mks_auth 1.0.10 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/mks/auth/access_controller.rb +51 -0
- data/app/controllers/mks/auth/application_controller.rb +13 -40
- data/app/controllers/mks/auth/application_modules_controller.rb +2 -0
- data/app/controllers/mks/auth/user_roles_controller.rb +32 -40
- data/app/controllers/mks/auth/users_controller.rb +29 -47
- data/app/helpers/mks/auth/access_helper.rb +47 -0
- data/app/helpers/mks/auth/application_helper.rb +10 -0
- data/app/models/mks/auth/application_module.rb +3 -3
- data/app/models/mks/auth/menu.rb +5 -5
- data/app/models/mks/auth/user.rb +8 -30
- data/app/models/mks/auth/user_role.rb +5 -10
- data/config/routes.rb +18 -17
- data/db/migrate/20161029065810_create_mks_auth_application_modules.rb +1 -1
- data/db/migrate/20161029065959_create_mks_auth_users.rb +4 -1
- data/db/migrate/20161029070807_create_mks_auth_user_roles.rb +2 -3
- data/db/migrate/20161029071047_create_mks_users_user_roles.rb +4 -4
- data/db/migrate/20161029072256_create_mks_auth_menus.rb +3 -3
- data/db/migrate/20161029074023_create_mks_menus_user_roles.rb +3 -3
- data/lib/mks/auth/engine.rb +12 -5
- data/lib/mks/auth/version.rb +1 -1
- data/lib/mks_auth.rb +0 -1
- data/spec/controllers/mks/auth/users_controller_spec.rb +2 -91
- data/spec/dummy/config/application.rb +0 -2
- data/spec/dummy/config/database.yml +3 -5
- data/spec/dummy/config/initializers/new_framework_defaults.rb +1 -1
- data/spec/dummy/db/schema.rb +30 -38
- data/spec/factories/application_modules.rb +1 -1
- data/spec/factories/menus.rb +1 -1
- data/spec/factories/user_roles.rb +1 -2
- data/spec/factories/users.rb +2 -1
- data/spec/models/mks/auth/application_module_spec.rb +1 -2
- data/spec/models/mks/auth/user_role_spec.rb +0 -6
- data/spec/models/mks/auth/user_spec.rb +0 -21
- data/spec/rails_helper.rb +0 -1
- data/spec/spec_helper.rb +1 -1
- data/spec/support/factory_girl.rb +2 -2
- metadata +69 -92
- data/app/controllers/mks/auth/menus_controller.rb +0 -29
- data/db/migrate/20180201104912_create_mks_users_application_modules.rb +0 -12
- data/lib/mks/auth/token_auth.rb +0 -19
- data/spec/controllers/mks/auth/menus_controller_spec.rb +0 -53
- data/spec/controllers/mks/auth/user_roles_controller_spec.rb +0 -129
- data/spec/dummy/log/development.log +0 -14612
- data/spec/dummy/log/test.log +0 -44921
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c9befc13ee79dba3fce47aa04621b0cbab4983d6f32e22eefa8f8ea038dc0235
|
4
|
+
data.tar.gz: 8799d30c67e91c2f773bae8715e17a6b17bbf2fcff1bb1a232761955f142778a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bded2f7264869bf5dfb2437d39f5e6c5950a1c949c9effc36522fc547f40299dabb9e9e72b87a7f852af39f4daf7f4e3bd6b0ad2a0f5cbe02a278b190eb21e70
|
7
|
+
data.tar.gz: 510531747665163e392c2593ce3f9815c506d7555347a7e2a20da552954b803bf7cbd0aa7a2bcbbab34242a062d99cc5f29ba9b236c89b00cd031e8882a81a17
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require_dependency 'mks/auth/application_controller'
|
2
|
+
|
3
|
+
module Mks
|
4
|
+
module Auth
|
5
|
+
class AccessController < ApplicationController
|
6
|
+
before_action :confirm_logged_in, :except => [:attempt_login, :logout, :menu, :csrf_token]
|
7
|
+
|
8
|
+
def csrf_token
|
9
|
+
cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
|
10
|
+
render json: {success: true}
|
11
|
+
end
|
12
|
+
|
13
|
+
def attempt_login
|
14
|
+
code = Rails.configuration.app_code
|
15
|
+
app_module = ApplicationModule.find_by(code: code)
|
16
|
+
user = User.find_by(email: params[:email].downcase)
|
17
|
+
|
18
|
+
if user && user.application_module.id == app_module.id
|
19
|
+
if user.authenticate(params[:password])
|
20
|
+
login_user user
|
21
|
+
roles = user.roles.map(&:name)
|
22
|
+
response = { success: true, data: {user_id: user.id, user_full_name: user.full_name, roles: roles }}
|
23
|
+
render json: response
|
24
|
+
else
|
25
|
+
render json: {success: false, errors: "Invalid username or password"}
|
26
|
+
end
|
27
|
+
else
|
28
|
+
render json: {success: false, errors: "User doesn't exist or is not allowed!"}
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def logout
|
33
|
+
logout_user if logged_in?
|
34
|
+
render json: { success: true }
|
35
|
+
end
|
36
|
+
|
37
|
+
def menu
|
38
|
+
render json: {success: true, data: fetch_menus}
|
39
|
+
end
|
40
|
+
|
41
|
+
def check_login
|
42
|
+
if session[:user_id]
|
43
|
+
user = User.find(session[:user_id])
|
44
|
+
render json: {success: true, data: user.full_name}
|
45
|
+
else
|
46
|
+
render json: {success: false}
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -1,51 +1,24 @@
|
|
1
|
-
require 'mks/auth/token_auth'
|
2
|
-
require 'mks/common/methodresponse'
|
3
|
-
|
4
1
|
module Mks
|
5
2
|
module Auth
|
6
|
-
class ApplicationController < ActionController::
|
7
|
-
|
8
|
-
|
9
|
-
def logged_in?
|
10
|
-
!current_user.nil?
|
11
|
-
end
|
12
|
-
|
13
|
-
def current_user
|
14
|
-
return unless auth_present?
|
15
|
-
user = User.find(auth['id'])
|
16
|
-
@current_user ||= user if user
|
17
|
-
end
|
18
|
-
|
19
|
-
def current_user_id
|
20
|
-
auth['id']
|
21
|
-
end
|
22
|
-
|
23
|
-
def app_code
|
24
|
-
Rails.application.config.app_code
|
25
|
-
end
|
3
|
+
class ApplicationController < ActionController::Base
|
4
|
+
include AccessHelper
|
5
|
+
include ApplicationHelper
|
26
6
|
|
27
7
|
private
|
28
8
|
|
29
|
-
def
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
9
|
+
def confirm_logged_in
|
10
|
+
if session[:user_id]
|
11
|
+
true
|
12
|
+
else
|
13
|
+
redirect_to '/'
|
14
|
+
false
|
15
|
+
end
|
35
16
|
end
|
36
17
|
|
37
|
-
|
38
|
-
TokenAuth.decode(token)
|
39
|
-
end
|
40
|
-
|
41
|
-
def auth_present?
|
42
|
-
bearer = request.env.fetch('HTTP_AUTHORIZATION', '').scan(/Bearer/).flatten.first
|
43
|
-
!bearer.nil?
|
44
|
-
end
|
18
|
+
protected
|
45
19
|
|
46
|
-
def
|
47
|
-
|
48
|
-
ApplicationModule.find_by(code: code)
|
20
|
+
def verified_request?
|
21
|
+
super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
|
49
22
|
end
|
50
23
|
end
|
51
24
|
end
|
@@ -1,59 +1,51 @@
|
|
1
|
+
require_dependency 'mks/auth/application_controller'
|
2
|
+
|
1
3
|
module Mks
|
2
4
|
module Auth
|
3
5
|
class UserRolesController < ApplicationController
|
4
|
-
before_action :
|
5
|
-
before_action :set_user, only: %i[assigned_roles assign_roles]
|
6
|
+
# before_action :confirm_logged_in
|
6
7
|
|
7
8
|
# GET /user_roles
|
8
9
|
def index
|
9
|
-
user_roles = UserRole.
|
10
|
-
|
11
|
-
|
12
|
-
render json: user_roles
|
13
|
-
end
|
14
|
-
|
15
|
-
def users
|
16
|
-
render json: @role.users
|
10
|
+
@user_roles = UserRole.all.order(:name)
|
11
|
+
response = { success: true, data: @user_roles }
|
12
|
+
render json: response
|
17
13
|
end
|
18
14
|
|
19
|
-
def
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
15
|
+
def get_assigned_roles
|
16
|
+
user = User.find(params[:user_id])
|
17
|
+
user_roles = UserRole.all.order(:name)
|
18
|
+
data = []
|
19
|
+
user_roles.each do |user_role|
|
20
|
+
item = {id: user_role.id, name: user_role.name}
|
21
|
+
if user.roles.include? user_role
|
22
|
+
item[:selected] = true
|
23
|
+
else
|
24
|
+
item[:selected] = false
|
25
|
+
end
|
26
|
+
data << item
|
27
|
+
end
|
29
28
|
response = { success: true, data: data }
|
30
29
|
render json: response
|
31
30
|
end
|
32
31
|
|
33
|
-
# A method which assigns selected roles to a user.
|
34
|
-
# This method expects that only selected roles
|
35
|
-
# (i.e. roles with `selected` attribute set to true).
|
36
|
-
# It removes all other roles and assigns those selected
|
37
|
-
# roles to the user.
|
38
32
|
def assign_roles
|
39
|
-
|
40
|
-
|
41
|
-
@user.roles.destroy_all
|
42
|
-
@user.roles = user_roles
|
43
|
-
|
44
|
-
response = { success: true, message: 'Role assignment successful!' }
|
45
|
-
render json: response
|
46
|
-
end
|
33
|
+
user = User.find(params[:user_id])
|
34
|
+
roles = params[:roles]
|
47
35
|
|
36
|
+
roles.each do |role|
|
37
|
+
user_role = UserRole.find role[:id]
|
38
|
+
if role[:selected]
|
39
|
+
user.roles << user_role
|
40
|
+
else
|
41
|
+
user.roles.destroy user_role
|
42
|
+
end
|
43
|
+
end
|
48
44
|
|
49
|
-
|
45
|
+
user.save
|
50
46
|
|
51
|
-
|
52
|
-
|
53
|
-
end
|
54
|
-
|
55
|
-
def set_user
|
56
|
-
@user = User.find(params[:id])
|
47
|
+
response = { success: true, message: 'Role assignment successful!' }
|
48
|
+
render json: response
|
57
49
|
end
|
58
50
|
end
|
59
51
|
end
|
@@ -1,68 +1,58 @@
|
|
1
|
+
require_dependency 'mks/auth/application_controller'
|
2
|
+
|
1
3
|
module Mks
|
2
4
|
module Auth
|
3
5
|
class UsersController < ApplicationController
|
4
|
-
|
5
|
-
before_action :set_user, only: %i[update user_roles save_selected_roles]
|
6
|
+
before_action :set_user, only: [:update]
|
6
7
|
|
7
8
|
def index
|
8
|
-
@users =
|
9
|
-
|
9
|
+
@users = User.where(application_module_id: app_module.id)
|
10
|
+
response = { success: true, data: @users }
|
11
|
+
render json: response
|
10
12
|
end
|
11
13
|
|
12
14
|
def roles
|
13
|
-
user = User.find(
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
# A method to fetch all roles, with roles of
|
18
|
-
# a user marked as selected
|
19
|
-
def user_roles
|
20
|
-
all_roles = UserRole.joins(:application_module).where(mks_auth_application_modules: { code: app_code })
|
21
|
-
roles = all_roles.map { |r| { id: r.id, name: r.name, selected: @user.roles.include?(r) } }
|
22
|
-
render json: roles
|
15
|
+
user = User.find(session[:user_id])
|
16
|
+
data = user.roles.map { |role| {id: role.id, name: role.name} }
|
17
|
+
response = {success: true, data: data}
|
18
|
+
render json: response
|
23
19
|
end
|
24
20
|
|
25
|
-
def
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
21
|
+
def fetch_by_role
|
22
|
+
r = params[:role]
|
23
|
+
role = UserRole.find_by(name: r)
|
24
|
+
unless role
|
25
|
+
raise 'Role not found'
|
26
|
+
end
|
27
|
+
response = { success: true, data: role.users }
|
28
|
+
render json: response
|
31
29
|
end
|
32
30
|
|
33
31
|
def create
|
34
32
|
@user = User.new(user_params)
|
35
|
-
|
36
|
-
@user.application_modules = [app_module]
|
33
|
+
@user.application_module_id = app_module.id
|
37
34
|
if @user.save
|
38
|
-
|
35
|
+
response = { success: true, message: 'User saved successfully' }
|
36
|
+
render json: response
|
39
37
|
else
|
40
|
-
|
38
|
+
errors = Mks::Common::Util.error_messages @user, 'User'
|
39
|
+
response = { success: false, errors: errors }
|
40
|
+
render json: response
|
41
41
|
end
|
42
42
|
end
|
43
43
|
|
44
44
|
def update
|
45
45
|
if @user.update(user_params)
|
46
|
-
|
47
|
-
|
48
|
-
render json: Mks::Common::MethodResponse.failure_response(@user), status: :unprocessable_entity
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
52
|
-
def login
|
53
|
-
user = User.find_by(email: auth_params[:email])
|
54
|
-
if user.authenticate(auth_params[:password]) &&
|
55
|
-
user.has_module(auth_params[:app_module])
|
56
|
-
|
57
|
-
jwt = TokenAuth.issue(user.to_token_payload)
|
58
|
-
render json: { jwt: jwt }
|
46
|
+
response = { success: true, message: 'User updated successfully' }
|
47
|
+
render json: response
|
59
48
|
else
|
60
|
-
|
49
|
+
errors = Mks::Common::Util.error_messages @user, 'User'
|
50
|
+
response = { success: false, errors: errors }
|
51
|
+
render json: response
|
61
52
|
end
|
62
53
|
end
|
63
54
|
|
64
55
|
private
|
65
|
-
|
66
56
|
# Use callbacks to share common setup or constraints between actions.
|
67
57
|
def set_user
|
68
58
|
@user = User.find(params[:id])
|
@@ -72,14 +62,6 @@ module Mks
|
|
72
62
|
def user_params
|
73
63
|
params.require(:user).permit(:first_name, :last_name, :email, :password)
|
74
64
|
end
|
75
|
-
|
76
|
-
def auth_params
|
77
|
-
params.require(:auth).permit(:email, :password, :app_module)
|
78
|
-
end
|
79
|
-
|
80
|
-
def save_selected_roles_params
|
81
|
-
params.permit(roles: %i[id selected])
|
82
|
-
end
|
83
65
|
end
|
84
66
|
end
|
85
67
|
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Mks
|
2
|
+
module Auth
|
3
|
+
module AccessHelper
|
4
|
+
def login_user(user)
|
5
|
+
session[:user_id] = user.id
|
6
|
+
end
|
7
|
+
|
8
|
+
def current_user
|
9
|
+
@current_user ||= User.find_by(id: session[:user_id])
|
10
|
+
end
|
11
|
+
|
12
|
+
def logged_in?
|
13
|
+
!current_user.nil?
|
14
|
+
end
|
15
|
+
|
16
|
+
def logout_user
|
17
|
+
session.delete(:user_id)
|
18
|
+
@current_user = nil
|
19
|
+
@menus = nil
|
20
|
+
end
|
21
|
+
|
22
|
+
def fetch_menus
|
23
|
+
if @menus.nil?
|
24
|
+
roles = current_user.roles
|
25
|
+
app_module = current_user.application_module
|
26
|
+
|
27
|
+
@menus = []
|
28
|
+
roles.each do |role|
|
29
|
+
if role
|
30
|
+
menu_list = role.menus.where(:parent => nil, :application_module => app_module)
|
31
|
+
menu_list.each do |menu|
|
32
|
+
children = []
|
33
|
+
menu.children.order(:text).each do |child|
|
34
|
+
if child.roles.include? role
|
35
|
+
children << {'text': child.text, 'className': child.class_name, 'iconCls': child.icon_cls}
|
36
|
+
end
|
37
|
+
end
|
38
|
+
@menus << {'text': menu.text, 'children': children, 'iconCls': menu.icon_cls}
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
@menus
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -1,12 +1,12 @@
|
|
1
1
|
module Mks
|
2
2
|
module Auth
|
3
|
-
# A model class to represent applications / modules
|
4
3
|
class ApplicationModule < ApplicationRecord
|
4
|
+
#self.table_name = 'mks_application_modules'
|
5
|
+
|
5
6
|
validates :code, presence: true
|
6
7
|
validates :code, presence: true, uniqueness: true
|
7
8
|
|
8
|
-
|
9
|
-
join_table: 'mks_auth_users_application_modules'
|
9
|
+
has_many :users, class_name: 'Mks::Auth::User'
|
10
10
|
has_many :menus, class_name: 'Mks::Auth::Menu'
|
11
11
|
end
|
12
12
|
end
|
data/app/models/mks/auth/menu.rb
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
module Mks
|
2
2
|
module Auth
|
3
|
-
# A model class to represent menu items of a module
|
4
3
|
class Menu < ApplicationRecord
|
4
|
+
# self.table_name = 'mks_menus'
|
5
|
+
|
5
6
|
belongs_to :application_module, class_name: 'Mks::Auth::ApplicationModule'
|
6
7
|
belongs_to :parent, class_name: 'Mks::Auth::Menu', optional: true
|
7
|
-
has_many :children, class_name: 'Mks::Auth::Menu', foreign_key
|
8
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
9
|
-
join_table: 'mks_auth_menus_user_roles'
|
8
|
+
has_many :children, class_name: 'Mks::Auth::Menu', :foreign_key => 'parent_id'
|
9
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole', :join_table => :mks_auth_menus_user_roles
|
10
10
|
end
|
11
11
|
end
|
12
|
-
end
|
12
|
+
end
|
data/app/models/mks/auth/user.rb
CHANGED
@@ -1,46 +1,24 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
1
|
module Mks
|
4
2
|
module Auth
|
5
|
-
# A model class to represent users of the system
|
6
3
|
class User < ApplicationRecord
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
11
|
-
join_table: 'mks_auth_users_user_roles'
|
4
|
+
# self.table_name = 'mks_users'
|
5
|
+
|
6
|
+
belongs_to :application_module, class_name: 'Mks::Auth::ApplicationModule'
|
7
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole', join_table: :mks_auth_users_user_roles
|
12
8
|
has_secure_password
|
13
9
|
|
14
10
|
before_save { email.downcase! }
|
15
11
|
|
16
12
|
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
|
17
|
-
validates :first_name, presence: true, length: {
|
18
|
-
validates :last_name, presence: true, length: {
|
19
|
-
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {
|
13
|
+
validates :first_name, presence: true, length: {maximum: 30}
|
14
|
+
validates :last_name, presence: true, length: {maximum: 30}
|
15
|
+
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {case_sensitive: false}
|
20
16
|
validates :password, length: { minimum: 6 }
|
21
17
|
validates :active, presence: true
|
22
18
|
|
23
19
|
def full_name
|
24
20
|
"#{first_name} #{last_name}"
|
25
21
|
end
|
26
|
-
|
27
|
-
def role_names
|
28
|
-
roles.map(&:name)
|
29
|
-
end
|
30
|
-
|
31
|
-
def to_token_payload
|
32
|
-
{ id: id, email: email, name: full_name, roles: role_names }
|
33
|
-
end
|
34
|
-
|
35
|
-
def has_module(code)
|
36
|
-
app_module = ApplicationModule.find_by(code: code)
|
37
|
-
roles = self.roles.select { |ur| ur.application_module == app_module }
|
38
|
-
roles.count.positive?
|
39
|
-
end
|
40
|
-
|
41
|
-
def role?(role)
|
42
|
-
roles.any? { |r| r.name.underscore.to_sym == role }
|
43
|
-
end
|
44
22
|
end
|
45
23
|
end
|
46
|
-
end
|
24
|
+
end
|