devise_masquerade 0.5.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise_masquerade might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +49 -7
- data/app/controllers/devise/masquerades_controller.rb +5 -1
- data/lib/devise_masquerade/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7697f7796ae221a16c23706efcc051b1209a9e4d
|
|
4
|
+
data.tar.gz: 4c813e1baeda19e25d225bd1c35b56bae5689563
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b7b250e0c7fa601ddb5620b761dcf6609c4fa8b941ec7852ca0a2bab15ee4277d909f370177f9480d92b3bcd07e04bf9bc3f8b042223c33c2220d47ea4a8751d
|
|
7
|
+
data.tar.gz: 11b1f301ff06051b7219b5ff446dedd54cf9f05b3e2cd2e8ee4697678e6ca6d5e4c5d13e224d7551e32001b3920ae7cc54b0483f4bfee240a42942bdd88deab3
|
data/README.md
CHANGED
|
@@ -34,11 +34,15 @@ In the view you can use url helper for defining link:
|
|
|
34
34
|
|
|
35
35
|
In the model you'll need to add the parameter :masqueradable to the existing comma separated values in the devise method:
|
|
36
36
|
|
|
37
|
+
```ruby
|
|
37
38
|
devise :invitable, :confirmable, :database_authenticatable, :registerable, :masqueradable
|
|
39
|
+
```
|
|
38
40
|
|
|
39
41
|
Add into your application_controller.rb:
|
|
40
42
|
|
|
43
|
+
```ruby
|
|
41
44
|
before_action :masquerade_user!
|
|
45
|
+
```
|
|
42
46
|
|
|
43
47
|
Instead of user you can use your resource name admin, student or another names.
|
|
44
48
|
|
|
@@ -51,6 +55,7 @@ helpers:
|
|
|
51
55
|
|
|
52
56
|
## Custom controller for adding cancan for authorization
|
|
53
57
|
|
|
58
|
+
```ruby
|
|
54
59
|
class Admin::MasqueradesController < Devise::MasqueradesController
|
|
55
60
|
def show
|
|
56
61
|
super
|
|
@@ -67,9 +72,33 @@ helpers:
|
|
|
67
72
|
# <has access to something?> (true/false)
|
|
68
73
|
# end
|
|
69
74
|
end
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
## Alternatively using Pundit
|
|
78
|
+
|
|
79
|
+
Controller:
|
|
80
|
+
|
|
81
|
+
```ruby
|
|
82
|
+
class Admin::MasqueradesController < Devise::MasqueradesController
|
|
83
|
+
protected
|
|
84
|
+
|
|
85
|
+
def masquerade_authorize!
|
|
86
|
+
authorize(User, :masquerade?) unless params[:action] == 'back'
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
In your view:
|
|
92
|
+
|
|
93
|
+
```erb
|
|
94
|
+
<% if policy(@user).masquerade? %>
|
|
95
|
+
<%= link_to "Login as", masquerade_path(@user) %>
|
|
96
|
+
<% end %>
|
|
97
|
+
```
|
|
70
98
|
|
|
71
99
|
## Custom url redirect after masquerade:
|
|
72
100
|
|
|
101
|
+
```ruby
|
|
73
102
|
class Admin::MasqueradesController < Devise::MasqueradesController
|
|
74
103
|
protected
|
|
75
104
|
|
|
@@ -77,20 +106,38 @@ helpers:
|
|
|
77
106
|
"/custom_url"
|
|
78
107
|
end
|
|
79
108
|
end
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
## Overriding the finder
|
|
112
|
+
|
|
113
|
+
For example, if you use FriendlyId:
|
|
114
|
+
|
|
115
|
+
```ruby
|
|
116
|
+
class Admin::MasqueradesController < Devise::MasqueradesController
|
|
117
|
+
protected
|
|
118
|
+
|
|
119
|
+
def find_resource
|
|
120
|
+
masqueraded_resource_class.friendly.find(params[:id])
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
```
|
|
80
124
|
|
|
81
125
|
#### Dont forget to update your Devise routes to point at your Custom Authorization Controller
|
|
82
126
|
in `routes.rb`:
|
|
83
127
|
|
|
128
|
+
```ruby
|
|
84
129
|
devise_for :users, controllers: { masquerades: "admin/masquerades" }
|
|
85
|
-
|
|
130
|
+
```
|
|
86
131
|
|
|
87
132
|
## You can redefine few options:
|
|
88
133
|
|
|
134
|
+
```ruby
|
|
89
135
|
Devise.masquerade_param = 'masquerade'
|
|
90
136
|
Devise.masquerade_expires_in = 10.seconds
|
|
91
137
|
Devise.masquerade_key_size = 16 # size of the generate by SecureRandom.urlsafe_base64
|
|
92
138
|
Devise.masquerade_bypass_warden_callback = false
|
|
93
139
|
Devise.masquerade_routes_back = false # if true, route back to the page the user was on via redirect_back
|
|
140
|
+
```
|
|
94
141
|
|
|
95
142
|
## Demo project
|
|
96
143
|
|
|
@@ -103,12 +150,7 @@ And check http://localhost:3000/, use for login user1@example.com and
|
|
|
103
150
|
|
|
104
151
|
## Test project
|
|
105
152
|
|
|
106
|
-
|
|
107
|
-
RAILS_ENV=test rake db:setup
|
|
108
|
-
cd -
|
|
109
|
-
rspec
|
|
110
|
-
cucumber
|
|
111
|
-
|
|
153
|
+
make test
|
|
112
154
|
|
|
113
155
|
## Contributing
|
|
114
156
|
|
|
@@ -18,7 +18,7 @@ class Devise::MasqueradesController < DeviseController
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def show
|
|
21
|
-
self.resource =
|
|
21
|
+
self.resource = find_resource
|
|
22
22
|
|
|
23
23
|
unless self.resource
|
|
24
24
|
flash[:error] = "#{masqueraded_resource_class} not found."
|
|
@@ -90,6 +90,10 @@ class Devise::MasqueradesController < DeviseController
|
|
|
90
90
|
def masquerade_authorized?
|
|
91
91
|
true
|
|
92
92
|
end
|
|
93
|
+
|
|
94
|
+
def find_resource
|
|
95
|
+
masqueraded_resource_class.to_adapter.find_first(:id => params[:id])
|
|
96
|
+
end
|
|
93
97
|
|
|
94
98
|
private
|
|
95
99
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_masquerade
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexandr Korsak
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-07-
|
|
11
|
+
date: 2017-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|