audiences 1.3.0 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/audiences/application_controller.rb +9 -0
  3. data/app/controllers/audiences/contexts_controller.rb +1 -1
  4. data/app/controllers/audiences/scim_proxy_controller.rb +1 -1
  5. data/app/models/audiences/context_users.rb +2 -2
  6. data/app/models/audiences/criterion_users.rb +2 -2
  7. data/app/models/audiences/external_user.rb +7 -0
  8. data/docs/CHANGELOG.md +9 -0
  9. data/lib/audiences/configuration.rb +28 -0
  10. data/lib/audiences/scim/resource.rb +4 -0
  11. data/lib/audiences/version.rb +1 -1
  12. data/lib/audiences.rb +3 -2
  13. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8f83dd42249d90e09a66c7f11b5adb821e7f0fbc3add8089f075fe2668e79d35
4
- data.tar.gz: 351a6676df1a297b691842e06fc18b721d3581a9bdd0ea6101bce2ed81cee06e
3
+ metadata.gz: 596d4d408b2fc406d8f3dcf10bdd5c29dfe311ab5691fbc3b6140df37d8bcaed
4
+ data.tar.gz: f2dd143d3faa6a0e59d20f2af39a0dd7e429d5343f6f63081c2cd9df54b57697
5
5
  SHA512:
6
- metadata.gz: f90802d28319f4cbc95a8be9f9f2e68115ac7142ab6fcbf4c9be0437a14a2e57b6d58632e1befeb37b19ba1b2ce9de1d6f8fc2d9b674b120ee51d240e47140dd
7
- data.tar.gz: d70f080cdad97a5bdfc31b701d7659a300dbeeef3c380371b1d91c7198a30c4ff9899c5106a0eb2af972e8b6d53e77ab718fb962c6f8734c960375394ffa60c6
6
+ metadata.gz: 3db42cfb3a01581e4cb9d30ed00fba7921fe0a801d1719351c106fe41966ab565ae1dbdd3d639e3f9681abf92b94d46b8e43f318689389ec90f7d0e984ea3535
7
+ data.tar.gz: d59bbf57891e89dd7ccb9515399913e80a5b2cd1580afceef7683aa02c977cdc75b2452f1cd7fcd5520f7508b00dbcf2066fb88cc27e1767ff56437a8596e696
data/app/controllers/audiences/application_controller.rb CHANGED
@@ -2,5 +2,14 @@
2
2
 
3
3
  module Audiences
4
4
  class ApplicationController < ActionController::API
5
+ before_action unless: :authenticate! do
6
+ render json: { error: "Unauthorized" }, status: :unauthorized
7
+ end
8
+
9
+ private
10
+
11
+ def authenticate!
12
+ instance_exec(request, &Audiences.config.authenticate)
13
+ end
5
14
  end
6
15
  end
data/app/controllers/audiences/contexts_controller.rb CHANGED
@@ -44,7 +44,7 @@ module Audiences
44
44
  params.permit(
45
45
  :match_all,
46
46
  criteria: [groups: {}],
47
- extra_users: Audiences.config.resources[:Users].attributes
47
+ extra_users: %i[externalId]
48
48
  ).to_h.symbolize_keys
49
49
  end
50
50
  end
data/app/controllers/audiences/scim_proxy_controller.rb CHANGED
@@ -4,7 +4,7 @@ module Audiences
4
4
  class ScimProxyController < ApplicationController
5
5
  def get
6
6
  resources = Audiences::Scim.resource(params[:scim_path].to_sym)
7
- .query(filter: params[:filter])
7
+ .query(filter: params[:filter], startIndex: params[:startIndex], count: params[:count])
8
8
 
9
9
  render json: resources, except: %w[schemas meta]
10
10
  end
data/app/models/audiences/context_users.rb CHANGED
@@ -20,8 +20,8 @@ module Audiences
20
20
  private
21
21
 
22
22
  def all_users
23
- users = Scim.resource(:Users).query
24
- ExternalUser.wrap(users.all)
23
+ users = Scim.resource(:Users).all
24
+ ExternalUser.wrap(users)
25
25
  end
26
26
 
27
27
  def matching_users
data/app/models/audiences/criterion_users.rb CHANGED
@@ -21,8 +21,8 @@ module Audiences
21
21
 
22
22
  def groups_users(group_ids)
23
23
  filter = group_ids.map { "groups.value eq #{_1}" }.join(" OR ")
24
- users = Audiences::Scim.resource(:Users).query(filter: filter)
25
- ExternalUser.wrap(users.all)
24
+ users = Audiences::Scim.resource(:Users).all(filter: filter)
25
+ ExternalUser.wrap(users)
26
26
  end
27
27
  end
28
28
  end
data/app/models/audiences/external_user.rb CHANGED
@@ -10,6 +10,13 @@ module Audiences
10
10
  inverse_of: false
11
11
  end
12
12
 
13
+ def self.fetch(external_ids)
14
+ return [] unless external_ids.any?
15
+
16
+ filter = Array(external_ids).map { "externalId eq #{_1}" }.join(" OR ")
17
+ Audiences::Scim.resource(:Users).all(filter: filter)
18
+ end
19
+
13
20
  def self.wrap(resources)
14
21
  return [] unless resources&.any?
15
22
 
data/docs/CHANGELOG.md CHANGED
@@ -1,5 +1,14 @@
1
1
  # Unreleased
2
2
 
3
+ # Version 1.4.0 (2024-11-01)
4
+
5
+ - Add authentication hooks for Audiences controllers [#438](https://github.com/powerhome/audiences/pull/438)
6
+
7
+ # Version 1.3.1 (2024-10-11)
8
+
9
+ - Forward pagination parameters to SCIM on proxy [#397](https://github.com/powerhome/audiences/pull/397)
10
+ - Fix security flaw when setting extra users [#398](https://github.com/powerhome/audiences/pull/398)
11
+
3
12
  # Version 1.3.0 (2024-09-03)
4
13
 
5
14
  - Filter out inactive users by default [#382](https://github.com/powerhome/audiences/pull/382)
data/lib/audiences/configuration.rb CHANGED
@@ -5,6 +5,34 @@ module Audiences
5
5
 
6
6
  # Configuration options
7
7
 
8
+ #
9
+ # Authentication configuration. This defaults to true, meaning that the audiences
10
+ # endpoints are open to the public.
11
+ #
12
+ # To authenticate requests, set this configuration to a lambda that will receive
13
+ # the request and return true if the request is authenticated.
14
+ #
15
+ # Raising an exception will also prevent the execution of the request, but the
16
+ # exception will not be caught and should be handled by the application middlewares.
17
+ #
18
+ # I.e.:
19
+ #
20
+ # Audiences.configure do |config|
21
+ # config.authentication = ->(*) { authenticate_request }
22
+ # end
23
+ #
24
+ # I.e:
25
+ #
26
+ # Audiences.configure do |config|
27
+ # config.authentication = ->(request) do
28
+ # request.env["warden"].authenticate!
29
+ # end
30
+ # end
31
+ #
32
+ config_accessor :authentication do
33
+ ->(*) { true }
34
+ end
35
+
8
36
  #
9
37
  # Identity model representing a SCIM User in the current application. I.e.: "User"
10
38
  #
data/lib/audiences/scim/resource.rb CHANGED
@@ -20,6 +20,10 @@ module Audiences
20
20
  **@options, **options)
21
21
  end
22
22
 
23
+ def all(...)
24
+ query(...).all
25
+ end
26
+
23
27
  def scim_attributes
24
28
  @attributes.reduce([]) do |attrs, attr|
25
29
  case attr
data/lib/audiences/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Audiences
4
- VERSION = "1.3.0"
4
+ VERSION = "1.4.0"
5
5
  end
data/lib/audiences.rb CHANGED
@@ -23,11 +23,12 @@ module_function
23
23
  # @param params [Hash] the updated params
24
24
  # @return Audience::Context
25
25
  #
26
- def update(key, criteria: [], **attrs)
26
+ def update(key, criteria: [], extra_users: [], match_all: false)
27
27
  Audiences::Context.load(key) do |context|
28
28
  context.update!(
29
+ match_all: match_all,
29
30
  criteria: ::Audiences::Criterion.map(criteria),
30
- **attrs
31
+ extra_users: ::Audiences::ExternalUser.fetch(extra_users.pluck("externalId"))
31
32
  )
32
33
  context.refresh_users!
33
34
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: audiences
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Carlos Palhares
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-03 00:00:00.000000000 Z
11
+ date: 2024-11-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -93,7 +93,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
93
93
  - !ruby/object:Gem::Version
94
94
  version: '0'
95
95
  requirements: []
96
- rubygems_version: 3.5.11
96
+ rubygems_version: 3.5.16
97
97
  signing_key:
98
98
  specification_version: 4
99
99
  summary: Audiences system