devise_masquerade 0.6.5 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +1 -0
- data/.github/workflows/brakeman-analysis.yml +44 -0
- data/.github/workflows/rubocop-analysis.yml +39 -0
- data/.gitignore +1 -2
- data/.ruby-version +1 -1
- data/.travis.yml +2 -7
- data/Gemfile +16 -10
- data/Gemfile.lock +310 -0
- data/Makefile +6 -1
- data/README.md +57 -12
- data/app/controllers/devise/masquerades_controller.rb +119 -70
- data/devise_masquerade.gemspec +5 -4
- data/features/back.feature +15 -1
- data/features/expires_masquerade.feature +36 -0
- data/features/multiple_masquerading_models.feature +17 -0
- data/features/step_definitions/auth_steps.rb +8 -0
- data/features/step_definitions/back_steps.rb +22 -3
- data/features/step_definitions/expires_steps.rb +9 -0
- data/features/step_definitions/url_helpers_steps.rb +11 -0
- data/features/support/env.rb +23 -4
- data/features/url_helpers.feature +14 -0
- data/lib/devise_masquerade/controllers/helpers.rb +90 -9
- data/lib/devise_masquerade/controllers/url_helpers.rb +16 -2
- data/lib/devise_masquerade/models/masqueradable.rb +13 -0
- data/lib/devise_masquerade/models.rb +9 -0
- data/lib/devise_masquerade/rails.rb +14 -4
- data/lib/devise_masquerade/routes.rb +11 -8
- data/lib/devise_masquerade/version.rb +1 -1
- data/lib/devise_masquerade.rb +23 -9
- data/spec/controllers/admin/dashboard_controller_spec.rb +3 -4
- data/spec/controllers/dashboard_controller_spec.rb +3 -5
- data/spec/controllers/devise/masquerades_controller_spec.rb +80 -38
- data/spec/controllers/masquerades_tests_controller_spec.rb +57 -0
- data/spec/dummy/app/controllers/admin/dashboard_controller.rb +1 -2
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/controllers/dashboard_controller.rb +5 -2
- data/spec/dummy/app/controllers/masquerades_tests_controller.rb +7 -0
- data/spec/dummy/app/controllers/students_controller.rb +8 -0
- data/spec/dummy/app/models/admin/user.rb +0 -7
- data/spec/dummy/app/models/student.rb +3 -0
- data/spec/dummy/app/models/user.rb +1 -10
- data/spec/dummy/app/views/admin/dashboard/index.html.erb +0 -2
- data/spec/dummy/app/views/dashboard/extra_params.html.erb +7 -0
- data/spec/dummy/app/views/dashboard/index.html.erb +0 -2
- data/spec/dummy/app/views/layouts/application.html.erb +10 -2
- data/spec/dummy/app/views/students/_student.html.erb +6 -0
- data/spec/dummy/app/views/students/index.html.erb +1 -0
- data/spec/dummy/app/views/users/_user.html.erb +1 -1
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/environment.rb +1 -0
- data/spec/dummy/config/routes.rb +9 -5
- data/spec/dummy/db/.gitignore +1 -0
- data/spec/dummy/db/migrate/20121119085620_devise_create_users.rb +1 -1
- data/spec/dummy/db/migrate/20140418160449_create_admin_users.rb +1 -1
- data/spec/dummy/db/migrate/20191022100000_create_students.rb +14 -0
- data/spec/dummy/db/schema.rb +37 -31
- data/spec/models/user_spec.rb +3 -30
- data/spec/orm/active_record.rb +5 -2
- data/spec/spec_helper.rb +3 -3
- data/spec/support/factories.rb +13 -9
- metadata +61 -19
- data/lib/devise_masquerade/model.rb +0 -42
- data/spec/controllers/masquerades_controller_spec.rb +0 -42
- data/spec/dummy/app/controllers/masquerades_controller.rb +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 0d75ba6f4e3241b021e9ef1c838e9baf1322ec0c7731573dc1008dc8931d59e7
|
4
|
+
data.tar.gz: 3bb9c12ca5dbddd8b61f64f0394f659998e6cae2be67790df2224b91c1558862
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8683eca8761589df6e6349a19cddf6de9b6a7c2f90390a6d46701f6c2dd55acc964196406f35a8ad9ba67fa486787284ed62460768fe9feea85dacb612981197
|
7
|
+
data.tar.gz: 87ba78777ff2f926f247776bf14e21114f361711a3df95b42dc76c3352ff32c08822fdb82024179ed8d614fa54b30a6f82e38bc2d1cab6eea3a62db1d206f9ff
|
data/.github/FUNDING.yml
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
patreon: oivoodoo
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# This workflow integrates Brakeman with GitHub's Code Scanning feature
|
2
|
+
# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
|
3
|
+
|
4
|
+
name: Brakeman Scan
|
5
|
+
|
6
|
+
# This section configures the trigger for the workflow. Feel free to customize depending on your convention
|
7
|
+
on:
|
8
|
+
push:
|
9
|
+
branches: [ "master", "main" ]
|
10
|
+
pull_request:
|
11
|
+
branches: [ "master", "main" ]
|
12
|
+
|
13
|
+
jobs:
|
14
|
+
brakeman-scan:
|
15
|
+
name: Brakeman Scan
|
16
|
+
runs-on: ubuntu-latest
|
17
|
+
steps:
|
18
|
+
# Checkout the repository to the GitHub Actions runner
|
19
|
+
- name: Checkout
|
20
|
+
uses: actions/checkout@v2
|
21
|
+
|
22
|
+
# Customize the ruby version depending on your needs
|
23
|
+
- name: Setup Ruby
|
24
|
+
uses: actions/setup-ruby@v1
|
25
|
+
with:
|
26
|
+
ruby-version: '2.7'
|
27
|
+
|
28
|
+
- name: Setup Brakeman
|
29
|
+
env:
|
30
|
+
BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
|
31
|
+
run: |
|
32
|
+
gem install brakeman --version $BRAKEMAN_VERSION
|
33
|
+
|
34
|
+
# Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
|
35
|
+
- name: Scan
|
36
|
+
continue-on-error: true
|
37
|
+
run: |
|
38
|
+
brakeman -f sarif -o output.sarif.json .
|
39
|
+
|
40
|
+
# Upload the SARIF file generated in the previous step
|
41
|
+
- name: Upload SARIF
|
42
|
+
uses: github/codeql-action/upload-sarif@v1
|
43
|
+
with:
|
44
|
+
sarif_file: output.sarif.json
|
@@ -0,0 +1,39 @@
|
|
1
|
+
name: "Rubocop"
|
2
|
+
|
3
|
+
on: push
|
4
|
+
|
5
|
+
jobs:
|
6
|
+
rubocop:
|
7
|
+
runs-on: ubuntu-latest
|
8
|
+
strategy:
|
9
|
+
fail-fast: false
|
10
|
+
|
11
|
+
steps:
|
12
|
+
- name: Checkout repository
|
13
|
+
uses: actions/checkout@v2
|
14
|
+
|
15
|
+
# If running on a self-hosted runner, check it meets the requirements
|
16
|
+
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
|
17
|
+
- name: Set up Ruby
|
18
|
+
uses: ruby/setup-ruby@v1
|
19
|
+
with:
|
20
|
+
ruby-version: 2.6
|
21
|
+
|
22
|
+
# This step is not necessary if you add the gem to your Gemfile
|
23
|
+
- name: Install Code Scanning integration
|
24
|
+
run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
|
25
|
+
|
26
|
+
- name: Install dependencies
|
27
|
+
run: bundle install
|
28
|
+
|
29
|
+
- name: Rubocop run
|
30
|
+
run: |
|
31
|
+
bash -c "
|
32
|
+
bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
|
33
|
+
[[ $? -ne 2 ]]
|
34
|
+
"
|
35
|
+
|
36
|
+
- name: Upload Sarif output
|
37
|
+
uses: github/codeql-action/upload-sarif@v1
|
38
|
+
with:
|
39
|
+
sarif_file: rubocop.sarif
|
data/.gitignore
CHANGED
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.
|
1
|
+
2.7.2
|
data/.travis.yml
CHANGED
data/Gemfile
CHANGED
@@ -4,10 +4,10 @@ source 'https://rubygems.org'
|
|
4
4
|
gemspec
|
5
5
|
|
6
6
|
group :test do
|
7
|
-
gem 'activerecord', '
|
8
|
-
gem 'actionmailer', '
|
9
|
-
gem
|
10
|
-
gem 'sqlite3'
|
7
|
+
gem 'activerecord', '>= 5.2'
|
8
|
+
gem 'actionmailer', '>= 5.2'
|
9
|
+
gem 'bson_ext', '~> 1.3'
|
10
|
+
gem 'sqlite3', '~> 1.4'
|
11
11
|
|
12
12
|
gem 'test-unit'
|
13
13
|
|
@@ -15,21 +15,27 @@ group :test do
|
|
15
15
|
gem 'pry-byebug'
|
16
16
|
|
17
17
|
gem 'guard'
|
18
|
-
gem 'guard-rspec'
|
18
|
+
gem 'guard-rspec', '~> 4.7'
|
19
19
|
gem 'guard-bundler'
|
20
20
|
gem 'guard-cucumber'
|
21
21
|
|
22
|
-
gem 'rspec
|
23
|
-
gem 'rspec'
|
24
|
-
gem 'rspec-
|
22
|
+
gem 'rspec', github: 'rspec/rspec'
|
23
|
+
gem 'rspec-core', github: 'rspec/rspec-core'
|
24
|
+
gem 'rspec-expectations', github: 'rspec/rspec-expectations'
|
25
|
+
gem 'rspec-mocks', github: 'rspec/rspec-mocks'
|
26
|
+
gem 'rspec-rails', github: 'rspec/rspec-rails'
|
27
|
+
gem 'rspec-support', github: 'rspec/rspec-support'
|
25
28
|
|
26
29
|
gem 'shoulda'
|
27
30
|
gem 'rb-fsevent'
|
28
|
-
gem '
|
31
|
+
gem 'factory_bot_rails'
|
29
32
|
gem 'database_cleaner', '< 1.1.0'
|
30
33
|
gem 'cucumber'
|
31
34
|
gem 'cucumber-rails'
|
32
35
|
gem 'capybara'
|
33
|
-
gem '
|
36
|
+
gem 'selenium-webdriver'
|
37
|
+
gem 'chromedriver-helper'
|
34
38
|
gem 'launchy'
|
39
|
+
|
40
|
+
gem "nokogiri", ">= 1.10.8"
|
35
41
|
end
|
data/Gemfile.lock
ADDED
@@ -0,0 +1,310 @@
|
|
1
|
+
GIT
|
2
|
+
remote: https://github.com/rspec/rspec-core.git
|
3
|
+
revision: b7067c5da4fde57cbbff739b168008482e61db44
|
4
|
+
specs:
|
5
|
+
rspec-core (3.10.0.pre)
|
6
|
+
rspec-support (= 3.10.0.pre)
|
7
|
+
|
8
|
+
GIT
|
9
|
+
remote: https://github.com/rspec/rspec-expectations.git
|
10
|
+
revision: 99f9bcaff2a6f3d82f4e350e829eca6ab015694f
|
11
|
+
specs:
|
12
|
+
rspec-expectations (3.10.0.pre)
|
13
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
14
|
+
rspec-support (= 3.10.0.pre)
|
15
|
+
|
16
|
+
GIT
|
17
|
+
remote: https://github.com/rspec/rspec-mocks.git
|
18
|
+
revision: 5b897e8f74f3059aef43f1ed5f91719f2267a04e
|
19
|
+
specs:
|
20
|
+
rspec-mocks (3.10.0.pre)
|
21
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
22
|
+
rspec-support (= 3.10.0.pre)
|
23
|
+
|
24
|
+
GIT
|
25
|
+
remote: https://github.com/rspec/rspec-rails.git
|
26
|
+
revision: 9b7ab39c027a8cb25e2ebe9e0e985756025b0549
|
27
|
+
specs:
|
28
|
+
rspec-rails (4.0.0.pre)
|
29
|
+
actionpack (>= 4.2)
|
30
|
+
activesupport (>= 4.2)
|
31
|
+
railties (>= 4.2)
|
32
|
+
rspec-core (= 3.10.0.pre)
|
33
|
+
rspec-expectations (= 3.10.0.pre)
|
34
|
+
rspec-mocks (= 3.10.0.pre)
|
35
|
+
rspec-support (= 3.10.0.pre)
|
36
|
+
|
37
|
+
GIT
|
38
|
+
remote: https://github.com/rspec/rspec-support.git
|
39
|
+
revision: 673133cdd13b17077b3d88ece8d7380821f8d7dc
|
40
|
+
specs:
|
41
|
+
rspec-support (3.10.0.pre)
|
42
|
+
|
43
|
+
GIT
|
44
|
+
remote: https://github.com/rspec/rspec.git
|
45
|
+
revision: e1c2c6bd78c849d7956431331f32ba5092951dab
|
46
|
+
specs:
|
47
|
+
rspec (3.10.0.pre)
|
48
|
+
rspec-core (= 3.10.0.pre)
|
49
|
+
rspec-expectations (= 3.10.0.pre)
|
50
|
+
rspec-mocks (= 3.10.0.pre)
|
51
|
+
|
52
|
+
PATH
|
53
|
+
remote: .
|
54
|
+
specs:
|
55
|
+
devise_masquerade (2.1.0)
|
56
|
+
devise (>= 4.7.0)
|
57
|
+
globalid (>= 0.3.6)
|
58
|
+
railties (>= 5.2.0)
|
59
|
+
|
60
|
+
GEM
|
61
|
+
remote: https://rubygems.org/
|
62
|
+
specs:
|
63
|
+
actionmailer (6.0.0)
|
64
|
+
actionpack (= 6.0.0)
|
65
|
+
actionview (= 6.0.0)
|
66
|
+
activejob (= 6.0.0)
|
67
|
+
mail (~> 2.5, >= 2.5.4)
|
68
|
+
rails-dom-testing (~> 2.0)
|
69
|
+
actionpack (6.0.0)
|
70
|
+
actionview (= 6.0.0)
|
71
|
+
activesupport (= 6.0.0)
|
72
|
+
rack (~> 2.0)
|
73
|
+
rack-test (>= 0.6.3)
|
74
|
+
rails-dom-testing (~> 2.0)
|
75
|
+
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
76
|
+
actionview (6.0.0)
|
77
|
+
activesupport (= 6.0.0)
|
78
|
+
builder (~> 3.1)
|
79
|
+
erubi (~> 1.4)
|
80
|
+
rails-dom-testing (~> 2.0)
|
81
|
+
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
82
|
+
activejob (6.0.0)
|
83
|
+
activesupport (= 6.0.0)
|
84
|
+
globalid (>= 0.3.6)
|
85
|
+
activemodel (6.0.0)
|
86
|
+
activesupport (= 6.0.0)
|
87
|
+
activerecord (6.0.0)
|
88
|
+
activemodel (= 6.0.0)
|
89
|
+
activesupport (= 6.0.0)
|
90
|
+
activesupport (6.0.0)
|
91
|
+
concurrent-ruby (~> 1.0, >= 1.0.2)
|
92
|
+
i18n (>= 0.7, < 2)
|
93
|
+
minitest (~> 5.1)
|
94
|
+
tzinfo (~> 1.1)
|
95
|
+
zeitwerk (~> 2.1, >= 2.1.8)
|
96
|
+
addressable (2.8.0)
|
97
|
+
public_suffix (>= 2.0.2, < 5.0)
|
98
|
+
archive-zip (0.12.0)
|
99
|
+
io-like (~> 0.3.0)
|
100
|
+
backports (3.15.0)
|
101
|
+
bcrypt (3.1.18)
|
102
|
+
bson (1.12.5)
|
103
|
+
bson_ext (1.12.5)
|
104
|
+
bson (~> 1.12.5)
|
105
|
+
builder (3.2.3)
|
106
|
+
byebug (11.0.1)
|
107
|
+
capybara (3.37.1)
|
108
|
+
addressable
|
109
|
+
matrix
|
110
|
+
mini_mime (>= 0.1.3)
|
111
|
+
nokogiri (~> 1.8)
|
112
|
+
rack (>= 1.6.0)
|
113
|
+
rack-test (>= 0.6.3)
|
114
|
+
regexp_parser (>= 1.5, < 3.0)
|
115
|
+
xpath (~> 3.2)
|
116
|
+
childprocess (3.0.0)
|
117
|
+
chromedriver-helper (2.1.1)
|
118
|
+
archive-zip (~> 0.10)
|
119
|
+
nokogiri (~> 1.8)
|
120
|
+
coderay (1.1.3)
|
121
|
+
concurrent-ruby (1.1.5)
|
122
|
+
crass (1.0.6)
|
123
|
+
cucumber (3.2.0)
|
124
|
+
builder (>= 2.1.2)
|
125
|
+
cucumber-core (~> 3.2.0)
|
126
|
+
cucumber-expressions (~> 6.0.1)
|
127
|
+
cucumber-wire (~> 0.0.1)
|
128
|
+
diff-lcs (~> 1.3)
|
129
|
+
gherkin (~> 5.1.0)
|
130
|
+
multi_json (>= 1.7.5, < 2.0)
|
131
|
+
multi_test (>= 0.1.2)
|
132
|
+
cucumber-core (3.2.1)
|
133
|
+
backports (>= 3.8.0)
|
134
|
+
cucumber-tag_expressions (~> 1.1.0)
|
135
|
+
gherkin (~> 5.0)
|
136
|
+
cucumber-expressions (6.0.1)
|
137
|
+
cucumber-rails (1.8.0)
|
138
|
+
capybara (>= 2.12, < 4)
|
139
|
+
cucumber (>= 3.0.2, < 4)
|
140
|
+
mime-types (>= 2.0, < 4)
|
141
|
+
nokogiri (~> 1.8)
|
142
|
+
railties (>= 4.2, < 7)
|
143
|
+
cucumber-tag_expressions (1.1.1)
|
144
|
+
cucumber-wire (0.0.1)
|
145
|
+
database_cleaner (1.0.1)
|
146
|
+
devise (4.8.1)
|
147
|
+
bcrypt (~> 3.0)
|
148
|
+
orm_adapter (~> 0.1)
|
149
|
+
railties (>= 4.1.0)
|
150
|
+
responders
|
151
|
+
warden (~> 1.2.3)
|
152
|
+
diff-lcs (1.5.0)
|
153
|
+
erubi (1.9.0)
|
154
|
+
factory_bot (5.1.1)
|
155
|
+
activesupport (>= 4.2.0)
|
156
|
+
factory_bot_rails (5.1.1)
|
157
|
+
factory_bot (~> 5.1.0)
|
158
|
+
railties (>= 4.2.0)
|
159
|
+
ffi (1.11.1)
|
160
|
+
formatador (0.2.5)
|
161
|
+
gherkin (5.1.0)
|
162
|
+
globalid (0.4.2)
|
163
|
+
activesupport (>= 4.2.0)
|
164
|
+
guard (2.17.0)
|
165
|
+
formatador (>= 0.2.4)
|
166
|
+
listen (>= 2.7, < 4.0)
|
167
|
+
lumberjack (>= 1.0.12, < 2.0)
|
168
|
+
nenv (~> 0.1)
|
169
|
+
notiffany (~> 0.0)
|
170
|
+
pry (>= 0.9.12)
|
171
|
+
shellany (~> 0.0)
|
172
|
+
thor (>= 0.18.1)
|
173
|
+
guard-bundler (3.0.0)
|
174
|
+
bundler (>= 2.1, < 3)
|
175
|
+
guard (~> 2.2)
|
176
|
+
guard-compat (~> 1.1)
|
177
|
+
guard-compat (1.2.1)
|
178
|
+
guard-cucumber (1.5.4)
|
179
|
+
cucumber (>= 1.3.0)
|
180
|
+
guard-compat (~> 1.0)
|
181
|
+
nenv (~> 0.1)
|
182
|
+
guard-rspec (4.7.3)
|
183
|
+
guard (~> 2.1)
|
184
|
+
guard-compat (~> 1.1)
|
185
|
+
rspec (>= 2.99.0, < 4.0)
|
186
|
+
i18n (1.7.0)
|
187
|
+
concurrent-ruby (~> 1.0)
|
188
|
+
io-like (0.3.1)
|
189
|
+
launchy (2.4.3)
|
190
|
+
addressable (~> 2.3)
|
191
|
+
listen (3.7.1)
|
192
|
+
rb-fsevent (~> 0.10, >= 0.10.3)
|
193
|
+
rb-inotify (~> 0.9, >= 0.9.10)
|
194
|
+
loofah (2.19.1)
|
195
|
+
crass (~> 1.0.2)
|
196
|
+
nokogiri (>= 1.5.9)
|
197
|
+
lumberjack (1.0.13)
|
198
|
+
mail (2.7.1)
|
199
|
+
mini_mime (>= 0.1.1)
|
200
|
+
matrix (0.4.2)
|
201
|
+
method_source (0.9.2)
|
202
|
+
mime-types (3.3)
|
203
|
+
mime-types-data (~> 3.2015)
|
204
|
+
mime-types-data (3.2019.1009)
|
205
|
+
mini_mime (1.0.2)
|
206
|
+
mini_portile2 (2.8.0)
|
207
|
+
minitest (5.16.3)
|
208
|
+
multi_json (1.14.1)
|
209
|
+
multi_test (0.1.2)
|
210
|
+
nenv (0.3.0)
|
211
|
+
nokogiri (1.13.10)
|
212
|
+
mini_portile2 (~> 2.8.0)
|
213
|
+
racc (~> 1.4)
|
214
|
+
notiffany (0.1.3)
|
215
|
+
nenv (~> 0.1)
|
216
|
+
shellany (~> 0.0)
|
217
|
+
orm_adapter (0.5.0)
|
218
|
+
power_assert (1.1.5)
|
219
|
+
pry (0.12.2)
|
220
|
+
coderay (~> 1.1.0)
|
221
|
+
method_source (~> 0.9.0)
|
222
|
+
pry-byebug (3.8.0)
|
223
|
+
byebug (~> 11.0)
|
224
|
+
pry (~> 0.10)
|
225
|
+
public_suffix (4.0.6)
|
226
|
+
racc (1.6.1)
|
227
|
+
rack (2.2.3.1)
|
228
|
+
rack-test (2.0.2)
|
229
|
+
rack (>= 1.3)
|
230
|
+
rails-dom-testing (2.0.3)
|
231
|
+
activesupport (>= 4.2.0)
|
232
|
+
nokogiri (>= 1.6)
|
233
|
+
rails-html-sanitizer (1.4.4)
|
234
|
+
loofah (~> 2.19, >= 2.19.1)
|
235
|
+
railties (6.0.0)
|
236
|
+
actionpack (= 6.0.0)
|
237
|
+
activesupport (= 6.0.0)
|
238
|
+
method_source
|
239
|
+
rake (>= 0.8.7)
|
240
|
+
thor (>= 0.20.3, < 2.0)
|
241
|
+
rake (13.0.0)
|
242
|
+
rb-fsevent (0.10.3)
|
243
|
+
rb-inotify (0.10.0)
|
244
|
+
ffi (~> 1.0)
|
245
|
+
regexp_parser (2.6.0)
|
246
|
+
responders (3.0.1)
|
247
|
+
actionpack (>= 5.0)
|
248
|
+
railties (>= 5.0)
|
249
|
+
rubyzip (2.0.0)
|
250
|
+
selenium-webdriver (3.142.6)
|
251
|
+
childprocess (>= 0.5, < 4.0)
|
252
|
+
rubyzip (>= 1.2.2)
|
253
|
+
shellany (0.0.1)
|
254
|
+
shoulda (3.6.0)
|
255
|
+
shoulda-context (~> 1.0, >= 1.0.1)
|
256
|
+
shoulda-matchers (~> 3.0)
|
257
|
+
shoulda-context (1.2.2)
|
258
|
+
shoulda-matchers (3.1.3)
|
259
|
+
activesupport (>= 4.0.0)
|
260
|
+
sqlite3 (1.5.3)
|
261
|
+
mini_portile2 (~> 2.8.0)
|
262
|
+
test-unit (3.3.4)
|
263
|
+
power_assert
|
264
|
+
thor (0.20.3)
|
265
|
+
thread_safe (0.3.6)
|
266
|
+
tzinfo (1.2.10)
|
267
|
+
thread_safe (~> 0.1)
|
268
|
+
warden (1.2.9)
|
269
|
+
rack (>= 2.0.9)
|
270
|
+
xpath (3.2.0)
|
271
|
+
nokogiri (~> 1.8)
|
272
|
+
zeitwerk (2.6.1)
|
273
|
+
|
274
|
+
PLATFORMS
|
275
|
+
ruby
|
276
|
+
|
277
|
+
DEPENDENCIES
|
278
|
+
actionmailer (>= 5.2)
|
279
|
+
activerecord (>= 5.2)
|
280
|
+
bson_ext (~> 1.3)
|
281
|
+
bundler (>= 2.0.0)
|
282
|
+
capybara
|
283
|
+
chromedriver-helper
|
284
|
+
cucumber
|
285
|
+
cucumber-rails
|
286
|
+
database_cleaner (< 1.1.0)
|
287
|
+
devise_masquerade!
|
288
|
+
factory_bot_rails
|
289
|
+
guard
|
290
|
+
guard-bundler
|
291
|
+
guard-cucumber
|
292
|
+
guard-rspec (~> 4.7)
|
293
|
+
launchy
|
294
|
+
nokogiri (>= 1.10.8)
|
295
|
+
pry
|
296
|
+
pry-byebug
|
297
|
+
rb-fsevent
|
298
|
+
rspec!
|
299
|
+
rspec-core!
|
300
|
+
rspec-expectations!
|
301
|
+
rspec-mocks!
|
302
|
+
rspec-rails!
|
303
|
+
rspec-support!
|
304
|
+
selenium-webdriver
|
305
|
+
shoulda
|
306
|
+
sqlite3 (~> 1.4)
|
307
|
+
test-unit
|
308
|
+
|
309
|
+
BUNDLED WITH
|
310
|
+
2.1.4
|
data/Makefile
CHANGED
data/README.md
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
# Devise Masquerade
|
2
|
-
[![Gitter](https://badges.gitter.im/Join Chat.svg)](https://gitter.im/oivoodoo/devise_masquerade?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
3
|
-
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foivoodoo%2Fdevise_masquerade.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Foivoodoo%2Fdevise_masquerade?ref=badge_shield)
|
4
2
|
|
5
|
-
[![
|
3
|
+
[![Gitter chat](https://badges.gitter.im/oivoodoo/devise_masquerade.svg)](https://gitter.im/oivoodoo/devise_masquerade?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
4
|
+
|
5
|
+
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foivoodoo%2Fdevise_masquerade.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Foivoodoo%2Fdevise_masquerade?ref=badge_shield)
|
6
6
|
|
7
|
-
[![
|
7
|
+
[![Build Status](https://secure.travis-ci.org/oivoodoo/devise_masquerade.svg?branch=master)](https://travis-ci.org/oivoodoo/devise_masquerade)
|
8
8
|
|
9
|
-
[![
|
9
|
+
[![Maintainability](https://api.codeclimate.com/v1/badges/cf63d775dc014a7ebc03/maintainability)](https://codeclimate.com/github/oivoodoo/devise_masquerade/maintainability)
|
10
10
|
|
11
|
-
[
|
11
|
+
[Consulting](https://bitscorp.co)
|
12
12
|
|
13
13
|
It's a utility library for enabling functionallity like login as button for
|
14
14
|
admin.
|
@@ -31,7 +31,12 @@ And then execute:
|
|
31
31
|
|
32
32
|
In the view you can use url helper for defining link:
|
33
33
|
|
34
|
+
```ruby
|
34
35
|
= link_to "Login As", masquerade_path(user)
|
36
|
+
```
|
37
|
+
|
38
|
+
`masquerade_path` would create specific `/masquerade` path with query params `masquerade`(key) and `masqueraded_resource_class` to know
|
39
|
+
which model to choose to search and sign in by masquerade key.
|
35
40
|
|
36
41
|
In the model you'll need to add the parameter :masqueradable to the existing comma separated values in the devise method:
|
37
42
|
|
@@ -39,20 +44,31 @@ In the model you'll need to add the parameter :masqueradable to the existing com
|
|
39
44
|
devise :invitable, :confirmable, :database_authenticatable, :registerable, :masqueradable
|
40
45
|
```
|
41
46
|
|
42
|
-
Add into your application_controller.rb
|
47
|
+
Add into your `application_controller.rb` if you want to have custom way on sign in by using masquerade token otherwise you can still
|
48
|
+
use only `masquerade_path` in your view to generate temporary token and link to make `Login As`:
|
43
49
|
|
44
50
|
```ruby
|
45
51
|
before_action :masquerade_user!
|
46
52
|
```
|
47
53
|
|
54
|
+
or
|
55
|
+
|
56
|
+
```ruby
|
57
|
+
before_action :masquerade!
|
58
|
+
```
|
59
|
+
|
60
|
+
`masquerade!` is generic way in case if you want to support multiple models on masquerade.
|
61
|
+
|
48
62
|
Instead of user you can use your resource name admin, student or another names.
|
49
63
|
|
50
64
|
If you want to back to the owner of masquerade action user you could use
|
51
65
|
helpers:
|
52
66
|
|
67
|
+
```ruby
|
53
68
|
user_masquerade? # current user was masqueraded by owner?
|
54
69
|
|
55
70
|
= link_to "Reverse masquerade", back_masquerade_path(current_user)
|
71
|
+
```
|
56
72
|
|
57
73
|
## Custom controller for adding cancan for authorization
|
58
74
|
|
@@ -109,6 +125,18 @@ In your view:
|
|
109
125
|
end
|
110
126
|
```
|
111
127
|
|
128
|
+
## Custom url redirect after finishing masquerade:
|
129
|
+
|
130
|
+
```ruby
|
131
|
+
class Admin::MasqueradesController < Devise::MasqueradesController
|
132
|
+
protected
|
133
|
+
|
134
|
+
def after_back_masquerade_path_for(resource)
|
135
|
+
"/custom_url"
|
136
|
+
end
|
137
|
+
end
|
138
|
+
```
|
139
|
+
|
112
140
|
## Overriding the finder
|
113
141
|
|
114
142
|
For example, if you use FriendlyId:
|
@@ -117,7 +145,7 @@ For example, if you use FriendlyId:
|
|
117
145
|
class Admin::MasqueradesController < Devise::MasqueradesController
|
118
146
|
protected
|
119
147
|
|
120
|
-
def
|
148
|
+
def find_masqueradable_resource
|
121
149
|
masqueraded_resource_class.friendly.find(params[:id])
|
122
150
|
end
|
123
151
|
end
|
@@ -138,12 +166,21 @@ in `routes.rb`:
|
|
138
166
|
Devise.masquerade_key_size = 16 # size of the generate by SecureRandom.urlsafe_base64
|
139
167
|
Devise.masquerade_bypass_warden_callback = false
|
140
168
|
Devise.masquerade_routes_back = false # if true, route back to the page the user was on via redirect_back
|
141
|
-
Devise.masquerading_resource_class =
|
169
|
+
Devise.masquerading_resource_class = AdminUser
|
170
|
+
# optional: Devise.masquerading_resource_class_name = 'AdminUser'
|
171
|
+
|
142
172
|
# optional, default: masquerading_resource_class.model_name.param_key
|
143
|
-
Devise.masquerading_resource_name = :
|
144
|
-
|
173
|
+
Devise.masquerading_resource_name = :admin_user
|
174
|
+
|
175
|
+
Devise.masqueraded_resource_class = User
|
176
|
+
# optional: Devise.masqueraded_resource_class_name = 'User'
|
177
|
+
|
145
178
|
# optional, default: masqueraded_resource_class.model_name.param_key
|
146
|
-
Devise.masqueraded_resource_name = :
|
179
|
+
Devise.masqueraded_resource_name = :user
|
180
|
+
|
181
|
+
# optional, default: masquerade_storage_method = :session
|
182
|
+
# values: :session, :cache
|
183
|
+
Devise.masquerade_storage_method = :session
|
147
184
|
```
|
148
185
|
|
149
186
|
## Demo project
|
@@ -155,6 +192,14 @@ in `routes.rb`:
|
|
155
192
|
And check http://localhost:3000/, use for login user1@example.com and
|
156
193
|
'password'
|
157
194
|
|
195
|
+
## Troubleshooting
|
196
|
+
|
197
|
+
Are you working in development mode and wondering why masquerade attempts result in a [Receiving "You are already signed in" flash[:error]](https://github.com/oivoodoo/devise_masquerade/issues/58) message? `Filter chain halted as :require_no_authentication rendered or redirected` showing up in your logfile? Do you find that your `user_masquerade?` method is always returning false? Chances are that you need to enable caching:
|
198
|
+
|
199
|
+
rails dev:cache
|
200
|
+
|
201
|
+
This is a one-time operation, so you can set it and forget it. Should you ever need to disable caching in development, you can re-run the command as required.
|
202
|
+
|
158
203
|
## Test project
|
159
204
|
|
160
205
|
make test
|