gatepass 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6e7aeabfb6de154ecf1aa96f4e9009137eb8e9c674c3a8be94f4eddce9880945
-  data.tar.gz: ca35a4b1f36f2f943b4dcbebfcbfce21c698a7f173bce1f991038e48d273958d
+  metadata.gz: 22e7d410f8cc59147182ef88f8b78fee3f0801f8bef57aea3f469b655f77f294
+  data.tar.gz: 1988ca42cd43522a1261885a7b69bac2768435071c5e607bf5de864e8bb179c4
 SHA512:
-  metadata.gz: 877b3867d4b2e5d565d2ea57ccc367ba368c62a17afd6aa98db3fa5aedbf91d3879c3bacd220da4af11feeae82ae1212cc27ad521984d17ee38f6f6ab2785e86
-  data.tar.gz: 754407cd8631ac1f502d766a1939d6fbba4e387817c8335584740b196f8572cdfe13f0c0af456d3ccf9a9d8785f6e2ba559d5740da01c835b3b9d021967dad1a
+  metadata.gz: bbacc80c229ef6cf208bc16e9a9b769c5b38dbe40dd11220f5b8910669e69200c08c5cd1e7a102e2ab8e142518920707c532a4b001639f35ee8c23e5ccf8fa12
+  data.tar.gz: 9610a39b9bfd248cdf2db26317cef29e4bcb9618b4086b181189cbcdf94f3f32f82d0c346f3c9eae3572d68211863b74e892c145f16d497467f1c3a06dde94a4

data/README.md

@@ -4,6 +4,16 @@ Short description and motivation.
 ## Usage
 See the Installation section below.
 
+For setting up a DEV environment, clone the directory within a rails project and add to the Gemfile:
+```
+gem 'gatepass', path: 'gatepass'
+```
+OR
+```
+gem 'gatepass', git: 'https://github.com/pockettheories/gatepass'
+```
+See [Bundle Git Guide](https://bundler.io/guides/git.html) for more
+
 ## Installation
 Add this line to your application's Gemfile:
 
@@ -20,6 +30,10 @@ Or install it yourself as:
 ```bash
 $ gem install gatepass
 ```
+OR
+```bash
+$ bundle add gatepass
+```
 
 Mount the engine with the following line in `config/routes.rb` :
 ```
@@ -59,16 +73,32 @@ u1.auth_type = 'local'
 u1.save
 ```
 
+Create an initial ActiveDirectory user account with:
+```
+$ rails c
+u1 = Gatepass::User.new
+u1.username = 'reddy'
+u1.password = 'dummy'
+u1.auth_type = 'activedirectory'
+u1.rolename = 'admin'
+u1.username_mapping = 'CN=reddy,CN=Users,DC=pockettheories,DC=com'
+u1.save
+```
+
 Login with the above account, and access the user account management page at:
 http://localhost:3000/gatepass/users
 
+The logout URL is:
+http://localhost:3000/gatepass/authentication/logout
+
 ## Other Notes
 The User model has the fields: username:string auth_type:string password_digest:string username_mapping:string
-
 auth_type is `local` or `activedirectory`.
-
 Use a dummy password for activedirectory users.
 
+If you get the error "SSL_CTX_load_verify_file: system lib" when attempting to login as an ActiveDirectory user, it's 
+Ruby complaining about your OpenSSL version. (On MacOS Ventura 13.4.1, rbenv with Ruby 3.1.0 works; Ruby 3.2.2 doesn't)
+
 ## Contributing
 Create a pull request on GitHub.
 

data/app/controllers/gatepass/authentication_controller.rb

@@ -23,7 +23,7 @@ module Gatepass
         if user_obj === false
           redirect_to ({ controller: 'gatepass/authentication', action: 'login' })
         else
-          session[:user] = user_obj
+          session[:user] = user
           redirect_to main_app.root_url
         end
       elsif user.auth_type == 'activedirectory' # 'ldap'
@@ -59,6 +59,7 @@ module Gatepass
             redirect_to({ controller: 'gatepass/authentication', action: 'login' })
           elsif search_result_count == 1
             session[:user] = user # entry
+            session[:user_ldap_info] = entry
             redirect_to main_app.root_url
           else
             redirect_to({ controller: 'gatepass/authentication', action: 'login' })

data/app/controllers/gatepass/users_controller.rb

@@ -1,3 +1,8 @@
+#
+#
+# Refactor the code to make it less repetitive
+#
+
 module Gatepass
   class UsersController < ApplicationController
     before_action :set_user, only: %i[ show edit update destroy ]
@@ -5,25 +10,50 @@ module Gatepass
     # GET /users
     def index
       @users = User.all
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        @users = @users.where(:id => @current_user[:id])
+      end
     end
 
     # GET /users/1
     def show
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin' and @user[:id] != @current_user[:id]
+        redirect_to  users_url, notice: "You must be an admin to view users"
+      end
     end
 
     # GET /users/new
     def new
       @user = User.new
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        redirect_to  users_url, notice: "You must be an admin to create a new user"
+      end
     end
 
     # GET /users/1/edit
     def edit
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        redirect_to  users_url, notice: "You must be an admin to edit a user"
+      end
     end
 
     # POST /users
     def create
       @user = User.new(user_params)
 
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        redirect_to  users_url, notice: "You must be an admin to create a new user"
+      end
+
       if @user.save
         redirect_to @user, notice: "User was successfully created."
       else
@@ -33,6 +63,12 @@ module Gatepass
 
     # PATCH/PUT /users/1
     def update
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        redirect_to  users_url, notice: "You must be an admin to update a new user"
+      end
+
       if @user.update(user_params)
         redirect_to @user, notice: "User was successfully updated."
       else
@@ -42,6 +78,12 @@ module Gatepass
 
     # DELETE /users/1
     def destroy
+
+      @current_user = session[:user]
+      if @current_user['rolename'] != 'admin'
+        redirect_to  users_url, notice: "You must be an admin to delete a new user"
+      end
+
       @user.destroy
       redirect_to users_url, notice: "User was successfully destroyed.", status: :see_other
     end
@@ -54,7 +96,7 @@ module Gatepass
 
       # Only allow a list of trusted parameters through.
       def user_params
-        params.require(:user).permit(:username, :auth_type, :password_digest, :username_mapping)
+        params.require(:user).permit(:username, :auth_type, :password_digest, :rolename, :username_mapping)
       end
   end
 end

data/app/views/gatepass/users/_form.html.erb

@@ -18,7 +18,8 @@
 
   <div>
     <%= form.label :auth_type, style: "display: block" %>
-    <%= form.text_field :auth_type %>
+    <%#= form.text_field :auth_type %>
+    <%= form.select :auth_type, ["local", "activedirectory"].map {|e| [e, e]} %>
   </div>
 
   <div>
@@ -26,6 +27,12 @@
     <%= form.text_field :password_digest %>
   </div>
 
+  <div>
+    <%= form.label :rolename, style: "display: block" %>
+    <%#= form.text_field :rolename %>
+    <%= form.select :rolename, ["user", "admin"].map {|e| [e, e]} %>
+  </div>
+
   <div>
     <%= form.label :username_mapping, style: "display: block" %>
     <%= form.text_field :username_mapping %>

data/app/views/gatepass/users/_user.html.erb

@@ -14,6 +14,11 @@
     <%= user.password_digest %>
   </p>
 
+  <p>
+    <strong>Role:</strong>
+    <%= user.rolename %>
+  </p>
+
   <p>
     <strong>Username mapping:</strong>
     <%= user.username_mapping %>

data/app/views/gatepass/users/index.html.erb

@@ -12,3 +12,8 @@
 </div>
 
 <%= link_to "New user", new_user_path %>
+
+<!--<div>-->
+<!--  <b>Current User:</b>-->
+  <%#= session[:user] %>
+<!--</div>-->

data/db/migrate/20230726110030_create_gatepass_users.rb

@@ -5,6 +5,7 @@ class CreateGatepassUsers < ActiveRecord::Migration[7.0]
       t.string :auth_type
       t.string :password_digest
       t.string :username_mapping
+      t.string :rolename
 
       t.timestamps
     end

data/lib/gatepass/version.rb

@@ -1,3 +1,3 @@
 module Gatepass
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gatepass
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Nitin Reddy
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-27 00:00:00.000000000 Z
+date: 2023-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails