esp-auth 1.3.7 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -30,7 +30,7 @@ $(function(){
30
30
  $('#permission_user_search').autocomplete({
31
31
  source: function( request, response ) {
32
32
  $.ajax({
33
- url: '/auth/users/search?term='+$('#permission_user_search').val(),
33
+ url: '/esp-auth/users/search?term='+$('#permission_user_search').val(),
34
34
  dataType: "json",
35
35
  data: request.term,
36
36
  success: function(data) {
@@ -1,7 +1,8 @@
1
1
  class EspAuth::AuditsController < ApplicationController
2
2
  inherit_resources
3
- before_filter :authenticate_user!
4
- before_filter :authorize_user_can_view_audits!
3
+ sso_authenticate_and_authorize
4
+
5
+ before_filter :authorize_manage_audits!
5
6
 
6
7
  defaults :resource_class => Audited::Adapters::ActiveRecord::Audit
7
8
 
@@ -10,11 +11,12 @@ class EspAuth::AuditsController < ApplicationController
10
11
  layout 'esp_auth/application'
11
12
 
12
13
  protected
13
- def authorize_user_can_view_audits!
14
- render :file => "#{Rails.root}/public/403", :formats => [:html], :status => 403, :layout => false unless can?(:manage, :audits)
15
- end
16
14
 
17
- def end_of_association_chain
18
- apply_scopes(resource_class.unscoped.order('id desc')).per(20)
19
- end
15
+ def authorize_manage_audits!
16
+ authorize!(:manage, :audits)
17
+ end
18
+
19
+ def end_of_association_chain
20
+ apply_scopes(resource_class.unscoped.order('id desc')).per(20)
21
+ end
20
22
  end
@@ -11,15 +11,16 @@ class EspAuth::UsersController < EspAuth::ApplicationController
11
11
  end
12
12
 
13
13
  protected
14
- def collection
15
- get_collection_ivar || set_collection_ivar(search_and_paginate_collection)
16
- end
17
14
 
18
- def search_and_paginate_collection
19
- search_object = searcher_for(resource_instance_name)
20
- search_object.permissions_count_gt = 1
21
- search_object.pagination = {:page => params[:page], :per_page => 10}
22
- search_object.order_by = 'uid' if search_object.term.blank?
23
- search_object.results
24
- end
15
+ def collection
16
+ get_collection_ivar || set_collection_ivar(search_and_paginate_collection)
17
+ end
18
+
19
+ def search_and_paginate_collection
20
+ search_object = searcher_for(resource_instance_name)
21
+ search_object.permissions_count_gt = 1
22
+ search_object.pagination = {:page => params[:page], :per_page => 10}
23
+ search_object.order_by = 'uid' if search_object.term.blank?
24
+ search_object.results
25
+ end
25
26
  end
@@ -2,6 +2,8 @@ class UserSearch < Search
2
2
  column :order_by, :string
3
3
  column :term, :text
4
4
  column :permissions_count_gt, :integer
5
+
6
+ attr_accessible :term
5
7
  end
6
8
 
7
9
  # == Schema Information
@@ -12,7 +12,7 @@
12
12
  <%= polymorphic_context_tree_for form %>
13
13
  <%= form.input :role, :as => :select, :collection => Permission.human_enums[:role].invert, :include_blank => t('commons.not_selected') %>
14
14
  <% end %>
15
- <%= form.buttons :class => 'button-group' do %>
15
+ <%= form.actions :class => 'button-group' do %>
16
16
  <li><%= button_tag t('permissions.create'), :class => 'button icon approve' %></li>
17
17
  <li><%= link_to t('permissions.cancel'), esp_auth.users_path, :class => 'button icon arrowleft' %></li>
18
18
  <% end %>
@@ -20,7 +20,7 @@
20
20
  </div>
21
21
  <div class='auth'>
22
22
  <span class='current_user'><%= current_user %></span>
23
- <%= link_to('Выход', esp_auth.destroy_user_session_path) %>
23
+ <%= link_to('Выход', '/sign_out') %>
24
24
  </div>
25
25
  <% else %>
26
26
  <div class='auth'>
@@ -2,7 +2,7 @@
2
2
  <%= form.inputs do %>
3
3
  <%= form.input :term, :as => :string, :label => false %>
4
4
  <% end %>
5
- <%= form.buttons do %>
5
+ <%= form.actions do %>
6
6
  <li><%= button_tag t('permissions.search'), :class => 'button icon search' %></li>
7
7
  <% end %>
8
8
  <% end %>
data/config/routes.rb CHANGED
@@ -9,19 +9,10 @@ EspAuth::Engine.routes.draw do
9
9
 
10
10
  match '/users/search' => "users#search"
11
11
 
12
- get 'sign_out' => 'sessions#destroy', :as => :destroy_user_session
13
-
14
12
  root :to => 'users#index'
15
13
  end
16
14
 
17
15
  Rails.application.routes.draw do
18
- devise_for :users, :path => 'auth', controllers: {omniauth_callbacks:'esp_auth/omniauth_callbacks'}, :skip => [:sessions]
19
-
20
- devise_scope :users do
21
- get 'sign_in' => redirect('/auth/auth/identity'), :as => :new_user_session
22
- end
23
-
24
- mount EspAuth::Engine => '/auth'
25
-
16
+ mount EspAuth::Engine => '/esp-auth'
26
17
  end rescue NameError
27
18
 
data/lib/esp-auth.rb CHANGED
@@ -13,6 +13,7 @@ require 'has_searcher'
13
13
  require 'inherited_resources'
14
14
  require 'kaminari'
15
15
  require 'sunspot_rails'
16
+ require 'sso-auth'
16
17
 
17
18
  module EspAuth
18
19
  end
@@ -1,42 +1,17 @@
1
1
  module EspAuth
2
- class Engine < Rails::Engine
2
+ class Engine < ::Rails::Engine
3
3
  isolate_namespace EspAuth
4
4
 
5
- config.after_initialize do
6
- begin
7
- Settings.resolve!
8
- rescue => e
9
- puts "WARNING! #{e.message}"
10
- end
11
- end
12
-
13
- initializer "sso_client.devise", :before => 'devise.omniauth' do |app|
14
- require File.expand_path("../../../lib/omniauth/strategies/identity", __FILE__)
15
- Devise.setup do |config|
16
- config.omniauth :identity, Settings['sso.key'], Settings['sso.secret'], :client_options => {:site => Settings['sso.url']}
17
- end
18
- end
19
-
20
5
  config.to_prepare do
21
6
  ActionController::Base.class_eval do
22
7
  helper_method :polymorphic_context_tree_for
23
8
 
24
- def self.esp_load_and_authorize_resource
25
- before_filter :authenticate_user!
26
- before_filter :authorize_user_can_manage_application!
9
+ define_singleton_method :esp_load_and_authorize_resource do
27
10
  inherit_resources
28
- load_and_authorize_resource
29
- skip_load_and_authorize_resource :only => :index
30
- rescue_from CanCan::AccessDenied do |exception|
31
- render :file => "#{Rails.root}/public/403", :formats => [:html], :status => 403, :layout => false
32
- end
11
+ sso_load_and_authorize_resource
33
12
  end
34
13
 
35
14
  protected
36
- def authorize_user_can_manage_application!
37
- authorize! :manage, :application
38
- end
39
-
40
15
  def polymorphic_context_tree_for(form)
41
16
  form.input :polymorphic_context, :as => :select,
42
17
  :collection => current_user.context_tree,
@@ -50,15 +25,10 @@ module EspAuth
50
25
  end
51
26
  ActiveRecord::Base.class_eval do
52
27
  def self.esp_auth_user
28
+ sso_auth_user
53
29
 
54
30
  attr_accessible :name, :email, :nickname, :name, :first_name, :last_name, :location, :description, :image, :phone, :urls, :raw_info, :uid
55
31
 
56
- has_many :permissions
57
-
58
- default_value_for :sign_in_count, 0
59
-
60
- devise :omniauthable, :trackable, :timeoutable
61
-
62
32
  validates_presence_of :uid
63
33
 
64
34
  searchable do
@@ -67,11 +37,16 @@ module EspAuth
67
37
  integer :permissions_count do permissions.count end
68
38
  end
69
39
 
70
- Permission.enums[:role].each do | role |
40
+ Permission.available_roles.each do | role |
41
+ undef_method "#{role}_of?", "#{role}?"
42
+
71
43
  define_method "#{role}_of?" do |context|
72
- permissions.for_role(role).for_context_and_ancestors(context).exists?
44
+ puts ">>> in #{role}_of?(#{context.inspect}) <<<"
45
+ p permissions.for_role(role).for_context_and_ancestors(context).exists?
73
46
  end
47
+
74
48
  define_method "#{role}?" do
49
+ puts ">>> in #{role}? <<<"
75
50
  permissions.for_role(role).exists?
76
51
  end
77
52
  end
@@ -82,29 +57,30 @@ module EspAuth
82
57
 
83
58
  alias_method :have_roles?, :have_permissions?
84
59
 
60
+
85
61
  define_method :contexts do
86
62
  permissions.map(&:context).uniq
87
63
  end
88
64
 
89
65
  define_method :context_tree do
90
- instance_variable_get(:@context_tree) || instance_variable_set(:@context_tree, contexts
91
- .flat_map{|c| c.respond_to?(:subtree) ? c.subtree : c}
92
- .uniq
93
- .flat_map{|c| c.respond_to?(:subcontexts) ? [c] + c.subcontexts : c }
94
- .uniq)
66
+ instance_variable_get(:@context_tree) ||
67
+ instance_variable_set(:@context_tree, contexts
68
+ .flat_map{|c| c.respond_to?(:subtree) ? c.subtree : c}
69
+ .uniq
70
+ .flat_map{|c| c.respond_to?(:subcontexts) ? [c] + c.subcontexts : c }
71
+ .uniq)
95
72
  end
96
73
 
97
74
  define_method :context_tree_of do | klass |
98
75
  context_tree.select{|node| node.is_a?(klass)}
99
76
  end
100
77
 
101
- define_method :to_s do
102
- email? ? "#{name} <#{email}>" : name
103
- end
78
+ alias_method :to_s, :sso_auth_name
104
79
  end
105
80
 
106
81
  def self.esp_auth_permission
107
82
  attr_accessor :user_search, :user_uid, :user_name, :user_email, :polymorphic_context
83
+ attr_accessible :user_uid, :user_name, :user_email, :polymorphic_context, :role, :user_search
108
84
 
109
85
  belongs_to :context, :polymorphic => true
110
86
  belongs_to :user
@@ -143,6 +119,9 @@ module EspAuth
143
119
 
144
120
  has_enum :role
145
121
 
122
+ define_singleton_method :available_roles do
123
+ Permission.enums[:role]
124
+ end
146
125
 
147
126
  private
148
127
  delegate :index!, :to => :user, :prefix => true
@@ -1,3 +1,3 @@
1
1
  module EspAuth
2
- VERSION = "1.3.7"
2
+ VERSION = "1.4.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: esp-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.7
4
+ version: 1.4.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-10-26 00:00:00.000000000 Z
12
+ date: 2012-11-20 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: ancestry
@@ -192,17 +192,17 @@ dependencies:
192
192
  requirement: !ruby/object:Gem::Requirement
193
193
  none: false
194
194
  requirements:
195
- - - ! '>='
195
+ - - <
196
196
  - !ruby/object:Gem::Version
197
- version: '0'
197
+ version: 0.0.90
198
198
  type: :runtime
199
199
  prerelease: false
200
200
  version_requirements: !ruby/object:Gem::Requirement
201
201
  none: false
202
202
  requirements:
203
- - - ! '>='
203
+ - - <
204
204
  - !ruby/object:Gem::Version
205
- version: '0'
205
+ version: 0.0.90
206
206
  - !ruby/object:Gem::Dependency
207
207
  name: inherited_resources
208
208
  requirement: !ruby/object:Gem::Requirement
@@ -299,6 +299,22 @@ dependencies:
299
299
  - - ! '>='
300
300
  - !ruby/object:Gem::Version
301
301
  version: '0'
302
+ - !ruby/object:Gem::Dependency
303
+ name: sso-auth
304
+ requirement: !ruby/object:Gem::Requirement
305
+ none: false
306
+ requirements:
307
+ - - ! '>='
308
+ - !ruby/object:Gem::Version
309
+ version: '0'
310
+ type: :runtime
311
+ prerelease: false
312
+ version_requirements: !ruby/object:Gem::Requirement
313
+ none: false
314
+ requirements:
315
+ - - ! '>='
316
+ - !ruby/object:Gem::Version
317
+ version: '0'
302
318
  - !ruby/object:Gem::Dependency
303
319
  name: timecop
304
320
  requirement: !ruby/object:Gem::Requirement
@@ -561,9 +577,7 @@ files:
561
577
  - app/assets/stylesheets/esp_auth/shared.sass
562
578
  - app/controllers/esp_auth/application_controller.rb
563
579
  - app/controllers/esp_auth/audits_controller.rb
564
- - app/controllers/esp_auth/omniauth_callbacks_controller.rb
565
580
  - app/controllers/esp_auth/permissions_controller.rb
566
- - app/controllers/esp_auth/sessions_controller.rb
567
581
  - app/controllers/esp_auth/users_controller.rb
568
582
  - app/models/user_search.rb
569
583
  - app/views/esp_auth/audits/_audit.html.erb
@@ -613,7 +627,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
613
627
  version: '0'
614
628
  segments:
615
629
  - 0
616
- hash: -2613979917991867064
630
+ hash: -4315500223838896339
617
631
  required_rubygems_version: !ruby/object:Gem::Requirement
618
632
  none: false
619
633
  requirements:
@@ -622,7 +636,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
622
636
  version: '0'
623
637
  segments:
624
638
  - 0
625
- hash: -2613979917991867064
639
+ hash: -4315500223838896339
626
640
  requirements: []
627
641
  rubyforge_project:
628
642
  rubygems_version: 1.8.24
@@ -1,13 +0,0 @@
1
- # encoding: utf-8
2
-
3
- class EspAuth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
4
- def identity
5
- user = User.find_or_initialize_by_uid(request.env['omniauth.auth']['uid']).tap do |user|
6
- user.update_attributes request.env['omniauth.auth']['info']
7
- end
8
-
9
- flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "системы аутентификации"
10
- sign_in user, :event => :authentication
11
- redirect_to stored_location_for(:user) || main_app.root_path
12
- end
13
- end
@@ -1,16 +0,0 @@
1
- class EspAuth::SessionsController < ApplicationController
2
- def destroy
3
- reset_session
4
- redirect_to "#{Settings['sso.url']}/users/sign_out?redirect_uri=#{CGI.escape(redirect_uri)}"
5
- end
6
-
7
- protected
8
-
9
- def redirect_uri
10
- URI.parse(request.url).tap do | uri |
11
- uri.path = main_app.root_path
12
- uri.query = nil
13
- end.to_s
14
- end
15
-
16
- end