pretender 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +2 -2
- data/lib/pretender.rb +26 -12
- data/lib/pretender/version.rb +1 -1
- data/pretender.gemspec +7 -6
- metadata +11 -16
- data/test/pretender_test.rb +0 -60
- data/test/test_helper.rb +0 -26
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c0ab4d0149f46b7e67a8dce743f1ca1af138dc83
|
|
4
|
+
data.tar.gz: 024cda09d36830a14181e4c2804f0e0de91e79d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c9363670918c4f314ca836ef35e0f605e072592ec52bcd71bd8e24302338a06f6acc004dfe38daf83a9071305edc522b811aab9537e7bea450e233b6ced32e10
|
|
7
|
+
data.tar.gz: 372bde2ce4d5e55abaa2ef747afa726b243e2fe6dc9bbcf7a90f72722f454bb1f5d33e561147e0e35e34959a4a44656f03c970bc3fa514d0f56eb1ee1a37dd83
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -10,7 +10,7 @@ As an admin, there are times you want to see exactly what another user sees. Me
|
|
|
10
10
|
|
|
11
11
|
Pretender is flexible and lightweight - less than 60 lines of code :-)
|
|
12
12
|
|
|
13
|
-
Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/
|
|
13
|
+
Works with any authentication system - [Devise](https://github.com/plataformatec/devise), [Authlogic](https://github.com/binarylogic/authlogic), and [Sorcery](https://github.com/Sorcery/sorcery) to name a few.
|
|
14
14
|
|
|
15
15
|
:tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
|
|
16
16
|
|
|
@@ -58,7 +58,7 @@ Create a controller
|
|
|
58
58
|
|
|
59
59
|
```ruby
|
|
60
60
|
class UsersController < ApplicationController
|
|
61
|
-
|
|
61
|
+
before_action :require_admin! # your authorization method
|
|
62
62
|
|
|
63
63
|
def index
|
|
64
64
|
@users = User.order(:id)
|
data/lib/pretender.rb
CHANGED
|
@@ -15,6 +15,7 @@ module Pretender
|
|
|
15
15
|
true_method = :"true_#{scope}"
|
|
16
16
|
session_key = :"impersonated_#{scope}_id"
|
|
17
17
|
impersonated_var = :"@impersonated_#{scope}"
|
|
18
|
+
stop_impersonating_method = :"stop_impersonating_#{scope}"
|
|
18
19
|
|
|
19
20
|
# define methods
|
|
20
21
|
if method_defined?(impersonated_method) || private_method_defined?(impersonated_method)
|
|
@@ -30,26 +31,39 @@ module Pretender
|
|
|
30
31
|
helper_method(true_method) if respond_to?(:helper_method)
|
|
31
32
|
|
|
32
33
|
define_method impersonated_method do
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
if
|
|
37
|
-
|
|
34
|
+
impersonated_resource = instance_variable_get(impersonated_var) if instance_variable_defined?(impersonated_var)
|
|
35
|
+
|
|
36
|
+
if !impersonated_resource && session[session_key]
|
|
37
|
+
# only fetch impersonation if user is logged in
|
|
38
|
+
# this is a safety check (once per request) so
|
|
39
|
+
# if a user logs out without session being destroyed
|
|
40
|
+
# or stop_impersonating_user being called,
|
|
41
|
+
# we can stop the impersonation
|
|
42
|
+
if send(true_method)
|
|
43
|
+
impersonated_resource = impersonate_with.call(session[session_key])
|
|
44
|
+
instance_variable_set(impersonated_var, impersonated_resource) if impersonated_resource
|
|
45
|
+
else
|
|
46
|
+
# TODO better message
|
|
47
|
+
warn "[pretender] Stopping impersonation due to safety check"
|
|
48
|
+
send(stop_impersonating_method)
|
|
38
49
|
end
|
|
39
|
-
value = (session[session_key] && impersonate_with.call(session[session_key])) || true_resource
|
|
40
|
-
instance_variable_set(impersonated_var, value) if value
|
|
41
50
|
end
|
|
42
|
-
|
|
51
|
+
|
|
52
|
+
impersonated_resource || send(true_method)
|
|
43
53
|
end
|
|
44
54
|
|
|
45
55
|
define_method :"impersonate_#{scope}" do |resource|
|
|
56
|
+
raise ArgumentError, "No resource to impersonate" unless resource
|
|
57
|
+
raise Pretender::Error, "Must be logged in to impersonate" unless send(true_method)
|
|
58
|
+
|
|
46
59
|
instance_variable_set(impersonated_var, resource)
|
|
47
|
-
|
|
60
|
+
# use to_s for Mongoid for BSON::ObjectId
|
|
61
|
+
session[session_key] = resource.id.is_a?(Numeric) ? resource.id : resource.id.to_s
|
|
48
62
|
end
|
|
49
63
|
|
|
50
|
-
define_method
|
|
51
|
-
|
|
52
|
-
session
|
|
64
|
+
define_method stop_impersonating_method do
|
|
65
|
+
remove_instance_variable(impersonated_var) if instance_variable_defined?(impersonated_var)
|
|
66
|
+
session.delete(session_key)
|
|
53
67
|
end
|
|
54
68
|
end
|
|
55
69
|
end
|
data/lib/pretender/version.rb
CHANGED
data/pretender.gemspec
CHANGED
|
@@ -8,19 +8,20 @@ Gem::Specification.new do |spec|
|
|
|
8
8
|
spec.version = Pretender::VERSION
|
|
9
9
|
spec.authors = ["Andrew Kane"]
|
|
10
10
|
spec.email = ["andrew@chartkick.com"]
|
|
11
|
-
spec.
|
|
12
|
-
spec.summary = "Easy to switch back and forth between roles, minimal code changes, and plays nicely with auditing tools"
|
|
11
|
+
spec.summary = "Log in as another user in Rails"
|
|
13
12
|
spec.homepage = "https://github.com/ankane/pretender"
|
|
14
13
|
spec.license = "MIT"
|
|
15
14
|
|
|
16
|
-
spec.files = `git ls-files`.split(
|
|
17
|
-
|
|
18
|
-
|
|
15
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
|
16
|
+
f.match(%r{^(test|spec|features)/})
|
|
17
|
+
end
|
|
18
|
+
spec.bindir = "exe"
|
|
19
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
19
20
|
spec.require_paths = ["lib"]
|
|
20
21
|
|
|
21
22
|
spec.add_dependency "actionpack"
|
|
22
23
|
|
|
23
|
-
spec.add_development_dependency "bundler"
|
|
24
|
+
spec.add_development_dependency "bundler"
|
|
24
25
|
spec.add_development_dependency "rake"
|
|
25
26
|
spec.add_development_dependency "minitest"
|
|
26
27
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pretender
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
|
-
bindir:
|
|
9
|
+
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-01-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: actionpack
|
|
@@ -28,16 +28,16 @@ dependencies:
|
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '0'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
|
-
- - "
|
|
38
|
+
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rake
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -66,7 +66,7 @@ dependencies:
|
|
|
66
66
|
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '0'
|
|
69
|
-
description:
|
|
69
|
+
description:
|
|
70
70
|
email:
|
|
71
71
|
- andrew@chartkick.com
|
|
72
72
|
executables: []
|
|
@@ -82,8 +82,6 @@ files:
|
|
|
82
82
|
- lib/pretender.rb
|
|
83
83
|
- lib/pretender/version.rb
|
|
84
84
|
- pretender.gemspec
|
|
85
|
-
- test/pretender_test.rb
|
|
86
|
-
- test/test_helper.rb
|
|
87
85
|
homepage: https://github.com/ankane/pretender
|
|
88
86
|
licenses:
|
|
89
87
|
- MIT
|
|
@@ -104,11 +102,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
102
|
version: '0'
|
|
105
103
|
requirements: []
|
|
106
104
|
rubyforge_project:
|
|
107
|
-
rubygems_version: 2.6.
|
|
105
|
+
rubygems_version: 2.6.13
|
|
108
106
|
signing_key:
|
|
109
107
|
specification_version: 4
|
|
110
|
-
summary:
|
|
111
|
-
|
|
112
|
-
test_files:
|
|
113
|
-
- test/pretender_test.rb
|
|
114
|
-
- test/test_helper.rb
|
|
108
|
+
summary: Log in as another user in Rails
|
|
109
|
+
test_files: []
|
data/test/pretender_test.rb
DELETED
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
require_relative "test_helper"
|
|
2
|
-
|
|
3
|
-
module TheTruth
|
|
4
|
-
def test_original_state
|
|
5
|
-
@controller.current_user = @impersonator
|
|
6
|
-
|
|
7
|
-
assert_equal @impersonator, @controller.true_user
|
|
8
|
-
assert_equal @impersonator, @controller.current_user
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def test_impersonates
|
|
12
|
-
@controller.current_user = @impersonator
|
|
13
|
-
@controller.impersonate_user @impersonated
|
|
14
|
-
|
|
15
|
-
assert_equal @impersonator, @controller.true_user
|
|
16
|
-
assert_equal @impersonated, @controller.current_user
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def test_impersonated_state
|
|
20
|
-
@controller.current_user = @impersonator
|
|
21
|
-
@controller.session[:impersonated_user_id] = @impersonated.id
|
|
22
|
-
|
|
23
|
-
assert_equal @impersonator, @controller.true_user
|
|
24
|
-
assert_equal @impersonated, @controller.current_user
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def test_stops_impersonating
|
|
28
|
-
@controller.current_user = @impersonator
|
|
29
|
-
@controller.session[:impersonated_user_id] = @impersonated.id
|
|
30
|
-
@controller.stop_impersonating_user
|
|
31
|
-
|
|
32
|
-
assert_equal @impersonator, @controller.true_user
|
|
33
|
-
assert_equal @impersonator, @controller.current_user
|
|
34
|
-
end
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
class PretenderTest < Minitest::Test
|
|
38
|
-
include TheTruth
|
|
39
|
-
|
|
40
|
-
def setup
|
|
41
|
-
@impersonator = User.new("impersonator")
|
|
42
|
-
@impersonated = User.new("impersonated")
|
|
43
|
-
@controller = ApplicationController.new
|
|
44
|
-
end
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
class SuperPretenderTest < Minitest::Test
|
|
48
|
-
include TheTruth
|
|
49
|
-
|
|
50
|
-
def setup
|
|
51
|
-
@impersonator = User.new("impersonator")
|
|
52
|
-
@impersonated = User.new("impersonated")
|
|
53
|
-
@controller = ApplicationController.new
|
|
54
|
-
class << @controller
|
|
55
|
-
def current_user
|
|
56
|
-
super
|
|
57
|
-
end
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
end
|
data/test/test_helper.rb
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
require "bundler/setup"
|
|
2
|
-
Bundler.require(:default)
|
|
3
|
-
require "minitest/autorun"
|
|
4
|
-
require "minitest/pride"
|
|
5
|
-
require "action_controller"
|
|
6
|
-
|
|
7
|
-
User = Struct.new(:id) do
|
|
8
|
-
def self.where(id: nil)
|
|
9
|
-
[new(id)]
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
module ActionController
|
|
14
|
-
class Base
|
|
15
|
-
attr_reader :session
|
|
16
|
-
|
|
17
|
-
def initialize
|
|
18
|
-
@session = {}
|
|
19
|
-
end
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
class ApplicationController < ActionController::Base
|
|
24
|
-
attr_accessor :current_user
|
|
25
|
-
impersonates :user
|
|
26
|
-
end
|