anoubis 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +28 -0
- data/Rakefile +38 -0
- data/app/controllers/anoubis/application_controller.rb +78 -0
- data/app/controllers/anoubis/core/application_controller.rb +343 -0
- data/app/controllers/anoubis/core/data/actions.rb +962 -0
- data/app/controllers/anoubis/core/data/callbacks.rb +68 -0
- data/app/controllers/anoubis/core/data/convert.rb +407 -0
- data/app/controllers/anoubis/core/data/defaults.rb +217 -0
- data/app/controllers/anoubis/core/data/get.rb +531 -0
- data/app/controllers/anoubis/core/data/load.rb +89 -0
- data/app/controllers/anoubis/core/data/set.rb +49 -0
- data/app/controllers/anoubis/core/data/setup.rb +104 -0
- data/app/controllers/anoubis/core/data_controller.rb +28 -0
- data/app/controllers/anoubis/core/index/actions.rb +53 -0
- data/app/controllers/anoubis/core/index/callbacks.rb +23 -0
- data/app/controllers/anoubis/core/index_controller.rb +36 -0
- data/app/controllers/anoubis/etc/base.rb +52 -0
- data/app/controllers/anoubis/etc/data.rb +89 -0
- data/app/controllers/anoubis/etc/field.rb +468 -0
- data/app/controllers/anoubis/etc/field_options.rb +83 -0
- data/app/controllers/anoubis/etc/field_order.rb +51 -0
- data/app/controllers/anoubis/etc/filter.rb +251 -0
- data/app/controllers/anoubis/etc/menu.rb +101 -0
- data/app/controllers/anoubis/etc/model.rb +67 -0
- data/app/controllers/anoubis/etc/tab_item.rb +91 -0
- data/app/controllers/anoubis/etc.rb +8 -0
- data/app/controllers/anoubis/export.rb +47 -0
- data/app/controllers/anoubis/output/autocomplete.rb +30 -0
- data/app/controllers/anoubis/output/basic.rb +86 -0
- data/app/controllers/anoubis/output/data.rb +101 -0
- data/app/controllers/anoubis/output/delete.rb +41 -0
- data/app/controllers/anoubis/output/edit.rb +55 -0
- data/app/controllers/anoubis/output/frame.rb +227 -0
- data/app/controllers/anoubis/output/login.rb +71 -0
- data/app/controllers/anoubis/output/menu.rb +220 -0
- data/app/controllers/anoubis/output/update.rb +43 -0
- data/app/controllers/anoubis/sso/client/application_controller.rb +139 -0
- data/app/controllers/anoubis/sso/client/data/actions.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/callbacks.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/convert.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/defaults.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/get.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/load.rb +26 -0
- data/app/controllers/anoubis/sso/client/data/set.rb +5 -0
- data/app/controllers/anoubis/sso/client/data/setup.rb +5 -0
- data/app/controllers/anoubis/sso/client/data_controller.rb +21 -0
- data/app/controllers/anoubis/sso/client/index/actions.rb +79 -0
- data/app/controllers/anoubis/sso/client/index/callbacks.rb +13 -0
- data/app/controllers/anoubis/sso/client/index_controller.rb +18 -0
- data/app/controllers/anoubis/sso/server/application_controller.rb +49 -0
- data/app/controllers/anoubis/sso/server/login_controller.rb +342 -0
- data/app/controllers/anoubis/sso/server/user_controller.rb +142 -0
- data/app/controllers/anoubis/tenant/application_controller.rb +54 -0
- data/app/controllers/anoubis/tenant/data/actions.rb +11 -0
- data/app/controllers/anoubis/tenant/data/callbacks.rb +11 -0
- data/app/controllers/anoubis/tenant/data/convert.rb +11 -0
- data/app/controllers/anoubis/tenant/data/defaults.rb +11 -0
- data/app/controllers/anoubis/tenant/data/get.rb +11 -0
- data/app/controllers/anoubis/tenant/data/load.rb +52 -0
- data/app/controllers/anoubis/tenant/data/set.rb +11 -0
- data/app/controllers/anoubis/tenant/data/setup.rb +11 -0
- data/app/controllers/anoubis/tenant/data_controller.rb +28 -0
- data/app/controllers/anoubis/tenant/index/actions.rb +191 -0
- data/app/controllers/anoubis/tenant/index/callbacks.rb +11 -0
- data/app/controllers/anoubis/tenant/index_controller.rb +38 -0
- data/app/controllers/anoubis/tenants_controller.rb +7 -0
- data/app/controllers/anoubis/users_controller.rb +7 -0
- data/app/jobs/anoubis/application_job.rb +6 -0
- data/app/mailers/anoubis/application_mailer.rb +8 -0
- data/app/models/anoubis/application_record.rb +45 -0
- data/app/models/anoubis/core/application_record.rb +250 -0
- data/app/models/anoubis/core/locales.rb +27 -0
- data/app/models/anoubis/sso/client/application_record.rb +3 -0
- data/app/models/anoubis/sso/client/group.rb +19 -0
- data/app/models/anoubis/sso/client/group_menu.rb +109 -0
- data/app/models/anoubis/sso/client/menu.rb +145 -0
- data/app/models/anoubis/sso/client/user.rb +81 -0
- data/app/models/anoubis/sso/client/user_group.rb +32 -0
- data/app/models/anoubis/sso/server/system.rb +36 -0
- data/app/models/anoubis/sso/server/user.rb +79 -0
- data/app/models/anoubis/tenant/application_record.rb +41 -0
- data/app/models/anoubis/tenant/group.rb +95 -0
- data/app/models/anoubis/tenant/group_locale.rb +19 -0
- data/app/models/anoubis/tenant/group_menu.rb +84 -0
- data/app/models/anoubis/tenant/menu.rb +156 -0
- data/app/models/anoubis/tenant/menu_locale.rb +27 -0
- data/app/models/anoubis/tenant/system.rb +127 -0
- data/app/models/anoubis/tenant/system_locale.rb +19 -0
- data/app/models/anoubis/tenant/system_menu.rb +51 -0
- data/app/models/anoubis/tenant/tenant.rb +107 -0
- data/app/models/anoubis/tenant/tenant_system.rb +19 -0
- data/app/models/anoubis/tenant/user.rb +225 -0
- data/app/models/anoubis/tenant/user_group.rb +32 -0
- data/app/services/anoubis/core_service.rb +16 -0
- data/app/services/anoubis/session_service.rb +17 -0
- data/app/validators/presence_in_tenant_validator.rb +20 -0
- data/config/initializers/mime_type.rb +1 -0
- data/config/locales/en.yml +120 -0
- data/config/locales/ru.yml +245 -0
- data/config/routes.rb +74 -0
- data/db/migrate/20181018085843_create_tenants.rb +13 -0
- data/db/migrate/20181018111217_create_systems.rb +10 -0
- data/db/migrate/20181018111713_create_tenant_systems.rb +11 -0
- data/db/migrate/20181018111925_create_groups.rb +13 -0
- data/db/migrate/20181018112151_create_users.rb +25 -0
- data/db/migrate/20181018115737_add_title_to_users.rb +10 -0
- data/db/migrate/20181022060211_create_menus.rb +18 -0
- data/db/migrate/20181115055245_create_group_menus.rb +12 -0
- data/db/migrate/20181115060830_create_system_menus.rb +11 -0
- data/db/migrate/20181122062131_create_user_groups.rb +11 -0
- data/db/migrate/20181221060727_create_menu_locales.rb +14 -0
- data/db/migrate/20181225062303_create_system_locales.rb +11 -0
- data/db/migrate/20181225062339_create_group_locales.rb +11 -0
- data/db/seeds.rb +268 -0
- data/lib/anoubis/engine.rb +13 -0
- data/lib/anoubis/version.rb +5 -0
- data/lib/anoubis.rb +213 -0
- data/lib/tasks/anubis_tasks.rake +10 -0
- data/lib/tasks/sessions/clear_sessions.rake +10 -0
- data/spec/anubis_spec.rb +5 -0
- data/spec/controllers/anoubis/index_controller_spec.rb +77 -0
- data/spec/dummy/Rakefile +3 -0
- data/spec/dummy/app/assets/config/manifest.js +2 -0
- data/spec/dummy/app/assets/javascripts/application.js +15 -0
- data/spec/dummy/app/assets/stylesheets/application.css +15 -0
- data/spec/dummy/app/channels/application_cable/channel.rb +4 -0
- data/spec/dummy/app/channels/application_cable/connection.rb +4 -0
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/jobs/application_job.rb +2 -0
- data/spec/dummy/app/mailers/application_mailer.rb +4 -0
- data/spec/dummy/app/models/application_record.rb +3 -0
- data/spec/dummy/app/views/layouts/mailer.html.erb +13 -0
- data/spec/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/bin/setup +33 -0
- data/spec/dummy/bin/update +28 -0
- data/spec/dummy/config/application.rb +14 -0
- data/spec/dummy/config/boot.rb +5 -0
- data/spec/dummy/config/cable.yml +10 -0
- data/spec/dummy/config/database.yml +54 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +54 -0
- data/spec/dummy/config/environments/production.rb +85 -0
- data/spec/dummy/config/environments/test.rb +46 -0
- data/spec/dummy/config/initializers/application_controller_renderer.rb +8 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/cors.rb +16 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/dummy/config/initializers/inflections.rb +16 -0
- data/spec/dummy/config/initializers/mime_types.rb +4 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/en.yml +33 -0
- data/spec/dummy/config/puma.rb +34 -0
- data/spec/dummy/config/routes.rb +3 -0
- data/spec/dummy/config/spring.rb +6 -0
- data/spec/dummy/config/storage.yml +34 -0
- data/spec/dummy/config.ru +5 -0
- data/spec/dummy/db/schema.rb +167 -0
- data/spec/dummy/db/seeds.rb +1 -0
- data/spec/factories/anubis_group_locales.rb +7 -0
- data/spec/factories/anubis_group_menus.rb +7 -0
- data/spec/factories/anubis_groups.rb +6 -0
- data/spec/factories/anubis_menu_locales.rb +9 -0
- data/spec/factories/anubis_menus.rb +6 -0
- data/spec/factories/anubis_system_locales.rb +7 -0
- data/spec/factories/anubis_system_menus.rb +6 -0
- data/spec/factories/anubis_systems.rb +5 -0
- data/spec/factories/anubis_tenants.rb +7 -0
- data/spec/factories/anubis_users.rb +10 -0
- data/spec/integration/navigation_test.rb +7 -0
- data/spec/models/anoubis/group_locale_spec.rb +25 -0
- data/spec/models/anoubis/group_menu_spec.rb +50 -0
- data/spec/models/anoubis/group_spec.rb +52 -0
- data/spec/models/anoubis/menu_locale_spec.rb +31 -0
- data/spec/models/anoubis/menu_spec.rb +48 -0
- data/spec/models/anoubis/system_locale_spec.rb +20 -0
- data/spec/models/anoubis/system_menu_spec.rb +49 -0
- data/spec/models/anoubis/system_spec.rb +53 -0
- data/spec/models/anoubis/tenant_spec.rb +67 -0
- data/spec/models/anoubis/user_spec.rb +57 -0
- data/spec/rails_helper.rb +32 -0
- data/spec/requests/anoubis/users_request_spec.rb +5 -0
- data/spec/spec_helper.rb +13 -0
- metadata +408 -0
@@ -0,0 +1,342 @@
|
|
1
|
+
class Anubis::Sso::Server::LoginController < Anubis::Sso::Server::ApplicationController
|
2
|
+
include ActionController::Cookies
|
3
|
+
|
4
|
+
def authenticate?
|
5
|
+
false
|
6
|
+
end
|
7
|
+
|
8
|
+
def system
|
9
|
+
data = nil
|
10
|
+
if params.key? :sso_system
|
11
|
+
begin
|
12
|
+
data = JSON.parse self.redis.get(self.redis_prefix + 'system:' + params[:sso_system].to_s), { symbolize_names: true }
|
13
|
+
rescue
|
14
|
+
data = nil
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
data
|
19
|
+
end
|
20
|
+
|
21
|
+
def index
|
22
|
+
params[:prompt] = 'yes' unless params.key? :prompt
|
23
|
+
|
24
|
+
result = {
|
25
|
+
result: 0,
|
26
|
+
message: I18n.t('core.success')
|
27
|
+
}
|
28
|
+
code = 200
|
29
|
+
|
30
|
+
if self.system
|
31
|
+
session = nil
|
32
|
+
session = cookies[:session] if cookies.key? :session
|
33
|
+
|
34
|
+
unless session
|
35
|
+
redirect_to self.get_login_url
|
36
|
+
return
|
37
|
+
end
|
38
|
+
|
39
|
+
begin
|
40
|
+
ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + session), { symbolize_names: true }
|
41
|
+
rescue
|
42
|
+
ses_data = nil
|
43
|
+
end
|
44
|
+
|
45
|
+
if ses_data
|
46
|
+
ses_data = nil if ses_data[:ttl] < Time.now
|
47
|
+
|
48
|
+
if ses_data
|
49
|
+
ses_data[:time] = Time.now
|
50
|
+
|
51
|
+
user = self.user_model.load_cache self.redis, ses_data[:uuid]
|
52
|
+
|
53
|
+
if user
|
54
|
+
ses_data[:ttl] = Time.now + user[:timeout]
|
55
|
+
self.redis.set(self.redis_prefix + 'session:' + session, ses_data.to_json, ex: user[:timeout])
|
56
|
+
else
|
57
|
+
ses_data = nil
|
58
|
+
end
|
59
|
+
else
|
60
|
+
self.redis.del self.redis_prefix + 'session:' + session
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
unless ses_data
|
65
|
+
redirect_to self.get_login_url
|
66
|
+
return
|
67
|
+
end
|
68
|
+
|
69
|
+
unless ses_data.key? :ttl
|
70
|
+
redirect_to self.get_login_url
|
71
|
+
return
|
72
|
+
end
|
73
|
+
|
74
|
+
if ses_data[:ttl] < Time.now
|
75
|
+
redirect_to self.get_login_url
|
76
|
+
return
|
77
|
+
end
|
78
|
+
|
79
|
+
url = self.system[:host]
|
80
|
+
|
81
|
+
if params[:prompt] != 'none'
|
82
|
+
url += self.system[:callback]
|
83
|
+
else
|
84
|
+
url += self.system[:silent]
|
85
|
+
end
|
86
|
+
|
87
|
+
url += '?'
|
88
|
+
|
89
|
+
if params.key? :sso_path
|
90
|
+
url += params[:sso_path] + '&'
|
91
|
+
end
|
92
|
+
url += 'sso_session=' + cookies[:session] + '&locale=' + self.locale
|
93
|
+
|
94
|
+
redirect_to url
|
95
|
+
return
|
96
|
+
else
|
97
|
+
result[:result] = -1
|
98
|
+
result[:message] = I18n.t('core.errors.incorrect_system')
|
99
|
+
code = 400
|
100
|
+
end
|
101
|
+
|
102
|
+
respond_to do |format|
|
103
|
+
format.json { render json: result, status: code }
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
def create
|
108
|
+
result = {
|
109
|
+
result: 0,
|
110
|
+
message: I18n.t('core.success')
|
111
|
+
}
|
112
|
+
code = 200
|
113
|
+
|
114
|
+
if self.system
|
115
|
+
if params.has_key?(:login) && params.has_key?(:password)
|
116
|
+
user = self.user_model.where(login: params[:login].downcase, status: 1).first
|
117
|
+
|
118
|
+
if user && user.authenticate(params[:password])
|
119
|
+
if !user.auth_key
|
120
|
+
user.save_cache
|
121
|
+
cookies[:session] = {
|
122
|
+
value: SecureRandom.hex(32),
|
123
|
+
domain: self.domain_url
|
124
|
+
}
|
125
|
+
self.user_model.where(uuid: user.uuid).update_all(visited_at: Time.now)
|
126
|
+
self.redis.set(self.redis_prefix + 'session:' + cookies[:session], { uuid: user.uuid, login: Time.now, time: Time.now, ttl: Time.now + user.timeout, update: Time.now + 5.minutes }.to_json, ex: user.timeout)
|
127
|
+
result[:url] = self.system[:host] + '?'
|
128
|
+
if params.key? :sso_path
|
129
|
+
result[:url] += params[:sso_path] + '&'
|
130
|
+
end
|
131
|
+
result[:session] = cookies[:session]
|
132
|
+
result[:url] += 'sso_session=' + cookies[:session] + '&locale=' + self.locale
|
133
|
+
else
|
134
|
+
result[:result] = -4
|
135
|
+
result[:message] = I18n.t('login.errors.cant_login')
|
136
|
+
end
|
137
|
+
else
|
138
|
+
result[:result] = -3
|
139
|
+
result[:message] = I18n.t('login.errors.cant_login')
|
140
|
+
end
|
141
|
+
else
|
142
|
+
result[:result] = -2
|
143
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
144
|
+
end
|
145
|
+
else
|
146
|
+
result[:result] = -1
|
147
|
+
result[:message] = I18n.t('core.errors.incorrect_system')
|
148
|
+
end
|
149
|
+
|
150
|
+
respond_to do |format|
|
151
|
+
format.json { render json: result, status: code }
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
def update
|
156
|
+
result = {
|
157
|
+
result: 0,
|
158
|
+
message: I18n.t('core.success')
|
159
|
+
}
|
160
|
+
|
161
|
+
if self.system
|
162
|
+
begin
|
163
|
+
ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
|
164
|
+
rescue
|
165
|
+
ses_data = nil
|
166
|
+
end
|
167
|
+
|
168
|
+
if ses_data
|
169
|
+
if ses_data[:ttl] > Time.now
|
170
|
+
if params.key? :secret_key
|
171
|
+
if self.system[:secret_key] == params[:secret_key]
|
172
|
+
user_data = self.get_user_data_by_uuid ses_data[:uuid]
|
173
|
+
|
174
|
+
if user_data
|
175
|
+
ses_data[:time] = Time.now
|
176
|
+
ses_data[:ttl] = Time.now + user_data.timeout
|
177
|
+
if ses_data[:update] < Time.now
|
178
|
+
ses_data[:update] = Time.now + 5.minutes
|
179
|
+
self.user_model.where(uuid: ses_data[:uuid]).update_all(visited_at: Time.now)
|
180
|
+
end
|
181
|
+
self.redis.set self.redis_prefix + 'session:' + params[:session], ses_data.to_json, ex: user_data.timeout
|
182
|
+
else
|
183
|
+
result[:result] = -5
|
184
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
185
|
+
end
|
186
|
+
else
|
187
|
+
result[:result] = -4
|
188
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
189
|
+
end
|
190
|
+
else
|
191
|
+
result[:result] = -3
|
192
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
193
|
+
end
|
194
|
+
else
|
195
|
+
self.redis.del self.redis_prefix + 'session:' + params[:session]
|
196
|
+
result[:result] = -6
|
197
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
198
|
+
end
|
199
|
+
else
|
200
|
+
result[:result] = -2
|
201
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
202
|
+
end
|
203
|
+
else
|
204
|
+
result[:result] = -1
|
205
|
+
result[:message] = I18n.t('core.errors.incorrect_system')
|
206
|
+
end
|
207
|
+
|
208
|
+
respond_to do |format|
|
209
|
+
format.json { render json: result }
|
210
|
+
end
|
211
|
+
end
|
212
|
+
|
213
|
+
def destroy
|
214
|
+
result = {
|
215
|
+
result: 0,
|
216
|
+
message: I18n.t('core.success')
|
217
|
+
}
|
218
|
+
|
219
|
+
begin
|
220
|
+
ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
|
221
|
+
rescue
|
222
|
+
ses_data = nil
|
223
|
+
end
|
224
|
+
|
225
|
+
if ses_data
|
226
|
+
self.redis.del self.redis_prefix + 'session:' + params[:session]
|
227
|
+
else
|
228
|
+
result[:result] = -1
|
229
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
230
|
+
end
|
231
|
+
|
232
|
+
respond_to do |format|
|
233
|
+
format.json { render json: result }
|
234
|
+
end
|
235
|
+
end
|
236
|
+
|
237
|
+
##
|
238
|
+
# REST action returns current user UUID from SSO server. This action also make prolongation of session life.
|
239
|
+
#
|
240
|
+
# <b>API request:</b>
|
241
|
+
# GET /api/<version>/login/:session
|
242
|
+
#
|
243
|
+
# <b>Parameters:</b>
|
244
|
+
# - <b>sso_system</b> (String) --- system UUID <i>(required value)</i>
|
245
|
+
# - <b>sso_secret</b> (String) --- system secret key <i>(required value)</i>
|
246
|
+
# - <b>locale</b> (String) --- the output language locale <i>(optional value)</i>
|
247
|
+
#
|
248
|
+
# <b>Request example:</b>
|
249
|
+
# curl --header "Content-Type: application/json" --header 'Authorization: Bearer <session-token>' http://<server>:<port>/api/<api-version>/login/<session>?sso_system=<sso_system>&sso_secret=<sso_secret_key>
|
250
|
+
#
|
251
|
+
# <b>Results:</b>
|
252
|
+
#
|
253
|
+
# Resulting data returns in JSON format.
|
254
|
+
#
|
255
|
+
# <b>Examples:</b>
|
256
|
+
#
|
257
|
+
# <b>Success:</b> HTTP response code 200
|
258
|
+
# {
|
259
|
+
# "result": 0,
|
260
|
+
# "message": "Successful",
|
261
|
+
# "uuid": "9adc7c0a-45ca-4436-b706-1807de6192e0"
|
262
|
+
# }
|
263
|
+
def show
|
264
|
+
result = {
|
265
|
+
result: 0,
|
266
|
+
message: I18n.t('core.success')
|
267
|
+
}
|
268
|
+
|
269
|
+
if self.system
|
270
|
+
begin
|
271
|
+
ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
|
272
|
+
rescue
|
273
|
+
ses_data = nil
|
274
|
+
end
|
275
|
+
|
276
|
+
if ses_data
|
277
|
+
if ses_data[:ttl] > Time.now
|
278
|
+
if params.key? :secret_key
|
279
|
+
if self.system[:secret_key] == params[:secret_key]
|
280
|
+
user_data = self.get_user_data_by_uuid ses_data[:uuid]
|
281
|
+
|
282
|
+
if user_data
|
283
|
+
self.format_user_output(user_data, result)
|
284
|
+
result[:login_time] = ses_data[:login]
|
285
|
+
ses_data[:time] = Time.now
|
286
|
+
ses_data[:ttl] = Time.now + user_data.timeout
|
287
|
+
if ses_data[:update] < Time.now
|
288
|
+
ses_data[:update] = Time.now + 5.minutes
|
289
|
+
self.user_model.where(uuid: ses_data[:uuid]).update_all(visited_at: Time.now)
|
290
|
+
end
|
291
|
+
self.redis.set self.redis_prefix + 'session:' + params[:session], ses_data.to_json, ex: user_data.timeout
|
292
|
+
else
|
293
|
+
result[:result] = -5
|
294
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
295
|
+
end
|
296
|
+
else
|
297
|
+
result[:result] = -4
|
298
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
299
|
+
end
|
300
|
+
else
|
301
|
+
result[:result] = -3
|
302
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
303
|
+
end
|
304
|
+
else
|
305
|
+
self.redis.del self.redis_prefix + 'session:' + params[:session]
|
306
|
+
result[:result] = -6
|
307
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
308
|
+
end
|
309
|
+
else
|
310
|
+
result[:result] = -2
|
311
|
+
result[:message] = I18n.t('core.errors.incorrect_parameters')
|
312
|
+
end
|
313
|
+
else
|
314
|
+
result[:result] = -1
|
315
|
+
result[:message] = I18n.t('core.errors.incorrect_system')
|
316
|
+
end
|
317
|
+
|
318
|
+
respond_to do |format|
|
319
|
+
format.json { render json: result }
|
320
|
+
end
|
321
|
+
end
|
322
|
+
|
323
|
+
def get_login_url
|
324
|
+
prompt = true
|
325
|
+
if params.key? :prompt
|
326
|
+
prompt = false if params[:prompt] == 'none'
|
327
|
+
end
|
328
|
+
|
329
|
+
if prompt
|
330
|
+
url = self.front_url + 'login?'
|
331
|
+
if params.key? :sso_path
|
332
|
+
url += 'sso_path=' + params[:sso_path] + '&'
|
333
|
+
end
|
334
|
+
url += 'sso_system=' + params[:sso_system] + '&locale=' + self.locale
|
335
|
+
else
|
336
|
+
url = self.system[:host] + self.system[:silent] + '?error=need-login'
|
337
|
+
end
|
338
|
+
|
339
|
+
|
340
|
+
return url
|
341
|
+
end
|
342
|
+
end
|
@@ -0,0 +1,142 @@
|
|
1
|
+
class Anubis::Sso::Server::UserController < Anubis::Sso::Server::ApplicationController
|
2
|
+
def authenticate?
|
3
|
+
false
|
4
|
+
end
|
5
|
+
|
6
|
+
def show
|
7
|
+
result = {
|
8
|
+
result: 0,
|
9
|
+
message: I18n.t('anubis.core.success')
|
10
|
+
}
|
11
|
+
code = 200
|
12
|
+
|
13
|
+
self.get_user_data result
|
14
|
+
|
15
|
+
respond_to do |format|
|
16
|
+
format.json { render json: result, status: code }
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def show_current
|
21
|
+
self.get_user_from_session
|
22
|
+
self.show
|
23
|
+
end
|
24
|
+
|
25
|
+
def update
|
26
|
+
result = {
|
27
|
+
result: 0,
|
28
|
+
message: I18n.t('anubis.core.success')
|
29
|
+
}
|
30
|
+
code = 200
|
31
|
+
|
32
|
+
user_data = self.get_user_data result
|
33
|
+
|
34
|
+
if user_data
|
35
|
+
user_data.name = params[:name] if params.key? :name
|
36
|
+
user_data.surname = params[:surname] if params.key? :surname
|
37
|
+
user_data.timezone = params[:timezone] if params.key? :timezone
|
38
|
+
user_data.locale = params[:locale] if params.key? :locale
|
39
|
+
if params.key? :timeout
|
40
|
+
user_data.timeout = params[:timeout] if params[:timeout].to_s.to_i > 60 && params[:timeout].to_s.to_i <= 36000
|
41
|
+
end
|
42
|
+
|
43
|
+
if user_data.save
|
44
|
+
result[:uuid] = user_data.uuid
|
45
|
+
result[:name] = user_data.name
|
46
|
+
result[:surname] = user_data.surname
|
47
|
+
result[:login] = user_data.login
|
48
|
+
result[:locale] = user_data.locale
|
49
|
+
result[:timezone] = user_data.timezone
|
50
|
+
result[:timeout] = user_data.timeout
|
51
|
+
else
|
52
|
+
result[:uuid] = user_data.uuid_was
|
53
|
+
result[:name] = user_data.name_was
|
54
|
+
result[:surname] = user_data.surname_was
|
55
|
+
result[:login] = user_data.login_was
|
56
|
+
result[:locale] = user_data.locale_was
|
57
|
+
result[:timezone] = user_data.timezone_was
|
58
|
+
result[:timeout] = user_data.timeout_was
|
59
|
+
result[:errors] = user_data.errors.full_messages
|
60
|
+
result[:result] = -7
|
61
|
+
result[:message] = I18n.t('anubis.core.errors.error_changing_data')
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
respond_to do |format|
|
66
|
+
format.json { render json: result, status: code }
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
def update_current
|
71
|
+
self.get_user_from_session
|
72
|
+
self.update
|
73
|
+
end
|
74
|
+
|
75
|
+
def get_user_from_session
|
76
|
+
session = self.get_current_session
|
77
|
+
if session.key? :ttl
|
78
|
+
if session[:ttl] > Time.now
|
79
|
+
params[:uuid] = session[:uuid]
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def get_current_session
|
85
|
+
begin
|
86
|
+
ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
|
87
|
+
rescue
|
88
|
+
ses_data = { ttl: Time.now - 1.day }
|
89
|
+
end
|
90
|
+
|
91
|
+
ses_data
|
92
|
+
end
|
93
|
+
|
94
|
+
def get_user_data(result)
|
95
|
+
user_data = nil
|
96
|
+
|
97
|
+
if params.has_key? :session
|
98
|
+
ses_data = self.get_current_session
|
99
|
+
|
100
|
+
if ses_data[:ttl] > Time.now
|
101
|
+
user_data = self.user_model.where(uuid: params[:uuid]).first
|
102
|
+
|
103
|
+
if user_data
|
104
|
+
begin
|
105
|
+
adm_data = self.get_user_data_by_uuid ses_data[:uuid]
|
106
|
+
rescue
|
107
|
+
adm_data = nil
|
108
|
+
end
|
109
|
+
|
110
|
+
if adm_data
|
111
|
+
if adm_data.role == 'user_role'
|
112
|
+
if adm_data.id != user_data.id
|
113
|
+
user_data = nil
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
if user_data
|
118
|
+
self.format_user_output user_data, result
|
119
|
+
else
|
120
|
+
result[:result] = -6
|
121
|
+
result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
|
122
|
+
end
|
123
|
+
else
|
124
|
+
result[:result] = -5
|
125
|
+
result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
|
126
|
+
end
|
127
|
+
else
|
128
|
+
result[:result] = -4
|
129
|
+
result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
|
130
|
+
end
|
131
|
+
else
|
132
|
+
result[:result] = -3
|
133
|
+
result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
|
134
|
+
end
|
135
|
+
else
|
136
|
+
result[:result] = -2
|
137
|
+
result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
|
138
|
+
end
|
139
|
+
|
140
|
+
user_data
|
141
|
+
end
|
142
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
class Anubis::Tenant::ApplicationController < Anubis::Core::ApplicationController
|
2
|
+
##
|
3
|
+
# Get current user model
|
4
|
+
# @return [ActiveRecord] defined user model. It is used for get current user data. May be redefined when user model is changed
|
5
|
+
def get_user_model
|
6
|
+
Anubis::Tenant::User
|
7
|
+
end
|
8
|
+
|
9
|
+
##
|
10
|
+
# Get current user model filed json exception
|
11
|
+
# @return [Array] defined user exception for to_json function
|
12
|
+
def get_user_model_except
|
13
|
+
[:uuid_bin]
|
14
|
+
end
|
15
|
+
|
16
|
+
##
|
17
|
+
# Check menu access for current user of current controller
|
18
|
+
# @return [Boolean] if true, then user have access for this controller.
|
19
|
+
def menu_access(controller, exit = true)
|
20
|
+
menu_access_status = redis.get self.redis_prefix + self.current_user.uuid+'_'+controller
|
21
|
+
|
22
|
+
if !menu_access_status
|
23
|
+
access = Anubis::Tenant::GroupMenu.accesses[:read].to_s+','+Anubis::Tenant::GroupMenu.accesses[:write].to_s
|
24
|
+
query = <<-SQL
|
25
|
+
SELECT `t`.* FROM
|
26
|
+
(SELECT `menus`.`id`, `menus`.`mode`, `menus`.`action`, `menus`.`menu_id`,
|
27
|
+
MAX(`group_menus`.`access`) AS `access`, `user_groups`.`user_id`
|
28
|
+
FROM `menus`, `group_menus`, `groups`, `user_groups`
|
29
|
+
WHERE `menus`.`mode` = '#{controller}' AND `menus`.`id` = `group_menus`.`menu_id` AND
|
30
|
+
`menus`.`status` = 0 AND `group_menus`.`group_id` = `groups`.`id` AND `groups`.`id` = `user_groups`.`group_id` AND
|
31
|
+
`user_groups`.`user_id` = #{self.current_user.id}
|
32
|
+
GROUP BY `menus`.`id`) AS `t`
|
33
|
+
WHERE `t`.`access` IN (#{access})
|
34
|
+
ORDER BY `t`.`menu_id`
|
35
|
+
SQL
|
36
|
+
menu = Anubis::Tenant::GroupMenu.find_by_sql(query).first
|
37
|
+
if (!menu)
|
38
|
+
redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, 'not'
|
39
|
+
self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
|
40
|
+
return false
|
41
|
+
end
|
42
|
+
|
43
|
+
menu_access_status = menu.access
|
44
|
+
redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, menu_access_status
|
45
|
+
else
|
46
|
+
if menu_access_status == 'not'
|
47
|
+
self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
|
48
|
+
return false
|
49
|
+
end
|
50
|
+
end
|
51
|
+
self.writer = true if menu_access_status == 'write'
|
52
|
+
return true
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
module Anubis
|
2
|
+
module Tenant
|
3
|
+
module Data
|
4
|
+
##
|
5
|
+
# Module loads data from external sources for {DataController}
|
6
|
+
module Load
|
7
|
+
include Anubis::Core::Data::Load
|
8
|
+
|
9
|
+
##
|
10
|
+
# Loads current menu data. Procedure loads menu data from MySQL database or from Redis cache and places it in
|
11
|
+
# self.etc.menu {Anubis::Etc#menu}
|
12
|
+
def load_menu_data
|
13
|
+
menu_json = self.redis.get(self.redis_prefix + 'menu_' + params[:controller])
|
14
|
+
menu_locale_json = self.redis.get(self.redis_prefix + 'menu_'+params[:controller]+'_'+self.locale)
|
15
|
+
if !menu_json || !menu_locale_json
|
16
|
+
menu = Anubis::Tenant::MenuLocale.eager_load(menu: :menu).where(locale: Anubis::Tenant::MenuLocale.locales[self.locale.to_sym]).where(['menus.mode = ? AND menus.status = 0', params[:controller]]).first
|
17
|
+
if menu
|
18
|
+
menu_json = {
|
19
|
+
mode: menu.menu.mode,
|
20
|
+
menu_id: menu.menu_id,
|
21
|
+
parent_menu_id: menu.menu.menu_id,
|
22
|
+
action: menu.menu.action,
|
23
|
+
tab: menu.menu.tab,
|
24
|
+
position: menu.menu.position,
|
25
|
+
state: menu.menu.state
|
26
|
+
}
|
27
|
+
if menu.menu.menu
|
28
|
+
menu_json[:parent_mode] = menu.menu.menu.mode
|
29
|
+
end
|
30
|
+
menu_json = menu_json.to_json
|
31
|
+
self.redis.set(self.redis_prefix + 'menu_'+params[:controller], menu_json)
|
32
|
+
menu_locale_json = {
|
33
|
+
title: menu.title,
|
34
|
+
page_title: menu.page_title,
|
35
|
+
short_title: menu.short_title
|
36
|
+
}.to_json
|
37
|
+
self.redis.set(self.redis_prefix + 'menu_'+params[:controller]+'_'+self.locale, menu_locale_json)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
if menu_json && menu_locale_json
|
41
|
+
self.etc.menu = Anubis::Etc::Menu.new JSON.parse(menu_json, {:symbolize_names => true}).merge(JSON.parse(menu_locale_json, {:symbolize_names => true}))
|
42
|
+
if self.writer
|
43
|
+
self.etc.menu.access = 'write'
|
44
|
+
else
|
45
|
+
self.etc.menu.access = 'read'
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|