mumukit-auth 7.5.2 → 7.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a233658a7f1e3cfb135b4a483349e9fe38e20d92a5bf8a97040ccc618640c077
4
- data.tar.gz: 0664fea5f198d4870f21c681f1e42e36df4d4081735e4844edc0891211ffe5a2
3
+ metadata.gz: d04c848d1712ad910c8bee65a29e7c97cc9473e6bd355a239da5ae4779a628a3
4
+ data.tar.gz: 1ce6ae321c42896e72cc1bef840a7d8b38eb2ddcd9eab4f422a32b252daf67b3
5
5
  SHA512:
6
- metadata.gz: 836d44fcc5880cbc22268a9705e4f4d5a9f77256d7de7a84851356ce7da06daf5b5da0bea28b56a7aebabd1b89109b9e556e6af728ea6edbb923cc13e67e8d37
7
- data.tar.gz: d8860943ad2c1da1190189664deaeb73681abf3543c93e219b7c563eb1c27d998954678ef70da2de6b7c22e4332115af612b7aea31db325b27d08aba10e9ebef
6
+ metadata.gz: 3b47da935941edca52ea4be8fe3fe9a3e87a10f6f90fcd132683655aece5d35f359bb51c347dfeb068df92eb64bc13745851e0636f28e8c6c3ad69449392e550
7
+ data.tar.gz: ff30972e250e1427bb40a6a585ff8b3be581896054cd34dce36859d7e30ede4d585be856b2a77dce26186179cdc513e068726c39d30d9c4e33faead47e352314
@@ -7,6 +7,8 @@ end
7
7
 
8
8
  module Mumukit::Auth
9
9
  class Grant
10
+ delegate :organization, to: :to_mumukit_slug
11
+
10
12
  def as_json(options={})
11
13
  to_s
12
14
  end
@@ -63,7 +65,7 @@ module Mumukit::Auth
63
65
  end
64
66
 
65
67
  def allows?(resource_slug)
66
- resource_slug.to_mumukit_slug.match_first @first
68
+ resource_slug.to_mumukit_slug.normalize!.match_first @first
67
69
  end
68
70
 
69
71
  def to_s
@@ -77,16 +79,16 @@ module Mumukit::Auth
77
79
 
78
80
  class SingleGrant < Grant
79
81
  def initialize(slug)
80
- @slug = slug
82
+ @slug = slug.normalize
81
83
  end
82
84
 
83
85
  def allows?(resource_slug)
84
- resource_slug = resource_slug.to_mumukit_slug
86
+ resource_slug = resource_slug.to_mumukit_slug.normalize!
85
87
  resource_slug.match_first(@slug.first) && resource_slug.match_second(@slug.second)
86
88
  end
87
89
 
88
90
  def to_s
89
- @slug.to_case_insensitive_s
91
+ @slug.to_s
90
92
  end
91
93
 
92
94
  def to_mumukit_slug
@@ -28,8 +28,25 @@ class Mumukit::Auth::Permissions
28
28
  self.scopes[role] ||= Mumukit::Auth::Scope.new
29
29
  end
30
30
 
31
+ # Deprecated: use `student_granted_organizations` organizations instead
31
32
  def accessible_organizations
32
- scope_for(:student)&.grants&.map { |grant| grant.to_mumukit_slug.organization }.to_set
33
+ warn "Don't use accessible_organizations, since this method is probably not doing what you would expect.\n" +
34
+ "Use student_granted_organizations if you still need its behaviour"
35
+ student_granted_organizations
36
+ end
37
+
38
+ # Answers the organizations for which the user has been explicitly granted acceses as student.
39
+ # This method does not include the organizations the user has access because of the roles hierarchy
40
+ def student_granted_organizations
41
+ granted_organizations_for :student
42
+ end
43
+
44
+ def any_granted_organizations
45
+ scopes.values.flat_map(&:grants).map(&:organization).to_set
46
+ end
47
+
48
+ def granted_organizations_for(role)
49
+ scope_for(role)&.grants&.map(&:organization).to_set
33
50
  end
34
51
 
35
52
  def add_permission!(role, *grants)
@@ -41,12 +41,15 @@ module Mumukit::Auth
41
41
  parent :editor
42
42
  end
43
43
  class Editor < Role
44
- parent :owner
44
+ parent :admin
45
45
  end
46
46
  class Janitor < Role
47
- parent :owner
47
+ parent :admin
48
48
  end
49
49
  class Moderator < Role
50
+ parent :admin
51
+ end
52
+ class Admin < Role
50
53
  parent :owner
51
54
  end
52
55
  class Owner < Role
@@ -57,4 +60,4 @@ module Mumukit::Auth
57
60
  end
58
61
  end
59
62
  end
60
- end
63
+ end
@@ -1,6 +1,6 @@
1
1
  module Mumukit::Auth
2
2
  module Roles
3
- ROLES = [:student, :teacher, :headmaster, :writer, :editor, :janitor, :moderator, :owner]
3
+ ROLES = [:student, :teacher, :headmaster, :writer, :editor, :janitor, :moderator, :admin, :owner]
4
4
 
5
5
  ROLES.each do |role|
6
6
  define_method "#{role}?" do |scope = Mumukit::Auth::Slug.any|
@@ -23,11 +23,11 @@ module Mumukit::Auth
23
23
  end
24
24
 
25
25
  def match_first(first)
26
- match self.first.downcase, first.downcase
26
+ match self.first, first
27
27
  end
28
28
 
29
29
  def match_second(second)
30
- match self.second.downcase, second.downcase
30
+ match self.second, second
31
31
  end
32
32
 
33
33
  def rebase(new_organizaton)
@@ -35,21 +35,29 @@ module Mumukit::Auth
35
35
  end
36
36
 
37
37
  def ==(o)
38
- self.class == o.class && to_case_insensitive_s == o.to_case_insensitive_s
38
+ self.class == o.class && self.normalize.eql?(o.normalize)
39
39
  end
40
40
 
41
- alias_method :eql?, :==
41
+ def eql?(o)
42
+ self.class == o.class && to_s == o.to_s
43
+ end
42
44
 
43
45
  def hash
44
- to_case_insensitive_s.hash
46
+ to_s.hash
45
47
  end
46
48
 
47
49
  def to_s
48
50
  "#{first}/#{second}"
49
51
  end
50
52
 
51
- def to_case_insensitive_s
52
- @case_insensitive_s ||= to_s.downcase
53
+ def normalize!
54
+ @first = normalize_part @first
55
+ @second = normalize_part @second
56
+ self
57
+ end
58
+
59
+ def normalize
60
+ dup.normalize!
53
61
  end
54
62
 
55
63
  def inspect
@@ -90,14 +98,22 @@ module Mumukit::Auth
90
98
  parse '_/_'
91
99
  end
92
100
 
101
+ def self.normalize(first, second)
102
+ new(first, second).normalize!
103
+ end
104
+
93
105
  private
94
106
 
107
+ def normalize_part(slug_part)
108
+ slug_part.split('.').map(&:parameterize).join('.')
109
+ end
110
+
95
111
  def match(pattern, part)
96
112
  pattern == '_' || pattern == part
97
113
  end
98
114
 
99
115
  def self.validate_slug!(slug)
100
- unless slug =~ /.*\/.*/
116
+ unless slug =~ /\A[^\/\n]+\/[^\/\n]+\z/
101
117
  raise Mumukit::Auth::InvalidSlugFormatError, "Invalid slug: #{slug}. It must be in first/second format"
102
118
  end
103
119
  end
@@ -1,5 +1,5 @@
1
1
  module Mumukit
2
2
  module Auth
3
- VERSION = '7.5.2'
3
+ VERSION = '7.8.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mumukit-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.5.2
4
+ version: 7.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Franco Leonardo Bulgarelli
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-01-29 00:00:00.000000000 Z
11
+ date: 2020-07-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -16,42 +16,42 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.7'
19
+ version: '2.0'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '1.7'
26
+ version: '2.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rake
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '10.0'
33
+ version: '12.3'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '10.0'
40
+ version: '12.3'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '2'
47
+ version: '3.0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '2'
54
+ version: '3.0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: jwt
57
57
  requirement: !ruby/object:Gem::Requirement
@@ -119,7 +119,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
119
119
  - !ruby/object:Gem::Version
120
120
  version: '0'
121
121
  requirements: []
122
- rubygems_version: 3.0.2
122
+ rubyforge_project:
123
+ rubygems_version: 2.7.7
123
124
  signing_key:
124
125
  specification_version: 4
125
126
  summary: Library for authorizing mumuki requests