lesli_shield 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Rakefile +5 -0
- data/app/assets/config/lesli_shield_manifest.js +47 -0
- data/app/assets/images/lesli_shield/shield-logo.svg +1 -0
- data/app/assets/javascripts/lesli_shield/application.js +4428 -0
- data/app/assets/javascripts/lesli_shield/confirmations.js +60 -0
- data/app/assets/javascripts/lesli_shield/passwords.js +712 -0
- data/app/assets/javascripts/lesli_shield/registrations.js +712 -0
- data/app/assets/javascripts/lesli_shield/sessions.js +712 -0
- data/app/assets/stylesheets/lesli_shield/application.css +4 -0
- data/app/assets/stylesheets/lesli_shield/confirmations.css +19219 -0
- data/app/assets/stylesheets/lesli_shield/passwords.css +19202 -0
- data/app/assets/stylesheets/lesli_shield/registrations.css +19588 -0
- data/app/assets/stylesheets/lesli_shield/sessions.css +19588 -0
- data/app/controllers/lesli_shield/application_controller.rb +4 -0
- data/app/controllers/lesli_shield/dashboard/components_controller.rb +60 -0
- data/app/controllers/lesli_shield/dashboards_controller.rb +4 -0
- data/app/controllers/users/confirmations_controller.rb +66 -0
- data/app/controllers/users/omniauth_callbacks_controller.rb +30 -0
- data/app/controllers/users/passwords_controller.rb +71 -0
- data/app/controllers/users/registrations_controller.rb +141 -0
- data/app/controllers/users/sessions_controller.rb +141 -0
- data/app/controllers/users/unlocks_controller.rb +30 -0
- data/app/helpers/lesli_shield/application_helper.rb +4 -0
- data/app/helpers/lesli_shield/dashboards_helper.rb +4 -0
- data/app/jobs/lesli_shield/application_job.rb +4 -0
- data/app/mailers/lesli_shield/application_mailer.rb +6 -0
- data/app/models/lesli_shield/application_record.rb +5 -0
- data/app/models/lesli_shield/dashboard/component.rb +18 -0
- data/app/models/lesli_shield/dashboard.rb +31 -0
- data/app/views/devise/confirmations/new.html.erb +2 -0
- data/app/views/devise/confirmations/show.html.erb +63 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise/passwords/edit.html.erb +79 -0
- data/app/views/devise/passwords/new.html.erb +75 -0
- data/app/views/devise/registrations/edit.html.erb +43 -0
- data/app/views/devise/registrations/new.html.erb +151 -0
- data/app/views/devise/sessions/new.html.erb +114 -0
- data/app/views/devise/shared/_demo.html.erb +7 -0
- data/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/app/views/devise/shared/_links.html.erb +96 -0
- data/app/views/devise/unlocks/new.html.erb +16 -0
- data/app/views/layouts/lesli_shield/application.html.erb +15 -0
- data/app/views/lesli_shield/dashboards/edit.html.erb +1 -0
- data/app/views/lesli_shield/dashboards/index.html.erb +1 -0
- data/app/views/lesli_shield/dashboards/new.html.erb +1 -0
- data/app/views/lesli_shield/dashboards/show.html.erb +1 -0
- data/config/initializers/devise.rb +336 -0
- data/config/locales/translations.en.yml +21 -0
- data/config/locales/translations.es.yml +21 -0
- data/config/locales/translations.fr.yml +21 -0
- data/config/locales/translations.it.yml +21 -0
- data/config/locales/translations.pt.yml +21 -0
- data/config/routes.rb +57 -0
- data/db/migrate/v1/0801000110_create_lesli_shield_accounts.rb +42 -0
- data/db/migrate/v1/0801050110_create_lesli_shield_dashboards.rb +51 -0
- data/db/migrate/v1/0801050210_create_lesli_shield_dashboard_components.rb +53 -0
- data/lib/lesli_shield/engine.rb +54 -0
- data/lib/lesli_shield/routing.rb +26 -0
- data/lib/lesli_shield/version.rb +4 -0
- data/lib/lesli_shield.rb +6 -0
- data/lib/scss/application.scss +0 -0
- data/lib/scss/confirmations.scss +58 -0
- data/lib/scss/devise/oauth.scss +34 -0
- data/lib/scss/passwords.scss +33 -0
- data/lib/scss/registrations.scss +35 -0
- data/lib/scss/sessions.scss +35 -0
- data/lib/tasks/lesli_shield_tasks.rake +4 -0
- data/lib/vue/application.js +76 -0
- data/lib/vue/apps/dashboards/components/engine-version.vue +71 -0
- data/lib/vue/confirmations.js +33 -0
- data/lib/vue/passwords.js +137 -0
- data/lib/vue/registrations.js +144 -0
- data/lib/vue/sessions.js +148 -0
- data/lib/vue/stores/translations.json +152 -0
- data/license +674 -0
- data/readme.md +71 -0
- metadata +168 -0
@@ -0,0 +1,60 @@
|
|
1
|
+
module LesliShield
|
2
|
+
class Dashboard::ComponentsController < ApplicationController
|
3
|
+
before_action :set_dashboard_component, only: %i[ show edit update destroy ]
|
4
|
+
|
5
|
+
# GET /dashboard/components
|
6
|
+
def index
|
7
|
+
@dashboard_components = Dashboard::Component.all
|
8
|
+
end
|
9
|
+
|
10
|
+
# GET /dashboard/components/1
|
11
|
+
def show
|
12
|
+
end
|
13
|
+
|
14
|
+
# GET /dashboard/components/new
|
15
|
+
def new
|
16
|
+
@dashboard_component = Dashboard::Component.new
|
17
|
+
end
|
18
|
+
|
19
|
+
# GET /dashboard/components/1/edit
|
20
|
+
def edit
|
21
|
+
end
|
22
|
+
|
23
|
+
# POST /dashboard/components
|
24
|
+
def create
|
25
|
+
@dashboard_component = Dashboard::Component.new(dashboard_component_params)
|
26
|
+
|
27
|
+
if @dashboard_component.save
|
28
|
+
redirect_to @dashboard_component, notice: "Component was successfully created."
|
29
|
+
else
|
30
|
+
render :new, status: :unprocessable_entity
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
# PATCH/PUT /dashboard/components/1
|
35
|
+
def update
|
36
|
+
if @dashboard_component.update(dashboard_component_params)
|
37
|
+
redirect_to @dashboard_component, notice: "Component was successfully updated.", status: :see_other
|
38
|
+
else
|
39
|
+
render :edit, status: :unprocessable_entity
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
# DELETE /dashboard/components/1
|
44
|
+
def destroy
|
45
|
+
@dashboard_component.destroy
|
46
|
+
redirect_to dashboard_components_url, notice: "Component was successfully destroyed.", status: :see_other
|
47
|
+
end
|
48
|
+
|
49
|
+
private
|
50
|
+
# Use callbacks to share common setup or constraints between actions.
|
51
|
+
def set_dashboard_component
|
52
|
+
@dashboard_component = Dashboard::Component.find(params[:id])
|
53
|
+
end
|
54
|
+
|
55
|
+
# Only allow a list of trusted parameters through.
|
56
|
+
def dashboard_component_params
|
57
|
+
params.fetch(:dashboard_component, {})
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,66 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
class Users::ConfirmationsController < Devise::ConfirmationsController
|
3
|
+
|
4
|
+
def show
|
5
|
+
|
6
|
+
# delete all previus messages
|
7
|
+
flash.clear
|
8
|
+
|
9
|
+
# get the confirmation token sent through get params
|
10
|
+
token = params[:confirmation_token]
|
11
|
+
|
12
|
+
# validate that token were sent
|
13
|
+
if token.blank?
|
14
|
+
return flash[:danger] = I18n.t("core.users/confirmations.messages_warning_invalid_token")
|
15
|
+
end
|
16
|
+
|
17
|
+
# check if token belongs to a unconfirmed user
|
18
|
+
user = Lesli::User.find_by(:confirmation_token => token, :confirmed_at => nil)
|
19
|
+
|
20
|
+
# validate that user were found
|
21
|
+
if user.blank?
|
22
|
+
return flash[:danger] = I18n.t("core.users/confirmations.messages_warning_invalid_token")
|
23
|
+
end
|
24
|
+
|
25
|
+
# register a log with a validation atempt for the user
|
26
|
+
log = user.logs.create({ description: "confirmation_atempt_successful" })
|
27
|
+
|
28
|
+
registration_operator = Lesli::UserRegistrationOperator.new(user)
|
29
|
+
|
30
|
+
# confirm the user
|
31
|
+
registration_operator.confirm
|
32
|
+
|
33
|
+
# let the user knows that the confirmation is done
|
34
|
+
flash[:success] = I18n.t("core.users/confirmations.messages_success_email_updated")
|
35
|
+
|
36
|
+
# if new account, launch account onboarding in another thread,
|
37
|
+
# so the user can continue with the registration process
|
38
|
+
registration_operator.create_account if user.account.blank?
|
39
|
+
#Thread.new { registration_operator.create_account } if user.account.blank?
|
40
|
+
|
41
|
+
end
|
42
|
+
|
43
|
+
|
44
|
+
# @controller_action_param :email [String] The registered user email
|
45
|
+
# @return [Json] Json that contains wheter the email confirmation was sent or not.
|
46
|
+
# If it is not successful, it returs an error message
|
47
|
+
# @description Resends a email confirmation an already registered user
|
48
|
+
# @example
|
49
|
+
# # Executing this controller's action from javascript's frontend
|
50
|
+
# let email = 'john.doe@email.com';
|
51
|
+
# let data = {
|
52
|
+
# user: {
|
53
|
+
# email: email
|
54
|
+
# }
|
55
|
+
# };
|
56
|
+
# this.http.post('127.0.0.1/conformation', data);
|
57
|
+
def create
|
58
|
+
super do |resource|
|
59
|
+
if successfully_sent?(resource)
|
60
|
+
return respond_with_successful
|
61
|
+
else
|
62
|
+
return respond_with_error(resource.errors.full_messages.to_sentence)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
4
|
+
# You should configure your model like this:
|
5
|
+
# devise :omniauthable, omniauth_providers: [:twitter]
|
6
|
+
|
7
|
+
# You should also create an action method in this controller like this:
|
8
|
+
# def twitter
|
9
|
+
# end
|
10
|
+
|
11
|
+
# More info at:
|
12
|
+
# https://github.com/heartcombo/devise#omniauth
|
13
|
+
|
14
|
+
# GET|POST /resource/auth/twitter
|
15
|
+
# def passthru
|
16
|
+
# super
|
17
|
+
# end
|
18
|
+
|
19
|
+
# GET|POST /users/auth/twitter/callback
|
20
|
+
# def failure
|
21
|
+
# super
|
22
|
+
# end
|
23
|
+
|
24
|
+
# protected
|
25
|
+
|
26
|
+
# The path used when OmniAuth fails
|
27
|
+
# def after_omniauth_failure_path_for(scope)
|
28
|
+
# super(scope)
|
29
|
+
# end
|
30
|
+
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Users::PasswordsController < Devise::PasswordsController
|
4
|
+
|
5
|
+
# Sends an email with a token, so the user can reset their password
|
6
|
+
def create
|
7
|
+
|
8
|
+
if params[:user].blank?
|
9
|
+
#Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
|
10
|
+
return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
|
11
|
+
end
|
12
|
+
|
13
|
+
if params[:user][:email].blank?
|
14
|
+
#Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
|
15
|
+
return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
|
16
|
+
end
|
17
|
+
|
18
|
+
user = Lesli::User.find_by(:email => params[:user][:email])
|
19
|
+
|
20
|
+
if user.blank?
|
21
|
+
# Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email", {
|
22
|
+
# email: (params[:user][:email] || "")
|
23
|
+
# })
|
24
|
+
return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
|
25
|
+
end
|
26
|
+
|
27
|
+
unless user.active
|
28
|
+
# user.logs.create({title: "password_creation_failed", description: "user_not_active"})
|
29
|
+
# Account::Activity.log("core", "/password/create", "password_creation_failed", "user_not_active")
|
30
|
+
return respond_with_error(I18n.t("core.users/passwords.messages_danger_inactive_user"))
|
31
|
+
end
|
32
|
+
|
33
|
+
token = user.generate_password_reset_token
|
34
|
+
|
35
|
+
#user.logs.create({ title: "password_creation_successful" })
|
36
|
+
|
37
|
+
begin
|
38
|
+
Lesli::DeviseMailer.reset_password_instructions(user, token).deliver_now
|
39
|
+
respond_with_successful
|
40
|
+
rescue => exception
|
41
|
+
#Honeybadger.notify(exception)
|
42
|
+
respond_with_error(exception.message)
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
def update
|
47
|
+
super do |resource|
|
48
|
+
|
49
|
+
# check if password update was ok
|
50
|
+
if resource.errors.empty?
|
51
|
+
|
52
|
+
# reset password expiration due the user just updated his password
|
53
|
+
if resource.has_expired_password?
|
54
|
+
resource.update(password_expiration_at: nil)
|
55
|
+
end
|
56
|
+
|
57
|
+
resource.logs.create(title: "password_reset_successful")
|
58
|
+
|
59
|
+
return respond_with_successful
|
60
|
+
|
61
|
+
else
|
62
|
+
|
63
|
+
resource.logs.create(title: "password_reset_error") if resource.id
|
64
|
+
|
65
|
+
return respond_with_error(resource.errors.full_messages.to_sentence)
|
66
|
+
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,141 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
=begin
|
4
|
+
|
5
|
+
Lesli
|
6
|
+
|
7
|
+
Copyright (c) 2023, Lesli Technologies, S. A.
|
8
|
+
|
9
|
+
This program is free software: you can redistribute it and/or modify
|
10
|
+
it under the terms of the GNU General Public License as published by
|
11
|
+
the Free Software Foundation, either version 3 of the License, or
|
12
|
+
(at your option) any later version.
|
13
|
+
|
14
|
+
This program is distributed in the hope that it will be useful,
|
15
|
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
16
|
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
17
|
+
GNU General Public License for more details.
|
18
|
+
|
19
|
+
You should have received a copy of the GNU General Public License
|
20
|
+
along with this program. If not, see http://www.gnu.org/licenses/.
|
21
|
+
|
22
|
+
Lesli · Ruby on Rails SaaS Development Framework.
|
23
|
+
|
24
|
+
Made with ♥ by https://www.lesli.tech
|
25
|
+
Building a better future, one line of code at a time.
|
26
|
+
|
27
|
+
@contact hello@lesli.tech
|
28
|
+
@website https://www.lesli.tech
|
29
|
+
@license GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
|
30
|
+
|
31
|
+
// · ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~
|
32
|
+
// ·
|
33
|
+
=end
|
34
|
+
|
35
|
+
class Users::RegistrationsController < Devise::RegistrationsController
|
36
|
+
before_action :configure_sign_up_params, only: [:create]
|
37
|
+
# before_action :configure_account_update_params, only: [:update]
|
38
|
+
|
39
|
+
# GET /resource/sign_up
|
40
|
+
# def new
|
41
|
+
# super
|
42
|
+
# end
|
43
|
+
|
44
|
+
def create
|
45
|
+
|
46
|
+
# # Check if instance allow multi-account
|
47
|
+
# if !Rails.application.config.lesli.dig(:security, :allow_registration)
|
48
|
+
# respond_with_error(I18n.t("core.users/registrations.messages_error_registration_not_allowed"))
|
49
|
+
# return
|
50
|
+
# end
|
51
|
+
|
52
|
+
# # Validate user is unique
|
53
|
+
# if ::User.with_deleted.find_by(email: sign_up_params["email"])
|
54
|
+
# return respond_with_error(I18n.t("core.users/registrations.messages_info_user_already_exists"))
|
55
|
+
# end
|
56
|
+
|
57
|
+
# build new user
|
58
|
+
user = build_resource(sign_up_params)
|
59
|
+
|
60
|
+
# run password complexity validations
|
61
|
+
#user_validator = UsersValidator.new(user).password_complexity(sign_up_params[:password])
|
62
|
+
|
63
|
+
# return if there are errors with the complexity validations
|
64
|
+
# unless user_validator.valid?
|
65
|
+
# return respond_with_error("password_complexity_error", password_complexity.failures)
|
66
|
+
# end
|
67
|
+
|
68
|
+
# persist new user
|
69
|
+
if user.save
|
70
|
+
respond_with_successful()
|
71
|
+
else
|
72
|
+
respond_with_error(user.errors.full_messages.to_sentence)
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
# GET /resource/edit
|
77
|
+
# def edit
|
78
|
+
# super
|
79
|
+
# end
|
80
|
+
|
81
|
+
# PUT /resource
|
82
|
+
# def update
|
83
|
+
# super
|
84
|
+
# end
|
85
|
+
|
86
|
+
# DELETE /resource
|
87
|
+
# def destroy
|
88
|
+
# super
|
89
|
+
# end
|
90
|
+
|
91
|
+
# GET /resource/cancel
|
92
|
+
# Forces the session data which is usually expired after sign
|
93
|
+
# in to be expired now. This is useful if the user wants to
|
94
|
+
# cancel oauth signing in/up in the middle of the process,
|
95
|
+
# removing all OAuth session data.
|
96
|
+
# def cancel
|
97
|
+
# super
|
98
|
+
# end
|
99
|
+
|
100
|
+
protected
|
101
|
+
|
102
|
+
# If you have extra params to permit, append them to the sanitizer.
|
103
|
+
# def configure_account_update_params
|
104
|
+
# devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
|
105
|
+
# end
|
106
|
+
|
107
|
+
# If you have extra params to permit, append them to the sanitizer.
|
108
|
+
def configure_sign_up_params
|
109
|
+
devise_parameter_sanitizer.permit(:sign_up, keys: [
|
110
|
+
:email,
|
111
|
+
:password,
|
112
|
+
:password_confirmation
|
113
|
+
])
|
114
|
+
end
|
115
|
+
|
116
|
+
# The path used after sign up.
|
117
|
+
# def after_sign_up_path_for(resource)
|
118
|
+
# super(resource)
|
119
|
+
# end
|
120
|
+
|
121
|
+
# The path used after sign up for inactive accounts.
|
122
|
+
# def after_inactive_sign_up_path_for(resource)
|
123
|
+
# super(resource)
|
124
|
+
# end
|
125
|
+
|
126
|
+
# def sign_up_params
|
127
|
+
# params.permit(:sign_up, keys: [
|
128
|
+
# :email,
|
129
|
+
# :password,
|
130
|
+
# :password_confirmation
|
131
|
+
# ])
|
132
|
+
# end
|
133
|
+
|
134
|
+
def sign_up_params
|
135
|
+
params.permit(:sign_up,
|
136
|
+
:email,
|
137
|
+
:password,
|
138
|
+
:password_confirmation
|
139
|
+
)
|
140
|
+
end
|
141
|
+
end
|
@@ -0,0 +1,141 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
=begin
|
4
|
+
|
5
|
+
Lesli
|
6
|
+
|
7
|
+
Copyright (c) 2023, Lesli Technologies, S. A.
|
8
|
+
|
9
|
+
This program is free software: you can redistribute it and/or modify
|
10
|
+
it under the terms of the GNU General Public License as published by
|
11
|
+
the Free Software Foundation, either version 3 of the License, or
|
12
|
+
(at your option) any later version.
|
13
|
+
|
14
|
+
This program is distributed in the hope that it will be useful,
|
15
|
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
16
|
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
17
|
+
GNU General Public License for more details.
|
18
|
+
|
19
|
+
You should have received a copy of the GNU General Public License
|
20
|
+
along with this program. If not, see http://www.gnu.org/licenses/.
|
21
|
+
|
22
|
+
Lesli · Ruby on Rails SaaS Development Framework.
|
23
|
+
|
24
|
+
Made with ♥ by https://www.lesli.tech
|
25
|
+
Building a better future, one line of code at a time.
|
26
|
+
|
27
|
+
@contact hello@lesli.tech
|
28
|
+
@website https://www.lesli.tech
|
29
|
+
@license GPLv3 http://www.gnu.org/licenses/gpl-3.0.en.html
|
30
|
+
|
31
|
+
// · ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~ ~·~
|
32
|
+
// ·
|
33
|
+
=end
|
34
|
+
|
35
|
+
class Users::SessionsController < Devise::SessionsController
|
36
|
+
|
37
|
+
# Creates a new session for the user and allows them access to the platform
|
38
|
+
def create
|
39
|
+
|
40
|
+
# search for a existing user
|
41
|
+
user = Lesli::User.find_for_database_authentication(email: sign_in_params[:email])
|
42
|
+
|
43
|
+
# respond with a no valid credentials generic error if not valid user found
|
44
|
+
unless user
|
45
|
+
# Lesli::Account::Activity.log("core", "/session/create", "session_creation_failed", "no_valid_email", {
|
46
|
+
# email: (sign_in_params[:email] || "")
|
47
|
+
# })
|
48
|
+
return respond_with_error(I18n.t("core.users/sessions.invalid_credentials"))
|
49
|
+
end
|
50
|
+
|
51
|
+
# save a invalid credentials log for the requested user
|
52
|
+
log = user.logs.new({ title: "session_creation_atempt" })
|
53
|
+
|
54
|
+
# check password validation
|
55
|
+
unless user.valid_password?(sign_in_params[:password])
|
56
|
+
|
57
|
+
# save a invalid credentials log for the requested user
|
58
|
+
log.update({
|
59
|
+
title: "session_creation_failed",
|
60
|
+
description: "invalid_credentials"
|
61
|
+
})
|
62
|
+
|
63
|
+
# respond with a no valid credentials generic error if not valid user found
|
64
|
+
return respond_with_error(I18n.t("core.users/sessions.invalid_credentials"))
|
65
|
+
|
66
|
+
end
|
67
|
+
|
68
|
+
# check if user meet requirements to create a new session
|
69
|
+
Lesli::UsersValidator.new(user).valid? do |valid, failures|
|
70
|
+
|
71
|
+
# if user do not meet requirements to login
|
72
|
+
unless valid
|
73
|
+
|
74
|
+
log.update({
|
75
|
+
title: "session_creation_failed",
|
76
|
+
description: failures.join(", ")
|
77
|
+
})
|
78
|
+
|
79
|
+
# return and respond with the reasons user is not able to login
|
80
|
+
return respond_with_error(failures.join(", "))
|
81
|
+
|
82
|
+
end
|
83
|
+
|
84
|
+
end
|
85
|
+
|
86
|
+
|
87
|
+
# remember the user (not enabled by default)
|
88
|
+
# remember_me(user) if sign_in_params[:remember_me] == '1'
|
89
|
+
|
90
|
+
|
91
|
+
# create a new session for the user
|
92
|
+
current_session = Lesli::UserSessionService.new(user)
|
93
|
+
.create(get_user_agent(false), request.remote_ip)
|
94
|
+
|
95
|
+
# make session id globally available
|
96
|
+
session[:user_session_id] = current_session[:id]
|
97
|
+
|
98
|
+
# create a new multi factor authentication service instance for the current user
|
99
|
+
#mfa_service = User::MfaService.new(user, log)
|
100
|
+
|
101
|
+
# generate a new mfa for the current session (if enabled)
|
102
|
+
#mfa_service.generate do |success|
|
103
|
+
# mfa was successfully generated, return the user to the mfa page
|
104
|
+
# return respond_with_successful({ default_path: "mfa" }) if success
|
105
|
+
#end
|
106
|
+
|
107
|
+
# do a user login
|
108
|
+
sign_in(:user, user)
|
109
|
+
|
110
|
+
# respond successful and send the path user should go
|
111
|
+
#respond_with_successful({ default_path: user.has_role_with_default_path?() })
|
112
|
+
respond_with_successful({ default_path: Lesli.config.path_after_login || "/" })
|
113
|
+
|
114
|
+
end
|
115
|
+
|
116
|
+
private
|
117
|
+
|
118
|
+
# @return [Parameters] Allowed parameters for the discussion
|
119
|
+
# @description Sanitizes the parameters received from an HTTP call to only allow the specified ones.
|
120
|
+
# Allowed params are _:email_, _:password_.
|
121
|
+
# @example
|
122
|
+
# supose params contains {
|
123
|
+
# "user": {
|
124
|
+
# "id": 5,
|
125
|
+
# "email": "john.smith@email.com",
|
126
|
+
# "password": "my_password_123"
|
127
|
+
# }
|
128
|
+
# }
|
129
|
+
# allowed_params = sign_in_params
|
130
|
+
# puts allowed_params
|
131
|
+
# will remove the _id_ field and only print {
|
132
|
+
# "user": {
|
133
|
+
# "email": "john.smith@email.com",
|
134
|
+
# "password": "my_password_123"
|
135
|
+
# }
|
136
|
+
# }
|
137
|
+
def sign_in_params
|
138
|
+
params.fetch(:user, {}).permit(:email, :password)
|
139
|
+
end
|
140
|
+
|
141
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Users::UnlocksController < Devise::UnlocksController
|
4
|
+
# GET /resource/unlock/new
|
5
|
+
# def new
|
6
|
+
# super
|
7
|
+
# end
|
8
|
+
|
9
|
+
# POST /resource/unlock
|
10
|
+
# def create
|
11
|
+
# super
|
12
|
+
# end
|
13
|
+
|
14
|
+
# GET /resource/unlock?unlock_token=abcdef
|
15
|
+
# def show
|
16
|
+
# super
|
17
|
+
# end
|
18
|
+
|
19
|
+
# protected
|
20
|
+
|
21
|
+
# The path used after sending unlock password instructions
|
22
|
+
# def after_sending_unlock_instructions_path_for(resource)
|
23
|
+
# super(resource)
|
24
|
+
# end
|
25
|
+
|
26
|
+
# The path used after unlocking the resource
|
27
|
+
# def after_unlock_path_for(resource)
|
28
|
+
# super(resource)
|
29
|
+
# end
|
30
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module LesliShield
|
2
|
+
class Dashboard::Component < ApplicationRecord
|
3
|
+
|
4
|
+
belongs_to :dashboard, inverse_of: :components
|
5
|
+
|
6
|
+
def self.component_ids
|
7
|
+
["audit-users", "audit-roles"]
|
8
|
+
end
|
9
|
+
# components_ids: {
|
10
|
+
# list_new_tickets: "list_new_tickets",
|
11
|
+
# list_my_tickets: "list_my_tickets",
|
12
|
+
# list_unassigned_tickets: "list_unassigned_tickets",
|
13
|
+
# chart_tickets_by_type: "chart_tickets_by_type",
|
14
|
+
# chart_tickets_by_category: "chart_tickets_by_category",
|
15
|
+
# hours_worked: "hours_worked"
|
16
|
+
# }
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module LesliShield
|
2
|
+
class Dashboard < Lesli::Shared::Dashboard
|
3
|
+
self.table_name = "lesli_shield_dashboards"
|
4
|
+
belongs_to :account
|
5
|
+
|
6
|
+
has_many :components, inverse_of: :dashboard, autosave: true, dependent: :destroy
|
7
|
+
accepts_nested_attributes_for :components, allow_destroy: true
|
8
|
+
|
9
|
+
def self.initialize_account(account)
|
10
|
+
self.create!(
|
11
|
+
account: account,
|
12
|
+
name: "Audit Default Dashboard",
|
13
|
+
default: true,
|
14
|
+
main: false,
|
15
|
+
components_attributes: [{
|
16
|
+
name: "Total users",
|
17
|
+
component_id: "audit-users",
|
18
|
+
layout: 3,
|
19
|
+
query_configuration: {},
|
20
|
+
custom_configuration: {}
|
21
|
+
}, {
|
22
|
+
name: "Roles",
|
23
|
+
component_id: "audit-roles",
|
24
|
+
layout: 3,
|
25
|
+
query_configuration: {},
|
26
|
+
custom_configuration: {}
|
27
|
+
}]
|
28
|
+
)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|