osso 0.0.3.6 → 0.0.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f2d208f60074e354a988dd4f6d1e07409a8c5b9809371f2ab86e952c1cf52cb2
4
- data.tar.gz: a113355db7bb066f7f87fea0bf8313bc7f60d628380abb8f334fc5de8e7e2d29
3
+ metadata.gz: 5e43fcdb190c819ff0da0cb9ac9358152f42804f7fa116771d9dd458bf141c30
4
+ data.tar.gz: 65f6005798ec50a1ad4dd297c695aa08c80fb2ba8cc059eaa38cfb5f15a13dcc
5
5
  SHA512:
6
- metadata.gz: fec8ba8811aa056a367f975f206309cf74148a2bb551f8b37073a5c084a8fdeb86433dcd55862e24fe1199ba0b9ac8f3d166fce74ab7ea61ac5faa0690426baf
7
- data.tar.gz: 20f63616bfc1619d503357be6cbabc114bd9a9402fdd7cdf3e0caa5415fb19dd4cf22a56dcdc6aa83c0b323cd77f4da529659e1455e3c277f4d4180d97e290d5
6
+ metadata.gz: 617a3e1e5a5b476c4758476f7708e12a752d8d448a46866e37352ee319dcd5c08f2d0726d81c4ec1054e5129073840d6d76aad24ef938a1ccaf475bd72cc6d7b
7
+ data.tar.gz: 77f11455be71add868a54d61683be3dc9a09231a92fdbf1abbb05c685732c6469eaeb9acbbd765ff0ff894960224bdcb736525687b234c002a46a1e4d0b2dba6
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- osso (0.0.3.6)
4
+ osso (0.0.3.7)
5
5
  activesupport (>= 6.0.3.2)
6
6
  graphql
7
7
  jwt
@@ -6,7 +6,7 @@ module Osso
6
6
  module GraphQL
7
7
  module Types
8
8
  class MutationType < BaseObject
9
- field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider
9
+ field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider, null: true
10
10
  field :create_identity_provider, mutation: Mutations::CreateIdentityProvider
11
11
  field :create_enterprise_account, mutation: Mutations::CreateEnterpriseAccount
12
12
  field :set_identity_provider, mutation: Mutations::SetSamlProvider
@@ -15,10 +15,10 @@ module Osso
15
15
  error.merge(data: nil)
16
16
  end
17
17
 
18
- def ready?(enterprise_account_id: nil, domain: nil, **args)
18
+ def ready?(enterprise_account_id: nil, domain: nil, identity_provider_id: nil, **args)
19
19
  return true if context[:scope] == :admin
20
20
 
21
- domain ||= account_domain(enterprise_account_id)
21
+ domain ||= account_domain(enterprise_account_id) || provider_domain(identity_provider_id)
22
22
  return true if domain == context[:scope]
23
23
 
24
24
  raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{args[:domain]}"
@@ -29,6 +29,12 @@ module Osso
29
29
 
30
30
  Osso::Models::EnterpriseAccount.find(id)&.domain
31
31
  end
32
+
33
+ def provider_domain(id)
34
+ return false unless id
35
+
36
+ Osso::Models::IdentityProvider.find(id)&.domain
37
+ end
32
38
  end
33
39
  end
34
40
  end
@@ -16,11 +16,20 @@ module Osso
16
16
  def resolve(id:, **args)
17
17
  provider = Osso::Models::IdentityProvider.find(id)
18
18
 
19
- return unauthorized unless authorized?
20
19
  return response_data(identity_provider: provider) if provider.update(args)
21
20
 
22
21
  response_error(errors: provder.errors.messages)
23
22
  end
23
+
24
+ def ready?(id:, **args)
25
+ return true if context[:scope] == :admin
26
+
27
+ domain = Osso::Models::IdentityProvider.find(id)&.domain
28
+
29
+ return true if domain == context[:scope]
30
+
31
+ raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{domain}"
32
+ end
24
33
  end
25
34
  end
26
35
  end
@@ -37,6 +37,10 @@ module Osso
37
37
  raise("Unexpected object: #{obj}")
38
38
  end
39
39
  end
40
+
41
+ def self.unauthorized_object(error)
42
+ raise ::GraphQL::ExecutionError, "An object of type #{error.type.graphql_name} was hidden due to permissions"
43
+ end
40
44
  end
41
45
  end
42
46
  end
@@ -23,6 +23,10 @@ module Osso
23
23
  def identity_providers
24
24
  object.identity_providers
25
25
  end
26
+
27
+ def self.authorized?(object, context)
28
+ super && (context[:scope] == :admin || object.domain == context[:scope])
29
+ end
26
30
  end
27
31
  end
28
32
  end
@@ -18,10 +18,19 @@ module Osso
18
18
  field :sso_url, String, null: true
19
19
  field :sso_cert, String, null: true
20
20
  field :configured, Boolean, null: false
21
+ field :documentation_pdf_url, String, null: true
21
22
 
22
23
  def configured
23
24
  !!(@object.sso_url && @object.sso_cert)
24
25
  end
26
+
27
+ def documentation_pdf_url
28
+ ENV['BASE_URL'] + '/identity_provider/documentation/' + @object.id
29
+ end
30
+
31
+ def self.authorized?(object, context)
32
+ super && (context[:scope] == :admin || object.domain == context[:scope])
33
+ end
25
34
  end
26
35
  end
27
36
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Osso
4
- VERSION = '0.0.3.6'
4
+ VERSION = '0.0.3.7'
5
5
  end
@@ -55,11 +55,21 @@ describe Osso::GraphQL::Schema do
55
55
  let(:domain) { Faker::Internet.domain_name }
56
56
  let(:current_scope) { domain }
57
57
  let(:enterprise_account) { create(:enterprise_account, domain: domain) }
58
+ let(:identity_provider) { create(:identity_provider, enterprise_account: enterprise_account, domain: domain) }
58
59
 
59
- it 'creates an identity provider' do
60
+ it 'configures an identity provider' do
60
61
  expect(subject.dig('data', 'configureIdentityProvider', 'identityProvider', 'domain')).
61
62
  to eq(domain)
62
63
  end
63
64
  end
65
+
66
+ describe 'for the wrong email scoped user' do
67
+ let(:domain) { Faker::Internet.domain_name }
68
+ let(:current_scope) { domain }
69
+
70
+ it 'does not configure an identity provider' do
71
+ expect(subject.dig('errors')).to_not be_empty
72
+ end
73
+ end
64
74
  end
65
75
  end
@@ -5,6 +5,7 @@ require 'spec_helper'
5
5
  describe Osso::GraphQL::Schema do
6
6
  describe 'Identity Provider' do
7
7
  let(:id) { Faker::Internet.uuid }
8
+ let(:domain) { Faker::Internet.domain_name }
8
9
  let(:variables) { { id: id } }
9
10
  let(:query) do
10
11
  <<~GRAPHQL
@@ -24,7 +25,7 @@ describe Osso::GraphQL::Schema do
24
25
 
25
26
  before do
26
27
  create(:identity_provider)
27
- create(:identity_provider, id: id)
28
+ create(:identity_provider, id: id, domain: domain)
28
29
  end
29
30
 
30
31
  subject do
@@ -43,18 +44,20 @@ describe Osso::GraphQL::Schema do
43
44
  end
44
45
  end
45
46
 
46
- xdescribe 'for an email scoped user' do
47
+ describe 'for an email scoped user' do
47
48
  let(:current_scope) { domain }
49
+
48
50
  it 'returns Enterprise Account for domain' do
49
51
  expect(subject['errors']).to be_nil
50
- expect(subject.dig('data', 'enterpriseAccount', 'domain')).to eq(domain)
52
+ expect(subject.dig('data', 'identityProvider', 'domain')).to eq(domain)
51
53
  end
52
54
  end
53
55
 
54
- xdescribe 'for the wrong email scoped user' do
56
+ describe 'for the wrong email scoped user' do
55
57
  let(:current_scope) { 'bar.com' }
58
+
56
59
  it 'returns Enterprise Account for domain' do
57
- expect(subject['errors']).to be_nil
60
+ expect(subject['errors']).to_not be_empty
58
61
  expect(subject.dig('data', 'enterpriseAccount')).to be_nil
59
62
  end
60
63
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: osso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3.6
4
+ version: 0.0.3.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Bauch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-16 00:00:00.000000000 Z
11
+ date: 2020-07-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport