gds-sso 13.6.0 → 14.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 65a4fcbf1648eb48c5d242e5e215a962f480038d
4
- data.tar.gz: f1ca91a7017fd9f8e6f42eadeec97de37aa55ff3
2
+ SHA256:
3
+ metadata.gz: 7036817db86d0273dc3c3043b7c02eba7433cb83e4f4e56247adaa94c5bf2a2d
4
+ data.tar.gz: 574ec4a52e3e22e9bf71418a4fc1b9d456f9a4b6481ac0336b7f77e7f18301b5
5
5
  SHA512:
6
- metadata.gz: 1446bb1a2f1abc78e47930ed8aa252ebb3f498651afe2a45bd1fa09bfaca0acbae876a8a9b067af9ccfc2942c474a2687db91d9f16e9e3644cd3cd90c7201bb9
7
- data.tar.gz: 95d9db08ac05f26e3f9235b7c56af5c17a5287b261063fc44cffd021d37abb477e83e845719b6d9a6c6eff0d9c36b5ace1d0861ef451a152839afa11250c9574
6
+ metadata.gz: 15a96eb588756d3cfbe852458857de8fd231d93c490b34bd814c71642d1f038325878be9aef1b7c47b3e49ea0b7927b693a2663c91fc689f9e8095d4ccdc04bb
7
+ data.tar.gz: 8a7480215faa733cb3e318dc7914d32aa24234e6aceab00edbb5cbd8e51fe267dfb652631f8fd7bc8a7c525be6731ba71536430bc7d3cafc800118bedb379f47
data/Gemfile CHANGED
@@ -1,10 +1,3 @@
1
1
  source "https://rubygems.org"
2
2
 
3
- # Specify your gem's dependencies in gds-sso.gemspec
4
3
  gemspec
5
-
6
- # Default rails. Overridden in gemfiles during multi-build
7
- gem 'rails', '4.2.4'
8
-
9
- # Gems added to resolve dependency resolution
10
- gem 'test-unit', '3.0.8'
data/README.md CHANGED
@@ -102,7 +102,7 @@ authorise_user!(any_of: %w(edit create))
102
102
  authorise_user!(all_of: %w(edit create))
103
103
  ```
104
104
 
105
- The signon application makes sure that only users who have been granted access to the application can access it (e.g. they have the `signin` permission for your app). This used to be left up to the applications themselves to check with the `require_signin_permission!` method. This is now deprecated and can be removed from your controllers. You should replace it with a call to `authenticate_user!` if you aren't already using that method, otherwise no signon authentication will be performed.
105
+ The signon application makes sure that only users who have been granted access to the application can access it (e.g. they have the `signin` permission for your app).
106
106
 
107
107
  ### Authorisation for API Users
108
108
 
@@ -173,6 +173,7 @@ If your application needs different or extra permissions for access, you can spe
173
173
  GDS::SSO.config do |config|
174
174
  # other config here
175
175
  config.additional_mock_permissions_required = ["array", "of", "permissions"]
176
+ end
176
177
  ```
177
178
 
178
179
  The mock bearer token will then ensure that the dummy api user has the required permission.
data/Rakefile CHANGED
@@ -16,10 +16,4 @@ namespace :spec do
16
16
  end
17
17
  end
18
18
 
19
- require "gem_publisher"
20
- task :publish_gem do |t|
21
- gem = GemPublisher.publish_if_updated("gds-sso.gemspec", :rubygems)
22
- puts "Published #{gem}" if gem
23
- end
24
-
25
19
  task :default => ["spec"]
@@ -2,7 +2,6 @@ class AuthenticationsController < ActionController::Base
2
2
  include GDS::SSO::ControllerMethods
3
3
 
4
4
  before_action :authenticate_user!, :only => :callback
5
- skip_before_action :require_signin_permission!, raise: false
6
5
  layout false
7
6
 
8
7
  def callback
@@ -43,13 +43,6 @@ module GDS
43
43
  end
44
44
  end
45
45
 
46
- def require_signin_permission!
47
- ActiveSupport::Deprecation.warn("require_signin_permission! is deprecated and will be removed in a future version. The signon application checks for signin permission during oauth and it is no longer optional. Note that your application will still need to call authorise_user! if it doesn't already.", caller)
48
- authorise_user!('signin')
49
- rescue PermissionDeniedException
50
- render "authorisations/cant_signin", layout: "unauthorised", status: :forbidden
51
- end
52
-
53
46
  def authenticate_user!
54
47
  warden.authenticate!
55
48
  end
@@ -1,5 +1,5 @@
1
1
  module GDS
2
2
  module SSO
3
- VERSION = "13.6.0"
3
+ VERSION = "14.0.0"
4
4
  end
5
5
  end
@@ -43,7 +43,7 @@ describe Api::UserController, type: :controller do
43
43
  request.env['warden'] = double("stub warden", :authenticate! => true, authenticated?: true, user: malicious_user)
44
44
 
45
45
  request.env['RAW_POST_DATA'] = user_update_json
46
- put :update, params: { uid: @user_to_update.uid }
46
+ put :update, body: user_update_json, params: { uid: @user_to_update.uid }
47
47
 
48
48
  expect(response.status).to eq(403)
49
49
  end
@@ -56,7 +56,7 @@ describe Api::UserController, type: :controller do
56
56
  expect(request.env['warden']).to receive(:user).at_least(:once).and_return(@signon_sso_push_user)
57
57
 
58
58
  request.env['RAW_POST_DATA'] = user_update_json
59
- put :update, params: { uid: @user_to_update.uid }
59
+ put :update, body: user_update_json, params: { uid: @user_to_update.uid }
60
60
 
61
61
  @user_to_update.reload
62
62
  expect(@user_to_update.name).to eq("Joshua Marshall")
@@ -1,7 +1,6 @@
1
1
  class ExampleController < ApplicationController
2
2
 
3
3
  before_action :authenticate_user!, :only => [:restricted, :this_requires_signin_permission]
4
- before_action :require_signin_permission!, only: [:this_requires_signin_permission]
5
4
 
6
5
  def index
7
6
  render body: "jabberwocky"