subroutine 2.0.0.beta2 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc8eb530552fea8e2bacd033372826e11c57734d9695973ebca956c76aa2ed93
-  data.tar.gz: 908764a3fc127881b4c719c2c5523ae280771683e765ea8f47ddda52bed76a33
+  metadata.gz: 359d2ea93dea5768e77277086229a0dd6e38c90c6f05866e443980a45afd98f9
+  data.tar.gz: a1282dec003600a234fd8e8a076570f91813681d4eb3afdd84c4193ad8b115bf
 SHA512:
-  metadata.gz: 4de2ad64fede40a510afe5b0af073eb6fae1800a61e2f9387337c1d46475ec439c1c35cb393ecececb3a5954b7c9e1b32be10e6be963dc7ce3fb840d40a3b368
-  data.tar.gz: 9ec24f1a6ce47edb502bded197096dec4d1ff444c4d3b0fda64291111aa7a29e67e7bd4f8e01a018c72795117c40e16fa3c68131b64db346e3c1073611c8134e
+  metadata.gz: e01d4ab80fce0047950af6511d5b626e740f1a7e1157e283f09a911dbeaab21af01ae5b173c750e7078f57c28f058000e428df4eca784e522496cc8053fb2617
+  data.tar.gz: 423ddf621546c4d74c1934f476aab6e0da728379490ac7b6d8f0b420b8dde3d101e8a1f0cdb8369908d87dd34fd21ef119627e10c78acd7d88aac8064b65216b

data/.ruby-version

@@ -1 +1 @@
-2.5.7
+2.7.5

data/CHANGELOG.MD

@@ -1,3 +1,9 @@
+## Subroutine 2.0
+
+The updates between 1.0 and 2.0 are relatively minor and are focused more on cleaning up the codebase and extending the use of the 0.9->1.0 refactor. There are, however, breaking changes to how associations are loaded. The association is no longer loaded via `find()` but rather `find_by!(id:)`. Given this, a major version was released.
+
+**Note:** 2.0.0 was released with a bug and subsequently yanked. 2.0.1 is the first available 2.x version.
+
 ## Subroutine 1.0
 
 A massive refactor took place between 0.9 and 1.0, including breaking changes. The goal was to reduce complexity, simplify backtraces, and increase the overall safety and reliability of the library.

data/lib/subroutine/auth.rb

@@ -9,11 +9,13 @@ module Subroutine
     extend ActiveSupport::Concern
 
     included do
-      class_attribute :authorization_declared, instance_writer: false
-      self.authorization_declared = false
+      class_attribute :authorization_checks
+      self.authorization_checks = []
 
       class_attribute :user_class_name, instance_writer: false
       self.user_class_name = "User"
+
+      validate :validate_authorization_checks, unless: :skip_auth_checks?
     end
 
     module ClassMethods
@@ -22,28 +24,24 @@ module Subroutine
         [user_class_name, "Integer", "NilClass"].compact
       end
 
-      def authorize(validation_name)
-        validate validation_name, unless: :skip_auth_checks?
+      def authorization_declared?
+        authorization_checks.any?
+      end
+
+      def authorize(check_name)
+        self.authorization_checks += [check_name.to_sym]
       end
 
       def no_user_requirements!
-        self.authorization_declared = true
+        authorize :authorize_user_not_required
       end
 
       def require_user!
-        self.authorization_declared = true
-
-        validate unless: :skip_auth_checks? do
-          unauthorized! unless current_user.present?
-        end
+        authorize :authorize_user_required
       end
 
       def require_no_user!
-        self.authorization_declared = true
-
-        validate unless: :skip_auth_checks? do
-          unauthorized! :empty_unauthorized if current_user.present?
-        end
+        authorize :authorize_no_user_required
       end
 
       # policy :can_update_user
@@ -57,33 +55,45 @@ module Subroutine
         if_conditionals = Array(opts[:if])
         unless_conditionals = Array(opts[:unless])
 
-        validate unless: :skip_auth_checks? do
-          run_it = true
-          # http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions
+        meths.each do |meth|
+          normalized_meth = meth.to_s[0...-1] if meth.to_s.end_with?("?")
+          auth_method_name = :"authorize_#{policy_name}_#{normalized_meth}"
 
-          # The validation only runs when all the :if conditions
-          if if_conditionals.present?
-            run_it &&= if_conditionals.all? { |i| send(i) }
-          end
+          define_method auth_method_name do
+            run_it = true
+            # http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions
 
-          # and none of the :unless conditions are evaluated to true.
-          if unless_conditionals.present?
-            run_it &&= unless_conditionals.none? { |u| send(u) }
-          end
+            # The validation only runs when all the :if conditions evaluate to true
+            if if_conditionals.present?
+              run_it &&= if_conditionals.all? { |i| send(i) }
+            end
+
+            # and none of the :unless conditions are evaluated to true.
+            if unless_conditionals.present?
+              run_it &&= unless_conditionals.none? { |u| send(u) }
+            end
+
+            return unless run_it
+
+            p = send(policy_name)
+            unauthorized! unless p
 
-          next unless run_it
+            result = if p.respond_to?("#{normalized_meth}?")
+                       p.send("#{normalized_meth}?")
+                     else
+                       p.send(normalized_meth)
+                     end
 
-          p = send(policy_name)
-          if !p || meths.any? { |m| !(p.respond_to?("#{m}?") ? p.send("#{m}?") : p.send(m)) }
-            unauthorized! opts[:error]
+            unauthorized! opts[:error] unless result
           end
+
+          authorize auth_method_name
         end
       end
-
     end
 
     def initialize(*args, &block)
-      raise Subroutine::Auth::AuthorizationNotDeclaredError unless self.class.authorization_declared
+      raise Subroutine::Auth::AuthorizationNotDeclaredError unless self.class.authorization_declared?
 
       @skip_auth_checks = false
 
@@ -124,5 +134,23 @@ module Subroutine
       raise ::Subroutine::Auth::NotAuthorizedError, reason
     end
 
+    def validate_authorization_checks
+      authorization_checks.each do |check|
+        send(check)
+      end
+    end
+
+    def authorize_user_not_required
+      true
+    end
+
+    def authorize_user_required
+      unauthorized! unless current_user.present?
+    end
+
+    def authorize_no_user_required
+      unauthorized! :empty_unauthorized if current_user.present?
+    end
+
   end
 end

data/lib/subroutine/fields.rb

@@ -216,9 +216,9 @@ module Subroutine
       field_provided?(name) ? all_params[name] : all_default_params[name]
     end
 
-    def set_field(name, value, track_provided: true)
+    def set_field(name, value, opts = {})
       config = get_field_config(name)
-      @provided_fields[name] = true if track_provided
+      @provided_fields[name] = true unless opts[:track_provided] == false
       value = attempt_cast(value, config) do |e|
         "Error during assignment of field `#{name}`: #{e}"
       end

data/lib/subroutine/version.rb

@@ -3,9 +3,9 @@
 module Subroutine
 
   MAJOR = 2
-  MINOR = 0
-  PATCH = 0
-  PRE   = "beta2"
+  MINOR = 1
+  PATCH = 1
+  PRE   = nil
 
   VERSION = [MAJOR, MINOR, PATCH, PRE].compact.join(".")
 

data/test/subroutine/auth_test.rb

@@ -57,6 +57,16 @@ module Subroutine
       end
     end
 
+    def test_authorization_checks_are_registered_on_the_class
+      assert_equal false, MissingAuthOp.authorization_declared?
+
+      assert_equal true, CustomAuthorizeOp.authorization_declared?
+      assert_equal [:authorize_user_required, :authorize_user_is_correct], CustomAuthorizeOp.authorization_checks
+
+      assert_equal true, NoUserRequirementsOp.authorization_declared?
+      assert_equal [:authorize_user_not_required], NoUserRequirementsOp.authorization_checks
+    end
+
     def test_the_current_user_can_be_defined_by_an_id
       user = CustomAuthorizeOp.new(1).current_user
       assert_equal 1, user.id
@@ -92,6 +102,10 @@ module Subroutine
       op.submit!
     end
 
+    def policy_invocations_are_registered_as_authorization_methods
+      assert PolicyOp.authorization_checks.include?(:authorize_policy_user_can_access)
+    end
+
     def test_it_runs_policies_with_conditionals
       # if: false
       op = IfConditionalPolicyOp.new(user, check_policy: false)

data/test/subroutine/fields_test.rb

@@ -136,5 +136,12 @@ module Subroutine
       assert_equal({}.with_indifferent_access, op.without_inherited_params)
     end
 
+    def test_fields_are_inherited_to_subclasses
+      assert_equal(%i[amount_cents], ParentInheritanceOp.field_configurations.keys.sort)
+      assert_equal(%i[debit_cents], ParentInheritanceOp::EarlyInheritanceOp.field_configurations.keys.sort)
+      assert_equal(%i[amount_cents debit_cents], ParentInheritanceOp::LateInheritanceOp.field_configurations.keys.sort)
+      assert_equal(%i[amount_cents credit_cents], OuterInheritanceOp.field_configurations.keys.sort)
+    end
+
   end
 end

data/test/support/ops.rb

@@ -284,10 +284,33 @@ class UnlessConditionalPolicyOp < OpWithAuth
 
 end
 
+class ParentInheritanceOp < ::Subroutine::Op
+  class EarlyInheritanceOp < ParentInheritanceOp
+    integer :debit_cents
+  end
+
+  integer :amount_cents
+
+  class LateInheritanceOp < ParentInheritanceOp
+    integer :debit_cents
+  end
+
+end
+
+class OuterInheritanceOp < ParentInheritanceOp
+
+  integer :credit_cents
+
+end
+
 class OpWithAssociation < ::Subroutine::Op
 
   include ::Subroutine::AssociationFields
 
+  def perform
+    false
+  end
+
 end
 
 class SimpleAssociationOp < ::OpWithAssociation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: subroutine
 version: !ruby/object:Gem::Version
-  version: 2.0.0.beta2
+  version: 2.1.1
 platform: ruby
 authors:
 - Mike Nelson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-17 00:00:00.000000000 Z
+date: 2022-05-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -214,11 +214,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Feature-driven operation objects.