card-mod-account 0.11.2 → 0.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/set/abstract/account_field.rb +5 -0
- data/set/abstract/accountable.rb +5 -1
- data/set/all/account.rb +9 -2
- data/set/right/account.rb +3 -8
- data/set/right/account/events.rb +2 -2
- data/set/right/email.rb +5 -4
- data/set/right/password.rb +4 -3
- data/set/right/roles.rb +2 -2
- data/set/right/salt.rb +1 -1
- data/set/right/status.rb +1 -1
- data/set/self/signin.rb +22 -15
- data/set/type/signup/views.rb +7 -2
- data/set/type/user.rb +1 -1
- metadata +11 -13
- data/set/right/api_key.rb +0 -48
- data/set/self/captcha.rb +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7a6ffc73cc5f34565b5b73ab83dd0d36fe98cb423fbc498f57f3df311f734a89
|
4
|
+
data.tar.gz: b30e646f2304e4086231139fdd87990b7c4f77e60e84198eb0dd5b2c5f634bd8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d1881835e8feccd020608499267ce77bdd7baf4b0e934e36a02252ae574c26e9025a68d0319cc802c6b6702275116f5519b202760dfb67368a0ad85c35d1a111
|
7
|
+
data.tar.gz: f91cfc3bd4093f92b43791aaac1ffc2a2d05069c5b40b8a8f0e8de99b8a58c78a8db478ee51fa2468386508dc2b1747b33ff8d5f0b13fe998ab215438190b67a
|
data/README.md
CHANGED
data/set/abstract/accountable.rb
CHANGED
@@ -38,7 +38,11 @@ format :html do
|
|
38
38
|
{ path: { slot: { hide: %i[help_link bridge_link] } } }],
|
39
39
|
["Roles", :roles,
|
40
40
|
{ path: { view: :content_with_edit_button } }],
|
41
|
-
["Notifications", :follow]
|
41
|
+
["Notifications", :follow],
|
42
|
+
["API", :account,
|
43
|
+
{ path: { view: :api_key,
|
44
|
+
items: { view: :content },
|
45
|
+
slot: { hide: %i[help_link bridge_link] } } }]
|
42
46
|
]
|
43
47
|
end
|
44
48
|
|
data/set/all/account.rb
CHANGED
@@ -39,6 +39,7 @@ def fetch_read_rules
|
|
39
39
|
|
40
40
|
([AnyoneID] + parties).each_with_object([]) do |party_id, rule_ids|
|
41
41
|
next unless (cache = Card::Rule.read_rule_cache[party_id])
|
42
|
+
|
42
43
|
rule_ids.concat cache
|
43
44
|
end
|
44
45
|
end
|
@@ -48,10 +49,16 @@ def clear_roles
|
|
48
49
|
end
|
49
50
|
|
50
51
|
def with_clear_roles
|
51
|
-
a
|
52
|
+
a = @parties
|
53
|
+
b = @all_roles
|
54
|
+
c = @all_active_roles
|
55
|
+
d = @read_rules
|
52
56
|
yield
|
53
57
|
ensure
|
54
|
-
@parties
|
58
|
+
@parties = a
|
59
|
+
@all_roles = b
|
60
|
+
@all_active_roles = c
|
61
|
+
@read_rules = d
|
55
62
|
end
|
56
63
|
|
57
64
|
def all_enabled_roles
|
data/set/right/account.rb
CHANGED
@@ -4,7 +4,6 @@ card_accessor :email
|
|
4
4
|
card_accessor :password
|
5
5
|
card_accessor :salt
|
6
6
|
card_accessor :status
|
7
|
-
card_accessor :api_key
|
8
7
|
|
9
8
|
require_field :email
|
10
9
|
|
@@ -17,7 +16,7 @@ def accounted_id
|
|
17
16
|
end
|
18
17
|
|
19
18
|
def ok_to_read
|
20
|
-
own_account?
|
19
|
+
own_account? || super
|
21
20
|
end
|
22
21
|
|
23
22
|
# allow account owner to update account field content
|
@@ -43,16 +42,12 @@ def send_account_email email_template
|
|
43
42
|
ecard.deliver self, to: email
|
44
43
|
end
|
45
44
|
|
46
|
-
def validate_api_key! api_key
|
47
|
-
api_key_card.validate! api_key
|
48
|
-
end
|
49
|
-
|
50
45
|
def method_missing method, *args
|
51
|
-
super unless args.empty? && (matches = method.match(/^(?<status>.*)\?$/))
|
46
|
+
return super unless args.empty? && (matches = method.match(/^(?<status>.*)\?$/))
|
52
47
|
|
53
48
|
status == matches[:status]
|
54
49
|
end
|
55
50
|
|
56
51
|
def respond_to_missing? method, _include_private=false
|
57
|
-
method.match?(
|
52
|
+
method.match?(/\?$/) ? true : super
|
58
53
|
end
|
data/set/right/account/events.rb
CHANGED
@@ -44,7 +44,7 @@ def activatable
|
|
44
44
|
yield
|
45
45
|
end
|
46
46
|
|
47
|
-
#
|
47
|
+
# NOTE: this only works in the context of an action.
|
48
48
|
# if run independently, it will not activate an account
|
49
49
|
event :activate_account do
|
50
50
|
add_subfield :status, content: "active"
|
@@ -95,5 +95,5 @@ end
|
|
95
95
|
|
96
96
|
def reset_password_failure error_message
|
97
97
|
Auth.as_bot { send_password_reset_email }
|
98
|
-
errors.add :content,
|
98
|
+
errors.add :content, t(:account_sorry_email_reset, error_msg: error_message)
|
99
99
|
end
|
data/set/right/email.rb
CHANGED
@@ -8,7 +8,7 @@ event :validate_email, :validate, on: :save do
|
|
8
8
|
self.content = content.strip
|
9
9
|
return if content.match?(/^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i)
|
10
10
|
|
11
|
-
errors.add :content,
|
11
|
+
errors.add :content, t(:account_error_invalid_address)
|
12
12
|
end
|
13
13
|
|
14
14
|
event :validate_unique_email, after: :validate_email, on: :save do
|
@@ -16,9 +16,9 @@ event :validate_unique_email, after: :validate_email, on: :save do
|
|
16
16
|
Auth.as_bot do
|
17
17
|
cql = { right_id: EmailID, eq: content, return: :id }
|
18
18
|
cql[:not] = { id: id } if id
|
19
|
-
cql_comment =
|
19
|
+
cql_comment = t(:account_search_email_duplicate, content: content)
|
20
20
|
if Card.search(cql, cql_comment).first
|
21
|
-
errors.add :content,
|
21
|
+
errors.add :content, t(:account_error_not_unique)
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
@@ -26,6 +26,7 @@ end
|
|
26
26
|
|
27
27
|
event :downcase_email, :prepare_to_validate, on: :save do
|
28
28
|
return if !content || content == content.downcase
|
29
|
+
|
29
30
|
self.content = content.downcase
|
30
31
|
end
|
31
32
|
|
@@ -37,7 +38,7 @@ def ok_to_read
|
|
37
38
|
if own_email? || Auth.always_ok?
|
38
39
|
true
|
39
40
|
else
|
40
|
-
deny_because
|
41
|
+
deny_because t(:account_deny_email_restricted)
|
41
42
|
end
|
42
43
|
end
|
43
44
|
|
data/set/right/password.rb
CHANGED
@@ -5,7 +5,7 @@ def history?
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def ok_to_read
|
8
|
-
own_account?
|
8
|
+
own_account? || super
|
9
9
|
end
|
10
10
|
|
11
11
|
event :encrypt_password, :store,
|
@@ -23,7 +23,7 @@ end
|
|
23
23
|
event :validate_password, :validate, on: :save do
|
24
24
|
return if content.length > 3
|
25
25
|
|
26
|
-
errors.add :password,
|
26
|
+
errors.add :password, t(:account_password_length)
|
27
27
|
end
|
28
28
|
|
29
29
|
event :validate_password_present, :prepare_to_validate, on: :update do
|
@@ -31,7 +31,7 @@ event :validate_password_present, :prepare_to_validate, on: :update do
|
|
31
31
|
end
|
32
32
|
|
33
33
|
view :raw do
|
34
|
-
|
34
|
+
t :account_encrypted
|
35
35
|
end
|
36
36
|
|
37
37
|
format :html do
|
@@ -46,6 +46,7 @@ format :html do
|
|
46
46
|
|
47
47
|
def autocomplete?
|
48
48
|
return "on" if @parent && @parent.card.name == "*signin+*account" # HACK
|
49
|
+
|
49
50
|
"off"
|
50
51
|
end
|
51
52
|
end
|
data/set/right/roles.rb
CHANGED
@@ -9,8 +9,8 @@ end
|
|
9
9
|
def forbidden_roles
|
10
10
|
# restore old roles for permission check
|
11
11
|
with_old_role_permissions do |new_roles|
|
12
|
-
new_roles.
|
13
|
-
|
12
|
+
new_roles.reject do |card|
|
13
|
+
Card.fetch(card, "*members").ok? :update
|
14
14
|
end
|
15
15
|
end
|
16
16
|
end
|
data/set/right/salt.rb
CHANGED
data/set/right/status.rb
CHANGED
data/set/self/signin.rb
CHANGED
@@ -65,19 +65,15 @@ def failed_signin email
|
|
65
65
|
end
|
66
66
|
|
67
67
|
def abort_unless value, error_key
|
68
|
-
abort :failure,
|
68
|
+
abort :failure, t("account_#{error_key}") unless value
|
69
69
|
end
|
70
70
|
|
71
71
|
def signin_error_message account
|
72
|
-
|
73
|
-
when account.nil? then tr :error_unknown_email
|
74
|
-
when !account.active? then tr :error_not_active
|
75
|
-
else tr :error_wrong_password
|
76
|
-
end
|
72
|
+
t "account_#{signin_error_key account}"
|
77
73
|
end
|
78
74
|
|
79
75
|
def error_on field, error_key
|
80
|
-
errors.add field,
|
76
|
+
errors.add field, t("account_#{error_key}")
|
81
77
|
end
|
82
78
|
|
83
79
|
def account_for email
|
@@ -110,6 +106,16 @@ def reset_password_fail account
|
|
110
106
|
end
|
111
107
|
end
|
112
108
|
|
109
|
+
private
|
110
|
+
|
111
|
+
def signin_error_key account
|
112
|
+
case
|
113
|
+
when account.nil? then :error_unknown_email
|
114
|
+
when !account.active? then :error_not_active
|
115
|
+
else :error_wrong_password
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
113
119
|
format :html do
|
114
120
|
view :core, cache: :never do
|
115
121
|
voo.edit_structure = [signin_field(:email), signin_field(:password)]
|
@@ -131,7 +137,7 @@ format :html do
|
|
131
137
|
|
132
138
|
# FIXME: need a generic solution for this
|
133
139
|
view :title do
|
134
|
-
voo.title ||=
|
140
|
+
voo.title ||= t(:account_sign_in_title)
|
135
141
|
super()
|
136
142
|
end
|
137
143
|
|
@@ -146,7 +152,7 @@ format :html do
|
|
146
152
|
|
147
153
|
view :reset_password_success do
|
148
154
|
# 'Check your email for a link to reset your password'
|
149
|
-
frame {
|
155
|
+
frame { t :account_check_email }
|
150
156
|
end
|
151
157
|
|
152
158
|
view :signin_buttons do
|
@@ -162,30 +168,31 @@ format :html do
|
|
162
168
|
end
|
163
169
|
|
164
170
|
def reset_password_voo
|
165
|
-
voo.title ||=
|
171
|
+
voo.title ||= t :account_forgot_password
|
166
172
|
voo.edit_structure = [signin_field(:email)]
|
167
173
|
voo.hide :help
|
168
174
|
end
|
169
175
|
|
170
176
|
view :edit_buttons do
|
171
|
-
button_tag
|
177
|
+
button_tag t(:account_reset_my_password),
|
172
178
|
situation: "primary", class: "_close-modal-on-success"
|
173
179
|
end
|
174
180
|
|
175
181
|
def signin_success
|
176
|
-
|
182
|
+
{ redirect: true, mark: (Env.interrupted_action || "*previous") }
|
177
183
|
end
|
178
184
|
|
179
185
|
def signin_button
|
180
|
-
button_tag
|
186
|
+
button_tag t(:account_sign_in), situation: "primary"
|
181
187
|
end
|
182
188
|
|
183
189
|
def signup_link
|
184
|
-
subformat(Card[:account_links]).render! :sign_up, title:
|
190
|
+
subformat(Card[:account_links]).render! :sign_up, title: t(:account_or_sign_up)
|
185
191
|
end
|
186
192
|
|
187
193
|
def reset_password_link
|
188
|
-
link = link_to_view :edit,
|
194
|
+
link = link_to_view :edit, t(:account_reset_password),
|
195
|
+
path: { slot: { hide: :bridge_link } }
|
189
196
|
# FIXME: inline styling
|
190
197
|
raw("<div style='float:right'>#{link}</div>")
|
191
198
|
end
|
data/set/type/signup/views.rb
CHANGED
@@ -4,7 +4,7 @@ format :html do
|
|
4
4
|
end
|
5
5
|
|
6
6
|
view :new do
|
7
|
-
voo.title = invitation? ?
|
7
|
+
voo.title = invitation? ? t(:account_invite) : t(:account_sign_up)
|
8
8
|
super()
|
9
9
|
end
|
10
10
|
|
@@ -20,6 +20,7 @@ format :html do
|
|
20
20
|
|
21
21
|
def invite_button
|
22
22
|
return unless invitation?
|
23
|
+
|
23
24
|
button_tag "Send Invitation", situation: "primary"
|
24
25
|
end
|
25
26
|
|
@@ -46,7 +47,7 @@ format :html do
|
|
46
47
|
if card.account
|
47
48
|
verification_lines
|
48
49
|
else
|
49
|
-
[
|
50
|
+
[t(:account_missing_account)]
|
50
51
|
end
|
51
52
|
end
|
52
53
|
|
@@ -57,12 +58,14 @@ format :html do
|
|
57
58
|
def verification_sent_line
|
58
59
|
account = card.account
|
59
60
|
return unless account.email_card.ok?(:read)
|
61
|
+
|
60
62
|
"A verification email has been sent to #{account.email}"
|
61
63
|
end
|
62
64
|
|
63
65
|
def verification_link_line
|
64
66
|
links = verification_links
|
65
67
|
return if links.empty?
|
68
|
+
|
66
69
|
links.join " "
|
67
70
|
end
|
68
71
|
|
@@ -81,6 +84,7 @@ format :html do
|
|
81
84
|
|
82
85
|
def approval_link text, with_or_without
|
83
86
|
return unless card.can_approve?
|
87
|
+
|
84
88
|
link_to_card card, text,
|
85
89
|
path: { action: :update,
|
86
90
|
card: { trigger: "approve_#{with_or_without}_verification" } }
|
@@ -88,6 +92,7 @@ format :html do
|
|
88
92
|
|
89
93
|
def deny_link
|
90
94
|
return unless card.ok? :delete
|
95
|
+
|
91
96
|
link_to_card card, "Deny and delete", path: { action: :delete }
|
92
97
|
end
|
93
98
|
end
|
data/set/type/user.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: card-mod-account
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.12.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ethan McCutchen
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2021-
|
13
|
+
date: 2021-07-05 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: card
|
@@ -18,56 +18,56 @@ dependencies:
|
|
18
18
|
requirements:
|
19
19
|
- - '='
|
20
20
|
- !ruby/object:Gem::Version
|
21
|
-
version: 1.
|
21
|
+
version: 1.102.0
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
25
25
|
requirements:
|
26
26
|
- - '='
|
27
27
|
- !ruby/object:Gem::Version
|
28
|
-
version: 1.
|
28
|
+
version: 1.102.0
|
29
29
|
- !ruby/object:Gem::Dependency
|
30
30
|
name: card-mod-email
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
32
32
|
requirements:
|
33
33
|
- - '='
|
34
34
|
- !ruby/object:Gem::Version
|
35
|
-
version: 0.
|
35
|
+
version: 0.12.0
|
36
36
|
type: :runtime
|
37
37
|
prerelease: false
|
38
38
|
version_requirements: !ruby/object:Gem::Requirement
|
39
39
|
requirements:
|
40
40
|
- - '='
|
41
41
|
- !ruby/object:Gem::Version
|
42
|
-
version: 0.
|
42
|
+
version: 0.12.0
|
43
43
|
- !ruby/object:Gem::Dependency
|
44
44
|
name: card-mod-permissions
|
45
45
|
requirement: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
47
|
- - '='
|
48
48
|
- !ruby/object:Gem::Version
|
49
|
-
version: 0.
|
49
|
+
version: 0.12.0
|
50
50
|
type: :runtime
|
51
51
|
prerelease: false
|
52
52
|
version_requirements: !ruby/object:Gem::Requirement
|
53
53
|
requirements:
|
54
54
|
- - '='
|
55
55
|
- !ruby/object:Gem::Version
|
56
|
-
version: 0.
|
56
|
+
version: 0.12.0
|
57
57
|
- !ruby/object:Gem::Dependency
|
58
58
|
name: card-mod-list
|
59
59
|
requirement: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
61
|
- - '='
|
62
62
|
- !ruby/object:Gem::Version
|
63
|
-
version: 0.
|
63
|
+
version: 0.12.0
|
64
64
|
type: :runtime
|
65
65
|
prerelease: false
|
66
66
|
version_requirements: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
68
|
- - '='
|
69
69
|
- !ruby/object:Gem::Version
|
70
|
-
version: 0.
|
70
|
+
version: 0.12.0
|
71
71
|
description: ''
|
72
72
|
email:
|
73
73
|
- info@decko.org
|
@@ -82,13 +82,11 @@ files:
|
|
82
82
|
- set/right/account.rb
|
83
83
|
- set/right/account/events.rb
|
84
84
|
- set/right/account/views.rb
|
85
|
-
- set/right/api_key.rb
|
86
85
|
- set/right/email.rb
|
87
86
|
- set/right/password.rb
|
88
87
|
- set/right/roles.rb
|
89
88
|
- set/right/salt.rb
|
90
89
|
- set/right/status.rb
|
91
|
-
- set/self/captcha.rb
|
92
90
|
- set/self/signin.rb
|
93
91
|
- set/type/role.rb
|
94
92
|
- set/type/signup.rb
|
@@ -122,7 +120,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
122
120
|
- !ruby/object:Gem::Version
|
123
121
|
version: '0'
|
124
122
|
requirements: []
|
125
|
-
rubygems_version: 3.
|
123
|
+
rubygems_version: 3.2.15
|
126
124
|
signing_key:
|
127
125
|
specification_version: 4
|
128
126
|
summary: Email-based account handling for decko cards
|
data/set/right/api_key.rb
DELETED
@@ -1,48 +0,0 @@
|
|
1
|
-
include_set Abstract::AccountField
|
2
|
-
|
3
|
-
# DURATIONS = "second|minute|hour|day|week|month|year".freeze
|
4
|
-
|
5
|
-
def history?
|
6
|
-
false
|
7
|
-
end
|
8
|
-
|
9
|
-
view :raw do
|
10
|
-
tr :private_data
|
11
|
-
end
|
12
|
-
|
13
|
-
def validate! api_key
|
14
|
-
error =
|
15
|
-
case
|
16
|
-
when !real? then [:token_not_found, tr(:error_token_not_found)]
|
17
|
-
# when expired? then [:token_expired, tr(:error_token_expired)]
|
18
|
-
when content != api_key then [:incorrect_token, tr(:error_incorrect_token)]
|
19
|
-
end
|
20
|
-
errors.add(*error) if error
|
21
|
-
error.nil?
|
22
|
-
end
|
23
|
-
|
24
|
-
# def expired?
|
25
|
-
# !permanent? && updated_at <= term.ago
|
26
|
-
# end
|
27
|
-
#
|
28
|
-
# def permanent?
|
29
|
-
# term == "permanent"
|
30
|
-
# end
|
31
|
-
|
32
|
-
# def term
|
33
|
-
# @term ||=
|
34
|
-
# if expiration.present?
|
35
|
-
# term_from_string expiration
|
36
|
-
# else
|
37
|
-
# Card.config.token_expiry
|
38
|
-
# end
|
39
|
-
# end
|
40
|
-
|
41
|
-
# def term_from_string string
|
42
|
-
# string.strip!
|
43
|
-
# return "permanent" if string == "none"
|
44
|
-
# re_match = /^(\d+)[\.\s]*(#{DURATIONS})s?$/.match(string)
|
45
|
-
# number, unit = re_match.captures if re_match
|
46
|
-
# raise Card::Open::Error, tr(:exception_bad_expiration, example: '2 days') unless unit
|
47
|
-
# number.to_i.send unit
|
48
|
-
# end
|