mks_auth 1.0.14 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +17 -3
- data/app/assets/config/mks_auth_manifest.js +2 -0
- data/app/assets/javascripts/mks_auth/application.js +13 -0
- data/app/assets/stylesheets/mks_auth/application.css +15 -0
- data/app/controllers/mks/auth/access_controller.rb +51 -0
- data/app/controllers/mks/auth/application_controller.rb +13 -39
- data/app/controllers/mks/auth/application_modules_controller.rb +2 -0
- data/app/controllers/mks/auth/user_roles_controller.rb +32 -40
- data/app/controllers/mks/auth/users_controller.rb +29 -47
- data/app/helpers/mks/auth/access_helper.rb +47 -0
- data/app/helpers/mks/auth/application_helper.rb +10 -0
- data/app/jobs/mks_auth/application_job.rb +4 -0
- data/app/mailers/mks_auth/application_mailer.rb +6 -0
- data/app/models/mks/auth/application_module.rb +3 -3
- data/app/models/mks/auth/menu.rb +5 -5
- data/app/models/mks/auth/user.rb +9 -35
- data/app/models/mks/auth/user_role.rb +5 -10
- data/config/routes.rb +20 -16
- data/db/migrate/20161029065810_create_mks_auth_application_modules.rb +1 -1
- data/db/migrate/20161029065959_create_mks_auth_users.rb +4 -1
- data/db/migrate/20161029070807_create_mks_auth_user_roles.rb +2 -3
- data/db/migrate/20161029071047_create_mks_users_user_roles.rb +4 -4
- data/db/migrate/20161029072256_create_mks_auth_menus.rb +3 -3
- data/db/migrate/20161029074023_create_mks_menus_user_roles.rb +3 -3
- data/lib/mks/auth/engine.rb +12 -5
- data/lib/mks/auth/version.rb +1 -1
- data/lib/mks_auth.rb +0 -1
- data/spec/controllers/mks/auth/users_controller_spec.rb +2 -91
- data/spec/dummy/config/application.rb +0 -2
- data/spec/dummy/config/database.yml +3 -5
- data/spec/dummy/config/initializers/new_framework_defaults.rb +1 -1
- data/spec/dummy/db/schema.rb +35 -442
- data/spec/factories/application_modules.rb +1 -1
- data/spec/factories/menus.rb +2 -2
- data/spec/factories/user_roles.rb +1 -2
- data/spec/factories/users.rb +3 -2
- data/spec/models/mks/auth/application_module_spec.rb +1 -2
- data/spec/models/mks/auth/user_role_spec.rb +0 -6
- data/spec/models/mks/auth/user_spec.rb +0 -33
- data/spec/rails_helper.rb +0 -1
- data/spec/spec_helper.rb +1 -1
- data/spec/support/factory_girl.rb +2 -2
- metadata +95 -140
- data/app/controllers/mks/auth/menus_controller.rb +0 -29
- data/db/migrate/20180201104912_create_mks_users_application_modules.rb +0 -12
- data/lib/mks/auth/token_auth.rb +0 -19
- data/spec/controllers/mks/auth/menus_controller_spec.rb +0 -53
- data/spec/controllers/mks/auth/user_roles_controller_spec.rb +0 -129
- data/spec/dummy/log/development.log +0 -16526
- data/spec/dummy/log/test.log +0 -49665
@@ -1,12 +1,12 @@
|
|
1
1
|
module Mks
|
2
2
|
module Auth
|
3
|
-
# A model class to represent applications / modules
|
4
3
|
class ApplicationModule < ApplicationRecord
|
4
|
+
#self.table_name = 'mks_application_modules'
|
5
|
+
|
5
6
|
validates :code, presence: true
|
6
7
|
validates :code, presence: true, uniqueness: true
|
7
8
|
|
8
|
-
|
9
|
-
join_table: 'mks_auth_users_application_modules'
|
9
|
+
has_many :users, class_name: 'Mks::Auth::User'
|
10
10
|
has_many :menus, class_name: 'Mks::Auth::Menu'
|
11
11
|
end
|
12
12
|
end
|
data/app/models/mks/auth/menu.rb
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
module Mks
|
2
2
|
module Auth
|
3
|
-
# A model class to represent menu items of a module
|
4
3
|
class Menu < ApplicationRecord
|
4
|
+
# self.table_name = 'mks_menus'
|
5
|
+
|
5
6
|
belongs_to :application_module, class_name: 'Mks::Auth::ApplicationModule'
|
6
7
|
belongs_to :parent, class_name: 'Mks::Auth::Menu', optional: true
|
7
|
-
has_many :children, class_name: 'Mks::Auth::Menu', foreign_key
|
8
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
9
|
-
join_table: 'mks_auth_menus_user_roles'
|
8
|
+
has_many :children, class_name: 'Mks::Auth::Menu', :foreign_key => 'parent_id'
|
9
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole', :join_table => :mks_auth_menus_user_roles
|
10
10
|
end
|
11
11
|
end
|
12
|
-
end
|
12
|
+
end
|
data/app/models/mks/auth/user.rb
CHANGED
@@ -1,50 +1,24 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
1
|
module Mks
|
4
2
|
module Auth
|
5
|
-
# A model class to represent users of the system
|
6
3
|
class User < ApplicationRecord
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole',
|
11
|
-
join_table: 'mks_auth_users_user_roles'
|
4
|
+
# self.table_name = 'mks_users'
|
5
|
+
|
6
|
+
belongs_to :application_module, class_name: 'Mks::Auth::ApplicationModule'
|
7
|
+
has_and_belongs_to_many :roles, class_name: 'Mks::Auth::UserRole', join_table: :mks_auth_users_user_roles
|
12
8
|
has_secure_password
|
13
9
|
|
14
10
|
before_save { email.downcase! }
|
15
11
|
|
16
|
-
|
17
|
-
validates :first_name, presence: true, length: {
|
18
|
-
validates :last_name, presence: true, length: {
|
19
|
-
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {
|
12
|
+
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
|
13
|
+
validates :first_name, presence: true, length: {maximum: 30}
|
14
|
+
validates :last_name, presence: true, length: {maximum: 30}
|
15
|
+
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: {case_sensitive: false}
|
20
16
|
validates :password, length: { minimum: 6 }
|
21
17
|
validates :active, presence: true
|
22
18
|
|
23
19
|
def full_name
|
24
20
|
"#{first_name} #{last_name}"
|
25
21
|
end
|
26
|
-
|
27
|
-
def role_names
|
28
|
-
roles.map(&:name)
|
29
|
-
end
|
30
|
-
|
31
|
-
def to_token_payload
|
32
|
-
{ id: id, email: email, name: full_name, roles: role_names }
|
33
|
-
end
|
34
|
-
|
35
|
-
def has_module(code)
|
36
|
-
app_module = ApplicationModule.find_by(code: code)
|
37
|
-
roles = self.roles.select { |ur| ur.application_module == app_module }
|
38
|
-
roles.count.positive?
|
39
|
-
end
|
40
|
-
|
41
|
-
def role?(role)
|
42
|
-
roles.any? { |r| r.name.underscore.to_sym == role }
|
43
|
-
end
|
44
|
-
|
45
|
-
def any_role?(role_list)
|
46
|
-
roles.any? { |r| role_list.include?(r.name.underscore.to_sym) }
|
47
|
-
end
|
48
22
|
end
|
49
23
|
end
|
50
|
-
end
|
24
|
+
end
|
@@ -1,16 +1,11 @@
|
|
1
1
|
module Mks
|
2
2
|
module Auth
|
3
|
-
# A model to represent various roles of users in the system
|
4
3
|
class UserRole < ApplicationRecord
|
5
|
-
|
6
|
-
|
7
|
-
belongs_to :application_module
|
8
|
-
has_and_belongs_to_many :users, join_table: 'mks_auth_users_user_roles'
|
9
|
-
has_and_belongs_to_many :menus, join_table: 'mks_auth_menus_user_roles'
|
4
|
+
# self.table_name = 'mks_user_roles'
|
10
5
|
|
11
|
-
|
12
|
-
|
13
|
-
|
6
|
+
validates :name, presence: true, uniqueness: true
|
7
|
+
has_and_belongs_to_many :users, :join_table => :mks_auth_users_user_roles
|
8
|
+
has_and_belongs_to_many :menus, :join_table => :mks_auth_menus_user_roles
|
14
9
|
end
|
15
10
|
end
|
16
|
-
end
|
11
|
+
end
|
data/config/routes.rb
CHANGED
@@ -1,28 +1,32 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
1
|
Mks::Auth::Engine.routes.draw do
|
2
|
+
get '/csrf_token', to: 'access#csrf_token'
|
3
|
+
|
4
|
+
get '/attempt_login', to: 'access#attempt_login'
|
5
|
+
|
6
|
+
get '/logout', to: 'access#logout'
|
7
|
+
|
8
|
+
get '/menu', to: 'access#menu'
|
4
9
|
|
5
|
-
|
10
|
+
get '/check_login', to: 'access#check_login'
|
11
|
+
|
12
|
+
post '/login', to: 'access#attempt_login'
|
6
13
|
|
7
14
|
resources :application_modules
|
8
15
|
|
9
|
-
|
16
|
+
# get '/users', to: 'users#index'
|
17
|
+
|
18
|
+
resources :users, except: [:new, :edit, :show, :destroy]
|
19
|
+
|
20
|
+
get '/users/roles', controller: :users, action: :roles
|
10
21
|
|
11
|
-
|
12
|
-
member do
|
13
|
-
get 'roles', controller: :users, action: :roles
|
14
|
-
get 'menus', controller: :menus, action: :menus
|
15
|
-
get 'user_roles', controller: :users, action: :user_roles
|
16
|
-
post 'user_roles', controller: :users, action: :save_selected_roles
|
17
|
-
end
|
18
|
-
end
|
22
|
+
get '/users/fetch_by_role', to: 'users#fetch_by_role'
|
19
23
|
|
20
|
-
|
24
|
+
# get '/user_roles', to: 'user_roles#index'
|
21
25
|
|
22
|
-
|
26
|
+
resource :user_roles, except: [:new, :edit, :show, :destroy]
|
23
27
|
|
24
|
-
post '/
|
28
|
+
post '/assign_roles', to: 'user_roles#assign_roles'
|
25
29
|
|
26
|
-
get '/
|
30
|
+
get '/assigned_roles/:user_id', to: 'user_roles#get_assigned_roles'
|
27
31
|
|
28
32
|
end
|
@@ -1,13 +1,16 @@
|
|
1
|
-
class CreateMksAuthUsers < ActiveRecord::Migration[5.
|
1
|
+
class CreateMksAuthUsers < ActiveRecord::Migration[5.0]
|
2
2
|
def change
|
3
3
|
create_table :mks_auth_users do |t|
|
4
4
|
t.string :first_name, null: false
|
5
5
|
t.string :last_name, null: false
|
6
6
|
t.string :email, null: false
|
7
7
|
t.boolean :active, null: false, default: true
|
8
|
+
t.references :application_module, index: true
|
8
9
|
t.string :password_digest
|
9
10
|
|
10
11
|
t.timestamps
|
11
12
|
end
|
13
|
+
|
14
|
+
add_foreign_key :mks_auth_users, :mks_auth_application_modules, :column => :application_module_id
|
12
15
|
end
|
13
16
|
end
|
@@ -1,10 +1,9 @@
|
|
1
|
-
class CreateMksAuthUserRoles < ActiveRecord::Migration[5.
|
1
|
+
class CreateMksAuthUserRoles < ActiveRecord::Migration[5.0]
|
2
2
|
def change
|
3
3
|
create_table :mks_auth_user_roles do |t|
|
4
4
|
t.string :name, null: false
|
5
|
-
|
5
|
+
|
6
6
|
t.timestamps
|
7
7
|
end
|
8
|
-
add_foreign_key :mks_auth_user_roles, :mks_auth_application_modules, column: :application_module_id
|
9
8
|
end
|
10
9
|
end
|
@@ -1,11 +1,11 @@
|
|
1
|
-
class CreateMksUsersUserRoles < ActiveRecord::Migration[5.
|
1
|
+
class CreateMksUsersUserRoles < ActiveRecord::Migration[5.0]
|
2
2
|
def change
|
3
3
|
create_table :mks_auth_users_user_roles, id: false do |t|
|
4
4
|
t.references :user, index: false
|
5
5
|
t.references :user_role, index: false
|
6
6
|
end
|
7
|
-
add_index :mks_auth_users_user_roles,
|
8
|
-
add_foreign_key :mks_auth_users_user_roles, :mks_auth_users, column
|
9
|
-
add_foreign_key :mks_auth_users_user_roles, :mks_auth_user_roles, column
|
7
|
+
add_index :mks_auth_users_user_roles, [:user_id, :user_role_id]
|
8
|
+
add_foreign_key :mks_auth_users_user_roles, :mks_auth_users, :column => :user_id
|
9
|
+
add_foreign_key :mks_auth_users_user_roles, :mks_auth_user_roles, :column => :user_role_id
|
10
10
|
end
|
11
11
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
class CreateMksAuthMenus < ActiveRecord::Migration[5.
|
1
|
+
class CreateMksAuthMenus < ActiveRecord::Migration[5.0]
|
2
2
|
def change
|
3
3
|
create_table :mks_auth_menus do |t|
|
4
4
|
t.string :text, null: false
|
@@ -11,7 +11,7 @@ class CreateMksAuthMenus < ActiveRecord::Migration[5.2]
|
|
11
11
|
t.timestamps
|
12
12
|
end
|
13
13
|
|
14
|
-
add_foreign_key :mks_auth_menus, :mks_auth_menus, column
|
15
|
-
add_foreign_key :mks_auth_menus, :mks_auth_application_modules, column
|
14
|
+
add_foreign_key :mks_auth_menus, :mks_auth_menus, :column => :parent_id
|
15
|
+
add_foreign_key :mks_auth_menus, :mks_auth_application_modules, :column => :application_module_id
|
16
16
|
end
|
17
17
|
end
|
@@ -1,11 +1,11 @@
|
|
1
|
-
class CreateMksMenusUserRoles < ActiveRecord::Migration[5.
|
1
|
+
class CreateMksMenusUserRoles < ActiveRecord::Migration[5.0]
|
2
2
|
def change
|
3
3
|
create_table :mks_auth_menus_user_roles do |t|
|
4
4
|
t.references :menu, index: false
|
5
5
|
t.references :user_role, index: false
|
6
6
|
end
|
7
7
|
add_index :mks_auth_menus_user_roles, [:menu_id, :user_role_id]
|
8
|
-
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_menus, column
|
9
|
-
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_user_roles, column
|
8
|
+
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_menus, :column => :menu_id
|
9
|
+
add_foreign_key :mks_auth_menus_user_roles, :mks_auth_user_roles, :column => :user_role_id
|
10
10
|
end
|
11
11
|
end
|
data/lib/mks/auth/engine.rb
CHANGED
@@ -4,18 +4,25 @@ module Mks
|
|
4
4
|
isolate_namespace Mks::Auth
|
5
5
|
|
6
6
|
initializer :append_migrations do |app|
|
7
|
-
unless app.root.to_s.match
|
8
|
-
config.
|
9
|
-
|
7
|
+
unless app.root.to_s.match root.to_s
|
8
|
+
if app.config.app_code == 'PSH'
|
9
|
+
config.paths['db/migrate'].expanded.each do |expanded_path|
|
10
|
+
app.config.paths['db/migrate'] << expanded_path
|
11
|
+
end
|
10
12
|
end
|
11
13
|
end
|
12
14
|
end
|
13
15
|
|
16
|
+
initializer 'mks_auth.factories', :after => 'factory_girl.set_factory_paths' do
|
17
|
+
FactoryGirl.definition_file_paths << File.expand_path('../../../../spec/factories', __FILE__) if defined?(FactoryGirl)
|
18
|
+
end
|
19
|
+
|
14
20
|
config.generators do |g|
|
15
|
-
g.test_framework :rspec, fixture
|
21
|
+
g.test_framework :rspec, :fixture => false
|
22
|
+
g.fixture_replacement :factory_girl, :dir => 'spec/factories'
|
16
23
|
g.assets false
|
17
24
|
g.helper false
|
18
25
|
end
|
19
26
|
end
|
20
27
|
end
|
21
|
-
end
|
28
|
+
end
|
data/lib/mks/auth/version.rb
CHANGED
data/lib/mks_auth.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
require 'rails_helper'
|
2
|
-
require 'mks/auth/token_auth'
|
3
2
|
|
4
3
|
module Mks
|
5
4
|
module Auth
|
@@ -9,99 +8,11 @@ module Mks
|
|
9
8
|
describe 'GET #roles' do
|
10
9
|
it 'gets roles of a user' do
|
11
10
|
u = create(:user)
|
12
|
-
token = Mks::Auth::TokenAuth.issue(name: u.full_name, email: u.email, id: u.id)
|
13
|
-
request.headers['Authorization'] = "Bearer #{token}"
|
14
|
-
|
15
11
|
roles = [create(:user_role), create(:user_role)]
|
16
12
|
u.roles << roles
|
17
|
-
get :roles,
|
18
|
-
result = JSON(response.body)
|
19
|
-
expect(result.count).to eq 2
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
describe 'GET #user_roles' do
|
24
|
-
it 'fetches roles' do
|
25
|
-
app_module = create(:application_module, code: 'DUMMY')
|
26
|
-
u = create(:user, application_modules: [app_module])
|
27
|
-
token = Mks::Auth::TokenAuth.issue(name: u.full_name, email: u.email, id: u.id)
|
28
|
-
request.headers['Authorization'] = "Bearer #{token}"
|
29
|
-
|
30
|
-
r1 = create(:user_role, application_module: app_module)
|
31
|
-
r2 = create(:user_role, application_module: app_module)
|
32
|
-
u.roles << r1
|
33
|
-
|
34
|
-
get :user_roles, params: { id: u.id }
|
35
|
-
result = JSON(response.body)
|
36
|
-
expect(result.count).to eq 2
|
37
|
-
expect(result.select { |r| r['id'] == r1.id }[0]['selected']).to be_truthy
|
38
|
-
expect(result.select { |r| r['id'] == r2.id }[0]['selected']).to be_falsey
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
describe 'POST #create' do
|
43
|
-
it 'creates a new user' do
|
44
|
-
app_module = create(:application_module, code: 'DUMMY')
|
45
|
-
u = create(:user, application_modules: [app_module])
|
46
|
-
token = Mks::Auth::TokenAuth.issue(name: u.full_name, email: u.email, id: u.id)
|
47
|
-
request.headers['Authorization'] = "Bearer #{token}"
|
48
|
-
|
49
|
-
user = {
|
50
|
-
first_name: 'test user',
|
51
|
-
last_name: 'test user',
|
52
|
-
email: 'test@test.com',
|
53
|
-
password: 'test123',
|
54
|
-
password_confirmation: 'test123'
|
55
|
-
}
|
56
|
-
|
57
|
-
count = User.count
|
58
|
-
post :create, params: { user: user }
|
59
|
-
result = JSON(response.body)
|
60
|
-
expect(result['success']).to be_truthy
|
61
|
-
expect(User.count).to eq count + 1
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
describe 'POST #save_selected_roles' do
|
66
|
-
it 'saves selected user roles' do
|
67
|
-
app_module = create(:application_module, code: 'DUMMY')
|
68
|
-
u = create(:user, application_modules: [app_module])
|
69
|
-
token = Mks::Auth::TokenAuth.issue(name: u.full_name, email: u.email, id: u.id)
|
70
|
-
request.headers['Authorization'] = "Bearer #{token}"
|
71
|
-
|
72
|
-
r1 = create(:user_role, application_module: app_module)
|
73
|
-
r2 = create(:user_role, application_module: app_module)
|
74
|
-
|
75
|
-
roles = [
|
76
|
-
{ id: r1.id, selected: true },
|
77
|
-
{ id: r2.id, selected: true }
|
78
|
-
]
|
79
|
-
|
80
|
-
post :save_selected_roles, params: { id: u.id, roles: roles }
|
81
|
-
u.reload
|
82
|
-
expect(u.roles.count).to eq 2
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
describe 'POST #login' do
|
87
|
-
it 'returns a jwt token for correct credentials' do
|
88
|
-
m = create(:application_module)
|
89
|
-
ur = create(:user_role, application_module: m)
|
90
|
-
u = create(:user, password: '123456', password_confirmation: '123456', roles: [ur], application_modules: [m])
|
91
|
-
auth = { email: u.email, password: '123456', app_module: m.code }
|
92
|
-
token = Mks::Auth::TokenAuth.issue(u.to_token_payload)
|
93
|
-
post :login, params: { auth: auth }
|
94
|
-
|
13
|
+
get :roles, session: { user_id: u.id }
|
95
14
|
result = JSON(response.body)
|
96
|
-
expect(result['
|
97
|
-
end
|
98
|
-
|
99
|
-
it 'returns a 401 status for failed logins' do
|
100
|
-
u = create(:user)
|
101
|
-
auth = { email: u.email, password: '123456' }
|
102
|
-
post :login, params: { auth: auth }
|
103
|
-
|
104
|
-
expect(response.status).to eq 400
|
15
|
+
expect(result['data'].count).to eq 2
|
105
16
|
end
|
106
17
|
end
|
107
18
|
end
|
@@ -15,8 +15,6 @@ require "mks_auth"
|
|
15
15
|
|
16
16
|
module Dummy
|
17
17
|
class Application < Rails::Application
|
18
|
-
config.auth_secret = '31a70abfaa57e5e77a3fc9f27aeaaf59b9a9f5355b5e16c842ee172035a8ed40bf82c1c971ecc176e4f0b4c9e6141db07fd4a5af3f7db9265e719fbe340b105a'
|
19
|
-
config.app_code = 'DUMMY'
|
20
18
|
# Settings in config/environments/* take precedence over those specified here.
|
21
19
|
# Application configuration should go into files in config/initializers
|
22
20
|
# -- all .rb files in that directory are automatically loaded.
|
@@ -6,20 +6,18 @@
|
|
6
6
|
#
|
7
7
|
default: &default
|
8
8
|
adapter: postgresql
|
9
|
-
host: localhost
|
10
|
-
port: 5433
|
11
9
|
pool: 5
|
12
10
|
timeout: 5000
|
13
|
-
user:
|
11
|
+
user: henock
|
14
12
|
pass:
|
15
13
|
|
16
14
|
development:
|
17
15
|
<<: *default
|
18
|
-
database:
|
16
|
+
database: logistics_development
|
19
17
|
|
20
18
|
# Warning: The database defined as "test" will be erased and
|
21
19
|
# re-generated from your development database when you run "rake".
|
22
20
|
# Do not set this db to the same as development or production.
|
23
21
|
test:
|
24
22
|
<<: *default
|
25
|
-
database:
|
23
|
+
database: logistics_test
|