proxes 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. checksums.yaml +7 -0
  2. data/.codeclimate.yml +24 -0
  3. data/.gitignore +13 -0
  4. data/.rspec +2 -0
  5. data/.rubocop.yml +12 -0
  6. data/.ruby-version +1 -0
  7. data/.travis.yml +18 -0
  8. data/Gemfile +4 -0
  9. data/Gemfile.ci +15 -0
  10. data/Gemfile.dev +10 -0
  11. data/Gemfile.dev.lock +155 -0
  12. data/LICENSE.txt +8 -0
  13. data/README.md +83 -0
  14. data/Rakefile +9 -0
  15. data/Vagrantfile +46 -0
  16. data/bin/console +15 -0
  17. data/bin/setup +8 -0
  18. data/config.ru +64 -0
  19. data/config/logger.yml +3 -0
  20. data/gulpfile.js +80 -0
  21. data/lib/proxes.rb +3 -0
  22. data/lib/proxes/app.rb +48 -0
  23. data/lib/proxes/controllers/application.rb +53 -0
  24. data/lib/proxes/controllers/audit_logs.rb +34 -0
  25. data/lib/proxes/controllers/auth_identity.rb +21 -0
  26. data/lib/proxes/controllers/component.rb +108 -0
  27. data/lib/proxes/controllers/permissions.rb +10 -0
  28. data/lib/proxes/controllers/roles.rb +10 -0
  29. data/lib/proxes/controllers/users.rb +119 -0
  30. data/lib/proxes/db.rb +17 -0
  31. data/lib/proxes/helpers/authentication.rb +45 -0
  32. data/lib/proxes/helpers/component.rb +40 -0
  33. data/lib/proxes/helpers/indices.rb +16 -0
  34. data/lib/proxes/helpers/pundit.rb +39 -0
  35. data/lib/proxes/helpers/views.rb +41 -0
  36. data/lib/proxes/loggers/elasticsearch.rb +9 -0
  37. data/lib/proxes/models/audit_log.rb +12 -0
  38. data/lib/proxes/models/identity.rb +67 -0
  39. data/lib/proxes/models/permission.rb +17 -0
  40. data/lib/proxes/models/role.rb +14 -0
  41. data/lib/proxes/models/user.rb +57 -0
  42. data/lib/proxes/policies/application_policy.rb +20 -0
  43. data/lib/proxes/policies/audit_log_policy.rb +40 -0
  44. data/lib/proxes/policies/identity_policy.rb +24 -0
  45. data/lib/proxes/policies/permission_policy.rb +40 -0
  46. data/lib/proxes/policies/request/root_policy.rb +12 -0
  47. data/lib/proxes/policies/request/search_policy.rb +15 -0
  48. data/lib/proxes/policies/request/snapshot_policy.rb +12 -0
  49. data/lib/proxes/policies/request/stats_policy.rb +15 -0
  50. data/lib/proxes/policies/request_policy.rb +69 -0
  51. data/lib/proxes/policies/role_policy.rb +40 -0
  52. data/lib/proxes/policies/token_policy.rb +46 -0
  53. data/lib/proxes/policies/user_policy.rb +46 -0
  54. data/lib/proxes/rake_tasks.rb +59 -0
  55. data/lib/proxes/request.rb +51 -0
  56. data/lib/proxes/request/root.rb +10 -0
  57. data/lib/proxes/request/search.rb +37 -0
  58. data/lib/proxes/request/snapshot.rb +16 -0
  59. data/lib/proxes/request/stats.rb +30 -0
  60. data/lib/proxes/security.rb +59 -0
  61. data/lib/proxes/seed.rb +10 -0
  62. data/lib/proxes/services/logger.rb +50 -0
  63. data/lib/proxes/version.rb +4 -0
  64. data/migrate/001_tables.rb +47 -0
  65. data/migrate/002_audit_log.rb +11 -0
  66. data/package.json +34 -0
  67. data/proxes.gemspec +44 -0
  68. data/public/js/bundle.js +28988 -0
  69. data/src/scripts/app.js +10 -0
  70. data/views/404.haml +1 -0
  71. data/views/audit_logs/index.haml +18 -0
  72. data/views/error.haml +4 -0
  73. data/views/getting_started.haml +16 -0
  74. data/views/identity/login.haml +19 -0
  75. data/views/identity/register.haml +17 -0
  76. data/views/index.haml +3 -0
  77. data/views/layout.haml +48 -0
  78. data/views/partials/delete_form.haml +4 -0
  79. data/views/partials/form_control.haml +21 -0
  80. data/views/partials/navbar.haml +25 -0
  81. data/views/partials/notifications.haml +24 -0
  82. data/views/partials/pager.haml +19 -0
  83. data/views/partials/sidebar.haml +32 -0
  84. data/views/permissions/display.haml +24 -0
  85. data/views/permissions/edit.haml +11 -0
  86. data/views/permissions/form.haml +3 -0
  87. data/views/permissions/index.haml +14 -0
  88. data/views/permissions/new.haml +10 -0
  89. data/views/roles/display.haml +33 -0
  90. data/views/roles/edit.haml +11 -0
  91. data/views/roles/form.haml +1 -0
  92. data/views/roles/index.haml +17 -0
  93. data/views/roles/new.haml +10 -0
  94. data/views/users/display.haml +32 -0
  95. data/views/users/edit.haml +11 -0
  96. data/views/users/identity.haml +3 -0
  97. data/views/users/index.haml +20 -0
  98. data/views/users/new.haml +11 -0
  99. data/views/users/profile.haml +37 -0
  100. data/views/users/user.haml +3 -0
  101. metadata +424 -0
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+ require 'sequel'
3
+
4
+ module ProxES
5
+ class Role < Sequel::Model
6
+ many_to_many :users
7
+ one_to_many :permissions
8
+
9
+ def validate
10
+ validates_presence [:name]
11
+ validates_unique [:name]
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,57 @@
1
+ # frozen_string_literal: true
2
+ require 'sequel'
3
+ require 'bcrypt'
4
+ require 'digest/md5'
5
+ require 'active_support'
6
+ require 'active_support/core_ext/object/blank'
7
+
8
+ # Why not store this in Elasticsearch?
9
+ module ProxES
10
+ class User < Sequel::Model
11
+ one_to_many :identity
12
+ many_to_many :roles
13
+ one_to_many :audit_logs
14
+
15
+ def role?(check)
16
+ !roles_dataset.first(name: check).nil?
17
+ end
18
+
19
+ def method_missing(method_sym, *arguments, &block)
20
+ if method_sym.to_s[-1] == '?'
21
+ role?(method_sym[0..-2])
22
+ else
23
+ super
24
+ end
25
+ end
26
+
27
+ def respond_to_missing?(name, _include_private = false)
28
+ name[-1] == '?'
29
+ end
30
+
31
+ def gravatar
32
+ hash = Digest::MD5.hexdigest(email.downcase)
33
+ "https://www.gravatar.com/avatar/#{hash}"
34
+ end
35
+
36
+ def validate
37
+ validates_presence :email
38
+ return if email.blank?
39
+ validates_unique :email
40
+ validates_format(/\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i, :email)
41
+ end
42
+
43
+ # Add the basic roles and identity
44
+ def after_create
45
+ check_roles
46
+ end
47
+
48
+ def check_roles
49
+ add_role Role.find_or_create(name: 'user') unless role?('user')
50
+ add_role Role.find_or_create(name: 'super_admin') if id == 1 && ENV['RACK_ENV'] != 'test' && !role?('super_admin')
51
+ end
52
+
53
+ def index_prefix
54
+ email
55
+ end
56
+ end
57
+ end
@@ -0,0 +1,20 @@
1
+ # frozen_string_literal: true
2
+ module ProxES
3
+ class ApplicationPolicy
4
+ attr_reader :user, :record
5
+
6
+ def initialize(user, record)
7
+ @user = user
8
+ @record = record
9
+ end
10
+
11
+ class Scope
12
+ attr_reader :user, :scope
13
+
14
+ def initialize(user, scope)
15
+ @user = user
16
+ @scope = scope
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+ require 'proxes/policies/application_policy'
3
+
4
+ module ProxES
5
+ class AuditLogPolicy < ApplicationPolicy
6
+ def create?
7
+ user && user.super_admin?
8
+ end
9
+
10
+ def list?
11
+ create?
12
+ end
13
+
14
+ def read?
15
+ create?
16
+ end
17
+
18
+ def update?
19
+ read?
20
+ end
21
+
22
+ def delete?
23
+ create?
24
+ end
25
+
26
+ def permitted_attributes
27
+ [:action]
28
+ end
29
+
30
+ class Scope < ApplicationPolicy::Scope
31
+ def resolve
32
+ if user && user.super_admin?
33
+ scope
34
+ else
35
+ scope.where(id: -1)
36
+ end
37
+ end
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,24 @@
1
+ # frozen_string_literal: true
2
+ require_relative 'application_policy'
3
+
4
+ module ProxES
5
+ class IdentityPolicy < ApplicationPolicy
6
+ def register?
7
+ true
8
+ end
9
+
10
+ def permitted_attributes
11
+ [:username, :password, :password_confirmation]
12
+ end
13
+
14
+ class Scope < ApplicationPolicy::Scope
15
+ def resolve
16
+ if user.super_admin?
17
+ scope.all
18
+ else
19
+ []
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+ require 'proxes/policies/application_policy'
3
+
4
+ module ProxES
5
+ class PermissionPolicy < ApplicationPolicy
6
+ def create?
7
+ user && user.super_admin?
8
+ end
9
+
10
+ def list?
11
+ create?
12
+ end
13
+
14
+ def read?
15
+ create?
16
+ end
17
+
18
+ def update?
19
+ read?
20
+ end
21
+
22
+ def delete?
23
+ create?
24
+ end
25
+
26
+ def permitted_attributes
27
+ [:verb, :pattern, :role_id]
28
+ end
29
+
30
+ class Scope < ApplicationPolicy::Scope
31
+ def resolve
32
+ if user && user.super_admin?
33
+ scope
34
+ else
35
+ scope.where(id: -1)
36
+ end
37
+ end
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+ module ProxES
3
+ class Request
4
+ class RootPolicy < ProxES::RequestPolicy
5
+ class Scope < ProxES::RequestPolicy::Scope
6
+ def resolve
7
+ scope
8
+ end
9
+ end
10
+ end
11
+ end
12
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+ module ProxES
3
+ class Request
4
+ class SearchPolicy < ProxES::RequestPolicy
5
+ class Scope < ProxES::RequestPolicy::Scope
6
+ def resolve
7
+ patterns = ProxES::Permission.where(verb: 'INDEX', role: user.roles).map do |permission|
8
+ permission.pattern.gsub(/\{user.(.*)\}/) { |match| user.send(Regexp.last_match[1].to_sym) }
9
+ end
10
+ filter scope.index, patterns
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+ module ProxES
3
+ class Request
4
+ class SnapshotPolicy < ProxES::RequestPolicy
5
+ class Scope < ProxES::RequestPolicy::Scope
6
+ def resolve
7
+ scope
8
+ end
9
+ end
10
+ end
11
+ end
12
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+ module ProxES
3
+ class Request
4
+ class StatsPolicy < ProxES::RequestPolicy
5
+ class Scope < ProxES::RequestPolicy::Scope
6
+ def resolve
7
+ patterns = ProxES::Permission.where(verb: 'INDEX', role: user.roles).map do |permission|
8
+ permission.pattern.gsub(/\{user.(.*)\}/) { |match| user.send(Regexp.last_match[1].to_sym) }
9
+ end
10
+ filter scope.index, patterns
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,69 @@
1
+ # frozen_string_literal: true
2
+ require 'proxes/db'
3
+ require 'proxes/models/permission'
4
+ require 'proxes/services/logger'
5
+ require 'proxes/helpers/indices'
6
+
7
+ module ProxES
8
+ class RequestPolicy
9
+ include Helpers::Indices
10
+
11
+ attr_reader :user, :record
12
+
13
+ def initialize(user, record)
14
+ @user = user
15
+ @record = record
16
+ end
17
+
18
+ def method_missing(method_sym, *arguments, &block)
19
+ if method_sym.to_s[-1] == '?'
20
+ return false if user.nil?
21
+ require 'pry'
22
+ # binding.pry
23
+
24
+ if record.indices?
25
+ patterns = ProxES::Permission.where(verb: 'INDEX', role: user.roles).map do |permission|
26
+ permission.pattern.gsub(/\{user.(.*)\}/) { |match| user.send(Regexp.last_match[1].to_sym) }
27
+ end
28
+ return filter(record.index, patterns).count.positive?
29
+ else
30
+ # Give me all the user's permissions that match the verb
31
+ ProxES::Permission.where(verb: method_sym[0..-2].upcase, role: user.roles).each do |permission|
32
+ return true if record.path =~ %r{#{permission.pattern}}
33
+ end
34
+ end
35
+ false
36
+ else
37
+ super
38
+ end
39
+ end
40
+
41
+ def respond_to_missing?(name, _include_private = false)
42
+ name[-1] == '?'
43
+ end
44
+
45
+ def logger
46
+ @logger ||= ProxES::Services::Logger.instance
47
+ end
48
+
49
+ class Scope
50
+ include Helpers::Indices
51
+
52
+ attr_reader :user, :scope
53
+
54
+ def initialize(user, scope)
55
+ @user = user
56
+ @scope = scope
57
+ end
58
+
59
+ def logger
60
+ @logger ||= ProxES::Services::Logger.instance
61
+ end
62
+ end
63
+ end
64
+ end
65
+
66
+ require 'proxes/policies/request/root_policy'
67
+ require 'proxes/policies/request/stats_policy'
68
+ require 'proxes/policies/request/search_policy'
69
+ require 'proxes/policies/request/snapshot_policy'
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+ require 'proxes/policies/application_policy'
3
+
4
+ module ProxES
5
+ class RolePolicy < ApplicationPolicy
6
+ def create?
7
+ user && user.super_admin?
8
+ end
9
+
10
+ def list?
11
+ create?
12
+ end
13
+
14
+ def read?
15
+ create?
16
+ end
17
+
18
+ def update?
19
+ read?
20
+ end
21
+
22
+ def delete?
23
+ create?
24
+ end
25
+
26
+ def permitted_attributes
27
+ [:name]
28
+ end
29
+
30
+ class Scope < ApplicationPolicy::Scope
31
+ def resolve
32
+ if user && user.super_admin?
33
+ scope
34
+ else
35
+ scope.where(id: -1)
36
+ end
37
+ end
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+ require_relative 'application_policy'
3
+
4
+ module ProxES
5
+ class TokenPolicy < ApplicationPolicy
6
+ def create?
7
+ user.super_admin?
8
+ end
9
+
10
+ def list?
11
+ create?
12
+ end
13
+
14
+ def read?
15
+ record.id == user.id || user.super_admin?
16
+ end
17
+
18
+ def update?
19
+ read?
20
+ end
21
+
22
+ def delete?
23
+ create?
24
+ end
25
+
26
+ def register?
27
+ true
28
+ end
29
+
30
+ def permitted_attributes
31
+ attribs = [:email, :name, :surname]
32
+ attribs << :role if user.super_admin?
33
+ attribs
34
+ end
35
+
36
+ class Scope < ApplicationPolicy::Scope
37
+ def resolve
38
+ if user.super_admin?
39
+ scope.all
40
+ else
41
+ []
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+ require 'proxes/policies/application_policy'
3
+
4
+ module ProxES
5
+ class UserPolicy < ApplicationPolicy
6
+ def create?
7
+ user && user.super_admin?
8
+ end
9
+
10
+ def list?
11
+ create?
12
+ end
13
+
14
+ def read?
15
+ user && (record.id == user.id || user.super_admin?)
16
+ end
17
+
18
+ def update?
19
+ read?
20
+ end
21
+
22
+ def delete?
23
+ create?
24
+ end
25
+
26
+ def register?
27
+ true
28
+ end
29
+
30
+ def permitted_attributes
31
+ attribs = [:email, :name, :surname]
32
+ attribs << :role_id if user.super_admin?
33
+ attribs
34
+ end
35
+
36
+ class Scope < ApplicationPolicy::Scope
37
+ def resolve
38
+ if user && user.super_admin?
39
+ scope
40
+ else
41
+ scope.where(id: -1)
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end