super_auth 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6a5da5e9ec945c0624514fb6b72471c934911dfa9e59271aeee08ef7e78e60c7
-  data.tar.gz: 6f96f6f911d939a4f4059081b45b68894c7ef1795d232df6f4646c854f4554a1
+  metadata.gz: d1c0609f1c31ed023cb42444655098f37468e92f4a24f960f520877f5cb152ed
+  data.tar.gz: 8c7f9334b2226727b52550581756d9d34c50524283ad89339e2d8f0bdfd3094b
 SHA512:
-  metadata.gz: f747d99cf64d276a95d7e3231885b37289b4e587e09be1febbe070ed416f206b7989bba7c32a64b9d5fddeed6afb2502ef871008e51b64395696d54e54887dd1
-  data.tar.gz: b580ce1942b4ce3334639e0ac20c579af0eb65d285beaa403a5c3540c3239d6582d2444fb88d7d67fdf05720e37b7291d104cb208bbc98d393b97e4280ab066e
+  metadata.gz: c3781d17e40e003e7e361789e71d3c9048920b7d14023b1af83de968f1e0e05b4f829fa5e3fda172c141c1c8dceea75888e407bc5f5210cf2148f870954c36df
+  data.tar.gz: 6b9edf03113857abcf6e9246f40dbb3a5d36814380f09e1d86782aa1220a56397dc9b2918fb3f85cb23aeeed1acc103d81af2a24c2abd253eb5e4ca140b54e50

data/.ruby-version

@@ -0,0 +1 @@
+3.2.6

data/Gemfile

@@ -12,10 +12,11 @@ gemspec
 gem "rake", "~> 13.0"
 gem "rspec", "~> 3.0"
 gem "zeitwerk", "~> 2.6"
+gem "sequel"
 
-
-group :development do
+group :development, :test do
   gem "pry"
   gem "pg"
   gem "sqlite3"
-end
+  gem "activerecord"
+end

data/Gemfile.lock

@@ -1,16 +1,44 @@
 PATH
   remote: .
   specs:
-    super_auth (0.1.3)
+    super_auth (0.1.5)
       sequel
 
 GEM
   remote: https://rubygems.org/
   specs:
+    activemodel (8.0.2)
+      activesupport (= 8.0.2)
+    activerecord (8.0.2)
+      activemodel (= 8.0.2)
+      activesupport (= 8.0.2)
+      timeout (>= 0.4.0)
+    activesupport (8.0.2)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
+      minitest (>= 5.1)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    base64 (0.3.0)
+    benchmark (0.4.1)
     bigdecimal (3.1.4)
     coderay (1.1.3)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.3)
     diff-lcs (1.5.0)
+    drb (2.2.3)
+    i18n (1.14.7)
+      concurrent-ruby (~> 1.0)
+    logger (1.7.0)
     method_source (1.0.0)
+    minitest (5.25.5)
     pg (1.5.4)
     pry (0.14.2)
       coderay (~> 1.1)
@@ -29,21 +57,30 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-support (3.12.1)
+    securerandom (0.4.1)
     sequel (5.75.0)
       bigdecimal
-    sqlite3 (1.7.0-arm64-darwin)
-    sqlite3 (1.7.0-x86_64-linux)
+    sqlite3 (2.7.2-arm64-darwin)
+    sqlite3 (2.7.2-x86_64-linux-gnu)
+    timeout (0.4.3)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    uri (1.0.3)
     zeitwerk (2.6.12)
 
 PLATFORMS
   arm64-darwin-22
+  arm64-darwin-23
+  arm64-darwin-24
   x86_64-linux
 
 DEPENDENCIES
+  activerecord
   pg
   pry
   rake (~> 13.0)
   rspec (~> 3.0)
+  sequel
   sqlite3
   super_auth!
   zeitwerk (~> 2.6)

data/db/migrate/1_users.rb

@@ -1,13 +1,15 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_users) do
+  up do
+    create_table(:super_auth_users) do
       primary_key :id
-
       String :external_id # , null: false
       String :name
-
       DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_users)
+  end
 end

data/db/migrate/2_groups.rb

@@ -1,6 +1,6 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_groups) do
+  up do
+    create_table(:super_auth_groups) do
       primary_key :id
       String :name, null: false
       foreign_key :parent_id, :super_auth_groups, deferrable: true, type: :integer
@@ -8,4 +8,8 @@ Sequel.migration do
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_groups)
+  end
 end

data/db/migrate/3_permissions.rb

@@ -1,10 +1,14 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_permissions) do
+  up do
+    create_table(:super_auth_permissions) do
       primary_key :id
       String :name, null: false
       DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_permissions)
+  end
 end

data/db/migrate/4_roles.rb

@@ -1,6 +1,6 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_roles) do
+  up do
+    create_table(:super_auth_roles) do
       primary_key :id
       String :name, null: false
       foreign_key :parent_id, :super_auth_roles, deferrable: true, type: :integer
@@ -8,4 +8,8 @@ Sequel.migration do
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_roles)
+  end
 end

data/db/migrate/5_resources.rb

@@ -1,13 +1,15 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_resources) do
+  up do
+    create_table(:super_auth_resources) do
       primary_key :id
-
       String :name
       String :external_id # , null: false
-
       DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_resources)
+  end
 end

data/db/migrate/6_edge.rb

@@ -1,16 +1,18 @@
 Sequel.migration do
-  change do
-    create_table?(:super_auth_edges) do
+  up do
+    create_table(:super_auth_edges) do
       primary_key :id
-
       foreign_key :user_id,       :super_auth_users,       null: true
       foreign_key :group_id,      :super_auth_groups,      null: true
       foreign_key :permission_id, :super_auth_permissions, null: true
       foreign_key :role_id,       :super_auth_roles,       null: true
       foreign_key :resource_id,   :super_auth_resources,   null: true
-
       DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
       DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
     end
   end
+
+  down do
+    drop_table(:super_auth_edges)
+  end
 end

data/db/migrate/7_authorization.rb

@@ -0,0 +1,39 @@
+Sequel.migration do
+  up do
+    create_table(:super_auth_authorizations) do
+      Integer :user_id, null: true
+      String :user_name, null: true
+      String :user_external_id, null: true
+      DateTime :user_created_at, null: true
+      DateTime :user_updated_at, null: true
+      Integer :group_id, null: true
+      String :group_name, null: true
+      String :group_path, null: true
+      String :group_name_path, null: true
+      String :group_parent_name, null: true
+      String :group_parent_id, null: true
+      DateTime :group_created_at, null: true
+      DateTime :group_updated_at, null: true
+      Integer :role_id, null: true
+      String :role_name, null: true
+      String :role_path, null: true
+      String :role_name_path, null: true
+      String :role_parent_id, null: true
+      DateTime :role_created_at, null: true
+      DateTime :role_updated_at, null: true
+      Integer :permission_id, null: true
+      String :permission_name, null: true
+      DateTime :permission_created_at, null: true
+      DateTime :permission_updated_at, null: true
+      Integer :resource_id, null: true
+      String :resource_name, null: true
+      String :resource_external_id, null: true
+      DateTime :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
+      DateTime :updated_at, null: false, default: Sequel::CURRENT_TIMESTAMP
+    end
+  end
+
+  down do
+    drop_table(:super_auth_authorizations)
+  end
+end

data/lib/basic_loader.rb

@@ -3,6 +3,8 @@
 # File generated automatically, do not edit
 # See https://blog.pawelpokrywka.com/p/gem-with-zeitwerk-as-development-only-dependency
 
+require 'super_auth/active_record' if defined?(ActiveRecord::Base)
+require 'super_auth/authorization'
 require 'super_auth/edge'
 require 'super_auth/nestable'
 require 'super_auth/group'
@@ -11,3 +13,11 @@ require 'super_auth/railtie'
 require 'super_auth/resource'
 require 'super_auth/role'
 require 'super_auth/user'
+require 'super_auth/active_record/authorization' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/by_current_user' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/edge' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/group' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/permission' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/resource' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/role' if defined?(ActiveRecord::Base)
+require 'super_auth/active_record/user' if defined?(ActiveRecord::Base)

data/lib/super_auth/active_record/authorization.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Authorization < ActiveRecord::Base
+  self.table_name = 'super_auth_authorizations'
+end

data/lib/super_auth/active_record/by_current_user.rb

@@ -0,0 +1,24 @@
+module SuperAuth::ActiveRecord::ByCurrentUser
+  def self.included(base)
+    base.has_many :super_auth_authorizations
+
+    base.send(:default_scope, **{all_queries: true}) do
+      raise "SuperAuth.current_user not set" if SuperAuth.current_user.blank?
+
+      if SuperAuth.current_user.system?
+        self
+      else
+        # Important:
+        # We use a subquery here instead of a inner join because we don't want
+        # to potentially affect break on queries issue count queries in their app.
+        where(id: SuperAuth::ActiveRecord::Authorization.where(super_auth_user_id: SuperAuth.current_user.id).select(:resource_id))
+      end
+    end
+  end
+
+  def system? = false
+
+  module ClassMethods
+  end
+
+end

data/lib/super_auth/active_record/edge.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Edge < ActiveRecord::Base
+  self.table_name = 'super_auth_edges'
+end

data/lib/super_auth/active_record/group.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Group < ActiveRecord::Base
+  self.table_name = 'super_auth_groups'
+end

data/lib/super_auth/active_record/permission.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Permission < ActiveRecord::Base
+  self.table_name = 'super_auth_permissions'
+end

data/lib/super_auth/active_record/resource.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Resource < ActiveRecord::Base
+  self.table_name = 'super_auth_resources'
+end

data/lib/super_auth/active_record/role.rb

@@ -0,0 +1,3 @@
+class SuperAuth::ActiveRecord::Role < ActiveRecord::Base
+  self.table_name = 'super_auth_roles'
+end

data/lib/super_auth/active_record/user.rb

@@ -0,0 +1,8 @@
+class SuperAuth::ActiveRecord::User < ActiveRecord::Base
+  self.table_name = 'super_auth_users'
+
+  def model_name = ActiveModel::Name.new(:user)
+
+  def system? = self.class.system == self
+  def self.system = find_or_create_by(name: "system")
+end

data/lib/super_auth/active_record.rb

@@ -0,0 +1,3 @@
+require "active_record"
+module SuperAuth::ActiveRecord
+end

data/lib/super_auth/authorization.rb

@@ -0,0 +1,2 @@
+class SuperAuth::Authorization < Sequel::Model(:super_auth_authorizations)
+end

data/lib/super_auth/edge.rb

@@ -5,6 +5,20 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
   many_to_one :role
   many_to_one :resource
 
+  def before_save
+    @affected_users = SuperAuth::Authorization.where(user_id: user_id).distinct.select_map(:user_id) + [user_id]
+  end
+
+  def after_save
+    SuperAuth::Authorization.db.transaction do
+      SuperAuth::Authorization.where(user_id: @affected_users).delete
+      SuperAuth::Authorization.multi_insert(
+        SuperAuth::Edge.authorizations.where(user_id: @affected_users)
+        .to_a
+      )
+    end
+  end
+
   class << self
 
     def authorizations
@@ -12,6 +26,7 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
         .union(users_roles_permissions_resources)
         .union(users_groups_permissions_resources)
         .union(users_permissions_resources)
+        .union(users_resources)
     end
 
     def users_groups_roles_permissions_resources
@@ -31,8 +46,8 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
         Sequel[:groups][:group_path],
         Sequel[:groups][:group_name_path],
         Sequel[:groups][:parent_id],
-        Sequel[:groups][:created_at].as(:group_created_at),
-        Sequel[:groups][:updated_at].as(:group_updated_at),
+        Sequel[:groups][:created_at].cast(:text).as(:group_created_at),
+        Sequel[:groups][:updated_at].cast(:text).as(:group_updated_at),
       ).join(Sequel[:super_auth_edges].as(:group_role_edges), Sequel[:group_role_edges][:group_id] => Sequel[:groups][:id]).select_append(
         Sequel[:group_role_edges][:id].as(:group_role_edge_id),
         Sequel[:group_role_edges][:permission_id].as(:group_role_edge_permission_id),
@@ -43,7 +58,7 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
 
       SuperAuth::Edge.from(
         SuperAuth::Edge.from(
-          SuperAuth::Group.cte(SuperAuth::Group.where(id: users_groups_roles_ds.select(Sequel[:groups][:id])).select(:id)).select { [id.as(:group_id), name.as(:group_name), parent_id.as(:group_parent_id), group_path, group_name_path, created_at.as(:group_created_at), updated_at.as(:group_updated_at)] },
+          SuperAuth::Group.cte(SuperAuth::Group.where(id: users_groups_roles_ds.select(Sequel[:groups][:id])).select(:id)).select { [id.as(:group_id), name.as(:group_name), parent_id.as(:group_parent_id), group_path, group_name_path, created_at.cast(:text).as(:group_created_at), updated_at.as(:group_updated_at)] },
           SuperAuth::Role.cte(users_groups_roles_ds.select(Sequel[:group_role_edges][:role_id])).select { [id.as(:role_id), name.as(:role_name), parent_id.as(:role_parent_id), role_path, role_name_path, created_at.as(:role_created_at), updated_at.as(:role_updated_at) ] }
         ).as(:users_groups_roles_permissions_resources)
       ).join(Sequel[:super_auth_edges].as(:user_edges), Sequel[:user_edges][:group_id] => Sequel[:users_groups_roles_permissions_resources][:group_id])
@@ -60,16 +75,16 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
           Sequel[:users_groups_roles_permissions_resources][:group_path],
           Sequel[:users_groups_roles_permissions_resources][:group_name_path],
           Sequel[:users_groups_roles_permissions_resources][:group_parent_id],
-          Sequel[:users_groups_roles_permissions_resources][:group_created_at].cast(:text),
-          Sequel[:users_groups_roles_permissions_resources][:group_updated_at].cast(:text),
+          Sequel[:users_groups_roles_permissions_resources][:group_created_at].cast(:text).as(:group_created_at),
+          Sequel[:users_groups_roles_permissions_resources][:group_updated_at].cast(:text).as(:group_updated_at),
 
           Sequel[:users_groups_roles_permissions_resources][:role_id],
           Sequel[:users_groups_roles_permissions_resources][:role_name],
           Sequel[:users_groups_roles_permissions_resources][:role_path],
           Sequel[:users_groups_roles_permissions_resources][:role_name_path],
           Sequel[:users_groups_roles_permissions_resources][:role_parent_id],
-          Sequel[:users_groups_roles_permissions_resources][:role_created_at].cast(:text),
-          Sequel[:users_groups_roles_permissions_resources][:role_updated_at].cast(:text),
+          Sequel[:users_groups_roles_permissions_resources][:role_created_at].cast(:text).as(:role_created_at),
+          Sequel[:users_groups_roles_permissions_resources][:role_updated_at].cast(:text).as(:role_updated_at),
 
           Sequel[:super_auth_permissions][:id].as(:permission_id),
           Sequel[:super_auth_permissions][:name].as(:permission_name),
@@ -191,7 +206,6 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
           Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "group_created_at"]), # Sequel[:groups][:group_created_at],
           Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "group_updated_at"]), # Sequel[:groups][:group_updated_at],
 
-
           Sequel.lit(%Q[0 as "role_id"]),        # Sequel[:roles][:role_id],
           Sequel::NULL.as(:role_name),           # Sequel[:roles][:role_name],
           Sequel::NULL.as(:role_path),           # Sequel[:roles][:role_path],
@@ -215,5 +229,45 @@ class SuperAuth::Edge < Sequel::Model(:super_auth_edges)
       join(Sequel[:super_auth_resources], id: Sequel[:resource_edges][:resource_id]).
       distinct
     end
+
+    def users_resources
+      SuperAuth::User.
+        join(Sequel[:super_auth_edges].as(:user_edges), user_id: :id).
+        select(
+          Sequel[:super_auth_users][:id].as(:user_id),
+          Sequel[:super_auth_users][:name].as(:user_name),
+          Sequel[:super_auth_users][:external_id].as(:user_external_id),
+          Sequel[:super_auth_users][:created_at].cast(:text).as(:user_created_at),
+          Sequel[:super_auth_users][:updated_at].cast(:text).as(:user_updated_at),
+
+          Sequel.lit(%Q[0 as "group_id"]),      # Sequel[:groups][:group_id],
+          Sequel::NULL.as(:group_name),       # Sequel[:groups][:group_name],
+          Sequel::NULL.as(:group_path),       # Sequel[:groups][:group_path],
+          Sequel::NULL.as(:group_name_path),  # Sequel[:groups][:group_name_path],
+          Sequel.lit(%Q[0 as "group_parent_id"]),      # Sequel[:groups][:group_id],
+          Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "group_created_at"]), # Sequel[:groups][:group_created_at],
+          Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "group_updated_at"]), # Sequel[:groups][:group_updated_at],
+
+
+          Sequel.lit(%Q[0 as "role_id"]),        # Sequel[:roles][:role_id],
+          Sequel::NULL.as(:role_name),           # Sequel[:roles][:role_name],
+          Sequel::NULL.as(:role_path),           # Sequel[:roles][:role_path],
+          Sequel::NULL.as(:role_name_path),      # Sequel[:roles][:role_name_path],
+          Sequel.lit(%Q[0 as "role_parent_id"]), # Sequel[:roles][:role_parent_id],
+          Sequel::NULL.as(:role_created_at),     # Sequel[:roles][:role_created_at],
+          Sequel::NULL.as(:role_updated_at),     # Sequel[:roles][:role_updated_at],
+
+          Sequel.lit(%Q[0 as "permission_id"]),
+          Sequel::NULL.as(:permission_name),
+          Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "permission_created_at"]),
+          Sequel.lit(%Q['1970-01-01 00:00:00.000000-00' as "permission_updated_at"]),
+
+          Sequel[:super_auth_resources][:id].as(:resource_id),
+          Sequel[:super_auth_resources][:name].as(:resource_name),
+          Sequel[:super_auth_resources][:external_id].as(:resource_external_id)
+        ).
+      join(Sequel[:super_auth_resources], Sequel[:user_edges][:resource_id] => Sequel[:super_auth_resources][:id]).
+      distinct
+    end
   end
-end
+end

data/lib/super_auth/permission.rb

@@ -7,7 +7,7 @@ class SuperAuth::Permission < Sequel::Model(:super_auth_permissions)
     end
 
     def with_roles
-    with_edges.join(Role.from(Role.trees).as(:roles), id: :role_id).select(
+    with_edges.join(SuperAuth::Role.from(SuperAuth::Role.trees).as(:roles), id: :role_id).select(
         Sequel[:super_auth_permissions][:id].as(:id),
         Sequel[:super_auth_permissions][:id].as(:permission_id),
         Sequel[:roles][:id].as(:role_id),

data/lib/super_auth/railtie.rb

@@ -4,6 +4,35 @@ module SuperAuth
       rake_tasks do
         load "tasks/super_auth_tasks.rake"
       end
+
+      initializer "super_auth.initialize" do
+        if defined?(Sequel) && Sequel.const_defined?("Model")
+          require 'super_auth/authorization'
+          require 'super_auth/edge'
+          require 'super_auth/nestable'
+          require 'super_auth/group'
+          require 'super_auth/permission'
+          require 'super_auth/resource'
+          require 'super_auth/role'
+          require 'super_auth/user'
+        elsif defined?(ActiveRecord)
+          require 'super_auth/active_record'
+          require 'super_auth/active_record/authorization'
+          require 'super_auth/active_record/edge'
+          require 'super_auth/active_record/group'
+          require 'super_auth/active_record/permission'
+          require 'super_auth/active_record/resource'
+          require 'super_auth/active_record/role'
+          require 'super_auth/active_record/user'
+          SuperAuth::Authorization = SuperAuth::ActiveRecord::Authorization
+          SuperAuth::Edge = SuperAuth::ActiveRecord::Edge
+          SuperAuth::Group = SuperAuth::ActiveRecord::Group
+          SuperAuth::Permission = SuperAuth::ActiveRecord::Permission
+          SuperAuth::Resource = SuperAuth::ActiveRecord::Resource
+          SuperAuth::User = SuperAuth::ActiveRecord::User
+          SuperAuth::Role = SuperAuth::ActiveRecord::Role
+        end
+      end
     end
   else
     class Railtie

data/lib/super_auth/user.rb

@@ -1,5 +1,9 @@
 class SuperAuth::User < Sequel::Model(:super_auth_users)
   one_to_many :edges
+  one_to_many :resources
+
+  def system? = self.class.system == self
+  def self.system = find_or_create(name: "system")
 
   dataset_module do
     def with_edges
@@ -7,7 +11,7 @@ class SuperAuth::User < Sequel::Model(:super_auth_users)
     end
 
     def with_groups
-      with_edges.join(Group.from(Group.trees).as(:groups), id: :group_id).select(
+      with_edges.join(SuperAuth::Group.from(SuperAuth::Group.trees).as(:groups), id: :group_id).select(
         Sequel[:super_auth_users][:id].as(:id),
         Sequel[:super_auth_users][:id].as(:user_id),
         Sequel[:groups][:id].as(:group_id),
@@ -25,7 +29,7 @@ class SuperAuth::User < Sequel::Model(:super_auth_users)
     end
 
     def with_roles
-      with_edges.join(Role.from(Role.trees).as(:roles), id: :role_id).select(
+      with_edges.join(SuperAuth::Role.from(SuperAuth::Role.trees).as(:roles), id: :role_id).select(
         Sequel[:users][:id].as(:id),
         Sequel[:users][:id].as(:user_id),
         Sequel[:roles][:id].as(:role_id),
@@ -41,9 +45,5 @@ class SuperAuth::User < Sequel::Model(:super_auth_users)
         Sequel[:roles][:parent_id]
       )
     end
-
-    def with_roles_with_groups
-      with_groups_with_roles
-    end
   end
 end

data/lib/super_auth/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SuperAuth
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

data/lib/super_auth.rb

@@ -8,34 +8,76 @@ if defined? SuperAuth::AUTOLOADERS
     loader.ignore("#{__dir__}/basic_loader.rb")
     loader.setup
   end
+  require "sequel"
+else
+  require 'basic_loader'
 end
 
-require 'sequel'
+module SuperAuth
+  class Error < StandardError; end
 
-ENV["SUPER_AUTH_LOG_LEVEL"] = 'debug'
-require 'logger'
-logger = Logger.new(STDOUT)
+  def self.setup
+    yield self if block_given?
+  end
 
-Sequel::Model.plugin :timestamps, update_on_create: true
-if !ENV['SUPER_AUTH_DATABASE_URL'].nil? && !ENV['SUPER_AUTH_DATABASE_URL'].empty?
-  Sequel::Model.db = Sequel.connect(ENV['SUPER_AUTH_DATABASE_URL'], logger: logger)
-else
-  logger.warn "SUPER_AUTH_DATABASE_URL not set, using sqlite in memory database."
-  Sequel::Model.db = Sequel.sqlite(logger: logger)
-end
-Sequel::Model.default_association_options = {:class_namespace=>'SuperAuth'}
+  def self.set_db
+    logger =
+      if defined?(Rails) && ENV["SUPER_AUTH_LOG_LEVEL"] == "debug"
+        Rails.logger
+      elsif ENV["SUPER_AUTH_LOG_LEVEL"] == "debug"
+        require "logger"
+        logger = Logger.new(STDOUT)
+      else
+        nil
+      end
 
-# I don't love this, but I don't know how to do it better
-unless Sequel::Model.db.table_exists?(:super_auth_edges)
-  Sequel.extension :migration
-  path = Pathname.new(__FILE__).parent.parent.join("db", "migrate")
-  Sequel::Migrator.run(Sequel::Model.db, path)
-end
-require 'basic_loader' unless defined?(SuperAuth::AUTOLOADERS)
+    if !ENV['SUPER_AUTH_DATABASE_URL'].nil? && !ENV['SUPER_AUTH_DATABASE_URL'].empty?
+      SuperAuth.db = Sequel.connect(ENV['SUPER_AUTH_DATABASE_URL'], logger: logger)
+    else
+      puts "ENV SUPER_AUTH_DATABASE_URL not set, using sqlite."
+      SuperAuth.db = Sequel.sqlite(logger: logger, database: "./tmp/test.db")
+      install_migrations
+    end
+    Sequel::Model.default_association_options = {:class_namespace=>'SuperAuth'}
+  end
 
+  def self.install_migrations
+    require "sequel"
+    Sequel.extension :migration
+    require "pathname"
+    path = Pathname.new(__FILE__).parent.parent.join("db", "migrate")
+    Sequel::Migrator.run(SuperAuth.db, path)
+  end
 
-module SuperAuth
-  class Error < StandardError; end
+  def self.uninstall_migrations
+    require "sequel"
+    set_db
+    Sequel.extension :migration
+    require "pathname"
+
+    path = Pathname.new(__FILE__).parent.parent.join("db", "migrate")
+    db = SuperAuth.db
+
+    Sequel::Migrator.run(db, path, target: 0)
+  rescue => e
+    raise Error, "Failed to uninstall migrations: #{e.message}"
+  end
+
+  def self.current_user=(user)
+    @current_user = user
+  end
+
+  def self.current_user
+    @current_user
+  end
+
+  def self.db=(db)
+    @db = db
+  end
+
+  def self.db
+    @db
+  end
 end
 
 require "super_auth/railtie" if defined?(Rails::Railtie)

data/lib/tasks/super_auth_tasks.rake

@@ -1,13 +1,14 @@
 namespace :super_auth do
   desc "Run the super_auth database migrations"
   task migrate: :environment do
-    # TODO: Make this work properly without auto applying migrations, which is silly
-    #
-    # raise "ENV variable SUPER_AUTH_DATABASE_URL is not set" if ENV['SUPER_AUTH_DATABASE_URL'].nil? || ENV['SUPER_AUTH_DATABASE_URL'].empty?
-    # Sequel::Model.db = Sequel.connect(ENV['SUPER_AUTH_DATABASE_URL'])
-    # Sequel.extension :migration
-    # binding.irb
-    # path = Pathname.new(__FILE__).parent.parent.join("db", "migrate")
-    # Sequel::Migrator.run(Sequel::Model.db, path)
+    raise "You must define SUPER_AUTH_DATABASE_URL in your environment for this to work" if ENV['SUPER_AUTH_DATABASE_URL'].nil? || ENV['SUPER_AUTH_DATABASE_URL'].empty?
+    SuperAuth.install_migrations
+    puts "Done"
+  end
+
+  task :rollback => :environment do
+    raise "You must define SUPER_AUTH_DATABASE_URL in your environment for this to work" if ENV['SUPER_AUTH_DATABASE_URL'].nil? || ENV['SUPER_AUTH_DATABASE_URL'].empty?
+    SuperAuth.uninstall_migrations
+    puts "Done"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: super_auth
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Jonathan Frias
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-02 00:00:00.000000000 Z
+date: 2025-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -46,6 +46,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".rspec"
+- ".ruby-version"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -58,8 +59,19 @@ files:
 - db/migrate/4_roles.rb
 - db/migrate/5_resources.rb
 - db/migrate/6_edge.rb
+- db/migrate/7_authorization.rb
 - lib/basic_loader.rb
 - lib/super_auth.rb
+- lib/super_auth/active_record.rb
+- lib/super_auth/active_record/authorization.rb
+- lib/super_auth/active_record/by_current_user.rb
+- lib/super_auth/active_record/edge.rb
+- lib/super_auth/active_record/group.rb
+- lib/super_auth/active_record/permission.rb
+- lib/super_auth/active_record/resource.rb
+- lib/super_auth/active_record/role.rb
+- lib/super_auth/active_record/user.rb
+- lib/super_auth/authorization.rb
 - lib/super_auth/edge.rb
 - lib/super_auth/group.rb
 - lib/super_auth/nestable.rb