kadmin 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +44 -44
- data/Rakefile +146 -146
- data/app/assets/javascripts/modular/app.js +1388 -1388
- data/app/assets/javascripts/modular/application.js +3 -3
- data/app/assets/javascripts/modular/vendor.js +57671 -57671
- data/app/assets/stylesheets/kadmin/typeahead-select.scss +2 -0
- data/app/assets/stylesheets/modular/app-blue.css +2795 -2795
- data/app/assets/stylesheets/modular/app-custom.css +2795 -2795
- data/app/assets/stylesheets/modular/app-green.css +2795 -2795
- data/app/assets/stylesheets/modular/app-orange.css +2795 -2795
- data/app/assets/stylesheets/modular/app-purple.css +2795 -2795
- data/app/assets/stylesheets/modular/app-red.css +2795 -2795
- data/app/assets/stylesheets/modular/app-seagreen.css +2795 -2795
- data/app/assets/stylesheets/modular/app.css +2795 -2795
- data/app/assets/stylesheets/modular/custom.css +51 -19
- data/app/assets/stylesheets/modular/vendor.css +12999 -12999
- data/app/controllers/kadmin/application_controller.rb +64 -64
- data/app/controllers/kadmin/auth_controller.rb +98 -98
- data/app/controllers/kadmin/concerns/authorized_user.rb +67 -67
- data/app/controllers/kadmin/dash_controller.rb +19 -19
- data/app/decorators/kadmin/finder_decorator.rb +50 -50
- data/app/decorators/kadmin/pager_decorator.rb +33 -33
- data/app/helpers/kadmin/alert_helper.rb +59 -59
- data/app/helpers/kadmin/application_helper.rb +4 -4
- data/app/helpers/kadmin/bootstrap_helper.rb +23 -23
- data/app/helpers/kadmin/form_builder.rb +9 -9
- data/app/helpers/kadmin/forms/inverted_check_box.rb +10 -10
- data/app/helpers/kadmin/navigation_helper.rb +28 -28
- data/app/helpers/kadmin/pagination_helper.rb +95 -95
- data/app/views/kadmin/auth/login.html.erb +4 -4
- data/app/views/kadmin/components/_finder.html.erb +14 -18
- data/app/views/kadmin/components/finder/_empty.html.erb +3 -3
- data/app/views/kadmin/components/finder/_form.erb +10 -10
- data/app/views/kadmin/components/finder/_header.html.erb +14 -11
- data/app/views/kadmin/dash/index.html.erb +5 -5
- data/app/views/kadmin/error.html.erb +5 -5
- data/app/views/kadmin/helpers/_alerts.html.erb +4 -4
- data/app/views/kadmin/helpers/_form_errors.html.erb +10 -10
- data/app/views/layouts/modular/application.html.erb +134 -132
- data/config/initializers/action_view.rb +2 -2
- data/config/initializers/assets.rb +5 -5
- data/config/locales/de.yml +25 -25
- data/config/locales/en.yml +24 -24
- data/config/routes.rb +12 -12
- data/lib/kadmin.rb +22 -22
- data/lib/kadmin/auth.rb +31 -31
- data/lib/kadmin/auth/configuration.rb +66 -66
- data/lib/kadmin/auth/unauthorized_error.rb +14 -14
- data/lib/kadmin/auth/user.rb +15 -15
- data/lib/kadmin/auth/user_store.rb +21 -21
- data/lib/kadmin/configuration.rb +18 -18
- data/lib/kadmin/engine.rb +15 -15
- data/lib/kadmin/error.rb +7 -7
- data/lib/kadmin/errors/authorization.rb +15 -15
- data/lib/kadmin/finder.rb +66 -66
- data/lib/kadmin/form.rb +179 -179
- data/lib/kadmin/pager.rb +93 -93
- data/lib/kadmin/version.rb +3 -3
- data/test/dummy/README.rdoc +28 -28
- data/test/dummy/Rakefile +6 -6
- data/test/dummy/app/assets/javascripts/application.js +13 -13
- data/test/dummy/app/assets/stylesheets/application.css +15 -15
- data/test/dummy/app/controllers/admin/application_controller.rb +11 -11
- data/test/dummy/app/controllers/admin/people_controller.rb +89 -89
- data/test/dummy/app/controllers/admin_controller.rb +4 -4
- data/test/dummy/app/controllers/application_controller.rb +5 -5
- data/test/dummy/app/controllers/authorized_controller.rb +8 -8
- data/test/dummy/app/helpers/application_helper.rb +2 -2
- data/test/dummy/app/models/group.rb +8 -8
- data/test/dummy/app/models/group_person.rb +6 -6
- data/test/dummy/app/models/person.rb +20 -20
- data/test/dummy/app/views/admin/index.html.erb +1 -1
- data/test/dummy/app/views/admin/people/_form.html.erb +34 -34
- data/test/dummy/app/views/admin/people/_table.html.erb +33 -33
- data/test/dummy/app/views/admin/people/edit.html.erb +4 -4
- data/test/dummy/app/views/admin/people/index.html.erb +3 -3
- data/test/dummy/app/views/admin/people/new.html.erb +5 -5
- data/test/dummy/app/views/admin/people/show.html.erb +3 -3
- data/test/dummy/app/views/authorized/index.html.erb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +14 -14
- data/test/dummy/bin/bundle +3 -3
- data/test/dummy/bin/rails +4 -4
- data/test/dummy/bin/rake +4 -4
- data/test/dummy/bin/setup +29 -29
- data/test/dummy/config.ru +4 -4
- data/test/dummy/config/application.rb +39 -39
- data/test/dummy/config/boot.rb +5 -5
- data/test/dummy/config/database.yml +22 -22
- data/test/dummy/config/environment.rb +5 -5
- data/test/dummy/config/environments/development.rb +41 -41
- data/test/dummy/config/environments/production.rb +79 -79
- data/test/dummy/config/environments/test.rb +42 -42
- data/test/dummy/config/initializers/assets.rb +10 -10
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -7
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -3
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -4
- data/test/dummy/config/initializers/inflections.rb +16 -16
- data/test/dummy/config/initializers/kadmin.rb +24 -24
- data/test/dummy/config/initializers/mime_types.rb +4 -4
- data/test/dummy/config/initializers/session_store.rb +3 -3
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -14
- data/test/dummy/config/locales/en.yml +17 -17
- data/test/dummy/config/routes.rb +13 -13
- data/test/dummy/config/secrets.yml +22 -22
- data/test/dummy/db/migrate/20161006114509_create_people.rb +11 -11
- data/test/dummy/db/migrate/20161006134459_create_groups.rb +11 -11
- data/test/dummy/db/migrate/20161006134746_create_group_people.rb +11 -11
- data/test/dummy/db/schema.rb +43 -43
- data/test/dummy/lib/forms/group_form.rb +16 -16
- data/test/dummy/lib/forms/person_form.rb +19 -19
- data/test/dummy/public/404.html +67 -67
- data/test/dummy/public/422.html +67 -67
- data/test/dummy/public/500.html +66 -66
- data/test/dummy/test/fixtures/children.yml +11 -11
- data/test/dummy/test/fixtures/group_people.yml +11 -11
- data/test/dummy/test/fixtures/groups.yml +11 -11
- data/test/dummy/test/fixtures/people.yml +11 -11
- data/test/dummy/test/models/group_person_test.rb +7 -7
- data/test/dummy/test/models/group_test.rb +7 -7
- data/test/kadmin/form_test.rb +6 -6
- data/test/test_helper.rb +32 -32
- metadata +54 -53
@@ -1,64 +1,64 @@
|
|
1
|
-
module Kadmin
|
2
|
-
class ApplicationController < ActionController::Base
|
3
|
-
layout 'modular/application'
|
4
|
-
|
5
|
-
helper Kadmin::ApplicationHelper
|
6
|
-
helper Kadmin::BootstrapHelper
|
7
|
-
helper Kadmin::AlertHelper
|
8
|
-
helper Kadmin::NavigationHelper
|
9
|
-
helper Kadmin::PaginationHelper
|
10
|
-
|
11
|
-
include Kadmin::Concerns::AuthorizedUser
|
12
|
-
|
13
|
-
before_action :authorize
|
14
|
-
before_action :set_navbar_links
|
15
|
-
before_action :set_default_format
|
16
|
-
|
17
|
-
# @!group Error Handling
|
18
|
-
|
19
|
-
unless defined?(BetterErrors)
|
20
|
-
rescue_from StandardError, with: :handle_unexpected_error
|
21
|
-
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
22
|
-
rescue_from ActionController::ParameterMissing, with: :params_missing
|
23
|
-
end
|
24
|
-
|
25
|
-
def params_missing(error)
|
26
|
-
handle_error(error, title: I18n.t('kadmin.errors.params_missing'), status: :bad_request)
|
27
|
-
end
|
28
|
-
|
29
|
-
def not_found(error)
|
30
|
-
handle_error(error, title: I18n.t('kadmin.errors.not_found'), status: :not_found)
|
31
|
-
end
|
32
|
-
|
33
|
-
def handle_unexpected_error(error)
|
34
|
-
Rails.logger.error(error)
|
35
|
-
handle_error(error, title: I18n.t('kadmin.errors.unexpected'), message: I18n.t('kadmin.errors.unexpected_message'))
|
36
|
-
end
|
37
|
-
|
38
|
-
def handle_error(error, options = {})
|
39
|
-
options = {
|
40
|
-
title: error.try(:title) || error.class.name,
|
41
|
-
message: error.message,
|
42
|
-
status: :internal_server_error
|
43
|
-
}.merge(options)
|
44
|
-
render 'kadmin/error', status: options[:status], locals: options
|
45
|
-
end
|
46
|
-
|
47
|
-
# @!endgroup
|
48
|
-
|
49
|
-
# @!group Helpers
|
50
|
-
|
51
|
-
# Overload in the sub-controllers to set up the links in the layout
|
52
|
-
def set_navbar_links
|
53
|
-
@layout_navbar_links = []
|
54
|
-
end
|
55
|
-
protected :set_navbar_links
|
56
|
-
|
57
|
-
def set_default_format
|
58
|
-
params[:format] = 'html' if params[:format].blank?
|
59
|
-
end
|
60
|
-
protected :set_default_format
|
61
|
-
|
62
|
-
# @!endgroup
|
63
|
-
end
|
64
|
-
end
|
1
|
+
module Kadmin
|
2
|
+
class ApplicationController < ActionController::Base
|
3
|
+
layout 'modular/application'
|
4
|
+
|
5
|
+
helper Kadmin::ApplicationHelper
|
6
|
+
helper Kadmin::BootstrapHelper
|
7
|
+
helper Kadmin::AlertHelper
|
8
|
+
helper Kadmin::NavigationHelper
|
9
|
+
helper Kadmin::PaginationHelper
|
10
|
+
|
11
|
+
include Kadmin::Concerns::AuthorizedUser
|
12
|
+
|
13
|
+
before_action :authorize
|
14
|
+
before_action :set_navbar_links
|
15
|
+
before_action :set_default_format
|
16
|
+
|
17
|
+
# @!group Error Handling
|
18
|
+
|
19
|
+
unless defined?(BetterErrors)
|
20
|
+
rescue_from StandardError, with: :handle_unexpected_error
|
21
|
+
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
22
|
+
rescue_from ActionController::ParameterMissing, with: :params_missing
|
23
|
+
end
|
24
|
+
|
25
|
+
def params_missing(error)
|
26
|
+
handle_error(error, title: I18n.t('kadmin.errors.params_missing'), status: :bad_request)
|
27
|
+
end
|
28
|
+
|
29
|
+
def not_found(error)
|
30
|
+
handle_error(error, title: I18n.t('kadmin.errors.not_found'), status: :not_found)
|
31
|
+
end
|
32
|
+
|
33
|
+
def handle_unexpected_error(error)
|
34
|
+
Rails.logger.error(error)
|
35
|
+
handle_error(error, title: I18n.t('kadmin.errors.unexpected'), message: I18n.t('kadmin.errors.unexpected_message'))
|
36
|
+
end
|
37
|
+
|
38
|
+
def handle_error(error, options = {})
|
39
|
+
options = {
|
40
|
+
title: error.try(:title) || error.class.name,
|
41
|
+
message: error.message,
|
42
|
+
status: :internal_server_error
|
43
|
+
}.merge(options)
|
44
|
+
render 'kadmin/error', status: options[:status], locals: options
|
45
|
+
end
|
46
|
+
|
47
|
+
# @!endgroup
|
48
|
+
|
49
|
+
# @!group Helpers
|
50
|
+
|
51
|
+
# Overload in the sub-controllers to set up the links in the layout
|
52
|
+
def set_navbar_links
|
53
|
+
@layout_navbar_links = []
|
54
|
+
end
|
55
|
+
protected :set_navbar_links
|
56
|
+
|
57
|
+
def set_default_format
|
58
|
+
params[:format] = 'html' if params[:format].blank?
|
59
|
+
end
|
60
|
+
protected :set_default_format
|
61
|
+
|
62
|
+
# @!endgroup
|
63
|
+
end
|
64
|
+
end
|
@@ -1,98 +1,98 @@
|
|
1
|
-
module Kadmin
|
2
|
-
class AuthController < Kadmin::ApplicationController
|
3
|
-
SESSION_KEY = 'kadmin.user'.freeze
|
4
|
-
|
5
|
-
# Don't try to authenticate user on the authentication controller...
|
6
|
-
skip_before_action :authorize
|
7
|
-
|
8
|
-
# @!group Endpoints
|
9
|
-
# GET /auth/login
|
10
|
-
def login
|
11
|
-
render 'kadmin/auth/login'
|
12
|
-
end
|
13
|
-
|
14
|
-
# GET /auth/logout
|
15
|
-
# DELETE /auth/logout
|
16
|
-
def logout
|
17
|
-
session.delete(SESSION_KEY)
|
18
|
-
redirect_to action: :login
|
19
|
-
end
|
20
|
-
|
21
|
-
# GET /auth/:provider/callback
|
22
|
-
# POST /auth/:provider/callback
|
23
|
-
def save
|
24
|
-
auth_hash = request.env['omniauth.auth']
|
25
|
-
|
26
|
-
if auth_hash.blank?
|
27
|
-
Kadmin.logger.error('No authorization hash provided')
|
28
|
-
flash.alert = I18n.t('kadmin.auth.error')
|
29
|
-
redirect_to action: :login
|
30
|
-
return
|
31
|
-
end
|
32
|
-
|
33
|
-
email = auth_hash.dig('info', 'email')
|
34
|
-
if Kadmin::Auth.users.exists?(email)
|
35
|
-
session[SESSION_KEY] = email
|
36
|
-
redirect_url = request.env['omniauth.origin']
|
37
|
-
redirect_url = Kadmin.config.mount_path unless valid_redirect_url?(redirect_url)
|
38
|
-
else
|
39
|
-
flash.alert = I18n.t('kadmin.auth.unauthorized_message')
|
40
|
-
redirect_url = url_for(action: :login)
|
41
|
-
end
|
42
|
-
|
43
|
-
redirect_to redirect_url
|
44
|
-
end
|
45
|
-
|
46
|
-
# GET /auth/failure
|
47
|
-
def failure
|
48
|
-
flash.alert = params[:message]
|
49
|
-
redirect_to action: :login
|
50
|
-
end
|
51
|
-
|
52
|
-
def unauthorized
|
53
|
-
render 'kadmin/error', format: ['html'], locals: {
|
54
|
-
title: I18n.t('kadmin.auth.unauthorized'),
|
55
|
-
message: I18n.t('kadmin.auth.unauthorized_message')
|
56
|
-
}
|
57
|
-
end
|
58
|
-
|
59
|
-
# @!endgroup
|
60
|
-
|
61
|
-
# @!group Helpers
|
62
|
-
|
63
|
-
def valid_redirect_url?(url)
|
64
|
-
valid = false
|
65
|
-
|
66
|
-
unless url.blank?
|
67
|
-
paths = [url_for(action: :login), url_for(action: :logout)]
|
68
|
-
valid = paths.none? { |invalid| url == invalid }
|
69
|
-
end
|
70
|
-
|
71
|
-
return valid
|
72
|
-
end
|
73
|
-
protected :valid_redirect_url?
|
74
|
-
|
75
|
-
def omniauth_provider_link
|
76
|
-
auth_prefix = "#{Kadmin.config.mount_path}/auth"
|
77
|
-
provider_link = "#{auth_prefix}/#{Kadmin::Auth.omniauth_provider}"
|
78
|
-
origin = params[:origin]
|
79
|
-
|
80
|
-
# if the referer is a auth route, then we risk ending in an endless loop
|
81
|
-
if origin.blank?
|
82
|
-
referer = request.referer
|
83
|
-
if referer.blank?
|
84
|
-
origin = Kadmin.config.mount_path
|
85
|
-
else
|
86
|
-
uri = URI(referer)
|
87
|
-
origin = referer unless uri&.path&.start_with?(auth_prefix)
|
88
|
-
end
|
89
|
-
end
|
90
|
-
|
91
|
-
provider_link = "#{provider_link}?origin=#{CGI.escape(origin)}" unless origin.blank?
|
92
|
-
return provider_link
|
93
|
-
end
|
94
|
-
helper_method :omniauth_provider_link
|
95
|
-
|
96
|
-
# @!endgroup
|
97
|
-
end
|
98
|
-
end
|
1
|
+
module Kadmin
|
2
|
+
class AuthController < Kadmin::ApplicationController
|
3
|
+
SESSION_KEY = 'kadmin.user'.freeze
|
4
|
+
|
5
|
+
# Don't try to authenticate user on the authentication controller...
|
6
|
+
skip_before_action :authorize
|
7
|
+
|
8
|
+
# @!group Endpoints
|
9
|
+
# GET /auth/login
|
10
|
+
def login
|
11
|
+
render 'kadmin/auth/login'
|
12
|
+
end
|
13
|
+
|
14
|
+
# GET /auth/logout
|
15
|
+
# DELETE /auth/logout
|
16
|
+
def logout
|
17
|
+
session.delete(SESSION_KEY)
|
18
|
+
redirect_to action: :login
|
19
|
+
end
|
20
|
+
|
21
|
+
# GET /auth/:provider/callback
|
22
|
+
# POST /auth/:provider/callback
|
23
|
+
def save
|
24
|
+
auth_hash = request.env['omniauth.auth']
|
25
|
+
|
26
|
+
if auth_hash.blank?
|
27
|
+
Kadmin.logger.error('No authorization hash provided')
|
28
|
+
flash.alert = I18n.t('kadmin.auth.error')
|
29
|
+
redirect_to action: :login
|
30
|
+
return
|
31
|
+
end
|
32
|
+
|
33
|
+
email = auth_hash.dig('info', 'email')
|
34
|
+
if Kadmin::Auth.users.exists?(email)
|
35
|
+
session[SESSION_KEY] = email
|
36
|
+
redirect_url = request.env['omniauth.origin']
|
37
|
+
redirect_url = Kadmin.config.mount_path unless valid_redirect_url?(redirect_url)
|
38
|
+
else
|
39
|
+
flash.alert = I18n.t('kadmin.auth.unauthorized_message')
|
40
|
+
redirect_url = url_for(action: :login)
|
41
|
+
end
|
42
|
+
|
43
|
+
redirect_to redirect_url
|
44
|
+
end
|
45
|
+
|
46
|
+
# GET /auth/failure
|
47
|
+
def failure
|
48
|
+
flash.alert = params[:message]
|
49
|
+
redirect_to action: :login
|
50
|
+
end
|
51
|
+
|
52
|
+
def unauthorized
|
53
|
+
render 'kadmin/error', format: ['html'], locals: {
|
54
|
+
title: I18n.t('kadmin.auth.unauthorized'),
|
55
|
+
message: I18n.t('kadmin.auth.unauthorized_message')
|
56
|
+
}
|
57
|
+
end
|
58
|
+
|
59
|
+
# @!endgroup
|
60
|
+
|
61
|
+
# @!group Helpers
|
62
|
+
|
63
|
+
def valid_redirect_url?(url)
|
64
|
+
valid = false
|
65
|
+
|
66
|
+
unless url.blank?
|
67
|
+
paths = [url_for(action: :login), url_for(action: :logout)]
|
68
|
+
valid = paths.none? { |invalid| url == invalid }
|
69
|
+
end
|
70
|
+
|
71
|
+
return valid
|
72
|
+
end
|
73
|
+
protected :valid_redirect_url?
|
74
|
+
|
75
|
+
def omniauth_provider_link
|
76
|
+
auth_prefix = "#{Kadmin.config.mount_path}/auth"
|
77
|
+
provider_link = "#{auth_prefix}/#{Kadmin::Auth.omniauth_provider}"
|
78
|
+
origin = params[:origin]
|
79
|
+
|
80
|
+
# if the referer is a auth route, then we risk ending in an endless loop
|
81
|
+
if origin.blank?
|
82
|
+
referer = request.referer
|
83
|
+
if referer.blank?
|
84
|
+
origin = Kadmin.config.mount_path
|
85
|
+
else
|
86
|
+
uri = URI(referer)
|
87
|
+
origin = referer unless uri&.path&.start_with?(auth_prefix)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
provider_link = "#{provider_link}?origin=#{CGI.escape(origin)}" unless origin.blank?
|
92
|
+
return provider_link
|
93
|
+
end
|
94
|
+
helper_method :omniauth_provider_link
|
95
|
+
|
96
|
+
# @!endgroup
|
97
|
+
end
|
98
|
+
end
|
@@ -1,67 +1,67 @@
|
|
1
|
-
module Kadmin
|
2
|
-
module Concerns
|
3
|
-
module AuthorizedUser
|
4
|
-
extend ActiveSupport::Concern
|
5
|
-
|
6
|
-
included do
|
7
|
-
if respond_to?(:helper_method)
|
8
|
-
helper_method :current_user
|
9
|
-
helper_method :authorized_user
|
10
|
-
helper_method :logged_in?
|
11
|
-
helper_method :authorized?
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
|
-
# @!group before_action
|
16
|
-
|
17
|
-
# Add as a before_action whenever you wish to authorize a user for a particular
|
18
|
-
# resource. The app provided user model will perform authorization of the resource.
|
19
|
-
# @see Kadmin::Auth::User
|
20
|
-
# @example
|
21
|
-
# before_action :authorize, except: [:index] # exclude index from authorization
|
22
|
-
def authorize
|
23
|
-
if Kadmin::Auth.config.enabled?
|
24
|
-
if logged_in?
|
25
|
-
unless authorized?
|
26
|
-
redirect_to Kadmin::Engine.routes.url_helpers.auth_unauthorized_path
|
27
|
-
end
|
28
|
-
else
|
29
|
-
redirect_to Kadmin::Engine.routes.url_helpers.auth_login_path(origin: request.path)
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
# @!endgroup
|
35
|
-
|
36
|
-
# @!group View Helpers
|
37
|
-
|
38
|
-
# @return [String] the current user identifier. Historically called current_user
|
39
|
-
def current_user
|
40
|
-
session[Kadmin::AuthController::SESSION_KEY]
|
41
|
-
end
|
42
|
-
|
43
|
-
# @see Kadmin::Concerns::AuthorizedUser#current_user
|
44
|
-
# @return [Kadmin::Auth::User] instance of the user identified by current_user
|
45
|
-
def authorized_user
|
46
|
-
return Kadmin::Auth.users.get(current_user)
|
47
|
-
end
|
48
|
-
|
49
|
-
# @!endgroup
|
50
|
-
|
51
|
-
# @!group Helpers
|
52
|
-
|
53
|
-
# @return [Boolean] true if the user is logged in, false otherwise
|
54
|
-
def logged_in?
|
55
|
-
return current_user.present?
|
56
|
-
end
|
57
|
-
|
58
|
-
# @see Kadmin::Auth::User
|
59
|
-
# @return [Boolean] true if the user is authorized in, false otherwise
|
60
|
-
def authorized?
|
61
|
-
return authorized_user&.authorized?(request)
|
62
|
-
end
|
63
|
-
|
64
|
-
# @!endgroup
|
65
|
-
end
|
66
|
-
end
|
67
|
-
end
|
1
|
+
module Kadmin
|
2
|
+
module Concerns
|
3
|
+
module AuthorizedUser
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
included do
|
7
|
+
if respond_to?(:helper_method)
|
8
|
+
helper_method :current_user
|
9
|
+
helper_method :authorized_user
|
10
|
+
helper_method :logged_in?
|
11
|
+
helper_method :authorized?
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
# @!group before_action
|
16
|
+
|
17
|
+
# Add as a before_action whenever you wish to authorize a user for a particular
|
18
|
+
# resource. The app provided user model will perform authorization of the resource.
|
19
|
+
# @see Kadmin::Auth::User
|
20
|
+
# @example
|
21
|
+
# before_action :authorize, except: [:index] # exclude index from authorization
|
22
|
+
def authorize
|
23
|
+
if Kadmin::Auth.config.enabled?
|
24
|
+
if logged_in?
|
25
|
+
unless authorized?
|
26
|
+
redirect_to Kadmin::Engine.routes.url_helpers.auth_unauthorized_path
|
27
|
+
end
|
28
|
+
else
|
29
|
+
redirect_to Kadmin::Engine.routes.url_helpers.auth_login_path(origin: request.path)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
# @!endgroup
|
35
|
+
|
36
|
+
# @!group View Helpers
|
37
|
+
|
38
|
+
# @return [String] the current user identifier. Historically called current_user
|
39
|
+
def current_user
|
40
|
+
session[Kadmin::AuthController::SESSION_KEY]
|
41
|
+
end
|
42
|
+
|
43
|
+
# @see Kadmin::Concerns::AuthorizedUser#current_user
|
44
|
+
# @return [Kadmin::Auth::User] instance of the user identified by current_user
|
45
|
+
def authorized_user
|
46
|
+
return Kadmin::Auth.users.get(current_user)
|
47
|
+
end
|
48
|
+
|
49
|
+
# @!endgroup
|
50
|
+
|
51
|
+
# @!group Helpers
|
52
|
+
|
53
|
+
# @return [Boolean] true if the user is logged in, false otherwise
|
54
|
+
def logged_in?
|
55
|
+
return current_user.present?
|
56
|
+
end
|
57
|
+
|
58
|
+
# @see Kadmin::Auth::User
|
59
|
+
# @return [Boolean] true if the user is authorized in, false otherwise
|
60
|
+
def authorized?
|
61
|
+
return authorized_user&.authorized?(request)
|
62
|
+
end
|
63
|
+
|
64
|
+
# @!endgroup
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|