rls_multi_tenant 0.2.2 → 0.2.3

data/lib/rls_multi_tenant/generators/setup/setup_generator.rb

@@ -7,132 +7,68 @@ module RlsMultiTenant
   module Generators
     class SetupGenerator < Rails::Generators::Base
       include Shared::TemplateHelper
-      
-      source_root File.expand_path("templates", __dir__)
 
-      desc "Setup RLS Multi-tenant gem with tenant model and migrations"
+      source_root File.expand_path('templates', __dir__)
+
+      desc 'Setup RLS Multi-tenant gem with tenant model and migrations'
 
       def create_tenant_model
         tenant_class_name = RlsMultiTenant.tenant_class_name
         tenant_file_path = "app/models/#{tenant_class_name.underscore}.rb"
-        
-        unless File.exist?(File.join(destination_root, tenant_file_path))
-          template "tenant_model.rb", tenant_file_path
-        else
+
+        if File.exist?(File.join(destination_root, tenant_file_path))
           say "#{tenant_class_name} model already exists, skipping creation", :yellow
+        else
+          template 'tenant_model.rb', tenant_file_path
         end
       end
 
       def create_uuid_migration
-        unless Dir.glob(File.join(destination_root, "db/migrate/*_enable_uuid_extension.rb")).any?
-          create_migration_with_timestamp("enable_uuid", 1)
+        if Dir.glob(File.join(destination_root, 'db/migrate/*_enable_uuid_extension.rb')).any?
+          say 'UUID extension migration already exists, skipping creation', :yellow
         else
-          say "UUID extension migration already exists, skipping creation", :yellow
+          create_migration_with_timestamp('enable_uuid', 1)
         end
       end
 
-      def create_app_user_migration
-        create_app_user_migrations_for_all_databases
-      end
-
       def create_tenant_migration
         tenant_class_name = RlsMultiTenant.tenant_class_name
         migration_pattern = "*_create_#{tenant_class_name.underscore.pluralize}.rb"
-        
-        unless Dir.glob(File.join(destination_root, "db/migrate/#{migration_pattern}")).any?
-          create_migration_with_timestamp("create_tenant", 3)
-        else
+
+        if Dir.glob(File.join(destination_root, "db/migrate/#{migration_pattern}")).any?
           say "#{tenant_class_name} migration already exists, skipping creation", :yellow
+        else
+          create_migration_with_timestamp('create_tenant', 3)
         end
       end
 
       def show_instructions
         tenant_class_name = RlsMultiTenant.tenant_class_name
-        say "\n" + "="*60, :green
-        say "RLS Multi-tenant setup completed successfully!", :green
-        say "="*60, :green
+        say "\n#{'=' * 60}", :green
+        say 'RLS Multi-tenant setup completed successfully!', :green
+        say '=' * 60, :green
         say "\nCreated:", :yellow
         say "• #{tenant_class_name} model", :green
-        say "• UUID extension migration", :green
-        say "• App user migration(s)", :green
+        say '• UUID extension migration', :green
         say "• #{tenant_class_name} migration", :green
         say "\nNext steps:", :yellow
-        say "1. Make sure to use the POSTGRES_APP_USER in your database.yml.", :yellow
-        say "\n2. Run the migrations with admin privileges:\n", :yellow
-        say "   rails db_as:admin[migrate]", :yellow
-        say "   Note: We must use the admin user because the app user doesn't have migration privileges", :yellow
-        say "\n3. Use 'rails generate rls_multi_tenant:model' for new multi-tenant models", :yellow
-        say "="*60, :green
+        say "\n1. Use 'rails generate rls_multi_tenant:model <model_name>' for new multi-tenant models", :yellow
+        say '=' * 60, :green
       end
 
       private
 
-      def create_app_user_migrations_for_all_databases
-        # Get database configuration for current environment
-        db_config = Rails.application.config.database_configuration[Rails.env]
-        
-        # Handle both single database and multiple databases configuration
-        databases_to_process = if db_config.is_a?(Hash) && db_config.key?('primary')
-          # Multiple databases configuration
-          db_config
-        else
-          # Single database configuration - treat as primary
-          { 'primary' => db_config }
-        end
-
-        databases_to_process.each do |db_name, config|
-          next if db_name == 'primary' # Skip primary database, handle it separately
-          
-          # Check if migrations_paths is defined for this database
-          if config['migrations_paths']
-            migration_paths = Array(config['migrations_paths'])
-            migration_paths.each do |migration_path|
-              migration_dir = File.join(destination_root, migration_path)
-              
-              # Check if migration already exists in this path
-              unless Dir.glob(File.join(migration_dir, "*_create_app_user.rb")).any?
-                FileUtils.mkdir_p(migration_dir) unless File.directory?(migration_dir)
-                create_migration_with_timestamp_for_path("create_app_user", 2, migration_path)
-                say "Created app user migration for #{db_name} in #{migration_path}", :green
-              else
-                say "App user migration already exists for #{db_name} in #{migration_path}, skipping creation", :yellow
-              end
-            end
-          else
-            say "No migrations_paths defined for database '#{db_name}', skipping app user migration", :yellow
-          end
-        end
-
-        # Handle primary database (default behavior)
-        unless Dir.glob(File.join(destination_root, "db/migrate/*_create_app_user.rb")).any?
-          create_migration_with_timestamp("create_app_user", 2)
-        else
-          say "App user migration already exists for primary database, skipping creation", :yellow
-        end
-      end
-
       def create_migration_with_timestamp(migration_type, order)
-        base_timestamp = Time.current.strftime("%Y%m%d%H%M")
-        timestamp = "#{base_timestamp}#{sprintf('%02d', order)}"
-        
-        case migration_type
-        when "enable_uuid"
-          render_shared_template "enable_uuid_extension.rb", "db/migrate/#{timestamp}_enable_uuid_extension.rb"
-        when "create_app_user"
-          render_shared_template "create_app_user.rb", "db/migrate/#{timestamp}_create_app_user.rb"
-        when "create_tenant"
-          tenant_class_name = RlsMultiTenant.tenant_class_name
-          render_shared_template "create_tenant.rb", "db/migrate/#{timestamp}_create_#{tenant_class_name.underscore.pluralize}.rb"
-        end
-      end
+        base_timestamp = Time.current.strftime('%Y%m%d%H%M')
+        timestamp = "#{base_timestamp}#{format('%02d', order)}"
 
-      def create_migration_with_timestamp_for_path(migration_type, order, migration_path)
-        base_timestamp = Time.current.strftime("%Y%m%d%H%M")
-        timestamp = "#{base_timestamp}#{sprintf('%02d', order)}"
-        
         case migration_type
-        when "create_app_user"
-          render_shared_template "create_app_user.rb", "#{migration_path}/#{timestamp}_create_app_user.rb"
+        when 'enable_uuid'
+          render_shared_template 'enable_uuid_extension.rb', "db/migrate/#{timestamp}_enable_uuid_extension.rb"
+        when 'create_tenant'
+          tenant_class_name = RlsMultiTenant.tenant_class_name
+          render_shared_template 'create_tenant.rb',
+                                 "db/migrate/#{timestamp}_create_#{tenant_class_name.underscore.pluralize}.rb"
         end
       end
     end

data/lib/rls_multi_tenant/generators/shared/template_helper.rb

@@ -9,7 +9,7 @@ module RlsMultiTenant
         private
 
         def shared_template_path
-          File.expand_path("templates", File.dirname(__FILE__))
+          File.expand_path('templates', File.dirname(__FILE__))
         end
 
         def copy_shared_template(template_name, destination_path)

data/lib/rls_multi_tenant/middleware/subdomain_tenant_selector.rb

@@ -10,10 +10,12 @@ module RlsMultiTenant
       def call(env)
         request = ActionDispatch::Request.new(env)
         tenant = resolve_tenant_from_subdomain(request)
-        
+
         if tenant
           # Switch tenant context for the duration of the request
-          Rails.logger.info "[RLS Multi-Tenant] #{request.method} #{request.path} -> Tenant: #{tenant.name} (#{tenant.id})" if defined?(Rails)
+          if defined?(Rails)
+            Rails.logger.info "[RLS Multi-Tenant] #{request.method} #{request.path} -> Tenant: #{tenant.name} (#{tenant.id})"
+          end
           RlsMultiTenant.tenant_class.switch(tenant) do
             @app.call(env)
           end
@@ -22,12 +24,17 @@ module RlsMultiTenant
           subdomain = extract_subdomain(request.host)
           if subdomain.present? && subdomain != 'www'
             # Subdomain exists but no tenant found - this is an error
-            Rails.logger.warn "[RLS Multi-Tenant] #{request.method} #{request.path} -> No tenant found for subdomain '#{subdomain}'" if defined?(Rails)
-            raise RlsMultiTenant::Error, "No tenant found for subdomain '#{subdomain}'. Please ensure the tenant exists with the correct subdomain."
+            if defined?(Rails)
+              Rails.logger.warn "[RLS Multi-Tenant] #{request.method} #{request.path} -> No tenant found for subdomain '#{subdomain}'"
+            end
+            raise RlsMultiTenant::Error,
+                  "No tenant found for subdomain '#{subdomain}'. Please ensure the tenant exists with the correct subdomain."
           end
           # If no subdomain, allow access to public models (models without TenantContext)
           # Models that include TenantContext will automatically be constrained by RLS
-          Rails.logger.info "[RLS Multi-Tenant] #{request.method} #{request.path} -> Public access (no subdomain)" if defined?(Rails)
+          if defined?(Rails)
+            Rails.logger.info "[RLS Multi-Tenant] #{request.method} #{request.path} -> Public access (no subdomain)"
+          end
           @app.call(env)
         end
       end
@@ -41,37 +48,35 @@ module RlsMultiTenant
         # Look up tenant by subdomain only
         tenant_class = RlsMultiTenant.tenant_class
         subdomain_field = RlsMultiTenant.subdomain_field
-        
+
         # Only allow subdomain-based lookup
         unless tenant_class.column_names.include?(subdomain_field.to_s)
-          raise RlsMultiTenant::ConfigurationError, 
+          raise RlsMultiTenant::ConfigurationError,
                 "Subdomain field '#{subdomain_field}' not found on #{tenant_class.name}. " \
                 "Please add a '#{subdomain_field}' column to your tenant model or configure a different subdomain_field."
         end
-        
+
         tenant_class.find_by(subdomain_field => subdomain)
-      rescue => e
+      rescue StandardError => e
         Rails.logger.error "Failed to resolve tenant from subdomain '#{subdomain}': #{e.message}" if defined?(Rails)
         nil
       end
 
       def extract_subdomain(host)
         return nil if host.blank?
-        
+
         # Remove port if present
         host = host.split(':').first
-        
+
         # Split by dots and get the first part (subdomain)
         parts = host.split('.')
-        
+
         # Handle localhost development (e.g., foo.localhost:3000)
         if parts.length == 2 && parts.last == 'localhost'
           parts.first
         # Handle standard domains (e.g., foo.example.com)
         elsif parts.length >= 3
           parts.first
-        else
-          nil
         end
       end
     end

data/lib/rls_multi_tenant/railtie.rb

@@ -3,39 +3,34 @@
 module RlsMultiTenant
   class Railtie < Rails::Railtie
     # Load generators after Rails is fully initialized
-    initializer "rls_multi_tenant.load_generators", after: :set_routes_reloader do |app|
-      require "rls_multi_tenant/generators/install/install_generator"
-      require "rls_multi_tenant/generators/setup/setup_generator"
-      require "rls_multi_tenant/generators/migration/migration_generator"
-      require "rls_multi_tenant/generators/model/model_generator"
-      require "rls_multi_tenant/generators/task/task_generator"
+    initializer 'rls_multi_tenant.load_generators', after: :set_routes_reloader do |_app|
+      require 'rls_multi_tenant/generators/install/install_generator'
+      require 'rls_multi_tenant/generators/setup/setup_generator'
+      require 'rls_multi_tenant/generators/migration/migration_generator'
+      require 'rls_multi_tenant/generators/model/model_generator'
     end
 
-    initializer "rls_multi_tenant.configure" do |app|
+    initializer 'rls_multi_tenant.configure' do |_app|
       # Configure the gem
       RlsMultiTenant.configure do |config|
-        config.tenant_class_name = "Tenant"
+        config.tenant_class_name = 'Tenant'
         config.tenant_id_column = :tenant_id
-        config.app_user_env_var = "POSTGRES_APP_USER"
         config.enable_security_validation = true
       end
     end
 
-    initializer "rls_multi_tenant.security_validation", after: :load_config_initializers do |app|
+    initializer 'rls_multi_tenant.security_validation', after: :load_config_initializers do |app|
       if RlsMultiTenant.enable_security_validation
         app.config.after_initialize do
-          begin
-            RlsMultiTenant::SecurityValidator.validate_environment!
-            RlsMultiTenant::SecurityValidator.validate_database_user!
-          rescue => e
-            Rails.logger.error "RLS Multi-tenant initialization failed: #{e.message}"
-            raise e
-          end
+          RlsMultiTenant::SecurityValidator.validate_database_user!
+        rescue StandardError => e
+          Rails.logger.error "RLS Multi-tenant initialization failed: #{e.message}"
+          raise e
         end
       end
     end
 
-    initializer "rls_multi_tenant.middleware", after: :load_config_initializers do |app|
+    initializer 'rls_multi_tenant.middleware', after: :load_config_initializers do |app|
       if RlsMultiTenant.enable_subdomain_middleware
         app.config.middleware.use RlsMultiTenant::Middleware::SubdomainTenantSelector
       end

data/lib/rls_multi_tenant/rls_helper.rb

@@ -4,46 +4,32 @@ module RlsMultiTenant
   module RlsHelper
     class << self
       # Enable RLS on a table with a policy
-      def enable_rls_for_table(table_name, tenant_column: RlsMultiTenant.tenant_id_column, app_user: nil)
-        app_user ||= ENV[RlsMultiTenant.app_user_env_var]
-        
-        raise ConfigurationError, "App user not configured" if app_user.blank?
-
+      def enable_rls_for_table(table_name, tenant_column: RlsMultiTenant.tenant_id_column)
         # Enable RLS
-        ActiveRecord::Base.connection.execute("ALTER TABLE #{table_name} ENABLE ROW LEVEL SECURITY")
-        
+        ActiveRecord::Base.connection.execute("ALTER TABLE #{table_name} ENABLE ROW LEVEL SECURITY, FORCE ROW LEVEL SECURITY")
+
         # Create policy (drop if exists first)
         policy_name = "#{table_name}_app_user"
         ActiveRecord::Base.connection.execute("DROP POLICY IF EXISTS #{policy_name} ON #{table_name}")
-        
+
         tenant_session_var = "rls.#{RlsMultiTenant.tenant_id_column}"
-        policy_sql = "CREATE POLICY #{policy_name} ON #{table_name} TO #{app_user} " \
-                    "USING (#{tenant_column} = NULLIF(current_setting('#{tenant_session_var}', TRUE), '')::uuid)"
-        
+        policy_sql = "CREATE POLICY #{policy_name} ON #{table_name} " \
+                     "USING (#{tenant_column} = NULLIF(current_setting('#{tenant_session_var}', TRUE), '')::uuid)"
+
         ActiveRecord::Base.connection.execute(policy_sql)
-        
-        # Grant permissions
-        ActiveRecord::Base.connection.execute("GRANT SELECT, INSERT, UPDATE, DELETE ON #{table_name} TO #{app_user}")
-        
+
         Rails.logger&.info "✅ RLS enabled for table #{table_name} with policy #{policy_name}"
       end
 
       # Disable RLS on a table
-      def disable_rls_for_table(table_name, app_user: nil)
-        app_user ||= ENV[RlsMultiTenant.app_user_env_var]
-        
-        raise ConfigurationError, "App user not configured" if app_user.blank?
-
-        # Revoke permissions
-        ActiveRecord::Base.connection.execute("REVOKE SELECT, INSERT, UPDATE, DELETE ON #{table_name} FROM #{app_user}")
-        
+      def disable_rls_for_table(table_name)
         # Drop policy
         policy_name = "#{table_name}_app_user"
         ActiveRecord::Base.connection.execute("DROP POLICY IF EXISTS #{policy_name} ON #{table_name}")
-        
+
         # Disable RLS
-        ActiveRecord::Base.connection.execute("ALTER TABLE #{table_name} DISABLE ROW LEVEL SECURITY")
-        
+        ActiveRecord::Base.connection.execute("ALTER TABLE #{table_name} DISABLE ROW LEVEL SECURITY, NO FORCE ROW LEVEL SECURITY")
+
         Rails.logger&.info "✅ RLS disabled for table #{table_name}"
       end
 
@@ -52,8 +38,8 @@ module RlsMultiTenant
         result = ActiveRecord::Base.connection.execute(
           "SELECT relrowsecurity FROM pg_class WHERE relname = '#{table_name}'"
         ).first
-        
-        result&.dig('relrowsecurity') == true
+
+        result&.dig('relrowsecurity') == true && result&.dig('relforcerowsecurity') == true
       end
 
       # Get all RLS policies for a table

data/lib/rls_multi_tenant/rls_multi_tenant.rb

@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
-require "rls_multi_tenant/version"
-require "rls_multi_tenant/concerns/multi_tenant"
-require "rls_multi_tenant/concerns/tenant_context"
-require "rls_multi_tenant/security_validator"
-require "rls_multi_tenant/rls_helper"
-require "rls_multi_tenant/railtie" if defined?(Rails)
+require 'rls_multi_tenant/version'
+require 'rls_multi_tenant/concerns/multi_tenant'
+require 'rls_multi_tenant/concerns/tenant_context'
+require 'rls_multi_tenant/security_validator'
+require 'rls_multi_tenant/rls_helper'
+require 'rls_multi_tenant/railtie' if defined?(Rails)
 
 module RlsMultiTenant
   class Error < StandardError; end
@@ -14,7 +14,8 @@ module RlsMultiTenant
 
   # Configuration options
   class << self
-    attr_accessor :tenant_class_name, :tenant_id_column, :app_user_env_var, :enable_security_validation
+    attr_accessor :tenant_class_name, :tenant_id_column, :enable_security_validation, :enable_subdomain_middleware,
+                  :subdomain_field
 
     def configure
       yield self
@@ -28,18 +29,23 @@ module RlsMultiTenant
       @tenant_id_column ||= :tenant_id
     end
 
-    def app_user_env_var
-      @app_user_env_var ||= "POSTGRES_APP_USER"
+    def enable_security_validation
+      @enable_security_validation.nil? || @enable_security_validation
     end
 
-    def enable_security_validation
-      @enable_security_validation.nil? ? true : @enable_security_validation
+    def enable_subdomain_middleware
+      @enable_subdomain_middleware.nil? ? false : @enable_subdomain_middleware
+    end
+
+    def subdomain_field
+      @subdomain_field ||= :subdomain
     end
   end
 
   # Default configuration
-  self.tenant_class_name = "Tenant"
+  self.tenant_class_name = 'Tenant'
   self.tenant_id_column = :tenant_id
-  self.app_user_env_var = "POSTGRES_APP_USER"
   self.enable_security_validation = true
+  self.enable_subdomain_middleware = true
+  self.subdomain_field = :subdomain
 end

data/lib/rls_multi_tenant/security_validator.rb

@@ -5,59 +5,29 @@ module RlsMultiTenant
     class << self
       def validate_database_user!
         return unless RlsMultiTenant.enable_security_validation
-        return if skip_validation?
 
         begin
           # Get the current database configuration
           db_config = ActiveRecord::Base.connection_db_config
           username = db_config.configuration_hash[:username]
 
-          # Check if the current user has SUPERUSER privileges
-          superuser_check = ActiveRecord::Base.connection.execute(
-            "SELECT rolname, rolsuper FROM pg_roles WHERE rolname = current_user"
+          # Check if the user has bypassrls privilege
+          bypassrls_check = ActiveRecord::Base.connection.execute(
+            "SELECT rolbypassrls FROM pg_roles WHERE rolname = '#{username}'"
           ).first
 
-          if superuser_check && superuser_check['rolsuper']
-            raise SecurityError, "Database user '#{username}' has SUPERUSER privileges. " \
-                                "In order to use RLS Multi-tenant, you must use a non-privileged user without SUPERUSER rights." \
-                                "Did you remember to edit database.yml in order to use the POSTGRES_APP_USER and POSTGRES_APP_PASSWORD?"
+          if bypassrls_check && bypassrls_check['rolbypassrls']
+            raise SecurityError, "Database user '#{username}' has BYPASSRLS privilege. " \
+                                 'In order to use RLS Multi-tenant, you must use a non-privileged user without BYPASSRLS privilege.'
           end
 
           # Log the security check result
-          Rails.logger&.info "✅ RLS Multi-tenant security check passed: Using user '#{username}' without SUPERUSER privileges"
-
-        rescue => e
+          Rails.logger&.info "✅ RLS Multi-tenant security check passed: Using user '#{username}' without BYPASSRLS privilege"
+        rescue StandardError => e
           Rails.logger&.error "❌ RLS Multi-tenant security check failed: #{e.message}"
           raise e
         end
       end
-
-      def validate_environment!
-        return if skip_validation?
-        return unless RlsMultiTenant.enable_security_validation
-        
-        app_user = ENV[RlsMultiTenant.app_user_env_var]
-        
-        if app_user.blank?
-          raise ConfigurationError, "#{RlsMultiTenant.app_user_env_var} environment variable must be set"
-        elsif ["postgres", "root"].include?(app_user)
-          raise SecurityError, "Cannot use privileged PostgreSQL user '#{app_user}'. " \
-                              "In order to use RLS Multi-tenant, you must use a non-privileged user without SUPERUSER rights." \
-                              "Did you remember to edit database.yml in order to use the POSTGRES_APP_USER and POSTGRES_APP_PASSWORD?"
-        end
-      end
-
-      private
-
-      def skip_validation?
-        # Skip validation if we're running an install or setup generator
-        return true if ARGV.any? { |arg| arg.include?('rls_multi_tenant:install') || arg.include?('rls_multi_tenant:setup') }
-        
-        # Skip validation if we're in admin mode (set by db_as:admin task)
-        return true if ENV['RLS_MULTI_TENANT_ADMIN_MODE'] == 'true'
-        
-        false
-      end
     end
   end
 end

data/lib/rls_multi_tenant/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module RlsMultiTenant
-  VERSION = "0.2.2"
+  VERSION = '0.2.3'
 end

data/lib/rls_multi_tenant.rb

@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
-require "rls_multi_tenant/version"
-require "rls_multi_tenant/concerns/multi_tenant"
-require "rls_multi_tenant/concerns/tenant_context"
-require "rls_multi_tenant/security_validator"
-require "rls_multi_tenant/rls_helper"
-require "rls_multi_tenant/middleware/subdomain_tenant_selector"
-require "rls_multi_tenant/generators/shared/template_helper"
-require "rls_multi_tenant/railtie" if defined?(Rails)
+require 'rls_multi_tenant/version'
+require 'rls_multi_tenant/concerns/multi_tenant'
+require 'rls_multi_tenant/concerns/tenant_context'
+require 'rls_multi_tenant/security_validator'
+require 'rls_multi_tenant/rls_helper'
+require 'rls_multi_tenant/middleware/subdomain_tenant_selector'
+require 'rls_multi_tenant/generators/shared/template_helper'
+require 'rls_multi_tenant/railtie' if defined?(Rails)
 
 module RlsMultiTenant
   class Error < StandardError; end
@@ -16,7 +16,8 @@ module RlsMultiTenant
 
   # Configuration options
   class << self
-    attr_accessor :tenant_class_name, :tenant_id_column, :app_user_env_var, :enable_security_validation, :enable_subdomain_middleware, :subdomain_field
+    attr_accessor :tenant_class_name, :tenant_id_column, :enable_security_validation, :enable_subdomain_middleware,
+                  :subdomain_field
 
     def configure
       yield self
@@ -30,12 +31,8 @@ module RlsMultiTenant
       @tenant_id_column ||= :tenant_id
     end
 
-    def app_user_env_var
-      @app_user_env_var ||= "POSTGRES_APP_USER"
-    end
-
     def enable_security_validation
-      @enable_security_validation.nil? ? true : @enable_security_validation
+      @enable_security_validation.nil? || @enable_security_validation
     end
 
     def enable_subdomain_middleware
@@ -48,9 +45,8 @@ module RlsMultiTenant
   end
 
   # Default configuration
-  self.tenant_class_name = "Tenant"
+  self.tenant_class_name = 'Tenant'
   self.tenant_id_column = :tenant_id
-  self.app_user_env_var = "POSTGRES_APP_USER"
   self.enable_security_validation = true
   self.enable_subdomain_middleware = true
   self.subdomain_field = :subdomain

data/rls_multi_tenant.gemspec

@@ -1,24 +1,25 @@
 # frozen_string_literal: true
 
-require_relative "lib/rls_multi_tenant/version"
+require_relative 'lib/rls_multi_tenant/version'
 
 Gem::Specification.new do |spec|
-  spec.name = "rls_multi_tenant"
+  spec.name = 'rls_multi_tenant'
   spec.version = RlsMultiTenant::VERSION
-  spec.authors = ["Coding Ways"]
-  spec.email = ["info@codingways.com"]
+  spec.authors = ['Coding Ways']
+  spec.email = ['info@codingways.com']
 
-  spec.summary = "Rails gem for PostgreSQL Row Level Security (RLS) multi-tenant applications"
-  spec.description = "A comprehensive gem that provides RLS-based multi-tenancy for Rails applications using PostgreSQL, including automatic tenant context switching, security validations, and migration helpers."
-  spec.homepage = "https://github.com/codingways/rls_multi_tenant"
-  spec.license = "MIT"
-  spec.required_ruby_version = ">= 3.0.0"
+  spec.summary = 'Rails gem for PostgreSQL Row Level Security (RLS) multi-tenant applications'
+  spec.description = 'A comprehensive gem that provides RLS-based multi-tenancy for Rails applications using PostgreSQL, including automatic tenant context switching, security validations, and migration helpers.'
+  spec.homepage = 'https://github.com/codingways/rls_multi_tenant'
+  spec.license = 'MIT'
+  spec.required_ruby_version = '>= 3.0.0'
 
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/codingways/rls_multi_tenant"
-  spec.metadata["changelog_uri"] = "https://github.com/codingways/rls_multi_tenant/blob/main/CHANGELOG.md"
-  spec.metadata["bug_tracker_uri"] = "https://github.com/codingways/rls_multi_tenant/issues"
-  spec.metadata["documentation_uri"] = "https://github.com/codingways/rls_multi_tenant#readme"
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/codingways/rls_multi_tenant'
+  spec.metadata['changelog_uri'] = 'https://github.com/codingways/rls_multi_tenant/blob/main/CHANGELOG.md'
+  spec.metadata['bug_tracker_uri'] = 'https://github.com/codingways/rls_multi_tenant/issues'
+  spec.metadata['documentation_uri'] = 'https://github.com/codingways/rls_multi_tenant#readme'
+  spec.metadata['rubygems_mfa_required'] = 'true'
 
   # Specify which files should be added to the gem when it is released.
   spec.files = Dir.chdir(__dir__) do
@@ -27,20 +28,20 @@ Gem::Specification.new do |spec|
         f.start_with?(*%w[bin/ test/ spec/ features/ .git appveyor Gemfile])
     end
   end
-  spec.bindir = "exe"
+  spec.bindir = 'exe'
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
   # Dependencies
-  spec.add_dependency "rails", ">= 6.0", "< 9.0"
-  spec.add_dependency "pg", ">= 1.0", "< 3.0"
+  spec.add_dependency 'pg', '>= 1.0', '< 3.0'
+  spec.add_dependency 'rails', '>= 6.0', '< 9.0'
 
   # Development dependencies
-  spec.add_development_dependency "rspec-rails", "~> 6.0"
-  spec.add_development_dependency "rubocop", "~> 1.50"
-  spec.add_development_dependency "rubocop-rails", "~> 2.20"
-  spec.add_development_dependency "rubocop-rspec", "~> 2.20"
-  spec.add_development_dependency "simplecov", "~> 0.22"
-  spec.add_development_dependency "generator_spec", "~> 0.9"
-  spec.add_development_dependency "bundler-audit", "~> 0.9"
+  spec.add_development_dependency 'bundler-audit', '~> 0.9'
+  spec.add_development_dependency 'generator_spec', '~> 0.9'
+  spec.add_development_dependency 'rspec-rails', '~> 6.1.0'
+  spec.add_development_dependency 'rubocop', '~> 1.80.0'
+  spec.add_development_dependency 'rubocop-rails', '~> 2.33'
+  spec.add_development_dependency 'rubocop-rspec', '~> 3.7'
+  spec.add_development_dependency 'simplecov', '~> 0.22'
 end