mks_auth 1.0.0 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/app/controllers/mks/auth/application_controller.rb +39 -13
- data/app/controllers/mks/auth/application_modules_controller.rb +0 -2
- data/app/controllers/mks/auth/menus_controller.rb +29 -0
- data/app/controllers/mks/auth/user_roles_controller.rb +41 -31
- data/app/controllers/mks/auth/users_controller.rb +45 -20
- data/app/models/mks/auth/application_module.rb +3 -3
- data/app/models/mks/auth/menu.rb +5 -5
- data/app/models/mks/auth/user.rb +26 -8
- data/app/models/mks/auth/user_role.rb +6 -5
- data/config/routes.rb +17 -18
- data/db/migrate/20161029065810_create_mks_auth_application_modules.rb +1 -1
- data/db/migrate/20161029065959_create_mks_auth_users.rb +1 -4
- data/db/migrate/20161029070807_create_mks_auth_user_roles.rb +3 -2
- data/db/migrate/20161029071047_create_mks_users_user_roles.rb +4 -4
- data/db/migrate/20161029072256_create_mks_auth_menus.rb +3 -3
- data/db/migrate/20161029074023_create_mks_menus_user_roles.rb +3 -3
- data/db/migrate/20180201104912_create_mks_users_application_modules.rb +12 -0
- data/lib/mks/auth/engine.rb +5 -12
- data/lib/mks/auth/token_auth.rb +19 -0
- data/lib/mks/auth/version.rb +1 -1
- data/lib/mks_auth.rb +1 -0
- data/spec/controllers/mks/auth/menus_controller_spec.rb +53 -0
- data/spec/controllers/mks/auth/user_roles_controller_spec.rb +130 -0
- data/spec/controllers/mks/auth/users_controller_spec.rb +67 -1
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/database.yml +5 -3
- data/spec/dummy/config/initializers/new_framework_defaults.rb +1 -1
- data/spec/dummy/db/schema.rb +38 -30
- data/spec/dummy/log/development.log +13666 -3
- data/spec/dummy/log/test.log +34964 -0
- data/spec/factories/application_modules.rb +1 -1
- data/spec/factories/menus.rb +1 -1
- data/spec/factories/user_roles.rb +2 -1
- data/spec/factories/users.rb +1 -2
- data/spec/models/mks/auth/application_module_spec.rb +2 -1
- data/spec/models/mks/auth/user_spec.rb +10 -0
- data/spec/rails_helper.rb +1 -0
- data/spec/spec_helper.rb +1 -1
- data/spec/support/factory_girl.rb +2 -2
- metadata +82 -62
- data/app/controllers/mks/auth/access_controller.rb +0 -51
- data/app/helpers/mks/auth/access_helper.rb +0 -47
- data/app/helpers/mks/auth/application_helper.rb +0 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 5590e2d6e2c98a65a832f1e5f3c3beb256cd1e1f846bca64ef132c432ae80f3d
|
|
4
|
+
data.tar.gz: c1a790ddd59aae3fb9624a44b16ee25e2b4029500ca860a92c731de8241f318c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: edad0f50206b24ec1db4e35453a6ba2b97d7aadef53f395741b5821126480f990f29c43fa9073e37d3f28a101db8ba7fdba9ad324a0c9a991e9642d98ce0fe10
|
|
7
|
+
data.tar.gz: 8a5e2300f6b06eddfa4e84a574a41ff3d817611cac724ede34dbb693e9f7995da85a36c653a3dcc15f41edc2b4dcc762a54c41b02b8e1ae7f856881430b543ee
|
|
@@ -1,24 +1,50 @@
|
|
|
1
|
+
require 'mks/auth/token_auth'
|
|
2
|
+
|
|
1
3
|
module Mks
|
|
2
4
|
module Auth
|
|
3
|
-
class ApplicationController < ActionController::
|
|
4
|
-
|
|
5
|
-
|
|
5
|
+
class ApplicationController < ActionController::API
|
|
6
|
+
before_action :authenticate
|
|
7
|
+
|
|
8
|
+
def logged_in?
|
|
9
|
+
!current_user.nil?
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def current_user
|
|
13
|
+
return unless auth_present?
|
|
14
|
+
user = User.find(auth['id'])
|
|
15
|
+
@current_user ||= user if user
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def current_user_id
|
|
19
|
+
auth['id']
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def app_code
|
|
23
|
+
Rails.application.config.app_code
|
|
24
|
+
end
|
|
6
25
|
|
|
7
26
|
private
|
|
8
27
|
|
|
9
|
-
def
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
end
|
|
28
|
+
def authenticate
|
|
29
|
+
render json: { error: 'Unauthorized' }, status: 401 unless logged_in?
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def token
|
|
33
|
+
request.env['HTTP_AUTHORIZATION'].scan(/Bearer (.*)$/).flatten.last
|
|
16
34
|
end
|
|
17
35
|
|
|
18
|
-
|
|
36
|
+
def auth
|
|
37
|
+
TokenAuth.decode(token)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def auth_present?
|
|
41
|
+
bearer = request.env.fetch('HTTP_AUTHORIZATION', '').scan(/Bearer/).flatten.first
|
|
42
|
+
!bearer.nil?
|
|
43
|
+
end
|
|
19
44
|
|
|
20
|
-
def
|
|
21
|
-
|
|
45
|
+
def app_module
|
|
46
|
+
code = Rails.configuration.app_code
|
|
47
|
+
ApplicationModule.find_by(code: code)
|
|
22
48
|
end
|
|
23
49
|
end
|
|
24
50
|
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
module Mks
|
|
2
|
+
module Auth
|
|
3
|
+
class MenusController < ApplicationController
|
|
4
|
+
before_action :set_user, only: [:menus]
|
|
5
|
+
|
|
6
|
+
def menus
|
|
7
|
+
roles = @user.roles.joins(:application_module)
|
|
8
|
+
.where('mks_auth_application_modules.code = ?', params[:app_module])
|
|
9
|
+
menus = []
|
|
10
|
+
menu_list = roles.inject([]) { |items, r| items += r.menus }.uniq
|
|
11
|
+
parents = menu_list.select { |menu| menu.parent.nil? }
|
|
12
|
+
parents.each do |parent|
|
|
13
|
+
children = (menu_list.select { |menu| menu.parent == parent }).uniq
|
|
14
|
+
.map { |menu|
|
|
15
|
+
{ 'text': menu.text, 'location': menu.location, 'iconCls': menu.icon_cls }
|
|
16
|
+
}
|
|
17
|
+
menus << { 'text': parent.text, 'className': parent.class_name, 'iconCls': parent.icon_cls, children: children }
|
|
18
|
+
end
|
|
19
|
+
render json: { success: true, data: menus }
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def set_user
|
|
25
|
+
@user = User.find(params[:id])
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -1,52 +1,62 @@
|
|
|
1
|
-
require_dependency 'mks/auth/application_controller'
|
|
2
|
-
|
|
3
1
|
module Mks
|
|
4
2
|
module Auth
|
|
5
3
|
class UserRolesController < ApplicationController
|
|
6
|
-
|
|
4
|
+
before_action :set_role, only: %i[users]
|
|
5
|
+
before_action :set_user, only: %i[assigned_roles assign_roles]
|
|
7
6
|
|
|
8
7
|
# GET /user_roles
|
|
9
8
|
def index
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
user_roles = UserRole.joins(:application_module)
|
|
10
|
+
.where("mks_auth_application_modules.code = '#{app_code}'")
|
|
11
|
+
.order(:name)
|
|
12
|
+
response = { success: true, data: user_roles }
|
|
12
13
|
render json: response
|
|
13
14
|
end
|
|
14
15
|
|
|
15
|
-
def
|
|
16
|
-
|
|
17
|
-
user_roles = UserRole.all.order(:name)
|
|
18
|
-
data = []
|
|
19
|
-
user_roles.each do |user_role|
|
|
20
|
-
item = {id: user_role.id, name: user_role.name}
|
|
21
|
-
if user.roles.include? user_role
|
|
22
|
-
item[:selected] = true
|
|
23
|
-
else
|
|
24
|
-
item[:selected] = false
|
|
25
|
-
end
|
|
26
|
-
data << item
|
|
27
|
-
end
|
|
28
|
-
response = { success: true, data: data }
|
|
16
|
+
def users
|
|
17
|
+
response = { success: true, data: @role.users }
|
|
29
18
|
render json: response
|
|
30
19
|
end
|
|
31
20
|
|
|
32
|
-
def
|
|
33
|
-
|
|
34
|
-
|
|
21
|
+
def assigned_roles
|
|
22
|
+
selected = @user.roles.map { |ur| { id: ur.id, name: ur.name, selected: true }}
|
|
23
|
+
ids = @user.roles.map(&:id)
|
|
24
|
+
user_roles = UserRole.joins(:application_module)
|
|
25
|
+
.where("mks_auth_application_modules.code = '#{app_code}'")
|
|
26
|
+
.where.not('mks_auth_user_roles.id IN (?)', ids)
|
|
27
|
+
|
|
28
|
+
not_selected = user_roles.map { |ur| { id: ur.id, name: ur.name, selected: false }}
|
|
29
|
+
data = (selected + not_selected).sort_by{ |r| r[:name] }
|
|
35
30
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
user.roles << user_role
|
|
40
|
-
else
|
|
41
|
-
user.roles.destroy user_role
|
|
42
|
-
end
|
|
43
|
-
end
|
|
31
|
+
response = { success: true, data: data }
|
|
32
|
+
render json: response
|
|
33
|
+
end
|
|
44
34
|
|
|
45
|
-
|
|
35
|
+
# A method which assigns selected roles to a user.
|
|
36
|
+
# This method expects that only selected roles
|
|
37
|
+
# (i.e. roles with `selected` attribute set to true).
|
|
38
|
+
# It removes all other roles and assigns those selected
|
|
39
|
+
# roles to the user.
|
|
40
|
+
def assign_roles
|
|
41
|
+
selected_roles = params[:roles]&.map { |r| r[:id] }
|
|
42
|
+
user_roles = UserRole.where(id: selected_roles)
|
|
43
|
+
@user.roles.destroy_all
|
|
44
|
+
@user.roles = user_roles
|
|
46
45
|
|
|
47
46
|
response = { success: true, message: 'Role assignment successful!' }
|
|
48
47
|
render json: response
|
|
49
48
|
end
|
|
49
|
+
|
|
50
|
+
|
|
51
|
+
private
|
|
52
|
+
|
|
53
|
+
def set_role
|
|
54
|
+
@role = UserRole.find(params[:id])
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def set_user
|
|
58
|
+
@user = User.find(params[:id])
|
|
59
|
+
end
|
|
50
60
|
end
|
|
51
61
|
end
|
|
52
62
|
end
|
|
@@ -1,58 +1,75 @@
|
|
|
1
|
-
require_dependency 'mks/auth/application_controller'
|
|
2
|
-
|
|
3
1
|
module Mks
|
|
4
2
|
module Auth
|
|
5
3
|
class UsersController < ApplicationController
|
|
6
|
-
|
|
4
|
+
skip_before_action :authenticate, raise: false, only: %i[login]
|
|
5
|
+
before_action :set_user, only: %i[update user_roles save_selected_roles]
|
|
7
6
|
|
|
8
7
|
def index
|
|
9
|
-
@users =
|
|
8
|
+
@users = ApplicationModule.find_by(code: params[:app_module]).users
|
|
10
9
|
response = { success: true, data: @users }
|
|
11
10
|
render json: response
|
|
12
11
|
end
|
|
13
12
|
|
|
14
13
|
def roles
|
|
15
|
-
user = User.find(
|
|
16
|
-
data = user.roles
|
|
17
|
-
response = {success: true, data: data}
|
|
14
|
+
user = User.find(params[:id])
|
|
15
|
+
data = user.roles
|
|
16
|
+
response = { success: true, data: data }
|
|
18
17
|
render json: response
|
|
19
18
|
end
|
|
20
19
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
20
|
+
# A method to fetch all roles, with roles of
|
|
21
|
+
# a user marked as selected
|
|
22
|
+
def user_roles
|
|
23
|
+
all_roles = UserRole.joins(:application_module).where(mks_auth_application_modules: { code: app_code })
|
|
24
|
+
roles = all_roles.map { |r| { id: r.id, name: r.name, selected: @user.roles.include?(r) } }
|
|
25
|
+
render json: roles
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def save_selected_roles
|
|
29
|
+
@user.roles.delete_all
|
|
30
|
+
selected = save_selected_roles_params['roles'].select { |r| r['selected'] }.map{ |r| r['id'] }
|
|
31
|
+
roles = UserRole.where(id: selected)
|
|
32
|
+
@user.roles << roles
|
|
33
|
+
render json: { success: true }
|
|
29
34
|
end
|
|
30
35
|
|
|
31
36
|
def create
|
|
32
37
|
@user = User.new(user_params)
|
|
38
|
+
app_module = ApplicationModule.find_by(code: params[:app_module])
|
|
33
39
|
@user.application_module_id = app_module.id
|
|
34
40
|
if @user.save
|
|
35
41
|
response = { success: true, message: 'User saved successfully' }
|
|
36
|
-
render json: response
|
|
37
42
|
else
|
|
38
43
|
errors = Mks::Common::Util.error_messages @user, 'User'
|
|
39
44
|
response = { success: false, errors: errors }
|
|
40
|
-
render json: response
|
|
41
45
|
end
|
|
46
|
+
render json: response
|
|
42
47
|
end
|
|
43
48
|
|
|
44
49
|
def update
|
|
45
50
|
if @user.update(user_params)
|
|
46
51
|
response = { success: true, message: 'User updated successfully' }
|
|
47
|
-
render json: response
|
|
48
52
|
else
|
|
49
53
|
errors = Mks::Common::Util.error_messages @user, 'User'
|
|
50
54
|
response = { success: false, errors: errors }
|
|
51
|
-
|
|
55
|
+
end
|
|
56
|
+
render json: response
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def login
|
|
60
|
+
user = User.find_by(email: auth_params[:email])
|
|
61
|
+
if user.authenticate(auth_params[:password]) &&
|
|
62
|
+
user.has_module(auth_params[:app_module])
|
|
63
|
+
|
|
64
|
+
jwt = TokenAuth.issue(user.to_token_payload)
|
|
65
|
+
render json: { jwt: jwt }
|
|
66
|
+
else
|
|
67
|
+
render json: {}, status: 400
|
|
52
68
|
end
|
|
53
69
|
end
|
|
54
70
|
|
|
55
71
|
private
|
|
72
|
+
|
|
56
73
|
# Use callbacks to share common setup or constraints between actions.
|
|
57
74
|
def set_user
|
|
58
75
|
@user = User.find(params[:id])
|
|
@@ -60,7 +77,15 @@ module Mks
|
|
|
60
77
|
|
|
61
78
|
# Never trust parameters from the scary internet, only allow the white list through.
|
|
62
79
|
def user_params
|
|
63
|
-
params.require(:user).permit(:first_name, :last_name, :email, :password)
|
|
80
|
+
params.require(:user).permit(:first_name, :last_name, :email, :password, :app_module)
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def auth_params
|
|
84
|
+
params.require(:auth).permit(:email, :password, :app_module)
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def save_selected_roles_params
|
|
88
|
+
params.permit(roles: %i[id selected])
|
|
64
89
|
end
|
|
65
90
|
end
|
|
66
91
|
end
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
module Mks
|
|
2
2
|
module Auth
|
|
3
|
+
# A model class to represent applications / modules
|
|
3
4
|
class ApplicationModule < ApplicationRecord
|
|
4
|
-
#self.table_name = 'mks_application_modules'
|
|
5
|
-
|
|
6
5
|
validates :code, presence: true
|
|
7
6
|
validates :code, presence: true, uniqueness: true
|
|
8
7
|
|
|
9
|
-
|
|
8
|
+
has_and_belongs_to_many :users, class_name: 'Mks::Auth::User',
|
|
9
|
+
join_table: 'mks_auth_users_application_modules'
|
|
10
10
|
has_many :menus, class_name: 'Mks::Auth::Menu'
|
|
11
11
|
end
|
|
12
12
|
end
|
data/app/models/mks/auth/menu.rb
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
module Mks
|
|
2
2
|
module Auth
|
|
3
|
+
# A model class to represent menu items of a module
|
|
3
4
|
class Menu < ApplicationRecord
|
|
4
|
-
# self.table_name = 'mks_menus'
|
|
5
|
-
|
|
6
5
|
belongs_to :application_module, class_name: 'Mks::Auth::ApplicationModule'
|
|
7
6
|
belongs_to :parent, class_name: 'Mks::Auth::Menu', optional: true
|
|
8
|
-
has_many :children, class_name: 'Mks::Auth::Menu', :
|
|
9
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
|
7
|
+
has_many :children, class_name: 'Mks::Auth::Menu', foreign_key: 'parent_id'
|
|
8
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
|
9
|
+
join_table: 'mks_auth_menus_user_roles'
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
|
-
end
|
|
12
|
+
end
|
data/app/models/mks/auth/user.rb
CHANGED
|
@@ -1,24 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Mks
|
|
2
4
|
module Auth
|
|
5
|
+
# A model class to represent users of the system
|
|
3
6
|
class User < ApplicationRecord
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
|
7
|
+
has_and_belongs_to_many :application_modules,
|
|
8
|
+
class_name: 'Mks::Auth::ApplicationModule',
|
|
9
|
+
join_table: 'mks_auth_users_application_modules'
|
|
10
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
|
11
|
+
join_table: 'mks_auth_users_user_roles'
|
|
8
12
|
has_secure_password
|
|
9
13
|
|
|
10
14
|
before_save { email.downcase! }
|
|
11
15
|
|
|
12
16
|
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
|
|
13
|
-
validates :first_name, presence: true, length: {maximum: 30}
|
|
14
|
-
validates :last_name, presence: true, length: {maximum: 30}
|
|
15
|
-
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {case_sensitive: false}
|
|
17
|
+
validates :first_name, presence: true, length: { maximum: 30 }
|
|
18
|
+
validates :last_name, presence: true, length: { maximum: 30 }
|
|
19
|
+
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false }
|
|
16
20
|
validates :password, length: { minimum: 6 }
|
|
17
21
|
validates :active, presence: true
|
|
18
22
|
|
|
19
23
|
def full_name
|
|
20
24
|
"#{first_name} #{last_name}"
|
|
21
25
|
end
|
|
26
|
+
|
|
27
|
+
def role_names
|
|
28
|
+
roles.map(&:name)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def to_token_payload
|
|
32
|
+
{ id: id, email: email, name: full_name, roles: role_names }
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def has_module(code)
|
|
36
|
+
app_module = ApplicationModule.find_by(code: code)
|
|
37
|
+
roles = self.roles.select { |ur| ur.application_module == app_module }
|
|
38
|
+
roles.count.positive?
|
|
39
|
+
end
|
|
22
40
|
end
|
|
23
41
|
end
|
|
24
|
-
end
|
|
42
|
+
end
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
module Mks
|
|
2
2
|
module Auth
|
|
3
|
+
# A model to represent various roles of users in the system
|
|
3
4
|
class UserRole < ApplicationRecord
|
|
4
|
-
# self.table_name = 'mks_user_roles'
|
|
5
|
-
|
|
6
5
|
validates :name, presence: true, uniqueness: true
|
|
7
|
-
|
|
8
|
-
|
|
6
|
+
|
|
7
|
+
belongs_to :application_module
|
|
8
|
+
has_and_belongs_to_many :users, join_table: 'mks_auth_users_user_roles'
|
|
9
|
+
has_and_belongs_to_many :menus, join_table: 'mks_auth_menus_user_roles'
|
|
9
10
|
end
|
|
10
11
|
end
|
|
11
|
-
end
|
|
12
|
+
end
|
data/config/routes.rb
CHANGED
|
@@ -1,32 +1,31 @@
|
|
|
1
|
-
|
|
2
|
-
get '/csrf_token', to: 'access#csrf_token'
|
|
3
|
-
|
|
4
|
-
get '/attempt_login', to: 'access#attempt_login'
|
|
5
|
-
|
|
6
|
-
get '/logout', to: 'access#logout'
|
|
1
|
+
# frozen_string_literal: true
|
|
7
2
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
get '/check_login', to: 'access#check_login'
|
|
3
|
+
Mks::Auth::Engine.routes.draw do
|
|
11
4
|
|
|
12
|
-
post '/login',
|
|
5
|
+
post '/login', controller: :users, action: :login
|
|
13
6
|
|
|
14
7
|
resources :application_modules
|
|
15
8
|
|
|
16
|
-
|
|
9
|
+
resources :users, except: %i[new edit show destroy]
|
|
10
|
+
|
|
11
|
+
resources :users do
|
|
12
|
+
member do
|
|
13
|
+
get 'roles', controller: :users, action: :roles
|
|
14
|
+
get 'menus', controller: :menus, action: :menus
|
|
15
|
+
get 'user_roles', controller: :users, action: :user_roles
|
|
16
|
+
post 'user_roles', controller: :users, action: :save_selected_roles
|
|
17
|
+
end
|
|
18
|
+
end
|
|
17
19
|
|
|
18
|
-
resources :users, except: [:new, :edit, :show, :destroy]
|
|
19
20
|
|
|
20
|
-
get '/users/roles', controller: :users, action: :roles
|
|
21
21
|
|
|
22
|
-
get '/users/fetch_by_role', to: 'users#fetch_by_role'
|
|
23
22
|
|
|
24
|
-
|
|
23
|
+
resources :user_roles, except: %i[new edit show destroy]
|
|
25
24
|
|
|
26
|
-
|
|
25
|
+
get '/user_roles/:id/users', controller: :user_roles, action: :users
|
|
27
26
|
|
|
28
|
-
post '/assign_roles',
|
|
27
|
+
post '/users/:id/assign_roles', controller: :user_roles, action: :assign_roles
|
|
29
28
|
|
|
30
|
-
get '/assigned_roles
|
|
29
|
+
get '/users/:id/assigned_roles', controller: :user_roles, action: :assigned_roles
|
|
31
30
|
|
|
32
31
|
end
|
|
@@ -1,16 +1,13 @@
|
|
|
1
|
-
class CreateMksAuthUsers < ActiveRecord::Migration[5.
|
|
1
|
+
class CreateMksAuthUsers < ActiveRecord::Migration[5.2]
|
|
2
2
|
def change
|
|
3
3
|
create_table :mks_auth_users do |t|
|
|
4
4
|
t.string :first_name, null: false
|
|
5
5
|
t.string :last_name, null: false
|
|
6
6
|
t.string :email, null: false
|
|
7
7
|
t.boolean :active, null: false, default: true
|
|
8
|
-
t.references :application_module, index: true
|
|
9
8
|
t.string :password_digest
|
|
10
9
|
|
|
11
10
|
t.timestamps
|
|
12
11
|
end
|
|
13
|
-
|
|
14
|
-
add_foreign_key :mks_auth_users, :mks_auth_application_modules, :column => :application_module_id
|
|
15
12
|
end
|
|
16
13
|
end
|
|
@@ -1,9 +1,10 @@
|
|
|
1
|
-
class CreateMksAuthUserRoles < ActiveRecord::Migration[5.
|
|
1
|
+
class CreateMksAuthUserRoles < ActiveRecord::Migration[5.2]
|
|
2
2
|
def change
|
|
3
3
|
create_table :mks_auth_user_roles do |t|
|
|
4
4
|
t.string :name, null: false
|
|
5
|
-
|
|
5
|
+
t.references :application_module, index: true
|
|
6
6
|
t.timestamps
|
|
7
7
|
end
|
|
8
|
+
add_foreign_key :mks_auth_user_roles, :mks_auth_application_modules, column: :application_module_id
|
|
8
9
|
end
|
|
9
10
|
end
|
|
@@ -1,11 +1,11 @@
|
|
|
1
|
-
class CreateMksUsersUserRoles < ActiveRecord::Migration[5.
|
|
1
|
+
class CreateMksUsersUserRoles < ActiveRecord::Migration[5.2]
|
|
2
2
|
def change
|
|
3
3
|
create_table :mks_auth_users_user_roles, id: false do |t|
|
|
4
4
|
t.references :user, index: false
|
|
5
5
|
t.references :user_role, index: false
|
|
6
6
|
end
|
|
7
|
-
add_index :mks_auth_users_user_roles, [
|
|
8
|
-
add_foreign_key :mks_auth_users_user_roles, :mks_auth_users, :
|
|
9
|
-
add_foreign_key :mks_auth_users_user_roles, :mks_auth_user_roles, :
|
|
7
|
+
add_index :mks_auth_users_user_roles, %i[user_id user_role_id]
|
|
8
|
+
add_foreign_key :mks_auth_users_user_roles, :mks_auth_users, column: :user_id
|
|
9
|
+
add_foreign_key :mks_auth_users_user_roles, :mks_auth_user_roles, column: :user_role_id
|
|
10
10
|
end
|
|
11
11
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
class CreateMksAuthMenus < ActiveRecord::Migration[5.
|
|
1
|
+
class CreateMksAuthMenus < ActiveRecord::Migration[5.2]
|
|
2
2
|
def change
|
|
3
3
|
create_table :mks_auth_menus do |t|
|
|
4
4
|
t.string :text, null: false
|
|
@@ -11,7 +11,7 @@ class CreateMksAuthMenus < ActiveRecord::Migration[5.0]
|
|
|
11
11
|
t.timestamps
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
add_foreign_key :mks_auth_menus, :mks_auth_menus, :
|
|
15
|
-
add_foreign_key :mks_auth_menus, :mks_auth_application_modules, :
|
|
14
|
+
add_foreign_key :mks_auth_menus, :mks_auth_menus, column: :parent_id
|
|
15
|
+
add_foreign_key :mks_auth_menus, :mks_auth_application_modules, column: :application_module_id
|
|
16
16
|
end
|
|
17
17
|
end
|
|
@@ -1,11 +1,11 @@
|
|
|
1
|
-
class CreateMksMenusUserRoles < ActiveRecord::Migration[5.
|
|
1
|
+
class CreateMksMenusUserRoles < ActiveRecord::Migration[5.2]
|
|
2
2
|
def change
|
|
3
3
|
create_table :mks_auth_menus_user_roles do |t|
|
|
4
4
|
t.references :menu, index: false
|
|
5
5
|
t.references :user_role, index: false
|
|
6
6
|
end
|
|
7
7
|
add_index :mks_auth_menus_user_roles, [:menu_id, :user_role_id]
|
|
8
|
-
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_menus, :
|
|
9
|
-
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_user_roles, :
|
|
8
|
+
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_menus, column: :menu_id
|
|
9
|
+
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_user_roles, column: :user_role_id
|
|
10
10
|
end
|
|
11
11
|
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
class CreateMksUsersApplicationModules < ActiveRecord::Migration[5.2]
|
|
2
|
+
def change
|
|
3
|
+
create_table :mks_auth_users_application_modules, id: false do |t|
|
|
4
|
+
t.references :user, index: false
|
|
5
|
+
t.references :application_module, index: false
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
add_index :mks_auth_users_application_modules, %i[user_id application_module_id], name: 'am_on_users_indx'
|
|
9
|
+
add_foreign_key :mks_auth_users_application_modules, :mks_auth_users, column: :user_id
|
|
10
|
+
add_foreign_key :mks_auth_users_application_modules, :mks_auth_application_modules, column: :application_module_id
|
|
11
|
+
end
|
|
12
|
+
end
|
data/lib/mks/auth/engine.rb
CHANGED
|
@@ -4,25 +4,18 @@ module Mks
|
|
|
4
4
|
isolate_namespace Mks::Auth
|
|
5
5
|
|
|
6
6
|
initializer :append_migrations do |app|
|
|
7
|
-
unless app.root.to_s.match root.to_s
|
|
8
|
-
|
|
9
|
-
config.paths['db/migrate']
|
|
10
|
-
app.config.paths['db/migrate'] << expanded_path
|
|
11
|
-
end
|
|
7
|
+
unless app.root.to_s.match? root.to_s
|
|
8
|
+
config.paths['db/migrate'].expanded.each do |expanded_path|
|
|
9
|
+
app.config.paths['db/migrate'] << expanded_path
|
|
12
10
|
end
|
|
13
11
|
end
|
|
14
12
|
end
|
|
15
13
|
|
|
16
|
-
initializer 'mks_auth.factories', :after => 'factory_girl.set_factory_paths' do
|
|
17
|
-
FactoryGirl.definition_file_paths << File.expand_path('../../../../spec/factories', __FILE__) if defined?(FactoryGirl)
|
|
18
|
-
end
|
|
19
|
-
|
|
20
14
|
config.generators do |g|
|
|
21
|
-
g.test_framework :rspec, :
|
|
22
|
-
g.fixture_replacement :factory_girl, :dir => 'spec/factories'
|
|
15
|
+
g.test_framework :rspec, fixture: false
|
|
23
16
|
g.assets false
|
|
24
17
|
g.helper false
|
|
25
18
|
end
|
|
26
19
|
end
|
|
27
20
|
end
|
|
28
|
-
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'jwt'
|
|
2
|
+
|
|
3
|
+
module Mks
|
|
4
|
+
module Auth
|
|
5
|
+
class TokenAuth
|
|
6
|
+
def self.issue(payload)
|
|
7
|
+
JWT.encode(payload, auth_secret, 'HS256')
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.decode(token)
|
|
11
|
+
JWT.decode(token, auth_secret, true, algorithm: 'HS256').first
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.auth_secret
|
|
15
|
+
Rails.application.config.auth_secret
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
data/lib/mks/auth/version.rb
CHANGED
data/lib/mks_auth.rb
CHANGED