RubyGems - pretender - Versions diffs - 0.3.1 → 0.4.0 - Mend

pretender 0.3.1 → 0.4.0

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: fc80b6979512a9246224aa4d68f4dbda8b0c70f8
-  data.tar.gz: 71aadf8f167f0f0350f0c0c3b89743753fe8ef78
+SHA256:
+  metadata.gz: bfd83e017e14b15a69e02ffe5d25c6be57657f06d84b30fa276fedd61efb6d07
+  data.tar.gz: 55d4d73eb2ab7fa9fe87ba5be1b3da4e6264de02b845cb579612c9e8ae549ae2
 SHA512:
-  metadata.gz: c6e774897e0fc2b2b7a4bb2044ce22c6ea32d6263d20cf9ab441dc5a7d83dc6b218fcce333b661076a06c669047ec951671aa9c47f0bdf30c6b833465e60e080
-  data.tar.gz: 503223df0e48c6afce6e0d830a28ffac72bf55965e0db6ac7d4c8a439ef422a46bad0bbce06a6cfaae560a540c2ded2788f5919c81eec9c3f91dc595f5d94abd
+  metadata.gz: 7e7d1306ee4466cf4b9419dbfe71c161d633eb4ded28246252b90404954a57c06597081bbfa1fedfa69effce9cbb3988c2b39043e8abd9db5160b0f652987869
+  data.tar.gz: 422366a35f79040ddb0b104f4d3177b637333c590c65124e58bd5934378d13aebcb92987c6c07224ec16d6a5112087c85c2c6401f1517697b0737f66f462b8de

data/CHANGELOG.md CHANGED Viewed

@@ -1,17 +1,34 @@
-## 0.3.1
+## 0.4.0 (2022-01-10)
+- Dropped support for Ruby < 2.6 and Rails < 5.2
+## 0.3.4 (2019-01-31)
+- Fixed error with Action Cable and eager loading
+## 0.3.3 (2018-09-21)
+- Added support for Action Cable
+## 0.3.2 (2018-01-21)
+- Support for Mongoid `BSON::ObjectId` out of the box
+- Fixed issue with impersonated resource caching
+## 0.3.1 (2017-06-18)
 - Fixed `stack level too deep` error
-## 0.3.0
+## 0.3.0 (2017-06-11)
 - Fixed compatibility with Clearance
 - Added support for Rails API
 - Added support for custom primary key
-## 0.2.1
+## 0.2.1 (2016-07-07)
 - Better error message
-## 0.2.0
+## 0.2.0 (2016-07-07)
 - Started changelog

data/LICENSE.txt CHANGED Viewed

@@ -1,4 +1,4 @@
-Copyright (c) 2013 Andrew Kane
+Copyright (c) 2013-2021 Andrew Kane
 MIT License

data/README.md CHANGED Viewed

@@ -1,25 +1,27 @@
 # Pretender
-As an admin, there are times you want to see exactly what another user sees.  Meet Pretender.
+As an admin, there are times you want to see exactly what another user sees. Meet Pretender.
-- Easily to switch between users
+- Easily switch between users
 - Minimal code changes
-- Plays nicely with auditing tools
+- Plays nicely with Action Cable and auditing tools
-:boom: [Rock on](http://www.youtube.com/watch?v=SBjQ9tuuTJQ)
+:boom: [Rock on](https://www.youtube.com/watch?v=SBjQ9tuuTJQ)
-Pretender is flexible and lightweight - less than 60 lines of code :-)
+Pretender is flexible and lightweight - less than 100 lines of code :-)
-Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/NoamB/sorcery) to name a few.
+Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/Sorcery/sorcery) to name a few.
 :tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
+[![Build Status](https://github.com/ankane/pretender/workflows/build/badge.svg?branch=master)](https://github.com/ankane/pretender/actions)
 ## Installation
 Add this line to your application’s Gemfile:
 ```ruby
-gem 'pretender'
+gem "pretender"
 ```
 And add this to your `ApplicationController`:
@@ -58,7 +60,7 @@ Create a controller
 ```ruby
 class UsersController < ApplicationController
-  before_filter :require_admin!
+  before_action :require_admin! # your authorization method
   def index
     @users = User.order(:id)
@@ -113,14 +115,40 @@ If you keep audit logs with a library like [Audited](https://github.com/collecti
 Audited.current_user_method = :true_user
 ```
+## Action Cable
+And add this to your `ApplicationCable::Connection`:
+```ruby
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    identified_by :current_user, :true_user
+    impersonates :user
+    def connect
+      self.current_user = find_verified_user
+      reject_unauthorized_connection unless current_user
+    end
+    private
+    def find_verified_user
+      env["warden"].user # for Devise
+    end
+  end
+end
+```
+The `current_user` method now returns the impersonated user in channels.
 ## Configuration
-Pretender is super flexible.  You can change the names of methods and even impersonate multiple roles at the same time.  Here’s the default configuration.
+Pretender is super flexible. You can change the names of methods and even impersonate multiple roles at the same time. Here’s the default configuration.
 ```ruby
 impersonates :user,
              method: :current_user,
-             with: -> (id) { User.find_by(id: id) }
+             with: ->(id) { User.find_by(id: id) }
 ```
 Mold it to fit your application.
@@ -128,7 +156,7 @@ Mold it to fit your application.
 ```ruby
 impersonates :account,
              method: :authenticated_account,
-             with: -> (id) { EnterpriseAccount.find_by(id: id) }
+             with: ->(id) { EnterpriseAccount.find_by(id: id) }
 ```
 This creates three methods:
@@ -139,6 +167,10 @@ impersonate_account
 stop_impersonating_account
 ```
+## History
+View the [changelog](https://github.com/ankane/pretender/blob/master/CHANGELOG.md)
 ## Contributing
 Everyone is encouraged to help improve this project. Here are a few ways you can help:
@@ -147,3 +179,12 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
 - Fix bugs and [submit pull requests](https://github.com/ankane/pretender/pulls)
 - Write, clarify, or fix documentation
 - Suggest or add new features
+To get started with development:
+```sh
+git clone https://github.com/ankane/pretender.git
+cd pretender
+bundle install
+bundle exec rake test
+```

data/lib/pretender/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Pretender
-  VERSION = "0.3.1"
+  VERSION = "0.4.0"
 end

data/lib/pretender.rb CHANGED Viewed

@@ -15,6 +15,7 @@ module Pretender
       true_method = :"true_#{scope}"
       session_key = :"impersonated_#{scope}_id"
       impersonated_var = :"@impersonated_#{scope}"
+      stop_impersonating_method = :"stop_impersonating_#{scope}"
       # define methods
       if method_defined?(impersonated_method) || private_method_defined?(impersonated_method)
@@ -30,26 +31,39 @@ module Pretender
       helper_method(true_method) if respond_to?(:helper_method)
       define_method impersonated_method do
-        unless instance_variable_get(impersonated_var)
-          # only fetch impersonation if user is logged in and impersonation_id exists
-          true_resource = send(true_method)
-          if session[session_key] && !true_resource
-            session[session_key] = nil
+        impersonated_resource = instance_variable_get(impersonated_var) if instance_variable_defined?(impersonated_var)
+        if !impersonated_resource && request.session[session_key]
+          # only fetch impersonation if user is logged in
+          # this is a safety check (once per request) so
+          # if a user logs out without session being destroyed
+          # or stop_impersonating_user being called,
+          # we can stop the impersonation
+          if send(true_method)
+            impersonated_resource = impersonate_with.call(request.session[session_key])
+            instance_variable_set(impersonated_var, impersonated_resource) if impersonated_resource
+          else
+            # TODO better message
+            warn "[pretender] Stopping impersonation due to safety check"
+            send(stop_impersonating_method)
           end
-          value = (session[session_key] && impersonate_with.call(session[session_key])) || true_resource
-          instance_variable_set(impersonated_var, value) if value
         end
-        instance_variable_get(impersonated_var)
+        impersonated_resource || send(true_method)
       end
       define_method :"impersonate_#{scope}" do |resource|
+        raise ArgumentError, "No resource to impersonate" unless resource
+        raise Pretender::Error, "Must be logged in to impersonate" unless send(true_method)
         instance_variable_set(impersonated_var, resource)
-        session[session_key] = resource.id
+        # use to_s for Mongoid for BSON::ObjectId
+        request.session[session_key] = resource.id.is_a?(Numeric) ? resource.id : resource.id.to_s
       end
-      define_method :"stop_impersonating_#{scope}" do
-        instance_variable_set(impersonated_var, nil)
-        session[session_key] = nil
+      define_method stop_impersonating_method do
+        remove_instance_variable(impersonated_var) if instance_variable_defined?(impersonated_var)
+        request.session.delete(session_key)
       end
     end
   end
@@ -58,3 +72,6 @@ end
 ActiveSupport.on_load(:action_controller) do
   extend Pretender::Methods
 end
+# ActiveSupport.on_load(:action_cable) runs too late with Unicorn
+ActionCable::Connection::Base.extend(Pretender::Methods) if defined?(ActionCable)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pretender
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.0
 platform: ruby
 authors:
 - Andrew Kane
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-18 00:00:00.000000000 Z
+date: 2022-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -16,79 +16,30 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: Simple, powerful user impersonation for Rails
-email:
-- andrew@chartkick.com
+        version: '5.2'
+description:
+email: andrew@ankane.org
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - lib/pretender.rb
 - lib/pretender/version.rb
-- pretender.gemspec
-- test/pretender_test.rb
-- test/test_helper.rb
 homepage: https://github.com/ankane/pretender
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -96,19 +47,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.11
-signing_key:
+rubygems_version: 3.3.3
+signing_key:
 specification_version: 4
-summary: Easy to switch back and forth between roles, minimal code changes, and plays
-  nicely with auditing tools
-test_files:
-- test/pretender_test.rb
-- test/test_helper.rb
+summary: Log in as another user in Rails
+test_files: []

data/.gitignore DELETED Viewed

@@ -1,17 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

data/Gemfile DELETED Viewed

@@ -1,4 +0,0 @@
-source "https://rubygems.org"
-# Specify your gem's dependencies in pretender.gemspec
-gemspec

data/Rakefile DELETED Viewed

@@ -1,8 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-task default: :test
-Rake::TestTask.new do |t|
-  t.libs << "test"
-  t.pattern = "test/**/*_test.rb"
-end

data/pretender.gemspec DELETED Viewed

@@ -1,26 +0,0 @@
-# coding: utf-8
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "pretender/version"
-Gem::Specification.new do |spec|
-  spec.name          = "pretender"
-  spec.version       = Pretender::VERSION
-  spec.authors       = ["Andrew Kane"]
-  spec.email         = ["andrew@chartkick.com"]
-  spec.description   = "Simple, powerful user impersonation for Rails"
-  spec.summary       = "Easy to switch back and forth between roles, minimal code changes, and plays nicely with auditing tools"
-  spec.homepage      = "https://github.com/ankane/pretender"
-  spec.license       = "MIT"
-  spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ["lib"]
-  spec.add_dependency "actionpack"
-  spec.add_development_dependency "bundler", "~> 1.3"
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "minitest"
-end

data/test/pretender_test.rb DELETED Viewed

@@ -1,60 +0,0 @@
-require_relative "test_helper"
-module TheTruth
-  def test_original_state
-    @controller.current_user = @impersonator
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonator, @controller.current_user
-  end
-  def test_impersonates
-    @controller.current_user = @impersonator
-    @controller.impersonate_user @impersonated
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonated, @controller.current_user
-  end
-  def test_impersonated_state
-    @controller.current_user = @impersonator
-    @controller.session[:impersonated_user_id] = @impersonated.id
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonated, @controller.current_user
-  end
-  def test_stops_impersonating
-    @controller.current_user = @impersonator
-    @controller.session[:impersonated_user_id] = @impersonated.id
-    @controller.stop_impersonating_user
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonator, @controller.current_user
-  end
-end
-class PretenderTest < Minitest::Test
-  include TheTruth
-  def setup
-    @impersonator = User.new("impersonator")
-    @impersonated = User.new("impersonated")
-    @controller = ApplicationController.new
-  end
-end
-class SuperPretenderTest < Minitest::Test
-  include TheTruth
-  def setup
-    @impersonator = User.new("impersonator")
-    @impersonated = User.new("impersonated")
-    @controller = ApplicationController.new
-    class << @controller
-      def current_user
-        super
-      end
-    end
-  end
-end

data/test/test_helper.rb DELETED Viewed

@@ -1,26 +0,0 @@
-require "bundler/setup"
-Bundler.require(:default)
-require "minitest/autorun"
-require "minitest/pride"
-require "action_controller"
-User = Struct.new(:id) do
-  def self.where(id: nil)
-    [new(id)]
-  end
-end
-module ActionController
-  class Base
-    attr_reader :session
-    def initialize
-      @session = {}
-    end
-  end
-end
-class ApplicationController < ActionController::Base
-  attr_accessor :current_user
-  impersonates :user
-end