rhino-rails 4.4.0 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0155b30eedf93061b38295ed96254194529de0abf03aad309becc312a512c5ba
4
- data.tar.gz: 5e1ce1624bab2a77f8603ebdf6984a43e4bd71d277f51900ae533465e4fd0881
3
+ metadata.gz: ecffad187ec69c47659219d1eb766247a82ce666a662be9a32c3d88afe4bd48c
4
+ data.tar.gz: 1ccb038bc991c74d4338b84a20280b38660f1ec959552b3546625de855f37969
5
5
  SHA512:
6
- metadata.gz: 975f1ee3efc83423ae775131eace5689a7b09269541848da21e286f2f55cedd71b265a8e3c5c448a85cc7b9c8ecdde2e27dd615ef1a26719732a7d958cbfb8da
7
- data.tar.gz: 3a32ccaf04ad8f351828752a83efac31503d53afbd4c3239d0f38e836c8e151dd4681f2a650a853e9d6d728e6477f34e72023680c6bbd36dc63369ad6ca6d10c
6
+ metadata.gz: 242a0d4672911f646bd9dc62dcfa6bd0641caed3ec88af8f62dea657f146e0d019f80d9cbe769fb9e7415c611e709946c1aeb01af4eeb1871ca590ea2533b866
7
+ data.tar.gz: ea611e79054413e6322dd44a2a141aa01a0791a8eb48d13e4dd8311c03821c8195fb7befd598840d63401355a3fd4819f7b4506afd6486d38d5a0fedef48a5e4
@@ -0,0 +1,88 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rhino
4
+ # Ambient tenant context resolver.
5
+ #
6
+ # Reads the current user/organization from RequestStore by default (request-time
7
+ # context set by the controller before_actions), but can be overridden for the
8
+ # duration of a block via +with+ — used by the explicit query builder so jobs,
9
+ # rake tasks, and tests can query without a route.
10
+ module Context
11
+ module_function
12
+
13
+ # The active organization: the explicit override if one is in effect, else the
14
+ # request-time organization from RequestStore.
15
+ def organization
16
+ if store.key?(:rhino_organization)
17
+ store[:rhino_organization]
18
+ elsif defined?(RequestStore)
19
+ RequestStore.store[:rhino_organization]
20
+ end
21
+ end
22
+
23
+ # The active user: the explicit override if one is in effect, else the
24
+ # request-time user from RequestStore.
25
+ def user
26
+ if store.key?(:rhino_current_user)
27
+ store[:rhino_current_user]
28
+ elsif defined?(RequestStore)
29
+ RequestStore.store[:rhino_current_user]
30
+ end
31
+ end
32
+
33
+ # Run +block+ with the given user/organization installed into RequestStore.
34
+ # Snapshots the prior RequestStore user+org, sets the new ones, yields, and
35
+ # restores the snapshot in an ensure. Returns the block's value.
36
+ def with(user:, organization:)
37
+ return yield unless defined?(RequestStore)
38
+
39
+ had_user = RequestStore.store.key?(:rhino_current_user)
40
+ had_org = RequestStore.store.key?(:rhino_organization)
41
+ prev_user = RequestStore.store[:rhino_current_user]
42
+ prev_org = RequestStore.store[:rhino_organization]
43
+
44
+ # Track the active override so Context.user/organization prefer it even when
45
+ # the passed value is nil (distinguishing "explicitly nil" from "absent").
46
+ had_override_user = store.key?(:rhino_current_user)
47
+ had_override_org = store.key?(:rhino_organization)
48
+ prev_override_user = store[:rhino_current_user]
49
+ prev_override_org = store[:rhino_organization]
50
+
51
+ RequestStore.store[:rhino_current_user] = user
52
+ RequestStore.store[:rhino_organization] = organization
53
+ store[:rhino_current_user] = user
54
+ store[:rhino_organization] = organization
55
+
56
+ begin
57
+ yield
58
+ ensure
59
+ if had_user
60
+ RequestStore.store[:rhino_current_user] = prev_user
61
+ else
62
+ RequestStore.store.delete(:rhino_current_user)
63
+ end
64
+ if had_org
65
+ RequestStore.store[:rhino_organization] = prev_org
66
+ else
67
+ RequestStore.store.delete(:rhino_organization)
68
+ end
69
+
70
+ if had_override_user
71
+ store[:rhino_current_user] = prev_override_user
72
+ else
73
+ store.delete(:rhino_current_user)
74
+ end
75
+ if had_override_org
76
+ store[:rhino_organization] = prev_override_org
77
+ else
78
+ store.delete(:rhino_organization)
79
+ end
80
+ end
81
+ end
82
+
83
+ # Fiber-local override store for the active explicit context.
84
+ def store
85
+ Thread.current[:rhino_context_override] ||= {}
86
+ end
87
+ end
88
+ end
@@ -446,61 +446,10 @@ module Rhino
446
446
  org = current_organization
447
447
  return unless org
448
448
 
449
- # When the resource IS the Organization model
450
- if org.class == model_class
451
- builder.instance_variable_set(
452
- :@scope,
453
- builder.scope.where(model_class.primary_key => org.send(model_class.primary_key))
454
- )
455
- return
456
- end
457
-
458
- # Check for scopeForOrganization
459
- if model_class.respond_to?(:for_organization)
460
- builder.instance_variable_set(:@scope, model_class.for_organization(org))
461
- return
462
- end
463
-
464
- # Check for organization_id column
465
- if model_class.column_names.include?("organization_id")
466
- builder.instance_variable_set(
467
- :@scope,
468
- builder.scope.where(organization_id: org.id)
469
- )
470
- return
471
- end
472
-
473
- # Auto-detect from belongs_to relationships
474
- detected_path = discover_organization_path(model_class)
475
- if detected_path.present?
476
- apply_organization_scope_through_relationship(builder, org, detected_path)
477
- end
478
- end
479
-
480
- def apply_organization_scope_through_relationship(builder, organization, relationship_path)
481
- if relationship_path.include?(".")
482
- # Nested path: 'post.blog' -> joins(post: :blog).where(blogs: { organization_id: org.id })
483
- parts = relationship_path.split(".")
484
- join_chain = parts.reverse.inject(:organization) { |inner, outer| { outer.to_sym => inner } }
485
-
486
- builder.instance_variable_set(
487
- :@scope,
488
- builder.scope.joins(join_chain.is_a?(Symbol) ? join_chain : parts.first.to_sym => join_chain)
489
- .where(organizations: { id: organization.id })
490
- )
491
- else
492
- # Single relationship
493
- assoc = model_class.reflect_on_association(relationship_path.to_sym)
494
- return unless assoc
495
-
496
- if assoc.klass.column_names.include?("organization_id")
497
- builder.instance_variable_set(
498
- :@scope,
499
- builder.scope.joins(relationship_path.to_sym)
500
- .where(assoc.klass.table_name => { organization_id: organization.id })
501
- )
502
- end
503
- end
449
+ builder.instance_variable_set(
450
+ :@scope,
451
+ Rhino::ScopesToOrganization.scope_to_organization(builder.scope, model_class, org)
452
+ )
504
453
  end
505
454
 
506
455
  def add_organization_to_data(data)
@@ -515,9 +464,10 @@ module Rhino
515
464
  # Recursively discover the relationship path from a model to Organization
516
465
  # by introspecting BelongsTo associations. Returns dot-notation path or nil.
517
466
  #
518
- # Results are cached per model class to avoid repeated reflection.
467
+ # The recursion itself lives in Rhino::ScopesToOrganization (the extracted,
468
+ # pure implementation) so the controller and the custom-query resolver share
469
+ # one code path. The controller keeps its own per-class cache for back-compat.
519
470
  def discover_organization_path(klass, visited = [], max_depth = 3)
520
- # Return cached result (including nil)
521
471
  if @@organization_path_cache.key?(klass.name)
522
472
  return @@organization_path_cache[klass.name]
523
473
  end
@@ -528,65 +478,7 @@ module Rhino
528
478
  end
529
479
 
530
480
  def _discover_organization_path_recursive(klass, visited, max_depth)
531
- return nil if max_depth <= 0 || visited.include?(klass.name)
532
-
533
- visited = visited + [klass.name]
534
-
535
- begin
536
- associations = klass.reflect_on_all_associations(:belongs_to)
537
- rescue StandardError
538
- return nil
539
- end
540
-
541
- matching_paths = []
542
-
543
- associations.each do |assoc|
544
- begin
545
- related_class = assoc.klass
546
- rescue StandardError
547
- next
548
- end
549
-
550
- # Direct match: related model IS Organization
551
- if related_class.name == "Organization"
552
- matching_paths << assoc.name.to_s
553
- next
554
- end
555
-
556
- # Related model has organization_id column
557
- begin
558
- if related_class.column_names.include?("organization_id")
559
- matching_paths << assoc.name.to_s
560
- next
561
- end
562
- rescue StandardError
563
- # Table may not exist yet
564
- end
565
-
566
- # Related model includes BelongsToOrganization concern
567
- if related_class.include?(Rhino::BelongsToOrganization)
568
- matching_paths << assoc.name.to_s
569
- next
570
- end
571
-
572
- # Recurse into related model's BelongsTo associations
573
- sub_path = _discover_organization_path_recursive(related_class, visited, max_depth - 1)
574
- if sub_path.present?
575
- matching_paths << "#{assoc.name}.#{sub_path}"
576
- end
577
- end
578
-
579
- return nil if matching_paths.empty?
580
-
581
- if matching_paths.length > 1
582
- Rails.logger&.debug(
583
- "Rhino: Model #{klass.name} has multiple BelongsTo paths to Organization. " \
584
- "Using '#{matching_paths[0]}'. " \
585
- "Paths found: #{matching_paths.inspect}"
586
- )
587
- end
588
-
589
- matching_paths[0]
481
+ Rhino::ScopesToOrganization._discover_organization_path_recursive(klass, visited, max_depth)
590
482
  end
591
483
 
592
484
  # ------------------------------------------------------------------
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rhino
4
+ # Raised by Rhino.query (and the explicit builder) when an organization-scopable
5
+ # model is queried with no organization context available. Fail-closed: the
6
+ # resolver never returns an unscoped relation for a tenant-scopable model.
7
+ class MissingTenantContext < StandardError; end
8
+ end
@@ -0,0 +1,123 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rhino
4
+ # Reusable tenant-safe query resolver for custom controllers (dashboards,
5
+ # reports, anything beyond CRUD). Mirrors the Laravel Rhino::query feature.
6
+ #
7
+ # Two ways to use it:
8
+ #
9
+ # # Direct / ambient — org + user from the request context (RequestStore)
10
+ # Rhino.query(Task)
11
+ #
12
+ # # Explicit — works in jobs/rake/tests with NO route; org scope comes from
13
+ # # the passed org, not the request:
14
+ # Rhino.for_user(user).in_organization(org).query(Task)
15
+ # Rhino.for_user(user).in_organization(org).run { ... }
16
+ class << self
17
+ # Build a tenant-scoped relation for +model_class+ using the ambient context.
18
+ #
19
+ # Applies the same org scoping as CRUD plus the model's default_scopes
20
+ # (BelongsToOrganization / HasAutoScope read RequestStore at BUILD time).
21
+ #
22
+ # Fail closed: an org-scopable model with no org context RAISES
23
+ # Rhino::MissingTenantContext rather than returning an unscoped relation.
24
+ def query(model_class)
25
+ org = Rhino::Context.organization
26
+
27
+ # default_scope (org via RequestStore) + auto-scope are baked here at build.
28
+ relation = model_class.all
29
+
30
+ if Rhino::ScopesToOrganization.organization_scoped?(model_class)
31
+ raise Rhino::MissingTenantContext, model_class.name unless org
32
+
33
+ relation = Rhino::ScopesToOrganization.scope_to_organization(relation, model_class, org, strict: true)
34
+ end
35
+
36
+ relation
37
+ end
38
+
39
+ # Build a tenant-scoped relation and apply a whitelisted ?scope= named scope
40
+ # on top of it. +scope_name+ is the wire name (camelCase accepted); nil falls
41
+ # back to the model's rhino_default_scope.
42
+ def scoped_query(model_class, scope_name = nil)
43
+ apply_named_scope(query(model_class), model_class, scope_name)
44
+ end
45
+
46
+ # Begin the fluent explicit builder for +user+.
47
+ def for_user(user)
48
+ Rhino::PendingScopedContext.new(user: user)
49
+ end
50
+
51
+ # The ambient context resolver.
52
+ def context
53
+ Rhino::Context
54
+ end
55
+
56
+ # Apply a whitelisted named scope to +relation+ for +model_class+.
57
+ # Shared by Rhino.scoped_query and PendingScopedContext#scoped_query. Uses the
58
+ # same allowed_scopes / default_rhino_scope mechanism as the QueryBuilder.
59
+ # @api private
60
+ def apply_named_scope(relation, model_class, scope_name = nil)
61
+ requested = scope_name.to_s.presence
62
+ name = requested ? requested.underscore : model_class.try(:default_rhino_scope)
63
+ return relation unless name
64
+
65
+ allowed = model_class.try(:allowed_scopes) || {}
66
+ entry = allowed[name]
67
+ entry ||= name.to_sym if name == model_class.try(:default_rhino_scope)
68
+
69
+ raise Rhino::ScopeNotAllowedError, (requested || name) if entry.nil?
70
+
71
+ user = defined?(RequestStore) ? RequestStore.store[:rhino_current_user] : nil
72
+
73
+ case entry
74
+ when Symbol
75
+ relation.merge(model_class.public_send(entry))
76
+ when Proc
77
+ entry.call(relation, user)
78
+ else
79
+ entry.new.apply(relation)
80
+ end
81
+ end
82
+ end
83
+
84
+ # Fluent explicit-context builder. Holds a user (and, once chained, an org) and
85
+ # resolves queries with that context installed into RequestStore at build time.
86
+ class PendingScopedContext
87
+ def initialize(user:, organization: nil)
88
+ @user = user
89
+ @organization = organization
90
+ end
91
+
92
+ def in_organization(organization)
93
+ @organization = organization
94
+ self
95
+ end
96
+
97
+ # Build a fully-baked relation for +model_class+ under this explicit context.
98
+ #
99
+ # Because Rails default_scopes bake at BUILD time, we install the user+org into
100
+ # RequestStore, build the relation via Rhino.query, then restore RequestStore.
101
+ # The org+user are baked into the returned relation — no stickiness, fully
102
+ # isolated: a later Rhino.query with no context still fails closed.
103
+ def query(model_class)
104
+ Rhino::Context.with(user: @user, organization: @organization) do
105
+ Rhino.query(model_class)
106
+ end
107
+ end
108
+
109
+ # Build a fully-baked, named-scoped relation under this explicit context.
110
+ def scoped_query(model_class, scope_name = nil)
111
+ Rhino::Context.with(user: @user, organization: @organization) do
112
+ Rhino.scoped_query(model_class, scope_name)
113
+ end
114
+ end
115
+
116
+ # Run +block+ with the explicit context installed into RequestStore. Queries
117
+ # inside the block see the context; RequestStore is restored afterward.
118
+ # Returns the block's value.
119
+ def run(&block)
120
+ Rhino::Context.with(user: @user, organization: @organization, &block)
121
+ end
122
+ end
123
+ end
@@ -0,0 +1,181 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rhino
4
+ # Pure organization-scoping logic, extracted from ResourcesController so it can
5
+ # be reused by the custom-query resolver (Rhino.query / Rhino.for_user...).
6
+ #
7
+ # Every method takes a RELATION and RETURNS a scoped relation — it never mutates
8
+ # a QueryBuilder's @scope. The scoping order MUST match the controller exactly:
9
+ # 1. Organization-is-self (the model IS the Organization)
10
+ # 2. for_organization (scopeForOrganization)
11
+ # 3. organization_id column
12
+ # 4. auto-detected belongs_to relationship path (incl. nested, e.g. post.blog)
13
+ module ScopesToOrganization
14
+ # Cache for auto-detected organization paths (survives across calls, keyed by
15
+ # model class name). Mirrors the controller's @@organization_path_cache.
16
+ @organization_path_cache = {}
17
+
18
+ module_function
19
+
20
+ # Apply organization scoping to +relation+ for +model_class+, returning the
21
+ # scoped relation. Behavior-equivalent to the controller's
22
+ # apply_organization_scope, but returning instead of mutating a builder.
23
+ def scope_to_organization(relation, model_class, organization, strict: false)
24
+ return relation unless organization
25
+
26
+ # When the resource IS the Organization model
27
+ if organization.class == model_class
28
+ return relation.where(
29
+ model_class.primary_key => organization.send(model_class.primary_key)
30
+ )
31
+ end
32
+
33
+ # Check for scopeForOrganization
34
+ if model_class.respond_to?(:for_organization)
35
+ return model_class.for_organization(organization)
36
+ end
37
+
38
+ # Check for organization_id column
39
+ if model_class.column_names.include?("organization_id")
40
+ return relation.where(organization_id: organization.id)
41
+ end
42
+
43
+ # Auto-detect from belongs_to relationships
44
+ detected_path = discover_organization_path(model_class)
45
+ if detected_path.present?
46
+ return scope_through_relationship(relation, model_class, organization, detected_path, strict: strict)
47
+ end
48
+
49
+ # No mechanism could be applied. In strict mode (the resolver) a model that
50
+ # reached here after being classified organization_scoped? must NOT return
51
+ # unscoped — fail closed instead of leaking across tenants.
52
+ raise Rhino::MissingTenantContext, model_class.name if strict && organization_scoped?(model_class)
53
+
54
+ relation
55
+ end
56
+
57
+ # Whether +model_class+ has any organization-scoping mechanism at all. Used by
58
+ # the resolver to decide whether missing org context must fail closed. On an
59
+ # unexpected classification error we fail CLOSED (treat as scopable) so the
60
+ # resolver raises rather than silently returning unscoped rows.
61
+ def organization_scoped?(model_class)
62
+ return true if model_class.respond_to?(:for_organization)
63
+ return true if model_class.column_names.include?("organization_id")
64
+
65
+ discover_organization_path(model_class).present?
66
+ rescue StandardError
67
+ true
68
+ end
69
+
70
+ def scope_through_relationship(relation, model_class, organization, relationship_path, strict: false)
71
+ if relationship_path.include?(".")
72
+ # Nested path: 'post.blog' -> joins(post: :blog).where(organizations: { id: org.id })
73
+ parts = relationship_path.split(".")
74
+ join_chain = parts.reverse.inject(:organization) { |inner, outer| { outer.to_sym => inner } }
75
+
76
+ relation.joins(join_chain.is_a?(Symbol) ? join_chain : parts.first.to_sym => join_chain)
77
+ .where(organizations: { id: organization.id })
78
+ else
79
+ # Single relationship
80
+ assoc = model_class.reflect_on_association(relationship_path.to_sym)
81
+ if assoc.nil?
82
+ # Classified scopable but the association vanished — fail closed for the
83
+ # resolver; stay lenient for the controller's legacy path.
84
+ raise Rhino::MissingTenantContext, model_class.name if strict
85
+
86
+ return relation
87
+ end
88
+
89
+ if assoc.klass.column_names.include?("organization_id")
90
+ relation.joins(relationship_path.to_sym)
91
+ .where(assoc.klass.table_name => { organization_id: organization.id })
92
+ elsif strict
93
+ # Path leads somewhere without an organization_id column, so no filter
94
+ # can be applied — fail closed rather than return every tenant's rows.
95
+ raise Rhino::MissingTenantContext, model_class.name
96
+ else
97
+ relation
98
+ end
99
+ end
100
+ end
101
+
102
+ # Recursively discover the relationship path from a model to Organization by
103
+ # introspecting BelongsTo associations. Returns dot-notation path or nil.
104
+ # Results are cached per model class to avoid repeated reflection.
105
+ def discover_organization_path(klass, visited = [], max_depth = 3)
106
+ if @organization_path_cache.key?(klass.name)
107
+ return @organization_path_cache[klass.name]
108
+ end
109
+
110
+ result = _discover_organization_path_recursive(klass, visited, max_depth)
111
+ # Only cache a positive result. Caching a transient nil (associations/tables
112
+ # not yet resolvable under Zeitwerk lazy-loading) would permanently
113
+ # misclassify a genuinely org-scoped model as global — a fail-open leak.
114
+ # Mirrors HasAutoScope's non-nil caching.
115
+ @organization_path_cache[klass.name] = result if result
116
+ result
117
+ end
118
+
119
+ def _discover_organization_path_recursive(klass, visited, max_depth)
120
+ return nil if max_depth <= 0 || visited.include?(klass.name)
121
+
122
+ visited = visited + [klass.name]
123
+
124
+ begin
125
+ associations = klass.reflect_on_all_associations(:belongs_to)
126
+ rescue StandardError
127
+ return nil
128
+ end
129
+
130
+ matching_paths = []
131
+
132
+ associations.each do |assoc|
133
+ begin
134
+ related_class = assoc.klass
135
+ rescue StandardError
136
+ next
137
+ end
138
+
139
+ # Direct match: related model IS Organization
140
+ if related_class.name == "Organization"
141
+ matching_paths << assoc.name.to_s
142
+ next
143
+ end
144
+
145
+ # Related model has organization_id column
146
+ begin
147
+ if related_class.column_names.include?("organization_id")
148
+ matching_paths << assoc.name.to_s
149
+ next
150
+ end
151
+ rescue StandardError
152
+ # Table may not exist yet
153
+ end
154
+
155
+ # Related model includes BelongsToOrganization concern
156
+ if defined?(Rhino::BelongsToOrganization) && related_class.include?(Rhino::BelongsToOrganization)
157
+ matching_paths << assoc.name.to_s
158
+ next
159
+ end
160
+
161
+ # Recurse into related model's BelongsTo associations
162
+ sub_path = _discover_organization_path_recursive(related_class, visited, max_depth - 1)
163
+ if sub_path.present?
164
+ matching_paths << "#{assoc.name}.#{sub_path}"
165
+ end
166
+ end
167
+
168
+ return nil if matching_paths.empty?
169
+
170
+ if matching_paths.length > 1
171
+ Rails.logger&.debug(
172
+ "Rhino: Model #{klass.name} has multiple BelongsTo paths to Organization. " \
173
+ "Using '#{matching_paths[0]}'. " \
174
+ "Paths found: #{matching_paths.inspect}"
175
+ )
176
+ end
177
+
178
+ matching_paths[0]
179
+ end
180
+ end
181
+ end
data/lib/rhino/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Rhino
4
- VERSION = "4.4.0"
4
+ VERSION = "4.5.0"
5
5
  end
data/lib/rhino.rb CHANGED
@@ -4,9 +4,13 @@ require "rhino/version"
4
4
  require "rhino/configuration"
5
5
  require "rhino/auth_rejected"
6
6
  require "rhino/scope_not_allowed_error"
7
+ require "rhino/missing_tenant_context"
7
8
  require "rhino/auth_hooks"
8
9
  require "rhino/group_membership"
9
10
  require "rhino/resource_scope"
11
+ require "rhino/scopes_to_organization"
12
+ require "rhino/context"
13
+ require "rhino/query"
10
14
  require "rhino/routing/domain_constraint"
11
15
  require "rhino/routing/route_group_validator"
12
16
  require "rhino/middleware/resolve_organization_from_route"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rhino-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.4.0
4
+ version: 4.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bruno Cipolla
@@ -216,6 +216,7 @@ files:
216
216
  - lib/rhino/concerns/has_validation.rb
217
217
  - lib/rhino/concerns/hidable_columns.rb
218
218
  - lib/rhino/configuration.rb
219
+ - lib/rhino/context.rb
219
220
  - lib/rhino/controllers/auth_controller.rb
220
221
  - lib/rhino/controllers/invitations_controller.rb
221
222
  - lib/rhino/controllers/resources_controller.rb
@@ -223,12 +224,14 @@ files:
223
224
  - lib/rhino/group_membership.rb
224
225
  - lib/rhino/mailers/invitation_mailer.rb
225
226
  - lib/rhino/middleware/resolve_organization_from_route.rb
227
+ - lib/rhino/missing_tenant_context.rb
226
228
  - lib/rhino/models/audit_log.rb
227
229
  - lib/rhino/models/organization_invitation.rb
228
230
  - lib/rhino/models/rhino_model.rb
229
231
  - lib/rhino/permissions_migrator.rb
230
232
  - lib/rhino/policies/invitation_policy.rb
231
233
  - lib/rhino/policies/resource_policy.rb
234
+ - lib/rhino/query.rb
232
235
  - lib/rhino/query_builder.rb
233
236
  - lib/rhino/railtie.rb
234
237
  - lib/rhino/resource_scope.rb
@@ -236,6 +239,7 @@ files:
236
239
  - lib/rhino/routing/domain_constraint.rb
237
240
  - lib/rhino/routing/route_group_validator.rb
238
241
  - lib/rhino/scope_not_allowed_error.rb
242
+ - lib/rhino/scopes_to_organization.rb
239
243
  - lib/rhino/tasks/rhino.rake
240
244
  - lib/rhino/templates/audit_trail/create_audit_logs.rb.erb
241
245
  - lib/rhino/templates/generate/factory.rb.erb