audiences 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/audiences/application_controller.rb +9 -0
  3. data/app/controllers/audiences/contexts_controller.rb +1 -1
  4. data/app/controllers/audiences/scim_proxy_controller.rb +1 -1
  5. data/app/models/audiences/context_users.rb +2 -2
  6. data/app/models/audiences/criterion_users.rb +2 -2
  7. data/app/models/audiences/external_user.rb +7 -0
  8. data/docs/CHANGELOG.md +9 -0
  9. data/lib/audiences/configuration.rb +28 -0
  10. data/lib/audiences/scim/resource.rb +4 -0
  11. data/lib/audiences/version.rb +1 -1
  12. data/lib/audiences.rb +3 -2
  13. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8f83dd42249d90e09a66c7f11b5adb821e7f0fbc3add8089f075fe2668e79d35
4
- data.tar.gz: 351a6676df1a297b691842e06fc18b721d3581a9bdd0ea6101bce2ed81cee06e
3
+ metadata.gz: 596d4d408b2fc406d8f3dcf10bdd5c29dfe311ab5691fbc3b6140df37d8bcaed
4
+ data.tar.gz: f2dd143d3faa6a0e59d20f2af39a0dd7e429d5343f6f63081c2cd9df54b57697
5
5
  SHA512:
6
- metadata.gz: f90802d28319f4cbc95a8be9f9f2e68115ac7142ab6fcbf4c9be0437a14a2e57b6d58632e1befeb37b19ba1b2ce9de1d6f8fc2d9b674b120ee51d240e47140dd
7
- data.tar.gz: d70f080cdad97a5bdfc31b701d7659a300dbeeef3c380371b1d91c7198a30c4ff9899c5106a0eb2af972e8b6d53e77ab718fb962c6f8734c960375394ffa60c6
6
+ metadata.gz: 3db42cfb3a01581e4cb9d30ed00fba7921fe0a801d1719351c106fe41966ab565ae1dbdd3d639e3f9681abf92b94d46b8e43f318689389ec90f7d0e984ea3535
7
+ data.tar.gz: d59bbf57891e89dd7ccb9515399913e80a5b2cd1580afceef7683aa02c977cdc75b2452f1cd7fcd5520f7508b00dbcf2066fb88cc27e1767ff56437a8596e696
data/app/controllers/audiences/application_controller.rb CHANGED
@@ -2,5 +2,14 @@
2
2
 
3
3
  module Audiences
4
4
  class ApplicationController < ActionController::API
5
+ before_action unless: :authenticate! do
6
+ render json: { error: "Unauthorized" }, status: :unauthorized
7
+ end
8
+
9
+ private
10
+
11
+ def authenticate!
12
+ instance_exec(request, &Audiences.config.authenticate)
13
+ end
5
14
  end
6
15
  end
data/app/controllers/audiences/contexts_controller.rb CHANGED
@@ -44,7 +44,7 @@ module Audiences
44
44
  params.permit(
45
45
  :match_all,
46
46
  criteria: [groups: {}],
47
- extra_users: Audiences.config.resources[:Users].attributes
47
+ extra_users: %i[externalId]
48
48
  ).to_h.symbolize_keys
49
49
  end
50
50
  end
data/app/controllers/audiences/scim_proxy_controller.rb CHANGED
@@ -4,7 +4,7 @@ module Audiences
4
4
  class ScimProxyController < ApplicationController
5
5
  def get
6
6
  resources = Audiences::Scim.resource(params[:scim_path].to_sym)
7
- .query(filter: params[:filter])
7
+ .query(filter: params[:filter], startIndex: params[:startIndex], count: params[:count])
8
8
 
9
9
  render json: resources, except: %w[schemas meta]
10
10
  end
data/app/models/audiences/context_users.rb CHANGED
@@ -20,8 +20,8 @@ module Audiences
20
20
  private
21
21
 
22
22
  def all_users
23
- users = Scim.resource(:Users).query
24
- ExternalUser.wrap(users.all)
23
+ users = Scim.resource(:Users).all
24
+ ExternalUser.wrap(users)
25
25
  end
26
26
 
27
27
  def matching_users
data/app/models/audiences/criterion_users.rb CHANGED
@@ -21,8 +21,8 @@ module Audiences
21
21
 
22
22
  def groups_users(group_ids)
23
23
  filter = group_ids.map { "groups.value eq #{_1}" }.join(" OR ")
24
- users = Audiences::Scim.resource(:Users).query(filter: filter)
25
- ExternalUser.wrap(users.all)
24
+ users = Audiences::Scim.resource(:Users).all(filter: filter)
25
+ ExternalUser.wrap(users)
26
26
  end
27
27
  end
28
28
  end
data/app/models/audiences/external_user.rb CHANGED
@@ -10,6 +10,13 @@ module Audiences
10
10
  inverse_of: false
11
11
  end
12
12
 
13
+ def self.fetch(external_ids)
14
+ return [] unless external_ids.any?
15
+
16
+ filter = Array(external_ids).map { "externalId eq #{_1}" }.join(" OR ")
17
+ Audiences::Scim.resource(:Users).all(filter: filter)
18
+ end
19
+
13
20
  def self.wrap(resources)
14
21
  return [] unless resources&.any?
15
22
 
data/docs/CHANGELOG.md CHANGED
@@ -1,5 +1,14 @@
1
1
  # Unreleased
2
2
 
3
+ # Version 1.4.0 (2024-11-01)
4
+
5
+ - Add authentication hooks for Audiences controllers [#438](https://github.com/powerhome/audiences/pull/438)
6
+
7
+ # Version 1.3.1 (2024-10-11)
8
+
9
+ - Forward pagination parameters to SCIM on proxy [#397](https://github.com/powerhome/audiences/pull/397)
10
+ - Fix security flaw when setting extra users [#398](https://github.com/powerhome/audiences/pull/398)
11
+
3
12
  # Version 1.3.0 (2024-09-03)
4
13
 
5
14
  - Filter out inactive users by default [#382](https://github.com/powerhome/audiences/pull/382)
data/lib/audiences/configuration.rb CHANGED
@@ -5,6 +5,34 @@ module Audiences
5
5
 
6
6
  # Configuration options
7
7
 
8
+ #
9
+ # Authentication configuration. This defaults to true, meaning that the audiences
10
+ # endpoints are open to the public.
11
+ #
12
+ # To authenticate requests, set this configuration to a lambda that will receive
13
+ # the request and return true if the request is authenticated.
14
+ #
15
+ # Raising an exception will also prevent the execution of the request, but the
16
+ # exception will not be caught and should be handled by the application middlewares.
17
+ #
18
+ # I.e.:
19
+ #
20
+ # Audiences.configure do |config|
21
+ # config.authentication = ->(*) { authenticate_request }
22
+ # end
23
+ #
24
+ # I.e:
25
+ #
26
+ # Audiences.configure do |config|
27
+ # config.authentication = ->(request) do
28
+ # request.env["warden"].authenticate!
29
+ # end
30
+ # end
31
+ #
32
+ config_accessor :authentication do
33
+ ->(*) { true }
34
+ end
35
+
8
36
  #
9
37
  # Identity model representing a SCIM User in the current application. I.e.: "User"
10
38
  #
data/lib/audiences/scim/resource.rb CHANGED
@@ -20,6 +20,10 @@ module Audiences
20
20
  **@options, **options)
21
21
  end
22
22
 
23
+ def all(...)
24
+ query(...).all
25
+ end
26
+
23
27
  def scim_attributes
24
28
  @attributes.reduce([]) do |attrs, attr|
25
29
  case attr
data/lib/audiences/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Audiences
4
- VERSION = "1.3.0"
4
+ VERSION = "1.4.0"
5
5
  end
data/lib/audiences.rb CHANGED
@@ -23,11 +23,12 @@ module_function
23
23
  # @param params [Hash] the updated params
24
24
  # @return Audience::Context
25
25
  #
26
- def update(key, criteria: [], **attrs)
26
+ def update(key, criteria: [], extra_users: [], match_all: false)
27
27
  Audiences::Context.load(key) do |context|
28
28
  context.update!(
29
+ match_all: match_all,
29
30
  criteria: ::Audiences::Criterion.map(criteria),
30
- **attrs
31
+ extra_users: ::Audiences::ExternalUser.fetch(extra_users.pluck("externalId"))
31
32
  )
32
33
  context.refresh_users!
33
34
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: audiences
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Carlos Palhares
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-03 00:00:00.000000000 Z
11
+ date: 2024-11-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -93,7 +93,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
93
93
  - !ruby/object:Gem::Version
94
94
  version: '0'
95
95
  requirements: []
96
- rubygems_version: 3.5.11
96
+ rubygems_version: 3.5.16
97
97
  signing_key:
98
98
  specification_version: 4
99
99
  summary: Audiences system