mumuki-laboratory 5.11.0 → 5.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/concerns/users_controller_template.rb +1 -1
- data/app/helpers/organization_list_helper.rb +0 -4
- data/app/views/layouts/_organizations_listing.html.erb +1 -1
- data/db/migrate/20181014233438_remove_non_null_constraint_from_permissions.rb +5 -0
- data/lib/mumuki/laboratory/controllers/dynamic_errors.rb +2 -2
- data/lib/mumuki/laboratory/mumukit/auth.rb +0 -7
- data/lib/mumuki/laboratory/mumukit/platform.rb +0 -12
- data/lib/mumuki/laboratory/version.rb +1 -1
- data/spec/controllers/users_api_controller_spec.rb +9 -1
- data/spec/dummy/db/schema.rb +2 -2
- data/spec/features/not_found_private_flow_spec.rb +2 -2
- data/spec/features/profile_flow_spec.rb +3 -0
- metadata +7 -8
- data/spec/helpers/organization_list_helper_spec.rb +0 -20
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d1a14bc93fe037ed3d6ee6afa041dcd4c84d308011e819cffdd39b9c1fe5a7e2
|
|
4
|
+
data.tar.gz: 8f4fba71e09dab7bd831d8a2424a889b107e3e9b531c1b9d7a7ff3866d584c07
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0ee2606a772b5e0191e194f9c93cd1177247e1ba7d3407c40992a086d130059839b45ed5da6ea7ad89f1406fe48572bddd1190597f59ccf2718c17f897e56ed6
|
|
7
|
+
data.tar.gz: 496f224a3d84e678cefa614111eb8522b1e4d45539756db4708a9ca0a42b6c3d4ee73550e80fdcb9c71027ca5cadae6be043111980a600d43b0b6001016634b7
|
|
@@ -10,7 +10,7 @@ module UsersControllerTemplate
|
|
|
10
10
|
private
|
|
11
11
|
|
|
12
12
|
def protect_permissions_assignment!
|
|
13
|
-
current_user.protect_permissions_assignment! user_params[:permissions], @user.
|
|
13
|
+
current_user.protect_permissions_assignment! user_params[:permissions], @user.permissions_was
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def user_params
|
|
@@ -2,8 +2,4 @@ module OrganizationListHelper
|
|
|
2
2
|
def organizations_for(user)
|
|
3
3
|
(user.accessible_organizations + [Organization.central]).uniq.compact
|
|
4
4
|
end
|
|
5
|
-
|
|
6
|
-
def organization_switch_url(organization)
|
|
7
|
-
organization.url_for(controller_name == 'users' ? root_path : request.path)
|
|
8
|
-
end
|
|
9
5
|
end
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<%= image_tag(org.banner_url, height: 50, class: 'pull-left') %>
|
|
8
8
|
</div>
|
|
9
9
|
<div class="col-md-6 organization-row">
|
|
10
|
-
<%= link_to(t(:go_to, organization: org.name),
|
|
10
|
+
<%= link_to(t(:go_to, organization: org.name), org.url, class: 'btn btn-success pull-right') %>
|
|
11
11
|
</div>
|
|
12
12
|
</div>
|
|
13
13
|
<% end %>
|
|
@@ -36,7 +36,7 @@ module Mumuki::Laboratory::Controllers::DynamicErrors
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
def forbidden
|
|
39
|
-
message = "
|
|
39
|
+
message = "The operation on organization #{Organization.current} was forbidden to user #{current_user.uid} with permissions #{current_user.permissions}"
|
|
40
40
|
Rails.logger.info message
|
|
41
41
|
render_error 'forbidden', 403, locals: { explanation: :forbidden_explanation }, error_message: message
|
|
42
42
|
end
|
|
@@ -50,7 +50,7 @@ module Mumuki::Laboratory::Controllers::DynamicErrors
|
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
def render_error(template, status, options={})
|
|
53
|
-
if Mumukit::Platform.organization_mapping.path_under_namespace? request.path, 'api'
|
|
53
|
+
if Mumukit::Platform.organization_mapping.path_under_namespace? Mumukit::Platform.current_organization_name, request.path, 'api'
|
|
54
54
|
render_api_errors [options[:error_message] || template.gsub('_', ' ')], status
|
|
55
55
|
else
|
|
56
56
|
render_app_errors template, options.merge(status: status).except(:error_message)
|
|
@@ -1,12 +1,5 @@
|
|
|
1
1
|
require 'mumukit/auth'
|
|
2
2
|
|
|
3
|
-
class Mumukit::Auth::Permissions
|
|
4
|
-
def protect_permissions_assignment!(other, previous)
|
|
5
|
-
other ||= {}
|
|
6
|
-
raise Mumukit::Auth::UnauthorizedAccessError unless assign_to?(Mumukit::Auth::Permissions.parse(other.to_h), previous)
|
|
7
|
-
end
|
|
8
|
-
end
|
|
9
|
-
|
|
10
3
|
Mumukit::Auth.configure do |c|
|
|
11
4
|
# We are not using tokens, so implementing this strategy is meaningless
|
|
12
5
|
c.persistence_strategy = nil
|
|
@@ -18,14 +18,6 @@ class Mumuki::Laboratory::Engine < ::Rails::Engine
|
|
|
18
18
|
config.i18n.available_locales = Mumukit::Platform::Locale.supported
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
module Mumukit::Platform::OrganizationMapping::Subdomain
|
|
22
|
-
class << self
|
|
23
|
-
def path_under_namespace?(path, namespace)
|
|
24
|
-
path.start_with? "/#{namespace}/"
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
21
|
module Mumukit::Platform::OrganizationMapping::Path
|
|
30
22
|
class << self
|
|
31
23
|
alias __organization_name__ organization_name
|
|
@@ -38,9 +30,5 @@ module Mumukit::Platform::OrganizationMapping::Path
|
|
|
38
30
|
name
|
|
39
31
|
end
|
|
40
32
|
end
|
|
41
|
-
|
|
42
|
-
def path_under_namespace?(path, namespace)
|
|
43
|
-
path.start_with? "/#{Mumukit::Platform.current_organization_name}/#{namespace}/"
|
|
44
|
-
end
|
|
45
33
|
end
|
|
46
34
|
end
|
|
@@ -38,10 +38,18 @@ describe Api::UsersController, type: :controller, organization_workspace: :base
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
|
|
41
|
-
context 'post
|
|
41
|
+
context 'post that tries to escalate permissions' do
|
|
42
42
|
before { post :create, params: {user: owner_json} }
|
|
43
43
|
|
|
44
44
|
it { expect(response.status).to eq 403 }
|
|
45
|
+
it { expect(response.body).to json_eq errors: ['The operation on organization base was forbidden to user foo+1@bar.com with permissions !janitor:test/*;owner:'] }
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
context 'post on a user with high permissions that does not operate on them' do
|
|
49
|
+
let!(:user) { User.create! owner_json }
|
|
50
|
+
before { put :update, params: {id: 'foo@bar.com', user: owner_json} }
|
|
51
|
+
|
|
52
|
+
it { expect(response.status).to eq 200 }
|
|
45
53
|
end
|
|
46
54
|
|
|
47
55
|
context 'put' do
|
data/spec/dummy/db/schema.rb
CHANGED
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
#
|
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
|
12
12
|
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
|
13
|
+
ActiveRecord::Schema.define(version: 20181014233438) do
|
|
14
14
|
|
|
15
15
|
# These are extensions that must be enabled in order to support this database
|
|
16
16
|
enable_extension "plpgsql"
|
|
@@ -312,7 +312,7 @@ ActiveRecord::Schema.define(version: 20181004173216) do
|
|
|
312
312
|
t.integer "last_exercise_id"
|
|
313
313
|
t.integer "last_organization_id"
|
|
314
314
|
t.string "uid", null: false
|
|
315
|
-
t.text "permissions"
|
|
315
|
+
t.text "permissions"
|
|
316
316
|
t.string "first_name"
|
|
317
317
|
t.string "last_name"
|
|
318
318
|
t.boolean "accepts_reminders", default: true
|
|
@@ -28,9 +28,9 @@ feature 'not found on app', organization_workspace: :base do
|
|
|
28
28
|
visit '/api/nonexistentroute'
|
|
29
29
|
|
|
30
30
|
expect(page.text).to json_eq errors: [
|
|
31
|
-
'
|
|
31
|
+
'The operation on organization base' +
|
|
32
32
|
' was forbidden to user foo+1@bar.com' +
|
|
33
|
-
' with permissions
|
|
33
|
+
' with permissions !student:central/*;teacher:;headmaster:;janitor:;owner:']
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
scenario 'api with authentication' do
|
|
@@ -71,6 +71,8 @@ feature 'Standard Flow', organization_workspace: :test do
|
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
context 'with organizations and messages' do
|
|
74
|
+
before { allow_any_instance_of(Mumukit::Platform::Application::Organic).to receive(:organization_mapping).and_return(Mumukit::Platform::OrganizationMapping::Path) }
|
|
75
|
+
|
|
74
76
|
scenario 'visit organizations tab' do
|
|
75
77
|
user.make_student_of! organization.slug
|
|
76
78
|
user.save!
|
|
@@ -78,6 +80,7 @@ feature 'Standard Flow', organization_workspace: :test do
|
|
|
78
80
|
|
|
79
81
|
expect(page).to_not have_text('It seems you aren\'t in any organizations yet!')
|
|
80
82
|
expect(page).to have_text('Go to test-organization')
|
|
83
|
+
expect(page).to have_link(nil, href: 'http://localmumuki.io/test-organization/')
|
|
81
84
|
end
|
|
82
85
|
|
|
83
86
|
scenario 'visit messages tab' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mumuki-laboratory
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Franco Bulgarelli
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 7.
|
|
47
|
+
version: '7.4'
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 7.
|
|
54
|
+
version: '7.4'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: mumukit-core
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '2.
|
|
117
|
+
version: '2.7'
|
|
118
118
|
type: :runtime
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '2.
|
|
124
|
+
version: '2.7'
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: mumukit-login
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -802,6 +802,7 @@ files:
|
|
|
802
802
|
- db/migrate/20180725145801_add_submissions_caps_to_exams.rb
|
|
803
803
|
- db/migrate/20180802190437_add_approved_to_messages.rb
|
|
804
804
|
- db/migrate/20181004173216_add_free_form_editor_to_exercises.rb
|
|
805
|
+
- db/migrate/20181014233438_remove_non_null_constraint_from_permissions.rb
|
|
805
806
|
- db/seeds/users.rb
|
|
806
807
|
- lib/events.rb
|
|
807
808
|
- lib/mumuki/laboratory.rb
|
|
@@ -973,7 +974,6 @@ files:
|
|
|
973
974
|
- spec/helpers/email_helper_spec.rb
|
|
974
975
|
- spec/helpers/exercise_input_helper_spec.rb
|
|
975
976
|
- spec/helpers/icons_helper_spec.rb
|
|
976
|
-
- spec/helpers/organization_list_helper_spec.rb
|
|
977
977
|
- spec/helpers/test_results_rendering_spec.rb
|
|
978
978
|
- spec/helpers/with_choices_spec.rb
|
|
979
979
|
- spec/helpers/with_navigation_spec.rb
|
|
@@ -1161,7 +1161,6 @@ test_files:
|
|
|
1161
1161
|
- spec/helpers/email_helper_spec.rb
|
|
1162
1162
|
- spec/helpers/exercise_input_helper_spec.rb
|
|
1163
1163
|
- spec/helpers/icons_helper_spec.rb
|
|
1164
|
-
- spec/helpers/organization_list_helper_spec.rb
|
|
1165
1164
|
- spec/helpers/test_results_rendering_spec.rb
|
|
1166
1165
|
- spec/helpers/with_choices_spec.rb
|
|
1167
1166
|
- spec/helpers/with_navigation_spec.rb
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
|
|
3
|
-
describe OrganizationListHelper, organization_workspace: :test do
|
|
4
|
-
helper OrganizationListHelper
|
|
5
|
-
|
|
6
|
-
context 'not not users path' do
|
|
7
|
-
let(:request) { struct path: '/guides/1' }
|
|
8
|
-
|
|
9
|
-
it { expect(organization_switch_url(Organization.current)).to eq 'http://test.localmumuki.io/guides/1' }
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
context 'on users path' do
|
|
13
|
-
let(:request) { struct path: '/users/' }
|
|
14
|
-
let(:controller_name) { 'users' }
|
|
15
|
-
|
|
16
|
-
it { expect(organization_switch_url(Organization.current)).to eq 'http://test.localmumuki.io/' }
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
|