rbac_rls 0.1.3 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fb13cff5b26d29280bca5e6d39cb03d0b678b6d8a94864bba35ec1999bf432cb
-  data.tar.gz: c4dcdbec3c7a18d50a818ba041bf0ebe48e06133548353328ef6fadc91b57daf
+  metadata.gz: a78283c1080582d297d67402835e23261cb3676c1083b7a11283fe983f5b6e4c
+  data.tar.gz: b4193df304d181c3e51c8e0a2de4229dbc11279833314bc77fa571102275a27c
 SHA512:
-  metadata.gz: cc5662a8ca0d5f748d341d6861c7899beb512b6e306220684160b81a3e051dda3e71a4d980654406a2cc09a6d28723ad5c001c1c40bee028e5e93b334787f1cb
-  data.tar.gz: 6f1dd91ca3746596e1451566a703a132f15fff163af006d6b5082ed1c37382e93b661f4b72c1e5f1a51912e7e40b0d88587d448f327f99ce7e0af34192044c05
+  metadata.gz: 80ce3e50e315e100fc31febcb62c8f4e8f1068d0d87933c6a45b0fd609eba6f42b4898a0aae8f12549249a21d433fddc21bbbdef93dcaea9a58a156898c85e71
+  data.tar.gz: beb7a1969bd9bad2f70e460a51e403e9fc2798ccf2edbe7dc1d3894d05f2c87927dc8bc133d325160d06af524a360da36ac61acdb9b317c5345ea60173386b52

data/README.md

@@ -1,66 +1,125 @@
 # RbacRls
-Short description and motivation.
 
-## Usage
-How to use my plugin.
+Esta biblioteca tem por finalidade prover a funcionalidade de controle de acesso granular aos
+dados, contribuindo para a segurança através de verificações de acesso a informação. Este
+modelo tem como base os conceitos do recurso de controle de acesso RBAC(Role-Based
+Access Control ) aplicados juntamente aos métodos de RLS(Row-Level Security).
 
-## Installation
-Add this line to your application's Gemfile:
+O framework proposto tem por objetivo facilitar a implantação da funcionalidade
+de segurança, auxiliando o programador na implementação das políticas de restrições no
+banco de dados.
+
+## RLS:
+
+    A segurança em nível de linha permite que você use um contexto de execução para controlar o acesso a 
+    linhas em uma tabela de banco de dados, simplificando o design e a codificação de 
+    segurança da sua aplicação.
+
+## RBAC:
+
+    O controle de acesso baseado em função (RBAC) é um modelo de restrição de que tem como base as funções de usuários
+    individuais em um contexto hierárquico. O RBAC garante que os usuários acessem apenas as informações de que precisam
+    para realizar suas rotina  e os impede de acessar informações que não pertencem a eles.
+
+# Como utilizar esta Gem ?.
+
+###
+    Caso queira Apenas Testar há essa aplicação principal com um Scaffold básico "produtos" de exemplo:  https://gitlab.com/FilipeBeserraMaia/example_to_test
+
+
+### Instalação:
+
+Adicione esta linha no arquivo da sua aplicação Gemfile
 
 ```ruby
 gem "rbac_rls"
 ```
 
-And then execute:
+E então execute o seguinte comando:
+
 ```bash
 $ bundle
 ```
 
-Or install it yourself as:
+Ou Instale você mesmo manualmente com o comando abaixo :
+
 ```bash
 $ gem install rbac_rls
 ```
-And then add in your manifest.js:
-```bash 
+
+Adicione no seu arquivo manifest.js:
+
+```javascript
 //= link rbac_rls/application.css
 //= link rbac_rls/application.js
 ```
-And then add in your application_record.rb and application_controller.rb:
-```bash 
- include ConnectionRls
- include ConnectionRlsUser
+
+##### Adicione no seu arquivo application_record.rb:
+
+```ruby
+#Em application_record.rb
+include ConnectionRlsConcern
+```
+
+##### Adicione no seu arquivo application_controller.rb:
+
+```ruby
+#Em application_controller.rb" 
+include ConnectionRlsUserConcern
 ```
+
 ```bash 
- crie um novo everioniment para rodar as migrations 
- por exemplo: duplique um arquivo de  app/config/environments  configure o deu database.yml com o env 
+    Para fazer o uso desta biblioteca é necessário que a aplicação principal, acesse o banco de dados apartir de um 
+    usuário que não é o dono do banco de dados pois, as regras de Segurança em nivél de linha não podem ser aplicadas a
+    este tipo de usuário do banco de dados.
+Então: apenas para casos onde seja necessario rodar migrates como administrador utilize um novo Environment ou um método 
+diferente de conexão com o banco que não seja como da aplicação principal
+ Por exemplo: 
+ a aplicação por padrão utilizará um usuário "app_user" para suas consultas.
+ para rodar as migrates da aplicação o usuário padrão será "data_base_admin"
+ logo no environment "development" o usuário do banco de dados será :app_user
+ e no  environment "migrations" o usuário do banco de dados será :data_base_admin
  
- exemplo:
-     -----------
-     migrations:
-      <<: *default
-      database: main_app_development
-      username: username
-      password: password
-     -----------
+ Passos para criar um environment :
+ 1º  duplique um arquivo de  app/config/environments
+ 2º  configure o deu database.yml como no exemplo abaixo: 
+     exemplo:
+         -----------
+         migrations:
+          <<: *default
+          database: main_app_development
+          username: username
+          password: password
+         -----------
+  3º para rodar as migrates usando este environment use um comando análogo a "rake db:migrate RAILS_ENV=migrations"
+  
 ```
 
-And then run this command:
+Logo após estes passos, na linha de comando execute:
+
 ```bash
 rake rbac_rls:install:migrations  
 ```
 
-And then run this command:
-```bash
-rake db:migrate  
+##### Adicione na sua aplicação em config/routes.rb
+
+```ruby
+# Em config/routes.rb adicione 
+mount RbacRls::Engine => :rbac_rls
 ```
-And then run this command:
+
+Execute na linha de comando:
+
 ```bash
-yarn  install  
+rake db:migrate
+
+yarn  install    
 ```
 
+### após isso a bibilioteca está instalada, e pode ser acessada em /rbac_rls
 
-## Contributing
-Contribution directions go here.
+[//]: # (## Contributing)
 
 ## License
+
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/app/controllers/rbac_rls/permissions_controller.rb

@@ -43,8 +43,12 @@ module RbacRls
 
     # DELETE /permissions/1
     def destroy
+      notice_msg = "Permission was successfully destroyed."
       @permission.destroy
-      redirect_to permissions_url, notice: "Permission was successfully destroyed."
+      if @permission.errors.size > 0
+        notice_msg = @permission.errors&.messages&.first&.last&.last
+      end
+      redirect_to permissions_url, notice: notice_msg
     end
 
     private

data/app/controllers/rbac_rls/roles_controller.rb

@@ -42,8 +42,14 @@ module RbacRls
 
     # DELETE /roles/1
     def destroy
+      notice_msg = "Role was successfully destroyed."
+
       @role.destroy
-      redirect_to roles_url, notice: "Role was successfully destroyed."
+      if @role.errors.size > 0
+        notice_msg = @role.errors&.messages&.first&.last&.last
+      end
+      redirect_to roles_url, notice: notice_msg
+
     end
 
     private

data/app/models/concerns/manage_rls_migration_concern.rb

@@ -11,7 +11,7 @@ module ManageRlsMigrationConcern
   end
 
   def down_migrate(file_version = migration_version)
-    return true if system(Settings.down_migrate_command(file_version))
+    return true if system(RbacRls::Settings.down_migrate_command(file_version))
     false
   end
 

data/app/models/rbac_rls/group.rb

@@ -1,14 +1,11 @@
 class RbacRls::Group < ApplicationRecord
 
   self.table_name = :groups
-  has_many :group_permissions, :class_name => 'RbacRls::GroupPermission'
-  has_many :group_users, :class_name => 'RbacRls::GroupUser'
+  has_many :group_permissions, :class_name => 'RbacRls::GroupPermission', dependent: :delete_all
+  has_many :group_users, :class_name => 'RbacRls::GroupUser', dependent: :delete_all
   accepts_nested_attributes_for :group_permissions, reject_if: :all_blank, allow_destroy: true
   accepts_nested_attributes_for :group_users, reject_if: :all_blank, allow_destroy: true
 
-
   private
 
-
-
 end

data/app/models/rbac_rls/permission.rb

@@ -2,7 +2,8 @@ class RbacRls::Permission < ApplicationRecord
   include ManageRlsMigrationConcern
   self.table_name = :permissions
   belongs_to :permission, :class_name => 'RbacRls::Permission', optional: true
-  has_many :role_permissions, :class_name => 'RbacRls::RolePermission'
+  has_many :role_permissions, :class_name => 'RbacRls::RolePermission', dependent: :delete_all
+  has_many :group_permissions, :class_name => 'RbacRls::GroupPermission'
   accepts_nested_attributes_for :role_permissions, reject_if: :all_blank, allow_destroy: true
 
   #validations
@@ -11,12 +12,15 @@ class RbacRls::Permission < ApplicationRecord
   validates_presence_of :table_name
   before_validation :set_permission_name
   after_validation :create_rls_policy
-
-
-  def self.all_tables(schema = :public)
+  before_destroy :validate_destroy, prepend: true do
+    throw(:abort) if errors.present?
+  end
+  def self.all_tables(schema = :public, except = [])
+    removed = [:permissions, :roles, :user_roles, :schema_migrations, :ar_internal_metadata, :users,
+               :groups, :group_permissions, :group_users, :role_permissions] + except
     sql = "SELECT table_name FROM information_schema.tables #{where_schema(schema)} "
     result = ActiveRecord::Base.connection.select_all(sql)
-    tables = result.map { |k| k['table_name'] }
+    tables = result.map { |k| k['table_name'] }.select { |t| removed.exclude?(t.to_sym) }
     tables
   end
 
@@ -61,4 +65,21 @@ class RbacRls::Permission < ApplicationRecord
   def has_role_permission?() end
 
 
+  def validate_destroy
+    if not can_destroy?
+      self.errors.add(:base, @error)
+    end
+  end
+
+  private
+
+  def can_destroy?
+    out = true
+    if group_permissions.count > 0
+      @error = "Can't be destroyed because of Has associations With Groups"
+      out = false
+    end
+    out
+  end
+
 end

data/app/models/rbac_rls/role.rb

@@ -3,8 +3,30 @@ class RbacRls::Role < ApplicationRecord
 
   # has_many :permissions, :class_name => 'RbacRls::Permission'
 
-  has_many :user_roles, :class_name => 'RbacRls::UserRole'
+  has_many :user_roles, :class_name => 'RbacRls::UserRole', dependent: :delete_all
+  has_many :user_permissions, :class_name => 'RbacRls::RolePermission'
   accepts_nested_attributes_for :user_roles, reject_if: :all_blank, allow_destroy: true
 
+  before_destroy :validate_destroy, prepend: true do
+    throw(:abort) if errors.present?
+  end
+
+  def validate_destroy
+    if not can_destroy?
+      self.errors.add(:base, @error)
+    end
+  end
+
+  private
+
+  def can_destroy?
+    out = true
+    if user_permissions.count > 0
+      @error = "Can't be destroyed because of Has associations With permissions"
+      out = false
+    end
+    out
+  end
+
 end
 

data/app/views/rbac_rls/groups/_form.html.erb

@@ -13,18 +13,18 @@
 
   <div>
     <%= form.label :name, style: "display: block" %>
-    <%= form.text_field :name %>
+    <%= form.text_field :name, class: "form-control" %>
   </div>
 
   <div>
     <%= form.label :comments, style: "display: block" %>
-    <%= form.text_field :comments %>
+    <%= form.text_field :comments, class: "form-control" %>
   </div>
   <div class="m-2">
     <%= link_to_add_nested(form, :group_permissions, '#group_permissions',
                            partial: 'rbac_rls/groups/group_permission_fields',
                            link_text: 'Add new Permission to this Group Permission',
-                           link_classes: 'btn-primary btn-sm') %>
+                           link_classes: 'btn-primary btn') %>
   </div>
   <div id='group_permissions'>
     <%= form.fields_for :group_permissions do |p| %>
@@ -35,8 +35,8 @@
   <div class="m-2">
     <%= link_to_add_nested(form, :group_users, '#group_users',
                            partial: 'rbac_rls/groups/group_user_fields',
-                           link_text: 'Add new User to this Group User',
-                           link_classes: 'btn-primary btn-sm') %>
+                           link_text: 'Associate User to this Group',
+                           link_classes: 'btn-primary btn') %>
   </div>
   <div id='group_users'>
     <%= form.fields_for :group_users do |p| %>
@@ -45,7 +45,7 @@
   </div>
 
   <div>
-    <%= form.submit %>
+    <%= form.submit "Save", class: "btn btn-success" %>
   </div>
 
 <% end %>

data/app/views/rbac_rls/groups/_group.html.erb

@@ -1,12 +1,8 @@
-<div id="<%= dom_id group %>">
-  <p>
-    <strong>Name:</strong>
-    <%= group.name %>
-  </p>
-
-  <p>
-    <strong>Comments:</strong>
-    <%= group.comments %>
-  </p>
-
-</div>
+<ul class="list-group">
+  <li class="list-group-item">
+    <b>name:</b> <%= group.name %>
+  </li>
+  <li class="list-group-item">
+    <b>comments:</b>  <%= group.comments %>
+  </li>
+</ul>

data/app/views/rbac_rls/groups/_group_permission_fields.html.erb

@@ -1,7 +1,7 @@
 <% utc = Time.now.utc.to_formatted_s(:number) %>
 <div class="wrapper-div m-2">
   <div class="">
-    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn') %>
   </div>
   <div class="">
     <%= form.label :permission_id %> <br>
@@ -13,6 +13,6 @@
   </div>
   <div class="">
     <%= form.label :table_value %> <br>
-    <%= form.text_field :table_value %>
+    <%= form.text_field :table_value,class:"form-control" %>
   </div>
 </div>

data/app/views/rbac_rls/groups/_group_user_fields.html.erb

@@ -1,6 +1,6 @@
 <div class="wrapper-div m-2">
   <div class="">
-    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn') %>
   </div>
   <div class="">
     <%= form.label :user_id %> <br>

data/app/views/rbac_rls/groups/edit.html.erb

@@ -5,6 +5,6 @@
 <br>
 
 <div>
-  <%= link_to "Show this group", @group %> |
-  <%= link_to "Back to groups", groups_path %>
+  <%= link_to "Show this group", @group, class: "btn btn-secondary" %> |
+  <%= link_to "Back to groups", groups_path, class: "btn btn-secondary" %>
 </div>

data/app/views/rbac_rls/groups/index.html.erb

@@ -2,13 +2,19 @@
 
 <h1>Groups</h1>
 
-<div id="groups">
+<div id="groups" class="mt-3">
   <% @groups.each do |group| %>
-    <%= render group %>
-    <p>
-      <%= link_to "Show this group", group %>
-    </p>
+    <div class="mt-3">
+      <%= render group %>
+    </div>
+    <div class="mt-3 row">
+      <div class="col"><%= link_to "Edit this group", edit_group_path(group), class: "btn btn-warning" %></div>
+      <div class="col"> <%= link_to "Show this group", group, class: "btn btn-secondary" %></div>
+      <div class="col"><%= button_to "Destroy this group", group, method: :delete, class: "btn btn-danger" %></div>
+    </div>
   <% end %>
 </div>
 
-<%= link_to "New group", new_group_path %>
+<div class="mt-3">
+  <%= link_to "New group", new_group_path, class: "btn btn-primary" %>
+</div>

data/app/views/rbac_rls/groups/new.html.erb

@@ -5,5 +5,5 @@
 <br>
 
 <div>
-  <%= link_to "Back to groups", groups_path %>
+  <%= link_to "Back to groups", groups_path, class: "btn btn-secondary" %>
 </div>

data/app/views/rbac_rls/groups/show.html.erb

@@ -2,9 +2,8 @@
 
 <%= render @group %>
 
-<div>
-  <%= link_to "Edit this group", edit_group_path(@group) %> |
-  <%= link_to "Back to groups", groups_path %>
-
-  <%= button_to "Destroy this group", @group, method: :delete %>
+<div class="row mt-3">
+  <div class="col"><%= link_to "Edit this group", edit_group_path(@group), class: "btn btn-warning" %></div>
+  <div class="col"><%= link_to "Back to groups", groups_path, class: "btn btn-secondary" %></div>
+  <div class="col"><%= button_to "Destroy this group", @group, method: :delete, class: "btn btn-danger" %></div>
 </div>

data/app/views/rbac_rls/permissions/_form.html.erb

@@ -56,23 +56,26 @@
       </div>
     </div>
 
-    <div class="">
-      <%= form.label :permission_id %> <br>
-      <%= form.select(:permission_id, permission_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
-    </div>
-    <div class="m-2">
-      <%= link_to_add_nested(form, :role_permissions, '#roles_permission',
-                             partial: 'rbac_rls/permissions/role_permission_fields',
-                             link_text: 'Add new User to this Role Permission',
-                             link_classes: 'btn-primary btn-sm') %>
-    </div>
-    <div id='roles_permission'>
+    <!--    <div class="">-->
+    <!--      <%#= form.label :permission_id %> <br>-->
+    <%#= form.select(:permission_id, permission_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+    <!--    </div>-->
+    <hr>
+    <div id='roles_permission' class="m-3">
+      <hr>
       <%= form.fields_for :role_permissions do |p| %>
         <% render 'rbac_rls/permissions/role_permission_fields', form: p %>
       <% end %>
+
     </div>
     <div class="m-2">
-      <%= form.submit %>
+      <%= link_to_add_nested(form, :role_permissions, '#roles_permission',
+                             partial: 'rbac_rls/permissions/role_permission_fields',
+                             link_text: 'Associate Role to this Permission',
+                             link_classes: 'btn btn-primary btn-sm') %>
+    </div>
+    <div class="m-5">
+      <%= form.submit "Save", class: 'btn btn-primary' %>
     </div>
   <% end %>
 </div>

data/app/views/rbac_rls/permissions/_permission.html.erb

@@ -1,54 +1,37 @@
-<div id="<%= dom_id permission %>">
-  <p>
-    <strong>Name:</strong>
-    <%= permission.name %>
-  </p>
-
-  <p>
-    <strong>Table name:</strong>
-    <%= permission.table_name %>
-  </p>
-
-  <p>
-    <strong>Read:</strong>
-    <%= permission.read %>
-  </p>
-
-  <p>
-    <strong>Write:</strong>
-    <%= permission.write %>
-  </p>
-
-  <p>
-    <strong>Update:</strong>
-    <%= permission.change %>
-  </p>
-
-  <p>
-    <strong>Delete:</strong>
-    <%= permission.remove %>
-  </p>
-
-  <p>
-    <strong>Permission:</strong>
-    <%= permission.permission_id %>
-  </p>
-  <p>
-    <strong>
-      owner_read
-    </strong>
-    <%= permission.owner_read %>
-  </p>
-  <p>
-    <strong>
-      owner_change
-    </strong>
-    <%= permission.owner_change %>
-  </p>
-  <p>
-    <strong>
-      owner_remove
-    </strong>
-    <%= permission.owner_remove %>
-  </p>
-</div>
+<div class="row">
+  <div class="col">
+    <ul class="list-group">
+      <li class="list-group-item">
+        <b>name:</b> <%= permission.name %>
+      </li>
+      <li class="list-group-item">
+        <b>table name:</b> <%= permission.table_name %>
+      </li>
+      <li class="list-group-item">
+        <b>read:</b> <%= permission.read %>
+      </li>
+      <li class="list-group-item">
+        <b>write:</b> <%= permission.write %>
+      </li>
+      <li class="list-group-item">
+        <b>change:</b> <%= permission.change %>
+      </li>
+      <li class="list-group-item">
+        <b>remove:</b> <%= permission.remove %>
+      </li>
+    </ul>
+  </div>
+  <div class="col">
+    <ul class="list-group">
+      <li class="list-group-item">
+        <b>owner read:</b> <%= permission.owner_read %>
+      </li>
+      <li class="list-group-item">
+        <b>owner change:</b> <%= permission.owner_change %>
+      </li>
+      <li class="list-group-item">
+        <b>owner remove:</b> <%= permission.owner_remove %>
+      </li>
+    </ul>
+  </div>
+</div>

data/app/views/rbac_rls/permissions/_role_permission_fields.html.erb

@@ -1,9 +1,9 @@
 <div class="wrapper-div m-2">
   <div class="">
-    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn btn-danger btn-sm') %>
   </div>
   <div class="">
     <%= form.label :role_id %> <br>
-    <%= form.select(:role_id, role_options_for_select(form), { :prompt => "...", include_blank: true }, class: 'form-control') %>
+    <%= form.select(:role_id, role_options_for_select(form), { :prompt => "..."}, class: 'form-control') %>
   </div>
 </div>

data/app/views/rbac_rls/permissions/index.html.erb

@@ -3,16 +3,23 @@
 <h1 class="display-3">Permissions</h1>
 
 <div class="">
-  <%= link_to new_permission_path, class: 'btn-primary btn-sm' do %>
+  <%= link_to new_permission_path, class: 'btn btn-primary btn-sm' do %>
     New permission
   <% end %>
 </div>
 
 <div id="permissions">
   <% @permissions.each do |permission| %>
-    <%= render permission %>
-    <p>
-      <%= link_to "Show this permission", permission,class: 'btn btn-secondary'%>
-    </p>
+
+    <div class="m-3">
+      <%= render permission %>
+    </div>
+    <div class="m-3">
+      <div class="row">
+        <div class="col"><%= link_to "Edit this permission", edit_permission_path(permission), class: "btn btn-warning" %></div>
+        <div class="col"><%= button_to "Destroy this permission", permission, method: :delete, class: "btn btn-danger" %></div>
+        <div class="col"><%= link_to "Show this permission", permission, class: 'btn btn-secondary' %></div>
+      </div>
+    </div>
   <% end %>
 </div>

data/app/views/rbac_rls/permissions/show.html.erb

@@ -1,10 +1,11 @@
 <p style="color: green"><%= notice %></p>
 
-<%= render @permission %>
-
-<div>
-  <%= link_to "Edit this permission", edit_permission_path(@permission) %> |
-  <%= link_to "Back to permissions", permissions_path %>
+<div class="m-3">
+  <%= render @permission %>
+</div>
 
-  <%= button_to "Destroy this permission", @permission, method: :delete %>
+<div class="row">
+  <div class="col"><%= link_to "Edit this permission", edit_permission_path(@permission), class: "btn btn-warning" %></div>
+  <div class="col"><%= link_to "Back to permissions", permissions_path, class: "btn btn-secondary" %></div>
+  <div class="col"><%= button_to "Destroy this permission", @permission, method: :delete, class: "btn btn-danger" %></div>
 </div>

data/app/views/rbac_rls/roles/_form.html.erb

@@ -22,21 +22,22 @@
       <%= form.text_area :comments, class: 'form-control' %>
     </div>
 
-
-    <div id='user_roles'>
-      <%= form.fields_for :user_roles do |p| %>
-        <% render 'rbac_rls/roles/user_role_fields', form: p %>
-      <% end %>
-    </div>
-    <div class="m-2">
-      <%= link_to_add_nested(form, :user_roles, '#user_roles',
-                             partial: 'rbac_rls/roles/user_role_fields',
-                             link_text: 'Add new User to role',
-                             link_classes: 'btn-primary btn-sm') %>
+    <div class="container">
+      <div id='user_roles'>
+        <%= form.fields_for :user_roles do |p| %>
+          <% render 'rbac_rls/roles/user_role_fields', form: p %>
+        <% end %>
+      </div>
+      <div class="m-2">
+        <%= link_to_add_nested(form, :user_roles, '#user_roles',
+                               partial: 'rbac_rls/roles/user_role_fields',
+                               link_text: 'Add new User to role',
+                               link_classes: 'btn btn-primary btn-sm') %>
+      </div>
     </div>
 
     <div class="m-2">
-      <%= form.submit "Create Role", class: 'btn-primary btn-sm' %>
+      <%= form.submit "Create Role", class: 'btn btn-primary btn-sm' %>
     </div>
   <% end %>
 </div>

data/app/views/rbac_rls/roles/_user_role_fields.html.erb

@@ -1,6 +1,6 @@
 <div class="wrapper-div m-2">
   <div class="">
-    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn-danger btn-sm') %>
+    <%= link_to_remove_nested(form, fields_wrapper_selector: '.wrapper-div', link_classes: 'btn btn-danger btn-sm') %>
   </div>
   <div class="">
     <%= form.label :user_id %> <br>

data/app/views/rbac_rls/roles/index.html.erb

@@ -1,10 +1,8 @@
 <div class="container">
   <p style="color: green"><%= notice %></p>
-
   <h1 class="display-3">Roles</h1>
-
   <div class="">
-    <%= link_to new_role_path, class: 'btn-primary btn-sm' do %>
+    <%= link_to new_role_path, class: 'btn btn-primary btn-sm' do %>
       New Role
     <% end %>
   </div>

data/app/views/rbac_rls/roles/new.html.erb

@@ -1,7 +1,7 @@
 <div class="container">
   <h1 class="display-3">New role</h1>
   <div>
-    <%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
+    <%= link_to "Back to roles", roles_path, class: 'btn btn-sm btn-danger' %>
   </div>
 
   <%= render "form", role: @role %>

data/app/views/rbac_rls/roles/show.html.erb

@@ -1,12 +1,18 @@
 <div class="container">
   <p style="color: green"><%= notice %></p>
-  <%= link_to "Edit this role", edit_role_path(@role), class: 'btn-primary btn-sm' %>
-  <%= link_to "Back to roles", roles_path, class: 'btn-danger btn-sm' %>
+  <%= link_to "Edit this role", edit_role_path(@role), class: 'btn btn-primary btn-sm' %>
+  <%= link_to "Back to roles", roles_path, class: 'btn btn-danger btn-sm' %>
 
 
   <div class="w-75 m-2">
     <%= render @role %>
+    <div class="m-3">
+      <div><h5>Associated Users</h5></div>
+      <% @role.user_roles.each do |user| %>
+        <%= render 'rbac_rls/shared/user', obj: user %>
+      <% end %>
+    </div>
   </div>
 
-  <%= button_to "Destroy this role", @role, method: :delete, class: 'btn-danger btn-sm', data: { confirm: "Are you sure?" } %>
+  <%= button_to "Destroy this role", @role, method: :delete, class: 'btn btn-danger btn-sm', data: { confirm: "Are you sure?" } %>
 </div>

data/app/views/rbac_rls/shared/_user.html.erb

@@ -0,0 +1,6 @@
+<div class="container">
+  <div class="w-75 m-2">
+    <div><b>User:</b>  <%= obj.user.email %></div>
+  </div>
+
+</div>

data/lib/generators/rbac_rls/templates/group_permission_migration.rb

@@ -37,7 +37,7 @@ def change
             INNER JOIN group_users gu on gu.group_id   = gp.group_id
         WHERE (p.\"#{type_polices[type.to_sym]}\")
           AND p.table_name = '#{gen_table_name}'
-        )  and  owner_id = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint  )
+        )  and  #{RbacRls::Settings.owner_column_name} = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint  )
       "
     end
   }

data/lib/generators/rbac_rls/templates/rls_migration.rb

@@ -2,7 +2,7 @@
 # rails generate rbac_rls:custom_migration  table_name
 time_now = Time.now.getutc.to_i
 attrs = attributes.map { |i| i.name.camelize }
-
+gen_table_name = name.underscore
 limit_policy_name = 63
 type_polices = {insert: :write,
                 select: :read,
@@ -33,8 +33,8 @@ def change
             INNER JOIN role_permissions rp  on rp.permission_id  = p.id
               INNER JOIN user_roles ur  on rp.role_id  = ur.role_id
           WHERE (p.\"#{type_polices_owner[type.to_sym]}\")
-            AND p.table_name = 'products'
-        )  and  owner_id = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint  )
+            AND p.table_name = '#{gen_table_name}'
+        )  and  #{RbacRls::Settings.owner_column_name} = NULLIF(current_setting('rls.user_id', TRUE), '')::bigint  )
       "
     end
   }
@@ -47,7 +47,7 @@ def change
                 INNER JOIN role_permissions rp  on rp.permission_id  = p.id
                   INNER JOIN user_roles ur  on rp.role_id  = ur.role_id
               WHERE (p.\"#{type_polices[type.to_sym]}\")
-                AND p.table_name = 'products'
+                AND p.table_name = '#{gen_table_name}'
             )
             #{owner_rls_policy[type]}
   "

data/lib/rbac_rls/version.rb

@@ -1,3 +1,3 @@
 module RbacRls
-  VERSION = "0.1.3"
-end
+  VERSION = "0.1.5"
+end

data/lib/rbac_rls.rb

@@ -11,6 +11,10 @@ module RbacRls
       "rake db:migrate:down VERSION=#{version} RAILS_ENV=migrations"
     end
 
+    def self.owner_column_name
+      "owner_id"
+    end
+
     def self.application_db_user
       "app_user"
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rbac_rls
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.5
 platform: ruby
 authors:
 - FilipeBeserraMaia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-10-13 00:00:00.000000000 Z
+date: 2022-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -128,6 +128,7 @@ files:
 - app/views/rbac_rls/roles/index.html.erb
 - app/views/rbac_rls/roles/new.html.erb
 - app/views/rbac_rls/roles/show.html.erb
+- app/views/rbac_rls/shared/_user.html.erb
 - config/assets.rb
 - config/importmap.rb
 - config/routes.rb