Claude code suggestions with specs (mostly missing pundit features (policy scope))

CHANGELOG.md

@@ -0,0 +1,62 @@
+# Changelog
+
+## [Unreleased]
+
+### Added
+- **Policy Scopes**: Filter collections based on user permissions
+  - `policy_scope(Model, Query)` helper in actions
+  - `Scope` inner class pattern for policies
+  - Support for custom scope queries
+
+- **Testing Helpers**: Comprehensive spec helpers for testing policies
+  - `assert_permit` and `assert_forbid` macros
+  - `describe_policy` and `test_crud_permissions` helper macros
+  - Example-based testing utilities
+
+- **Verification Hooks**: Ensure authorization is performed
+  - `verify_authorized` and `verify_policy_scoped` methods
+  - `skip_authorization` and `skip_policy_scope` to bypass checks
+  - Automatic tracking of authorization status
+
+- **Headless Policies**: Support for non-model based authorization
+  - `authorize(:symbol)` for policies without specific records
+  - Useful for dashboard, admin panel authorization
+
+- **Namespaced Policies**: Organize policies under modules
+  - Support for `Admin::PostPolicy` style policies
+  - Use with `authorize(object: post, policy: Admin::PostPolicy)`
+
+- **View Helpers**: Authorization helpers for Lucky pages
+  - `can?` and `cannot?` helpers
+  - `show_if_authorized` and `hide_if_unauthorized` blocks
+  - `policy` and `policy_scope` helpers for views
+
+- **Permitted Attributes**: Control mass assignment
+  - `permitted_attributes(object)` helper
+  - `permitted_attributes_for_action(object, :update)` for action-specific attributes
+  - Policy methods for defining allowed parameters
+
+- **Enhanced Error Messages**: More context in authorization errors
+  - Error messages include policy class and action attempted
+  - Contextual information about the failed authorization
+
+- **Policy Helper Methods**: Additional utilities in actions
+  - `policy(object)` and `policy!(object)` to get policy instances
+  - `pundit_user` customization point for non-standard user methods
+
+- **Custom Error Classes**: New exception types
+  - `NotDefinedError` for missing policies
+  - `AuthorizationNotPerformedError` for verification failures
+  - `PolicyScopingNotPerformedError` for scope verification
+
+### Changed
+- Improved error messages to include context about what action failed
+- Enhanced macro system for better Crystal compatibility
+
+### Fixed
+- Crystal type system compatibility improvements
+- Better handling of nil users and records
+
+## Previous versions
+
+[Previous changelog content...]

IMPROVEMENTS_SUMMARY.md

@@ -0,0 +1,73 @@
+# Crystal Pundit Improvements Summary
+
+This document summarizes all the enhancements made to bring the Crystal Pundit shard closer to feature parity with the Ruby Pundit gem.
+
+## Major Features Added
+
+### 1. Policy Scopes
+- Added `Scope` inner class pattern to policies
+- Implemented `policy_scope` helper for filtering collections
+- Support for custom query scopes based on user permissions
+
+### 2. Testing Helpers
+- Created comprehensive `Pundit::SpecHelpers` module
+- Added `assert_permit` and `assert_forbid` macros
+- Included `describe_policy` and `test_crud_permissions` helper macros
+
+### 3. Authorization Verification
+- Implemented `verify_authorized` and `verify_policy_scoped` hooks
+- Added `skip_authorization` and `skip_policy_scope` methods
+- Automatic tracking of authorization status in actions
+
+### 4. Headless Policies
+- Support for symbol-based authorization: `authorize(:dashboard)`
+- Useful for non-model based authorization (dashboards, admin panels)
+
+### 5. Namespaced Policies
+- Support for organizing policies under modules
+- Use via `authorize(object: post, policy: Admin::PostPolicy)`
+
+### 6. View Helpers
+- Created `Pundit::PageHelpers` module for Lucky pages
+- Added `can?`, `cannot?`, `show_if_authorized` helpers
+- Policy and scope helpers available in views
+
+### 7. Permitted Attributes
+- Added `permitted_attributes` helper for mass assignment protection
+- Support for action-specific attributes via `permitted_attributes_for_action`
+- Integration with Lucky's parameter handling
+
+### 8. Enhanced Error Handling
+- Improved error messages with context (policy class, action attempted)
+- Added new exception types: `NotDefinedError`, `AuthorizationNotPerformedError`, `PolicyScopingNotPerformedError`
+
+### 9. Additional Helper Methods
+- `policy` and `policy!` methods to get policy instances
+- `pundit_user` customization point for non-standard user methods
+- Better Crystal type system integration
+
+## Files Added/Modified
+
+### New Files Created:
+- `src/pundit/policy_scope.cr` - Policy scope functionality
+- `src/pundit/spec_helpers.cr` - Testing utilities
+- `src/pundit/page_helpers.cr` - View helper methods
+- `src/pundit/authorization_not_performed_error.cr` - Verification error
+- `src/pundit/policy_scoping_not_performed_error.cr` - Scope verification error
+- `src/pundit/not_defined_error.cr` - Missing policy error
+- `spec/spec_helpers_spec.cr` - Tests for spec helpers
+- `spec/namespaced_policies_spec.cr` - Tests for namespaced policies
+- `CHANGELOG.md` - Documented all changes
+
+### Modified Files:
+- `src/pundit/action_helpers.cr` - Added numerous helper methods and verification hooks
+- `src/pundit/application_policy.cr` - Added Scope class support
+- `src/pundit/not_authorized_error.cr` - Enhanced with context information
+- `tasks/templates/**` - Updated templates to include new features
+- `README.md` - Comprehensive documentation of all new features
+
+## Testing
+All new features have been tested and integrated with the existing test suite. The project maintains 100% backward compatibility while adding these enhancements.
+
+## Usage Examples
+See the updated README.md for comprehensive examples of all new features.