drillbit 2.0.1 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/drillbit/authorizable_resource.rb +4 -28
- data/lib/drillbit/authorizers/parameters/filtering.rb +17 -0
- data/lib/drillbit/authorizers/scope.rb +36 -10
- data/lib/drillbit/utilities/string.rb +18 -0
- data/lib/drillbit/version.rb +1 -1
- data/spec/drillbit/authorizers/scope_spec.rb +4 -5
- metadata +6 -4
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1b0722486e3348f08a8bdc4738993706215910d5
|
4
|
+
data.tar.gz: b978c35838ba619d4bf4ad1dc808b4f4b99dcd98
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 37e73c70b11476d9e98cb25e3eee61703b00caba5c37fcd2e30e6de3f4c471c80782905578ee57b5a65fef98898d6e0a9adfd7806768b14b1a80e80fb6c0ce7d
|
7
|
+
data.tar.gz: 4512cbf49593cf627be82c63b7d8a594a20bcf375be78e679051d5e701cf51d7f5d67355b34498ba68ae6463a3c75155a90c7f533264fbaffc97ce175318b867
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
@@ -83,11 +83,10 @@ module AuthorizableResource
|
|
83
83
|
@authorized_scope ||= self.
|
84
84
|
class.
|
85
85
|
authorizer_scope_class.
|
86
|
-
new(token:
|
87
|
-
user:
|
88
|
-
|
89
|
-
|
90
|
-
scope_root: authorized_scope_root).
|
86
|
+
new(token: token,
|
87
|
+
user: authorized_user,
|
88
|
+
params: authorized_params,
|
89
|
+
scope_root: authorized_scope_root).
|
91
90
|
call
|
92
91
|
end
|
93
92
|
|
@@ -133,33 +132,10 @@ module AuthorizableResource
|
|
133
132
|
constantize
|
134
133
|
end
|
135
134
|
|
136
|
-
def scoped_user_id
|
137
|
-
@scoped_user_id ||= if requested_user_id.blank?
|
138
|
-
nil
|
139
|
-
else
|
140
|
-
requested_user_id
|
141
|
-
end
|
142
|
-
end
|
143
|
-
|
144
|
-
def requested_user_id
|
145
|
-
@requested_user_id ||= params.
|
146
|
-
fetch(:filter, {}).
|
147
|
-
fetch(authorized_user_underscored_class_name,
|
148
|
-
authorized_user.id)
|
149
|
-
end
|
150
|
-
|
151
135
|
def authorized_user
|
152
136
|
current_user
|
153
137
|
end
|
154
138
|
|
155
|
-
def authorized_user_underscored_class_name
|
156
|
-
@authorized_user_underscored_class_name ||= authorized_user.
|
157
|
-
class.
|
158
|
-
name[/([^:]+)\z/, 1].
|
159
|
-
underscore.
|
160
|
-
downcase
|
161
|
-
end
|
162
|
-
|
163
139
|
def authorization_query
|
164
140
|
@authorization_query ||= "able_to_#{action_name}?"
|
165
141
|
end
|
@@ -45,6 +45,23 @@ class Filtering < Authorizers::Parameters
|
|
45
45
|
add_filterable_parameter(name)
|
46
46
|
end
|
47
47
|
end
|
48
|
+
|
49
|
+
# :reek:ControlParameter
|
50
|
+
# :reek:BooleanParameter
|
51
|
+
# :reek:DuplicateMethodCall
|
52
|
+
def filter_by_authenticated_owner(owner_id_name:,
|
53
|
+
owner_id_value:,
|
54
|
+
even_if_not_passed_in: true,
|
55
|
+
override_if_admin: false)
|
56
|
+
|
57
|
+
return true if !override_if_admin && token.admin?
|
58
|
+
|
59
|
+
params[:filter] ||= {}
|
60
|
+
|
61
|
+
if params[:filter][owner_id_name] || even_if_not_passed_in
|
62
|
+
params[:filter][owner_id_name] = owner_id_value
|
63
|
+
end
|
64
|
+
end
|
48
65
|
end
|
49
66
|
end
|
50
67
|
end
|
@@ -1,30 +1,56 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
require 'drillbit/utilities/string'
|
3
|
+
|
2
4
|
module Drillbit
|
3
5
|
module Authorizers
|
4
6
|
class Scope
|
5
7
|
attr_accessor :token,
|
6
8
|
:user,
|
7
|
-
:scoped_user_id,
|
8
9
|
:params,
|
9
10
|
:scope_root
|
10
11
|
|
11
|
-
|
12
|
-
|
13
|
-
self.
|
14
|
-
self.
|
15
|
-
self.
|
16
|
-
self.scoped_user_id = scoped_user_id
|
17
|
-
self.scope_root = scope_root
|
12
|
+
def initialize(token:, user:, params:, scope_root:, **other)
|
13
|
+
self.token = token
|
14
|
+
self.user = user
|
15
|
+
self.params = params
|
16
|
+
self.scope_root = scope_root
|
18
17
|
|
19
18
|
other.each do |name, value|
|
20
19
|
public_send("#{name}=", value)
|
21
20
|
end
|
22
21
|
end
|
23
|
-
# rubocop:enable Metrics/ParameterLists
|
24
22
|
|
25
|
-
def
|
23
|
+
def user_scope
|
24
|
+
scope_root.public_send("for_#{user_underscored_class_name}", scope_user_id)
|
25
|
+
end
|
26
|
+
|
27
|
+
def public_scope
|
26
28
|
scope_root.none
|
27
29
|
end
|
30
|
+
|
31
|
+
def call
|
32
|
+
if scope_user_id
|
33
|
+
user_scope
|
34
|
+
else
|
35
|
+
public_scope
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
private
|
40
|
+
|
41
|
+
def scope_user_id
|
42
|
+
@scope_user_id ||= params.
|
43
|
+
fetch(:filter, {}).
|
44
|
+
fetch(user_underscored_class_name, nil)
|
45
|
+
end
|
46
|
+
|
47
|
+
def user_underscored_class_name
|
48
|
+
@user_underscored_class_name ||= begin
|
49
|
+
base_user_class_name = user.class.name[/([^:]+)\z/, 1]
|
50
|
+
|
51
|
+
Utilities::String.underscore(base_user_class_name).downcase
|
52
|
+
end
|
53
|
+
end
|
28
54
|
end
|
29
55
|
end
|
30
56
|
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
module Drillbit
|
3
|
+
module Utilities
|
4
|
+
class String
|
5
|
+
def self.underscore(other)
|
6
|
+
word = other.to_s.gsub('::', '/')
|
7
|
+
word.gsub!(/(?:([A-Za-z\d])|^)(?=\b|[^a-z])/) do
|
8
|
+
"#{Regexp.last_match(1)}#{Regexp.last_match(1) && ''}"
|
9
|
+
end
|
10
|
+
word.gsub!(/([A-Z\d]+)([A-Z][a-z])/, '\1_\2')
|
11
|
+
word.gsub!(/([a-z\d])([A-Z])/, '\1_\2')
|
12
|
+
word.tr!('-', '_')
|
13
|
+
word.downcase!
|
14
|
+
word
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
data/lib/drillbit/version.rb
CHANGED
@@ -7,11 +7,10 @@ module Drillbit
|
|
7
7
|
module Authorizers
|
8
8
|
describe Scope do
|
9
9
|
it 'defaults to nothing' do
|
10
|
-
scope = Scope.new(token:
|
11
|
-
user:
|
12
|
-
|
13
|
-
|
14
|
-
scope_root: OpenStruct.new(none: []))
|
10
|
+
scope = Scope.new(token: '123',
|
11
|
+
user: Object.new,
|
12
|
+
params: {},
|
13
|
+
scope_root: OpenStruct.new(none: []))
|
15
14
|
|
16
15
|
expect(scope.call).to be_empty
|
17
16
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: drillbit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0
|
4
|
+
version: 2.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- thegranddesign
|
@@ -31,7 +31,7 @@ cert_chain:
|
|
31
31
|
zRIv8lqQM8QFT76rzP5SBCERwN+ltKAFbQ5/FwmZNGWYnmCP3RZMQiRnbh+9H9lh
|
32
32
|
mlbwaYZTjgsXq6cy8N38EecewgBbZYS1IYJraE/M
|
33
33
|
-----END CERTIFICATE-----
|
34
|
-
date: 2016-06-
|
34
|
+
date: 2016-06-07 00:00:00.000000000 Z
|
35
35
|
dependencies:
|
36
36
|
- !ruby/object:Gem::Dependency
|
37
37
|
name: erratum
|
@@ -174,6 +174,7 @@ files:
|
|
174
174
|
- lib/drillbit/tokens/json_web_tokens/null.rb
|
175
175
|
- lib/drillbit/tokens/json_web_tokens/password_reset.rb
|
176
176
|
- lib/drillbit/tokens/null.rb
|
177
|
+
- lib/drillbit/utilities/string.rb
|
177
178
|
- lib/drillbit/version.rb
|
178
179
|
- spec/drillbit/accept_header_spec.rb
|
179
180
|
- spec/drillbit/authorizers/parameters/filtering_spec.rb
|
@@ -208,10 +209,11 @@ files:
|
|
208
209
|
- spec/fixtures/test_rsa_key.pub
|
209
210
|
- spec/spec_helper.rb
|
210
211
|
- spec/support/private_keys.rb
|
211
|
-
homepage:
|
212
|
+
homepage: ''
|
212
213
|
licenses:
|
213
214
|
- MIT
|
214
|
-
metadata:
|
215
|
+
metadata:
|
216
|
+
allowed_push_host: https://rubygems.org
|
215
217
|
post_install_message:
|
216
218
|
rdoc_options: []
|
217
219
|
require_paths:
|
metadata.gz.sig
CHANGED
Binary file
|