u-authorization 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +53 -22
  4. data/lib/micro/authorization/permissions/checker.rb +36 -6
  5. data/lib/micro/authorization/permissions/model.rb +7 -7
  6. data/lib/micro/authorization/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fae66869f76df547c31db71f122b5b2325305e647ac8292b0580ae79e7f2baf6
4
- data.tar.gz: 06ee2555095a23ddf2c62ade52bc7f207758762950f10b15e3a06798f0e85cdc
3
+ metadata.gz: 3eed3ce0a228018f007c58ae1c1e70ae5b782b841f98ae3baad6519c6fc40531
4
+ data.tar.gz: 2201d27e01a1f206bf395334b536596dd88fb05760a986c1e29fe4a9253e3f2e
5
5
  SHA512:
6
- metadata.gz: d3f855677e13bb60e5aea15fa662b0c24d5d563ee6dbcf986404442c082c153bdbd3deb20c2844dfb4f34ee12148161a35530afb71518b56457a23c893b28ea5
7
- data.tar.gz: f5ade9d183a7c95ee78f13628f5e9a680959ee0d8aefd4f12c1c4e5ec1f318cf55287cb4703a8c4bd32c59133ef57817338b708c7e48980f91764ade66af563d
6
+ metadata.gz: 467a55948c8864903d7024c250dd4b9a93244fbb379dc16aa7d91f1f983ba7f5da6d14c6af8e39a52a9639aa30cad129dc84ad2e56bb34b4bfd6245491845809
7
+ data.tar.gz: 6c28d09268e034911b19b66a192b53057d21c8c0995fc16e3d1754249da968eeb51d71b074782e1867b2885c67437da25c8c3fb235b7826048f957dc35440514
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- u-authorization (2.1.0)
4
+ u-authorization (2.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -34,16 +34,28 @@ $ gem install u-authorization
34
34
  require 'ostruct'
35
35
  require 'u-authorization'
36
36
 
37
- role = OpenStruct.new(
38
- name: 'user',
39
- permissions: {
40
- 'visit' => { 'except' => ['billings'] },
41
- 'edit_users' => false, # Same as: 'edit_users' => { 'any' => false },
42
- 'export_as_csv' => { 'except' => ['sales'] }
37
+ module Permissions
38
+ ADMIN = {
39
+ 'visit' => { 'any' => true },
40
+ 'export' => { 'any' => true }
41
+ }
42
+
43
+ USER = {
44
+ 'visit' => { 'except' => ['billings'] },
45
+ 'export' => { 'except' => ['sales'] }
46
+ }
47
+
48
+ ALL = {
49
+ 'admin' => ADMIN,
50
+ 'user' => USER
43
51
  }
44
- )
45
52
 
46
- user = OpenStruct.new(id: 1, role: role)
53
+ def self.to(role)
54
+ ALL.fetch(role, 'user')
55
+ end
56
+ end
57
+
58
+ user = OpenStruct.new(id: 1, role: 'user')
47
59
 
48
60
  class SalesPolicy < Micro::Authorization::Policy
49
61
  def edit?(record)
@@ -52,26 +64,26 @@ $ gem install u-authorization
52
64
  end
53
65
 
54
66
  authorization = Micro::Authorization::Model.build(
55
- permissions: user.role.permissions,
56
- policies: { default: :sales, sales: SalesPolicy }
67
+ permissions: Permissions.to(user.role),
68
+ policies: { default: :sales, sales: SalesPolicy },
57
69
  context: {
58
70
  user: user,
59
71
  to_permit: ['dashboard', 'controllers', 'sales', 'index']
60
72
  }
61
73
  )
62
74
 
63
- # Note: In the context, you can use :permissions key as an alias of :to_permit. e.g:
64
- # context: {
65
- # user: user,
66
- # permissions: ['dashboard', 'controllers', 'sales', 'index']
67
- # }
75
+ # Info about the `context` data:
76
+ # 1. :to_permit is a required key
77
+ # 1.1. :permissions is an alternative of :to_permit key.
78
+ # 2. :user is an optional key
79
+ # 3. Any key different of :permissions, will be passed as a policy context.
68
80
 
69
81
  # Verifying the permissions for the given context
70
- authorization.permissions.to?('visit') #=> true
71
- authorization.permissions.to?('export_as_csv') #=> false
82
+ authorization.permissions.to?('visit') #=> true
83
+ authorization.permissions.to?('export') #=> false
72
84
 
73
85
  # Verifying permission for a given feature in different contexts
74
- has_permission_to = authorization.permissions.to('export_as_csv')
86
+ has_permission_to = authorization.permissions.to('export')
75
87
  has_permission_to.context?('billings') #=> true
76
88
  has_permission_to.context?('sales') #=> false
77
89
 
@@ -81,15 +93,14 @@ $ gem install u-authorization
81
93
  authorization.to(:sales).edit?(charge) #=> true
82
94
 
83
95
  # :default is the only permitted key to receive
84
- # another symbol as value (a policy reference).
96
+ # another symbol as a value (a policy reference).
85
97
  authorization.to(:default).edit?(charge) #=> true
86
98
 
87
99
  # #policy() method has a similar behavior of #to(),
88
- # but if there is a policy named as ":default", it will be fetched and instantiated by default.
100
+ # but if there is a policy defined as ":default", it will be fetched and instantiated by default.
89
101
  authorization.policy.edit?(charge) #=> true
90
102
  authorization.policy(:sales).edit?(charge) #=> true
91
103
 
92
-
93
104
  # Cloning the authorization changing only its context.
94
105
  new_authorization = authorization.map(context: [
95
106
  'dashboard', 'controllers', 'billings', 'index'
@@ -97,7 +108,27 @@ $ gem install u-authorization
97
108
 
98
109
  new_authorization.permissions.to?('visit') #=> false
99
110
 
100
- authorization == new_authorization #=> false
111
+ authorization.equal?(new_authorization) #=> false
112
+
113
+ #========================#
114
+ # Multi role permissions #
115
+ #========================#
116
+
117
+ authorization = Micro::Authorization::Model.build(
118
+ permissions: [Permissions::USER, Permissions::ADMIN], # An array of permissions
119
+ policies: { default: :sales, sales: SalesPolicy },
120
+ context: {
121
+ user: user,
122
+ to_permit: ['dashboard', 'controllers', 'sales', 'index']
123
+ }
124
+ )
125
+
126
+ authorization.permissions.to?('visit') #=> true
127
+ authorization.permissions.to?('export') #=> true
128
+
129
+ has_permission_to = authorization.permissions.to('export')
130
+ has_permission_to.context?('billings') #=> true
131
+ has_permission_to.context?('sales') #=> true
101
132
  ```
102
133
 
103
134
  ## Original implementation
data/lib/micro/authorization/permissions/checker.rb CHANGED
@@ -36,16 +36,46 @@ module Micro
36
36
 
37
37
  private_constant :CheckRole
38
38
 
39
- class Checker
40
- attr_reader :required_features
39
+ class RoleChecker
40
+ attr_reader :required_context
41
41
 
42
- def initialize(role, features)
43
- @role = role
44
- @required_features = Utils.values_as_downcased_strings(features)
42
+ def initialize(role, required_context)
43
+ @role, @required_context = role, required_context
45
44
  end
46
45
 
46
+ def context?(_context)
47
+ raise NotImplementedError
48
+ end
49
+
50
+ def required_features
51
+ warn "[DEPRECATION] `#{self.class.name}#required_features` is deprecated.\nPlease use `#{self.class.name}#required_context` instead."
52
+ required_context
53
+ end
54
+ end
55
+
56
+ class SingleRoleChecker < RoleChecker
57
+ def context?(context)
58
+ CheckRole.call(context, @role, @required_context)
59
+ end
60
+ end
61
+
62
+ class MultiRoleChecker < RoleChecker
47
63
  def context?(context)
48
- CheckRole.call(context, @role, @required_features)
64
+ @role.any? do |role|
65
+ CheckRole.call(context, role, @required_context)
66
+ end
67
+ end
68
+ end
69
+
70
+ private_constant :RoleChecker, :SingleRoleChecker, :MultiRoleChecker
71
+
72
+ module Checker
73
+ def self.of(role, required_context:)
74
+ checker = role.is_a?(Array) ? MultiRoleChecker : SingleRoleChecker
75
+ checker.new(
76
+ role,
77
+ Utils.values_as_downcased_strings(required_context)
78
+ )
49
79
  end
50
80
  end
51
81
  end
data/lib/micro/authorization/permissions/model.rb CHANGED
@@ -10,22 +10,22 @@ module Micro
10
10
  @context = Utils.values_as_downcased_strings(context).freeze
11
11
  end
12
12
 
13
- def to(features)
14
- Permissions::Checker.new(@role, features)
13
+ def to(required_context)
14
+ Permissions::Checker.of(@role, required_context: required_context)
15
15
  end
16
16
 
17
- def to?(features = nil)
18
- has_permission_to = to(features)
17
+ def to?(required_context = nil)
18
+ has_permission_to = to(required_context)
19
19
 
20
- cache_key = has_permission_to.required_features.inspect
20
+ cache_key = has_permission_to.required_context.inspect
21
21
 
22
22
  return @cache[cache_key] unless @cache[cache_key].nil?
23
23
 
24
24
  @cache[cache_key] = has_permission_to.context?(@context)
25
25
  end
26
26
 
27
- def to_not?(features = nil)
28
- !to?(features)
27
+ def to_not?(required_context = nil)
28
+ !to?(required_context)
29
29
  end
30
30
  end
31
31
  end
data/lib/micro/authorization/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Micro
4
4
  module Authorization
5
- VERSION = '2.1.0'.freeze
5
+ VERSION = '2.2.0'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: u-authorization
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rodrigo Serradura
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-07-29 00:00:00.000000000 Z
11
+ date: 2019-07-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake