Skip to content

Releases: jungsoft/rajska

v.0.7.0

18 Oct 19:13
@rschef rschef
v0.7.0
6d8f90e
Compare
Choose a tag to compare
v.0.7.0

Breaking Changes

  • Changed validations to require any struct instead of an Ecto schema

Object Scope Authorization:

  • Removed scope: :source option
  • Changed scope to scope_by, using the returned struct as scope
  • Added meta :rule

Enhancements

  • Added tests for queries that return primitives (e.g. :string)
Assets 2
Loading

v0.6.0

09 Oct 14:47
@rschef rschef
v0.6.0
c12bd4a
Compare
Choose a tag to compare
v0.6.0

Breaking Changes

  • Renamed query authorization option :scoped to :scope, which accept the following values:

    • false: disables scoping
    • User: a module that will be passed to c:Rajska.Authorization.has_user_access?/4. It must implement a Rajska.Authorization behaviour and a __schema__(:source) function (used to check if the module is valid in Rajska.Schema.validate_query_auth_config!/2)

  • The following options were added to query authorization:

    • :args
      • %{user_id: [:params, :id]}: where user_id is the scoped field and id is an argument nested inside the params argument.
      • :id: this is the same as %{id: :id}, where :id is both the query argument and the scoped field that will be passed to has_user_access?/4
      • [:code, :user_group_id]: this is the same as %{code: :code, user_group_id: :user_group_id}, where code and user_group_id are both query arguments and scoped fields.
    • :optional (optional) - when set to true the arguments are optional, so if no argument is provided, the query will be authorized. Defaults to false.

  • has_user_access?/4 now receives {field, field_value} as the third argument, instead of only field_value

Enhancements

  • Create validations for all query authorization options
Assets 2
Loading

v0.5.0

07 Oct 19:58
@rschef rschef
v0.5.0
21321cd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.0

Breaking Changes

  • Remove all_role option: all_role is now always set to :all
  • Replaceroles option by valid_roles
  • Add super_role option
  • Authorization behaviour changed:
    • is_super_role?/1 removed, since it's now an option
    • is_all_role?/1 removed: all_role is not configurable anymore and is set to :all
    • is_role_authorized?/2 and is_field_authorized?/3 renamed to role_authorized?/2 and field_authorized?/3

Enhancements

  • Create schema validation tests
Assets 2
Loading

v0.4.0

25 Sep 19:59
@rschef rschef
v0.4.0
4c9299c
Compare
Choose a tag to compare
v0.4.0

Breaking Changes

  • Authorization behaviour changed: has_user_access?/3 function is now has_user_access?/4, as it receives an extra argument rule.

Enhancements

  • Authorization module has a new option default_rule, which defaults to :default.
  • The rule can be passed as an argument for ObjectScopeAuthorization and QueryScopeAuthorization and it's intended to allow custom rules for the same struct, such as read_only and write_only access.
Assets 2
Loading

v0.3.0

02 Sep 18:34
@rschef rschef
v0.3.0
137be9c
Compare
Choose a tag to compare
v0.3.0

Breaking Changes

  • Authorization functions that received Absinthe's resolution now receive context instead

  • ObjectScopeAuthorization is now an Absinthe Phase and must be added to the Absinthe's pipeline

Enhancements

  • Support nested associations in ObjectScopeAuthorization
Assets 2
Loading