pretender 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in pretender.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Andrew Kane
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,132 @@
+# Pretender
+
+As an admin, there are times you want to see exactly what another user sees or take action on behalf of a user.  Pretender provides the ability to login as another user **the right way**.
+
+What is the right way?
+
+- Easy to switch back and forth between roles
+- Minimal code changes
+- Plays nicely with auditing tools
+
+[Rock on](http://www.youtube.com/watch?v=SBjQ9tuuTJQ) :boom:
+
+Pretender is also flexible and lightweight - less than 40 lines of code :-)
+
+Pretender works with Rails 2.3 and above.
+
+## Get started
+
+Add this line to your application's Gemfile:
+
+```ruby
+# Gemfile
+gem 'pretender'
+```
+
+And add this line to your ApplicationController:
+
+```ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  impersonates :user
+end
+```
+
+This adds three methods to your controllers:
+
+```ruby
+true_user
+# returns authenticated user
+
+impersonate_user(user)
+# allows you to login as another user
+
+stop_impersonating_user
+# become yourself again
+  ```
+
+And changes the behavior of another:
+
+```ruby
+current_user
+# now returns:
+# - if impersonating, the impersonated user
+# - otherwise, the true user
+```
+
+**Note:** the name of this method is configurable (details at the end)
+
+Now we need to setup a way to login as another user.  **Pretender makes no assumptions about how you want to do this**.  I like to add this to my admin dashboard.
+
+#### Sample Implementation
+
+```ruby
+class Admin::UsersController < ApplicationController
+  before_filter :require_admin, :except => [:stop_impersonating]
+
+  def impersonate
+    user = User.find(params[:id])
+    impersonate_user(user)
+    redirect_to root_path
+  end
+
+  # do not require admin for this method if access control
+  # is performed on the current_user instead of true_user
+  def stop_impersonating
+    stop_impersonating_user
+    redirect_to admin_path
+  end
+end
+```
+
+You may want to make it obvious to an admin when he / she is logged in as another user.  I like to add this to the application layout.
+
+#### Haml / Slim
+
+```haml
+- # app/views/layouts/application.haml
+- if current_user != true_user
+  .alert
+    You (#{true_user.name}) are logged in as #{current_user.name}
+    = link_to "Back to admin", stop_impersonating_user_path
+```
+
+### Audits
+
+If you keep audit logs with a library like [audited](https://github.com/collectiveidea/audited), make sure it uses the **true user**.
+
+```ruby
+Audited.current_user_method = :true_user
+```
+
+### Configuration
+
+Pretender is super flexible.  You can change the names of methods and even impersonate multiple roles at the same time.  Here's the default configuration.
+
+```ruby
+# app/controllers/application_controller.rb
+impersonates :user,
+             :method => :current_user,
+             :with => proc{|id| User.where(:id => id).first }
+```
+
+Mold it to fit your application.
+
+```ruby
+# app/controllers/application_controller.rb
+impersonates :account,
+             :method => :authenticated_account,
+             :with => proc{|id| EnterpriseAccount.where(:id => id).first }
+```
+
+This creates three methods:
+
+```ruby
+true_account
+impersonate_account
+stop_impersonating_account
+```
+
+Also, authenticated_account is overridden with `EnterpriseAccount.where(:id => id).first`
+
+### That's all folks!

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/pretender.rb

@@ -0,0 +1,38 @@
+require "pretender/version"
+
+module Pretender
+
+  def impersonates(scope = :user, opts = {})
+    impersonated_method = opts[:method] || :"current_#{scope}"
+    impersonate_with = opts[:with] || proc{|id| scope.to_s.classify.constantize.where(:id => id).first }
+    true_method = :"true_#{scope}"
+    session_key = :"impersonated_#{scope}_id"
+    impersonated_var = :"@impersonated_#{scope}"
+
+    # define methods
+    alias_method true_method, impersonated_method
+    helper_method true_method
+
+    define_method impersonated_method do
+      # only try to fetch impersonation if impersonation_id exists
+      if !instance_variable_get(impersonated_var)
+        value = (session[session_key] && impersonate_with.call(session[session_key])) || send(true_method)
+        instance_variable_set(impersonated_var, value) if value
+      end
+      instance_variable_get(impersonated_var)
+    end
+
+    define_method :"impersonate_#{scope}" do |resource|
+      instance_variable_set(impersonated_var, resource)
+      session[session_key] = resource.id
+    end
+
+    define_method :"stop_impersonating_#{scope}" do
+      instance_variable_set(impersonated_var, nil)
+      session[session_key] = nil
+    end
+  end
+
+end
+
+ActionController::Base.send(:extend, Pretender) if defined?(ActionController::Base)

data/lib/pretender/version.rb

@@ -0,0 +1,3 @@
+module Pretender
+  VERSION = "0.0.1"
+end

data/pretender.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'pretender/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "pretender"
+  spec.version       = Pretender::VERSION
+  spec.authors       = ["Andrew Kane"]
+  spec.email         = ["acekane1@gmail.com"]
+  spec.description   = %q{The right way to login as another user}
+  spec.summary       = %q{What is the right way? Easy to switch back and forth between roles, minimal code changes, and plays nicely with auditing tools}
+  spec.homepage      = "https://github.com/ankane/pretender"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

metadata

@@ -0,0 +1,88 @@
+--- !ruby/object:Gem::Specification
+name: pretender
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Andrew Kane
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-03-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: The right way to login as another user
+email:
+- acekane1@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/pretender.rb
+- lib/pretender/version.rb
+- pretender.gemspec
+homepage: https://github.com/ankane/pretender
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: What is the right way? Easy to switch back and forth between roles, minimal
+  code changes, and plays nicely with auditing tools
+test_files: []
+has_rdoc: