mumukit-auth 2.2.2 → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/mumukit/auth/exceptions.rb +3 -0
  3. data/lib/mumukit/auth/permissions.rb +2 -2
  4. data/lib/mumukit/auth/scope.rb +1 -5
  5. data/lib/mumukit/auth/store.rb +25 -4
  6. data/lib/mumukit/auth/token.rb +12 -0
  7. data/lib/mumukit/auth/version.rb +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 167306465dc5b0e444eb0543ac074a2d1eace097
4
- data.tar.gz: 69eae7d161f9abdc7b7107bc01a67f76da02f7b8
3
+ metadata.gz: a9092f2f97e6a3b76afc8339f023be19daae8f43
4
+ data.tar.gz: a341795e26fceb21541c1d4dbfabc8acaa5c4942
5
5
  SHA512:
6
- metadata.gz: 0d486a7cbd380a1d3f91d046f39f75d8a7d15ca93af6c6c1620b44e04e7778b4e316c1cc0f78025db47ec10ae6c781db0aa532f96acd8972e4d849798dda07b8
7
- data.tar.gz: 0015801f215f4b8135af85c8e7a62873df22b4fc9ab9635fb4053a6245900592987a78244b69dfb24cb75bf56227f93ab398337c8a455b9b71aa49659c002948
6
+ metadata.gz: fb99bd92c87a8dd3c80a86a9edfaeffd2ebb7beffe321b266126adab91d73f154fc2f53b53c0dcf000801e7e4009278e49151b6fe6c41ef63af27e05626d4e03
7
+ data.tar.gz: 9f0f7f2cff61e2f3447de4d4ca00071a2ab897556c274f80bea6dc5681bbc95b708e2cf2ffa550152bb2d4b20f4acaf27ae00619b9c54f024336f305b6f4c11c
data/lib/mumukit/auth/exceptions.rb CHANGED
@@ -3,5 +3,8 @@ module Mumukit::Auth
3
3
  end
4
4
 
5
5
  class UnauthorizedAccessError < StandardError
6
+ def self.with_message(slug, grants)
7
+ new "Unauthorized access to #{slug}. Permissions are #{grants}"
8
+ end
6
9
  end
7
10
  end
data/lib/mumukit/auth/permissions.rb CHANGED
@@ -14,7 +14,7 @@ class Mumukit::Auth::Permissions
14
14
  end
15
15
 
16
16
  def protect!(scope, slug)
17
- scope_for(scope)&.protect!(slug)
17
+ scope_for(scope).protect!(slug)
18
18
  end
19
19
 
20
20
  def has_role?(role)
@@ -22,7 +22,7 @@ class Mumukit::Auth::Permissions
22
22
  end
23
23
 
24
24
  def scope_for(role)
25
- self.scopes[role]
25
+ self.scopes[role] || Mumukit::Auth::Scope.new
26
26
  end
27
27
 
28
28
  def add_permission!(role, *grants)
data/lib/mumukit/auth/scope.rb CHANGED
@@ -7,7 +7,7 @@ module Mumukit::Auth
7
7
  end
8
8
 
9
9
  def protect!(resource_slug)
10
- raise Mumukit::Auth::UnauthorizedAccessError.new(unauthorized_message(resource_slug)) unless allows?(resource_slug)
10
+ raise Mumukit::Auth::UnauthorizedAccessError.with_message(resource_slug, self) unless allows?(resource_slug)
11
11
  end
12
12
 
13
13
  def allows?(resource_slug)
@@ -44,9 +44,5 @@ module Mumukit::Auth
44
44
  def any_grant?(&block)
45
45
  @grants.any?(&block)
46
46
  end
47
-
48
- def unauthorized_message(slug)
49
- "Unauthorized access to #{slug}. Permissions are #{to_s}"
50
- end
51
47
  end
52
48
  end
data/lib/mumukit/auth/store.rb CHANGED
@@ -1,10 +1,35 @@
1
1
  module Mumukit::Auth
2
2
  class Store
3
3
 
4
+ class << self
5
+ def from_env
6
+ new Mumukit::Auth.config.daybreak_name
7
+ end
8
+
9
+ def with(&block)
10
+ store = from_env
11
+ block.call store
12
+ ensure
13
+ store.close
14
+ end
15
+
16
+ def set!(*args)
17
+ with { |store| store.set!(*args) }
18
+ end
19
+
20
+ def get(key)
21
+ with { |store| store.get(key) }
22
+ end
23
+ end
24
+
4
25
  def initialize(db_name)
5
26
  @db = Daybreak::DB.new "#{db_name}.db", default: '{}'
6
27
  end
7
28
 
29
+ def close
30
+ @db.close
31
+ end
32
+
8
33
  def set!(key, value)
9
34
  @db.update! key.to_sym => value.to_json
10
35
  end
@@ -12,9 +37,5 @@ module Mumukit::Auth
12
37
  def get(key)
13
38
  Mumukit::Auth::Permissions.load @db[key]
14
39
  end
15
-
16
- def close
17
- @db.close
18
- end
19
40
  end
20
41
  end
data/lib/mumukit/auth/token.rb CHANGED
@@ -12,6 +12,18 @@ module Mumukit::Auth
12
12
  @metadata ||= jwt['metadata'] || {}
13
13
  end
14
14
 
15
+ def uid
16
+ @uid ||= jwt['email'] || jwt['sub']
17
+ end
18
+
19
+ def permissions
20
+ @permissions ||= Mumukit::Auth::Store.get uid
21
+ end
22
+
23
+ def protect!(scope, resource_slug)
24
+ permissions.protect! scope, resource_slug
25
+ end
26
+
15
27
  def verify_client!
16
28
  raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if Mumukit::Auth.config.client_id != jwt['aud']
17
29
  end
data/lib/mumukit/auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Mumukit
2
2
  module Auth
3
- VERSION = '2.2.2'
3
+ VERSION = '3.0.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mumukit-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.2
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Franco Leonardo Bulgarelli
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-12-20 00:00:00.000000000 Z
11
+ date: 2016-12-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler