cul_omniauth 0.6.1 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cul/omniauth/version.rb +1 -1
- data/lib/cul/omniauth.rb +8 -0
- data/lib/cul_omniauth.rb +6 -14
- data/lib/omni_auth/strategies/{saml.rb → s_a_m_l.rb} +2 -2
- data/lib/omni_auth/strategies/{wind.rb → w_i_n_d.rb} +2 -2
- data/spec/dummy/Rakefile +1 -1
- data/spec/dummy/app/assets/stylesheets/application.css +1 -15
- data/spec/dummy/app/channels/application_cable/channel.rb +4 -0
- data/spec/dummy/app/channels/application_cable/connection.rb +4 -0
- data/spec/dummy/app/controllers/application_controller.rb +0 -3
- data/spec/dummy/app/jobs/application_job.rb +7 -0
- data/spec/dummy/app/mailers/application_mailer.rb +4 -0
- data/spec/dummy/app/models/application_record.rb +3 -0
- data/spec/dummy/app/views/layouts/application.html.erb +10 -9
- data/spec/dummy/app/views/layouts/mailer.html.erb +13 -0
- data/spec/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/spec/dummy/bin/rails +3 -3
- data/spec/dummy/bin/rake +2 -2
- data/spec/dummy/bin/setup +33 -0
- data/spec/dummy/config/application.rb +12 -13
- data/spec/dummy/config/boot.rb +3 -3
- data/spec/dummy/config/cable.yml +10 -0
- data/spec/dummy/config/database.yml +3 -3
- data/spec/dummy/config/environment.rb +1 -1
- data/spec/dummy/config/environments/development.rb +46 -15
- data/spec/dummy/config/environments/production.rb +39 -30
- data/spec/dummy/config/environments/test.rb +34 -13
- data/spec/dummy/config/initializers/content_security_policy.rb +25 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +6 -2
- data/spec/dummy/config/initializers/inflections.rb +4 -4
- data/spec/dummy/config/initializers/permissions_policy.rb +11 -0
- data/spec/dummy/config/locales/en.yml +13 -3
- data/spec/dummy/config/puma.rb +43 -0
- data/spec/dummy/config/routes.rb +3 -1
- data/spec/dummy/config/storage.yml +34 -0
- data/spec/dummy/config.ru +3 -1
- data/spec/dummy/log/test.log +262 -0
- data/spec/dummy/public/404.html +6 -6
- data/spec/dummy/public/422.html +6 -6
- data/spec/dummy/public/500.html +6 -6
- data/spec/dummy/public/apple-touch-icon-precomposed.png +0 -0
- data/spec/dummy/public/apple-touch-icon.png +0 -0
- data/spec/lib/cul/omniauth/callbacks_spec.rb +1 -6
- data/spec/lib/cul/omniauth/users_spec.rb +3 -3
- metadata +61 -18
- data/spec/dummy/config/initializers/assets.rb +0 -8
- /data/lib/omni_auth/strategies/{saml → s_a_m_l}/logout_request.rb +0 -0
- /data/lib/omni_auth/strategies/{saml → s_a_m_l}/service_ticket_validator.rb +0 -0
- /data/lib/omni_auth/strategies/{wind → w_i_n_d}/logout_request.rb +0 -0
- /data/lib/omni_auth/strategies/{wind → w_i_n_d}/service_ticket_validator.rb +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 334f5d7ca694374056822fda633b568234eabe61da1a4f71c81008b33638bf57
|
4
|
+
data.tar.gz: 697738bdf0d97826a5ba750535933b3efbe3fdeaf4ddfecda9cbd0a78359e646
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5218861842d1807c5a753836dd5e928a868f5c90ba96ba2fd0db30ef2046d3283f52f3eddc207284c5ef407882390bd3a6850cba21dc347c2d773c6797f3cb47
|
7
|
+
data.tar.gz: 6b6ec8722c0fe78f48b5799f22b04ac9fa12e93a53a5c28ad24dbacf64c3256ed0a59c4c75873ba7032c402127d0b450383a92dcaebcb4ac8a7cab0a55736ca0
|
data/lib/cul/omniauth/version.rb
CHANGED
data/lib/cul/omniauth.rb
ADDED
data/lib/cul_omniauth.rb
CHANGED
@@ -1,18 +1,10 @@
|
|
1
|
+
require 'devise'
|
1
2
|
require 'omniauth-cas'
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
require "cul/omniauth/engine"
|
8
|
-
end
|
9
|
-
end
|
10
|
-
module OmniAuth
|
11
|
-
module Strategies
|
12
|
-
require 'omni_auth/strategies/saml'
|
13
|
-
require 'omni_auth/strategies/wind'
|
14
|
-
end
|
15
|
-
end
|
3
|
+
require 'cul/omniauth'
|
4
|
+
require 'omni_auth/strategies/s_a_m_l'
|
5
|
+
require 'omni_auth/strategies/w_i_n_d'
|
6
|
+
module CulOmniauth; end
|
7
|
+
|
16
8
|
OmniAuth::Strategies::CAS::ServiceTicketValidator.class
|
17
9
|
class OmniAuth::Strategies::CAS::ServiceTicketValidator
|
18
10
|
alias defunct_parse parse_user_info
|
@@ -12,8 +12,8 @@ module OmniAuth
|
|
12
12
|
# Custom Exceptions
|
13
13
|
class MissingCASTicket < StandardError; end
|
14
14
|
class InvalidCASTicket < StandardError; end
|
15
|
-
autoload :ServiceTicketValidator, 'omni_auth/strategies/
|
16
|
-
autoload :LogoutRequest, 'omni_auth/strategies/
|
15
|
+
autoload :ServiceTicketValidator, 'omni_auth/strategies/s_a_m_l/service_ticket_validator'
|
16
|
+
autoload :LogoutRequest, 'omni_auth/strategies/s_a_m_l/logout_request'
|
17
17
|
|
18
18
|
attr_accessor :raw_info
|
19
19
|
alias_method :user_info, :raw_info
|
@@ -12,8 +12,8 @@ module OmniAuth
|
|
12
12
|
# Custom Exceptions
|
13
13
|
class MissingWINDTicket < StandardError; end
|
14
14
|
class InvalidWINDTicket < StandardError; end
|
15
|
-
autoload :ServiceTicketValidator, 'omni_auth/strategies/
|
16
|
-
autoload :LogoutRequest, 'omni_auth/strategies/
|
15
|
+
autoload :ServiceTicketValidator, 'omni_auth/strategies/w_i_n_d/service_ticket_validator'
|
16
|
+
autoload :LogoutRequest, 'omni_auth/strategies/w_i_n_d/logout_request'
|
17
17
|
|
18
18
|
attr_accessor :raw_info
|
19
19
|
alias_method :user_info, :raw_info
|
data/spec/dummy/Rakefile
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Add your own tasks in files placed in lib/tasks ending in .rake,
|
2
2
|
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
|
3
3
|
|
4
|
-
|
4
|
+
require_relative "config/application"
|
5
5
|
|
6
6
|
Rails.application.load_tasks
|
@@ -1,15 +1 @@
|
|
1
|
-
/*
|
2
|
-
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
-
* listed below.
|
4
|
-
*
|
5
|
-
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
-
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
-
*
|
8
|
-
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
9
|
-
* compiled file so the styles you add here take precedence over styles defined in any styles
|
10
|
-
* defined in the other CSS/SCSS files in this directory. It is generally better to create a new
|
11
|
-
* file per style scope.
|
12
|
-
*
|
13
|
-
*= require_tree .
|
14
|
-
*= require_self
|
15
|
-
*/
|
1
|
+
/* Application styles */
|
@@ -0,0 +1,7 @@
|
|
1
|
+
class ApplicationJob < ActiveJob::Base
|
2
|
+
# Automatically retry jobs that encountered a deadlock
|
3
|
+
# retry_on ActiveRecord::Deadlocked
|
4
|
+
|
5
|
+
# Most jobs are safe to ignore if the underlying records are no longer available
|
6
|
+
# discard_on ActiveJob::DeserializationError
|
7
|
+
end
|
@@ -1,14 +1,15 @@
|
|
1
1
|
<!DOCTYPE html>
|
2
2
|
<html>
|
3
|
-
<head>
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
</head>
|
9
|
-
<body>
|
3
|
+
<head>
|
4
|
+
<title>Dummy</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<%= csrf_meta_tags %>
|
7
|
+
<%= csp_meta_tag %>
|
10
8
|
|
11
|
-
<%=
|
9
|
+
<%= stylesheet_link_tag "application" %>
|
10
|
+
</head>
|
12
11
|
|
13
|
-
|
12
|
+
<body>
|
13
|
+
<%= yield %>
|
14
|
+
</body>
|
14
15
|
</html>
|
@@ -0,0 +1 @@
|
|
1
|
+
<%= yield %>
|
data/spec/dummy/bin/rails
CHANGED
@@ -1,4 +1,4 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
-
APP_PATH = File.expand_path(
|
3
|
-
require_relative
|
4
|
-
require
|
2
|
+
APP_PATH = File.expand_path("../config/application", __dir__)
|
3
|
+
require_relative "../config/boot"
|
4
|
+
require "rails/commands"
|
data/spec/dummy/bin/rake
CHANGED
@@ -0,0 +1,33 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require "fileutils"
|
3
|
+
|
4
|
+
# path to your application root.
|
5
|
+
APP_ROOT = File.expand_path("..", __dir__)
|
6
|
+
|
7
|
+
def system!(*args)
|
8
|
+
system(*args) || abort("\n== Command #{args} failed ==")
|
9
|
+
end
|
10
|
+
|
11
|
+
FileUtils.chdir APP_ROOT do
|
12
|
+
# This script is a way to set up or update your development environment automatically.
|
13
|
+
# This script is idempotent, so that you can run it at any time and get an expectable outcome.
|
14
|
+
# Add necessary setup steps to this file.
|
15
|
+
|
16
|
+
puts "== Installing dependencies =="
|
17
|
+
system! "gem install bundler --conservative"
|
18
|
+
system("bundle check") || system!("bundle install")
|
19
|
+
|
20
|
+
# puts "\n== Copying sample files =="
|
21
|
+
# unless File.exist?("config/database.yml")
|
22
|
+
# FileUtils.cp "config/database.yml.sample", "config/database.yml"
|
23
|
+
# end
|
24
|
+
|
25
|
+
puts "\n== Preparing database =="
|
26
|
+
system! "bin/rails db:prepare"
|
27
|
+
|
28
|
+
puts "\n== Removing old logs and tempfiles =="
|
29
|
+
system! "bin/rails log:clear tmp:clear"
|
30
|
+
|
31
|
+
puts "\n== Restarting application server =="
|
32
|
+
system! "bin/rails restart"
|
33
|
+
end
|
@@ -1,23 +1,22 @@
|
|
1
|
-
|
1
|
+
require_relative "boot"
|
2
2
|
|
3
|
-
require
|
3
|
+
require "rails/all"
|
4
4
|
|
5
|
+
# Require the gems listed in Gemfile, including any gems
|
6
|
+
# you've limited to :test, :development, or :production.
|
5
7
|
Bundler.require(*Rails.groups)
|
6
8
|
require "cul_omniauth"
|
7
9
|
|
8
10
|
module Dummy
|
9
11
|
class Application < Rails::Application
|
10
|
-
|
11
|
-
# Application configuration should go into files in config/initializers
|
12
|
-
# -- all .rb files in that directory are automatically loaded.
|
12
|
+
config.load_defaults Rails::VERSION::STRING.to_f
|
13
13
|
|
14
|
-
#
|
15
|
-
#
|
16
|
-
#
|
17
|
-
|
18
|
-
#
|
19
|
-
# config.
|
20
|
-
# config.
|
14
|
+
# Configuration for the application, engines, and railties goes here.
|
15
|
+
#
|
16
|
+
# These settings can be overridden in specific environments using the files
|
17
|
+
# in config/environments, which are processed later.
|
18
|
+
#
|
19
|
+
# config.time_zone = "Central Time (US & Canada)"
|
20
|
+
# config.eager_load_paths << Rails.root.join("extras")
|
21
21
|
end
|
22
22
|
end
|
23
|
-
|
data/spec/dummy/config/boot.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# Set up gems listed in the Gemfile.
|
2
|
-
ENV[
|
2
|
+
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../../Gemfile", __dir__)
|
3
3
|
|
4
|
-
require
|
5
|
-
$LOAD_PATH.unshift File.expand_path(
|
4
|
+
require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
|
5
|
+
$LOAD_PATH.unshift File.expand_path("../../../lib", __dir__)
|
@@ -1,12 +1,12 @@
|
|
1
|
-
# SQLite
|
1
|
+
# SQLite. Versions 3.8.0 and up are supported.
|
2
2
|
# gem install sqlite3
|
3
3
|
#
|
4
4
|
# Ensure the SQLite 3 gem is defined in your Gemfile
|
5
|
-
# gem
|
5
|
+
# gem "sqlite3"
|
6
6
|
#
|
7
7
|
default: &default
|
8
8
|
adapter: sqlite3
|
9
|
-
pool: 5
|
9
|
+
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
|
10
10
|
timeout: 5000
|
11
11
|
|
12
12
|
development:
|
@@ -1,37 +1,68 @@
|
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
1
3
|
Rails.application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
4
|
-
# In the development environment your application's code is reloaded
|
5
|
-
#
|
6
|
+
# In the development environment your application's code is reloaded any time
|
7
|
+
# it changes. This slows down response time but is perfect for development
|
6
8
|
# since you don't have to restart the web server when you make code changes.
|
7
9
|
config.cache_classes = false
|
8
10
|
|
9
11
|
# Do not eager load code on boot.
|
10
12
|
config.eager_load = false
|
11
13
|
|
12
|
-
# Show full error reports
|
13
|
-
config.consider_all_requests_local
|
14
|
-
|
14
|
+
# Show full error reports.
|
15
|
+
config.consider_all_requests_local = true
|
16
|
+
|
17
|
+
# Enable server timing
|
18
|
+
config.server_timing = true
|
19
|
+
|
20
|
+
# Enable/disable caching. By default caching is disabled.
|
21
|
+
# Run rails dev:cache to toggle caching.
|
22
|
+
if Rails.root.join("tmp/caching-dev.txt").exist?
|
23
|
+
config.action_controller.perform_caching = true
|
24
|
+
config.action_controller.enable_fragment_cache_logging = true
|
25
|
+
|
26
|
+
config.cache_store = :memory_store
|
27
|
+
config.public_file_server.headers = {
|
28
|
+
"Cache-Control" => "public, max-age=#{2.days.to_i}"
|
29
|
+
}
|
30
|
+
else
|
31
|
+
config.action_controller.perform_caching = false
|
32
|
+
|
33
|
+
config.cache_store = :null_store
|
34
|
+
end
|
35
|
+
|
36
|
+
# Store uploaded files on the local file system (see config/storage.yml for options).
|
37
|
+
config.active_storage.service = :local
|
15
38
|
|
16
39
|
# Don't care if the mailer can't send.
|
17
40
|
config.action_mailer.raise_delivery_errors = false
|
18
41
|
|
42
|
+
config.action_mailer.perform_caching = false
|
43
|
+
|
19
44
|
# Print deprecation notices to the Rails logger.
|
20
45
|
config.active_support.deprecation = :log
|
21
46
|
|
47
|
+
# Raise exceptions for disallowed deprecations.
|
48
|
+
config.active_support.disallowed_deprecation = :raise
|
49
|
+
|
50
|
+
# Tell Active Support which deprecation messages to disallow.
|
51
|
+
config.active_support.disallowed_deprecation_warnings = []
|
52
|
+
|
22
53
|
# Raise an error on page load if there are pending migrations.
|
23
54
|
config.active_record.migration_error = :page_load
|
24
55
|
|
25
|
-
#
|
26
|
-
|
27
|
-
|
28
|
-
|
56
|
+
# Highlight code that triggered database queries in logs.
|
57
|
+
config.active_record.verbose_query_logs = true
|
58
|
+
|
59
|
+
|
60
|
+
# Raises error for missing translations.
|
61
|
+
# config.i18n.raise_on_missing_translations = true
|
29
62
|
|
30
|
-
#
|
31
|
-
#
|
32
|
-
# Raises helpful error messages.
|
33
|
-
config.assets.raise_runtime_errors = true
|
63
|
+
# Annotate rendered view with file names.
|
64
|
+
# config.action_view.annotate_rendered_view_with_filenames = true
|
34
65
|
|
35
|
-
#
|
36
|
-
# config.
|
66
|
+
# Uncomment if you wish to allow Action Cable access from any origin.
|
67
|
+
# config.action_cable.disable_request_forgery_protection = true
|
37
68
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
1
3
|
Rails.application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
@@ -14,47 +16,47 @@ Rails.application.configure do
|
|
14
16
|
config.consider_all_requests_local = false
|
15
17
|
config.action_controller.perform_caching = true
|
16
18
|
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
# config.action_dispatch.rack_cache = true
|
21
|
-
|
22
|
-
# Disable Rails's static asset server (Apache or nginx will already do this).
|
23
|
-
config.serve_static_assets = false
|
19
|
+
# Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
|
20
|
+
# or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
|
21
|
+
# config.require_master_key = true
|
24
22
|
|
25
|
-
#
|
26
|
-
|
27
|
-
|
23
|
+
# Disable serving static files from the `/public` folder by default since
|
24
|
+
# Apache or NGINX already handles this.
|
25
|
+
config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
|
28
26
|
|
29
|
-
#
|
30
|
-
config.
|
27
|
+
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
28
|
+
# config.asset_host = "http://assets.example.com"
|
31
29
|
|
32
|
-
#
|
33
|
-
config.
|
30
|
+
# Specifies the header that your server uses for sending files.
|
31
|
+
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
|
32
|
+
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
|
34
33
|
|
35
|
-
#
|
34
|
+
# Store uploaded files on the local file system (see config/storage.yml for options).
|
35
|
+
config.active_storage.service = :local
|
36
36
|
|
37
|
-
#
|
38
|
-
# config.
|
39
|
-
# config.
|
37
|
+
# Mount Action Cable outside main process or domain.
|
38
|
+
# config.action_cable.mount_path = nil
|
39
|
+
# config.action_cable.url = "wss://example.com/cable"
|
40
|
+
# config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
|
40
41
|
|
41
42
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
42
43
|
# config.force_ssl = true
|
43
44
|
|
44
|
-
#
|
45
|
+
# Include generic and useful information about system operation, but avoid logging too much
|
46
|
+
# information to avoid inadvertent exposure of personally identifiable information (PII).
|
45
47
|
config.log_level = :info
|
46
48
|
|
47
49
|
# Prepend all log lines with the following tags.
|
48
|
-
|
49
|
-
|
50
|
-
# Use a different logger for distributed setups.
|
51
|
-
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
|
50
|
+
config.log_tags = [ :request_id ]
|
52
51
|
|
53
52
|
# Use a different cache store in production.
|
54
53
|
# config.cache_store = :mem_cache_store
|
55
54
|
|
56
|
-
#
|
57
|
-
# config.
|
55
|
+
# Use a real queuing backend for Active Job (and separate queues per environment).
|
56
|
+
# config.active_job.queue_adapter = :resque
|
57
|
+
# config.active_job.queue_name_prefix = "dummy_production"
|
58
|
+
|
59
|
+
config.action_mailer.perform_caching = false
|
58
60
|
|
59
61
|
# Ignore bad email addresses and do not raise email delivery errors.
|
60
62
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
@@ -64,15 +66,22 @@ Rails.application.configure do
|
|
64
66
|
# the I18n.default_locale when a translation cannot be found).
|
65
67
|
config.i18n.fallbacks = true
|
66
68
|
|
67
|
-
#
|
68
|
-
config.active_support.
|
69
|
-
|
70
|
-
# Disable automatic flushing of the log to improve performance.
|
71
|
-
# config.autoflush_log = false
|
69
|
+
# Don't log any deprecations.
|
70
|
+
config.active_support.report_deprecations = false
|
72
71
|
|
73
72
|
# Use default logging formatter so that PID and timestamp are not suppressed.
|
74
73
|
config.log_formatter = ::Logger::Formatter.new
|
75
74
|
|
75
|
+
# Use a different logger for distributed setups.
|
76
|
+
# require "syslog/logger"
|
77
|
+
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
|
78
|
+
|
79
|
+
if ENV["RAILS_LOG_TO_STDOUT"].present?
|
80
|
+
logger = ActiveSupport::Logger.new(STDOUT)
|
81
|
+
logger.formatter = config.log_formatter
|
82
|
+
config.logger = ActiveSupport::TaggedLogging.new(logger)
|
83
|
+
end
|
84
|
+
|
76
85
|
# Do not dump schema after migrations.
|
77
86
|
config.active_record.dump_schema_after_migration = false
|
78
87
|
end
|
@@ -1,24 +1,31 @@
|
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
3
|
+
# The test environment is used exclusively to run your application's
|
4
|
+
# test suite. You never need to work with it otherwise. Remember that
|
5
|
+
# your test database is "scratch space" for the test suite and is wiped
|
6
|
+
# and recreated between test runs. Don't rely on the data there!
|
7
|
+
|
1
8
|
Rails.application.configure do
|
2
9
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
10
|
|
4
|
-
#
|
5
|
-
# test suite. You never need to work with it otherwise. Remember that
|
6
|
-
# your test database is "scratch space" for the test suite and is wiped
|
7
|
-
# and recreated between test runs. Don't rely on the data there!
|
11
|
+
# Turn false under Spring and add config.action_view.cache_template_loading = true.
|
8
12
|
config.cache_classes = true
|
9
13
|
|
10
|
-
#
|
11
|
-
#
|
12
|
-
#
|
13
|
-
config.eager_load =
|
14
|
+
# Eager loading loads your whole application. When running a single test locally,
|
15
|
+
# this probably isn't necessary. It's a good idea to do in a continuous integration
|
16
|
+
# system, or in some way before deploying your code.
|
17
|
+
config.eager_load = ENV["CI"].present?
|
14
18
|
|
15
|
-
# Configure
|
16
|
-
config.
|
17
|
-
config.
|
19
|
+
# Configure public file server for tests with Cache-Control for performance.
|
20
|
+
config.public_file_server.enabled = true
|
21
|
+
config.public_file_server.headers = {
|
22
|
+
"Cache-Control" => "public, max-age=#{1.hour.to_i}"
|
23
|
+
}
|
18
24
|
|
19
25
|
# Show full error reports and disable caching.
|
20
26
|
config.consider_all_requests_local = true
|
21
27
|
config.action_controller.perform_caching = false
|
28
|
+
config.cache_store = :null_store
|
22
29
|
|
23
30
|
# Raise exceptions instead of rendering exception templates.
|
24
31
|
config.action_dispatch.show_exceptions = false
|
@@ -26,6 +33,11 @@ Rails.application.configure do
|
|
26
33
|
# Disable request forgery protection in test environment.
|
27
34
|
config.action_controller.allow_forgery_protection = false
|
28
35
|
|
36
|
+
# Store uploaded files on the local file system in a temporary directory.
|
37
|
+
config.active_storage.service = :test
|
38
|
+
|
39
|
+
config.action_mailer.perform_caching = false
|
40
|
+
|
29
41
|
# Tell Action Mailer not to deliver emails to the real world.
|
30
42
|
# The :test delivery method accumulates sent emails in the
|
31
43
|
# ActionMailer::Base.deliveries array.
|
@@ -34,6 +46,15 @@ Rails.application.configure do
|
|
34
46
|
# Print deprecation notices to the stderr.
|
35
47
|
config.active_support.deprecation = :stderr
|
36
48
|
|
37
|
-
#
|
38
|
-
|
49
|
+
# Raise exceptions for disallowed deprecations.
|
50
|
+
config.active_support.disallowed_deprecation = :raise
|
51
|
+
|
52
|
+
# Tell Active Support which deprecation messages to disallow.
|
53
|
+
config.active_support.disallowed_deprecation_warnings = []
|
54
|
+
|
55
|
+
# Raises error for missing translations.
|
56
|
+
# config.i18n.raise_on_missing_translations = true
|
57
|
+
|
58
|
+
# Annotate rendered view with file names.
|
59
|
+
# config.action_view.annotate_rendered_view_with_filenames = true
|
39
60
|
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Define an application-wide content security policy.
|
4
|
+
# See the Securing Rails Applications Guide for more information:
|
5
|
+
# https://guides.rubyonrails.org/security.html#content-security-policy-header
|
6
|
+
|
7
|
+
# Rails.application.configure do
|
8
|
+
# config.content_security_policy do |policy|
|
9
|
+
# policy.default_src :self, :https
|
10
|
+
# policy.font_src :self, :https, :data
|
11
|
+
# policy.img_src :self, :https, :data
|
12
|
+
# policy.object_src :none
|
13
|
+
# policy.script_src :self, :https
|
14
|
+
# policy.style_src :self, :https
|
15
|
+
# # Specify URI for violation reports
|
16
|
+
# # policy.report_uri "/csp-violation-report-endpoint"
|
17
|
+
# end
|
18
|
+
#
|
19
|
+
# # Generate session nonces for permitted importmap and inline scripts
|
20
|
+
# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
|
21
|
+
# config.content_security_policy_nonce_directives = %w(script-src)
|
22
|
+
#
|
23
|
+
# # Report violations without enforcing the policy.
|
24
|
+
# # config.content_security_policy_report_only = true
|
25
|
+
# end
|
@@ -1,4 +1,8 @@
|
|
1
1
|
# Be sure to restart your server when you modify this file.
|
2
2
|
|
3
|
-
# Configure
|
4
|
-
|
3
|
+
# Configure parameters to be filtered from the log file. Use this to limit dissemination of
|
4
|
+
# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
|
5
|
+
# notations and behaviors.
|
6
|
+
Rails.application.config.filter_parameters += [
|
7
|
+
:passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
|
8
|
+
]
|