mr_mime 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f3e2047a91eb58ca1d3f799031c3649fc8e4add6
+  data.tar.gz: b08268e26e4b204ac74b67d8aea4d7efec4b4482
+SHA512:
+  metadata.gz: 3cdf3560ca2b5b0fcf659633cfeefbcb0c5fad2cde0020eb2ee34a38ebaaaf01881a62d7be38d3ba5ac94ca7fad4b54b51ccafdbb055e51e255bbcf4f7a90906
+  data.tar.gz: 7da15de7885351774d7230e7580045783a21de7dc989dc1a07597d6e1e160b57264cac6fd9d0827d7a4e95284278bc3d295cc75d2015c6522ea5c830777abef0

data/app/assets/stylesheets/mr_mime/_mr_mime.css

@@ -0,0 +1,16 @@
+.mr-mime-impersonation-footer {
+  padding-top: 25px;
+  font-size: 20px;
+  position: fixed;
+  height: 75px;
+  bottom: 0px;
+  background-color: #fbefd9;
+  width: 100%;
+  z-index: 10;
+  text-align: center;
+  border-top: 3px solid #4a4a4a;
+}
+
+.mr-mime-new-impersonation {
+  display: inline-block;
+}

data/app/controllers/mr_mime/application_controller.rb

@@ -0,0 +1,5 @@
+module MrMime
+  class ApplicationController < ActionController::Base
+    include ImpersonationBehavior
+  end
+end

data/app/controllers/mr_mime/impersonation_behavior.rb

@@ -0,0 +1,20 @@
+module MrMime
+  module ImpersonationBehavior
+    def self.included(base)
+      base.helper_method :current_impersonator, :impersonator?, :impersonator_id
+      base.helper MrMime::ImpersonationHelper
+    end
+
+    def current_impersonator
+      MrMime::Config.user_class.find_by(id: impersonator_id) if impersonator?
+    end
+
+    def impersonator?
+      impersonator_id.present?
+    end
+
+    def impersonator_id
+      session['mr_mime.impersonator_id']
+    end
+  end
+end

data/app/controllers/mr_mime/impersonations_controller.rb

@@ -0,0 +1,49 @@
+module MrMime
+  class ImpersonationsController < MrMime::ApplicationController
+    before_filter :require_login
+
+    def create
+      if impersonation.save
+        redirect_to main_app.root_url, notice: 'Impersonation started'
+      else
+        redirect_to :back, flash: { error: impersonation.error_messages }
+      end
+    end
+
+    def destroy
+      impersonation.revert
+
+      redirect_to impersonation.return_to, notice: 'Impersonation ended'
+    end
+
+    private
+
+    def impersonation
+      @impersonation ||= MrMime::Impersonation.new(
+        context: self,
+        store: session,
+        params: impersonation_params
+      )
+    end
+
+    def impersonation_params
+      params.fetch(:impersonation, {})
+        .merge(
+          impersonator_id: impersonator.id,
+          referer: request.referer
+        )
+    end
+
+    def impersonator
+      current_impersonator || current_user
+    end
+
+    def require_login
+      unless current_user
+        redirect_to main_app.root_url, flash: {
+          error: 'You do not have permission to do this'
+        }
+      end
+    end
+  end
+end

data/app/helpers/mr_mime/impersonation_helper.rb

@@ -0,0 +1,7 @@
+module MrMime
+  module ImpersonationHelper
+    def button_to_impersonate(user_id, options = {})
+      render 'mr_mime/impersonate_button', options.merge(user_id: user_id)
+    end
+  end
+end

data/app/models/mr_mime/adapters/base.rb

@@ -0,0 +1,13 @@
+module MrMime
+  module Adapters
+    class Base
+      def initialize(context)
+        @context = context
+      end
+
+      private
+
+      attr_reader :context
+    end
+  end
+end

data/app/models/mr_mime/adapters/devise_adapter.rb

@@ -0,0 +1,10 @@
+module MrMime
+  module Adapters
+    class DeviseAdapter < Base
+      def set_current_user(user)
+        context.sign_out
+        context.sign_in(user)
+      end
+    end
+  end
+end

data/app/models/mr_mime/adapters/sorcery_adapter.rb

@@ -0,0 +1,9 @@
+module MrMime
+  module Adapters
+    class SorceryAdapter < Base
+      def set_current_user(user)
+        context.auto_login user
+      end
+    end
+  end
+end

data/app/models/mr_mime/impersonation.rb

@@ -0,0 +1,85 @@
+require 'active_model'
+
+module MrMime
+  class Impersonation
+    extend ActiveModel::Naming
+    include ActiveModel::Validations
+    include ActiveModel::Conversion
+
+    validates :impersonator, :impersonated, presence: true
+    validate :impersonation_allowed
+
+    delegate :user_class, :adapter_class, to: MrMime::Config
+    delegate :set_current_user, to: :adapter
+
+    attr_reader :return_to
+
+    def initialize(options = {})
+      @adapter   = adapter_class.new(options.fetch(:context))
+      @store     = MrMime::Store.new(options[:store] || {})
+      @params    = options[:params] || {}
+      @return_to = store.get(:return_to)
+    end
+
+    def save
+      if valid?
+        set_user_keys
+        true
+      end
+    end
+
+    def revert
+      revert_user_keys
+    end
+
+    def impersonator
+      @impersonator ||= find_user(params[:impersonator_id])
+    end
+
+    def impersonated
+      @impersonated ||= find_user(params[:impersonated_id])
+    end
+
+    def error_messages
+      errors.full_messages.join(', ')
+    end
+
+    private
+
+    attr_reader :adapter, :store, :params
+
+    def set_user_keys
+      set_current_user impersonated
+      store.set_keys(
+        impersonator_id: impersonator.id,
+        return_to:       params[:referer]
+      )
+    end
+
+    def revert_user_keys
+      set_current_user impersonator
+      store.set_keys(
+        impersonator_id: nil,
+        return_to:       nil
+      )
+    end
+
+    def impersonation_allowed
+      unless impersonation_allowed?
+        errors.add(:base, 'You do not have permission to impersonate this user')
+      end
+    end
+
+    def impersonation_allowed?
+      MrMime::ImpersonationPolicy.allowed?(impersonator, impersonated)
+    end
+
+    def find_user(id)
+      user_class.find_by(id: id)
+    end
+
+    def persisted?
+      false
+    end
+  end
+end

data/app/models/mr_mime/impersonation_policy.rb

@@ -0,0 +1,22 @@
+module MrMime
+  class ImpersonationPolicy
+    delegate :user_permission_check, to: MrMime::Config
+
+    attr_reader :impersonator, :impersonated
+
+    def self.allowed?(*args)
+      new(*args).allowed?
+    end
+
+    def initialize(impersonator, impersonated)
+      @impersonator = impersonator
+      @impersonated = impersonated
+    end
+
+    def allowed?
+      return true unless user_permission_check
+
+      impersonator.public_send(user_permission_check)
+    end
+  end
+end

data/app/models/mr_mime/store.rb

@@ -0,0 +1,17 @@
+module MrMime
+  class Store < SimpleDelegator
+    PREFIX = 'mr_mime'
+
+    def set_keys(values = {})
+      values.each{ |k,v| set(k, v) }
+    end
+
+    def set(key, value)
+      self["#{PREFIX}.#{key}"] = value
+    end
+
+    def get(key)
+      self["#{PREFIX}.#{key}"]
+    end
+  end
+end

data/app/views/mr_mime/_impersonate_button.html.erb

@@ -0,0 +1,11 @@
+<%=
+  button_to mr_mime.impersonation_url, {
+    class: local_assigns[:button_class],
+    form_class: 'mr-mime-new-impersonation',
+    params: {
+      impersonation: { impersonated_id: user_id }
+    }
+  } do
+    local_assigns[:button_text] || 'Impersonate User'
+  end
+%>

data/app/views/mr_mime/_impersonation_warning.html.erb

@@ -0,0 +1,6 @@
+<% if impersonator? %>
+  <div class='mr-mime-impersonation-footer'>
+    You are impersonating <strong><%= current_user.email %></strong>. At any time you may
+    <%= link_to 'return to your regular account', mr_mime.impersonation_path, method: :delete %>.
+  </div>
+<% end %>

data/config/routes.rb

@@ -0,0 +1,3 @@
+MrMime::Engine.routes.draw do
+  resource :impersonation, only: [:create, :destroy]
+end

data/lib/generators/mr_mime/install_generator.rb

@@ -0,0 +1,16 @@
+require 'rails/generators/base'
+require 'securerandom'
+
+module MrMime
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path('../../templates', __FILE__)
+
+      desc 'Creates a MrMime initializer'
+
+      def copy_initializer
+        template 'mr_mime.rb', 'config/initializers/mr_mime.rb'
+      end
+    end
+  end
+end

data/lib/generators/templates/mr_mime.rb

@@ -0,0 +1,15 @@
+MrMime.configure do |config|
+  # Configure your user authentication adapter.
+  # Supported adapters are :devise, :sorcery
+  config.adapter = :devise
+
+  # Configure the name of the user model used for authentication.
+  config.user_model = 'User'
+
+  # Configure the user method used for impersonation permission checks.
+  # Your configured user model must respond to this method
+  # If the method returns falsey, the user will not be permitted to impersonate
+  # If the method returns truthy, the user will be permitted to impersonate
+  # Default: nil
+  # config.user_permission_check = :admin?
+end

data/lib/mr_mime/config.rb

@@ -0,0 +1,27 @@
+module MrMime
+  module Config
+    mattr_accessor :adapter
+    @@adapter = :devise
+
+    mattr_accessor :user_model
+    @@user_model = 'User'
+
+    mattr_accessor :user_permission_check
+    @@user_permission_check = nil
+
+    def self.adapters
+      {
+        sorcery: MrMime::Adapters::SorceryAdapter,
+        devise:  MrMime::Adapters::DeviseAdapter
+      }
+    end
+
+    def self.adapter_class
+      @@adapter_class ||= adapters[@@adapter]
+    end
+
+    def self.user_class
+      @@user_class ||= user_model.constantize
+    end
+  end
+end

data/lib/mr_mime/engine.rb

@@ -0,0 +1,11 @@
+module MrMime
+  class Engine < ::Rails::Engine
+    isolate_namespace MrMime
+
+    initializer 'mr_mime', before: :load_config_initializers do |app|
+      Rails.application.routes.append do
+        mount MrMime::Engine, at: '/mr_mime'
+      end
+    end
+  end
+end

data/lib/mr_mime/version.rb

@@ -0,0 +1 @@
+VERSION = '0.0.1'

data/lib/mr_mime.rb

@@ -0,0 +1,9 @@
+require 'mr_mime/engine'
+require 'mr_mime/version'
+require 'mr_mime/config'
+
+module MrMime
+  def self.configure
+    yield MrMime::Config
+  end
+end

data/spec/controllers/mr_mime/impersonation_behavior_spec.rb

@@ -0,0 +1,73 @@
+require 'spec_helper'
+require 'helpers/mr_mime/impersonation_helper'
+require 'controllers/mr_mime/impersonation_behavior'
+
+module MrMime
+  class DummyController < ActionController::Base
+    include ImpersonationBehavior
+  end
+
+  RSpec.describe DummyController do
+    let(:controller) { described_class.new }
+
+    before { allow(controller).to receive(:session).and_return({}) }
+
+    describe 'helpers' do
+      it 'correctly includes all relevant helper methods' do
+        expect(described_class.helpers.methods).to include(
+          :current_impersonator,
+          :impersonator?,
+          :impersonator_id,
+          :button_to_impersonate
+        )
+      end
+    end
+
+    describe '#current_impersonator' do
+      it 'returns nil if there is no impersonator' do
+        expect(controller.current_impersonator).to be_nil
+      end
+
+      context 'with impersonator' do
+        let(:user_class) { double }
+
+        before do
+          allow(MrMime::Config).to receive(:user_class).and_return(user_class)
+          set_impersonator 21
+        end
+
+        it 'returns nil if the impersonating user cannot be found' do
+          find_user nil
+          expect(controller.current_impersonator).to be_nil
+        end
+
+        it 'returns the impersonating user if present' do
+          user = double
+          find_user user
+          expect(controller.current_impersonator).to eq user
+        end
+      end
+    end
+
+    describe '#impersonator?' do
+      it 'returns true if an impersonator id exists' do
+        set_impersonator 21
+        expect(controller).to be_impersonator
+      end
+
+      it 'returns false otherwise' do
+        expect(controller).not_to be_impersonator
+      end
+    end
+
+    def set_impersonator(id)
+      controller.session['mr_mime.impersonator_id'] = id
+    end
+
+    def find_user(return_value)
+      allow(user_class).to receive(:find_by)
+        .with(id: 21)
+        .and_return(return_value)
+    end
+  end
+end

data/spec/models/mr_mime/impersonation_policy_spec.rb

@@ -0,0 +1,26 @@
+require 'spec_helper'
+require 'models/mr_mime/impersonation_policy'
+
+module MrMime
+  RSpec.describe ImpersonationPolicy, type: :model do
+    describe '#allow?' do
+      it 'returns true if no permission check is set' do
+        expect(described_class.new(double, double)).to be_allowed
+      end
+
+      context 'with permission check' do
+        before { MrMime::Config.user_permission_check = :check? }
+
+        it 'allows admins to impersonate any user' do
+          impersonator = double(check?: true)
+          expect(described_class.new(impersonator, double)).to be_allowed
+        end
+
+        it 'does not allow a regular user to impersonate' do
+          impersonator = double(check?: false)
+          expect(described_class.new(impersonator, double)).not_to be_allowed
+        end
+      end
+    end
+  end
+end

data/spec/models/mr_mime/impersonation_spec.rb

@@ -0,0 +1,151 @@
+require 'spec_helper'
+require 'models/mr_mime/store'
+require 'models/mr_mime/impersonation_policy'
+require 'models/mr_mime/impersonation'
+
+module MrMime
+  RSpec.describe Impersonation, type: :model do
+    class UserClass; end
+    class AdapterClass; end
+
+    let(:context) { double }
+    let(:adapter) { double(set_current_user: true) }
+    let(:impersonator) { double(id: 3, email: 'impersonator@example.com') }
+    let(:impersonated) { double(id: 8, email: 'impersonated@example.com') }
+    let(:impersonation) do
+      described_class.new(
+        context: context,
+        store: store,
+        params: params
+      )
+    end
+
+    before do
+      stub_config
+      stub_adapter
+      stub_users
+    end
+
+    describe '#save' do
+      let(:store) { {} }
+      let(:params) do
+        {
+          impersonator_id: impersonator.id,
+          impersonated_id: impersonated.id,
+          referer: 'www.example.com/origin'
+        }
+      end
+
+      context 'with a valid impersonation' do
+        before { stub_policy(true) }
+
+        it 'returns true' do
+          expect(impersonation.save).to be_truthy
+        end
+
+        it 'sets the current user' do
+          expect(adapter).to receive(:set_current_user).with(impersonated)
+          impersonation.save
+        end
+
+        it 'sets the impersonator_id in the store' do
+          impersonation.save
+          expect_store_value :impersonator_id, impersonator.id
+        end
+
+        it 'sets the return_to in the store' do
+          impersonation.save
+          expect_store_value :return_to, 'www.example.com/origin'
+        end
+      end
+
+      context 'with an invalid impersonation' do
+        before { stub_policy(false) }
+
+        it 'returns false' do
+          expect(impersonation.save).to be_falsey
+        end
+
+        it 'does not set the current user' do
+          expect(adapter).to_not receive(:set_current_user)
+          impersonation.save
+        end
+
+        it 'does not set the impersonator_id' do
+          impersonation.save
+          expect_store_value :impersonator_id, nil
+        end
+
+        it 'does not set the return_to' do
+          impersonation.save
+          expect_store_value :return_to, nil
+        end
+      end
+    end
+
+    describe '#revert' do
+      let(:store) do
+        {
+          'mr_mime.impersonator_id' => impersonator.id,
+          'mr_mime.return_to' => 'www.example.com/origin'
+        }
+      end
+      let(:params) do
+        {
+          impersonator_id: impersonator.id,
+          referer: 'www.example.com/new'
+        }
+      end
+
+      it 'reverts the current user' do
+        expect(adapter).to receive(:set_current_user).with(impersonator)
+        impersonation.revert
+      end
+
+      it 'clears the impersonator_id' do
+        impersonation.revert
+        expect_store_value :impersonator_id, nil
+      end
+
+      it 'clears the return_to' do
+        impersonation.revert
+        expect_store_value :return_to, nil
+      end
+
+      it 'retains the correct return_to' do
+        impersonation.revert
+        expect(impersonation.return_to).to eq 'www.example.com/origin'
+      end
+    end
+
+    def expect_store_value(key, value)
+      expect(store["mr_mime.#{key}"]).to eq value
+    end
+
+    def stub_config
+      allow(MrMime::Config).to receive_messages(
+        user_class: UserClass,
+        adapter_class: AdapterClass
+      )
+    end
+
+    def stub_adapter
+      allow(AdapterClass).to receive(:new).with(context).and_return(adapter)
+    end
+
+    def stub_users
+      allow(UserClass).to receive(:find_by) do |options|
+        if    options[:id] == impersonator.id then impersonator
+        elsif options[:id] == impersonated.id then impersonated
+        else  nil
+        end
+      end
+    end
+
+    def stub_policy(allowed)
+      allow(MrMime::ImpersonationPolicy).to receive(:allowed?)
+        .with(impersonator, impersonated)
+        .and_return(allowed)
+    end
+  end
+end

data/spec/models/mr_mime/store_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+require 'models/mr_mime/store'
+
+module MrMime
+  RSpec.describe Store do
+    let(:store) { described_class.new({}) }
+
+    before { stub_const("#{described_class}::PREFIX", 'prefix')}
+
+    describe '#set_keys' do
+      it 'correctly stores all prefixed key-value pairs' do
+        store.set_keys(one: 1, two: 2)
+
+        expect(store['prefix.one']).to eq 1
+        expect(store['prefix.two']).to eq 2
+      end
+    end
+
+    describe '#set' do
+      it 'correctly stores a prefixed key-value pair' do
+        store.set(:one, 1)
+        expect(store['prefix.one']).to eq 1
+      end
+    end
+
+    describe '#get' do
+      it 'correctly retrieves a prefixed key-value pair' do
+        store.set(:one, 1)
+        expect(store.get(:one)).to eq 1
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'rails/all'
+require 'mr_mime'

metadata

@@ -0,0 +1,117 @@
+--- !ruby/object:Gem::Specification
+name: mr_mime
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Kyle Edson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-04-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: |-
+  MrMime is a Rails engine built to easily add user
+    impersonation functionality to your existing Rails application
+email: rubygems@foraker.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- app/assets/stylesheets/mr_mime/_mr_mime.css
+- app/controllers/mr_mime/application_controller.rb
+- app/controllers/mr_mime/impersonation_behavior.rb
+- app/controllers/mr_mime/impersonations_controller.rb
+- app/helpers/mr_mime/impersonation_helper.rb
+- app/models/mr_mime/adapters/base.rb
+- app/models/mr_mime/adapters/devise_adapter.rb
+- app/models/mr_mime/adapters/sorcery_adapter.rb
+- app/models/mr_mime/impersonation.rb
+- app/models/mr_mime/impersonation_policy.rb
+- app/models/mr_mime/store.rb
+- app/views/mr_mime/_impersonate_button.html.erb
+- app/views/mr_mime/_impersonation_warning.html.erb
+- config/routes.rb
+- lib/generators/mr_mime/install_generator.rb
+- lib/generators/templates/mr_mime.rb
+- lib/mr_mime.rb
+- lib/mr_mime/config.rb
+- lib/mr_mime/engine.rb
+- lib/mr_mime/version.rb
+- spec/controllers/mr_mime/impersonation_behavior_spec.rb
+- spec/models/mr_mime/impersonation_policy_spec.rb
+- spec/models/mr_mime/impersonation_spec.rb
+- spec/models/mr_mime/store_spec.rb
+- spec/spec_helper.rb
+homepage: http://www.github.com/foraker/mr_mime
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: User impersonation for Rails applications
+test_files:
+- spec/controllers/mr_mime/impersonation_behavior_spec.rb
+- spec/models/mr_mime/impersonation_policy_spec.rb
+- spec/models/mr_mime/impersonation_spec.rb
+- spec/models/mr_mime/store_spec.rb
+- spec/spec_helper.rb