coalescing_panda 4.8.0.beta.1 → 5.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/assets/config/coalescing_panda/manifest.js +3 -0
- data/app/controllers/coalescing_panda/oauth2_controller.rb +2 -0
- data/app/models/coalescing_panda/persistent_session.rb +1 -1
- data/lib/coalescing_panda/controller_helpers.rb +12 -12
- data/lib/coalescing_panda/engine.rb +11 -0
- data/lib/coalescing_panda/version.rb +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 683daed32c44f738fe0747932f43a2be9ee00490ac44b6bbda7a0c5f2e513660
|
4
|
+
data.tar.gz: 893aca1614fee0eef49a1bf9eeb2f0b02de240df3168ae82940a0f102a7e6a30
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c1666f7c708b34cd1161e53fcc2346c5122fd847797d9d2ddb7e9887ddb30e4e54a8992fc50b7998bf15153f6fc3bd851a1542bf7b93e0de34fa3a5b7aff4ca
|
7
|
+
data.tar.gz: c385b2c0e634fa4edc0bef7c2f14f7b6c5c484e8c0cee109095aed1bc1fd57c91d742aa401e6f2ad85cf8aeb232c0dea60c9dbb4f149706edb24cd0713c7ae92
|
@@ -10,7 +10,7 @@ module CoalescingPanda
|
|
10
10
|
|
11
11
|
def self.create_from_launch(launch_params, account_id)
|
12
12
|
session = PersistentSession.new(coalescing_panda_lti_account_id: account_id)
|
13
|
-
session.data[:launch_params] = launch_params.to_unsafe_h
|
13
|
+
session.data[:launch_params] = launch_params.to_unsafe_h.with_indifferent_access
|
14
14
|
session.data[:roles] = launch_params['roles'].split(',').map { |role|
|
15
15
|
case role.downcase.strip
|
16
16
|
when 'admin'
|
@@ -187,11 +187,11 @@ module CoalescingPanda
|
|
187
187
|
end
|
188
188
|
|
189
189
|
def organization_key
|
190
|
-
params[:oauth_consumer_key] || current_session_data[:
|
190
|
+
params[:oauth_consumer_key] || (current_session_data[:launch_params][:oauth_consumer_key] if @current_session)
|
191
191
|
end
|
192
192
|
|
193
193
|
def organization_id
|
194
|
-
params[:organization_id]
|
194
|
+
params[:organization_id] || (current_session_data[:launch_params][:organization_id] if @current_session)
|
195
195
|
end
|
196
196
|
|
197
197
|
def session_key
|
@@ -218,26 +218,26 @@ module CoalescingPanda
|
|
218
218
|
# nicely with webpack-dev-server live reloading (otherwise
|
219
219
|
# you get an access error every time it tries to live reload).
|
220
220
|
|
221
|
-
def redirect_with_session_to(path,
|
222
|
-
if Rails.env.development?
|
223
|
-
redirect_development_mode(path,
|
221
|
+
def redirect_with_session_to(path, id_or_resource = nil, redirect_params = {})
|
222
|
+
if Rails.env.development? || Rails.env.test?
|
223
|
+
redirect_development_mode(path, id_or_resource, redirect_params)
|
224
224
|
else
|
225
|
-
redirect_production_mode(path,
|
225
|
+
redirect_production_mode(path, id_or_resource, redirect_params)
|
226
226
|
end
|
227
227
|
end
|
228
228
|
|
229
|
-
def redirect_development_mode(path,
|
230
|
-
redirect_to send(path,
|
229
|
+
def redirect_development_mode(path, id_or_resource = nil, redirect_params)
|
230
|
+
redirect_to send(path, id_or_resource, {
|
231
231
|
session_key: current_session.session_key,
|
232
232
|
organization_id: current_lti_account.id
|
233
|
-
}.merge(
|
233
|
+
}.merge(redirect_params))
|
234
234
|
end
|
235
235
|
|
236
|
-
def redirect_production_mode(path,
|
237
|
-
redirect_to send(path,
|
236
|
+
def redirect_production_mode(path, id_or_resource = nil, redirect_params)
|
237
|
+
redirect_to send(path, id_or_resource, {
|
238
238
|
encrypted_session_key: encrypted_session_key,
|
239
239
|
organization_id: current_lti_account.id
|
240
|
-
}.merge(
|
240
|
+
}.merge(redirect_params))
|
241
241
|
end
|
242
242
|
|
243
243
|
end
|
@@ -25,6 +25,10 @@ module CoalescingPanda
|
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
|
+
initializer 'coalescing_panda.assets' do |app|
|
29
|
+
app.config.assets.precompile << 'coalescing_panda/manifest.js'
|
30
|
+
end
|
31
|
+
|
28
32
|
initializer 'cloaescing_panda.route_helper' do |route|
|
29
33
|
ActionDispatch::Routing::Mapper.send :include, CoalescingPanda::RouteHelpers
|
30
34
|
end
|
@@ -50,6 +54,9 @@ module CoalescingPanda
|
|
50
54
|
# https://github.com/MiniProfiler/rack-mini-profiler/issues/327
|
51
55
|
# DON'T ENABLE THIS FOR PRODUCTION!
|
52
56
|
script_src << "'unsafe-eval'"
|
57
|
+
elsif CoalescingPanda.lti_options.has_key?(:allow_unsafe_eval) && CoalescingPanda.lti_options[:allow_unsafe_eval] == true
|
58
|
+
# For when code is returned from server and injected into dom. Need to have unsafe-eval or it won't work.
|
59
|
+
script_src << "'unsafe-eval'"
|
53
60
|
end
|
54
61
|
|
55
62
|
SecureHeaders::Configuration.default do |config|
|
@@ -80,6 +87,10 @@ module CoalescingPanda
|
|
80
87
|
SecureHeaders::Configuration.override(:safari_override) do |config|
|
81
88
|
config.cookies = SecureHeaders::OPT_OUT
|
82
89
|
end
|
90
|
+
|
91
|
+
SecureHeaders::Configuration.override(:allow_inline_scripts) do |config|
|
92
|
+
config.csp[:script_src] << "'unsafe-inline'"
|
93
|
+
end
|
83
94
|
end
|
84
95
|
|
85
96
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: coalescing_panda
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nathan Mills
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2020-
|
13
|
+
date: 2020-07-27 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rails
|
@@ -400,6 +400,7 @@ extensions: []
|
|
400
400
|
extra_rdoc_files: []
|
401
401
|
files:
|
402
402
|
- Rakefile
|
403
|
+
- app/assets/config/coalescing_panda/manifest.js
|
403
404
|
- app/assets/images/bootstrap/glyphicons-halflings-white.png
|
404
405
|
- app/assets/images/bootstrap/glyphicons-halflings.png
|
405
406
|
- app/assets/javascripts/coalescing_panda/application.js
|
@@ -563,9 +564,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
563
564
|
version: '0'
|
564
565
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
565
566
|
requirements:
|
566
|
-
- - "
|
567
|
+
- - ">="
|
567
568
|
- !ruby/object:Gem::Version
|
568
|
-
version:
|
569
|
+
version: '0'
|
569
570
|
requirements: []
|
570
571
|
rubygems_version: 3.1.2
|
571
572
|
signing_key:
|