sequel-privacy 0.5.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af7fc02c1fb57d47ba358babdebb3289c2d8eb6ec43d2fce25a2c3477a3f2ccc
-  data.tar.gz: a18b09c73b5b03540d2a74f985d32c99b6b2a090a714346f2c87ef5a2997252c
+  metadata.gz: 2e415c08d25c658e76c101a7c7ccbdbb791ef1f00deb6a81481ada2044a2b779
+  data.tar.gz: 819dfce705006ad300e092650cd2014944989c6bec4baefb6bdd5a0fe1bd6bc1
 SHA512:
-  metadata.gz: 9f46a3f0f253061be75dcd2fb80cf797c1be229d5fd83b1c9f1c86860621dae4536ea60b06df4e38d2d6b1e66f0e90533f0d3a75dddc48be388898ac1d8517d4
-  data.tar.gz: f4aee413ab143a08366b223e2c34d62165c69f1e63871eee400d6f82af3c096266e0646f3b4d3d4649a761c913e2c07cef8f852586f0c535d0af3daf1d02f9a6
+  metadata.gz: b875efc8f711c1403eb90e8ebc6ca5071b325c3e6e7856cc7c43f4dc43f5edb4add75a6081db527d30a184c856719a1461da50a2e6a754567a8a5886567daea8
+  data.tar.gz: b1c2f4a0525b3d4232f4f369d483affbf3bcc84235602d116f2d8a40d80c686e5bd8a677e1367bbc53012b8341a63e787b7d502377b2322f63afdbf5f10518ec

data/README.md

@@ -221,56 +221,34 @@ system, so these VCs give you an escape hatch for things like scripts while also
 You could also create lint rules that prevent the casual creation of these viewer contexts.
 
 ```ruby
+# You can use an omniscient viewer context to load the user from a session
+# or however you store them. Discard this viewer context when you're done with it.
+def current_user 
+  return @current_user if @current_user
+  login_vc = Sequel::Privacy::ViewerContext.omniscient(:login)
+  user = User.for_vc(login_vc)[session_user_id]
+  return nil unless user
+
+  # Attach an ActorVC to the loaded user so that future calls to its fields and 
+  # associations respect privacy .
+  @current_user ||= user.for_vc(Sequel::Privacy::ViewerContext.for_actor(user))
+end
+
+def current_vc
+  current_user&.vc || Sequel::Privacy::ViewerContext.anonymous()
+end
+
 # Standard viewer (most common)
-current_vc = Sequel::Privacy::ViewerContext.for_actor(current_user)
 users_groups = Group.for_vc(current_vc).where(creator: current_user).all
 
-# API-specific (can be distinguished in policies)
-vc = Sequel::Privacy::ViewerContext.for_api_actor(current_user)
-
 # Anonymous viewer (logged-out users)
 logged_out_vc = Sequel::Privacy::ViewerContext.anonymous
 posts = Post.for_vc(logged_out_vc).where(published: true).all
 
-# Omniscient VCs can read any object in the system, but are incapable of writes.
-# Dispose of these ViewerContexts quickly. 
-current_user = Sequel::Privacy::ViewerContext.omniscient(:login).then {|vc| User.for_vc(vc)[authenticated_user_id] }
-current_vc = Sequel::Privacy::ViewerContext.for_actor(current_user)
-
 # All-powerful ViewerContexts dangerously bypass all read and write checks.
 admin_vc = Sequel::Privacy::ViewerContext.all_powerful(:admin_migration)
 ```
 
-### A Note Login & Authenticated Users
-
-If your User or equivalent model is privacy-aware *and* is protected by 
-policies that would complicating fetching (or login), then you will have
-trouble creating a `current_user` for an `ActorVC`.
-
-In both cases you can use an `OmniscientVC` to make your initial User query.
-
-```ruby
-before do
-  if session[:user_id]
-    current_user = Sequel::Privacy::ViewerContext.omniscient(:session).then {|vc| User.for_vc(vc)[session[:user_id]] }
-    current_vc = Sequel::Privacy::ViewerContext.for_actor(current_user)
-  else
-    current_user = nil
-    current_vc = Sequel::Privacy::ViewerContext.anonymous
-  end
-end
-
-post '/auth/password' do
-  user = Sequel::Privacy::ViewerContext.omniscient(:login).then {|vc| User.for_vc(vc).first(email: params[:email]) }  
-  
-  pass unless user
-  pass unless user.password == params[:password]
-  
-  session[:user_id] = user.id
-  redirect '/'
-end
-```
-
 ## Mutation Enforcement
 
 When a viewer context is attached, mutations are automatically checked:

data/lib/sequel/privacy/built_in_policies.rb

@@ -3,10 +3,9 @@
 
 module Sequel
   module Privacy
-    # Built-in policies that ship with the gem.
-    # Applications should define their own policies using PolicyDSL.
     module BuiltInPolicies
-      # Always deny access. Should be the last policy in every chain (fail-secure).
+      # Always deny access. You should specify this policy at the end of every chain, but the framework
+      # currently appends it. This could change; I'm not sure about this yet.
       AlwaysDeny = Policy.create(
         :AlwaysDeny,
         -> { :deny },
@@ -14,7 +13,6 @@ module Sequel
         cacheable: true
       )
 
-      # Always allow access. Use sparingly.
       AlwaysAllow = Policy.create(
         :AlwaysAllow,
         -> { :allow },

data/lib/sequel/privacy/cache.rb

@@ -8,7 +8,6 @@ module Sequel
     class << self
       extend T::Sig
 
-      # Returns the in-memory cache Hash for policy results.
       sig { returns(T::Hash[Integer, Symbol]) }
       def cache
         @cache ||= T.let({}, T.nilable(T::Hash[Integer, Symbol]))

data/lib/sequel/privacy/enforcer.rb

@@ -3,8 +3,6 @@
 
 module Sequel
   module Privacy
-    # The Enforcer evaluates policy chains to determine if an action is allowed.
-    # It handles caching, single-match optimization, and policy combinators.
     module Enforcer
       extend T::Sig
 
@@ -138,9 +136,7 @@ module Sequel
         ).returns(Symbol)
       end
       def self.evaluate_child_policies(child_policies, subject, actor, viewer_context, direct_object)
-        unless child_policies.all? { |c| c.is_a?(Proc) }
-          Kernel.raise "Policy combinator contains non-policy members"
-        end
+        Kernel.raise 'Policy combinator contains non-policy members' unless child_policies.all? { |c| c.is_a?(Proc) }
 
         results = child_policies.map do |child_policy|
           policy_result(child_policy, subject, actor, viewer_context, direct_object)
@@ -190,14 +186,10 @@ module Sequel
         result ||= :pass
 
         # Handle combinator results
-        if result.is_a?(Array)
-          result = evaluate_child_policies(result, subject, actor, viewer_context, direct_object)
-        end
+        result = evaluate_child_policies(result, subject, actor, viewer_context, direct_object) if result.is_a?(Array)
 
         # Cache result
-        if policy.cacheable? && !from_cache
-          Sequel::Privacy.cache[cache_key] = result
-        end
+        Sequel::Privacy.cache[cache_key] = result if policy.cacheable? && !from_cache
 
         # Log result
         log_result(policy, result, actor, subject, from_cache, skipped_from_single_match)
@@ -227,9 +219,7 @@ module Sequel
         # Anonymous viewers (no actor) auto-deny unless the policy opts in
         # with allow_anonymous: true (for state-gate policies that examine
         # only the subject).
-        if !actor && policy.arity >= 1 && !policy.allow_anonymous?
-          return :deny
-        end
+        return :deny if !actor && policy.arity >= 1 && !policy.allow_anonymous?
 
         case policy.arity
         when 0
@@ -259,14 +249,14 @@ module Sequel
         actor_id = actor ? actor.id : 'anonymous'
         logger.debug do
           msg = "#{result.to_s.upcase}: #{policy.policy_name || 'anonymous'} for actor[#{actor_id}] on #{subject.class}[#{subject_id(subject)}]"
-          msg += " (cached)" if from_cache
-          msg += " (skipped: single_match)" if skipped
+          msg += ' (cached)' if from_cache
+          msg += ' (skipped: single_match)' if skipped
           msg
         end
 
-        if policy.comment && %i[deny allow].include?(result)
-          logger.debug { " ⮑  #{policy.comment}" }
-        end
+        return unless policy.comment && %i[deny allow].include?(result)
+
+        logger.debug { " ⮑  #{policy.comment}" }
       end
 
       sig { params(subject: TPolicySubject).returns(T.untyped) }

data/lib/sequel/privacy/version.rb

@@ -3,6 +3,6 @@
 
 module Sequel
   module Privacy
-    VERSION = '0.5.1'
+    VERSION = '0.5.2'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sequel-privacy
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Austin Bales