active_entry 1.2.3 → 1.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +71 -6
- data/lib/active_entry/controller_methods.rb +17 -0
- data/lib/active_entry/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ab6abb6cb8a8069912d414cd395c1b57ee8327152f60ff9808db387eae70d3e2
|
|
4
|
+
data.tar.gz: 48cf2369782b109f88208be35553075d253d78bd45151e5ca1c9e634143f8433
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f65b2eb50012c246c91c98df7ef238de33ff1469893e611a58eea569843d9ec45bfe79099afc1f94e2bfe898a20d9e70fdb0678b190fde9f63dcf5051590e248
|
|
7
|
+
data.tar.gz: 3f2b4ba32b292375292fa3e7c9c040de2cbb8d812f206b6c27e52fe7eb9da0013a5de6ae49c1052467fa07e5a83f73a4fc450b426963fbe74e14ef04ce231edf
|
data/README.md
CHANGED
|
@@ -1,6 +1,15 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
1
|
+
<p align="center">
|
|
2
|
+
<a href="https://github.com/TFM-Agency/active_entry">
|
|
3
|
+
<img src="https://raw.githubusercontent.com/TFM-Agency/active_entry/main/active_entry_logo.svg" alt="Active Entry Logo" width="350px"/>
|
|
4
|
+
</a>
|
|
5
|
+
</p>
|
|
6
|
+
|
|
7
|
+
# Active Entry - Simple and flexible authentication and authorization
|
|
8
|
+
[](https://badge.fury.io/rb/active_entry)
|
|
9
|
+
[](https://github.com/TFM-Agency/active_entry/actions/workflows/ci-rspec.yml)
|
|
10
|
+
|
|
11
|
+
[](https://codeclimate.com/github/TFM-Agency/active_entry/maintainability)
|
|
12
|
+
[](https://rubydoc.info/github/TFM-Agency/active_entry/main)
|
|
4
13
|
|
|
5
14
|
Active Entry is a simple and secure authentication and authorization system for your Rails application, which lets you to authenticate and authorize directly in your controllers.
|
|
6
15
|
|
|
@@ -75,8 +84,8 @@ Now you just have to catch this error and react accordingly. Rails has the conve
|
|
|
75
84
|
class ApplicationController < ActionController::Base
|
|
76
85
|
# ...
|
|
77
86
|
|
|
78
|
-
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated
|
|
79
|
-
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized
|
|
87
|
+
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated unless Rails.env.test?
|
|
88
|
+
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized unless Rails.env.test?
|
|
80
89
|
|
|
81
90
|
private
|
|
82
91
|
|
|
@@ -134,6 +143,8 @@ The are some more helpers that check for more than one RESTful action:
|
|
|
134
143
|
* `update_action?` - If something will be updated. Actions: `edit`, `update`
|
|
135
144
|
* `destroy_action?` - If something will be destroyed. Action: `destroy`
|
|
136
145
|
* `delete_action?` - Alias for `destroy_action?`. Action: `destroy`
|
|
146
|
+
* `collection_action?` - If the called action is a collection action. Actions: `index`, `new`, `create`
|
|
147
|
+
* `member_action?` - Everything that is not a collection action. Including non-RESTful actions.
|
|
137
148
|
|
|
138
149
|
So you can for example do:
|
|
139
150
|
|
|
@@ -206,6 +217,60 @@ class ApplicationController < ActionController::Base
|
|
|
206
217
|
end
|
|
207
218
|
end
|
|
208
219
|
```
|
|
220
|
+
## Testing authentication and authorization
|
|
221
|
+
If you check for the Rails environment with `unless Rails.env.test?` in your `rescue_from` statement you can easily test your authentication and authorization in your tests.
|
|
222
|
+
|
|
223
|
+
```ruby
|
|
224
|
+
class ApplicationController < ActionController::Base
|
|
225
|
+
# ...
|
|
226
|
+
rescue_from ActiveEntry::NotAuthenticatedError, with: :not_authenticated unless Rails.env.test?
|
|
227
|
+
rescue_from ActiveEntry::NotAuthorizedError, with: :not_authorized unless Rails.env.test?
|
|
228
|
+
# ...
|
|
229
|
+
end
|
|
230
|
+
```
|
|
231
|
+
|
|
232
|
+
Now you can catch `ActiveEntry::NotAuthenticatedError` / `ActiveEntry::NotAuthorizedError` in your test site like this:
|
|
233
|
+
|
|
234
|
+
```ruby
|
|
235
|
+
require "rails_helper"
|
|
236
|
+
|
|
237
|
+
RSpec.describe "Users", type: :request do
|
|
238
|
+
describe "Authentication" do
|
|
239
|
+
context "#index" do
|
|
240
|
+
context "authenticated" do
|
|
241
|
+
it "as signed in user" do
|
|
242
|
+
sign_in_as user
|
|
243
|
+
expect{ get users_path }.to_not raise_error ActiveEntry::NotAuthenticatedError
|
|
244
|
+
end
|
|
245
|
+
end
|
|
246
|
+
|
|
247
|
+
context "not authenticated" do
|
|
248
|
+
it "as stranger" do
|
|
249
|
+
expect{ get users_path }.to raise_error ActiveEntry::NotAuthenticatedError
|
|
250
|
+
end
|
|
251
|
+
end
|
|
252
|
+
end
|
|
253
|
+
end
|
|
254
|
+
|
|
255
|
+
describe "Authorization" do
|
|
256
|
+
context "#index" do
|
|
257
|
+
context "authorized" do
|
|
258
|
+
it "as admin" do
|
|
259
|
+
sign_in_as admin
|
|
260
|
+
expect{ get users_path }.to_not raise_error ActiveEntry::NotAuthorizedError
|
|
261
|
+
end
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
context "not authenticated" do
|
|
265
|
+
it "as non-admin" do
|
|
266
|
+
sign_in_as user
|
|
267
|
+
expect{ get users_path }.to raise_error ActiveEntry::NotAuthorizedError
|
|
268
|
+
end
|
|
269
|
+
end
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
end
|
|
273
|
+
```
|
|
209
274
|
|
|
210
275
|
## Contributing
|
|
211
276
|
Create pull requests on Github and help us to improve this Gem. There are some guidelines to follow:
|
|
@@ -215,4 +280,4 @@ Create pull requests on Github and help us to improve this Gem. There are some g
|
|
|
215
280
|
* Document methods that aren't self-explaining (we are using [YARD](http://yardoc.org/))
|
|
216
281
|
|
|
217
282
|
## License
|
|
218
|
-
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
283
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
# Helper methods for your controller
|
|
4
4
|
# to identify RESTful actions.
|
|
5
5
|
module ActiveEntry
|
|
6
|
+
# @!visibility private
|
|
6
7
|
def method_missing method_name, *args
|
|
7
8
|
method_name_str = method_name.to_s
|
|
8
9
|
|
|
@@ -79,4 +80,20 @@ module ActiveEntry
|
|
|
79
80
|
action_name == 'destroy'
|
|
80
81
|
end
|
|
81
82
|
alias delete_action? destroy_action?
|
|
83
|
+
|
|
84
|
+
# @return [Boolean]
|
|
85
|
+
# True if called action
|
|
86
|
+
# is index, new or create.
|
|
87
|
+
def collection_action?
|
|
88
|
+
action_name == 'index' ||
|
|
89
|
+
action_name == 'new' ||
|
|
90
|
+
action_name == 'create'
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
# @return [Boolean]
|
|
94
|
+
# True if called action
|
|
95
|
+
# is not a collection action.
|
|
96
|
+
def member_action?
|
|
97
|
+
!collection_action?
|
|
98
|
+
end
|
|
82
99
|
end
|
data/lib/active_entry/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_entry
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- TFM Agency GmbH
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2021-03-
|
|
12
|
+
date: 2021-03-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|