proxes 0.7.1 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.rubocop.yml +1 -1
- data/.travis.yml +0 -3
- data/Gemfile.ci +5 -2
- data/README.md +12 -9
- data/Rakefile +10 -5
- data/Vagrantfile +1 -4
- data/config.ru +32 -24
- data/lib/{proxes → ditty/components}/proxes.rb +26 -33
- data/lib/proxes/controllers/permissions.rb +4 -3
- data/lib/proxes/models/permission.rb +7 -5
- data/lib/proxes/policies/permission_policy.rb +4 -4
- data/lib/proxes/policies/request/index_policy.rb +1 -1
- data/lib/proxes/policies/request_policy.rb +3 -4
- data/lib/proxes/policies/token_policy.rb +1 -1
- data/lib/proxes/request/cat.rb +2 -2
- data/lib/proxes/request/index.rb +2 -2
- data/lib/proxes/request.rb +1 -1
- data/lib/proxes/security.rb +10 -12
- data/lib/proxes/version.rb +1 -1
- data/lib/proxes.rb +1 -3
- data/migrate/20170207_base_tables.rb +2 -1
- data/migrate/20170208_audit_log.rb +1 -0
- data/proxes.gemspec +15 -14
- data/public/js/bundle.js +44683 -23940
- data/public/js/vendors.js +1 -0
- data/views/permissions/form.haml +2 -2
- data/views/permissions/index.haml +14 -9
- metadata +69 -108
- data/lib/proxes/container.rb +0 -135
- data/lib/proxes/controllers/app.rb +0 -80
- data/lib/proxes/controllers/application.rb +0 -80
- data/lib/proxes/controllers/audit_logs.rb +0 -44
- data/lib/proxes/controllers/component.rb +0 -167
- data/lib/proxes/controllers/roles.rb +0 -16
- data/lib/proxes/controllers/users.rb +0 -183
- data/lib/proxes/db.rb +0 -18
- data/lib/proxes/helpers/authentication.rb +0 -58
- data/lib/proxes/helpers/component.rb +0 -49
- data/lib/proxes/helpers/pundit.rb +0 -40
- data/lib/proxes/helpers/views.rb +0 -42
- data/lib/proxes/helpers/wisper.rb +0 -15
- data/lib/proxes/listener.rb +0 -23
- data/lib/proxes/models/audit_log.rb +0 -14
- data/lib/proxes/models/base.rb +0 -9
- data/lib/proxes/models/identity.rb +0 -70
- data/lib/proxes/models/role.rb +0 -17
- data/lib/proxes/models/user.rb +0 -64
- data/lib/proxes/omniauth.rb +0 -4
- data/lib/proxes/policies/application_policy.rb +0 -21
- data/lib/proxes/policies/audit_log_policy.rb +0 -41
- data/lib/proxes/policies/identity_policy.rb +0 -25
- data/lib/proxes/policies/role_policy.rb +0 -37
- data/lib/proxes/policies/user_policy.rb +0 -43
- data/lib/proxes/rake_tasks.rb +0 -219
- data/lib/proxes/seed.rb +0 -5
- data/lib/proxes/services/logger.rb +0 -51
- data/views/404.haml +0 -1
- data/views/audit_logs/index.haml +0 -26
- data/views/error.haml +0 -4
- data/views/getting_started.haml +0 -16
- data/views/identity/login.haml +0 -19
- data/views/identity/register.haml +0 -14
- data/views/index.haml +0 -3
- data/views/layout.haml +0 -58
- data/views/partials/delete_form.haml +0 -4
- data/views/partials/form_control.haml +0 -20
- data/views/partials/navbar.haml +0 -25
- data/views/partials/notifications.haml +0 -24
- data/views/partials/pager.haml +0 -12
- data/views/partials/sidebar.haml +0 -54
- data/views/roles/display.haml +0 -38
- data/views/roles/edit.haml +0 -11
- data/views/roles/form.haml +0 -1
- data/views/roles/index.haml +0 -20
- data/views/roles/new.haml +0 -10
- data/views/users/display.haml +0 -69
- data/views/users/edit.haml +0 -11
- data/views/users/identity.haml +0 -3
- data/views/users/index.haml +0 -23
- data/views/users/new.haml +0 -11
- data/views/users/profile.haml +0 -39
- data/views/users/user.haml +0 -3
@@ -1,80 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'wisper'
|
4
|
-
require 'sinatra/base'
|
5
|
-
require 'sinatra/flash'
|
6
|
-
require 'sinatra/respond_with'
|
7
|
-
require 'proxes/helpers/views'
|
8
|
-
require 'proxes/helpers/pundit'
|
9
|
-
require 'proxes/helpers/wisper'
|
10
|
-
require 'proxes/helpers/authentication'
|
11
|
-
require 'proxes/services/logger'
|
12
|
-
require 'rack/contrib'
|
13
|
-
require 'elasticsearch'
|
14
|
-
|
15
|
-
module ProxES
|
16
|
-
class Application < Sinatra::Base
|
17
|
-
set :root, ENV['APP_ROOT'] || ::File.expand_path(::File.dirname(__FILE__) + '/../../../')
|
18
|
-
set :view_location, nil
|
19
|
-
set :model_class, nil
|
20
|
-
# The order here is important, since Wisper has a deprecated method respond_with method
|
21
|
-
helpers Wisper::Publisher, Helpers::Wisper
|
22
|
-
helpers Helpers::Pundit, Helpers::Views, Helpers::Authentication
|
23
|
-
|
24
|
-
helpers do
|
25
|
-
def cluster_health
|
26
|
-
@health ||= begin
|
27
|
-
client = ::Elasticsearch::Client.new host: ENV['ELASTICSEARCH_URL']
|
28
|
-
client.cluster.health
|
29
|
-
end
|
30
|
-
rescue => e
|
31
|
-
::ProxES::Services::Logger.instance.warn "Could not connect to ES Cluster: #{e.message}"
|
32
|
-
nil
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
register Sinatra::Flash, Sinatra::RespondWith
|
37
|
-
|
38
|
-
use Rack::PostBodyContentTypeParser
|
39
|
-
use Rack::MethodOverride
|
40
|
-
|
41
|
-
configure :production do
|
42
|
-
disable :show_exceptions
|
43
|
-
end
|
44
|
-
|
45
|
-
configure :development do
|
46
|
-
set :show_exceptions, :after_handler
|
47
|
-
end
|
48
|
-
|
49
|
-
configure :production, :development do
|
50
|
-
enable :logging
|
51
|
-
end
|
52
|
-
|
53
|
-
not_found do
|
54
|
-
haml :'404', locals: { title: '4 oh 4' }
|
55
|
-
end
|
56
|
-
|
57
|
-
error do
|
58
|
-
error = env['sinatra.error']
|
59
|
-
haml :error, locals: { title: 'Something went wrong', message: error }
|
60
|
-
end
|
61
|
-
|
62
|
-
error Helpers::NotAuthenticated do
|
63
|
-
flash[:warning] = 'Please log in first.'
|
64
|
-
redirect '/_proxes/auth/identity'
|
65
|
-
end
|
66
|
-
|
67
|
-
error ::Pundit::NotAuthorizedError do
|
68
|
-
flash[:warning] = 'Please log in first.'
|
69
|
-
redirect '/_proxes/auth/identity'
|
70
|
-
end
|
71
|
-
|
72
|
-
before(/.*/) do
|
73
|
-
::ProxES::Services::Logger.instance.debug "Running with #{self.class}"
|
74
|
-
if request.url =~ /.json/
|
75
|
-
request.accept.unshift('application/json')
|
76
|
-
request.path_info = request.path_info.gsub(/.json/, '')
|
77
|
-
end
|
78
|
-
end
|
79
|
-
end
|
80
|
-
end
|
@@ -1,44 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/controllers/component'
|
4
|
-
require 'proxes/models/audit_log'
|
5
|
-
require 'proxes/policies/audit_log_policy'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class AuditLogs < Component
|
9
|
-
set model_class: AuditLog
|
10
|
-
|
11
|
-
def find_template(views, name, engine, &block)
|
12
|
-
super(views, name, engine, &block) # Root
|
13
|
-
super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
|
14
|
-
end
|
15
|
-
|
16
|
-
def list
|
17
|
-
super.order(:created_at).reverse
|
18
|
-
end
|
19
|
-
|
20
|
-
get '/new' do
|
21
|
-
halt 404
|
22
|
-
end
|
23
|
-
|
24
|
-
post '/' do
|
25
|
-
halt 404
|
26
|
-
end
|
27
|
-
|
28
|
-
get '/:id' do
|
29
|
-
halt 404
|
30
|
-
end
|
31
|
-
|
32
|
-
get '/:id/edit' do
|
33
|
-
halt 404
|
34
|
-
end
|
35
|
-
|
36
|
-
put '/:id' do
|
37
|
-
halt 404
|
38
|
-
end
|
39
|
-
|
40
|
-
delete '/:id' do
|
41
|
-
halt 404
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
@@ -1,167 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/controllers/application'
|
4
|
-
require 'proxes/helpers/component'
|
5
|
-
require 'sinatra/json'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Component < Application
|
9
|
-
helpers Helpers::Component
|
10
|
-
|
11
|
-
set base_path: nil
|
12
|
-
set dehumanized: nil
|
13
|
-
set view_location: nil
|
14
|
-
set track_actions: false
|
15
|
-
|
16
|
-
def find_template(views, name, engine, &block)
|
17
|
-
super(views, name, engine, &block) # Root
|
18
|
-
super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
|
19
|
-
end
|
20
|
-
|
21
|
-
# List
|
22
|
-
get '/', provides: [:html, :json] do
|
23
|
-
authorize settings.model_class, :list
|
24
|
-
|
25
|
-
actions = {}
|
26
|
-
actions["#{base_path}/new"] = "New #{heading}" if policy(settings.model_class).create?
|
27
|
-
|
28
|
-
log_action("#{dehumanized}_list".to_sym) if settings.track_actions
|
29
|
-
respond_to do |format|
|
30
|
-
format.html do
|
31
|
-
haml :"#{view_location}/index",
|
32
|
-
locals: { list: list, title: heading(:list), actions: actions }
|
33
|
-
end
|
34
|
-
format.json do
|
35
|
-
# TODO: Add links defined by actions (New #{heading})
|
36
|
-
json(
|
37
|
-
'items' => list.map(&:for_json),
|
38
|
-
'page' => params[:page],
|
39
|
-
'count' => list.count,
|
40
|
-
'total' => dataset.count
|
41
|
-
)
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
# Create Form
|
47
|
-
get '/new' do
|
48
|
-
authorize settings.model_class, :create
|
49
|
-
|
50
|
-
entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
|
51
|
-
haml :"#{view_location}/new", locals: { entity: entity, title: heading(:new) }
|
52
|
-
end
|
53
|
-
|
54
|
-
# Create
|
55
|
-
post '/' do
|
56
|
-
authorize settings.model_class, :create
|
57
|
-
|
58
|
-
entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
|
59
|
-
success = entity.valid? && entity.save
|
60
|
-
|
61
|
-
log_action("#{dehumanized}_create".to_sym) if success && settings.track_actions
|
62
|
-
respond_to do |format|
|
63
|
-
format.html do
|
64
|
-
if success
|
65
|
-
flash[:success] = "#{heading} Created"
|
66
|
-
redirect "#{base_path}/#{entity.id}"
|
67
|
-
else
|
68
|
-
haml :"#{view_location}/new", locals: { entity: entity, title: heading(:new) }
|
69
|
-
end
|
70
|
-
end
|
71
|
-
format.json do
|
72
|
-
headers 'Content-Type' => 'application/json'
|
73
|
-
if success
|
74
|
-
redirect "#{base_path}/#{entity.id}", 201
|
75
|
-
else
|
76
|
-
400
|
77
|
-
end
|
78
|
-
end
|
79
|
-
end
|
80
|
-
end
|
81
|
-
|
82
|
-
# Read
|
83
|
-
get '/:id' do |id|
|
84
|
-
entity = dataset[id.to_i]
|
85
|
-
halt 404 unless entity
|
86
|
-
authorize entity, :read
|
87
|
-
|
88
|
-
actions = {}
|
89
|
-
actions["#{base_path}/#{entity.id}/edit"] = "Edit #{heading}" if policy(entity).update?
|
90
|
-
|
91
|
-
log_action("#{dehumanized}_read".to_sym) if settings.track_actions
|
92
|
-
respond_to do |format|
|
93
|
-
format.html do
|
94
|
-
haml :"#{view_location}/display",
|
95
|
-
locals: { entity: entity, title: heading, actions: actions }
|
96
|
-
end
|
97
|
-
format.json do
|
98
|
-
# TODO: Add links defined by actions (Edit #{heading})
|
99
|
-
json entity.for_json
|
100
|
-
end
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
# Update Form
|
105
|
-
get '/:id/edit' do |id|
|
106
|
-
entity = dataset[id.to_i]
|
107
|
-
halt 404 unless entity
|
108
|
-
authorize entity, :update
|
109
|
-
|
110
|
-
haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
|
111
|
-
end
|
112
|
-
|
113
|
-
# Update
|
114
|
-
put '/:id' do |id|
|
115
|
-
entity = dataset[id.to_i]
|
116
|
-
halt 404 unless entity
|
117
|
-
authorize entity, :update
|
118
|
-
|
119
|
-
entity.set(permitted_attributes(settings.model_class, :update))
|
120
|
-
|
121
|
-
success = entity.valid? && entity.save
|
122
|
-
log_action("#{dehumanized}_update".to_sym) if success && settings.track_actions
|
123
|
-
if success
|
124
|
-
respond_to do |format|
|
125
|
-
format.html do
|
126
|
-
flash[:success] = "#{heading} Updated"
|
127
|
-
redirect "#{base_path}/#{entity.id}"
|
128
|
-
end
|
129
|
-
format.json do
|
130
|
-
headers 'Location' => "#{base_path}/#{entity.id}"
|
131
|
-
json body entity.for_json
|
132
|
-
end
|
133
|
-
end
|
134
|
-
else
|
135
|
-
respond_to do |format|
|
136
|
-
format.html do
|
137
|
-
haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
|
138
|
-
end
|
139
|
-
format.json do
|
140
|
-
400
|
141
|
-
end
|
142
|
-
end
|
143
|
-
end
|
144
|
-
end
|
145
|
-
|
146
|
-
delete '/:id' do |id|
|
147
|
-
entity = dataset[id.to_i]
|
148
|
-
halt 404 unless entity
|
149
|
-
authorize entity, :delete
|
150
|
-
|
151
|
-
entity.destroy
|
152
|
-
|
153
|
-
log_action("#{dehumanized}_delete".to_sym) if settings.track_actions
|
154
|
-
respond_to do |format|
|
155
|
-
format.html do
|
156
|
-
flash[:success] = "#{heading} Deleted"
|
157
|
-
redirect base_path.to_s
|
158
|
-
end
|
159
|
-
format.json do
|
160
|
-
content_type 'application/json'
|
161
|
-
headers 'Location' => '/_proxes/users'
|
162
|
-
status 204
|
163
|
-
end
|
164
|
-
end
|
165
|
-
end
|
166
|
-
end
|
167
|
-
end
|
@@ -1,16 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/controllers/component'
|
4
|
-
require 'proxes/models/role'
|
5
|
-
require 'proxes/policies/role_policy'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Roles < Component
|
9
|
-
set model_class: Role
|
10
|
-
|
11
|
-
def find_template(views, name, engine, &block)
|
12
|
-
super(views, name, engine, &block) # Root
|
13
|
-
super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
|
14
|
-
end
|
15
|
-
end
|
16
|
-
end
|
@@ -1,183 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/controllers/component'
|
4
|
-
require 'proxes/models/user'
|
5
|
-
require 'proxes/policies/user_policy'
|
6
|
-
require 'proxes/models/identity'
|
7
|
-
require 'proxes/policies/identity_policy'
|
8
|
-
|
9
|
-
module ProxES
|
10
|
-
class Users < Component
|
11
|
-
set model_class: User
|
12
|
-
set track_actions: true
|
13
|
-
|
14
|
-
def find_template(views, name, engine, &block)
|
15
|
-
super(views, name, engine, &block) # Root
|
16
|
-
super(::ProxES::ProxES.view_folder, name, engine, &block) # Basic Plugin
|
17
|
-
end
|
18
|
-
|
19
|
-
# New
|
20
|
-
get '/new' do
|
21
|
-
authorize settings.model_class, :create
|
22
|
-
|
23
|
-
locals = {
|
24
|
-
title: heading(:new),
|
25
|
-
entity: User.new,
|
26
|
-
identity: Identity.new
|
27
|
-
}
|
28
|
-
haml :"#{view_location}/new", locals: locals, layout_opts: { locals: locals }
|
29
|
-
end
|
30
|
-
|
31
|
-
# Create
|
32
|
-
post '/' do
|
33
|
-
authorize settings.model_class, :create
|
34
|
-
|
35
|
-
locals = { title: heading(:new) }
|
36
|
-
|
37
|
-
user_params = permitted_attributes(User, :create)
|
38
|
-
identity_params = permitted_attributes(Identity, :create)
|
39
|
-
user_params['email'] = identity_params['username']
|
40
|
-
roles = user_params.delete('role_id')
|
41
|
-
|
42
|
-
user = locals[:user] = User.new(user_params)
|
43
|
-
identity = locals[:identity] = Identity.new(identity_params)
|
44
|
-
|
45
|
-
if identity.valid? && user.valid?
|
46
|
-
DB.transaction(isolation: :serializable) do
|
47
|
-
identity.save
|
48
|
-
user.save
|
49
|
-
user.add_identity identity
|
50
|
-
if roles
|
51
|
-
roles.each do |role_id|
|
52
|
-
user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
|
53
|
-
end
|
54
|
-
end
|
55
|
-
user.check_roles
|
56
|
-
end
|
57
|
-
|
58
|
-
log_action("#{dehumanized}_create".to_sym) if settings.track_actions
|
59
|
-
respond_to do |format|
|
60
|
-
format.html do
|
61
|
-
flash[:success] = 'User created'
|
62
|
-
redirect "/_proxes/users/#{user.id}"
|
63
|
-
end
|
64
|
-
format.json do
|
65
|
-
headers 'Content-Type' => 'application/json'
|
66
|
-
redirect "/_proxes/users/#{user.id}", 201
|
67
|
-
end
|
68
|
-
end
|
69
|
-
else
|
70
|
-
respond_to do |format|
|
71
|
-
format.html do
|
72
|
-
flash.now[:danger] = 'Could not create the user'
|
73
|
-
locals[:entity] = user
|
74
|
-
locals[:identity] = identity
|
75
|
-
haml :"#{view_location}/new", locals: locals
|
76
|
-
end
|
77
|
-
format.json do
|
78
|
-
headers \
|
79
|
-
'Content-Type' => 'application/json',
|
80
|
-
'Content-Location' => "#{view_location}/new"
|
81
|
-
body ''
|
82
|
-
status 402
|
83
|
-
end
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
|
-
# Update
|
89
|
-
put '/:id' do |id|
|
90
|
-
entity = dataset[id.to_i]
|
91
|
-
halt 404 unless entity
|
92
|
-
authorize entity, :update
|
93
|
-
|
94
|
-
values = permitted_attributes(settings.model_class, :update)
|
95
|
-
roles = values.delete('role_id')
|
96
|
-
entity.set values
|
97
|
-
if entity.valid? && entity.save
|
98
|
-
entity.remove_all_roles
|
99
|
-
roles.each { |role_id| entity.add_role(role_id) } if roles
|
100
|
-
entity.check_roles
|
101
|
-
log_action("#{dehumanized}_update".to_sym) if settings.track_actions
|
102
|
-
respond_to do |format|
|
103
|
-
format.html do
|
104
|
-
flash[:success] = "#{heading} Updated"
|
105
|
-
redirect "/_proxes/users/#{entity.id}"
|
106
|
-
end
|
107
|
-
format.json do
|
108
|
-
content_type 'application/json'
|
109
|
-
headers 'Location' => "/_proxes/users/#{entity.id}"
|
110
|
-
body entity.to_hash.to_json
|
111
|
-
status 200
|
112
|
-
end
|
113
|
-
end
|
114
|
-
else
|
115
|
-
haml :"#{view_location}/edit", locals: { entity: entity, title: heading(:edit) }
|
116
|
-
end
|
117
|
-
end
|
118
|
-
|
119
|
-
put '/:id/identity' do |id|
|
120
|
-
entity = dataset[id.to_i]
|
121
|
-
halt 404 unless entity
|
122
|
-
authorize entity, :update
|
123
|
-
|
124
|
-
identity = entity.identity.first
|
125
|
-
identity_params = params['identity']
|
126
|
-
|
127
|
-
unless identity_params['password'] == identity_params['password_confirmation']
|
128
|
-
flash[:warning] = 'Password didn\'t match'
|
129
|
-
return redirect back
|
130
|
-
end
|
131
|
-
|
132
|
-
unless current_user.super_admin? || identity.authenticate(identity_params['old_password'])
|
133
|
-
log_action("#{dehumanized}_update_password_failed".to_sym) if settings.track_actions
|
134
|
-
flash[:danger] = 'Old Password didn\'t match'
|
135
|
-
return redirect back
|
136
|
-
end
|
137
|
-
|
138
|
-
values = permitted_attributes(Identity, :create)
|
139
|
-
identity.set values
|
140
|
-
if identity.valid? && identity.save
|
141
|
-
log_action("#{dehumanized}_update_password".to_sym) if settings.track_actions
|
142
|
-
flash[:success] = 'Password Updated'
|
143
|
-
redirect "#{base_path}/#{entity.id}"
|
144
|
-
elsif current_user.super_admin?
|
145
|
-
haml :"#{view_location}/display", locals: { entity: entity, identity: identity, title: heading }
|
146
|
-
else
|
147
|
-
haml :"#{view_location}/profile", locals: { entity: entity, identity: identity, title: heading }
|
148
|
-
end
|
149
|
-
end
|
150
|
-
|
151
|
-
# Delete
|
152
|
-
delete '/:id', provides: [:html, :json] do |id|
|
153
|
-
entity = dataset[id.to_i]
|
154
|
-
halt 404 unless entity
|
155
|
-
authorize entity, :delete
|
156
|
-
|
157
|
-
entity.remove_all_identity
|
158
|
-
entity.remove_all_roles
|
159
|
-
entity.destroy
|
160
|
-
|
161
|
-
log_action("#{dehumanized}_delete".to_sym) if settings.track_actions
|
162
|
-
respond_to do |format|
|
163
|
-
format.html do
|
164
|
-
flash[:success] = "#{heading} Deleted"
|
165
|
-
redirect '/_proxes/users'
|
166
|
-
end
|
167
|
-
format.json do
|
168
|
-
content_type 'application/json'
|
169
|
-
headers 'Location' => '/_proxes/users'
|
170
|
-
status 204
|
171
|
-
end
|
172
|
-
end
|
173
|
-
end
|
174
|
-
|
175
|
-
# Profile
|
176
|
-
get '/profile' do
|
177
|
-
entity = current_user
|
178
|
-
authorize entity, :read
|
179
|
-
|
180
|
-
haml :"#{view_location}/profile", locals: { entity: entity, identity: entity.identity.first, title: 'My Account' }
|
181
|
-
end
|
182
|
-
end
|
183
|
-
end
|
data/lib/proxes/db.rb
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'sequel'
|
4
|
-
require 'proxes/services/logger'
|
5
|
-
|
6
|
-
# Delete DATABASE_URL from the environment, so it isn't accidently
|
7
|
-
# passed to subprocesses. DATABASE_URL may contain passwords.
|
8
|
-
DB = Sequel.connect(ENV['RACK_ENV'] == 'production' ? ENV.delete('DATABASE_URL') : ENV['DATABASE_URL'])
|
9
|
-
|
10
|
-
log_level = (ENV['SEQUEL_LOGGING_LEVEL'] || :debug).to_sym
|
11
|
-
DB.sql_log_level = log_level
|
12
|
-
DB.loggers << ProxES::Services::Logger.instance
|
13
|
-
|
14
|
-
DB.extension(:pagination)
|
15
|
-
|
16
|
-
Sequel::Model.plugin :auto_validations
|
17
|
-
Sequel::Model.plugin :update_or_create
|
18
|
-
Sequel::Model.plugin :timestamps, update_on_create: true
|
@@ -1,58 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module ProxES
|
4
|
-
module Helpers
|
5
|
-
module Authentication
|
6
|
-
def current_user
|
7
|
-
if env['rack.session'].nil? || env['rack.session']['user_id'].nil?
|
8
|
-
self.current_user = anonymous_user
|
9
|
-
end
|
10
|
-
@users ||= Hash.new { |h, k| h[k] = User[k] }
|
11
|
-
@users[env['rack.session']['user_id']]
|
12
|
-
end
|
13
|
-
|
14
|
-
def current_user=(user)
|
15
|
-
env['rack.session'] = {} if env['rack.session'].nil?
|
16
|
-
env['rack.session']['user_id'] = user.id if user
|
17
|
-
end
|
18
|
-
|
19
|
-
def authenticate
|
20
|
-
authenticated?
|
21
|
-
end
|
22
|
-
|
23
|
-
def authenticated?
|
24
|
-
current_user && !current_user.role?('anonymous')
|
25
|
-
end
|
26
|
-
|
27
|
-
def authenticate!
|
28
|
-
raise NotAuthenticated unless authenticated?
|
29
|
-
true
|
30
|
-
end
|
31
|
-
|
32
|
-
def logout
|
33
|
-
env['rack.session'].delete('user_id')
|
34
|
-
end
|
35
|
-
|
36
|
-
def check_basic(request)
|
37
|
-
auth = Rack::Auth::Basic::Request.new(request.env)
|
38
|
-
return false unless auth.provided? && auth.basic?
|
39
|
-
|
40
|
-
identity = ::ProxES::Identity.find(username: auth.credentials[0])
|
41
|
-
identity = ::ProxES::Identity.find(username: URI.unescape(auth.credentials[0])) unless identity
|
42
|
-
return false unless identity
|
43
|
-
self.current_user = identity.user if identity.authenticate(auth.credentials[1])
|
44
|
-
end
|
45
|
-
|
46
|
-
def anonymous_user
|
47
|
-
return @anonymous_user if defined? @anonymous_user
|
48
|
-
@anonymous_user ||= begin
|
49
|
-
role = ::ProxES::Role.where(name: 'anonymous').first
|
50
|
-
::ProxES::User.where(roles: role).first unless role.nil?
|
51
|
-
end
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
class NotAuthenticated < StandardError
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
@@ -1,49 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'active_support'
|
4
|
-
require 'active_support/inflector'
|
5
|
-
|
6
|
-
module ProxES
|
7
|
-
module Helpers
|
8
|
-
module Component
|
9
|
-
include ActiveSupport::Inflector
|
10
|
-
|
11
|
-
def dataset
|
12
|
-
policy_scope(settings.model_class)
|
13
|
-
end
|
14
|
-
|
15
|
-
def list
|
16
|
-
params['count'] ||= 10
|
17
|
-
params['page'] ||= 1
|
18
|
-
|
19
|
-
dataset.select.paginate(params['page'].to_i, params['count'].to_i)
|
20
|
-
end
|
21
|
-
|
22
|
-
def heading(action = nil)
|
23
|
-
@headings ||= begin
|
24
|
-
heading = titleize(demodulize(settings.model_class))
|
25
|
-
h = Hash.new(heading)
|
26
|
-
h[:new] = "New #{heading}"
|
27
|
-
h[:list] = pluralize heading
|
28
|
-
h[:edit] = "Edit #{heading}"
|
29
|
-
h
|
30
|
-
end
|
31
|
-
@headings[action]
|
32
|
-
end
|
33
|
-
|
34
|
-
def dehumanized
|
35
|
-
settings.dehumanized || underscore(heading)
|
36
|
-
end
|
37
|
-
|
38
|
-
def base_path
|
39
|
-
settings.base_path || "/_proxes/#{dasherize(view_location)}"
|
40
|
-
end
|
41
|
-
|
42
|
-
def view_location
|
43
|
-
return settings.view_location if settings.view_location
|
44
|
-
return underscore(pluralize(demodulize(settings.model_class))) if settings.model_class
|
45
|
-
underscore(demodulize(self.class))
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
@@ -1,40 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'pundit'
|
4
|
-
require 'proxes/request'
|
5
|
-
|
6
|
-
module ProxES
|
7
|
-
module Helpers
|
8
|
-
module Pundit
|
9
|
-
include ::Pundit
|
10
|
-
|
11
|
-
def authorize(record, query = nil)
|
12
|
-
if record.is_a?(Request)
|
13
|
-
query = record.request_method.downcase
|
14
|
-
elsif query.nil?
|
15
|
-
raise ArgumentError, 'Pundit cannot determine the query'
|
16
|
-
end
|
17
|
-
query = :"#{query}?" unless query[-1] == '?'
|
18
|
-
super
|
19
|
-
end
|
20
|
-
|
21
|
-
def permitted_attributes(record, action)
|
22
|
-
param_key = PolicyFinder.new(record).param_key
|
23
|
-
policy = policy(record)
|
24
|
-
method_name = if policy.respond_to?("permitted_attributes_for_#{action}")
|
25
|
-
"permitted_attributes_for_#{action}"
|
26
|
-
else
|
27
|
-
'permitted_attributes'
|
28
|
-
end
|
29
|
-
|
30
|
-
request.params.fetch(param_key, {}).select do |key, _value|
|
31
|
-
policy.public_send(method_name).include? key.to_sym
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
def pundit_user
|
36
|
-
current_user
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
data/lib/proxes/helpers/views.rb
DELETED
@@ -1,42 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module ProxES
|
4
|
-
module Helpers
|
5
|
-
module Views
|
6
|
-
def form_control(name, model, opts = {})
|
7
|
-
label = opts.delete(:label) || name.to_s.titlecase
|
8
|
-
klass = opts.delete(:class) || 'form-control' unless opts[:type] == 'file'
|
9
|
-
group = opts.delete(:group) || model.class.to_s.demodulize.underscore
|
10
|
-
field = opts.delete(:field) || name
|
11
|
-
|
12
|
-
attributes = { type: 'text', id: name, name: "#{group}[#{name}]", class: klass }.merge(opts)
|
13
|
-
locals = { model: model, label: label, attributes: attributes, name: name, group: group, field: field }
|
14
|
-
haml :'partials/form_control', locals: locals
|
15
|
-
end
|
16
|
-
|
17
|
-
def flash_messages(key = :flash)
|
18
|
-
return '' if flash(key).empty?
|
19
|
-
id = (key == :flash ? 'flash' : "flash_#{key}")
|
20
|
-
messages = flash(key).collect do |message|
|
21
|
-
" <div class='alert alert-#{message[0]} alert-dismissable' role='alert'>#{message[1]}</div>\n"
|
22
|
-
end
|
23
|
-
"<div id='#{id}'>\n" + messages.join + '</div>'
|
24
|
-
end
|
25
|
-
|
26
|
-
def delete_form(entity, label = 'Delete')
|
27
|
-
locals = { delete_label: label, entity: entity }
|
28
|
-
haml :'partials/delete_form', locals: locals
|
29
|
-
end
|
30
|
-
|
31
|
-
def pagination(list, base_path)
|
32
|
-
locals = {
|
33
|
-
next_link: list.last_page? ? '#' : "#{base_path}?page=#{list.next_page}&count=#{list.page_size}",
|
34
|
-
prev_link: list.first_page? ? '#' : "#{base_path}?page=#{list.prev_page}&count=#{list.page_size}",
|
35
|
-
base_path: base_path,
|
36
|
-
list: list
|
37
|
-
}
|
38
|
-
haml :'partials/pager', locals: locals
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
end
|