devise_masquerade 1.3.11 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 02fcf52821938df133246e4b36ed07ee85ab96c036cd8da0cf35ace09c229491
4
- data.tar.gz: 3247bf4be6fe21dc5ba5c83d804dab155d92286ef8c8c1625e92b181cb0c01dc
3
+ metadata.gz: 99dc9de6d6af53393db0f0f0a8c8b80191bf203bad2ba604eb50dce7708aa314
4
+ data.tar.gz: a8a89851d08443baaf4e7106bec7267d7a0c8209f01da40431874672ff56d1c9
5
5
  SHA512:
6
- metadata.gz: b6f6902ea81dd6d5ffef2cd48cfa7e5b4521906f912a02b3986117ef933ebea89d7b63f2d5eb43372c1ad76a84d63ae433f236394bd1c16e83891efcaa300760
7
- data.tar.gz: 40b48f52e4a162e2033c13ccc6a9fabf2b882dcfd64ad236a27f08e20f54862fd3139d07cb8a0c780d50d3f3c6cc06f9e1e9ffaf2dd16ffd3e42a7a67930f144
6
+ metadata.gz: 13133209d039b4f64ff124fc88935198e4cde0ee181abd6ce973b9d31f2618d6ed2512a27adf9c3f5d32be4fff16084f15135a6f95b97ff96b0a430ba4f9819a
7
+ data.tar.gz: 0b4455f0adfd73ea7a49794349d686010c47157e4e30a836ea9a811f05005f8533af55a1945401f2595845ccd82cc2a84f4b6aa392ef0dcc3bea5b423f9ef35a
data/Gemfile.lock CHANGED
@@ -52,7 +52,7 @@ GIT
52
52
  PATH
53
53
  remote: .
54
54
  specs:
55
- devise_masquerade (1.3.11)
55
+ devise_masquerade (2.0.0)
56
56
  devise (>= 4.7.0)
57
57
  globalid (>= 0.3.6)
58
58
  railties (>= 5.2.0)
@@ -98,7 +98,7 @@ GEM
98
98
  archive-zip (0.12.0)
99
99
  io-like (~> 0.3.0)
100
100
  backports (3.15.0)
101
- bcrypt (3.1.17)
101
+ bcrypt (3.1.18)
102
102
  bson (1.12.5)
103
103
  bson_ext (1.12.5)
104
104
  bson (~> 1.12.5)
@@ -118,7 +118,7 @@ GEM
118
118
  nokogiri (~> 1.8)
119
119
  coderay (1.1.2)
120
120
  concurrent-ruby (1.1.5)
121
- crass (1.0.5)
121
+ crass (1.0.6)
122
122
  cucumber (3.1.2)
123
123
  builder (>= 2.1.2)
124
124
  cucumber-core (~> 3.2.0)
@@ -190,7 +190,7 @@ GEM
190
190
  listen (3.2.0)
191
191
  rb-fsevent (~> 0.10, >= 0.10.3)
192
192
  rb-inotify (~> 0.9, >= 0.9.10)
193
- loofah (2.3.1)
193
+ loofah (2.18.0)
194
194
  crass (~> 1.0.2)
195
195
  nokogiri (>= 1.5.9)
196
196
  lumberjack (1.0.13)
@@ -206,7 +206,7 @@ GEM
206
206
  multi_json (1.14.1)
207
207
  multi_test (0.1.2)
208
208
  nenv (0.3.0)
209
- nokogiri (1.13.3)
209
+ nokogiri (1.13.6)
210
210
  mini_portile2 (~> 2.8.0)
211
211
  racc (~> 1.4)
212
212
  notiffany (0.1.3)
@@ -222,13 +222,13 @@ GEM
222
222
  pry (~> 0.10)
223
223
  public_suffix (4.0.6)
224
224
  racc (1.6.0)
225
- rack (2.2.3)
225
+ rack (2.2.3.1)
226
226
  rack-test (1.1.0)
227
227
  rack (>= 1.0, < 3)
228
228
  rails-dom-testing (2.0.3)
229
229
  activesupport (>= 4.2.0)
230
230
  nokogiri (>= 1.6)
231
- rails-html-sanitizer (1.3.0)
231
+ rails-html-sanitizer (1.4.3)
232
232
  loofah (~> 2.3)
233
233
  railties (6.0.0)
234
234
  actionpack (= 6.0.0)
@@ -260,7 +260,7 @@ GEM
260
260
  power_assert
261
261
  thor (0.20.3)
262
262
  thread_safe (0.3.6)
263
- tzinfo (1.2.5)
263
+ tzinfo (1.2.10)
264
264
  thread_safe (~> 0.1)
265
265
  warden (1.2.9)
266
266
  rack (>= 2.0.9)
data/README.md CHANGED
@@ -167,7 +167,7 @@ in `routes.rb`:
167
167
  Devise.masquerade_bypass_warden_callback = false
168
168
  Devise.masquerade_routes_back = false # if true, route back to the page the user was on via redirect_back
169
169
  Devise.masquerading_resource_class = AdminUser
170
- # optional: Devise.masquerading_resource_class = 'AdminUser'
170
+ # optional: Devise.masquerading_resource_class_name = 'AdminUser'
171
171
 
172
172
  # optional, default: masquerading_resource_class.model_name.param_key
173
173
  Devise.masquerading_resource_name = :admin_user
@@ -177,6 +177,10 @@ in `routes.rb`:
177
177
 
178
178
  # optional, default: masqueraded_resource_class.model_name.param_key
179
179
  Devise.masqueraded_resource_name = :user
180
+
181
+ # optional, default: masquerade_storage_method = :session
182
+ # values: :session, :cache
183
+ Devise.masquerade_storage_method = :session
180
184
  ```
181
185
 
182
186
  ## Demo project
@@ -77,7 +77,13 @@ class Devise::MasqueradesController < DeviseController
77
77
  def find_owner_resource(masqueradable_resource)
78
78
  skey = session_key(masqueradable_resource, masquerading_guid)
79
79
 
80
- GlobalID::Locator.locate_signed(Rails.cache.read(skey), for: 'masquerade')
80
+ data = if Devise.masquerade_storage_method_session?
81
+ session[skey]
82
+ else
83
+ Rails.cache.read(skey)
84
+ end
85
+
86
+ GlobalID::Locator.locate_signed(data, for: 'masquerade')
81
87
  end
82
88
 
83
89
  def go_back(user, path:)
@@ -157,9 +163,15 @@ class Devise::MasqueradesController < DeviseController
157
163
 
158
164
  resource_gid = send("current_#{masquerading_resource_name}").to_sgid(for: 'masquerade')
159
165
 
160
- # skip sharing owner id via session
161
- Rails.cache.write(skey, resource_gid)
162
- session[skey] = true
166
+ if Devise.masquerade_storage_method_session?
167
+ session[skey] = resource_gid
168
+ else
169
+ # skip sharing owner id via session
170
+ Rails.cache.write(skey, resource_gid)
171
+
172
+ session[skey] = true
173
+ end
174
+
163
175
  session[session_key_masquerading_resource_class] = masquerading_resource_class.name
164
176
  session[session_key_masqueraded_resource_class] = masqueraded_resource_class.name
165
177
  session[session_key_masquerading_resource_guid] = guid
@@ -168,8 +180,8 @@ class Devise::MasqueradesController < DeviseController
168
180
  def cleanup_masquerade_owner_session(masqueradable_resource)
169
181
  skey = session_key(masqueradable_resource, masquerading_guid)
170
182
 
171
- Rails.cache.delete(skey)
172
- session.delete(skey)
183
+ Rails.cache.delete(skey) if Devise.masquerade_storage_method_cache?
184
+
173
185
  session.delete(session_key_masqueraded_resource_class)
174
186
  session.delete(session_key_masquerading_resource_class)
175
187
  session.delete(session_key_masquerading_resource_guid)
@@ -3,8 +3,21 @@ Feature: Use back button for returning to the owner of the masquerade action.
3
3
  As an masquerade user
4
4
  I want to be able to press a simple button on the page
5
5
 
6
- Scenario: Use back button
6
+ Scenario: Use back button with cache
7
7
  Given I logged in
8
+ And devise masquerade configured to use cache
9
+ And I have a user for masquerade
10
+
11
+ When I am on the users page
12
+ And I login as one user
13
+ Then I should be login as this user
14
+
15
+ When I press back masquerade button
16
+ Then I should be login as owner user
17
+
18
+ Scenario: Use back button with session
19
+ Given I logged in
20
+ And devise masquerade configured to use session
8
21
  And I have a user for masquerade
9
22
 
10
23
  When I am on the users page
@@ -3,8 +3,24 @@ Feature: Use back button for returning to the owner despite on expiration time.
3
3
  As an masquerade user
4
4
  I want to be able to press a simple button on the page
5
5
 
6
- Scenario: Use back button
6
+ Scenario: Use back button with cache
7
7
  Given I logged in
8
+ And devise masquerade configured to use cache
9
+ And I have a user for masquerade
10
+
11
+ When I have devise masquerade expiration time in 1 second
12
+
13
+ When I am on the users page
14
+ And I login as one user
15
+ Then I should be login as this user
16
+ And I waited for 2 seconds
17
+
18
+ When I press back masquerade button
19
+ Then I should be login as owner user
20
+
21
+ Scenario: Use back button with session
22
+ Given I logged in
23
+ And devise masquerade configured to use session
8
24
  And I have a user for masquerade
9
25
 
10
26
  When I have devise masquerade expiration time in 1 second
@@ -9,3 +9,10 @@ Given /^I logged in$/ do
9
9
  click_on 'Log in'
10
10
  end
11
11
 
12
+ Given("devise masquerade configured to use cache") do
13
+ Devise.masquerade_storage_method = :cache
14
+ end
15
+
16
+ Given("devise masquerade configured to use session") do
17
+ Devise.masquerade_storage_method = :session
18
+ end
@@ -43,13 +43,22 @@ module DeviseMasquerade
43
43
  return false if current_#{name}.blank?
44
44
  return false if session[#{name}_helper_session_key].blank?
45
45
 
46
- ::Rails.cache.exist?(#{name}_helper_session_key).present?
46
+ if Devise.masquerade_storage_method_session?
47
+ session[#{name}_helper_session_key].present?
48
+ else
49
+ ::Rails.cache.exist?(#{name}_helper_session_key).present?
50
+ end
47
51
  end
48
52
 
49
53
  def #{name}_masquerade_owner
50
54
  return unless send(:#{name}_masquerade?)
51
55
 
52
- sgid = ::Rails.cache.read(#{name}_helper_session_key)
56
+ sgid = if Devise.masquerade_storage_method_session?
57
+ session[#{name}_helper_session_key]
58
+ else
59
+ ::Rails.cache.read(#{name}_helper_session_key)
60
+ end
61
+
53
62
  GlobalID::Locator.locate_signed(sgid, for: 'masquerade')
54
63
  end
55
64
 
@@ -1,3 +1,3 @@
1
1
  module DeviseMasquerade
2
- VERSION = '1.3.11'.freeze
2
+ VERSION = '2.0.0'.freeze
3
3
  end
@@ -39,6 +39,20 @@ module Devise
39
39
  # Example: Devise.masquerading_resource_name = :admin_user
40
40
  mattr_accessor :masquerading_resource_name
41
41
 
42
+ # Example: Devise.masquerade_storage_method = :session
43
+ # - session
44
+ # - cache
45
+ mattr_accessor :masquerade_storage_method
46
+ @@masquerade_storage_method = :session
47
+
48
+ def self.masquerade_storage_method_session?
49
+ Devise.masquerade_storage_method == :session
50
+ end
51
+
52
+ def self.masquerade_storage_method_cache?
53
+ Devise.masquerade_storage_method == :cache
54
+ end
55
+
42
56
  @@helpers << DeviseMasquerade::Controllers::Helpers
43
57
  end
44
58
 
@@ -1,6 +1,9 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Devise::MasqueradesController, type: :controller do
4
+ before { Devise.masquerade_storage_method = :cache }
5
+ after { Devise.masquerade_storage_method = :session }
6
+
4
7
  context 'with configured devise app' do
5
8
  before { @request.env['devise.mapping'] = Devise.mappings[:user] }
6
9
 
@@ -1,6 +1,9 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe MasqueradesTestsController, type: :controller do
4
+ before { Devise.masquerade_storage_method = :cache }
5
+ after { Devise.masquerade_storage_method = :session }
6
+
4
7
  before { @request.env['devise.mapping'] = Devise.mappings[:user] }
5
8
 
6
9
  context 'no access for masquerade' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_masquerade
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.11
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alexandr Korsak
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-28 00:00:00.000000000 Z
11
+ date: 2022-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler