RubyGems - pretender - Versions diffs - 0.3.1 → 0.4.0 - Mend

pretender 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: fc80b6979512a9246224aa4d68f4dbda8b0c70f8
-  data.tar.gz: 71aadf8f167f0f0350f0c0c3b89743753fe8ef78
+SHA256:
+  metadata.gz: bfd83e017e14b15a69e02ffe5d25c6be57657f06d84b30fa276fedd61efb6d07
+  data.tar.gz: 55d4d73eb2ab7fa9fe87ba5be1b3da4e6264de02b845cb579612c9e8ae549ae2
 SHA512:
-  metadata.gz: c6e774897e0fc2b2b7a4bb2044ce22c6ea32d6263d20cf9ab441dc5a7d83dc6b218fcce333b661076a06c669047ec951671aa9c47f0bdf30c6b833465e60e080
-  data.tar.gz: 503223df0e48c6afce6e0d830a28ffac72bf55965e0db6ac7d4c8a439ef422a46bad0bbce06a6cfaae560a540c2ded2788f5919c81eec9c3f91dc595f5d94abd
+  metadata.gz: 7e7d1306ee4466cf4b9419dbfe71c161d633eb4ded28246252b90404954a57c06597081bbfa1fedfa69effce9cbb3988c2b39043e8abd9db5160b0f652987869
+  data.tar.gz: 422366a35f79040ddb0b104f4d3177b637333c590c65124e58bd5934378d13aebcb92987c6c07224ec16d6a5112087c85c2c6401f1517697b0737f66f462b8de

data/CHANGELOG.md CHANGED Viewed

@@ -1,17 +1,34 @@
-## 0.3.1
+## 0.4.0 (2022-01-10)
+- Dropped support for Ruby < 2.6 and Rails < 5.2
+## 0.3.4 (2019-01-31)
+- Fixed error with Action Cable and eager loading
+## 0.3.3 (2018-09-21)
+- Added support for Action Cable
+## 0.3.2 (2018-01-21)
+- Support for Mongoid `BSON::ObjectId` out of the box
+- Fixed issue with impersonated resource caching
+## 0.3.1 (2017-06-18)
 - Fixed `stack level too deep` error
-## 0.3.0
+## 0.3.0 (2017-06-11)
 - Fixed compatibility with Clearance
 - Added support for Rails API
 - Added support for custom primary key
-## 0.2.1
+## 0.2.1 (2016-07-07)
 - Better error message
-## 0.2.0
+## 0.2.0 (2016-07-07)
 - Started changelog

data/LICENSE.txt CHANGED Viewed

@@ -1,4 +1,4 @@
-Copyright (c) 2013 Andrew Kane
+Copyright (c) 2013-2021 Andrew Kane
 MIT License

data/README.md CHANGED Viewed

@@ -1,25 +1,27 @@
 # Pretender
-As an admin, there are times you want to see exactly what another user sees.  Meet Pretender.
+As an admin, there are times you want to see exactly what another user sees. Meet Pretender.
-- Easily to switch between users
+- Easily switch between users
 - Minimal code changes
-- Plays nicely with auditing tools
+- Plays nicely with Action Cable and auditing tools
-:boom: [Rock on](http://www.youtube.com/watch?v=SBjQ9tuuTJQ)
+:boom: [Rock on](https://www.youtube.com/watch?v=SBjQ9tuuTJQ)
-Pretender is flexible and lightweight - less than 60 lines of code :-)
+Pretender is flexible and lightweight - less than 100 lines of code :-)
-Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/NoamB/sorcery) to name a few.
+Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/Sorcery/sorcery) to name a few.
 :tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
+[![Build Status](https://github.com/ankane/pretender/workflows/build/badge.svg?branch=master)](https://github.com/ankane/pretender/actions)
 ## Installation
 Add this line to your application’s Gemfile:
 ```ruby
-gem 'pretender'
+gem "pretender"
 ```
 And add this to your `ApplicationController`:
@@ -58,7 +60,7 @@ Create a controller
 ```ruby
 class UsersController < ApplicationController
-  before_filter :require_admin!
+  before_action :require_admin! # your authorization method
   def index
     @users = User.order(:id)
@@ -113,14 +115,40 @@ If you keep audit logs with a library like [Audited](https://github.com/collecti
 Audited.current_user_method = :true_user
 ```
+## Action Cable
+And add this to your `ApplicationCable::Connection`:
+```ruby
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    identified_by :current_user, :true_user
+    impersonates :user
+    def connect
+      self.current_user = find_verified_user
+      reject_unauthorized_connection unless current_user
+    end
+    private
+    def find_verified_user
+      env["warden"].user # for Devise
+    end
+  end
+end
+```
+The `current_user` method now returns the impersonated user in channels.
 ## Configuration
-Pretender is super flexible.  You can change the names of methods and even impersonate multiple roles at the same time.  Here’s the default configuration.
+Pretender is super flexible. You can change the names of methods and even impersonate multiple roles at the same time. Here’s the default configuration.
 ```ruby
 impersonates :user,
              method: :current_user,
-             with: -> (id) { User.find_by(id: id) }
+             with: ->(id) { User.find_by(id: id) }
 ```
 Mold it to fit your application.
@@ -128,7 +156,7 @@ Mold it to fit your application.
 ```ruby
 impersonates :account,
              method: :authenticated_account,
-             with: -> (id) { EnterpriseAccount.find_by(id: id) }
+             with: ->(id) { EnterpriseAccount.find_by(id: id) }
 ```
 This creates three methods:
@@ -139,6 +167,10 @@ impersonate_account
 stop_impersonating_account
 ```
+## History
+View the [changelog](https://github.com/ankane/pretender/blob/master/CHANGELOG.md)
 ## Contributing
 Everyone is encouraged to help improve this project. Here are a few ways you can help:
@@ -147,3 +179,12 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
 - Fix bugs and [submit pull requests](https://github.com/ankane/pretender/pulls)
 - Write, clarify, or fix documentation
 - Suggest or add new features
+To get started with development:
+```sh
+git clone https://github.com/ankane/pretender.git
+cd pretender
+bundle install
+bundle exec rake test
+```

data/lib/pretender/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Pretender
-  VERSION = "0.3.1"
+  VERSION = "0.4.0"
 end

data/lib/pretender.rb CHANGED Viewed

@@ -15,6 +15,7 @@ module Pretender
       true_method = :"true_#{scope}"
       session_key = :"impersonated_#{scope}_id"
       impersonated_var = :"@impersonated_#{scope}"
+      stop_impersonating_method = :"stop_impersonating_#{scope}"
       # define methods
       if method_defined?(impersonated_method) || private_method_defined?(impersonated_method)
@@ -30,26 +31,39 @@ module Pretender
       helper_method(true_method) if respond_to?(:helper_method)
       define_method impersonated_method do
-        unless instance_variable_get(impersonated_var)
-          # only fetch impersonation if user is logged in and impersonation_id exists
-          true_resource = send(true_method)
-          if session[session_key] && !true_resource
-            session[session_key] = nil
+        impersonated_resource = instance_variable_get(impersonated_var) if instance_variable_defined?(impersonated_var)
+        if !impersonated_resource && request.session[session_key]
+          # only fetch impersonation if user is logged in
+          # this is a safety check (once per request) so
+          # if a user logs out without session being destroyed
+          # or stop_impersonating_user being called,
+          # we can stop the impersonation
+          if send(true_method)
+            impersonated_resource = impersonate_with.call(request.session[session_key])
+            instance_variable_set(impersonated_var, impersonated_resource) if impersonated_resource
+          else
+            # TODO better message
+            warn "[pretender] Stopping impersonation due to safety check"
+            send(stop_impersonating_method)
           end
-          value = (session[session_key] && impersonate_with.call(session[session_key])) || true_resource
-          instance_variable_set(impersonated_var, value) if value
         end
-        instance_variable_get(impersonated_var)
+        impersonated_resource || send(true_method)
       end
       define_method :"impersonate_#{scope}" do |resource|
+        raise ArgumentError, "No resource to impersonate" unless resource
+        raise Pretender::Error, "Must be logged in to impersonate" unless send(true_method)
         instance_variable_set(impersonated_var, resource)
-        session[session_key] = resource.id
+        # use to_s for Mongoid for BSON::ObjectId
+        request.session[session_key] = resource.id.is_a?(Numeric) ? resource.id : resource.id.to_s
       end
-      define_method :"stop_impersonating_#{scope}" do
-        instance_variable_set(impersonated_var, nil)
-        session[session_key] = nil
+      define_method stop_impersonating_method do
+        remove_instance_variable(impersonated_var) if instance_variable_defined?(impersonated_var)
+        request.session.delete(session_key)
       end
     end
   end
@@ -58,3 +72,6 @@ end
 ActiveSupport.on_load(:action_controller) do
   extend Pretender::Methods
 end
+# ActiveSupport.on_load(:action_cable) runs too late with Unicorn
+ActionCable::Connection::Base.extend(Pretender::Methods) if defined?(ActionCable)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pretender
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.0
 platform: ruby
 authors:
 - Andrew Kane
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-18 00:00:00.000000000 Z
+date: 2022-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -16,79 +16,30 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: Simple, powerful user impersonation for Rails
-email:
-- andrew@chartkick.com
+        version: '5.2'
+description:
+email: andrew@ankane.org
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - lib/pretender.rb
 - lib/pretender/version.rb
-- pretender.gemspec
-- test/pretender_test.rb
-- test/test_helper.rb
 homepage: https://github.com/ankane/pretender
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -96,19 +47,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.11
-signing_key:
+rubygems_version: 3.3.3
+signing_key:
 specification_version: 4
-summary: Easy to switch back and forth between roles, minimal code changes, and plays
-  nicely with auditing tools
-test_files:
-- test/pretender_test.rb
-- test/test_helper.rb
+summary: Log in as another user in Rails
+test_files: []

data/.gitignore DELETED Viewed

@@ -1,17 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

data/Gemfile DELETED Viewed

@@ -1,4 +0,0 @@
-source "https://rubygems.org"
-# Specify your gem's dependencies in pretender.gemspec
-gemspec

data/Rakefile DELETED Viewed

@@ -1,8 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-task default: :test
-Rake::TestTask.new do |t|
-  t.libs << "test"
-  t.pattern = "test/**/*_test.rb"
-end

data/pretender.gemspec DELETED Viewed

@@ -1,26 +0,0 @@
-# coding: utf-8
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "pretender/version"
-Gem::Specification.new do |spec|
-  spec.name          = "pretender"
-  spec.version       = Pretender::VERSION
-  spec.authors       = ["Andrew Kane"]
-  spec.email         = ["andrew@chartkick.com"]
-  spec.description   = "Simple, powerful user impersonation for Rails"
-  spec.summary       = "Easy to switch back and forth between roles, minimal code changes, and plays nicely with auditing tools"
-  spec.homepage      = "https://github.com/ankane/pretender"
-  spec.license       = "MIT"
-  spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ["lib"]
-  spec.add_dependency "actionpack"
-  spec.add_development_dependency "bundler", "~> 1.3"
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "minitest"
-end

data/test/pretender_test.rb DELETED Viewed

@@ -1,60 +0,0 @@
-require_relative "test_helper"
-module TheTruth
-  def test_original_state
-    @controller.current_user = @impersonator
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonator, @controller.current_user
-  end
-  def test_impersonates
-    @controller.current_user = @impersonator
-    @controller.impersonate_user @impersonated
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonated, @controller.current_user
-  end
-  def test_impersonated_state
-    @controller.current_user = @impersonator
-    @controller.session[:impersonated_user_id] = @impersonated.id
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonated, @controller.current_user
-  end
-  def test_stops_impersonating
-    @controller.current_user = @impersonator
-    @controller.session[:impersonated_user_id] = @impersonated.id
-    @controller.stop_impersonating_user
-    assert_equal @impersonator, @controller.true_user
-    assert_equal @impersonator, @controller.current_user
-  end
-end
-class PretenderTest < Minitest::Test
-  include TheTruth
-  def setup
-    @impersonator = User.new("impersonator")
-    @impersonated = User.new("impersonated")
-    @controller = ApplicationController.new
-  end
-end
-class SuperPretenderTest < Minitest::Test
-  include TheTruth
-  def setup
-    @impersonator = User.new("impersonator")
-    @impersonated = User.new("impersonated")
-    @controller = ApplicationController.new
-    class << @controller
-      def current_user
-        super
-      end
-    end
-  end
-end

data/test/test_helper.rb DELETED Viewed

@@ -1,26 +0,0 @@
-require "bundler/setup"
-Bundler.require(:default)
-require "minitest/autorun"
-require "minitest/pride"
-require "action_controller"
-User = Struct.new(:id) do
-  def self.where(id: nil)
-    [new(id)]
-  end
-end
-module ActionController
-  class Base
-    attr_reader :session
-    def initialize
-      @session = {}
-    end
-  end
-end
-class ApplicationController < ActionController::Base
-  attr_accessor :current_user
-  impersonates :user
-end