devise_masquerade 1.3.12 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +4 -0
- data/app/controllers/devise/masquerades_controller.rb +18 -6
- data/features/back.feature +14 -1
- data/features/expires_masquerade.feature +17 -1
- data/features/step_definitions/auth_steps.rb +7 -0
- data/lib/devise_masquerade/controllers/helpers.rb +11 -2
- data/lib/devise_masquerade/version.rb +1 -1
- data/lib/devise_masquerade.rb +14 -0
- data/spec/controllers/devise/masquerades_controller_spec.rb +3 -0
- data/spec/controllers/masquerades_tests_controller_spec.rb +3 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 99dc9de6d6af53393db0f0f0a8c8b80191bf203bad2ba604eb50dce7708aa314
|
|
4
|
+
data.tar.gz: a8a89851d08443baaf4e7106bec7267d7a0c8209f01da40431874672ff56d1c9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 13133209d039b4f64ff124fc88935198e4cde0ee181abd6ce973b9d31f2618d6ed2512a27adf9c3f5d32be4fff16084f15135a6f95b97ff96b0a430ba4f9819a
|
|
7
|
+
data.tar.gz: 0b4455f0adfd73ea7a49794349d686010c47157e4e30a836ea9a811f05005f8533af55a1945401f2595845ccd82cc2a84f4b6aa392ef0dcc3bea5b423f9ef35a
|
data/Gemfile.lock
CHANGED
|
@@ -52,7 +52,7 @@ GIT
|
|
|
52
52
|
PATH
|
|
53
53
|
remote: .
|
|
54
54
|
specs:
|
|
55
|
-
devise_masquerade (
|
|
55
|
+
devise_masquerade (2.0.0)
|
|
56
56
|
devise (>= 4.7.0)
|
|
57
57
|
globalid (>= 0.3.6)
|
|
58
58
|
railties (>= 5.2.0)
|
|
@@ -260,7 +260,7 @@ GEM
|
|
|
260
260
|
power_assert
|
|
261
261
|
thor (0.20.3)
|
|
262
262
|
thread_safe (0.3.6)
|
|
263
|
-
tzinfo (1.2.
|
|
263
|
+
tzinfo (1.2.10)
|
|
264
264
|
thread_safe (~> 0.1)
|
|
265
265
|
warden (1.2.9)
|
|
266
266
|
rack (>= 2.0.9)
|
data/README.md
CHANGED
|
@@ -177,6 +177,10 @@ in `routes.rb`:
|
|
|
177
177
|
|
|
178
178
|
# optional, default: masqueraded_resource_class.model_name.param_key
|
|
179
179
|
Devise.masqueraded_resource_name = :user
|
|
180
|
+
|
|
181
|
+
# optional, default: masquerade_storage_method = :session
|
|
182
|
+
# values: :session, :cache
|
|
183
|
+
Devise.masquerade_storage_method = :session
|
|
180
184
|
```
|
|
181
185
|
|
|
182
186
|
## Demo project
|
|
@@ -77,7 +77,13 @@ class Devise::MasqueradesController < DeviseController
|
|
|
77
77
|
def find_owner_resource(masqueradable_resource)
|
|
78
78
|
skey = session_key(masqueradable_resource, masquerading_guid)
|
|
79
79
|
|
|
80
|
-
|
|
80
|
+
data = if Devise.masquerade_storage_method_session?
|
|
81
|
+
session[skey]
|
|
82
|
+
else
|
|
83
|
+
Rails.cache.read(skey)
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
GlobalID::Locator.locate_signed(data, for: 'masquerade')
|
|
81
87
|
end
|
|
82
88
|
|
|
83
89
|
def go_back(user, path:)
|
|
@@ -157,9 +163,15 @@ class Devise::MasqueradesController < DeviseController
|
|
|
157
163
|
|
|
158
164
|
resource_gid = send("current_#{masquerading_resource_name}").to_sgid(for: 'masquerade')
|
|
159
165
|
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
166
|
+
if Devise.masquerade_storage_method_session?
|
|
167
|
+
session[skey] = resource_gid
|
|
168
|
+
else
|
|
169
|
+
# skip sharing owner id via session
|
|
170
|
+
Rails.cache.write(skey, resource_gid)
|
|
171
|
+
|
|
172
|
+
session[skey] = true
|
|
173
|
+
end
|
|
174
|
+
|
|
163
175
|
session[session_key_masquerading_resource_class] = masquerading_resource_class.name
|
|
164
176
|
session[session_key_masqueraded_resource_class] = masqueraded_resource_class.name
|
|
165
177
|
session[session_key_masquerading_resource_guid] = guid
|
|
@@ -168,8 +180,8 @@ class Devise::MasqueradesController < DeviseController
|
|
|
168
180
|
def cleanup_masquerade_owner_session(masqueradable_resource)
|
|
169
181
|
skey = session_key(masqueradable_resource, masquerading_guid)
|
|
170
182
|
|
|
171
|
-
Rails.cache.delete(skey)
|
|
172
|
-
|
|
183
|
+
Rails.cache.delete(skey) if Devise.masquerade_storage_method_cache?
|
|
184
|
+
|
|
173
185
|
session.delete(session_key_masqueraded_resource_class)
|
|
174
186
|
session.delete(session_key_masquerading_resource_class)
|
|
175
187
|
session.delete(session_key_masquerading_resource_guid)
|
data/features/back.feature
CHANGED
|
@@ -3,8 +3,21 @@ Feature: Use back button for returning to the owner of the masquerade action.
|
|
|
3
3
|
As an masquerade user
|
|
4
4
|
I want to be able to press a simple button on the page
|
|
5
5
|
|
|
6
|
-
Scenario: Use back button
|
|
6
|
+
Scenario: Use back button with cache
|
|
7
7
|
Given I logged in
|
|
8
|
+
And devise masquerade configured to use cache
|
|
9
|
+
And I have a user for masquerade
|
|
10
|
+
|
|
11
|
+
When I am on the users page
|
|
12
|
+
And I login as one user
|
|
13
|
+
Then I should be login as this user
|
|
14
|
+
|
|
15
|
+
When I press back masquerade button
|
|
16
|
+
Then I should be login as owner user
|
|
17
|
+
|
|
18
|
+
Scenario: Use back button with session
|
|
19
|
+
Given I logged in
|
|
20
|
+
And devise masquerade configured to use session
|
|
8
21
|
And I have a user for masquerade
|
|
9
22
|
|
|
10
23
|
When I am on the users page
|
|
@@ -3,8 +3,24 @@ Feature: Use back button for returning to the owner despite on expiration time.
|
|
|
3
3
|
As an masquerade user
|
|
4
4
|
I want to be able to press a simple button on the page
|
|
5
5
|
|
|
6
|
-
Scenario: Use back button
|
|
6
|
+
Scenario: Use back button with cache
|
|
7
7
|
Given I logged in
|
|
8
|
+
And devise masquerade configured to use cache
|
|
9
|
+
And I have a user for masquerade
|
|
10
|
+
|
|
11
|
+
When I have devise masquerade expiration time in 1 second
|
|
12
|
+
|
|
13
|
+
When I am on the users page
|
|
14
|
+
And I login as one user
|
|
15
|
+
Then I should be login as this user
|
|
16
|
+
And I waited for 2 seconds
|
|
17
|
+
|
|
18
|
+
When I press back masquerade button
|
|
19
|
+
Then I should be login as owner user
|
|
20
|
+
|
|
21
|
+
Scenario: Use back button with session
|
|
22
|
+
Given I logged in
|
|
23
|
+
And devise masquerade configured to use session
|
|
8
24
|
And I have a user for masquerade
|
|
9
25
|
|
|
10
26
|
When I have devise masquerade expiration time in 1 second
|
|
@@ -9,3 +9,10 @@ Given /^I logged in$/ do
|
|
|
9
9
|
click_on 'Log in'
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
+
Given("devise masquerade configured to use cache") do
|
|
13
|
+
Devise.masquerade_storage_method = :cache
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
Given("devise masquerade configured to use session") do
|
|
17
|
+
Devise.masquerade_storage_method = :session
|
|
18
|
+
end
|
|
@@ -43,13 +43,22 @@ module DeviseMasquerade
|
|
|
43
43
|
return false if current_#{name}.blank?
|
|
44
44
|
return false if session[#{name}_helper_session_key].blank?
|
|
45
45
|
|
|
46
|
-
|
|
46
|
+
if Devise.masquerade_storage_method_session?
|
|
47
|
+
session[#{name}_helper_session_key].present?
|
|
48
|
+
else
|
|
49
|
+
::Rails.cache.exist?(#{name}_helper_session_key).present?
|
|
50
|
+
end
|
|
47
51
|
end
|
|
48
52
|
|
|
49
53
|
def #{name}_masquerade_owner
|
|
50
54
|
return unless send(:#{name}_masquerade?)
|
|
51
55
|
|
|
52
|
-
sgid =
|
|
56
|
+
sgid = if Devise.masquerade_storage_method_session?
|
|
57
|
+
session[#{name}_helper_session_key]
|
|
58
|
+
else
|
|
59
|
+
::Rails.cache.read(#{name}_helper_session_key)
|
|
60
|
+
end
|
|
61
|
+
|
|
53
62
|
GlobalID::Locator.locate_signed(sgid, for: 'masquerade')
|
|
54
63
|
end
|
|
55
64
|
|
data/lib/devise_masquerade.rb
CHANGED
|
@@ -39,6 +39,20 @@ module Devise
|
|
|
39
39
|
# Example: Devise.masquerading_resource_name = :admin_user
|
|
40
40
|
mattr_accessor :masquerading_resource_name
|
|
41
41
|
|
|
42
|
+
# Example: Devise.masquerade_storage_method = :session
|
|
43
|
+
# - session
|
|
44
|
+
# - cache
|
|
45
|
+
mattr_accessor :masquerade_storage_method
|
|
46
|
+
@@masquerade_storage_method = :session
|
|
47
|
+
|
|
48
|
+
def self.masquerade_storage_method_session?
|
|
49
|
+
Devise.masquerade_storage_method == :session
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def self.masquerade_storage_method_cache?
|
|
53
|
+
Devise.masquerade_storage_method == :cache
|
|
54
|
+
end
|
|
55
|
+
|
|
42
56
|
@@helpers << DeviseMasquerade::Controllers::Helpers
|
|
43
57
|
end
|
|
44
58
|
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::MasqueradesController, type: :controller do
|
|
4
|
+
before { Devise.masquerade_storage_method = :cache }
|
|
5
|
+
after { Devise.masquerade_storage_method = :session }
|
|
6
|
+
|
|
4
7
|
context 'with configured devise app' do
|
|
5
8
|
before { @request.env['devise.mapping'] = Devise.mappings[:user] }
|
|
6
9
|
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe MasqueradesTestsController, type: :controller do
|
|
4
|
+
before { Devise.masquerade_storage_method = :cache }
|
|
5
|
+
after { Devise.masquerade_storage_method = :session }
|
|
6
|
+
|
|
4
7
|
before { @request.env['devise.mapping'] = Devise.mappings[:user] }
|
|
5
8
|
|
|
6
9
|
context 'no access for masquerade' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_masquerade
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexandr Korsak
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|