active_entry 1.2.3 → 1.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +71 -6
- data/lib/active_entry/controller_methods.rb +17 -0
- data/lib/active_entry/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ab6abb6cb8a8069912d414cd395c1b57ee8327152f60ff9808db387eae70d3e2
|
|
4
|
+
data.tar.gz: 48cf2369782b109f88208be35553075d253d78bd45151e5ca1c9e634143f8433
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f65b2eb50012c246c91c98df7ef238de33ff1469893e611a58eea569843d9ec45bfe79099afc1f94e2bfe898a20d9e70fdb0678b190fde9f63dcf5051590e248
|
|
7
|
+
data.tar.gz: 3f2b4ba32b292375292fa3e7c9c040de2cbb8d812f206b6c27e52fe7eb9da0013a5de6ae49c1052467fa07e5a83f73a4fc450b426963fbe74e14ef04ce231edf
|
data/README.md
CHANGED
|
@@ -1,6 +1,15 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
1
|
+
<p align="center">
|
|
2
|
+
<a href="https://github.com/TFM-Agency/active_entry">
|
|
3
|
+
<img src="https://raw.githubusercontent.com/TFM-Agency/active_entry/main/active_entry_logo.svg" alt="Active Entry Logo" width="350px"/>
|
|
4
|
+
</a>
|
|
5
|
+
</p>
|
|
6
|
+
|
|
7
|
+
# Active Entry - Simple and flexible authentication and authorization
|
|
8
|
+
[](https://badge.fury.io/rb/active_entry)
|
|
9
|
+
[](https://github.com/TFM-Agency/active_entry/actions/workflows/ci-rspec.yml)
|
|
10
|
+
|
|
11
|
+
[](https://codeclimate.com/github/TFM-Agency/active_entry/maintainability)
|
|
12
|
+
[](https://rubydoc.info/github/TFM-Agency/active_entry/main)
|
|
4
13
|
|
|
5
14
|
Active Entry is a simple and secure authentication and authorization system for your Rails application, which lets you to authenticate and authorize directly in your controllers.
|
|
6
15
|
|
|
@@ -75,8 +84,8 @@ Now you just have to catch this error and react accordingly. Rails has the conve
|
|
|
75
84
|
class ApplicationController < ActionController::Base
|
|
76
85
|
# ...
|
|
77
86
|
|
|
78
|
-
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated
|
|
79
|
-
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized
|
|
87
|
+
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated unless Rails.env.test?
|
|
88
|
+
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized unless Rails.env.test?
|
|
80
89
|
|
|
81
90
|
private
|
|
82
91
|
|
|
@@ -134,6 +143,8 @@ The are some more helpers that check for more than one RESTful action:
|
|
|
134
143
|
* `update_action?` - If something will be updated. Actions: `edit`, `update`
|
|
135
144
|
* `destroy_action?` - If something will be destroyed. Action: `destroy`
|
|
136
145
|
* `delete_action?` - Alias for `destroy_action?`. Action: `destroy`
|
|
146
|
+
* `collection_action?` - If the called action is a collection action. Actions: `index`, `new`, `create`
|
|
147
|
+
* `member_action?` - Everything that is not a collection action. Including non-RESTful actions.
|
|
137
148
|
|
|
138
149
|
So you can for example do:
|
|
139
150
|
|
|
@@ -206,6 +217,60 @@ class ApplicationController < ActionController::Base
|
|
|
206
217
|
end
|
|
207
218
|
end
|
|
208
219
|
```
|
|
220
|
+
## Testing authentication and authorization
|
|
221
|
+
If you check for the Rails environment with `unless Rails.env.test?` in your `rescue_from` statement you can easily test your authentication and authorization in your tests.
|
|
222
|
+
|
|
223
|
+
```ruby
|
|
224
|
+
class ApplicationController < ActionController::Base
|
|
225
|
+
# ...
|
|
226
|
+
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated unless Rails.env.test?
|
|
227
|
+
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized unless Rails.env.test?
|
|
228
|
+
# ...
|
|
229
|
+
end
|
|
230
|
+
```
|
|
231
|
+
|
|
232
|
+
Now you can catch `ActiveEntry::NotAuthenticatedError` / `ActiveEntry::NotAuthorizedError` in your test site like this:
|
|
233
|
+
|
|
234
|
+
```ruby
|
|
235
|
+
require "rails_helper"
|
|
236
|
+
|
|
237
|
+
RSpec.describe "Users", type: :request do
|
|
238
|
+
describe "Authentication" do
|
|
239
|
+
context "#index" do
|
|
240
|
+
context "authenticated" do
|
|
241
|
+
it "as signed in user" do
|
|
242
|
+
sign_in_as user
|
|
243
|
+
expect{ get users_path }.to_not raise_error ActiveEntry::NotAuthenticatedError
|
|
244
|
+
end
|
|
245
|
+
end
|
|
246
|
+
|
|
247
|
+
context "not authenticated" do
|
|
248
|
+
it "as stranger" do
|
|
249
|
+
expect{ get users_path }.to raise_error ActiveEntry::NotAuthenticatedError
|
|
250
|
+
end
|
|
251
|
+
end
|
|
252
|
+
end
|
|
253
|
+
end
|
|
254
|
+
|
|
255
|
+
describe "Authorization" do
|
|
256
|
+
context "#index" do
|
|
257
|
+
context "authorized" do
|
|
258
|
+
it "as admin" do
|
|
259
|
+
sign_in_as admin
|
|
260
|
+
expect{ get users_path }.to_not raise_error ActiveEntry::NotAuthorizedError
|
|
261
|
+
end
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
context "not authenticated" do
|
|
265
|
+
it "as non-admin" do
|
|
266
|
+
sign_in_as user
|
|
267
|
+
expect{ get users_path }.to raise_error ActiveEntry::NotAuthorizedError
|
|
268
|
+
end
|
|
269
|
+
end
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
end
|
|
273
|
+
```
|
|
209
274
|
|
|
210
275
|
## Contributing
|
|
211
276
|
Create pull requests on Github and help us to improve this Gem. There are some guidelines to follow:
|
|
@@ -215,4 +280,4 @@ Create pull requests on Github and help us to improve this Gem. There are some g
|
|
|
215
280
|
* Document methods that aren't self-explaining (we are using [YARD](http://yardoc.org/))
|
|
216
281
|
|
|
217
282
|
## License
|
|
218
|
-
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
283
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
# Helper methods for your controller
|
|
4
4
|
# to identify RESTful actions.
|
|
5
5
|
module ActiveEntry
|
|
6
|
+
# @!visibility private
|
|
6
7
|
def method_missing method_name, *args
|
|
7
8
|
method_name_str = method_name.to_s
|
|
8
9
|
|
|
@@ -79,4 +80,20 @@ module ActiveEntry
|
|
|
79
80
|
action_name == 'destroy'
|
|
80
81
|
end
|
|
81
82
|
alias delete_action? destroy_action?
|
|
83
|
+
|
|
84
|
+
# @return [Boolean]
|
|
85
|
+
# True if called action
|
|
86
|
+
# is index, new or create.
|
|
87
|
+
def collection_action?
|
|
88
|
+
action_name == 'index' ||
|
|
89
|
+
action_name == 'new' ||
|
|
90
|
+
action_name == 'create'
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
# @return [Boolean]
|
|
94
|
+
# True if called action
|
|
95
|
+
# is not a collection action.
|
|
96
|
+
def member_action?
|
|
97
|
+
!collection_action?
|
|
98
|
+
end
|
|
82
99
|
end
|
data/lib/active_entry/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_entry
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- TFM Agency GmbH
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2021-03-
|
|
12
|
+
date: 2021-03-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|