devise_masquerade 1.3.12 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +4 -0
- data/app/controllers/devise/masquerades_controller.rb +21 -7
- data/features/back.feature +14 -1
- data/features/expires_masquerade.feature +17 -1
- data/features/step_definitions/auth_steps.rb +7 -0
- data/lib/devise_masquerade/controllers/helpers.rb +11 -2
- data/lib/devise_masquerade/version.rb +1 -1
- data/lib/devise_masquerade.rb +14 -0
- data/spec/controllers/devise/masquerades_controller_spec.rb +3 -0
- data/spec/controllers/masquerades_tests_controller_spec.rb +3 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0e7178dc0f54d070a2f4e839f320f65c5506b215a902cc2180b8e357d1a9f62d
|
|
4
|
+
data.tar.gz: 5466190dbaae779ca45abaa8e65f526e1b99805a493019c8dc67572d387b8022
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f2b85a5241c5aef644ca6139f89807631b6e93ebcbc2fc77f0b88f74e43bd411a056bb49c3340ae63322e22cf13a5ca4185208d7c8c778e124d04fa37bb19cbd
|
|
7
|
+
data.tar.gz: 374dacc212988505fca5cfea9188a7fcdce44d174b54b3cd980363b37c377bb92713ab8467858eefa62d23568783e09929bcdace08efa344bf5610f382e32f31
|
data/Gemfile.lock
CHANGED
|
@@ -52,7 +52,7 @@ GIT
|
|
|
52
52
|
PATH
|
|
53
53
|
remote: .
|
|
54
54
|
specs:
|
|
55
|
-
devise_masquerade (
|
|
55
|
+
devise_masquerade (2.0.1)
|
|
56
56
|
devise (>= 4.7.0)
|
|
57
57
|
globalid (>= 0.3.6)
|
|
58
58
|
railties (>= 5.2.0)
|
|
@@ -260,7 +260,7 @@ GEM
|
|
|
260
260
|
power_assert
|
|
261
261
|
thor (0.20.3)
|
|
262
262
|
thread_safe (0.3.6)
|
|
263
|
-
tzinfo (1.2.
|
|
263
|
+
tzinfo (1.2.10)
|
|
264
264
|
thread_safe (~> 0.1)
|
|
265
265
|
warden (1.2.9)
|
|
266
266
|
rack (>= 2.0.9)
|
data/README.md
CHANGED
|
@@ -177,6 +177,10 @@ in `routes.rb`:
|
|
|
177
177
|
|
|
178
178
|
# optional, default: masqueraded_resource_class.model_name.param_key
|
|
179
179
|
Devise.masqueraded_resource_name = :user
|
|
180
|
+
|
|
181
|
+
# optional, default: masquerade_storage_method = :session
|
|
182
|
+
# values: :session, :cache
|
|
183
|
+
Devise.masquerade_storage_method = :session
|
|
180
184
|
```
|
|
181
185
|
|
|
182
186
|
## Demo project
|
|
@@ -77,7 +77,15 @@ class Devise::MasqueradesController < DeviseController
|
|
|
77
77
|
def find_owner_resource(masqueradable_resource)
|
|
78
78
|
skey = session_key(masqueradable_resource, masquerading_guid)
|
|
79
79
|
|
|
80
|
-
|
|
80
|
+
if Devise.masquerade_storage_method_session?
|
|
81
|
+
resource_id = session[skey]
|
|
82
|
+
|
|
83
|
+
masqueraded_resource_class.find(resource_id)
|
|
84
|
+
else
|
|
85
|
+
data = Rails.cache.read(skey)
|
|
86
|
+
|
|
87
|
+
GlobalID::Locator.locate_signed(data, for: 'masquerade')
|
|
88
|
+
end
|
|
81
89
|
end
|
|
82
90
|
|
|
83
91
|
def go_back(user, path:)
|
|
@@ -155,11 +163,17 @@ class Devise::MasqueradesController < DeviseController
|
|
|
155
163
|
|
|
156
164
|
skey = session_key(masqueradable_resource, guid)
|
|
157
165
|
|
|
158
|
-
|
|
166
|
+
resource_obj = send("current_#{masquerading_resource_name}")
|
|
167
|
+
|
|
168
|
+
if Devise.masquerade_storage_method_session?
|
|
169
|
+
session[skey] = resource_obj.to_param
|
|
170
|
+
else
|
|
171
|
+
# skip sharing owner id via session
|
|
172
|
+
Rails.cache.write(skey, resource_obj.to_sgid(for: 'masquerade'))
|
|
173
|
+
|
|
174
|
+
session[skey] = true
|
|
175
|
+
end
|
|
159
176
|
|
|
160
|
-
# skip sharing owner id via session
|
|
161
|
-
Rails.cache.write(skey, resource_gid)
|
|
162
|
-
session[skey] = true
|
|
163
177
|
session[session_key_masquerading_resource_class] = masquerading_resource_class.name
|
|
164
178
|
session[session_key_masqueraded_resource_class] = masqueraded_resource_class.name
|
|
165
179
|
session[session_key_masquerading_resource_guid] = guid
|
|
@@ -168,8 +182,8 @@ class Devise::MasqueradesController < DeviseController
|
|
|
168
182
|
def cleanup_masquerade_owner_session(masqueradable_resource)
|
|
169
183
|
skey = session_key(masqueradable_resource, masquerading_guid)
|
|
170
184
|
|
|
171
|
-
Rails.cache.delete(skey)
|
|
172
|
-
|
|
185
|
+
Rails.cache.delete(skey) if Devise.masquerade_storage_method_cache?
|
|
186
|
+
|
|
173
187
|
session.delete(session_key_masqueraded_resource_class)
|
|
174
188
|
session.delete(session_key_masquerading_resource_class)
|
|
175
189
|
session.delete(session_key_masquerading_resource_guid)
|
data/features/back.feature
CHANGED
|
@@ -3,8 +3,21 @@ Feature: Use back button for returning to the owner of the masquerade action.
|
|
|
3
3
|
As an masquerade user
|
|
4
4
|
I want to be able to press a simple button on the page
|
|
5
5
|
|
|
6
|
-
Scenario: Use back button
|
|
6
|
+
Scenario: Use back button with cache
|
|
7
7
|
Given I logged in
|
|
8
|
+
And devise masquerade configured to use cache
|
|
9
|
+
And I have a user for masquerade
|
|
10
|
+
|
|
11
|
+
When I am on the users page
|
|
12
|
+
And I login as one user
|
|
13
|
+
Then I should be login as this user
|
|
14
|
+
|
|
15
|
+
When I press back masquerade button
|
|
16
|
+
Then I should be login as owner user
|
|
17
|
+
|
|
18
|
+
Scenario: Use back button with session
|
|
19
|
+
Given I logged in
|
|
20
|
+
And devise masquerade configured to use session
|
|
8
21
|
And I have a user for masquerade
|
|
9
22
|
|
|
10
23
|
When I am on the users page
|
|
@@ -3,8 +3,24 @@ Feature: Use back button for returning to the owner despite on expiration time.
|
|
|
3
3
|
As an masquerade user
|
|
4
4
|
I want to be able to press a simple button on the page
|
|
5
5
|
|
|
6
|
-
Scenario: Use back button
|
|
6
|
+
Scenario: Use back button with cache
|
|
7
7
|
Given I logged in
|
|
8
|
+
And devise masquerade configured to use cache
|
|
9
|
+
And I have a user for masquerade
|
|
10
|
+
|
|
11
|
+
When I have devise masquerade expiration time in 1 second
|
|
12
|
+
|
|
13
|
+
When I am on the users page
|
|
14
|
+
And I login as one user
|
|
15
|
+
Then I should be login as this user
|
|
16
|
+
And I waited for 2 seconds
|
|
17
|
+
|
|
18
|
+
When I press back masquerade button
|
|
19
|
+
Then I should be login as owner user
|
|
20
|
+
|
|
21
|
+
Scenario: Use back button with session
|
|
22
|
+
Given I logged in
|
|
23
|
+
And devise masquerade configured to use session
|
|
8
24
|
And I have a user for masquerade
|
|
9
25
|
|
|
10
26
|
When I have devise masquerade expiration time in 1 second
|
|
@@ -9,3 +9,10 @@ Given /^I logged in$/ do
|
|
|
9
9
|
click_on 'Log in'
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
+
Given("devise masquerade configured to use cache") do
|
|
13
|
+
Devise.masquerade_storage_method = :cache
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
Given("devise masquerade configured to use session") do
|
|
17
|
+
Devise.masquerade_storage_method = :session
|
|
18
|
+
end
|
|
@@ -43,13 +43,22 @@ module DeviseMasquerade
|
|
|
43
43
|
return false if current_#{name}.blank?
|
|
44
44
|
return false if session[#{name}_helper_session_key].blank?
|
|
45
45
|
|
|
46
|
-
|
|
46
|
+
if Devise.masquerade_storage_method_session?
|
|
47
|
+
session[#{name}_helper_session_key].present?
|
|
48
|
+
else
|
|
49
|
+
::Rails.cache.exist?(#{name}_helper_session_key).present?
|
|
50
|
+
end
|
|
47
51
|
end
|
|
48
52
|
|
|
49
53
|
def #{name}_masquerade_owner
|
|
50
54
|
return unless send(:#{name}_masquerade?)
|
|
51
55
|
|
|
52
|
-
sgid =
|
|
56
|
+
sgid = if Devise.masquerade_storage_method_session?
|
|
57
|
+
session[#{name}_helper_session_key]
|
|
58
|
+
else
|
|
59
|
+
::Rails.cache.read(#{name}_helper_session_key)
|
|
60
|
+
end
|
|
61
|
+
|
|
53
62
|
GlobalID::Locator.locate_signed(sgid, for: 'masquerade')
|
|
54
63
|
end
|
|
55
64
|
|
data/lib/devise_masquerade.rb
CHANGED
|
@@ -39,6 +39,20 @@ module Devise
|
|
|
39
39
|
# Example: Devise.masquerading_resource_name = :admin_user
|
|
40
40
|
mattr_accessor :masquerading_resource_name
|
|
41
41
|
|
|
42
|
+
# Example: Devise.masquerade_storage_method = :session
|
|
43
|
+
# - session
|
|
44
|
+
# - cache
|
|
45
|
+
mattr_accessor :masquerade_storage_method
|
|
46
|
+
@@masquerade_storage_method = :session
|
|
47
|
+
|
|
48
|
+
def self.masquerade_storage_method_session?
|
|
49
|
+
Devise.masquerade_storage_method == :session
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def self.masquerade_storage_method_cache?
|
|
53
|
+
Devise.masquerade_storage_method == :cache
|
|
54
|
+
end
|
|
55
|
+
|
|
42
56
|
@@helpers << DeviseMasquerade::Controllers::Helpers
|
|
43
57
|
end
|
|
44
58
|
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::MasqueradesController, type: :controller do
|
|
4
|
+
before { Devise.masquerade_storage_method = :cache }
|
|
5
|
+
after { Devise.masquerade_storage_method = :session }
|
|
6
|
+
|
|
4
7
|
context 'with configured devise app' do
|
|
5
8
|
before { @request.env['devise.mapping'] = Devise.mappings[:user] }
|
|
6
9
|
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe MasqueradesTestsController, type: :controller do
|
|
4
|
+
before { Devise.masquerade_storage_method = :cache }
|
|
5
|
+
after { Devise.masquerade_storage_method = :session }
|
|
6
|
+
|
|
4
7
|
before { @request.env['devise.mapping'] = Devise.mappings[:user] }
|
|
5
8
|
|
|
6
9
|
context 'no access for masquerade' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_masquerade
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexandr Korsak
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|