prx_auth 1.7.2 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/prx_auth/resource_map.rb +13 -0
- data/lib/prx_auth/version.rb +1 -1
- data/lib/rack/prx_auth/token_data.rb +13 -0
- data/prx_auth.gemspec +2 -0
- data/test/prx_auth/resource_map_test.rb +13 -0
- data/test/rack/prx_auth/token_data_test.rb +37 -0
- data/test/test_helper.rb +2 -0
- metadata +30 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 80b52f104115aa7226438db0566660e430cec97a304798bf2098467d69a73547
|
4
|
+
data.tar.gz: a40db03c0c4a4f529231a8d7f63c80a8c6c50b5f7010c6cc84d6d63f399e5752
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cb2093473b3f817c9e0b7edf4eacd9427d3efa30d3338c344956a64c004876b788e1342615f72d20f2fcfd7e3ff79a1247180da65c9691c30a960dbafd7b0e2d
|
7
|
+
data.tar.gz: ed0ee1c6557b1a5420e9f6e195067de9b5440175c59cb8d6708f668464e86018c89d162d146b8e92fddf5c81594aedc86011d4c48a670796a9b989a62af81026
|
@@ -43,6 +43,19 @@ module PrxAuth
|
|
43
43
|
super(key.to_s, value)
|
44
44
|
end
|
45
45
|
|
46
|
+
def except!(*keys)
|
47
|
+
keys.each { |key| delete(key.to_s) }
|
48
|
+
self
|
49
|
+
end
|
50
|
+
|
51
|
+
def except(*keys)
|
52
|
+
dup.except!(*keys)
|
53
|
+
end
|
54
|
+
|
55
|
+
def empty?
|
56
|
+
@wildcard.empty? && (super || values.all?(&:empty?))
|
57
|
+
end
|
58
|
+
|
46
59
|
def condense
|
47
60
|
condensed_wildcard = @wildcard.condense
|
48
61
|
condensed_map = map do |resource, list|
|
data/lib/prx_auth/version.rb
CHANGED
@@ -37,6 +37,19 @@ module Rack
|
|
37
37
|
resources(::PrxAuth::Rails.configuration.namespace, scope).map(&:to_i)
|
38
38
|
end
|
39
39
|
|
40
|
+
def except!(*resources)
|
41
|
+
@authorized_resources = @authorized_resources.except(*resources)
|
42
|
+
self
|
43
|
+
end
|
44
|
+
|
45
|
+
def except(*resources)
|
46
|
+
dup.except!(*resources)
|
47
|
+
end
|
48
|
+
|
49
|
+
def empty_resources?
|
50
|
+
@authorized_resources.empty?
|
51
|
+
end
|
52
|
+
|
40
53
|
private
|
41
54
|
|
42
55
|
def unpack_aur(aur)
|
data/prx_auth.gemspec
CHANGED
@@ -23,6 +23,8 @@ Gem::Specification.new do |spec|
|
|
23
23
|
spec.add_development_dependency "coveralls", "~> 0"
|
24
24
|
spec.add_development_dependency "guard"
|
25
25
|
spec.add_development_dependency "guard-minitest"
|
26
|
+
spec.add_development_dependency "pry"
|
27
|
+
spec.add_development_dependency "pry-byebug"
|
26
28
|
spec.add_development_dependency "standard"
|
27
29
|
|
28
30
|
spec.add_dependency "rack", ">= 1.5.2"
|
@@ -181,4 +181,17 @@ describe PrxAuth::ResourceMap do
|
|
181
181
|
refute_nil map["789"]
|
182
182
|
end
|
183
183
|
end
|
184
|
+
|
185
|
+
describe "#except" do
|
186
|
+
it "removes keys" do
|
187
|
+
map2 = map.except(123)
|
188
|
+
|
189
|
+
assert_equal ["123", "456"], map.keys
|
190
|
+
assert_equal ["456"], map2.keys
|
191
|
+
|
192
|
+
# the ! version modifies the map
|
193
|
+
map2.except!("456")
|
194
|
+
assert_equal [], map2.keys
|
195
|
+
end
|
196
|
+
end
|
184
197
|
end
|
@@ -97,5 +97,42 @@ describe Rack::PrxAuth::TokenData do
|
|
97
97
|
end
|
98
98
|
end
|
99
99
|
end
|
100
|
+
|
101
|
+
describe "#except" do
|
102
|
+
let(:token) { Rack::PrxAuth::TokenData.new("aur" => aur) }
|
103
|
+
let(:aur) { {"123" => "admin ns1:namespaced", "456" => "member"} }
|
104
|
+
|
105
|
+
it "removes resources from the aur" do
|
106
|
+
token2 = token.except(123)
|
107
|
+
|
108
|
+
assert token.authorized?(123, "admin")
|
109
|
+
assert token.authorized?(456, "member")
|
110
|
+
|
111
|
+
refute token2.authorized?(123, "admin")
|
112
|
+
assert token2.authorized?(456, "member")
|
113
|
+
|
114
|
+
# the ! version modifies the token
|
115
|
+
token2.except!(456)
|
116
|
+
refute token2.authorized?(456, "member")
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
describe "#empty_resources?" do
|
121
|
+
it "checks if the user has access to any resources" do
|
122
|
+
token = Rack::PrxAuth::TokenData.new("aur" => {"123" => "anything"})
|
123
|
+
refute token.empty_resources?
|
124
|
+
assert token.except("123").empty_resources?
|
125
|
+
end
|
126
|
+
|
127
|
+
it "checks for empty scopes" do
|
128
|
+
token = Rack::PrxAuth::TokenData.new("aur" => {"123" => ""})
|
129
|
+
assert token.empty_resources?
|
130
|
+
end
|
131
|
+
|
132
|
+
it "is not empty with wildcard auth" do
|
133
|
+
token = Rack::PrxAuth::TokenData.new("aur" => {"*" => "anything"})
|
134
|
+
refute token.empty_resources?
|
135
|
+
end
|
136
|
+
end
|
100
137
|
end
|
101
138
|
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: prx_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eve Asher
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2023-
|
12
|
+
date: 2023-08-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -81,6 +81,34 @@ dependencies:
|
|
81
81
|
- - ">="
|
82
82
|
- !ruby/object:Gem::Version
|
83
83
|
version: '0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: pry
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
type: :development
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: pry-byebug
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
type: :development
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
84
112
|
- !ruby/object:Gem::Dependency
|
85
113
|
name: standard
|
86
114
|
requirement: !ruby/object:Gem::Requirement
|