mumukit-auth 2.2.2 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/mumukit/auth/exceptions.rb +3 -0
- data/lib/mumukit/auth/permissions.rb +2 -2
- data/lib/mumukit/auth/scope.rb +1 -5
- data/lib/mumukit/auth/store.rb +25 -4
- data/lib/mumukit/auth/token.rb +12 -0
- data/lib/mumukit/auth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a9092f2f97e6a3b76afc8339f023be19daae8f43
|
4
|
+
data.tar.gz: a341795e26fceb21541c1d4dbfabc8acaa5c4942
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fb99bd92c87a8dd3c80a86a9edfaeffd2ebb7beffe321b266126adab91d73f154fc2f53b53c0dcf000801e7e4009278e49151b6fe6c41ef63af27e05626d4e03
|
7
|
+
data.tar.gz: 9f0f7f2cff61e2f3447de4d4ca00071a2ab897556c274f80bea6dc5681bbc95b708e2cf2ffa550152bb2d4b20f4acaf27ae00619b9c54f024336f305b6f4c11c
|
@@ -14,7 +14,7 @@ class Mumukit::Auth::Permissions
|
|
14
14
|
end
|
15
15
|
|
16
16
|
def protect!(scope, slug)
|
17
|
-
scope_for(scope)
|
17
|
+
scope_for(scope).protect!(slug)
|
18
18
|
end
|
19
19
|
|
20
20
|
def has_role?(role)
|
@@ -22,7 +22,7 @@ class Mumukit::Auth::Permissions
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def scope_for(role)
|
25
|
-
self.scopes[role]
|
25
|
+
self.scopes[role] || Mumukit::Auth::Scope.new
|
26
26
|
end
|
27
27
|
|
28
28
|
def add_permission!(role, *grants)
|
data/lib/mumukit/auth/scope.rb
CHANGED
@@ -7,7 +7,7 @@ module Mumukit::Auth
|
|
7
7
|
end
|
8
8
|
|
9
9
|
def protect!(resource_slug)
|
10
|
-
raise Mumukit::Auth::UnauthorizedAccessError.
|
10
|
+
raise Mumukit::Auth::UnauthorizedAccessError.with_message(resource_slug, self) unless allows?(resource_slug)
|
11
11
|
end
|
12
12
|
|
13
13
|
def allows?(resource_slug)
|
@@ -44,9 +44,5 @@ module Mumukit::Auth
|
|
44
44
|
def any_grant?(&block)
|
45
45
|
@grants.any?(&block)
|
46
46
|
end
|
47
|
-
|
48
|
-
def unauthorized_message(slug)
|
49
|
-
"Unauthorized access to #{slug}. Permissions are #{to_s}"
|
50
|
-
end
|
51
47
|
end
|
52
48
|
end
|
data/lib/mumukit/auth/store.rb
CHANGED
@@ -1,10 +1,35 @@
|
|
1
1
|
module Mumukit::Auth
|
2
2
|
class Store
|
3
3
|
|
4
|
+
class << self
|
5
|
+
def from_env
|
6
|
+
new Mumukit::Auth.config.daybreak_name
|
7
|
+
end
|
8
|
+
|
9
|
+
def with(&block)
|
10
|
+
store = from_env
|
11
|
+
block.call store
|
12
|
+
ensure
|
13
|
+
store.close
|
14
|
+
end
|
15
|
+
|
16
|
+
def set!(*args)
|
17
|
+
with { |store| store.set!(*args) }
|
18
|
+
end
|
19
|
+
|
20
|
+
def get(key)
|
21
|
+
with { |store| store.get(key) }
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
4
25
|
def initialize(db_name)
|
5
26
|
@db = Daybreak::DB.new "#{db_name}.db", default: '{}'
|
6
27
|
end
|
7
28
|
|
29
|
+
def close
|
30
|
+
@db.close
|
31
|
+
end
|
32
|
+
|
8
33
|
def set!(key, value)
|
9
34
|
@db.update! key.to_sym => value.to_json
|
10
35
|
end
|
@@ -12,9 +37,5 @@ module Mumukit::Auth
|
|
12
37
|
def get(key)
|
13
38
|
Mumukit::Auth::Permissions.load @db[key]
|
14
39
|
end
|
15
|
-
|
16
|
-
def close
|
17
|
-
@db.close
|
18
|
-
end
|
19
40
|
end
|
20
41
|
end
|
data/lib/mumukit/auth/token.rb
CHANGED
@@ -12,6 +12,18 @@ module Mumukit::Auth
|
|
12
12
|
@metadata ||= jwt['metadata'] || {}
|
13
13
|
end
|
14
14
|
|
15
|
+
def uid
|
16
|
+
@uid ||= jwt['email'] || jwt['sub']
|
17
|
+
end
|
18
|
+
|
19
|
+
def permissions
|
20
|
+
@permissions ||= Mumukit::Auth::Store.get uid
|
21
|
+
end
|
22
|
+
|
23
|
+
def protect!(scope, resource_slug)
|
24
|
+
permissions.protect! scope, resource_slug
|
25
|
+
end
|
26
|
+
|
15
27
|
def verify_client!
|
16
28
|
raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if Mumukit::Auth.config.client_id != jwt['aud']
|
17
29
|
end
|
data/lib/mumukit/auth/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mumukit-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Franco Leonardo Bulgarelli
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-12-
|
11
|
+
date: 2016-12-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|