RubyGems - u-authorization - Versions diffs - 2.2.0 → 3.0.0 - Mend

u-authorization 2.2.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +41 -0
data/.gitignore +7 -0
data/CHANGELOG.md +74 -0
data/CLAUDE.md +124 -0
data/CODE_OF_CONDUCT.md +74 -0
data/Gemfile +9 -4
data/LICENSE.txt +21 -0
data/README.md +480 -93
data/bin/console +14 -0
data/bin/setup +10 -0
data/lib/micro/authorization/model.rb +2 -2
data/lib/micro/authorization/permissions/checker.rb +24 -69
data/lib/micro/authorization/permissions/for_each_feature.rb +54 -0
data/lib/micro/authorization/permissions/model.rb +12 -10
data/lib/micro/authorization/permissions.rb +6 -3
data/lib/micro/authorization/policy.rb +4 -5
data/lib/micro/authorization/utils.rb +1 -1
data/lib/micro/authorization/version.rb +1 -1
data/u-authorization.gemspec +9 -3
metadata +34 -13
data/.travis.yml +0 -28
data/Gemfile.lock +0 -38

data/lib/micro/authorization/permissions/checker.rb CHANGED Viewed

@@ -1,82 +1,37 @@
-module Micro
-  module Authorization
-    module Permissions
-      module CheckRole
-        extend self
+# frozen_string_literal: true
-        def call(context, role_permissions, required_features)
-          required_features
-            .all? { |feature| has_permission?(context, role_permissions[feature]) }
-        end
-        private
-        def has_permission?(context, role_permission)
-          return false if role_permission.nil?
-          if role_permission == false || role_permission == true
-            role_permission
-          elsif !(any = role_permission['any']).nil?
-            any
-          elsif only = role_permission['only']
-            check_feature_permission(only, context)
-          elsif except = role_permission['except']
-            !check_feature_permission(except, context)
-          else
-            raise NotImplementedError
-          end
-        end
-        def check_feature_permission(context_values, context)
-          Utils.values_as_downcased_strings(context_values).any? do |context_value|
-            Array(context_value.split('.')).all? { |permission| context.include?(permission) }
-          end
-        end
-      end
-      private_constant :CheckRole
-      class RoleChecker
-        attr_reader :required_context
+module Micro::Authorization
+  module Permissions
+    class RoleChecker
+      attr_reader :features
+      alias_method :required_features, :features
-        def initialize(role, required_context)
-          @role, @required_context = role, required_context
-        end
-        def context?(_context)
-          raise NotImplementedError
-        end
-        def required_features
-          warn "[DEPRECATION] `#{self.class.name}#required_features` is deprecated.\nPlease use `#{self.class.name}#required_context` instead."
-          required_context
-        end
+      def initialize(role, feature)
+        @role = role
+        @features = Utils.downcased_strings(feature)
       end
+    end
-      class SingleRoleChecker < RoleChecker
-        def context?(context)
-          CheckRole.call(context, @role, @required_context)
-        end
+    class SingleRoleChecker < RoleChecker
+      def context?(context)
+        Permissions::ForEachFeature.authorize?(@role, inside: context, to: @features)
       end
+    end
-      class MultiRoleChecker < RoleChecker
-        def context?(context)
-          @role.any? do |role|
-            CheckRole.call(context, role, @required_context)
-          end
+    class MultipleRolesChecker < RoleChecker
+      def context?(context)
+        @role.any? do |role|
+          Permissions::ForEachFeature.authorize?(role, inside: context, to: @features)
         end
       end
+    end
-      private_constant :RoleChecker, :SingleRoleChecker, :MultiRoleChecker
+    private_constant :RoleChecker
-      module Checker
-        def self.of(role, required_context:)
-          checker = role.is_a?(Array) ? MultiRoleChecker : SingleRoleChecker
-          checker.new(
-            role,
-            Utils.values_as_downcased_strings(required_context)
-          )
-        end
+    module Checker
+      def self.for(role, feature)
+        checker = role.is_a?(Array) ? MultipleRolesChecker : SingleRoleChecker
+        checker.new(role, feature)
       end
     end
   end

data/lib/micro/authorization/permissions/for_each_feature.rb ADDED Viewed

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+module Micro::Authorization
+  module Permissions
+    module ForEachFeature
+      extend self
+      DOT = '.'.freeze
+      ANY = 'any'.freeze
+      ONLY = 'only'.freeze
+      EXCEPT = 'except'.freeze
+      def authorize?(role, inside:, to:)
+        to.all? { |feature| permit?(inside, role[feature]) }
+      end
+      private
+      def permit?(current_context, feature_permission)
+        case feature_permission
+        when true then true
+        when false, nil then false
+        else permit!(current_context, feature_permission)
+        end
+      end
+      def permit!(current_context, feature_permission)
+        result = permit(current_context, feature_permission)
+        return result unless result.nil?
+        raise NotImplementedError
+      end
+      def permit(current_context, feature_permission)
+        feature_context = feature_permission[ANY]
+        return feature_context unless feature_context.nil?
+        feature_context = feature_permission[ONLY]
+        return allow?(current_context, feature_context) if feature_context
+        feature_context = feature_permission[EXCEPT]
+        !allow?(current_context, feature_context) if feature_context
+      end
+      def allow?(current_context, feature_context)
+        Utils.downcased_strings(feature_context).any? do |expectation|
+          Array(expectation.split(DOT))
+            .all? { |expected_value| current_context.include?(expected_value) }
+        end
+      end
+    end
+  end
+end

data/lib/micro/authorization/permissions/model.rb CHANGED Viewed

@@ -1,31 +1,33 @@
+# frozen_string_literal: true
 module Micro
   module Authorization
     module Permissions
       class Model
         attr_reader :role, :context
-        def initialize(role, context:)
-          @role = role.dup.freeze
+        def initialize(permissions, context)
+          @role = permissions.dup.freeze
           @cache = {}
-          @context = Utils.values_as_downcased_strings(context).freeze
+          @context = Utils.downcased_strings(context).freeze
         end
-        def to(required_context)
-          Permissions::Checker.of(@role, required_context: required_context)
+        def to(features)
+          Permissions::Checker.for(@role, features)
         end
-        def to?(required_context = nil)
-          has_permission_to = to(required_context)
+        def to?(features = nil)
+          has_permission_to = to(features)
-          cache_key = has_permission_to.required_context.inspect
+          cache_key = has_permission_to.features.inspect
           return @cache[cache_key] unless @cache[cache_key].nil?
           @cache[cache_key] = has_permission_to.context?(@context)
         end
-        def to_not?(required_context = nil)
-          !to?(required_context)
+        def to_not?(features = nil)
+          !to?(features)
         end
       end
     end

data/lib/micro/authorization/permissions.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
+require 'micro/authorization/permissions/for_each_feature'
 require 'micro/authorization/permissions/checker'
 require 'micro/authorization/permissions/model'
@@ -9,11 +10,13 @@ module Micro
       def self.[](instance)
         return instance if instance.is_a?(Permissions::Model)
-        raise ArgumentError, "#{instance.inspect} must be a #{self.name}"
+        raise ArgumentError.new(
+          "#{instance.inspect} must be a #{Permissions::Model.name}"
+        )
       end
-      def self.new(role_permissions, context: [])
-        Permissions::Model.new(role_permissions, context: context)
+      def self.new(permissions, context: [])
+        Permissions::Model.new(permissions, context)
       end
     end
   end

data/lib/micro/authorization/policy.rb CHANGED Viewed

@@ -22,14 +22,13 @@ module Micro
       private
-      def permissions; @permissions; end
       def context; @context; end
       def subject; @subject; end
-      def user
-        @user ||=
-          context.is_a?(Hash) ? context[:user] || context[:current_user] : context
+      def permissions; @permissions; end
+      def current_user
+        @current_user ||= context[:user] || context[:current_user]
       end
-      alias_method :current_user, :user
+      alias_method :user, :current_user
     end
   end
 end

data/lib/micro/authorization/utils.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 module Micro
   module Authorization
     module Utils
-      def self.values_as_downcased_strings(values)
+      def self.downcased_strings(values)
         Array(values).map { |value| String(value).downcase }
       end
     end

data/lib/micro/authorization/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Micro
   module Authorization
-    VERSION = '2.2.0'.freeze
+    VERSION = '3.0.0'.freeze
   end
 end

data/u-authorization.gemspec CHANGED Viewed

@@ -10,8 +10,14 @@ Gem::Specification.new do |spec|
   spec.summary      = 'Authorization library and role managment'
   spec.description  = 'Simple authorization library and role managment for Ruby.'
-  spec.homepage     = 'https://github.com/serradura/u-authorization'
+  spec.homepage     = 'https://github.com/u-gems/u-authorization'
   spec.license      = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.7.0')
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/u-gems/u-authorization'
+  spec.metadata['changelog_uri'] = "#{spec.homepage}/blob/main/CHANGELOG.md"
+  spec.metadata['bug_tracker_uri'] = "#{spec.homepage}/issues"
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
@@ -22,6 +28,6 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.2.0'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake', '~> 13.0'
 end

metadata CHANGED Viewed

@@ -1,29 +1,42 @@
 --- !ruby/object:Gem::Specification
 name: u-authorization
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 3.0.0
 platform: ruby
 authors:
 - Rodrigo Serradura
-autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-07-30 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
 description: Simple authorization library and role managment for Ruby.
 email:
 - rodrigo.serradura@gmail.com
@@ -31,27 +44,36 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
-- ".travis.yml"
+- CHANGELOG.md
+- CLAUDE.md
+- CODE_OF_CONDUCT.md
 - Gemfile
-- Gemfile.lock
+- LICENSE.txt
 - README.md
 - Rakefile
+- bin/console
+- bin/setup
 - lib/micro/authorization.rb
 - lib/micro/authorization/model.rb
 - lib/micro/authorization/permissions.rb
 - lib/micro/authorization/permissions/checker.rb
+- lib/micro/authorization/permissions/for_each_feature.rb
 - lib/micro/authorization/permissions/model.rb
 - lib/micro/authorization/policy.rb
 - lib/micro/authorization/utils.rb
 - lib/micro/authorization/version.rb
 - lib/u-authorization.rb
 - u-authorization.gemspec
-homepage: https://github.com/serradura/u-authorization
+homepage: https://github.com/u-gems/u-authorization
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  homepage_uri: https://github.com/u-gems/u-authorization
+  source_code_uri: https://github.com/u-gems/u-authorization
+  changelog_uri: https://github.com/u-gems/u-authorization/blob/main/CHANGELOG.md
+  bug_tracker_uri: https://github.com/u-gems/u-authorization/issues
 rdoc_options: []
 require_paths:
 - lib
@@ -59,15 +81,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.0
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
-signing_key:
+rubygems_version: 4.0.12
 specification_version: 4
 summary: Authorization library and role managment
 test_files: []

data/.travis.yml DELETED Viewed

@@ -1,28 +0,0 @@
-language: ruby
-sudo: false
-rvm:
-- 2.2.0
-- 2.3.0
-- 2.4.0
-- 2.5.0
-- 2.6.0
-cache: bundler
-before_install:
-  - gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
-  - gem install bundler -v '< 2'
-install: bundle install --jobs=3 --retry=3
-before_script:
-  - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
-  - chmod +x ./cc-test-reporter
-  - "./cc-test-reporter before-build"
-script: "rake"
-after_success:
-  - "./cc-test-reporter after-build -t simplecov"

data/Gemfile.lock DELETED Viewed

@@ -1,38 +0,0 @@
-PATH
-  remote: .
-  specs:
-    u-authorization (2.2.0)
-GEM
-  remote: https://rubygems.org/
-  specs:
-    ansi (1.5.0)
-    builder (3.2.3)
-    docile (1.3.2)
-    json (2.2.0)
-    minitest (5.11.3)
-    minitest-reporters (1.3.6)
-      ansi
-      builder
-      minitest (>= 5.0)
-      ruby-progressbar
-    rake (10.5.0)
-    ruby-progressbar (1.10.1)
-    simplecov (0.17.0)
-      docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  minitest (~> 5.11, >= 5.11.3)
-  minitest-reporters (~> 1.3, >= 1.3.6)
-  rake (~> 10.0)
-  simplecov
-  u-authorization!
-BUNDLED WITH
-   1.17.2