RubyGems - chaltron - Versions diffs - 1.1.6 → 1.1.7 - Mend

chaltron 1.1.6 → 1.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

checksums.yaml +4 -4
data/app/controllers/chaltron/omniauth_callbacks_controller.rb +4 -7
data/app/controllers/chaltron/users_controller.rb +10 -0
data/app/helpers/chaltron/users_helper.rb +12 -7
data/app/models/user.rb +24 -0
data/app/views/chaltron/users/show.html.erb +15 -4
data/app/views/locales/en.yml +2 -0
data/app/views/locales/it.yml +2 -0
data/config/initializers/warden.rb +31 -0
data/config/locales/en.yml +2 -1
data/config/locales/it.yml +2 -1
data/config/routes.rb +5 -2
data/db/migrate/20200414150601_add_enabled_to_users.rb +5 -0
data/lib/chaltron/version.rb +1 -1
data/lib/generators/chaltron/install/templates/Procfile +1 -0
metadata +19 -3
data/app/controllers/chaltron/sessions_controller.rb +0 -17

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b5a8e03b4ed2bea1ef2bdd39e00edb3f71001142f4d58f9fad4f9acbbf27cfc7
-  data.tar.gz: 44aa8e6409c252816a7f3bf2bacff397a9dfbc3f40b6c95b5ccc79c5f675044d
+  metadata.gz: c903358c42ce7e75e0ecae0e4f87b025e9909f769ec87c7644a02fa36cf8a948
+  data.tar.gz: 5cf855bce93ee306d909091109db3947c279ab284a00e96662b748b17fdb9a2c
 SHA512:
-  metadata.gz: 673cf0c5e3c66a1d1d846fb8e2cbd131b59e0e4c5091648e34c3b0006e28a25113d752aa35b845cd637ad9cf5ee0910cdf245692d41eb745a2e499825ee9f2db
-  data.tar.gz: 947026bc6ee89b70b1d41cfec36037fefd48ff2f0849e1da99e2b7e0c2068c647bd3c763a8ccf7e5ac261bfce401c4fd4495ef31eb948faafdb5ae036d58d962
+  metadata.gz: 6e272d644dd254dffb34be9997ce334fbd5ce76894c9315933cc8a0ac766c212eeba164c7deffdc93e87ef34e7bc9ae889ebcb249b5b3d99155cc5af6a1cc270
+  data.tar.gz: d5867fa6b7f3e3279db592afada65c3bb85d801a17f604e56c7c660d871e33edc5f0afe7ef3703bfbbaa95074a7223df8d8aca954531e9066da36793decfb943

data/app/controllers/chaltron/omniauth_callbacks_controller.rb CHANGED

@@ -3,7 +3,7 @@ require 'chaltron/ldap/user'
 module Chaltron
   class OmniauthCallbacksController < Devise::OmniauthCallbacksController
-  default_log_category :login
+    default_log_category :login
     def ldap
 #      puts '##########################################'
@@ -12,15 +12,12 @@ module Chaltron
       # We only find ourselves here
       # if the authentication to LDAP was successful.
       user = Chaltron::LDAP::User.find_or_create(oauth, Chaltron.ldap_allow_all)
-      user = Chaltron.ldap_after_authenticate.call(user, Chaltron::LDAP::Connection.new)
       if user.nil?
-        redirect_to root_url, alert: I18n.t('chaltron.not_allowed_to_sign_in')
+        redirect_to new_user_session_url, alert: I18n.t('chaltron.not_allowed_to_sign_in')
       else
         user.remember_me = params[:remember_me] if user.persisted?
-        flash[:notice] = I18n.t('devise.sessions.signed_in')
-        info I18n.t('chaltron.logs.login_via', user: user.display_name, provider: 'ldap')
-        sign_in_and_redirect(user)
+        sign_in_and_redirect(user, event: :authentication)
+        set_flash_message(:notice, :success, kind: 'LDAP')
       end
     end

data/app/controllers/chaltron/users_controller.rb CHANGED

@@ -43,6 +43,16 @@ class Chaltron::UsersController < ApplicationController
     respond_with(@user)
   end
+  def enable
+    @user.enable!
+    redirect_to(@user)
+  end
+  def disable
+    @user.disable!
+    redirect_to(@user)
+  end
   def self_update
     user_params_with_pass = self_update_params.dup.to_h
     if params[:user][:password].present?

data/app/helpers/chaltron/users_helper.rb CHANGED

@@ -1,11 +1,16 @@
 module Chaltron::UsersHelper
-  def display_username(user)
-    if user == current_user
-      link_to(user.username, user) + '&nbsp;'.html_safe +
-        content_tag(:span, I18n.t('chaltron.users.it_s_you'), class: 'badge badge-success')
-    else
-      link_to user.username, user
-    end
+  def display_username(user, link = true)
+    capture do
+      if link
+        concat link_to(user.username, user)
+      else
+        concat content_tag(:span, user.username)
+      end
+      concat content_tag(:span, I18n.t('chaltron.users.it_s_you'),
+        class: 'badge badge-success ml-2') if user == current_user
+      concat content_tag :span, t('.disabled'),
+        class: 'badge badge-danger ml-2' if user.disabled?
+     end
   end
   def display_side_filter_link(url, active, text, count)

data/app/models/user.rb CHANGED

@@ -30,4 +30,28 @@ class User < ApplicationRecord
     provider == 'ldap'
   end
+  def enabled?
+    self.enabled
+  end
+  def disabled?
+    !self.enabled
+  end
+  def enable!
+    update!(enabled: true)
+  end
+  def disable!
+    update!(enabled: false)
+  end
+  def active_for_authentication?
+    super && enabled?
+  end
+  def inactive_message
+    I18n.t('chaltron.users.inactive_message')
+  end
 end

data/app/views/chaltron/users/show.html.erb CHANGED

@@ -8,7 +8,7 @@
         <ul class='list-group list-group-flush'>
           <li class='list-group-item'>
             <span><%= User.human_attribute_name(:username) %>: </span>
-            <strong><%= @user.username %></strong>
+            <strong><%= display_username(@user, false) %></strong>
           </li>
           <li class='list-group-item'>
             <span><%= User.human_attribute_name(:fullname) %>: </span>
@@ -64,9 +64,20 @@
   <% end %>
   <div class='float-right'>
-    <%= link_to edit_user_path(@user), class: 'btn btn-primary' do %>
-      <%= icon :fas, :edit, t('.edit') %>
-    <% end if can? :edit, @user %>
+    <% if can? :edit, @user %>
+      <%= link_to edit_user_path(@user), class: 'btn btn-primary' do %>
+        <%= icon :fas, :edit, t('.edit') %>
+      <% end %>
+      <% if @user.enabled? %>
+        <%= link_to disable_user_path(@user), class: 'btn btn-danger' do %>
+          <%= icon :fas, 'user-slash', t('.disable') %>
+        <% end %>
+      <% else %>
+        <%= link_to enable_user_path(@user), class: 'btn btn-primary' do %>
+          <%= icon :fas, :user, t('.enable') %>
+        <% end %>
+      <% end %>
+    <% end %>
     <%= link_to @user, method: :delete, class: 'btn btn-danger',
       disabled: current_user == @user,
       data: { confirm: t('.destroy_confirm', user: @user.username) } do %>

data/app/views/locales/en.yml CHANGED

@@ -57,6 +57,8 @@ en:
           activity: Activity
           details: Details
         edit: Edit
+        enable: Abilita
+        disable: Disabilita
         destroy: Destroy
         destroy_confirm: Are you sure you want to destroy %{user}?
       self_show:

data/app/views/locales/it.yml CHANGED

@@ -57,6 +57,8 @@ it:
           activity: Attività
           details: Dettagli
         edit: Modifica
+        enable: Abilita
+        disable: Disabilita
         destroy: Cancella
         destroy_confirm: Sei sicuro di voler cancellare %{user}?
       self_show:

data/config/initializers/warden.rb ADDED

@@ -0,0 +1,31 @@
+require 'chaltron/ldap/user'
+Warden::Manager.after_set_user do |record, warden, options|
+  # LDAP callback. Last check before authentication
+  if record && record.ldap_user? &&
+    Chaltron.ldap_after_authenticate.call(record, Chaltron::LDAP::Connection.new).nil?
+    scope = options[:scope]
+    warden.logout(scope)
+    throw :warden, scope: scope, message: I18n.t('chaltron.not_allowed_to_sign_in')
+  end
+end
+# Log after authentication
+Warden::Manager.after_authentication do |user,auth,opts|
+  Log.create(
+    message: I18n.t('chaltron.logs.login', user: user.display_name),
+    category: :login,
+    severity: :info
+  ) if user
+end
+Warden::Manager.before_logout do |user,auth,opts|
+  # LDAP callback
+  Chaltron.ldap_before_logout.call(user, Chaltron::LDAP::Connection.new) if user.ldap_user?
+  # Log before logout
+  Log.create(
+    message: I18n.t('chaltron.logs.logout', user: user.display_name),
+    category: :login,
+    severity: :info
+  ) if user
+end

data/config/locales/en.yml CHANGED

@@ -23,8 +23,10 @@ en:
       self_updated: Account data successfully updated.
       cannot_self_destroy: You cannot destroy your own account.
       it_s_you: It's you!
+      disabled: Disabled
       missing_field: Missing!
       already_present: Already present!
+      inactive_message: Your account has been disabled.
     logs:
       severity:
         emerg: Emergency
@@ -40,7 +42,6 @@ en:
         user_admin: User administration
       login: "%{user} has logged in successfully"
       logout: "%{user} has logged out successfully"
-      login_via: "%{user} has logged in successfully with %{provider}"
       users:
         created: "%{current} created user %{user}"
         destroyed: "%{current} destroyed user %{user}"

data/config/locales/it.yml CHANGED

@@ -23,8 +23,10 @@ it:
       self_updated: Dati personali aggiornati con successo.
       cannot_self_destroy: Non puoi cancellare il tuo stesso account.
       it_s_you: Sei tu!
+      disabled: Disabilitato
       missing_field: Manca!
       already_present: Giá presente!
+      inactive_message: Il tuo account è stato disabilitato.
     logs:
       severity:
         emerg: Emergenza
@@ -40,7 +42,6 @@ it:
         user_admin: Amministrazione utenti
       login: "%{user} ha effettuato il login con successo"
       logout: "%{user} ha effettuato il logout con successo"
-      login_via: "%{user} ha effettuato il login con successo via %{provider}"
       users:
         created: "%{current} ha creato l'utente %{user}"
         destroyed: "%{current} ha cancellato l'utente %{user}"

data/config/routes.rb CHANGED

@@ -1,7 +1,6 @@
 Rails.application.routes.draw do
   devise_for :users, controllers: {
-    omniauth_callbacks: 'chaltron/omniauth_callbacks',
-    sessions: 'chaltron/sessions'
+    omniauth_callbacks: 'chaltron/omniauth_callbacks'
   }
   resources :users, controller: 'chaltron/users' do
@@ -10,6 +9,10 @@ Rails.application.routes.draw do
       get   'self_edit'
       patch 'self_update'
     end
+    member do
+      get 'enable'
+      get 'disable'
+    end
   end
   resources :logs, controller: 'chaltron/logs', only: [:index, :show]

data/db/migrate/20200414150601_add_enabled_to_users.rb ADDED

@@ -0,0 +1,5 @@
+class AddEnabledToUsers < ActiveRecord::Migration[5.2]
+  def change
+      add_column :users, :enabled, :boolean, default: true
+  end
+end

data/lib/chaltron/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Chaltron
-  VERSION = '1.1.6'.freeze
+  VERSION = '1.1.7'.freeze
 end

data/lib/generators/chaltron/install/templates/Procfile ADDED

	@@ -0,0 +1 @@
1	+ webpacker: ./bin/webpack-dev-server

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chaltron
 version: !ruby/object:Gem::Version
-  version: 1.1.6
+  version: 1.1.7
 platform: ruby
 authors:
 - vicvega
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-09-05 00:00:00.000000000 Z
+date: 2020-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -66,6 +66,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-rails_csrf_protection
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: gitlab_omniauth-ldap
   requirement: !ruby/object:Gem::Requirement
@@ -397,7 +411,6 @@ files:
 - app/controllers/chaltron/ldap_controller.rb
 - app/controllers/chaltron/logs_controller.rb
 - app/controllers/chaltron/omniauth_callbacks_controller.rb
-- app/controllers/chaltron/sessions_controller.rb
 - app/controllers/chaltron/users_controller.rb
 - app/datatables/log_datatable.rb
 - app/helpers/chaltron/ldap_helper.rb
@@ -435,6 +448,7 @@ files:
 - app/views/locales/it.yml
 - config/chaltron_navigation.rb
 - config/initializers/devise.rb
+- config/initializers/warden.rb
 - config/locales/devise.en.yml
 - config/locales/devise.it.yml
 - config/locales/en.yml
@@ -446,6 +460,7 @@ files:
 - db/migrate/20140909115653_add_roles_mask_to_users.rb
 - db/migrate/20141205095036_add_additional_ldap_info_to_user.rb
 - db/migrate/20150127174621_create_logs.rb
+- db/migrate/20200414150601_add_enabled_to_users.rb
 - lib/chaltron.rb
 - lib/chaltron/banner.rb
 - lib/chaltron/bootstrap_form.rb
@@ -455,6 +470,7 @@ files:
 - lib/chaltron/ldap/person.rb
 - lib/chaltron/ldap/user.rb
 - lib/chaltron/version.rb
+- lib/generators/chaltron/install/templates/Procfile
 - lib/generators/chaltron/install_generator.rb
 - lib/generators/chaltron/templates/app/assets/images/700x300.gif
 - lib/generators/chaltron/templates/app/assets/images/favicon.ico

data/app/controllers/chaltron/sessions_controller.rb DELETED

@@ -1,17 +0,0 @@
-require 'chaltron/ldap/connection'
-class Chaltron::SessionsController  < Devise::SessionsController
-  after_action :after_login, only: :create
-  before_action :before_logout, only: :destroy
-  default_log_category :login
-  def after_login
-    info I18n.t('chaltron.logs.login', user: current_user.display_name)
-  end
-  def before_logout
-    Chaltron.ldap_before_logout.call(current_user, Chaltron::LDAP::Connection.new) if current_user.ldap_user?
-    info I18n.t('chaltron.logs.logout', user: current_user.display_name)
-  end
-end