coalescing_panda 4.8.0.beta.1 → 5.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/assets/config/coalescing_panda/manifest.js +3 -0
- data/app/controllers/coalescing_panda/oauth2_controller.rb +2 -0
- data/app/models/coalescing_panda/persistent_session.rb +1 -1
- data/lib/coalescing_panda/controller_helpers.rb +12 -12
- data/lib/coalescing_panda/engine.rb +11 -0
- data/lib/coalescing_panda/version.rb +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 683daed32c44f738fe0747932f43a2be9ee00490ac44b6bbda7a0c5f2e513660
|
4
|
+
data.tar.gz: 893aca1614fee0eef49a1bf9eeb2f0b02de240df3168ae82940a0f102a7e6a30
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c1666f7c708b34cd1161e53fcc2346c5122fd847797d9d2ddb7e9887ddb30e4e54a8992fc50b7998bf15153f6fc3bd851a1542bf7b93e0de34fa3a5b7aff4ca
|
7
|
+
data.tar.gz: c385b2c0e634fa4edc0bef7c2f14f7b6c5c484e8c0cee109095aed1bc1fd57c91d742aa401e6f2ad85cf8aeb232c0dea60c9dbb4f149706edb24cd0713c7ae92
|
@@ -10,7 +10,7 @@ module CoalescingPanda
|
|
10
10
|
|
11
11
|
def self.create_from_launch(launch_params, account_id)
|
12
12
|
session = PersistentSession.new(coalescing_panda_lti_account_id: account_id)
|
13
|
-
session.data[:launch_params] = launch_params.to_unsafe_h
|
13
|
+
session.data[:launch_params] = launch_params.to_unsafe_h.with_indifferent_access
|
14
14
|
session.data[:roles] = launch_params['roles'].split(',').map { |role|
|
15
15
|
case role.downcase.strip
|
16
16
|
when 'admin'
|
@@ -187,11 +187,11 @@ module CoalescingPanda
|
|
187
187
|
end
|
188
188
|
|
189
189
|
def organization_key
|
190
|
-
params[:oauth_consumer_key] || current_session_data[:
|
190
|
+
params[:oauth_consumer_key] || (current_session_data[:launch_params][:oauth_consumer_key] if @current_session)
|
191
191
|
end
|
192
192
|
|
193
193
|
def organization_id
|
194
|
-
params[:organization_id]
|
194
|
+
params[:organization_id] || (current_session_data[:launch_params][:organization_id] if @current_session)
|
195
195
|
end
|
196
196
|
|
197
197
|
def session_key
|
@@ -218,26 +218,26 @@ module CoalescingPanda
|
|
218
218
|
# nicely with webpack-dev-server live reloading (otherwise
|
219
219
|
# you get an access error every time it tries to live reload).
|
220
220
|
|
221
|
-
def redirect_with_session_to(path,
|
222
|
-
if Rails.env.development?
|
223
|
-
redirect_development_mode(path,
|
221
|
+
def redirect_with_session_to(path, id_or_resource = nil, redirect_params = {})
|
222
|
+
if Rails.env.development? || Rails.env.test?
|
223
|
+
redirect_development_mode(path, id_or_resource, redirect_params)
|
224
224
|
else
|
225
|
-
redirect_production_mode(path,
|
225
|
+
redirect_production_mode(path, id_or_resource, redirect_params)
|
226
226
|
end
|
227
227
|
end
|
228
228
|
|
229
|
-
def redirect_development_mode(path,
|
230
|
-
redirect_to send(path,
|
229
|
+
def redirect_development_mode(path, id_or_resource = nil, redirect_params)
|
230
|
+
redirect_to send(path, id_or_resource, {
|
231
231
|
session_key: current_session.session_key,
|
232
232
|
organization_id: current_lti_account.id
|
233
|
-
}.merge(
|
233
|
+
}.merge(redirect_params))
|
234
234
|
end
|
235
235
|
|
236
|
-
def redirect_production_mode(path,
|
237
|
-
redirect_to send(path,
|
236
|
+
def redirect_production_mode(path, id_or_resource = nil, redirect_params)
|
237
|
+
redirect_to send(path, id_or_resource, {
|
238
238
|
encrypted_session_key: encrypted_session_key,
|
239
239
|
organization_id: current_lti_account.id
|
240
|
-
}.merge(
|
240
|
+
}.merge(redirect_params))
|
241
241
|
end
|
242
242
|
|
243
243
|
end
|
@@ -25,6 +25,10 @@ module CoalescingPanda
|
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
|
+
initializer 'coalescing_panda.assets' do |app|
|
29
|
+
app.config.assets.precompile << 'coalescing_panda/manifest.js'
|
30
|
+
end
|
31
|
+
|
28
32
|
initializer 'cloaescing_panda.route_helper' do |route|
|
29
33
|
ActionDispatch::Routing::Mapper.send :include, CoalescingPanda::RouteHelpers
|
30
34
|
end
|
@@ -50,6 +54,9 @@ module CoalescingPanda
|
|
50
54
|
# https://github.com/MiniProfiler/rack-mini-profiler/issues/327
|
51
55
|
# DON'T ENABLE THIS FOR PRODUCTION!
|
52
56
|
script_src << "'unsafe-eval'"
|
57
|
+
elsif CoalescingPanda.lti_options.has_key?(:allow_unsafe_eval) && CoalescingPanda.lti_options[:allow_unsafe_eval] == true
|
58
|
+
# For when code is returned from server and injected into dom. Need to have unsafe-eval or it won't work.
|
59
|
+
script_src << "'unsafe-eval'"
|
53
60
|
end
|
54
61
|
|
55
62
|
SecureHeaders::Configuration.default do |config|
|
@@ -80,6 +87,10 @@ module CoalescingPanda
|
|
80
87
|
SecureHeaders::Configuration.override(:safari_override) do |config|
|
81
88
|
config.cookies = SecureHeaders::OPT_OUT
|
82
89
|
end
|
90
|
+
|
91
|
+
SecureHeaders::Configuration.override(:allow_inline_scripts) do |config|
|
92
|
+
config.csp[:script_src] << "'unsafe-inline'"
|
93
|
+
end
|
83
94
|
end
|
84
95
|
|
85
96
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: coalescing_panda
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nathan Mills
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2020-
|
13
|
+
date: 2020-07-27 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rails
|
@@ -400,6 +400,7 @@ extensions: []
|
|
400
400
|
extra_rdoc_files: []
|
401
401
|
files:
|
402
402
|
- Rakefile
|
403
|
+
- app/assets/config/coalescing_panda/manifest.js
|
403
404
|
- app/assets/images/bootstrap/glyphicons-halflings-white.png
|
404
405
|
- app/assets/images/bootstrap/glyphicons-halflings.png
|
405
406
|
- app/assets/javascripts/coalescing_panda/application.js
|
@@ -563,9 +564,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
563
564
|
version: '0'
|
564
565
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
565
566
|
requirements:
|
566
|
-
- - "
|
567
|
+
- - ">="
|
567
568
|
- !ruby/object:Gem::Version
|
568
|
-
version:
|
569
|
+
version: '0'
|
569
570
|
requirements: []
|
570
571
|
rubygems_version: 3.1.2
|
571
572
|
signing_key:
|