g5_authenticatable 0.7.4 → 0.7.5.beta

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +3 -1
  3. data/CHANGELOG.md +5 -0
  4. data/app/models/g5_authenticatable/user.rb +4 -2
  5. data/lib/g5_authenticatable/version.rb +1 -1
  6. data/spec/models/g5_authenticatable/user_spec.rb +78 -63
  7. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c6226cb2f0aa0c56f0bc9e1e35470b868f4c96ac
4
- data.tar.gz: 1e6956f7a93be516354c700d58bfb67afb3cf715
3
+ metadata.gz: 397be11accbb1a768cab5e7a49357a5c26b4068e
4
+ data.tar.gz: 9192353fbd88e1aaae7296e9a3b729d064384785
5
5
  SHA512:
6
- metadata.gz: c6d22c7461167d91b95753482479dd465c1496234b01f60837cf21b6f39c2ead7a1bd7e4bc241dde8eca3c1d585e5022f9df6dc95d4fbcb90b87a434e730bccf
7
- data.tar.gz: 4929eb62f866ed92a08b5a1bd29445cdb82c0162ee663fd49982d0d883d3dc84bd06dae6fb3be81133555f42ae67bb0a31a588907a559eb30e472689b525a36e
6
+ metadata.gz: d689e1b2a13b7940d95c6039b39dd86082d42f55ccd624cf03fa45ba2bad127e32c9cfe9e94cda0874ed97e25f72f57d6230f243b2f90c1cdd6e63548d31a91a
7
+ data.tar.gz: 6e52489b18d15adc7bbd531d46999747a992bdb931c0dec0a64949f653d14418e39918eb35f27f4abac85b7df397b8beff3d3c34e12f2b648ad17c0e3c9ecfcc
data/.travis.yml CHANGED
@@ -3,6 +3,8 @@ rvm:
3
3
  - 2.0.0
4
4
  - 2.1
5
5
  - 2.2
6
+ before_install:
7
+ - gem install bundler
6
8
  script:
7
9
  - RAILS_ENV=test bundle exec rake app:db:setup
8
10
  - bundle exec rspec spec
@@ -13,4 +15,4 @@ env:
13
15
  global:
14
16
  - DEVISE_SECRET_KEY=foo
15
17
  addons:
16
- postgresql: "9.2"
18
+ postgresql: "9.2"
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## v0.7.5.beta (2016-01-15)
2
+
3
+ * Fixes bug that granted higher permissions when the resource for a scoped roles didn't exist.
4
+
5
+
1
6
  ## v0.7.4 (2015-12-09)
2
7
 
3
8
  * Adds Impersonate (Assume) Devise Strategy and Concern to handle access to session stored values
data/app/models/g5_authenticatable/user.rb CHANGED
@@ -7,6 +7,8 @@ module G5Authenticatable
7
7
  validates :email, presence: true, uniqueness: true
8
8
  validates_uniqueness_of :uid, scope: :provider
9
9
 
10
+ GLOBAL_ROLE = 'GLOBAL'
11
+
10
12
  def self.new_with_session(params, session)
11
13
  user = super(params, session)
12
14
  auth_data = session['omniauth.auth']
@@ -31,7 +33,7 @@ module G5Authenticatable
31
33
  def update_roles_from_auth(auth_data)
32
34
  roles.clear
33
35
  auth_data.extra.roles.each do |role|
34
- role.type == 'GLOBAL' ? add_role(role.name) : add_scoped_role(role)
36
+ role.type == GLOBAL_ROLE ? add_role(role.name) : add_scoped_role(role)
35
37
  end
36
38
  end
37
39
 
@@ -55,7 +57,7 @@ module G5Authenticatable
55
57
  def add_scoped_role(role)
56
58
  the_class = Object.const_get(role.type)
57
59
  resource = the_class.where(urn: role.urn).first
58
- add_role(role.name, resource)
60
+ add_role(role.name, resource) if resource.present?
59
61
  rescue => e
60
62
  Rails.logger.error(e)
61
63
  end
data/lib/g5_authenticatable/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module G5Authenticatable
2
- VERSION = '0.7.4'
2
+ VERSION = '0.7.5.beta'
3
3
  end
data/spec/models/g5_authenticatable/user_spec.rb CHANGED
@@ -65,28 +65,26 @@ describe G5Authenticatable::User do
65
65
  let(:params) { Hash.new }
66
66
  let(:auth_data) do
67
67
  OmniAuth::AuthHash.new(
68
- {
69
- 'provider' => new_user_attributes[:provider],
70
- 'info' => {
71
- 'email' => new_user_attributes[:email],
72
- 'name' => "#{new_user_attributes[:first_name]} #{new_user_attributes[:last_name]}",
73
- 'first_name' => new_user_attributes[:first_name],
74
- 'last_name' => new_user_attributes[:last_name],
75
- 'phone' => new_user_attributes[:phone_number]
76
- },
77
- 'credentials' => {
78
- 'token' => new_user_attributes[:g5_access_token],
79
- 'expires' => true,
80
- 'expires_at' => Time.now + 1000
81
- },
82
- 'extra' => {
83
- 'title' => new_user_attributes[:title],
84
- 'organization_name' => new_user_attributes[:organization_name],
85
- 'roles' => [
86
- { 'name' => new_role_attributes[:name], 'type' => 'GLOBAL', 'urn' => nil }
87
- ],
88
- 'raw_info' => {}
89
- }
68
+ 'provider' => new_user_attributes[:provider],
69
+ 'info' => {
70
+ 'email' => new_user_attributes[:email],
71
+ 'name' => "#{new_user_attributes[:first_name]} #{new_user_attributes[:last_name]}",
72
+ 'first_name' => new_user_attributes[:first_name],
73
+ 'last_name' => new_user_attributes[:last_name],
74
+ 'phone' => new_user_attributes[:phone_number]
75
+ },
76
+ 'credentials' => {
77
+ 'token' => new_user_attributes[:g5_access_token],
78
+ 'expires' => true,
79
+ 'expires_at' => Time.now + 1000
80
+ },
81
+ 'extra' => {
82
+ 'title' => new_user_attributes[:title],
83
+ 'organization_name' => new_user_attributes[:organization_name],
84
+ 'roles' => [
85
+ { 'name' => new_role_attributes[:name], 'type' => 'GLOBAL', 'urn' => nil }
86
+ ],
87
+ 'raw_info' => {}
90
88
  })
91
89
  end
92
90
 
@@ -398,7 +396,6 @@ describe G5Authenticatable::User do
398
396
  let(:user_attributes2) { FactoryGirl.attributes_for(:g5_authenticatable_user) }
399
397
  let(:mock_urn) { 'mock_urn' }
400
398
 
401
-
402
399
  let(:mock_resource_class) { Class.new }
403
400
  before { stub_const('MockResource', mock_resource_class) }
404
401
 
@@ -409,48 +406,46 @@ describe G5Authenticatable::User do
409
406
 
410
407
  let(:auth_data) do
411
408
  OmniAuth::AuthHash.new(
412
- {
413
- 'provider' => user_attributes[:provider],
414
- 'uid' => user_attributes[:uid],
415
- 'info' => {
416
- 'email' => user_attributes[:email],
417
- 'first_name' => user_attributes[:first_name],
418
- 'last_name' => user_attributes[:last_name],
419
- 'phone' => user_attributes[:phone_number]
420
- },
421
- 'credentials' => {
422
- 'token' => user_attributes[:g5_access_token],
423
- 'expires' => true,
424
- 'expires_at' => Time.now + 1000
425
- },
426
- 'extra' => {
427
- 'title' => user_attributes[:title],
428
- 'organization_name' => user_attributes[:organization_name],
429
- 'roles' => roles,
430
- 'raw_info' => {}
431
- }
432
- })
409
+ 'provider' => user_attributes[:provider],
410
+ 'uid' => user_attributes[:uid],
411
+ 'info' => {
412
+ 'email' => user_attributes[:email],
413
+ 'first_name' => user_attributes[:first_name],
414
+ 'last_name' => user_attributes[:last_name],
415
+ 'phone' => user_attributes[:phone_number]
416
+ },
417
+ 'credentials' => {
418
+ 'token' => user_attributes[:g5_access_token],
419
+ 'expires' => true,
420
+ 'expires_at' => Time.now + 1000
421
+ },
422
+ 'extra' => {
423
+ 'title' => user_attributes[:title],
424
+ 'organization_name' => user_attributes[:organization_name],
425
+ 'roles' => roles,
426
+ 'raw_info' => {}
427
+ })
433
428
  end
434
429
 
435
430
  context 'with global role' do
436
- let(:roles) { [
437
- {name: 'admin', type: 'GLOBAL', urn: nil}
438
- ] }
431
+ let(:roles) do
432
+ [{ name: 'admin', type: 'GLOBAL', urn: nil }]
433
+ end
439
434
 
440
435
  it 'will add a global role' do
441
- expect{ user.update_roles_from_auth(auth_data) }.to change{ user.roles.length }.from(0).to(1)
436
+ expect { user.update_roles_from_auth(auth_data) }.to change { user.roles.length }.from(0).to(1)
442
437
  expect(user.roles.first.name).to eq('admin')
443
438
  expect(user.roles.first.resource).to be_nil
444
439
  end
445
440
  end
446
441
 
447
442
  context 'with a scoped role' do
448
- let(:roles) { [
449
- {name: 'viewer', type: 'MockResource', urn: mock_urn}
450
- ] }
443
+ let(:roles) do
444
+ [{ name: 'viewer', type: 'MockResource', urn: mock_urn }]
445
+ end
451
446
 
452
447
  it 'will add a scoped role' do
453
- expect{ user.update_roles_from_auth(auth_data) }.to change{ user.roles.length }.from(0).to(1)
448
+ expect { user.update_roles_from_auth(auth_data) }.to change { user.roles.length }.from(0).to(1)
454
449
  expect(user.roles.first.name).to eq('viewer')
455
450
  expect(user.roles.first.resource_id).to eq(mock_resource.id)
456
451
  expect(user.roles.first.resource_type).to eq('MockResource')
@@ -458,31 +453,51 @@ describe G5Authenticatable::User do
458
453
  end
459
454
 
460
455
  context 'with a more than 1 role' do
461
- let(:roles) { [
462
- {name: 'viewer', type: 'MockResource', urn: mock_urn},
463
- {name: 'admin', type: 'GLOBAL', urn: nil}
464
- ] }
456
+ let(:roles) do
457
+ [
458
+ { name: 'viewer', type: 'MockResource', urn: mock_urn },
459
+ { name: 'admin', type: 'GLOBAL', urn: nil }
460
+ ]
461
+ end
465
462
 
466
463
  it 'will add a scoped role' do
467
- expect{ user.update_roles_from_auth(auth_data) }.to change{ user.roles.length }.from(0).to(2)
464
+ expect { user.update_roles_from_auth(auth_data) }.to change { user.roles.length }.from(0).to(2)
468
465
  end
469
466
  end
467
+
468
+ context 'with an un-existing scoped role URL' do
469
+ let(:non_existing_urn) { 'some-non-existing-urn' }
470
+ before do
471
+ allow(mock_resource_class).to receive(:where).with(urn: non_existing_urn).and_return([])
472
+ end
473
+
474
+ let(:roles) do
475
+ [{ name: 'viewer', type: 'MockResource', urn: non_existing_urn }]
476
+ end
477
+
478
+ it 'will add a scoped role' do
479
+ expect { user.update_roles_from_auth(auth_data) }.to_not change { user.roles.length }
480
+ end
481
+ end
482
+
470
483
  context 'with 0 roles' do
471
484
  let(:roles) { [] }
472
485
 
473
486
  it 'will add a scoped role' do
474
- expect{ user.update_roles_from_auth(auth_data) }.to_not change{ user.roles.length }.from(0)
487
+ expect { user.update_roles_from_auth(auth_data) }.to_not change { user.roles.length }.from(0)
475
488
  end
476
489
  end
477
490
 
478
491
  context 'with a bad role type' do
479
- let(:roles) { [
480
- {name: 'viewer', type: 'MockResource', urn: mock_urn},
481
- {name: 'viewer', type: 'BadResource', urn: mock_urn}
482
- ] }
492
+ let(:roles) do
493
+ [
494
+ { name: 'viewer', type: 'MockResource', urn: mock_urn },
495
+ { name: 'viewer', type: 'BadResource', urn: mock_urn }
496
+ ]
497
+ end
483
498
 
484
499
  it 'will skip the bad role' do
485
- expect{ user.update_roles_from_auth(auth_data) }.to change{ user.roles.length }.from(0).to(1)
500
+ expect { user.update_roles_from_auth(auth_data) }.to change { user.roles.length }.from(0).to(1)
486
501
  expect(user.roles.first.name).to eq('viewer')
487
502
  expect(user.roles.first.resource_id).to eq(mock_resource.id)
488
503
  expect(user.roles.first.resource_type).to eq('MockResource')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: g5_authenticatable
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.4
4
+ version: 0.7.5.beta
5
5
  platform: ruby
6
6
  authors:
7
7
  - maeve
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-09 00:00:00.000000000 Z
11
+ date: 2016-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise_g5_authenticatable
@@ -266,9 +266,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
266
266
  version: '0'
267
267
  required_rubygems_version: !ruby/object:Gem::Requirement
268
268
  requirements:
269
- - - ">="
269
+ - - ">"
270
270
  - !ruby/object:Gem::Version
271
- version: '0'
271
+ version: 1.3.1
272
272
  requirements: []
273
273
  rubyforge_project:
274
274
  rubygems_version: 2.2.2