gds-sso 13.6.0 → 14.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/Gemfile +0 -7
- data/README.md +2 -1
- data/Rakefile +0 -6
- data/app/controllers/authentications_controller.rb +0 -1
- data/lib/gds-sso/controller_methods.rb +0 -7
- data/lib/gds-sso/version.rb +1 -1
- data/spec/controller/api_user_controller_spec.rb +2 -2
- data/spec/internal/app/controllers/example_controller.rb +0 -1
- data/spec/internal/db/combustion_test.sqlite +0 -0
- data/spec/internal/log/test.log +1037 -1736
- data/spec/requests/end_to_end_spec.rb +10 -10
- metadata +47 -61
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 7036817db86d0273dc3c3043b7c02eba7433cb83e4f4e56247adaa94c5bf2a2d
|
4
|
+
data.tar.gz: 574ec4a52e3e22e9bf71418a4fc1b9d456f9a4b6481ac0336b7f77e7f18301b5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15a96eb588756d3cfbe852458857de8fd231d93c490b34bd814c71642d1f038325878be9aef1b7c47b3e49ea0b7927b693a2663c91fc689f9e8095d4ccdc04bb
|
7
|
+
data.tar.gz: 8a7480215faa733cb3e318dc7914d32aa24234e6aceab00edbb5cbd8e51fe267dfb652631f8fd7bc8a7c525be6731ba71536430bc7d3cafc800118bedb379f47
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -102,7 +102,7 @@ authorise_user!(any_of: %w(edit create))
|
|
102
102
|
authorise_user!(all_of: %w(edit create))
|
103
103
|
```
|
104
104
|
|
105
|
-
The signon application makes sure that only users who have been granted access to the application can access it (e.g. they have the `signin` permission for your app).
|
105
|
+
The signon application makes sure that only users who have been granted access to the application can access it (e.g. they have the `signin` permission for your app).
|
106
106
|
|
107
107
|
### Authorisation for API Users
|
108
108
|
|
@@ -173,6 +173,7 @@ If your application needs different or extra permissions for access, you can spe
|
|
173
173
|
GDS::SSO.config do |config|
|
174
174
|
# other config here
|
175
175
|
config.additional_mock_permissions_required = ["array", "of", "permissions"]
|
176
|
+
end
|
176
177
|
```
|
177
178
|
|
178
179
|
The mock bearer token will then ensure that the dummy api user has the required permission.
|
data/Rakefile
CHANGED
@@ -43,13 +43,6 @@ module GDS
|
|
43
43
|
end
|
44
44
|
end
|
45
45
|
|
46
|
-
def require_signin_permission!
|
47
|
-
ActiveSupport::Deprecation.warn("require_signin_permission! is deprecated and will be removed in a future version. The signon application checks for signin permission during oauth and it is no longer optional. Note that your application will still need to call authorise_user! if it doesn't already.", caller)
|
48
|
-
authorise_user!('signin')
|
49
|
-
rescue PermissionDeniedException
|
50
|
-
render "authorisations/cant_signin", layout: "unauthorised", status: :forbidden
|
51
|
-
end
|
52
|
-
|
53
46
|
def authenticate_user!
|
54
47
|
warden.authenticate!
|
55
48
|
end
|
data/lib/gds-sso/version.rb
CHANGED
@@ -43,7 +43,7 @@ describe Api::UserController, type: :controller do
|
|
43
43
|
request.env['warden'] = double("stub warden", :authenticate! => true, authenticated?: true, user: malicious_user)
|
44
44
|
|
45
45
|
request.env['RAW_POST_DATA'] = user_update_json
|
46
|
-
put :update, params: { uid: @user_to_update.uid }
|
46
|
+
put :update, body: user_update_json, params: { uid: @user_to_update.uid }
|
47
47
|
|
48
48
|
expect(response.status).to eq(403)
|
49
49
|
end
|
@@ -56,7 +56,7 @@ describe Api::UserController, type: :controller do
|
|
56
56
|
expect(request.env['warden']).to receive(:user).at_least(:once).and_return(@signon_sso_push_user)
|
57
57
|
|
58
58
|
request.env['RAW_POST_DATA'] = user_update_json
|
59
|
-
put :update, params: { uid: @user_to_update.uid }
|
59
|
+
put :update, body: user_update_json, params: { uid: @user_to_update.uid }
|
60
60
|
|
61
61
|
@user_to_update.reload
|
62
62
|
expect(@user_to_update.name).to eq("Joshua Marshall")
|
@@ -1,7 +1,6 @@
|
|
1
1
|
class ExampleController < ApplicationController
|
2
2
|
|
3
3
|
before_action :authenticate_user!, :only => [:restricted, :this_requires_signin_permission]
|
4
|
-
before_action :require_signin_permission!, only: [:this_requires_signin_permission]
|
5
4
|
|
6
5
|
def index
|
7
6
|
render body: "jabberwocky"
|
Binary file
|