
+
+        # Check authorization
+        exception_class = RailsOps.authorization_backend.exception_class
+
+        begin
+          if block_given?
+            instance_exec(&block)
+          else
+            authorize_only!(action, *args)
+          end
+        rescue exception_class
+          fail exception_class, "Got unauthorized param #{path.join('.').inspect}."
+        end
+      end
+    end
+  end
+end

data/lib/rails_ops/operation.rb

@@ -3,6 +3,7 @@ class RailsOps::Operation
   include RailsOps::Mixins::SubOps
   include RailsOps::Mixins::SchemaValidation
   include RailsOps::Mixins::Authorization
+  include RailsOps::Mixins::ParamAuthorization
   include RailsOps::Mixins::RequireContext
   include RailsOps::Mixins::LogSettings
 

data/lib/rails_ops.rb

@@ -75,6 +75,7 @@ require 'rails_ops/hookup/hook.rb'
 require 'rails_ops/log_subscriber.rb'
 require 'rails_ops/mixins.rb'
 require 'rails_ops/mixins/authorization.rb'
+require 'rails_ops/mixins/param_authorization.rb'
 require 'rails_ops/mixins/log_settings.rb'
 require 'rails_ops/mixins/model.rb'
 require 'rails_ops/mixins/model/authorization.rb'

data/rails_ops.gemspec

@@ -1,16 +1,16 @@
 # -*- encoding: utf-8 -*-
-# stub: rails_ops 1.0.19 ruby lib
+# stub: rails_ops 1.0.20 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "rails_ops".freeze
-  s.version = "1.0.19"
+  s.version = "1.0.20"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Sitrox".freeze]
-  s.date = "2020-02-11"
-  s.files = [".gitignore".freeze, ".releaser_config".freeze, ".rubocop.yml".freeze, ".travis.yml".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "LICENSE.txt".freeze, "README.md".freeze, "Rakefile".freeze, "VERSION".freeze, "lib/rails_ops.rb".freeze, "lib/rails_ops/authorization_backend/abstract.rb".freeze, "lib/rails_ops/authorization_backend/can_can_can.rb".freeze, "lib/rails_ops/configuration.rb".freeze, "lib/rails_ops/context.rb".freeze, "lib/rails_ops/controller_mixin.rb".freeze, "lib/rails_ops/exceptions.rb".freeze, "lib/rails_ops/hooked_job.rb".freeze, "lib/rails_ops/hookup.rb".freeze, "lib/rails_ops/hookup/dsl.rb".freeze, "lib/rails_ops/hookup/dsl_validator.rb".freeze, "lib/rails_ops/hookup/hook.rb".freeze, "lib/rails_ops/log_subscriber.rb".freeze, "lib/rails_ops/mixins.rb".freeze, "lib/rails_ops/mixins/authorization.rb".freeze, "lib/rails_ops/mixins/log_settings.rb".freeze, "lib/rails_ops/mixins/model.rb".freeze, "lib/rails_ops/mixins/model/authorization.rb".freeze, "lib/rails_ops/mixins/model/nesting.rb".freeze, "lib/rails_ops/mixins/policies.rb".freeze, "lib/rails_ops/mixins/require_context.rb".freeze, "lib/rails_ops/mixins/routes.rb".freeze, "lib/rails_ops/mixins/schema_validation.rb".freeze, "lib/rails_ops/mixins/sub_ops.rb".freeze, "lib/rails_ops/model_casting.rb".freeze, "lib/rails_ops/model_mixins.rb".freeze, "lib/rails_ops/model_mixins/ar_extension.rb".freeze, "lib/rails_ops/model_mixins/parent_op.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes/virtual_column_wrapper.rb".freeze, "lib/rails_ops/model_mixins/virtual_has_one.rb".freeze, "lib/rails_ops/model_mixins/virtual_model_name.rb".freeze, "lib/rails_ops/operation.rb".freeze, "lib/rails_ops/operation/model.rb".freeze, "lib/rails_ops/operation/model/create.rb".freeze, "lib/rails_ops/operation/model/destroy.rb".freeze, "lib/rails_ops/operation/model/load.rb".freeze, "lib/rails_ops/operation/model/update.rb".freeze, "lib/rails_ops/patches/active_type_patch.rb".freeze, "lib/rails_ops/profiler.rb".freeze, "lib/rails_ops/profiler/node.rb".freeze, "lib/rails_ops/railtie.rb".freeze, "lib/rails_ops/scoped_env.rb".freeze, "lib/rails_ops/virtual_model.rb".freeze, "rails_ops.gemspec".freeze, "test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
-  s.rubygems_version = "3.0.3".freeze
+  s.date = "2020-02-13"
+  s.files = [".gitignore".freeze, ".releaser_config".freeze, ".rubocop.yml".freeze, ".travis.yml".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "LICENSE.txt".freeze, "README.md".freeze, "Rakefile".freeze, "VERSION".freeze, "lib/rails_ops.rb".freeze, "lib/rails_ops/authorization_backend/abstract.rb".freeze, "lib/rails_ops/authorization_backend/can_can_can.rb".freeze, "lib/rails_ops/configuration.rb".freeze, "lib/rails_ops/context.rb".freeze, "lib/rails_ops/controller_mixin.rb".freeze, "lib/rails_ops/exceptions.rb".freeze, "lib/rails_ops/hooked_job.rb".freeze, "lib/rails_ops/hookup.rb".freeze, "lib/rails_ops/hookup/dsl.rb".freeze, "lib/rails_ops/hookup/dsl_validator.rb".freeze, "lib/rails_ops/hookup/hook.rb".freeze, "lib/rails_ops/log_subscriber.rb".freeze, "lib/rails_ops/mixins.rb".freeze, "lib/rails_ops/mixins/authorization.rb".freeze, "lib/rails_ops/mixins/log_settings.rb".freeze, "lib/rails_ops/mixins/model.rb".freeze, "lib/rails_ops/mixins/model/authorization.rb".freeze, "lib/rails_ops/mixins/model/nesting.rb".freeze, "lib/rails_ops/mixins/param_authorization.rb".freeze, "lib/rails_ops/mixins/policies.rb".freeze, "lib/rails_ops/mixins/require_context.rb".freeze, "lib/rails_ops/mixins/routes.rb".freeze, "lib/rails_ops/mixins/schema_validation.rb".freeze, "lib/rails_ops/mixins/sub_ops.rb".freeze, "lib/rails_ops/model_casting.rb".freeze, "lib/rails_ops/model_mixins.rb".freeze, "lib/rails_ops/model_mixins/ar_extension.rb".freeze, "lib/rails_ops/model_mixins/parent_op.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes/virtual_column_wrapper.rb".freeze, "lib/rails_ops/model_mixins/virtual_has_one.rb".freeze, "lib/rails_ops/model_mixins/virtual_model_name.rb".freeze, "lib/rails_ops/operation.rb".freeze, "lib/rails_ops/operation/model.rb".freeze, "lib/rails_ops/operation/model/create.rb".freeze, "lib/rails_ops/operation/model/destroy.rb".freeze, "lib/rails_ops/operation/model/load.rb".freeze, "lib/rails_ops/operation/model/update.rb".freeze, "lib/rails_ops/patches/active_type_patch.rb".freeze, "lib/rails_ops/profiler.rb".freeze, "lib/rails_ops/profiler/node.rb".freeze, "lib/rails_ops/railtie.rb".freeze, "lib/rails_ops/scoped_env.rb".freeze, "lib/rails_ops/virtual_model.rb".freeze, "rails_ops.gemspec".freeze, "test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
+  s.rubygems_version = "3.0.6".freeze
   s.summary = "An operations service layer for rails projects.".freeze
   s.test_files = ["test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_ops
 version: !ruby/object:Gem::Version
-  version: 1.0.19
+  version: 1.0.20
 platform: ruby
 authors:
 - Sitrox
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-11 00:00:00.000000000 Z
+date: 2020-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -171,6 +171,7 @@ files:
 - lib/rails_ops/mixins/model.rb
 - lib/rails_ops/mixins/model/authorization.rb
 - lib/rails_ops/mixins/model/nesting.rb
+- lib/rails_ops/mixins/param_authorization.rb
 - lib/rails_ops/mixins/policies.rb
 - lib/rails_ops/mixins/require_context.rb
 - lib/rails_ops/mixins/routes.rb