osso 0.0.3.6 → 0.0.3.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/osso/graphql/mutation.rb +1 -1
- data/lib/osso/graphql/mutations/base_mutation.rb +8 -2
- data/lib/osso/graphql/mutations/configure_identity_provider.rb +10 -1
- data/lib/osso/graphql/schema.rb +4 -0
- data/lib/osso/graphql/types/enterprise_account.rb +4 -0
- data/lib/osso/graphql/types/identity_provider.rb +9 -0
- data/lib/osso/version.rb +1 -1
- data/spec/graphql/mutations/configure_identity_provider_spec.rb +11 -1
- data/spec/graphql/query/identity_provider_spec.rb +8 -5
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5e43fcdb190c819ff0da0cb9ac9358152f42804f7fa116771d9dd458bf141c30
|
4
|
+
data.tar.gz: 65f6005798ec50a1ad4dd297c695aa08c80fb2ba8cc059eaa38cfb5f15a13dcc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 617a3e1e5a5b476c4758476f7708e12a752d8d448a46866e37352ee319dcd5c08f2d0726d81c4ec1054e5129073840d6d76aad24ef938a1ccaf475bd72cc6d7b
|
7
|
+
data.tar.gz: 77f11455be71add868a54d61683be3dc9a09231a92fdbf1abbb05c685732c6469eaeb9acbbd765ff0ff894960224bdcb736525687b234c002a46a1e4d0b2dba6
|
data/Gemfile.lock
CHANGED
@@ -6,7 +6,7 @@ module Osso
|
|
6
6
|
module GraphQL
|
7
7
|
module Types
|
8
8
|
class MutationType < BaseObject
|
9
|
-
field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider
|
9
|
+
field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider, null: true
|
10
10
|
field :create_identity_provider, mutation: Mutations::CreateIdentityProvider
|
11
11
|
field :create_enterprise_account, mutation: Mutations::CreateEnterpriseAccount
|
12
12
|
field :set_identity_provider, mutation: Mutations::SetSamlProvider
|
@@ -15,10 +15,10 @@ module Osso
|
|
15
15
|
error.merge(data: nil)
|
16
16
|
end
|
17
17
|
|
18
|
-
def ready?(enterprise_account_id: nil, domain: nil, **args)
|
18
|
+
def ready?(enterprise_account_id: nil, domain: nil, identity_provider_id: nil, **args)
|
19
19
|
return true if context[:scope] == :admin
|
20
20
|
|
21
|
-
domain ||= account_domain(enterprise_account_id)
|
21
|
+
domain ||= account_domain(enterprise_account_id) || provider_domain(identity_provider_id)
|
22
22
|
return true if domain == context[:scope]
|
23
23
|
|
24
24
|
raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{args[:domain]}"
|
@@ -29,6 +29,12 @@ module Osso
|
|
29
29
|
|
30
30
|
Osso::Models::EnterpriseAccount.find(id)&.domain
|
31
31
|
end
|
32
|
+
|
33
|
+
def provider_domain(id)
|
34
|
+
return false unless id
|
35
|
+
|
36
|
+
Osso::Models::IdentityProvider.find(id)&.domain
|
37
|
+
end
|
32
38
|
end
|
33
39
|
end
|
34
40
|
end
|
@@ -16,11 +16,20 @@ module Osso
|
|
16
16
|
def resolve(id:, **args)
|
17
17
|
provider = Osso::Models::IdentityProvider.find(id)
|
18
18
|
|
19
|
-
return unauthorized unless authorized?
|
20
19
|
return response_data(identity_provider: provider) if provider.update(args)
|
21
20
|
|
22
21
|
response_error(errors: provder.errors.messages)
|
23
22
|
end
|
23
|
+
|
24
|
+
def ready?(id:, **args)
|
25
|
+
return true if context[:scope] == :admin
|
26
|
+
|
27
|
+
domain = Osso::Models::IdentityProvider.find(id)&.domain
|
28
|
+
|
29
|
+
return true if domain == context[:scope]
|
30
|
+
|
31
|
+
raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{domain}"
|
32
|
+
end
|
24
33
|
end
|
25
34
|
end
|
26
35
|
end
|
data/lib/osso/graphql/schema.rb
CHANGED
@@ -18,10 +18,19 @@ module Osso
|
|
18
18
|
field :sso_url, String, null: true
|
19
19
|
field :sso_cert, String, null: true
|
20
20
|
field :configured, Boolean, null: false
|
21
|
+
field :documentation_pdf_url, String, null: true
|
21
22
|
|
22
23
|
def configured
|
23
24
|
!!(@object.sso_url && @object.sso_cert)
|
24
25
|
end
|
26
|
+
|
27
|
+
def documentation_pdf_url
|
28
|
+
ENV['BASE_URL'] + '/identity_provider/documentation/' + @object.id
|
29
|
+
end
|
30
|
+
|
31
|
+
def self.authorized?(object, context)
|
32
|
+
super && (context[:scope] == :admin || object.domain == context[:scope])
|
33
|
+
end
|
25
34
|
end
|
26
35
|
end
|
27
36
|
end
|
data/lib/osso/version.rb
CHANGED
@@ -55,11 +55,21 @@ describe Osso::GraphQL::Schema do
|
|
55
55
|
let(:domain) { Faker::Internet.domain_name }
|
56
56
|
let(:current_scope) { domain }
|
57
57
|
let(:enterprise_account) { create(:enterprise_account, domain: domain) }
|
58
|
+
let(:identity_provider) { create(:identity_provider, enterprise_account: enterprise_account, domain: domain) }
|
58
59
|
|
59
|
-
it '
|
60
|
+
it 'configures an identity provider' do
|
60
61
|
expect(subject.dig('data', 'configureIdentityProvider', 'identityProvider', 'domain')).
|
61
62
|
to eq(domain)
|
62
63
|
end
|
63
64
|
end
|
65
|
+
|
66
|
+
describe 'for the wrong email scoped user' do
|
67
|
+
let(:domain) { Faker::Internet.domain_name }
|
68
|
+
let(:current_scope) { domain }
|
69
|
+
|
70
|
+
it 'does not configure an identity provider' do
|
71
|
+
expect(subject.dig('errors')).to_not be_empty
|
72
|
+
end
|
73
|
+
end
|
64
74
|
end
|
65
75
|
end
|
@@ -5,6 +5,7 @@ require 'spec_helper'
|
|
5
5
|
describe Osso::GraphQL::Schema do
|
6
6
|
describe 'Identity Provider' do
|
7
7
|
let(:id) { Faker::Internet.uuid }
|
8
|
+
let(:domain) { Faker::Internet.domain_name }
|
8
9
|
let(:variables) { { id: id } }
|
9
10
|
let(:query) do
|
10
11
|
<<~GRAPHQL
|
@@ -24,7 +25,7 @@ describe Osso::GraphQL::Schema do
|
|
24
25
|
|
25
26
|
before do
|
26
27
|
create(:identity_provider)
|
27
|
-
create(:identity_provider, id: id)
|
28
|
+
create(:identity_provider, id: id, domain: domain)
|
28
29
|
end
|
29
30
|
|
30
31
|
subject do
|
@@ -43,18 +44,20 @@ describe Osso::GraphQL::Schema do
|
|
43
44
|
end
|
44
45
|
end
|
45
46
|
|
46
|
-
|
47
|
+
describe 'for an email scoped user' do
|
47
48
|
let(:current_scope) { domain }
|
49
|
+
|
48
50
|
it 'returns Enterprise Account for domain' do
|
49
51
|
expect(subject['errors']).to be_nil
|
50
|
-
expect(subject.dig('data', '
|
52
|
+
expect(subject.dig('data', 'identityProvider', 'domain')).to eq(domain)
|
51
53
|
end
|
52
54
|
end
|
53
55
|
|
54
|
-
|
56
|
+
describe 'for the wrong email scoped user' do
|
55
57
|
let(:current_scope) { 'bar.com' }
|
58
|
+
|
56
59
|
it 'returns Enterprise Account for domain' do
|
57
|
-
expect(subject['errors']).
|
60
|
+
expect(subject['errors']).to_not be_empty
|
58
61
|
expect(subject.dig('data', 'enterpriseAccount')).to be_nil
|
59
62
|
end
|
60
63
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: osso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.3.
|
4
|
+
version: 0.0.3.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Bauch
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-07-
|
11
|
+
date: 2020-07-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|