rails_ops 1.1.21 → 1.1.22

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: acc6d1b2eff65cad3a4d84cdd9945abf564ca261c7f488bdf6c98ddf7c616dbb
-  data.tar.gz: 48831116f0b9a0430a081ed850920b0200d0333e82f9d2bd8429f5286d9fcb29
+  metadata.gz: 31751dfbdb75a4da21a438d5ebb92ef9bbd66dd6e459b273c41e5e4f9d6a737c
+  data.tar.gz: 3caca2b5c09ac40c8715e2e89554e0aaaf9c8b1c1aa9c57b2c73a9e23bafcb18
 SHA512:
-  metadata.gz: dcdf9bff36dc400cd846cee0cd50b8d991104f437e42d78dfd170af13ec2cf45923a14bcfbf75e063a122cb73a9601f51ea9ee04d5c80e51903e74c6fa4dd907
-  data.tar.gz: 4dd2ea06610bb5db48c53a504937caa060c51ad425408cc65ca26582d87b74c831af69fea0a29c1dcd18ab5ca701a5463f08a7783ba078f0f8891a0aa0fc12dc
+  metadata.gz: 38ed4b42bbb20810c0e01fc82087ff5b9729f77bb820f26b5c7b34c033c49afe486b9b921141f59a438118678d6aa7a360dc781fa3329c55253901574d3099be
+  data.tar.gz: a61c2739ea1daff6e313e943873389d38f2506e647cb29b0edfa12cb054b94befb8e8a67721decba8d753a3e3c291527a0e313413e5722910907c27425e22e15

data/.github/workflows/ruby.yml

@@ -0,0 +1,27 @@
+name: Build
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby-version: ['2.3.0', '2.5.1', '2.6.2', '2.7.1', '3.0.1']
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true
+    - name: Run rake tests
+      run: bundle exec rake test
+    - name: Run rubocop
+      run: bundle exec rubocop

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.1.21 (2021-11-01)
+
+* Add support for lazy model authorization
+
 ## 1.1.21 (2021-06-23)
 
 * Fix using model operations in conjunction with Single Table Inheritance (STI)

data/README.md

@@ -1,4 +1,4 @@
-[![Build Status](https://travis-ci.org/sitrox/rails_ops.svg?branch=master)](https://travis-ci.org/sitrox/rails_ops)
+[![Build](https://github.com/sitrox/rails_ops/actions/workflows/ruby.yml/badge.svg)](https://github.com/sitrox/rails_ops/actions/workflows/ruby.yml)
 [![Gem Version](https://badge.fury.io/rb/rails_ops.svg)](https://badge.fury.io/rb/rails_ops)
 
 rails_ops
@@ -988,24 +988,18 @@ class Operations::User::Load < RailsOps::Operation::Model::Load
   model User
 end
 
-op = Operations::User::Load.run!(id: 5)
-op.model.id # => 5
-```
-
-Note that this base class is a bit of a special case: It does not provide a
-`perform` method and does not need to be run at all in order to load a model.
-This is very useful when, for example, displaying a form based on a model
-instance without actually performing any particular action such as updating a
-model.
-
-Therefore, the above example would also work as follows:
-
-```ruby
 # The operation does not have to be performed to access the model instance.
 op = Operations::User::Load.new(id: 5)
 op.model.id # => 5
 ```
 
+Note that this base class is a bit of a special case: It does not provide an
+implementation of the `perform` method and does not need to be run at all in
+order to load a model (in fact, it cannot be run unless you override the
+`perform` method). This is very useful when, for example, displaying a form
+based on a model instance without actually performing any particular action such
+as updating a model.
+
 #### Specifying ID field
 
 Per default, the model instance is looked up using the field `id` and the ID
@@ -1195,6 +1189,25 @@ end
 Note that using the different model base classes, this is already set to a
 sensible default. See the respective class' source code for details.
 
+#### Lazy model update authorization
+
+In case of operations inheriting from `RailsOps::Operation::Model::Update`, you
+can specify the `model_authorization_action` to be `lazy`, meaning that it will
+only be checked when *performing* the operation, but not on initialization. This
+can be useful for displaying readonly forms to users which do not have
+read-permissions only:
+
+```ruby
+class Operations::User::Update < RailsOps::Operation::Model::Update
+  model User
+
+  # This automatically calls `authorize_model! :read`. Because it is set to be
+  # `lazy`, the authorization will only run when the operation is actually
+  # *performed*, and not already at instantiation.
+  model_authorization_action :read, lazy: true
+end
+```
+
 ### Model nesting
 
 Using active record, multiple nested models can be saved at once by using

data/Rakefile

@@ -18,6 +18,7 @@ task :gemspec do
     spec.add_development_dependency 'bundler'
     spec.add_development_dependency 'rake'
     spec.add_development_dependency 'sqlite3'
+    spec.add_development_dependency 'cancancan'
     spec.add_development_dependency 'rubocop', '0.47.1'
     spec.add_dependency 'active_type', '>= 1.3.0'
     spec.add_dependency 'minitest'

data/VERSION

@@ -1 +1 @@
-1.1.21
+1.1.22

data/lib/rails_ops/mixins/model/authorization.rb

@@ -6,13 +6,15 @@ module RailsOps::Mixins::Model::Authorization
 
   included do
     class_attribute :_model_authorization_action
+    class_attribute :_model_authorization_lazy
   end
 
   module ClassMethods
     # Gets or sets the action verb used for authorizing models.
-    def model_authorization_action(*action)
+    def model_authorization_action(*action, lazy: false)
       if action.size == 1
         self._model_authorization_action = action.first
+        self._model_authorization_lazy = lazy
       elsif action.size > 1
         fail ArgumentError, 'Too many arguments'
       end

data/lib/rails_ops/operation/model/update.rb

@@ -7,14 +7,29 @@ class RailsOps::Operation::Model::Update < RailsOps::Operation::Model::Load
     true
   end
 
+  policy :before_perform do
+    if model_authorization_action && self.class._model_authorization_lazy
+      authorize_model! model_authorization_action, model
+    end
+  end
+
   def model_authorization
     return unless authorization_enabled?
 
-    unless load_model_authorization_action.nil?
+    if self.class._model_authorization_lazy
+      if load_model_authorization_action.nil?
+        fail RailsOps::Exceptions::NoAuthorizationPerformed,
+             "Operation #{self.class.name} must specify a "\
+             'load_model_authorization_action because model '\
+             'authorization is configured to be lazy.'
+      else
+        authorize_model! load_model_authorization_action, model
+      end
+    elsif !load_model_authorization_action.nil?
       authorize_model_with_authorize_only! load_model_authorization_action, model
     end
 
-    unless model_authorization_action.nil?
+    unless model_authorization_action.nil? || self.class._model_authorization_lazy
       authorize_model! model_authorization_action, model
     end
   end

data/rails_ops.gemspec

@@ -1,47 +1,39 @@
 # -*- encoding: utf-8 -*-
-# stub: rails_ops 1.1.21 ruby lib
+# stub: rails_ops 1.1.22 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "rails_ops".freeze
-  s.version = "1.1.21"
+  s.version = "1.1.22"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Sitrox".freeze]
-  s.date = "2021-06-23"
-  s.files = [".gitignore".freeze, ".releaser_config".freeze, ".rubocop.yml".freeze, ".travis.yml".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "LICENSE".freeze, "README.md".freeze, "Rakefile".freeze, "VERSION".freeze, "lib/rails_ops.rb".freeze, "lib/rails_ops/authorization_backend/abstract.rb".freeze, "lib/rails_ops/authorization_backend/can_can_can.rb".freeze, "lib/rails_ops/configuration.rb".freeze, "lib/rails_ops/context.rb".freeze, "lib/rails_ops/controller_mixin.rb".freeze, "lib/rails_ops/exceptions.rb".freeze, "lib/rails_ops/hooked_job.rb".freeze, "lib/rails_ops/hookup.rb".freeze, "lib/rails_ops/hookup/dsl.rb".freeze, "lib/rails_ops/hookup/dsl_validator.rb".freeze, "lib/rails_ops/hookup/hook.rb".freeze, "lib/rails_ops/log_subscriber.rb".freeze, "lib/rails_ops/mixins.rb".freeze, "lib/rails_ops/mixins/authorization.rb".freeze, "lib/rails_ops/mixins/log_settings.rb".freeze, "lib/rails_ops/mixins/model.rb".freeze, "lib/rails_ops/mixins/model/authorization.rb".freeze, "lib/rails_ops/mixins/model/nesting.rb".freeze, "lib/rails_ops/mixins/param_authorization.rb".freeze, "lib/rails_ops/mixins/policies.rb".freeze, "lib/rails_ops/mixins/require_context.rb".freeze, "lib/rails_ops/mixins/routes.rb".freeze, "lib/rails_ops/mixins/schema_validation.rb".freeze, "lib/rails_ops/mixins/sub_ops.rb".freeze, "lib/rails_ops/model_casting.rb".freeze, "lib/rails_ops/model_mixins.rb".freeze, "lib/rails_ops/model_mixins/ar_extension.rb".freeze, "lib/rails_ops/model_mixins/parent_op.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes/virtual_column_wrapper.rb".freeze, "lib/rails_ops/model_mixins/virtual_has_one.rb".freeze, "lib/rails_ops/model_mixins/virtual_model_name.rb".freeze, "lib/rails_ops/operation.rb".freeze, "lib/rails_ops/operation/model.rb".freeze, "lib/rails_ops/operation/model/create.rb".freeze, "lib/rails_ops/operation/model/destroy.rb".freeze, "lib/rails_ops/operation/model/load.rb".freeze, "lib/rails_ops/operation/model/update.rb".freeze, "lib/rails_ops/patches/active_type_patch.rb".freeze, "lib/rails_ops/profiler.rb".freeze, "lib/rails_ops/profiler/node.rb".freeze, "lib/rails_ops/railtie.rb".freeze, "lib/rails_ops/scoped_env.rb".freeze, "lib/rails_ops/virtual_model.rb".freeze, "rails_ops.gemspec".freeze, "test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
-  s.rubygems_version = "3.0.3".freeze
+  s.date = "2021-11-01"
+  s.files = [".github/workflows/ruby.yml".freeze, ".gitignore".freeze, ".releaser_config".freeze, ".rubocop.yml".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "LICENSE".freeze, "README.md".freeze, "Rakefile".freeze, "VERSION".freeze, "lib/rails_ops.rb".freeze, "lib/rails_ops/authorization_backend/abstract.rb".freeze, "lib/rails_ops/authorization_backend/can_can_can.rb".freeze, "lib/rails_ops/configuration.rb".freeze, "lib/rails_ops/context.rb".freeze, "lib/rails_ops/controller_mixin.rb".freeze, "lib/rails_ops/exceptions.rb".freeze, "lib/rails_ops/hooked_job.rb".freeze, "lib/rails_ops/hookup.rb".freeze, "lib/rails_ops/hookup/dsl.rb".freeze, "lib/rails_ops/hookup/dsl_validator.rb".freeze, "lib/rails_ops/hookup/hook.rb".freeze, "lib/rails_ops/log_subscriber.rb".freeze, "lib/rails_ops/mixins.rb".freeze, "lib/rails_ops/mixins/authorization.rb".freeze, "lib/rails_ops/mixins/log_settings.rb".freeze, "lib/rails_ops/mixins/model.rb".freeze, "lib/rails_ops/mixins/model/authorization.rb".freeze, "lib/rails_ops/mixins/model/nesting.rb".freeze, "lib/rails_ops/mixins/param_authorization.rb".freeze, "lib/rails_ops/mixins/policies.rb".freeze, "lib/rails_ops/mixins/require_context.rb".freeze, "lib/rails_ops/mixins/routes.rb".freeze, "lib/rails_ops/mixins/schema_validation.rb".freeze, "lib/rails_ops/mixins/sub_ops.rb".freeze, "lib/rails_ops/model_casting.rb".freeze, "lib/rails_ops/model_mixins.rb".freeze, "lib/rails_ops/model_mixins/ar_extension.rb".freeze, "lib/rails_ops/model_mixins/parent_op.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes.rb".freeze, "lib/rails_ops/model_mixins/virtual_attributes/virtual_column_wrapper.rb".freeze, "lib/rails_ops/model_mixins/virtual_has_one.rb".freeze, "lib/rails_ops/model_mixins/virtual_model_name.rb".freeze, "lib/rails_ops/operation.rb".freeze, "lib/rails_ops/operation/model.rb".freeze, "lib/rails_ops/operation/model/create.rb".freeze, "lib/rails_ops/operation/model/destroy.rb".freeze, "lib/rails_ops/operation/model/load.rb".freeze, "lib/rails_ops/operation/model/update.rb".freeze, "lib/rails_ops/patches/active_type_patch.rb".freeze, "lib/rails_ops/profiler.rb".freeze, "lib/rails_ops/profiler/node.rb".freeze, "lib/rails_ops/railtie.rb".freeze, "lib/rails_ops/scoped_env.rb".freeze, "lib/rails_ops/virtual_model.rb".freeze, "rails_ops.gemspec".freeze, "test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/models/user.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation/update_auth_test.rb".freeze, "test/unit/rails_ops/operation/update_lazy_auth_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
+  s.rubygems_version = "3.2.22".freeze
   s.summary = "An operations service layer for rails projects.".freeze
-  s.test_files = ["test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
+  s.test_files = ["test/db/models.rb".freeze, "test/db/schema.rb".freeze, "test/dummy/Rakefile".freeze, "test/dummy/app/assets/config/manifest.js".freeze, "test/dummy/app/assets/images/.keep".freeze, "test/dummy/app/assets/javascripts/application.js".freeze, "test/dummy/app/assets/javascripts/cable.js".freeze, "test/dummy/app/assets/javascripts/channels/.keep".freeze, "test/dummy/app/assets/stylesheets/application.css".freeze, "test/dummy/app/channels/application_cable/channel.rb".freeze, "test/dummy/app/channels/application_cable/connection.rb".freeze, "test/dummy/app/controllers/application_controller.rb".freeze, "test/dummy/app/controllers/concerns/.keep".freeze, "test/dummy/app/helpers/application_helper.rb".freeze, "test/dummy/app/jobs/application_job.rb".freeze, "test/dummy/app/mailers/application_mailer.rb".freeze, "test/dummy/app/models/application_record.rb".freeze, "test/dummy/app/models/concerns/.keep".freeze, "test/dummy/app/models/group.rb".freeze, "test/dummy/app/models/user.rb".freeze, "test/dummy/app/views/layouts/application.html.erb".freeze, "test/dummy/app/views/layouts/mailer.html.erb".freeze, "test/dummy/app/views/layouts/mailer.text.erb".freeze, "test/dummy/bin/bundle".freeze, "test/dummy/bin/rails".freeze, "test/dummy/bin/rake".freeze, "test/dummy/bin/setup".freeze, "test/dummy/bin/update".freeze, "test/dummy/bin/yarn".freeze, "test/dummy/config.ru".freeze, "test/dummy/config/application.rb".freeze, "test/dummy/config/boot.rb".freeze, "test/dummy/config/cable.yml".freeze, "test/dummy/config/database.yml".freeze, "test/dummy/config/environment.rb".freeze, "test/dummy/config/environments/development.rb".freeze, "test/dummy/config/environments/production.rb".freeze, "test/dummy/config/environments/test.rb".freeze, "test/dummy/config/initializers/application_controller_renderer.rb".freeze, "test/dummy/config/initializers/assets.rb".freeze, "test/dummy/config/initializers/backtrace_silencers.rb".freeze, "test/dummy/config/initializers/cookies_serializer.rb".freeze, "test/dummy/config/initializers/filter_parameter_logging.rb".freeze, "test/dummy/config/initializers/inflections.rb".freeze, "test/dummy/config/initializers/mime_types.rb".freeze, "test/dummy/config/initializers/rails_ops.rb".freeze, "test/dummy/config/initializers/wrap_parameters.rb".freeze, "test/dummy/config/locales/en.yml".freeze, "test/dummy/config/puma.rb".freeze, "test/dummy/config/routes.rb".freeze, "test/dummy/config/secrets.yml".freeze, "test/dummy/config/spring.rb".freeze, "test/dummy/db/schema.rb".freeze, "test/dummy/lib/assets/.keep".freeze, "test/dummy/log/.keep".freeze, "test/dummy/package.json".freeze, "test/dummy/public/404.html".freeze, "test/dummy/public/422.html".freeze, "test/dummy/public/500.html".freeze, "test/dummy/public/apple-touch-icon-precomposed.png".freeze, "test/dummy/public/apple-touch-icon.png".freeze, "test/dummy/public/favicon.ico".freeze, "test/dummy/tmp/.keep".freeze, "test/test_helper.rb".freeze, "test/unit/rails_ops/mixins/model/nesting.rb".freeze, "test/unit/rails_ops/mixins/policies_test.rb".freeze, "test/unit/rails_ops/operation/model/create_test.rb".freeze, "test/unit/rails_ops/operation/model/load_test.rb".freeze, "test/unit/rails_ops/operation/model/update_test.rb".freeze, "test/unit/rails_ops/operation/model_test.rb".freeze, "test/unit/rails_ops/operation/update_auth_test.rb".freeze, "test/unit/rails_ops/operation/update_lazy_auth_test.rb".freeze, "test/unit/rails_ops/operation_test.rb".freeze]
 
   if s.respond_to? :specification_version then
     s.specification_version = 4
+  end
 
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_development_dependency(%q<bundler>.freeze, [">= 0"])
-      s.add_development_dependency(%q<rake>.freeze, [">= 0"])
-      s.add_development_dependency(%q<sqlite3>.freeze, [">= 0"])
-      s.add_development_dependency(%q<rubocop>.freeze, ["= 0.47.1"])
-      s.add_runtime_dependency(%q<active_type>.freeze, [">= 1.3.0"])
-      s.add_runtime_dependency(%q<minitest>.freeze, [">= 0"])
-      s.add_runtime_dependency(%q<rails>.freeze, [">= 0"])
-      s.add_runtime_dependency(%q<request_store>.freeze, [">= 0"])
-      s.add_runtime_dependency(%q<schemacop>.freeze, [">= 2.4.2", "<= 3.1"])
-    else
-      s.add_dependency(%q<bundler>.freeze, [">= 0"])
-      s.add_dependency(%q<rake>.freeze, [">= 0"])
-      s.add_dependency(%q<sqlite3>.freeze, [">= 0"])
-      s.add_dependency(%q<rubocop>.freeze, ["= 0.47.1"])
-      s.add_dependency(%q<active_type>.freeze, [">= 1.3.0"])
-      s.add_dependency(%q<minitest>.freeze, [">= 0"])
-      s.add_dependency(%q<rails>.freeze, [">= 0"])
-      s.add_dependency(%q<request_store>.freeze, [">= 0"])
-      s.add_dependency(%q<schemacop>.freeze, [">= 2.4.2", "<= 3.1"])
-    end
+  if s.respond_to? :add_runtime_dependency then
+    s.add_development_dependency(%q<bundler>.freeze, [">= 0"])
+    s.add_development_dependency(%q<rake>.freeze, [">= 0"])
+    s.add_development_dependency(%q<sqlite3>.freeze, [">= 0"])
+    s.add_development_dependency(%q<cancancan>.freeze, [">= 0"])
+    s.add_development_dependency(%q<rubocop>.freeze, ["= 0.47.1"])
+    s.add_runtime_dependency(%q<active_type>.freeze, [">= 1.3.0"])
+    s.add_runtime_dependency(%q<minitest>.freeze, [">= 0"])
+    s.add_runtime_dependency(%q<rails>.freeze, [">= 0"])
+    s.add_runtime_dependency(%q<request_store>.freeze, [">= 0"])
+    s.add_runtime_dependency(%q<schemacop>.freeze, [">= 2.4.2", "<= 3.1"])
   else
     s.add_dependency(%q<bundler>.freeze, [">= 0"])
     s.add_dependency(%q<rake>.freeze, [">= 0"])
     s.add_dependency(%q<sqlite3>.freeze, [">= 0"])
+    s.add_dependency(%q<cancancan>.freeze, [">= 0"])
     s.add_dependency(%q<rubocop>.freeze, ["= 0.47.1"])
     s.add_dependency(%q<active_type>.freeze, [">= 1.3.0"])
     s.add_dependency(%q<minitest>.freeze, [">= 0"])

data/test/dummy/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ApplicationRecord
+  belongs_to :group
+end

data/test/unit/rails_ops/operation/update_auth_test.rb

@@ -0,0 +1,62 @@
+require 'test_helper'
+require 'rails_ops/authorization_backend/can_can_can'
+require 'cancancan'
+
+class RailsOps::Operation::UpdateLazyAuthTest < ActiveSupport::TestCase
+  include TestHelper
+
+  BASIC_OP = Class.new(RailsOps::Operation::Model::Update) do
+    model ::Group
+
+    model_authorization_action :update
+
+    def perform
+      fail osparams.exception if osparams.exception
+      @done = true
+    end
+  end
+
+  ABILITY = Class.new do
+    include CanCan::Ability
+
+    def initialize(read: false, update: false)
+      can :read, Group if read
+      can :update, Group if update
+    end
+  end
+
+  setup do
+    Group.create!(id: 1, name: 'Group')
+    RailsOps.config.authorization_backend = 'RailsOps::AuthorizationBackend::CanCanCan'
+  end
+
+  def test_unpermitted_read
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true))
+    assert_raises CanCan::AccessDenied do
+      BASIC_OP.new(ctx, id: 1)
+    end
+  end
+
+  def test_permitted_read
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true))
+    assert_nothing_raised do
+      BASIC_OP.new(ctx, id: 1)
+    end
+  end
+
+  def test_unpermitted_update
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true))
+    op = BASIC_OP.new(ctx, id: 1)
+    assert_raises CanCan::AccessDenied do
+      op.run!
+    end
+  end
+
+  def test_permitted_update
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true, update: true))
+    op = BASIC_OP.new(ctx, id: 1)
+    assert_nothing_raised do
+      op.run!
+    end
+  end
+end

data/test/unit/rails_ops/operation/update_lazy_auth_test.rb

@@ -0,0 +1,63 @@
+require 'test_helper'
+require 'rails_ops/authorization_backend/can_can_can'
+require 'cancancan'
+
+class RailsOps::Operation::UpdateLazyAuthTest < ActiveSupport::TestCase
+  include TestHelper
+
+  BASIC_OP = Class.new(RailsOps::Operation::Model::Update) do
+    model ::Group
+
+    model_authorization_action :update, lazy: true
+
+    def perform
+      fail osparams.exception if osparams.exception
+      @done = true
+    end
+  end
+
+  ABILITY = Class.new do
+    include CanCan::Ability
+
+    def initialize(read: false, update: false)
+      can :read, Group if read
+      can :update, Group if update
+    end
+  end
+
+  setup do
+    Group.delete_all
+    Group.create!(id: 1, name: 'Group')
+    RailsOps.config.authorization_backend = 'RailsOps::AuthorizationBackend::CanCanCan'
+  end
+
+  def test_unpermitted_read
+    ctx = RailsOps::Context.new(ability: ABILITY.new)
+    assert_raises CanCan::AccessDenied do
+      BASIC_OP.new(ctx, id: 1)
+    end
+  end
+
+  def test_permitted_read
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true))
+    assert_nothing_raised do
+      BASIC_OP.new(ctx, id: 1)
+    end
+  end
+
+  def test_unpermitted_update
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true))
+    op = BASIC_OP.new(ctx, id: 1)
+    assert_raises CanCan::AccessDenied do
+      op.run!
+    end
+  end
+
+  def test_permitted_update
+    ctx = RailsOps::Context.new(ability: ABILITY.new(read: true, update: true))
+    op = BASIC_OP.new(ctx, id: 1)
+    assert_nothing_raised do
+      op.run!
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_ops
 version: !ruby/object:Gem::Version
-  version: 1.1.21
+  version: 1.1.22
 platform: ruby
 authors:
 - Sitrox
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-06-23 00:00:00.000000000 Z
+date: 2021-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: cancancan
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -142,16 +156,16 @@ dependencies:
     - - "<="
       - !ruby/object:Gem::Version
         version: '3.1'
-description: 
-email: 
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".releaser_config"
 - ".rubocop.yml"
-- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - LICENSE
@@ -223,6 +237,7 @@ files:
 - test/dummy/app/models/application_record.rb
 - test/dummy/app/models/concerns/.keep
 - test/dummy/app/models/group.rb
+- test/dummy/app/models/user.rb
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/layouts/mailer.html.erb
 - test/dummy/app/views/layouts/mailer.text.erb
@@ -273,11 +288,13 @@ files:
 - test/unit/rails_ops/operation/model/load_test.rb
 - test/unit/rails_ops/operation/model/update_test.rb
 - test/unit/rails_ops/operation/model_test.rb
+- test/unit/rails_ops/operation/update_auth_test.rb
+- test/unit/rails_ops/operation/update_lazy_auth_test.rb
 - test/unit/rails_ops/operation_test.rb
-homepage: 
+homepage:
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -292,8 +309,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.2.22
+signing_key:
 specification_version: 4
 summary: An operations service layer for rails projects.
 test_files:
@@ -316,6 +333,7 @@ test_files:
 - test/dummy/app/models/application_record.rb
 - test/dummy/app/models/concerns/.keep
 - test/dummy/app/models/group.rb
+- test/dummy/app/models/user.rb
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/layouts/mailer.html.erb
 - test/dummy/app/views/layouts/mailer.text.erb
@@ -366,4 +384,6 @@ test_files:
 - test/unit/rails_ops/operation/model/load_test.rb
 - test/unit/rails_ops/operation/model/update_test.rb
 - test/unit/rails_ops/operation/model_test.rb
+- test/unit/rails_ops/operation/update_auth_test.rb
+- test/unit/rails_ops/operation/update_lazy_auth_test.rb
 - test/unit/rails_ops/operation_test.rb

data/.travis.yml

@@ -1,11 +0,0 @@
-language: ruby
-rvm:
- - 2.3.0
- - 2.5.1
- - 2.6.2
- - 2.7.1
- - 3.0.0
-script:
- - bundle install
- - bundle exec rake test
- - bundle exec rubocop