rokku 0.5.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e35f55f5d2b9be912f462bbd1abda316f5abe55c9e58d5dc27e99c7933004427
-  data.tar.gz: 1f16e58528cec63db8e6903761256df1ae19149a96610ea49cb201e5d4605dcd
+  metadata.gz: de9fd9e92bfea55153e2a5cc08a19f6c9f1e6a6e8955ff5f6949cbe3bf689bb2
+  data.tar.gz: be746224f675cdbe8bbc2058ab7d1fcf1c18c9d04a9a5ef2557060ed3fdfcad5
 SHA512:
-  metadata.gz: 6dbd48399c45dc6dd02c679a3f3a529bcd1ac84e165efb2379397646c92e4b30c8091ae8dd7ed2c03bd29c73377b4b6a5587ebef1b12950a6893dbe23e54f7da
-  data.tar.gz: 5c898ad4c83a58a253056f3612c041c45b3ab9f6242c2e5da144602ef6ff3536487ef5b09997db7fcd0d8afa597112723b08ef1c0c1b2d3361ac835c34d8177f
+  metadata.gz: f1f9f9c33fa1b2c888380a4034eaa3473d25d7b30cbc55c9bbd627bcbcedbdb8af5d7ae63e6fa4e4429f6854cd22315eedff9dce7ff7b5f5caee910c5846ae8f
+  data.tar.gz: 0ad532c9440192d8a6a804a6a9d367674a85770cb286a3d343f09fa84f84747396a95c1f92d5cb9a663db3c8d1187cd15b1100ffb85a150340f93ee588a63de3

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rokku (0.5.0)
+    rokku (0.7.0)
       hanami-controller (~> 1.0)
       hanami-router (~> 1.0)
 

data/README.md

@@ -1,6 +1,6 @@
 # Rokku
 
-[![Join the chat at https://gitter.im/sebastjan-hribar/rokku](https://badges.gitter.im/sebastjan-hribar/rokku.svg)](https://gitter.im/sebastjan-hribar/rokku?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Gem Version](https://badge.fury.io/rb/rokku.svg)](https://badge.fury.io/rb/rokku) [![Build Status](https://travis-ci.org/sebastjan-hribar/rokku.svg?branch=master)](https://travis-ci.org/sebastjan-hribar/rokku)
+[![Join the chat at https://gitter.im/sebastjan-hribar/rokku](https://badges.gitter.im/sebastjan-hribar/rokku.svg)](https://gitter.im/sebastjan-hribar/rokku?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Gem Version](https://badge.fury.io/rb/rokku.svg)](https://badge.fury.io/rb/rokku)
 
 Rokku (ロック - lock) offers authorization for [Hanami web applications](http://hanamirb.org/).
 
@@ -36,6 +36,12 @@ end
 
 ## Usage
 
+### Role based authorization
+
+#### Prerequisites
+The current user must be stored in the `@user` variable and must have the attribute of `roles`. Rokku supports `roles` both as a type of `Array` and `String`.
+For example, the `@user.roles` could either be a simple string like 'admin' or an array of roles like `['level_1', 'level_2', 'level_3']`.
+
 ```ruby
 rokku -n mightyPoster -p post
 ```
@@ -46,25 +52,46 @@ Each application will have its own `app/policies` folders.
 **The command must be run in the project root folder.**
 
 Once the file is generated, the authorized roles variables in the initialize block for required actions need to be uncommented and supplied with specific roles.
-
-Then we can check if a user is authorized:
+For example:
 
 ```ruby
-authorized?(controller, role, action)
+# @authorized_roles_for_show = []
+# @authorized_roles_for_index = []
+# @authorized_roles_for_edit = []
+@authorized_roles_for_update = ['admin']
 ```
 
+Then we can check if a user is authorized for the `mightyPoster` application, `Post` controller and `Update`action.
 
-### ToDo
+```ruby
+authorized?("mightyposter", "post", "update")
+```
 
-- Add support for author/owner authorizations.
-- Add generators for adding authorization rules to existing policies.
+A complete example of using Rokku in a Hanami 1.3 applications is available [here](https://sebastjan-hribar.github.io/programming/2022/01/08/rokku-with-hanami.html).
 
 
 ### Changelog
 
+#### 0.7.0
+
+* Policies are now scoped under application module so it is possible to have two `Dashboard` policies for two different applications.
+* Readme update.
+
+#### 0.6.0
+
+* Change to accept a string or an array as roles.
+* Refactored tests.
+* Added `commands.rb`to `bin/rokku`.
+* Small style changes.
+
+#### 0.5.1
+
+* Readme update
+* Refactored tests
+
 #### 0.5.0
 
-Move from Tachiban
+* Move from Tachiban
 
 
 ## Development

data/bin/rokku

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative "../lib/rokku/commands/commands.rb"
+
+Commands.run

data/lib/rokku/commands/commands.rb

@@ -1,41 +1,107 @@
-#!/usr/bin/env ruby
 require 'optparse'
-require_relative "../policy_generator/policy_generator.rb"
+require 'fileutils'
 
-options = {}
-optparse = OptionParser.new do |opts|
-  opts.banner = "\nHanami authorization policy generator
-Usage: rokku -n myapp -p user
-Flags:
-\n"
+module Commands
+  def self.run
+    options = {}
+    optparse = OptionParser.new do |opts|
+      opts.banner = "\nHanami authorization policy generator
+    Usage: rokku -n myapp -p user
+    Flags:
+    \n"
 
-  opts.on("-n", "--app_name APP", "Specify the application name for the policy") do |app_name|
-    options[:app_name] = app_name
-  end
+      opts.on("-n", "--app_name APP", "Specify the application name for the policy") do |app_name|
+        options[:app_name] = app_name
+      end
 
-  opts.on("-p", "--policy POLICY", "Specify the policy name") do |policy|
-    options[:policy] = policy
-  end
+      opts.on("-p", "--policy POLICY", "Specify the policy name") do |policy|
+        options[:policy] = policy
+      end
+
+      opts.on("-h", "--help", "Displays help") do
+        puts opts
+        exit
+      end
+    end
+
+    begin
+      optparse.parse!
+      puts "Add flag -h or --help to see usage instructions." if options.empty?
+      mandatory = [:app_name, :policy]
+      missing = mandatory.select{ |arg| options[arg].nil? }
+      unless missing.empty?
+        raise OptionParser::MissingArgument.new(missing.join(', '))
+      end
+    rescue OptionParser::InvalidOption, OptionParser::MissingArgument
+      puts $!.to_s
+      puts optparse
+      exit
+    end
 
-  opts.on("-h", "--help", "Displays help") do
-    puts opts
-    exit
+    puts "Performing task with options: #{options.inspect}"
+    generate_policy("#{options[:app_name]}", "#{options[:policy]}") if options[:policy]
   end
-end
 
-begin
-  optparse.parse!
-  puts "Add flag -h or --help to see usage instructions." if options.empty?
-  mandatory = [:app_name, :policy]
-  missing = mandatory.select{ |arg| options[arg].nil? }
-  unless missing.empty?
-    raise OptionParser::MissingArgument.new(missing.join(', '))
+  private
+  # The generate_policy method creates the policy file for specified
+  # application and controller. By default all actions to check against
+  # are commented out.
+  # Uncomment the needed actions and define appropriate user roles.
+
+  def self.generate_policy(app_name, controller_name)
+    app_name = app_name.downcase.capitalize
+    controller = controller_name.downcase.capitalize
+    policy_txt = <<-TXT
+    module #{app_name}
+      class #{controller}Policy
+        def initialize(roles)
+          @user_roles = roles
+          # Uncomment the required roles and add the
+          # appropriate user role to the @authorized_roles* array.
+          # @authorized_roles_for_new = []
+          # @authorized_roles_for_create = []
+          # @authorized_roles_for_show = []
+          # @authorized_roles_for_index = []
+          # @authorized_roles_for_edit = []
+          # @authorized_roles_for_update = []
+          # @authorized_roles_for_destroy = []
+        end
+
+        def new?
+          (@authorized_roles_for_new & @user_roles).any?
+        end
+
+        def create?
+          (@authorized_roles_for_create & @user_roles).any?
+        end
+
+        def show?
+          (@authorized_roles_for_show & @user_roles).any?
+        end
+
+        def index?
+          (@authorized_roles_for_index & @user_roles).any?
+        end
+
+        def edit?
+          (@authorized_roles_for_edit & @user_roles).any?
+        end
+
+        def update?
+          (@authorized_roles_for_update & @user_roles).any?
+        end
+
+        def destroy?
+          (@authorized_roles_for_destroy & @user_roles).any?
+        end
+      end
+    end
+    TXT
+
+    FileUtils.mkdir_p "lib/#{app_name.downcase}/policies" unless File.directory?("lib/#{app_name.downcase}/policies")
+    unless File.file?("lib/#{app_name.downcase}/policies/#{controller}Policy.rb")
+      File.open("lib/#{app_name.downcase}/policies/#{controller}Policy.rb", 'w') { |file| file.write(policy_txt) }
+    end
+    puts("Generated policy: lib/#{app_name.downcase}/policies/#{controller}Policy.rb") if File.file?("lib/#{app_name.downcase}/policies/#{controller}Policy.rb")
   end
-rescue OptionParser::InvalidOption, OptionParser::MissingArgument
-  puts $!.to_s
-  puts optparse
-  exit
 end
-
-puts "Performing task with options: #{options.inspect}"
-generate_policy("#{options[:app_name]}", "#{options[:policy]}") if options[:policy]

data/lib/rokku/version.rb

@@ -1,3 +1,3 @@
 module Rokku
-  VERSION = "0.5.0"
+  VERSION = "0.7.0"
 end

data/lib/rokku.rb

@@ -10,10 +10,17 @@ module Hanami
     # and permission to access the action. It returns true or false and
     # provides the basis for further actions in either case.
     #
-    # Example: redirect_to "/" unless authorized?("PostController", "admin", "create")
+    # Example: redirect_to "/" unless authorized?("post", create")
 
-    def authorized?(controller, role, action)
-      Object.const_get(controller.downcase.capitalize + "Policy").new(role).send("#{action.downcase}?")
+    def authorized?(application, controller, action)
+      input_roles = @user.roles
+      roles = []
+      if input_roles.class == String
+        roles << input_roles
+      else
+        roles = input_roles
+      end
+      Object.const_get("#{application}::#{controller.downcase.capitalize}Policy").new(roles).send("#{action.downcase}?")
     end
   end
 end

data/rokku.gemspec

@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
   spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.bindir        = "bin"
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
   spec.add_development_dependency "bundler", "~> 2.0"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rokku
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Sebastjan Hribar
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2020-11-22 00:00:00.000000000 Z
+date: 2022-01-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -125,7 +125,10 @@ dependencies:
 description: 
 email:
 - sebastjan.hribar@gmail.com
-executables: []
+executables:
+- console
+- rokku
+- setup
 extensions: []
 extra_rdoc_files: []
 files:
@@ -138,10 +141,10 @@ files:
 - README.md
 - Rakefile
 - bin/console
+- bin/rokku
 - bin/setup
 - lib/rokku.rb
 - lib/rokku/commands/commands.rb
-- lib/rokku/policy_generator/policy_generator.rb
 - lib/rokku/version.rb
 - rokku.gemspec
 homepage: https://github.com/sebastjan-hribar/rokku

data/lib/rokku/policy_generator/policy_generator.rb

@@ -1,62 +0,0 @@
-require 'fileutils'
-
-require 'hanami/controller'
-require 'hanami/action/session'
-
-module Hanami
-  module Rokku
-    private
-# The generate_policy method creates the policy file for specified
-# application and controller. By default all actions to check against
-# are commented out.
-# Uncomment the needed actions and define appropriate user role.
-
-def generate_policy(app_name, controller_name)
-  app_name = app_name
-  controller = controller_name.downcase.capitalize
-  policy_txt = <<-TXT
-    class #{controller}Policy
-      def initialize(role)
-        @user_role = role
-        # Uncomment the required roles and add the
-        # appropriate user role to the @authorized_roles* array.
-        # @authorized_roles_for_new = []
-        # @authorized_roles_for_create = []
-        # @authorized_roles_for_show = []
-        # @authorized_roles_for_index = []
-        # @authorized_roles_for_edit = []
-        # @authorized_roles_for_update = []
-        # @authorized_roles_for_destroy = []
-      end
-      def new?
-        @authorized_roles_for_new.include? @user_role
-      end
-      def create?
-        @authorized_roles_for_create.include? @user_role
-      end
-      def show?
-        @authorized_roles_for_show.include? @user_role
-      end
-      def index?
-        @authorized_roles_for_index.include? @user_role
-      end
-      def edit?
-        @authorized_roles_for_edit.include? @user_role
-      end
-      def update?
-        @authorized_roles_for_update.include? @user_role
-      end
-      def destroy?
-        @authorized_roles_for_destroy.include? @user_role
-      end
-    end
-    TXT
-
-  FileUtils.mkdir_p "lib/#{app_name}/policies" unless File.directory?("lib/#{app_name}/policies")
-  unless File.file?("lib/#{app_name}/policies/#{controller}Policy.rb")
-    File.open("lib/#{app_name}/policies/#{controller}Policy.rb", 'w') { |file| file.write(policy_txt) }
-  end
-  puts("Generated policy: lib/#{app_name}/policies/#{controller}Policy.rb") if File.file?("lib/#{app_name}/policies/#{controller}Policy.rb")
-end
-  end
-end