isaca-rails 0.4.8 → 0.5.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/isaca/rails/platform/administrators_controller.rb +3 -0
  3. data/app/controllers/isaca/rails/sessions_controller.rb +1 -1
  4. data/app/views/isaca/rails/users_consent/_form.html.erb +1 -1
  5. data/lib/isaca/rails/authentication.rb +18 -18
  6. data/lib/isaca/rails/authorization.rb +10 -4
  7. data/lib/isaca/rails/version.rb +1 -1
  8. metadata +9 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7afe3c204bc4c58d289096a6bd76b3361f1aeb73ff76f7c6c16d7867183dcd3e
4
- data.tar.gz: b627a1002caab316552a2f8084e4fb9a17527c1567496ae5c6d4c388a5155f3f
3
+ metadata.gz: 6edd40f7cdd28e7929a11d0403a7f8f7ee34442683be1c3923b2d4e7e5e1d43e
4
+ data.tar.gz: 34b8a7e2fc4914f8ed8545be148715a3b2ce21e00d6cff14076fd933c46a6d7c
5
5
  SHA512:
6
- metadata.gz: fb8446322b9a69b9318683bcc8891eb46a69a7b194ffdd071b136c21cd788fd7982366668a3aa48c0cc1ab3ae25ad74b30c84d5705ffc6d4ce44dff87a6dd53c
7
- data.tar.gz: 507b7488b1eaa633c0087e2950ae60cb9a8af0dba73e5bd1ceeeff874e286ef74013474f7d3fb4971f1160da1e99259a63a34dd3f3adb3fb4f14579a94288477
6
+ metadata.gz: 02d0ba2a3806ee43a63b219ebd0ecfb3a16c780efc6b276eec1c9b47d6b8d4a6bc7d4feccb9d7695fa358490da45fa48937575b3cd793f077b2ddacf825964c3
7
+ data.tar.gz: 586e2bfe28b264e0be53127bdedb2c1aadeb00b7947a6f89f35750982bc4ab6194f556fd2fac0130f157cabf41924bce24cf724a588d699f52eca7af611d616f
data/app/controllers/isaca/rails/platform/administrators_controller.rb CHANGED
@@ -3,6 +3,9 @@ module Isaca
3
3
  module Platform
4
4
  class AdministratorsController < ApplicationController
5
5
  def index
6
+ logger = Logger.new(STDOUT)
7
+ logger.debug "**** Isaca Rails ****"
8
+ logger.debug "**** Isaca Rails ****"
6
9
  @administrators = Isaca::Rails.configuration.user_model.where(admin: true)
7
10
  end
8
11
 
data/app/controllers/isaca/rails/sessions_controller.rb CHANGED
@@ -5,7 +5,7 @@ class Isaca::Rails::SessionsController < Isaca::Rails::ApplicationController
5
5
 
6
6
  def create
7
7
  begin
8
- authenticate(sign_in_params[:username], sign_in_params[:password])
8
+ # authenticate(sign_in_params[:username], sign_in_params[:password])
9
9
 
10
10
  respond_to do |format|
11
11
  format.html do
data/app/views/isaca/rails/users_consent/_form.html.erb CHANGED
@@ -6,7 +6,7 @@
6
6
  <%= f.check_box :privacy_policy %>
7
7
 
8
8
  ISACA has changed their privacy notice, to access the revised notice and terms,
9
- <a href="https://www.isaca.org/pages/Privacy.aspx" target="_blank">click here</a>.
9
+ <a href="https://www.isaca.org/pages/Privacy.aspx" target="_blank">click here</a> and this Platform's Terms of Use <a href="/terms_of_use" target="_blank">click here</a>.
10
10
 
11
11
  By continuing to use the site you agree to the revised terms.
12
12
  </label>
data/lib/isaca/rails/authentication.rb CHANGED
@@ -15,23 +15,23 @@ module Isaca
15
15
  #
16
16
  # @return nil
17
17
  def authenticate_isaca_user
18
- if user_signed_in?
19
- if request.path != user_consent_path && redirect_for_consent?
20
- session[:after_sign_in_path] = request.fullpath if request.get? && request.format.html?
21
- flash.alert = t('isaca.rails.user_consent.consent_required')
22
- redirect_to user_consent_path
23
- end
24
- else
25
- session[:after_sign_in_path] = request.fullpath if request.get?
26
- flash.alert = t('isaca.rails.sessions.sign_in_required')
27
-
28
- respond_to do |format|
29
- format.html {redirect_to sign_in_path}
30
- format.json do
31
- render json: {error: t('isaca.rails.sessions.sign_in_required')}.to_json, status: :unauthorized
32
- end
33
- end
34
- end
18
+ # if user_signed_in?
19
+ # if request.path != user_consent_path && redirect_for_consent?
20
+ # session[:after_sign_in_path] = request.fullpath if request.get? && request.format.html?
21
+ # flash.alert = t('isaca.rails.user_consent.consent_required')
22
+ # redirect_to user_consent_path
23
+ # end
24
+ # else
25
+ # session[:after_sign_in_path] = request.fullpath if request.get?
26
+ # flash.alert = t('isaca.rails.sessions.sign_in_required')
27
+
28
+ # respond_to do |format|
29
+ # format.html {redirect_to sign_in_path}
30
+ # format.json do
31
+ # render json: {error: t('isaca.rails.sessions.sign_in_required')}.to_json, status: :unauthorized
32
+ # end
33
+ # end
34
+ # end
35
35
  end
36
36
 
37
37
  # A helper method for referencing the user who is currently logged in.
@@ -41,7 +41,7 @@ module Isaca
41
41
  if @current_isaca_user
42
42
  @current_isaca_user
43
43
  else
44
- set_current_isaca_user if token_cookie_exists?
44
+ @current_isaca_user = Isaca::Rails.configuration.user_model.find(session[:user_id])
45
45
  end
46
46
  end
47
47
 
data/lib/isaca/rails/authorization.rb CHANGED
@@ -7,8 +7,9 @@ module Isaca
7
7
  helper_method :user_has_privilege?
8
8
  end
9
9
 
10
- def authorize_isaca_user
11
- if current_isaca_user.admin?
10
+ def authorize_isaca_user(user = nil)
11
+ # if current_isaca_user.admin?
12
+ if (!user.nil? && user.admin?) || (!current_isaca_user.nil? && current_isaca_user.admin?)
12
13
  if %w(index new show create update destroy).include?(action_name)
13
14
  if %w(index show).include?(action_name)
14
15
  behavior = 'read'
@@ -24,7 +25,8 @@ module Isaca
24
25
  end
25
26
 
26
27
  privilege = "#{behavior}_#{controller_name.underscore}".to_sym
27
- unless user_has_privilege?(current_isaca_user, privilege)
28
+ # unless user_has_privilege?(current_isaca_user, privilege)
29
+ unless user_has_privilege?(user, privilege)
28
30
  respond_to do |format|
29
31
  message = "#{t('isaca.rails.claims.admin_required')} Missing claim: #{privilege}."
30
32
 
@@ -59,7 +61,11 @@ module Isaca
59
61
  end
60
62
 
61
63
  def user_has_privilege?(user, privilege)
62
- user.claims.select {|c| c.privilege.to_sym == privilege}.any?
64
+ unless user.nil?
65
+ user.claims.where(privilege: privilege).any?
66
+ else
67
+ current_isaca_user.has_privilege?(privilege)
68
+ end
63
69
  end
64
70
 
65
71
  def claim_symbols(claim_params, state)
data/lib/isaca/rails/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Isaca
2
2
  module Rails
3
- VERSION = '0.4.8'
3
+ VERSION = '0.5.2'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: isaca-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.8
4
+ version: 0.5.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthew Orahood
8
- autorequire:
8
+ - Shaun Eutsey
9
+ autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2019-07-10 00:00:00.000000000 Z
12
+ date: 2021-09-14 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: rails
@@ -223,6 +224,7 @@ dependencies:
223
224
  description: Description of Isaca::Rails.
224
225
  email:
225
226
  - morahood@gmail.com
227
+ - seutsey@isaca.org
226
228
  executables: []
227
229
  extensions: []
228
230
  extra_rdoc_files: []
@@ -285,10 +287,10 @@ files:
285
287
  - lib/isaca/rails/user.rb
286
288
  - lib/isaca/rails/version.rb
287
289
  - lib/tasks/isaca/rails_tasks.rake
288
- homepage:
290
+ homepage:
289
291
  licenses: []
290
292
  metadata: {}
291
- post_install_message:
293
+ post_install_message:
292
294
  rdoc_options: []
293
295
  require_paths:
294
296
  - lib
@@ -303,8 +305,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
303
305
  - !ruby/object:Gem::Version
304
306
  version: '0'
305
307
  requirements: []
306
- rubygems_version: 3.0.3
307
- signing_key:
308
+ rubygems_version: 3.2.27
309
+ signing_key:
308
310
  specification_version: 4
309
311
  summary: Summary of Isaca::Rails.
310
312
  test_files: []