omniauth-tanmer 1.0.5 → 1.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 25bcdb0d2238841df77d666cf9a016a3d7e20b16
-  data.tar.gz: e64171ac52debf7321ddef66d96fdd3b4760a017
+  metadata.gz: e53731b2c179028d8129aa617e8a605f503eebfd
+  data.tar.gz: 8518e217257f134d55c75a5e7d742b71ff46937f
 SHA512:
-  metadata.gz: dfe9d29009f37eb5dba68ad0e564f4c4f2e18fa6205411b2e5c9278c24d6ffb411e850836147b860a12d4fd19d0098a86c0b0dd359d383fbe98372f3c7feb154
-  data.tar.gz: 0dc84dafffb075919b4a92b616def4a77cb9e5d30075d0ba84374ac44b8df23a9eb206a85c825cdbe62b4457d0f213db30bcd4b9bfb802fab968dd27ccd948cc
+  metadata.gz: b02809a68b4bf6015f92ef948ae2eb7e4e5fd47d9d6a77a0dc2070e19562fc5d25e1f5edd3046770634012451469d1a7c8d8505258606efc18f450354b981248
+  data.tar.gz: a7da19d88724751dc5cd578945e1b291f8b3f7f6a380b1943f0126557ab42f259b982b035eeea2f4ed91a5d3f02711559eebaf55a2f804049a51013386f9cf60

data/README.md

@@ -3,7 +3,7 @@
 This is the OAuth2 strategy for authenticating to your Tanmer service.
 
 ## Requirements
- 
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -20,10 +20,32 @@ Or install it yourself as:
 
 ## Usage
 
-    use OmniAuth::Builder do
-      provider :tanmer, ENV['TANMER_KEY'], ENV['TANMER_SECRET'], scope: 'tanmer_service'
+Put below code to `config/application.rb`:
+
+    config.middleware.use OmniAuth::Builder do
+        provider :tanmer, ENV['OAUTH_TANMER_KEY'], ENV['OAUTH_TANMER_SECRET'],
+        scope: 'public',
+        client_options: { site: ENV['OAUTH_TANMER_SITE'] }
     end
 
+## Features
+
+Sync permissions:
+
+```ruby
+current_permissions = [
+  { name: '查看', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'show', description: '' },
+  { name: '创建', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'create', description: '' },
+  { name: '修改', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'update', description: '' },
+  { name: '删除', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'destroy', description: '' },
+]
+
+client = Omniauth::Tanmer::Permission.new(ENV['OAUTH_TANMER_HOST'], ENV['OAUTH_TANMER_KEY'], ENV['OAUTH_TANMER_SECRET'])
+client.sync(current_permissions)
+```
+
+This will sync permission definitions between local project and SSO.
+
 ## Contributing
 
 1. Fork it

data/lib/omniauth-tanmer/permission.rb

@@ -0,0 +1,85 @@
+require "faraday"
+require "jwt"
+module Omniauth
+  module Tanmer
+    class Permission
+      attr_reader :app_id, :app_secret, :conn
+
+      def initialize(oauth_host, app_id, app_secret)
+        @app_id = app_id
+        @app_secret = app_secret
+        @conn = Faraday.new(oauth_host)
+      end
+
+      def remote
+        resp = conn.get('/api/v1/permissions.json', app_id: app_id, sn: generate_sn(SecureRandom.uuid))
+        JSON.parse(resp.body).map(&:symbolize_keys)
+      end
+
+      def sync(permissions)
+        remote_permissions = remote
+        puts "have #{permissions.size} permissions defined"
+        puts "got #{remote_permissions.size} permissions from API"
+
+        permissions_to_create = []
+        permissions_to_destroy = []
+        permissions_to_update = []
+
+        compare_names = %i(name group_name subject_class subject_id action description)
+        finder = %i(subject_class subject_id action)
+
+        # create new
+        permissions.each do |current_perm|
+          unless remote_permissions.any? { |existing_perm| finder.all?{ |k| existing_perm[k] == current_perm[k] } }
+            # permissions.delete(current_perm)
+            permissions_to_create << current_perm
+          end
+        end
+        puts "#{permissions_to_create.size} permissions will be created"
+        permissions = permissions - permissions_to_create
+
+        # destroy old
+        remote_permissions.each do |existing_perm|
+          unless permissions.any? { |current_perm| finder.all?{ |k| existing_perm[k] == current_perm[k] } }
+            permissions_to_destroy << existing_perm
+          end
+        end
+        puts "#{permissions_to_destroy.size} permissions will be deleted from API"
+        remote_permissions = remote_permissions - permissions_to_destroy
+
+        remote_permissions.each do |existing_perm|
+          current_perm = permissions.find { |current_perm| finder.all?{ |k| existing_perm[k] == current_perm[k]} }
+          unless compare_names.all? { |k| existing_perm[k] == current_perm[k] }
+            permissions_to_update << [existing_perm[:id], current_perm]
+          end
+        end
+
+        puts "#{permissions_to_update.size} permissions will be updated"
+
+        permissions_to_destroy.each do |perm|
+          resp = conn.delete("/api/v1/permissions/#{perm[:id]}", app_id: app_id, sn: generate_sn(SecureRandom.uuid))
+        end
+
+        permissions_to_update.each do |id, perm|
+          resp = conn.put("/api/v1/permissions/#{id}", permission: perm, app_id: app_id, sn: generate_sn(SecureRandom.uuid))
+        end
+
+        permissions_to_create.each do |perm|
+          resp = conn.post("/api/v1/permissions", permission: perm, app_id: app_id, sn: generate_sn(SecureRandom.uuid))
+          data = JSON.parse(resp.body)
+        end
+        {
+          created: permissions_to_create,
+          destroyed: permissions_to_destroy,
+          updated: permissions_to_update
+        }
+      end
+
+      private
+
+      def generate_sn(data=nil)
+        JWT.encode({ data: data, exp: Time.now.to_i + 300 }, app_secret, 'HS256')
+      end
+    end
+  end
+end

data/lib/omniauth-tanmer/version.rb

@@ -1,5 +1,5 @@
 module Omniauth
   module Tanmer
-    VERSION = '1.0.5'
+    VERSION = '1.1.1'
   end
 end

data/lib/omniauth-tanmer.rb

@@ -1,2 +1,3 @@
 require "omniauth-tanmer/version"
+require "omniauth-tanmer/permission"
 require 'omniauth/strategies/tanmer'

data/omniauth-tanmer.gemspec

@@ -19,4 +19,6 @@ Gem::Specification.new do |gem|
 
   gem.add_dependency 'omniauth', '~> 1.0'
   gem.add_dependency 'omniauth-oauth2', '~> 1.0'
+  gem.add_dependency 'jwt'
+  gem.add_dependency 'faraday'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-tanmer
 version: !ruby/object:Gem::Version
-  version: 1.0.5
+  version: 1.1.1
 platform: ruby
 authors:
 - xiaohui
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-27 00:00:00.000000000 Z
+date: 2018-03-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -38,6 +38,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: This is the strategy for authenticating to your Tanmer service
 email:
 - xiaohui@tanmer.com
@@ -52,6 +80,7 @@ files:
 - README.md
 - Rakefile
 - lib/omniauth-tanmer.rb
+- lib/omniauth-tanmer/permission.rb
 - lib/omniauth-tanmer/version.rb
 - lib/omniauth/strategies/tanmer.rb
 - omniauth-tanmer.gemspec
@@ -76,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: This is the strategy for authenticating to your Tanmer service