isaca-rails 0.5.0 → 0.5.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 90c702697899fa3268bb9f7e7b9520b40fd5d3b7effd2ed3de3b8626cb44bb4d
-  data.tar.gz: 799f89cdc87027c6330c3cb2a07545e6ea18068bcd7be37661c70afb1774e4bc
+  metadata.gz: 700f73c4157cab70ecffb3b4254b656d0a287edbdfa38954a7d5745fb12b6825
+  data.tar.gz: 3670014ec5c3bffb8fa6ebd48d6d2addaf4c1014e2199938260e3d112264a956
 SHA512:
-  metadata.gz: 0a5961e510658f1922bbbe6dba3a0c58a6c83b8f045a6b605b66c36e5f4f17003087861ac58a7928dd892f6379acc930fb7733c8d8c42a57f359aacbe68c7522
-  data.tar.gz: 1c4efa1deb6a46bec6c88ff47bab3aceca1a19915f5fc33ac4eef6fd194cc1d5df720250a6e4a73480a0abd61cd760faf9749d0731a2da98232cb32a73446044
+  metadata.gz: 34ce9a5babf90bd10becd5ff53ace1dab4d1150e901775c0429719d1f125365fd5a3a69378a608829b1e8eae62dd777e6ec5fa548da428e5829440d59d93835f
+  data.tar.gz: b65bc3a5e3386a8b867bf31fb1019406d98d141b64c22999b667dbf150101be8324b8e8e9c944dd2f7ed1e35d23d8270bd3ef2b970aa5bdb3335c3a3e5743145

data/app/controllers/isaca/rails/platform/administrators_controller.rb

@@ -3,6 +3,9 @@ module Isaca
     module Platform
       class AdministratorsController < ApplicationController
         def index
+          logger = Logger.new(STDOUT)
+          logger.debug "**** Isaca Rails ****"
+          logger.debug "**** Isaca Rails ****"
           @administrators = Isaca::Rails.configuration.user_model.where(admin: true)
         end
 

data/app/controllers/isaca/rails/sessions_controller.rb

@@ -5,7 +5,7 @@ class Isaca::Rails::SessionsController < Isaca::Rails::ApplicationController
 
   def create
     begin
-      authenticate(sign_in_params[:username], sign_in_params[:password])
+      # authenticate(sign_in_params[:username], sign_in_params[:password])
 
       respond_to do |format|
         format.html do

data/lib/isaca/rails/authentication.rb

@@ -15,23 +15,23 @@ module Isaca
       #
       # @return nil
       def authenticate_isaca_user
-        if user_signed_in?
-          if request.path != user_consent_path && redirect_for_consent?
-            session[:after_sign_in_path] = request.fullpath if request.get? && request.format.html?
-            flash.alert = t('isaca.rails.user_consent.consent_required')
-            redirect_to user_consent_path
-          end
-        else
-          session[:after_sign_in_path] = request.fullpath if request.get?
-          flash.alert = t('isaca.rails.sessions.sign_in_required')
-
-          respond_to do |format|
-            format.html {redirect_to sign_in_path}
-            format.json do
-              render json: {error: t('isaca.rails.sessions.sign_in_required')}.to_json, status: :unauthorized
-            end
-          end
-        end
+        # if user_signed_in?
+        #   if request.path != user_consent_path && redirect_for_consent?
+        #     session[:after_sign_in_path] = request.fullpath if request.get? && request.format.html?
+        #     flash.alert = t('isaca.rails.user_consent.consent_required')
+        #     redirect_to user_consent_path
+        #   end
+        # else
+        #   session[:after_sign_in_path] = request.fullpath if request.get?
+        #   flash.alert = t('isaca.rails.sessions.sign_in_required')
+
+        #   respond_to do |format|
+        #     format.html {redirect_to sign_in_path}
+        #     format.json do
+        #       render json: {error: t('isaca.rails.sessions.sign_in_required')}.to_json, status: :unauthorized
+        #     end
+        #   end
+        # end
       end
 
       # A helper method for referencing the user who is currently logged in.
@@ -41,8 +41,10 @@ module Isaca
         if @current_isaca_user
           @current_isaca_user
         else
-          set_current_isaca_user if token_cookie_exists?
-        end
+          unless session[:user_id].blank?
+            @current_isaca_user = Isaca::Rails.configuration.user_model.find(session[:user_id])
+          end
+        end  
       end
 
       # Method used to to login a user and set the token

data/lib/isaca/rails/authorization.rb

@@ -7,8 +7,9 @@ module Isaca
         helper_method :user_has_privilege?
       end
 
-      def authorize_isaca_user
-        if current_isaca_user.admin?
+      def authorize_isaca_user(user = nil)
+        # if current_isaca_user.admin?
+        if (!user.nil? && user.admin?) || (!current_isaca_user.nil? && current_isaca_user.admin?)
           if %w(index new show create update destroy).include?(action_name)
             if %w(index show).include?(action_name)
               behavior = 'read'
@@ -24,7 +25,8 @@ module Isaca
           end
 
           privilege = "#{behavior}_#{controller_name.underscore}".to_sym
-          unless user_has_privilege?(current_isaca_user, privilege)
+          # unless user_has_privilege?(current_isaca_user, privilege)
+          unless user_has_privilege?(user, privilege)
             respond_to do |format|
               message = "#{t('isaca.rails.claims.admin_required')} Missing claim: #{privilege}."
 
@@ -59,7 +61,11 @@ module Isaca
       end
 
       def user_has_privilege?(user, privilege)
-        user.claims.where(privilege: privilege).any?
+        unless user.nil?
+          user.claims.where(privilege: privilege).any?
+        else
+          current_isaca_user.has_privilege?(privilege)
+        end
       end
 
       def claim_symbols(claim_params, state)

data/lib/isaca/rails/version.rb

@@ -1,5 +1,5 @@
 module Isaca
   module Rails
-    VERSION = '0.5.0'
+    VERSION = '0.5.4'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: isaca-rails
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.4
 platform: ruby
 authors:
 - Matthew Orahood
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-08 00:00:00.000000000 Z
+date: 2021-09-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails