jungle_path 0.0.9 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/jungle_path/app/auth/authorization.rb +1 -1
  3. data/lib/jungle_path/app/config/config.rb +2 -2
  4. data/lib/jungle_path/app/ztools/zbootstrapdata.rb +3 -2
  5. data/lib/jungle_path/authentication/auth_provider/default.rb +15 -11
  6. data/lib/jungle_path/authentication/data_provider/default.rb +4 -3
  7. data/lib/jungle_path/authentication/data_provider/test.rb +8 -5
  8. data/lib/jungle_path/authorization/filter.rb +3 -1
  9. data/lib/jungle_path/version.rb +1 -1
  10. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: cf2e30fa1aa99e9ce5445d3edfa94e29930594b8
4
- data.tar.gz: 58865df8e55ca302f53116c170dbcab565954667
3
+ metadata.gz: e3ebe41ea5d7710a0fab205f427b38f5daa8b24b
4
+ data.tar.gz: d632a687b7b51f6d3140b09858dd3cdd94a12cd3
5
5
  SHA512:
6
- metadata.gz: 227f6aa4a18ad64b32cf2195daad216079a02670a0749a62d8f6b8b2e85ae4fd8a17cf0ad2e182c8b6db5b0b9c713530b3d8085ec995dafb2d27dc9e47e07317
7
- data.tar.gz: 3586ccaeda9320cc290131bd231a6e2b70c69e4a4f231cebc3e83128d64e2b8e451d82056e7467fb79337179de8ee87282b1989e09ae888f721f44c4bfa9d51d
6
+ metadata.gz: ab6d3577b0460f11ec0f49eba0f56c8d0e71f50e60d8e9b95e013f8e1e8aa372ba936aef5273c6337b75a3996618721ac6b529f13a44b383a0dbe52ebeb3cb88
7
+ data.tar.gz: 94717868ea82807629fa185d2c4e2440b074064dcda3c4624121d3c265c4178026a55ffe66c015459d70eefa6fadd67ac846d0fb159b850252c7de1f7d2b4672
data/lib/jungle_path/app/auth/authorization.rb CHANGED
@@ -33,7 +33,7 @@ module Auth
33
33
  end
34
34
 
35
35
  unless authorized
36
- message = "request was not allowed.\n\nrequest: #{request.request_method} #{request.path_info}\nuser_name: #{current_user.user_name}\napi key name: #{current_key.name}\napi key value: #{current_key.key}\nroles: #{current_auth.roles}\npermissions: #{current_auth.permissions}\nrestrictions: #{current_auth.restrictions}"
36
+ message = "request was not allowed.\n\nrequest: #{request.request_method} #{request.path_info}\nuser_name: #{current_user.user_name}\nroles: #{current_auth.roles}\npermissions: #{current_auth.permissions}\nrestrictions: #{current_auth.restrictions}"
37
37
  # http status code 403 Forbidden.
38
38
  puts "request status: 403\n#{message}."
39
39
  halt 403, message
data/lib/jungle_path/app/config/config.rb CHANGED
@@ -112,14 +112,14 @@ module Config
112
112
  id: 1,
113
113
  name: :admin,
114
114
  description: 'admin and add, edit and delete users, but not root users.',
115
- permissions: [:admin],
115
+ permissions: [:admin, :read],
116
116
  restrictions: []
117
117
  },
118
118
  user: {
119
119
  id: 2,
120
120
  name: :user,
121
121
  description: 'basic system user -- has read only access.',
122
- permissions: [:read],
122
+ permissions: [:read, :assumable_user_identity],
123
123
  restrictions: [:query_only, :me_related]
124
124
  }
125
125
  }
data/lib/jungle_path/app/ztools/zbootstrapdata.rb CHANGED
@@ -22,11 +22,12 @@ module ZBootstrap
22
22
  db.insert._model(schema_info)
23
23
  end
24
24
 
25
- hash = 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n'
25
+ hash = 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n' # "test"
26
+ hash_zoo = 'sha1:1000:wNGOiLtzLt7U9t7g+AoQVYZBeZn4NDIl:WZ7ADLonzVbnMP+d0g4K94Rk06ai4Ezk\n' # "zoo"
26
27
  users = [
27
28
  Schema::User.new({id: 0, name: 'root', user_name: 'root', role: 'root', hash: hash, email: nil, active: true, created_by_user_id: 0, updated_by_user_id: 0}),
28
29
  Schema::User.new({id: 1, name: 'admin', user_name: 'admin', role: 'admin', hash: hash, email: nil, active: true, created_by_user_id: 0, updated_by_user_id: 0}),
29
- Schema::User.new({id: 2, name: 'user', user_name: 'user', role: 'user', hash: hash, email: nil, active: true, created_by_user_id: 0, updated_by_user_id: 0})
30
+ Schema::User.new({id: 2, name: 'user', user_name: 'user', role: 'user', hash: hash_zoo, email: nil, active: true, created_by_user_id: 0, updated_by_user_id: 0})
30
31
  ]
31
32
  users.each {|user| db.insert._model(user)}
32
33
 
data/lib/jungle_path/authentication/auth_provider/default.rb CHANGED
@@ -21,18 +21,22 @@ module JunglePath
21
21
 
22
22
  #valid = false
23
23
 
24
- identity = authenticate_identity(data_provider, identity, no_cache)
24
+ identity = authenticate_identity(data_provider, identity, false, no_cache)
25
25
  puts "authenticated identity: #{identity}."
26
26
  identity = authorize_identity(data_provider, identity, no_cache)
27
27
  puts "authorized identity: #{identity}."
28
28
 
29
29
  if identity and identity.valid? and assume_identity
30
- assume_identity = authenticate_identity(data_provider, assume_identity, no_cache)
31
- puts "authenticated assume_identity: #{assume_identity}."
32
- assume_identity = authorize_identity(data_provider, assume_identity, no_cache)
33
- puts "authorized assume_identity: #{assume_identity}."
34
- #valid = (assume_identity and assume_identity.valid?) or (identity and identity.valid?)
35
- return assume_identity if assume_identity.valid?
30
+ if identity.authorization_filter.has_permission?(:assume_user_identity) and !identity.authorization_filter.has_restriction?(:assume_user_identity)
31
+ puts "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBb"
32
+ assume_identity = authenticate_identity(data_provider, assume_identity, true, no_cache)
33
+ puts "authenticated assume_identity: #{assume_identity}."
34
+ assume_identity = authorize_identity(data_provider, assume_identity, no_cache)
35
+ assume_identity.valid = false unless assume_identity.authorization_filter.has_permission?(:assumable_user_identity) and !assume_identity.authorization_filter.has_restriction?(:assumable_user_identity)
36
+ puts "authorized assume_identity: #{assume_identity}."
37
+ #valid = (assume_identity and assume_identity.valid?) or (identity and identity.valid?)
38
+ end
39
+ return assume_identity
36
40
  end
37
41
  identity
38
42
  end
@@ -48,22 +52,22 @@ module JunglePath
48
52
  assume_identity = JunglePath::Authentication::Identity.new
49
53
  assume_identity.user_name = parts[0]
50
54
  assume_identity.remote_user = remote_user
51
- assume_identity.remote_password = remote_password
55
+ assume_identity.remote_password = nil
52
56
  else
53
57
  identity.user_name = remote_user
54
58
  end
55
59
  return identity, assume_identity
56
60
  end
57
61
 
58
- def authenticate_identity data_provider, identity, no_cache=false
62
+ def authenticate_identity data_provider, identity, assume_identity=false, no_cache=false
59
63
  idn = nil
60
64
  if identity
61
65
  idn = identity.dup
62
66
  if user_name_is_key? identity.user_name, identity.remote_password
63
- idn.user = data_provider.get_user_by_key(identity.user_name, no_cache, identity.remote_password)
67
+ idn.user = data_provider.get_user_by_key(identity.user_name, assume_identity, no_cache, identity.remote_password)
64
68
  idn.key = identity.user_name
65
69
  else
66
- idn.user = data_provider.get_user(identity.user_name, identity.remote_password, no_cache)
70
+ idn.user = data_provider.get_user(identity.user_name, identity.remote_password, assume_identity, no_cache)
67
71
  idn.key = nil
68
72
  end
69
73
  idn.valid = (idn.user and idn.user.is_valid)
data/lib/jungle_path/authentication/data_provider/default.rb CHANGED
@@ -28,7 +28,7 @@ module JunglePath
28
28
  @alternative_user_key_query = alternative_user_key_query
29
29
  end
30
30
 
31
- def get_user(user_name, password, no_cache=false)
31
+ def get_user(user_name, password, assume_identity=false, no_cache=false)
32
32
  lower_case_user_name = nil
33
33
  lower_case_user_name = user_name.downcase.to_sym if user_name
34
34
  cache_key = "#{lower_case_user_name}.#{password}"
@@ -41,14 +41,15 @@ module JunglePath
41
41
  user = @user_model.new(hash, false) if hash
42
42
  @sinatra.halt 401, "Unauthorized" unless user
43
43
  @sinatra.halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
44
- user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash)
44
+ user.is_valid = assume_identity
45
+ user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash) unless assume_identity
45
46
  user.password = password
46
47
  @cache[cache_key] = user if user
47
48
  end
48
49
  user
49
50
  end
50
51
 
51
- def get_user_by_key(key, no_cache=false, password=nil)
52
+ def get_user_by_key(key, assume_identity=false, no_cache=false, password=nil)
52
53
  cache_key = "#{key}."
53
54
  user = @cache[cache_key]
54
55
  if user == nil or no_cache
data/lib/jungle_path/authentication/data_provider/test.rb CHANGED
@@ -61,7 +61,9 @@ module JunglePath
61
61
  active: true,
62
62
  user_name: :user,
63
63
  #password: 'test',
64
- hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
64
+ #hash: 'sha1:1000:/CloeFSPBOT7Ac/Jf/qQLk59iQbflhxf:H4eHZ0w51f3UdQpM+tp2DdhofDPkTf2P\n',
65
+ #password: 'zoo',
66
+ hash: 'sha1:1000:wNGOiLtzLt7U9t7g+AoQVYZBeZn4NDIl:WZ7ADLonzVbnMP+d0g4K94Rk06ai4Ezk\n',
65
67
  role: :user
66
68
  }
67
69
  }
@@ -98,7 +100,7 @@ module JunglePath
98
100
  end
99
101
  end
100
102
 
101
- def get_user(user_name, password, no_cache=false)
103
+ def get_user(user_name, password, assume_identity=false, no_cache=false)
102
104
  lower_case_user_name = nil
103
105
  lower_case_user_name = user_name.downcase.to_sym if user_name
104
106
  hash = @users[lower_case_user_name]
@@ -107,13 +109,14 @@ module JunglePath
107
109
  halt 401, "Unauthorized: user #{user.user_name} is not marked as active." unless user.active
108
110
  #user.is_valid = (user.password == password)
109
111
  #user.password = password
110
- user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash)
112
+ user.is_valid = assume_identity
113
+ user.is_valid = JunglePath::Authentication::PasswordHash.validate_password(password, user.hash) unless assume_identity
111
114
  user.password = password
112
115
  user
113
116
  end
114
117
 
115
- def get_user_by_key(key, no_cache=false, password=nil)
116
- get_user(user_name, password, no_cache)
118
+ def get_user_by_key(key, assume_identity=false, no_cache=false, password=nil)
119
+ get_user(user_name, password, assume_identity, no_cache)
117
120
  end
118
121
 
119
122
  def get_role(identity, no_cache=false)
data/lib/jungle_path/authorization/filter.rb CHANGED
@@ -29,7 +29,9 @@ module JunglePath
29
29
  puts "@permissions.keys #{@permissions.keys}."
30
30
  puts "has_permission? #{permission_name}."
31
31
  symbol = permission_name.to_sym
32
- symbol == @permissions[symbol]
32
+ has_it = symbol == @permissions[symbol]
33
+ has_it = :root == @permissions[:root] unless has_it
34
+ has_it
33
35
  end
34
36
 
35
37
  def has_restriction? restriction_name
data/lib/jungle_path/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module JunglePath
2
- VERSION = '0.0.9'
2
+ VERSION = '0.0.10'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jungle_path
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael VanZant