prx_auth-rails 0.0.4 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: bf4706b9a841536e62b064cf2bff4f06961020f3
-  data.tar.gz: ce59d3ffd05b67fec4a7e1d85db16d409ca282f7
+SHA256:
+  metadata.gz: 5204c5e69c74ec1fa4d6acf36b64c62700ba72d5308a020deee0526ff4dd5499
+  data.tar.gz: c5bbf5402868c36ba3e2c011eb4eb906d895e3b5237975a329099047f39a8cb3
 SHA512:
-  metadata.gz: 0899ffc17c75782572566116c4850773bd006687da304a62fc7bc3ad8b5a2beb75f17266f1d11936fee30a80fc27a1872dbe14a0b7705105b34c2f3a7ea2ca45
-  data.tar.gz: 63f557362cb111150061fedeebe9f3f3bb8f46f6ae3bd96b90610de32ef75020f9fa6d14148b631720d4dcc7062a44783edfa114496cf677920ffc7416b491aa
+  metadata.gz: 0d3c3f2ba128a55921138c56e1c052ef6dfd030f720886daa5b77d831545ae9c093ac6c19cbc9887c41b17003142fe2c6eedbf18f6a102ce5e08ec7179556b49
+  data.tar.gz: cedc895cbe9b69bd7f87c365c7a0bf606236291e7572a7da5395c110612adf1e4164e40ed02e1f00517ee89da3e7c26563329b82bdb7026db4b563c113758fcf

data/.gitignore

@@ -15,3 +15,5 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
+.ruby-version
+.DS_Store

data/Guardfile

@@ -0,0 +1,8 @@
+guard :minitest, all_after_pass: true do
+  watch(%r{^test/(.*)\/?test_(.*)\.rb})
+  watch(%r{^lib/(.*/)?([^/]+)\.rb})                      { |m| "test/#{m[1]}test_#{m[2]}.rb" }
+  watch(%r{^lib/(.+)\.rb})                               { |m| "test/#{m[1]}_test.rb" }
+  watch(%r{^lib/(.+)\.rb})                                    { |m| "test/#{m[1]}_test.rb" }
+  watch(%r{^test/.+_test\.rb})
+  watch(%r{^test/test_helper\.rb})                            { 'test' }
+end

data/README.md

@@ -14,7 +14,30 @@ And then execute:
 
 ## Usage
 
-That should be it, I think.
+Installing the gem in a Rails project will automatically add the appropriate Rack middleware to your Rails application and add two methods to your controllers. These methods are:
+
+* `prx_auth_token`: returns a token (similar to PrxAuth::Token) which automatically namespaces queries. The main methods you will be interested in are `authorized?`, `globally_authorized?` and `resources`. More information can be found in PrxAuth.
+
+* `prx_authenticated?`: returns whether or not this request includes a valid PrxAuth token.
+
+### Configuration
+
+Generally, configuration is not required and the gem aims for great defaults, but you can override some settings if you need to change the default behavior.
+
+In your rails app, add a file to config/initializers called `prx_auth.rb`:
+
+```ruby
+PrxAuth::Rails.configure do |config|
+
+  # enables automatic installation of token parser middleware
+  config.install_middleware = false # default: true
+
+  # automatically adds namespace to all scoped queries, e.g. .authorized?(:foo) will be treated
+  # as .authorized?(:my_great_ns, :foo). Has no impact on unscoped queries.
+  config.namespace = :my_great_ns   # default: derived from Rails::Application name.
+                                    #          e.g. class Feeder < Rails::Application => :feeder
+end
+```
 
 ## Contributing
 

data/Rakefile

@@ -1 +1,10 @@
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'
+require 'rake'
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*test.rb'
+end
+
+task default: :test

data/lib/prx_auth/rails.rb

@@ -1,10 +1,17 @@
 require "prx_auth/rails/version"
+require "prx_auth/rails/configuration"
 require "prx_auth/rails/railtie" if defined?(Rails)
+
 module PrxAuth
   module Rails
     class << self
-      attr_accessor :middleware
+      attr_accessor :configuration
+
+      def configure
+        yield configuration
+      end
     end
-    self.middleware = true
+
+    self.configuration = Configuration.new
   end
 end

data/lib/prx_auth/rails/configuration.rb

@@ -0,0 +1,17 @@
+class PrxAuth::Rails::Configuration
+  attr_accessor :install_middleware, :namespace
+
+  def initialize
+    @install_middleware = true
+    if defined?(::Rails)
+      klass = ::Rails.application.class
+      klass_name = if klass.parent_name.present?
+                     klass.parent_name
+                   else
+                     klass.name
+                   end
+
+      @namespace = klass_name.underscore.intern
+    end
+  end
+end

data/lib/prx_auth/rails/ext/controller.rb

@@ -1,8 +1,14 @@
+require 'prx_auth/rails/token'
+
 module PrxAuth
   module Rails
     module Controller
       def prx_auth_token
-        request.env['prx.auth']
+        if !defined? @_prx_auth_token
+          @_prx_auth_token = request.env['prx.auth'] && PrxAuth::Rails::Token.new(request.env['prx.auth'])
+        else
+          @_prx_auth_token
+        end
       end
 
       def prx_authenticated?

data/lib/prx_auth/rails/railtie.rb

@@ -9,8 +9,8 @@ module PrxAuth::Rails
     end
 
     initializer 'prx_auth.insert_middleware' do |app|
-      if PrxAuth::Rails.middleware
-        app.config.middleware.insert ActionDispatch::ParamsParser, Rack::PrxAuth
+      if PrxAuth::Rails.configuration.install_middleware
+        app.config.middleware.insert_after Rack::Head, Rack::PrxAuth
       end
     end
   end

data/lib/prx_auth/rails/token.rb

@@ -0,0 +1,31 @@
+require 'rack/prx_auth'
+
+class PrxAuth::Rails::Token
+  def initialize(token_data)
+    @token_data = token_data
+    @namespace = PrxAuth::Rails.configuration.namespace
+  end
+
+  def authorized?(resource, namespace=nil, scope=nil)
+    namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
+    @token_data.authorized?(resource, namespace, scope)
+  end
+
+  def globally_authorized?(namespace, scope=nil)
+    namespace, scope = @namespace, namespace if scope.nil?
+    @token_data.globally_authorized?(namespace, scope)
+  end
+
+  def resources(namespace=nil, scope=nil)
+    namespace, scope = @namespace, namespace if scope.nil? && !namespace.nil?
+    @token_data.resources(namespace, scope)
+  end
+
+  def scopes
+    @token_data.scopes
+  end
+
+  def user_id
+    @token_data.user_id
+  end
+end

data/lib/prx_auth/rails/version.rb

@@ -1,5 +1,5 @@
 module PrxAuth
   module Rails
-    VERSION = "0.0.4"
+    VERSION = "1.2.0"
   end
 end

data/prx_auth-rails.gemspec

@@ -15,13 +15,23 @@ Gem::Specification.new do |spec|
   spec.homepage      = "https://github.com/PRX/prx_auth-rails"
   spec.license       = "MIT"
 
+  spec.required_ruby_version = '>= 2.3'
+
   spec.files         = `git ls-files`.split($/)
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
-  spec.add_development_dependency "rake"
+  spec.add_runtime_dependency 'actionpack'
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'coveralls', '~> 0'
+  spec.add_development_dependency 'guard'
+  spec.add_development_dependency 'guard-minitest'
+  spec.add_development_dependency 'rails'
+
+
 
-  spec.add_runtime_dependency "rack-prx_auth", "~> 0.0.6"
+  spec.add_runtime_dependency 'prx_auth', "~> 1.2"
 end

data/test/prx_auth/rails/configuration_test.rb

@@ -0,0 +1,30 @@
+require 'test_helper'
+
+describe PrxAuth::Rails::Configuration do
+
+  after(:each) { PrxAuth::Rails.configuration =  PrxAuth::Rails::Configuration.new }
+  subject { PrxAuth::Rails::Configuration.new }
+  
+  it 'initializes with a namespace defined by rails app name' do
+    assert subject.namespace == :test_app
+  end
+
+  it 'can be reconfigured using the namespace attr' do
+    PrxAuth::Rails.configure do |config|
+      config.namespace = :new_test
+    end
+
+    assert PrxAuth::Rails.configuration.namespace == :new_test
+  end
+
+  it 'defaults to enabling the middleware' do
+    assert PrxAuth::Rails.configuration.install_middleware
+  end
+
+  it 'allows overriding of the middleware automatic installation' do
+    PrxAuth::Rails.configure do |config|
+      config.install_middleware = false
+    end
+    assert !PrxAuth::Rails.configuration.install_middleware
+  end
+end

data/test/prx_auth/rails/token_test.rb

@@ -0,0 +1,45 @@
+require 'test_helper'
+
+describe PrxAuth::Rails::Token do
+  let (:aur) { { "123" => "test_app:read other_namespace:write", "*" => "test_app:add" } }
+  let (:sub) { "123" }
+  let (:scope) { "one two three" }
+  let (:token_data) { Rack::PrxAuth::TokenData.new("aur" => aur, "scope" => scope, "sub" => sub)}
+  let (:mock_token_data) { Minitest::Mock.new(token_data) }
+  let (:token) { PrxAuth::Rails::Token.new(mock_token_data) }
+
+  it 'automatically namespaces requests' do
+    mock_token_data.expect(:authorized?, true, ["123", :test_app, :read])
+    assert token.authorized?("123", :read)
+
+    mock_token_data.expect(:resources, ["123"], [:test_app, :read])
+    assert token.resources(:read) === ['123']
+
+    mock_token_data.expect(:globally_authorized?, true, [:test_app, :add])
+    assert token.globally_authorized?(:add) 
+
+    mock_token_data.verify
+  end
+
+  it 'allows unscoped calls to authorized?' do
+    assert token.authorized?("123")
+  end
+
+  it 'allows unscoped calls to resources' do
+    assert token.resources == [ "123" ]
+  end
+
+  it 'allows manual setting of namespace' do
+    assert token.authorized?("123", :other_namespace, :write)
+    assert !token.authorized?("123", :other_namespace, :read)
+
+    assert token.resources(:other_namespace, :write) == ["123"]
+    assert token.resources(:other_namespace, :read) == []
+
+    assert token.globally_authorized?(:add)
+    assert token.globally_authorized?(:test_app, :add)
+    assert !token.globally_authorized?(:other_namespace, :add)
+  end
+
+  
+end

data/test/test_helper.rb

@@ -0,0 +1,24 @@
+require 'coveralls'
+Coveralls.wear!
+
+$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
+
+require 'minitest/autorun'
+require 'minitest/spec'
+require 'minitest/pride'
+require 'action_pack'
+require 'action_controller'
+require 'action_view'
+require 'rails'
+require 'rails/generators'
+require 'rails/generators/test_case'
+# Bundler.require(:default)
+
+class TestApp < Rails::Application
+  config.root = File.dirname(__FILE__)
+  config.eager_load = false
+end
+
+TestApp.initialize!
+
+require 'prx_auth/rails'

metadata

@@ -1,75 +1,153 @@
 --- !ruby/object:Gem::Specification
 name: prx_auth-rails
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 1.2.0
 platform: ruby
 authors:
 - Chris Rhoden
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-22 00:00:00.000000000 Z
+date: 2020-08-10 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rack-prx_auth
+  name: guard-minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.0.6
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: prx_auth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.6
-description: |
-  Rails integration for next generation PRX Authorization system.
+        version: '1.2'
+description: 'Rails integration for next generation PRX Authorization system.
+
+'
 email:
 - carhoden@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
+- ".gitignore"
 - Gemfile
+- Guardfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - lib/prx_auth/rails.rb
+- lib/prx_auth/rails/configuration.rb
 - lib/prx_auth/rails/ext/controller.rb
 - lib/prx_auth/rails/railtie.rb
+- lib/prx_auth/rails/token.rb
 - lib/prx_auth/rails/version.rb
 - prx_auth-rails.gemspec
+- test/log/development.log
+- test/prx_auth/rails/configuration_test.rb
+- test/prx_auth/rails/token_test.rb
+- test/test_helper.rb
 homepage: https://github.com/PRX/prx_auth-rails
 licenses:
 - MIT
@@ -80,18 +158,21 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.1.11
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Rails integration for next generation PRX Authorization system.
-test_files: []
+test_files:
+- test/log/development.log
+- test/prx_auth/rails/configuration_test.rb
+- test/prx_auth/rails/token_test.rb
+- test/test_helper.rb