pretender 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +2 -2
- data/lib/pretender.rb +26 -12
- data/lib/pretender/version.rb +1 -1
- data/pretender.gemspec +7 -6
- metadata +11 -16
- data/test/pretender_test.rb +0 -60
- data/test/test_helper.rb +0 -26
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c0ab4d0149f46b7e67a8dce743f1ca1af138dc83
|
|
4
|
+
data.tar.gz: 024cda09d36830a14181e4c2804f0e0de91e79d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c9363670918c4f314ca836ef35e0f605e072592ec52bcd71bd8e24302338a06f6acc004dfe38daf83a9071305edc522b811aab9537e7bea450e233b6ced32e10
|
|
7
|
+
data.tar.gz: 372bde2ce4d5e55abaa2ef747afa726b243e2fe6dc9bbcf7a90f72722f454bb1f5d33e561147e0e35e34959a4a44656f03c970bc3fa514d0f56eb1ee1a37dd83
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -10,7 +10,7 @@ As an admin, there are times you want to see exactly what another user sees. Me
|
|
|
10
10
|
|
|
11
11
|
Pretender is flexible and lightweight - less than 60 lines of code :-)
|
|
12
12
|
|
|
13
|
-
Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/
|
|
13
|
+
Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/Sorcery/sorcery) to name a few.
|
|
14
14
|
|
|
15
15
|
:tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
|
|
16
16
|
|
|
@@ -58,7 +58,7 @@ Create a controller
|
|
|
58
58
|
|
|
59
59
|
```ruby
|
|
60
60
|
class UsersController < ApplicationController
|
|
61
|
-
|
|
61
|
+
before_action :require_admin! # your authorization method
|
|
62
62
|
|
|
63
63
|
def index
|
|
64
64
|
@users = User.order(:id)
|
data/lib/pretender.rb
CHANGED
|
@@ -15,6 +15,7 @@ module Pretender
|
|
|
15
15
|
true_method = :"true_#{scope}"
|
|
16
16
|
session_key = :"impersonated_#{scope}_id"
|
|
17
17
|
impersonated_var = :"@impersonated_#{scope}"
|
|
18
|
+
stop_impersonating_method = :"stop_impersonating_#{scope}"
|
|
18
19
|
|
|
19
20
|
# define methods
|
|
20
21
|
if method_defined?(impersonated_method) || private_method_defined?(impersonated_method)
|
|
@@ -30,26 +31,39 @@ module Pretender
|
|
|
30
31
|
helper_method(true_method) if respond_to?(:helper_method)
|
|
31
32
|
|
|
32
33
|
define_method impersonated_method do
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
if
|
|
37
|
-
|
|
34
|
+
impersonated_resource = instance_variable_get(impersonated_var) if instance_variable_defined?(impersonated_var)
|
|
35
|
+
|
|
36
|
+
if !impersonated_resource && session[session_key]
|
|
37
|
+
# only fetch impersonation if user is logged in
|
|
38
|
+
# this is a safety check (once per request) so
|
|
39
|
+
# if a user logs out without session being destroyed
|
|
40
|
+
# or stop_impersonating_user being called,
|
|
41
|
+
# we can stop the impersonation
|
|
42
|
+
if send(true_method)
|
|
43
|
+
impersonated_resource = impersonate_with.call(session[session_key])
|
|
44
|
+
instance_variable_set(impersonated_var, impersonated_resource) if impersonated_resource
|
|
45
|
+
else
|
|
46
|
+
# TODO better message
|
|
47
|
+
warn "[pretender] Stopping impersonation due to safety check"
|
|
48
|
+
send(stop_impersonating_method)
|
|
38
49
|
end
|
|
39
|
-
value = (session[session_key] && impersonate_with.call(session[session_key])) || true_resource
|
|
40
|
-
instance_variable_set(impersonated_var, value) if value
|
|
41
50
|
end
|
|
42
|
-
|
|
51
|
+
|
|
52
|
+
impersonated_resource || send(true_method)
|
|
43
53
|
end
|
|
44
54
|
|
|
45
55
|
define_method :"impersonate_#{scope}" do |resource|
|
|
56
|
+
raise ArgumentError, "No resource to impersonate" unless resource
|
|
57
|
+
raise Pretender::Error, "Must be logged in to impersonate" unless send(true_method)
|
|
58
|
+
|
|
46
59
|
instance_variable_set(impersonated_var, resource)
|
|
47
|
-
|
|
60
|
+
# use to_s for Mongoid for BSON::ObjectId
|
|
61
|
+
session[session_key] = resource.id.is_a?(Numeric) ? resource.id : resource.id.to_s
|
|
48
62
|
end
|
|
49
63
|
|
|
50
|
-
define_method
|
|
51
|
-
|
|
52
|
-
session
|
|
64
|
+
define_method stop_impersonating_method do
|
|
65
|
+
remove_instance_variable(impersonated_var) if instance_variable_defined?(impersonated_var)
|
|
66
|
+
session.delete(session_key)
|
|
53
67
|
end
|
|
54
68
|
end
|
|
55
69
|
end
|
data/lib/pretender/version.rb
CHANGED
data/pretender.gemspec
CHANGED
|
@@ -8,19 +8,20 @@ Gem::Specification.new do |spec|
|
|
|
8
8
|
spec.version = Pretender::VERSION
|
|
9
9
|
spec.authors = ["Andrew Kane"]
|
|
10
10
|
spec.email = ["andrew@chartkick.com"]
|
|
11
|
-
spec.
|
|
12
|
-
spec.summary = "Easy to switch back and forth between roles, minimal code changes, and plays nicely with auditing tools"
|
|
11
|
+
spec.summary = "Log in as another user in Rails"
|
|
13
12
|
spec.homepage = "https://github.com/ankane/pretender"
|
|
14
13
|
spec.license = "MIT"
|
|
15
14
|
|
|
16
|
-
spec.files = `git ls-files`.split(
|
|
17
|
-
|
|
18
|
-
|
|
15
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
|
16
|
+
f.match(%r{^(test|spec|features)/})
|
|
17
|
+
end
|
|
18
|
+
spec.bindir = "exe"
|
|
19
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
19
20
|
spec.require_paths = ["lib"]
|
|
20
21
|
|
|
21
22
|
spec.add_dependency "actionpack"
|
|
22
23
|
|
|
23
|
-
spec.add_development_dependency "bundler"
|
|
24
|
+
spec.add_development_dependency "bundler"
|
|
24
25
|
spec.add_development_dependency "rake"
|
|
25
26
|
spec.add_development_dependency "minitest"
|
|
26
27
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pretender
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
|
-
bindir:
|
|
9
|
+
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-01-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: actionpack
|
|
@@ -28,16 +28,16 @@ dependencies:
|
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '0'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
|
-
- - "
|
|
38
|
+
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rake
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -66,7 +66,7 @@ dependencies:
|
|
|
66
66
|
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '0'
|
|
69
|
-
description:
|
|
69
|
+
description:
|
|
70
70
|
email:
|
|
71
71
|
- andrew@chartkick.com
|
|
72
72
|
executables: []
|
|
@@ -82,8 +82,6 @@ files:
|
|
|
82
82
|
- lib/pretender.rb
|
|
83
83
|
- lib/pretender/version.rb
|
|
84
84
|
- pretender.gemspec
|
|
85
|
-
- test/pretender_test.rb
|
|
86
|
-
- test/test_helper.rb
|
|
87
85
|
homepage: https://github.com/ankane/pretender
|
|
88
86
|
licenses:
|
|
89
87
|
- MIT
|
|
@@ -104,11 +102,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
102
|
version: '0'
|
|
105
103
|
requirements: []
|
|
106
104
|
rubyforge_project:
|
|
107
|
-
rubygems_version: 2.6.
|
|
105
|
+
rubygems_version: 2.6.13
|
|
108
106
|
signing_key:
|
|
109
107
|
specification_version: 4
|
|
110
|
-
summary:
|
|
111
|
-
|
|
112
|
-
test_files:
|
|
113
|
-
- test/pretender_test.rb
|
|
114
|
-
- test/test_helper.rb
|
|
108
|
+
summary: Log in as another user in Rails
|
|
109
|
+
test_files: []
|
data/test/pretender_test.rb
DELETED
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
require_relative "test_helper"
|
|
2
|
-
|
|
3
|
-
module TheTruth
|
|
4
|
-
def test_original_state
|
|
5
|
-
@controller.current_user = @impersonator
|
|
6
|
-
|
|
7
|
-
assert_equal @impersonator, @controller.true_user
|
|
8
|
-
assert_equal @impersonator, @controller.current_user
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def test_impersonates
|
|
12
|
-
@controller.current_user = @impersonator
|
|
13
|
-
@controller.impersonate_user @impersonated
|
|
14
|
-
|
|
15
|
-
assert_equal @impersonator, @controller.true_user
|
|
16
|
-
assert_equal @impersonated, @controller.current_user
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def test_impersonated_state
|
|
20
|
-
@controller.current_user = @impersonator
|
|
21
|
-
@controller.session[:impersonated_user_id] = @impersonated.id
|
|
22
|
-
|
|
23
|
-
assert_equal @impersonator, @controller.true_user
|
|
24
|
-
assert_equal @impersonated, @controller.current_user
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def test_stops_impersonating
|
|
28
|
-
@controller.current_user = @impersonator
|
|
29
|
-
@controller.session[:impersonated_user_id] = @impersonated.id
|
|
30
|
-
@controller.stop_impersonating_user
|
|
31
|
-
|
|
32
|
-
assert_equal @impersonator, @controller.true_user
|
|
33
|
-
assert_equal @impersonator, @controller.current_user
|
|
34
|
-
end
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
class PretenderTest < Minitest::Test
|
|
38
|
-
include TheTruth
|
|
39
|
-
|
|
40
|
-
def setup
|
|
41
|
-
@impersonator = User.new("impersonator")
|
|
42
|
-
@impersonated = User.new("impersonated")
|
|
43
|
-
@controller = ApplicationController.new
|
|
44
|
-
end
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
class SuperPretenderTest < Minitest::Test
|
|
48
|
-
include TheTruth
|
|
49
|
-
|
|
50
|
-
def setup
|
|
51
|
-
@impersonator = User.new("impersonator")
|
|
52
|
-
@impersonated = User.new("impersonated")
|
|
53
|
-
@controller = ApplicationController.new
|
|
54
|
-
class << @controller
|
|
55
|
-
def current_user
|
|
56
|
-
super
|
|
57
|
-
end
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
end
|
data/test/test_helper.rb
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
require "bundler/setup"
|
|
2
|
-
Bundler.require(:default)
|
|
3
|
-
require "minitest/autorun"
|
|
4
|
-
require "minitest/pride"
|
|
5
|
-
require "action_controller"
|
|
6
|
-
|
|
7
|
-
User = Struct.new(:id) do
|
|
8
|
-
def self.where(id: nil)
|
|
9
|
-
[new(id)]
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
module ActionController
|
|
14
|
-
class Base
|
|
15
|
-
attr_reader :session
|
|
16
|
-
|
|
17
|
-
def initialize
|
|
18
|
-
@session = {}
|
|
19
|
-
end
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
class ApplicationController < ActionController::Base
|
|
24
|
-
attr_accessor :current_user
|
|
25
|
-
impersonates :user
|
|
26
|
-
end
|