egov_utils 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (80) hide show
  1. checksums.yaml +7 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.md +28 -0
  4. data/Rakefile +26 -0
  5. data/app/assets/config/egov_utils_manifest.js +2 -0
  6. data/app/assets/javascripts/egov_utils/application.js +23 -0
  7. data/app/assets/javascripts/egov_utils/eGovUtilities.coffee.erb +70 -0
  8. data/app/assets/javascripts/egov_utils/groups.js +2 -0
  9. data/app/assets/javascripts/egov_utils/roles.coffee.erb +56 -0
  10. data/app/assets/javascripts/egov_utils/setup_locale.coffee.erb +2 -0
  11. data/app/assets/javascripts/egov_utils/users.js +2 -0
  12. data/app/assets/stylesheets/egov_utils/application.scss +15 -0
  13. data/app/assets/stylesheets/egov_utils/groups.css +4 -0
  14. data/app/assets/stylesheets/egov_utils/roles.css +4 -0
  15. data/app/assets/stylesheets/egov_utils/users.css +4 -0
  16. data/app/attributes/egov_utils/district.rb +13 -0
  17. data/app/attributes/egov_utils/full_address.rb +17 -0
  18. data/app/attributes/egov_utils/region.rb +13 -0
  19. data/app/controllers/egov_utils/addresses_controller.rb +34 -0
  20. data/app/controllers/egov_utils/application_controller.rb +7 -0
  21. data/app/controllers/egov_utils/groups_controller.rb +27 -0
  22. data/app/controllers/egov_utils/roles_controller.rb +28 -0
  23. data/app/controllers/egov_utils/sessions_controller.rb +83 -0
  24. data/app/controllers/egov_utils/users_controller.rb +64 -0
  25. data/app/helpers/egov_utils/application_helper.rb +4 -0
  26. data/app/helpers/egov_utils/grid_helper.rb +40 -0
  27. data/app/helpers/egov_utils/groups_helper.rb +4 -0
  28. data/app/helpers/egov_utils/roles_helper.rb +4 -0
  29. data/app/helpers/egov_utils/users_helper.rb +4 -0
  30. data/app/jobs/egov_utils/application_job.rb +4 -0
  31. data/app/mailers/egov_utils/application_mailer.rb +6 -0
  32. data/app/models/ability.rb +17 -0
  33. data/app/models/egov_utils/address.rb +79 -0
  34. data/app/models/egov_utils/application_record.rb +5 -0
  35. data/app/models/egov_utils/audit_detail.rb_bac +28 -0
  36. data/app/models/egov_utils/audit_record.rb_bac +98 -0
  37. data/app/models/egov_utils/group.rb +26 -0
  38. data/app/models/egov_utils/person.rb +9 -0
  39. data/app/models/egov_utils/principal.rb +20 -0
  40. data/app/models/egov_utils/user.rb +108 -0
  41. data/app/schemas/egov_utils/address_schema.rb +30 -0
  42. data/app/validators/email_validator.rb +8 -0
  43. data/app/validators/ico_validator.rb +7 -0
  44. data/app/views/common/_grid.html.coffee +130 -0
  45. data/app/views/common/_modal.html.haml +11 -0
  46. data/app/views/egov_utils/addresses/_form.html.haml +51 -0
  47. data/app/views/egov_utils/people/_form.html.haml +3 -0
  48. data/app/views/egov_utils/roles/index.html.haml +29 -0
  49. data/app/views/egov_utils/sessions/new.html.haml +5 -0
  50. data/app/views/egov_utils/users/_form.html.haml +6 -0
  51. data/app/views/egov_utils/users/index.html.haml +62 -0
  52. data/app/views/egov_utils/users/new.html.haml +3 -0
  53. data/app/views/egov_utils/users/show.html.haml +1 -0
  54. data/app/views/errors/error_403.html.haml +1 -0
  55. data/app/views/layouts/egov_utils/_messages.html.haml +7 -0
  56. data/app/views/layouts/egov_utils/application.html.erb +14 -0
  57. data/config/kraj.csv +16 -0
  58. data/config/locales/cs.yml +80 -0
  59. data/config/okres.csv +79 -0
  60. data/config/routes.rb +21 -0
  61. data/db/migrate/20170313100505_create_egov_utils_addresses.rb +18 -0
  62. data/db/migrate/20170315134217_create_egov_utils_users.rb +16 -0
  63. data/db/migrate/20170513115712_create_egov_utils_audit_records.rb_bac +11 -0
  64. data/db/migrate/20170513120006_create_egov_utils_audit_details.rb_bac +13 -0
  65. data/db/migrate/20170630150633_add_provider_to_user.rb +5 -0
  66. data/db/migrate/20170801154511_install_audited.rb +30 -0
  67. data/db/migrate/20170809150646_create_egov_utils_people.rb +12 -0
  68. data/db/migrate/20170824111701_create_egov_utils_groups.rb +12 -0
  69. data/lib/bootstrap_form/datetimepicker.rb +17 -0
  70. data/lib/bootstrap_form/helpers/bootstrap4.rb +12 -0
  71. data/lib/egov_utils/auth_source.rb +326 -0
  72. data/lib/egov_utils/engine.rb +84 -0
  73. data/lib/egov_utils/has_audit_trail.rb +68 -0
  74. data/lib/egov_utils/user_utils/application_controller_patch.rb +92 -0
  75. data/lib/egov_utils/user_utils/role.rb +26 -0
  76. data/lib/egov_utils/version.rb +3 -0
  77. data/lib/egov_utils.rb +5 -0
  78. data/lib/grid/shield_grid.rb +9 -0
  79. data/lib/tasks/egov_utils_tasks.rake +4 -0
  80. metadata +306 -0
@@ -0,0 +1,326 @@
1
+ require 'net-ldap'
2
+
3
+ module EgovUtils
4
+
5
+ class AuthSourceException < Exception; end
6
+ class AuthSourceTimeoutException < AuthSourceException; end
7
+
8
+ class AuthSource
9
+
10
+ NETWORK_EXCEPTIONS = [
11
+ Net::LDAP::LdapError,
12
+ Errno::ECONNABORTED, Errno::ECONNREFUSED, Errno::ECONNRESET,
13
+ Errno::EHOSTDOWN, Errno::EHOSTUNREACH,
14
+ SocketError
15
+ ]
16
+
17
+ def self.config
18
+ YAML.load_file(Rails.root.join('config', 'config.yml'))['ldap']
19
+ end
20
+
21
+ def self.providers
22
+ config.keys
23
+ end
24
+
25
+ def self.authenticate(login, password)
26
+ providers.collect{|p| AuthSource.new(p).authenticate(login, password) }.compact.first
27
+ end
28
+
29
+ def self.kerberos_providers
30
+ config.select{|provider, config| config['kerberos']}.keys
31
+ end
32
+
33
+ def self.find_kerberos_user(login)
34
+ kerberos_providers.collect{|p| AuthSource.new(p).get_kerberos_user_dn(login) }.compact.first
35
+ end
36
+
37
+ attr_accessor :provider
38
+
39
+ def initialize(provider)
40
+ require 'net-ldap'
41
+ @provider = provider
42
+ raise "EgovUtils::AuthSource#initialize - Non existing provider (#{provider.to_s})" unless self.class.providers.include?(provider)
43
+ end
44
+
45
+ def options
46
+ @options ||= self.class.config[provider].dup
47
+ end
48
+
49
+ def host
50
+ options['host']
51
+ end
52
+
53
+ def port
54
+ options['port']
55
+ end
56
+
57
+ def encryption
58
+ case options['method'].to_s
59
+ when 'ssl'
60
+ :simple_tls
61
+ when 'tls'
62
+ :start_tls
63
+ else
64
+ nil
65
+ end
66
+ end
67
+
68
+ def authenticate(login, password)
69
+ return nil if login.blank? || password.blank?
70
+
71
+ with_timeout do
72
+ attrs = get_user_dn(login, password)
73
+ if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
74
+ Rails.logger.debug "Authentication successful for '#{login}'" if Rails.logger && Rails.logger.debug?
75
+ return attrs.except(:dn)
76
+ end
77
+ end
78
+ rescue *NETWORK_EXCEPTIONS => e
79
+ raise AuthSourceException.new(e.message)
80
+ end
81
+
82
+ def get_kerberos_user_dn(login)
83
+ return nil if login.blank?
84
+
85
+ with_timeout do
86
+ search_user_dn(login)
87
+ end
88
+ rescue *NETWORK_EXCEPTIONS => e
89
+ raise AuthSourceException.new(e.message)
90
+ end
91
+
92
+ def base_user_filter
93
+ Net::LDAP::Filter.eq("objectClass", "user") & Net::LDAP::Filter.eq("objectCategory", "person")
94
+ end
95
+
96
+ def base_group_filter
97
+ options['active_directory'] ? Net::LDAP::Filter.eq("objectClass", "group") : Net::LDAP::Filter.eq('objectClass', 'groupOfNames')
98
+ end
99
+
100
+ # Check if a DN (user record) authenticates with the password
101
+ def authenticate_dn(dn, password)
102
+ if dn.present? && password.present?
103
+ initialize_ldap_con(dn, password).bind
104
+ end
105
+ end
106
+
107
+ # Searches the source for users and returns an array of results
108
+ def search_user(q, by_login=false)
109
+ q = q.to_s.strip
110
+ return [] unless q.present?
111
+
112
+ results = []
113
+ search_filter = base_user_filter & user_search_filters(q)
114
+ ldap_con = initialize_ldap_con(options['bind_dn'], options['password'])
115
+ ldap_con.search(:base => options['base'],
116
+ :filter => search_filter,
117
+ :attributes => user_search_attributes,
118
+ :size => 10) do |entry|
119
+ attrs = get_user_attributes_from_ldap_entry(entry)
120
+ if attrs
121
+ attrs[:login] = get_attr(entry, options['attributes']['username'])
122
+ results << attrs
123
+ end
124
+ end
125
+ results
126
+ rescue *NETWORK_EXCEPTIONS => e
127
+ raise AuthSourceException.new(e.message)
128
+ end
129
+
130
+ def search_group(q, by_login=false)
131
+ q = q.to_s.strip
132
+ return [] unless q.present?
133
+
134
+ results = []
135
+ search_filter = base_group_filter & group_search_filters(q)
136
+ ldap_con = initialize_ldap_con(options['bind_dn'], options['password'])
137
+ ldap_con.search(:base => options['base'],
138
+ :filter => search_filter,
139
+ :attributes => group_search_attributes,
140
+ :size => 10) do |entry|
141
+ attrs = get_group_attributes_from_ldap_entry(entry)
142
+ results << attrs if attrs
143
+ end
144
+ results
145
+ rescue *NETWORK_EXCEPTIONS => e
146
+ raise AuthSourceException.new(e.message)
147
+ end
148
+
149
+ def group_members(group_sid)
150
+ ldap_con = initialize_ldap_con(options['bind_dn'], options['password'])
151
+ group_dn = nil
152
+ ldap_con.search(base: options['base'],
153
+ filter: base_group_filter & Net::LDAP::Filter.eq('objectSID', group_sid),
154
+ attributes: ['dn']) do |entry|
155
+ group_dn = get_attr(entry, 'dn')
156
+ end
157
+ results = []
158
+ if group_dn
159
+ ldap_con.search(base: options['base'],
160
+ filter: base_user_filter & Net::LDAP::Filter.ex('memberOf:1.2.840.113556.1.4.1941', group_dn),
161
+ attributes: user_search_attributes) do |entry|
162
+ attrs = get_user_attributes_from_ldap_entry(entry)
163
+ if attrs
164
+ attrs[:login] = get_attr(entry, options['attributes']['username'])
165
+ results << attrs
166
+ end
167
+ end
168
+ end
169
+ results
170
+ end
171
+
172
+ private
173
+ def with_timeout(&block)
174
+ timeout = 20
175
+ Timeout.timeout(timeout) do
176
+ return yield
177
+ end
178
+ rescue Timeout::Error => e
179
+ raise AuthSourceTimeoutException.new(e.message)
180
+ end
181
+
182
+ def initialize_ldap_con(ldap_user, ldap_password)
183
+ options = { :host => self.host,
184
+ :port => self.port,
185
+ :encryption => encryption
186
+ }
187
+ unless ldap_user.blank? && ldap_password.blank?
188
+ options.merge!(:auth => { :method => :simple, :username => ldap_user, :password => ldap_password })
189
+ else
190
+ options.merge!(:auth => { :method => :anonymous })
191
+ end
192
+ Net::LDAP.new options
193
+ end
194
+
195
+ def onthefly_register?
196
+ !!options['onthefly_register']
197
+ end
198
+
199
+ def register_members_only?
200
+ options['onthefly_register'] == 'members'
201
+ end
202
+
203
+ def get_user_attributes_from_ldap_entry(entry)
204
+ {
205
+ :dn => entry.dn,
206
+ :login => get_attr(entry, options['attributes']['username']),
207
+ :firstname => get_attr(entry, options['attributes']['first_name']),
208
+ :lastname => get_attr(entry, options['attributes']['last_name']),
209
+ :mail => get_attr(entry, options['attributes']['email']),
210
+ :provider => provider
211
+ }
212
+ end
213
+
214
+ def get_group_attributes_from_ldap_entry(entry)
215
+ {
216
+ :dn => entry.dn,
217
+ :name => get_attr(entry, 'cn'),
218
+ :provider => provider,
219
+ :ldap_uid => get_sid_string( get_attr(entry, 'objectSID') )
220
+ }
221
+ end
222
+
223
+ # Return the attributes needed for the LDAP search. It will only
224
+ # include the user attributes if on-the-fly registration is enabled
225
+ def user_search_attributes
226
+ ['dn'] + options['attributes']['username'] + options['attributes']['email'] + [options['attributes']['name'], options['attributes']['first_name'], options['attributes']['last_name']]
227
+ end
228
+ def login_attributes
229
+ if onthefly_register?
230
+ user_search_attributes
231
+ else
232
+ ['dn']
233
+ end
234
+ end
235
+
236
+ def group_search_attributes
237
+ ['dn', 'cn', 'objectSID']
238
+ end
239
+
240
+ def get_user_dn(login, password=nil)
241
+ ldap_con = nil
242
+ if options['bind_dn'].include?("$login")
243
+ ldap_con = initialize_ldap_con(options['bind_dn'].sub("$login", Net::LDAP::DN.escape(login)), password)
244
+ else
245
+ ldap_con = initialize_ldap_con(options['bind_dn'], options['password'])
246
+ end
247
+ attrs = nil
248
+ search_filter = base_user_filter & login_filters(login)
249
+ ldap_con.search( :base => options['base'],
250
+ :filter => search_filter,
251
+ :attributes=> user_search_attributes) do |entry|
252
+ if onthefly_register?
253
+ attrs = get_user_attributes_from_ldap_entry(entry)
254
+ else
255
+ attrs = {:dn => entry.dn}
256
+ end
257
+ Rails.logger.debug "DN found for #{login}: #{attrs[:dn]}" if Rails.logger && Rails.logger.debug?
258
+ end
259
+ attrs
260
+ end
261
+
262
+ def search_user_dn(login, password=nil)
263
+ ldap_con = nil
264
+ if options['bind_dn'].include?("$login")
265
+ ldap_con = initialize_ldap_con(options['bind_dn'].sub("$login", Net::LDAP::DN.escape(login)), password)
266
+ else
267
+ ldap_con = initialize_ldap_con(options['bind_dn'], options['password'])
268
+ end
269
+ attrs = nil
270
+ search_filter = login_search_filters(login) #base_filter & Net::LDAP::Filter.eq(self.attr_login, login)
271
+ ldap_con.search( :base => options['base'],
272
+ :filter => search_filter,
273
+ :attributes=> user_search_attributes) do |entry|
274
+ attrs ||= get_user_attributes_from_ldap_entry(entry)
275
+ Rails.logger.debug "DN found for #{login}: #{attrs[:dn]}" if Rails.logger && Rails.logger.debug?
276
+ end
277
+ attrs
278
+ end
279
+
280
+ def login_filters(login)
281
+ filters = options['attributes']['username'].collect{|un| Net::LDAP::Filter.eq(un, login)}
282
+ filters[1..-1].inject(filters.first){|filter, lf| filter | lf }
283
+ end
284
+
285
+ def login_search_filters(q)
286
+ filters = options['attributes']['username'].collect{|un| Net::LDAP::Filter.begins(un, q)}
287
+ filters[1..-1].inject(filters.first){|filter, lf| filter | lf }
288
+ end
289
+
290
+ def user_search_filters(q)
291
+ Net::LDAP::Filter.begins(options['attributes']['name'], q) |
292
+ Net::LDAP::Filter.begins(options['attributes']['first_name'], q) |
293
+ Net::LDAP::Filter.begins(options['attributes']['last_name'], q) |
294
+ Net::LDAP::Filter.begins(options['attributes']['username'].first, q) |
295
+ Net::LDAP::Filter.begins(options['attributes']['email'].first, q)
296
+ end
297
+
298
+ def group_search_filters(q)
299
+ Net::LDAP::Filter.begins('cn', q)
300
+ end
301
+
302
+ def get_attr(entry, attr_name)
303
+ if attr_name.is_a? Array
304
+ attr_name.collect{|an| get_attr(entry, an).presence }.compact.first.to_s
305
+ elsif !attr_name.blank?
306
+ value = entry[attr_name].is_a?(Array) ? entry[attr_name].first : entry[attr_name]
307
+ value.to_s.force_encoding('UTF-8')
308
+ end
309
+ end
310
+
311
+ # converts hex representation of SID returned by AD to its string representation
312
+ def get_sid_string(data)
313
+ return if data.nil?
314
+ sid = data.unpack('b x nN V*')
315
+ sid[1, 2] = Array[nil, b48_to_fixnum(sid[1], sid[2])]
316
+ 'S-' + sid.compact.join('-')
317
+ end
318
+
319
+ B32 = 2**32
320
+
321
+ def b48_to_fixnum(i16, i32)
322
+ i32 + (i16 * B32)
323
+ end
324
+
325
+ end
326
+ end
@@ -0,0 +1,84 @@
1
+ require 'i18n-js'
2
+ require 'cancancan'
3
+ require 'audited'
4
+
5
+ module EgovUtils
6
+ class Engine < ::Rails::Engine
7
+ isolate_namespace EgovUtils
8
+
9
+ config.generators do |g|
10
+ g.test_framework :rspec
11
+ g.fixture_replacement :factory_girl, :dir => 'spec/factories'
12
+ end
13
+
14
+ initializer :append_migrations do |app|
15
+ unless app.root.to_s.match root.to_s
16
+ config.paths["db/migrate"].expanded.each do |expanded_path|
17
+ app.config.paths["db/migrate"] << expanded_path
18
+ end
19
+ end
20
+ end
21
+
22
+ initializer 'egov_utils.set_locales' do
23
+ config.middleware.use I18n::JS::Middleware
24
+ end
25
+
26
+ initializer 'egov_utils.grid_setup' do
27
+ require 'grid/shield_grid'
28
+ ActiveSupport::Reloader.to_prepare do
29
+ AzaharaSchema::Outputs.register(Grid::ShieldGrid)
30
+ end
31
+ ActiveSupport.on_load(:action_controller) do
32
+ ::ActionController::Base.helper EgovUtils::GridHelper
33
+ end
34
+ end
35
+
36
+ # initializer "active_record.include_plugins" do
37
+ # ActiveSupport.on_load(:active_record) do
38
+ # require 'egov_utils/has_audit_trail'
39
+ # include EgovUtils::HasAuditTrail
40
+ # end
41
+ # end
42
+
43
+ initializer 'egov_utils.user_setup' do
44
+ require 'egov_utils/user_utils/role'
45
+ require_dependency 'ability'
46
+ ActiveSupport.on_load(:action_controller) do
47
+ require 'egov_utils/user_utils/application_controller_patch'
48
+ ::ActionController::Base.include EgovUtils::UserUtils::ApplicationControllerPatch
49
+ end
50
+ # require 'omniauth'
51
+ # require 'omniauth-kerberos'
52
+ # Rails.application.config.middleware.use OmniAuth::Builder do
53
+ # provider :kerberos
54
+ # end
55
+ end
56
+
57
+ initializer 'egov_utils.bootstrap_form' do
58
+ require 'bootstrap_form'
59
+
60
+ require 'bootstrap_form/helpers/bootstrap4'
61
+ require 'bootstrap_form/datetimepicker'
62
+ BootstrapForm::Helpers::Bootstrap.__send__(:prepend, BootstrapForm::Helpers::Bootstrap4)
63
+
64
+ BootstrapForm::DATE_FORMAT = 'DD/MM/YYYY'
65
+ ruby_format_string = BootstrapForm::DATE_FORMAT.gsub('YYYY', "%Y").gsub('MM', "%m").gsub('DD', "%d")
66
+
67
+ BootstrapForm::FormBuilder.__send__(:prepend, BootstrapForm::Datetimepicker)
68
+
69
+
70
+ ActionView::Helpers::Tags::DateField.redefine_method(:format_date) do |value|
71
+ value.try(:strftime, ruby_format_string)
72
+ end
73
+
74
+ ActionView::Helpers::Tags::DatetimeLocalField.redefine_method(:format_date) do |value|
75
+ value.try(:strftime, ruby_format_string+"T%T")
76
+ end
77
+ end
78
+
79
+ # config.after_initialize do
80
+ # Rails.application.reload_routes!
81
+ # OmniAuth.config.path_prefix = "#{Rails.application.routes.named_routes[:egov_utils].path.spec.to_s}/auth"
82
+ # end
83
+ end
84
+ end
@@ -0,0 +1,68 @@
1
+ module EgovUtils
2
+ module HasAuditTrail
3
+
4
+ def self.included(base)
5
+ base.extend(ClassMethods)
6
+ end
7
+
8
+ module ClassMethods
9
+
10
+ def has_audit_trail(options = {})
11
+ return if self.included_modules.include?(EgovUtils::HasAuditTrail::AuditTrailMethods)
12
+
13
+ default_options = {
14
+ :non_audited_columns => %w(id updated_at created_at lft rgt lock_version),
15
+ :important_columns => [],
16
+ :format_detail_date_columns => [],
17
+ :format_detail_time_columns => [],
18
+ :format_detail_reflection_columns => [],
19
+ :format_detail_boolean_columns => [],
20
+ :format_detail_hours_columns => []
21
+ }
22
+
23
+ cattr_accessor :audit_trail_options
24
+ self.audit_trail_options = default_options.dup
25
+
26
+ options.each do |k,v|
27
+ self.audit_trail_options[k] = Array(self.audit_trail_options[k]) | v
28
+ end
29
+
30
+ send :include, EgovUtils::HasAuditTrail::AuditTrailMethods
31
+ end
32
+
33
+ end
34
+
35
+ module AuditTrailMethods
36
+
37
+ def self.included(base)
38
+ base.class_eval do
39
+
40
+ has_many :audit_records, :as => :audited, :dependent => :destroy, :inverse_of => :audited
41
+
42
+ end
43
+ end
44
+
45
+ def clear_current_journal
46
+ @current_record = nil
47
+ end
48
+
49
+ def init_audit_record(user, notes = '')
50
+ @current_record ||= AuditRecord.new(:audited => self, :user => user, :notes => notes)
51
+ end
52
+
53
+ # Returns the names of attributes that are journalized when updating the issue
54
+ def journalized_attribute_names
55
+ self.class.column_names - self.audit_trail_options[:non_audited_columns]
56
+ end
57
+
58
+ private
59
+
60
+ def create_audit_record
61
+ if @current_record
62
+ @current_record.save
63
+ end
64
+ end
65
+
66
+ end
67
+ end
68
+ end
@@ -0,0 +1,92 @@
1
+ module EgovUtils
2
+ module UserUtils
3
+ module ApplicationControllerPatch
4
+
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+
9
+ before_action :user_setup, :set_locale
10
+
11
+ rescue_from CanCan::AccessDenied do |exception|
12
+ respond_to do |format|
13
+ format.json { head :forbidden, content_type: 'text/html' }
14
+ format.html { render template: "errors/error_403", error: exception.message }
15
+ format.js { head :forbidden, content_type: 'text/html' }
16
+ end
17
+ end
18
+
19
+ helper_method :current_user, :internal_network?
20
+
21
+ end
22
+
23
+ def internal_network?
24
+ request.host.ends_with? 'servis.justice.cz'
25
+ end
26
+
27
+ def current_user
28
+ User.current || user_setup
29
+ end
30
+
31
+ def user_setup
32
+ # Find the current user
33
+ User.current = find_current_user || find_kerberos_user || User.anonymous
34
+ logger.info(" Current user: " + (User.current.logged? ? "#{User.current.login} (id=#{User.current.id})" : "anonymous")) if logger
35
+ User.current
36
+ end
37
+
38
+ def redirect_back(fallback_location:, **args)
39
+ if params[:back_url]
40
+ redirect_to URI.parse(params[:back_url])
41
+ else
42
+ super
43
+ end
44
+ end
45
+
46
+ protected
47
+ def find_current_user
48
+ # existing session
49
+ find_session_user if session[:user_id]
50
+ end
51
+
52
+ def find_kerberos_user
53
+ return nil unless internal_network? && EgovUtils::AuthSource.kerberos_providers.any? && request.env['HTTP_REMOTE_USER'].present?
54
+ username = request.env['HTTP_REMOTE_USER'].split('@')[0]
55
+ logger.info(" Trying kerberos: #{username}") if logger
56
+ attrs = EgovUtils::AuthSource.find_kerberos_user(username)
57
+ if attrs
58
+ logger.info(" Found kerberos user: #{attrs[:login]}") if logger
59
+ User.active.find_by(login: attrs[:login])
60
+ end
61
+ end
62
+
63
+
64
+ def find_session_user
65
+ User.active.find(session[:user_id])
66
+ rescue ActiveRecord::RecordNotFound => e
67
+ nil
68
+ end
69
+
70
+ # Sets the logged in user
71
+ def logged_user=(user)
72
+ reset_session
73
+ if user && user.is_a?(EgovUtils::User)
74
+ User.current = user
75
+ start_user_session(user)
76
+ else
77
+ User.current = User.anonymous
78
+ end
79
+ end
80
+
81
+ def start_user_session(user)
82
+ session[:user_id] = user.id
83
+ end
84
+
85
+ private
86
+ def set_locale
87
+ I18n.default_locale = :cs
88
+ end
89
+
90
+ end
91
+ end
92
+ end
@@ -0,0 +1,26 @@
1
+ module EgovUtils
2
+ module UserUtils
3
+ class Role
4
+
5
+ class_attribute :role_name
6
+ self.role_name = nil
7
+
8
+ def self.roles
9
+ @@roles ||= {}
10
+ end
11
+
12
+ def self.find(name)
13
+ roles[name]
14
+ end
15
+
16
+ def self.add(name)
17
+ roles[name] = self
18
+ self.role_name = name
19
+ end
20
+
21
+ def define_abilities(ability)
22
+ end
23
+
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,3 @@
1
+ module EgovUtils
2
+ VERSION = '0.1.0'
3
+ end
data/lib/egov_utils.rb ADDED
@@ -0,0 +1,5 @@
1
+ require "egov_utils/engine"
2
+
3
+ module EgovUtils
4
+ # Your code goes here...
5
+ end
@@ -0,0 +1,9 @@
1
+ module Grid
2
+ class ShieldGrid < AzaharaSchema::Output
3
+
4
+ def self.key
5
+ 'grid'
6
+ end
7
+
8
+ end
9
+ end
@@ -0,0 +1,4 @@
1
+ # desc "Explaining what the task does"
2
+ # task :egov_utils do
3
+ # # Task goes here
4
+ # end