rsb-admin 0.9.1 → 0.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/rsb/admin/admin_controller.rb +16 -0
- data/app/views/rsb/admin/shared/forbidden.html.erb +4 -5
- data/db/migrate/{20260208000003_create_rsb_admin_tables.rb → 20260216300001_create_rsb_admin_tables.rb} +7 -1
- data/lib/rsb/admin/settings_schema.rb +6 -0
- metadata +4 -5
- data/db/migrate/20260214000001_add_otp_fields_to_rsb_admin_admin_users.rb +0 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e13a1c64353fc1ee84f05959fe7232035f3907adc5beb9c27292bc633451b707
|
|
4
|
+
data.tar.gz: b6f5678d1c5aea17aef9f06ee8bea21fe689a9c76afc43d7f69bac7e23cbfbb4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 942ffa094ab1f97f40ee7883c9737e22ca667e233aaad62c4a58709e5c7f81a49ae42a6c26efde39f846b719e19c3a9159ff96d3b0b9995d3478e93b55398d74
|
|
7
|
+
data.tar.gz: e01b91a34eef78872df23d9b93aece5a132603e38c39b2f89612f10053a52eac430978961f70b5fd5ae0ba26144e5ef78447d2b533a9777b3a636858e43ba145
|
|
@@ -24,6 +24,7 @@ module RSB
|
|
|
24
24
|
before_action :set_seo_context
|
|
25
25
|
before_action :check_admin_enabled
|
|
26
26
|
before_action :require_admin_authentication
|
|
27
|
+
before_action :check_session_idle_timeout
|
|
27
28
|
before_action :enforce_two_factor_enrollment
|
|
28
29
|
before_action :build_breadcrumbs
|
|
29
30
|
before_action :track_session_activity
|
|
@@ -48,6 +49,21 @@ module RSB
|
|
|
48
49
|
redirect_to rsb_admin.login_path, alert: 'Please sign in.'
|
|
49
50
|
end
|
|
50
51
|
|
|
52
|
+
# Checks if the current admin session has been idle longer than the configured timeout.
|
|
53
|
+
def check_session_idle_timeout
|
|
54
|
+
timeout = RSB::Settings.get('admin.session_idle_timeout').to_i
|
|
55
|
+
return if timeout <= 0
|
|
56
|
+
return unless current_admin_session
|
|
57
|
+
|
|
58
|
+
if current_admin_session.last_active_at < timeout.seconds.ago
|
|
59
|
+
current_admin_session.destroy
|
|
60
|
+
session.delete(:rsb_admin_session_token)
|
|
61
|
+
@current_admin_user = nil
|
|
62
|
+
@current_admin_session = nil
|
|
63
|
+
redirect_to rsb_admin.login_path, alert: 'Session expired due to inactivity.'
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
51
67
|
def enforce_two_factor_enrollment
|
|
52
68
|
return unless current_admin_user
|
|
53
69
|
return unless ActiveModel::Type::Boolean.new.cast(RSB::Settings.get('admin.require_two_factor'))
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<div class="flex items-center justify-center min-h-[60vh]">
|
|
2
2
|
<div class="bg-rsb-card border border-rsb-border rounded-rsb-lg shadow-rsb-sm p-8 max-w-md w-full text-center">
|
|
3
|
-
<div class="mb-4 text-rsb-muted">
|
|
3
|
+
<div class="mb-4 text-rsb-muted flex justify-center">
|
|
4
4
|
<%= rsb_admin_icon("lock", size: 48) %>
|
|
5
5
|
</div>
|
|
6
6
|
<h1 class="text-2xl font-bold mb-2"><%= rsb_admin_t("shared.access_denied") %></h1>
|
|
@@ -12,11 +12,10 @@
|
|
|
12
12
|
<%= rsb_admin_t("shared.go_to_dashboard") %>
|
|
13
13
|
</a>
|
|
14
14
|
<% end %>
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
data-turbo-method="delete">
|
|
15
|
+
<%= button_to rsb_admin.logout_path, method: :delete,
|
|
16
|
+
class: "text-sm text-rsb-muted hover:text-rsb-text" do %>
|
|
18
17
|
<%= rsb_admin_t("shared.sign_out_and_try") %>
|
|
19
|
-
|
|
18
|
+
<% end %>
|
|
20
19
|
</div>
|
|
21
20
|
</div>
|
|
22
21
|
</div>
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
class CreateRSBAdminTables < ActiveRecord::Migration[8.
|
|
3
|
+
class CreateRSBAdminTables < ActiveRecord::Migration[8.1]
|
|
4
4
|
def change
|
|
5
5
|
create_table :rsb_admin_roles do |t|
|
|
6
6
|
t.string :name, null: false
|
|
7
7
|
t.json :permissions, null: false, default: {}
|
|
8
8
|
t.boolean :built_in, default: false
|
|
9
|
+
|
|
9
10
|
t.timestamps
|
|
10
11
|
end
|
|
11
12
|
|
|
@@ -20,6 +21,10 @@ class CreateRSBAdminTables < ActiveRecord::Migration[8.0]
|
|
|
20
21
|
t.string :pending_email
|
|
21
22
|
t.string :email_verification_token
|
|
22
23
|
t.datetime :email_verification_sent_at
|
|
24
|
+
t.string :otp_secret
|
|
25
|
+
t.boolean :otp_required, null: false, default: false
|
|
26
|
+
t.text :otp_backup_codes
|
|
27
|
+
|
|
23
28
|
t.timestamps
|
|
24
29
|
end
|
|
25
30
|
|
|
@@ -35,6 +40,7 @@ class CreateRSBAdminTables < ActiveRecord::Migration[8.0]
|
|
|
35
40
|
t.string :os
|
|
36
41
|
t.string :device_type
|
|
37
42
|
t.datetime :last_active_at, null: false
|
|
43
|
+
|
|
38
44
|
t.timestamps
|
|
39
45
|
end
|
|
40
46
|
|
|
@@ -53,6 +53,12 @@ module RSB
|
|
|
53
53
|
default: false,
|
|
54
54
|
group: 'Security',
|
|
55
55
|
description: 'Require all admin users to enable two-factor authentication'
|
|
56
|
+
|
|
57
|
+
setting :session_idle_timeout,
|
|
58
|
+
type: :integer,
|
|
59
|
+
default: 0,
|
|
60
|
+
group: 'Security',
|
|
61
|
+
description: 'Admin session idle timeout in seconds. When greater than 0, admin sessions inactive for this duration are expired. 0 = no idle timeout (default).'
|
|
56
62
|
end
|
|
57
63
|
end
|
|
58
64
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rsb-admin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.9.
|
|
4
|
+
version: 0.9.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aleksandr Marchenko
|
|
@@ -71,14 +71,14 @@ dependencies:
|
|
|
71
71
|
requirements:
|
|
72
72
|
- - '='
|
|
73
73
|
- !ruby/object:Gem::Version
|
|
74
|
-
version: 0.9.
|
|
74
|
+
version: 0.9.2
|
|
75
75
|
type: :runtime
|
|
76
76
|
prerelease: false
|
|
77
77
|
version_requirements: !ruby/object:Gem::Requirement
|
|
78
78
|
requirements:
|
|
79
79
|
- - '='
|
|
80
80
|
- !ruby/object:Gem::Version
|
|
81
|
-
version: 0.9.
|
|
81
|
+
version: 0.9.2
|
|
82
82
|
description: Registrable admin panel with dynamic RBAC, settings page, and a test
|
|
83
83
|
kit for extension developers. Simpler than ActiveAdmin — designed for extensibility.
|
|
84
84
|
email:
|
|
@@ -172,8 +172,7 @@ files:
|
|
|
172
172
|
- config/locales/en.yml
|
|
173
173
|
- config/locales/seo.en.yml
|
|
174
174
|
- config/routes.rb
|
|
175
|
-
- db/migrate/
|
|
176
|
-
- db/migrate/20260214000001_add_otp_fields_to_rsb_admin_admin_users.rb
|
|
175
|
+
- db/migrate/20260216300001_create_rsb_admin_tables.rb
|
|
177
176
|
- lib/generators/rsb/admin/install/install_generator.rb
|
|
178
177
|
- lib/generators/rsb/admin/install/templates/rsb_admin_seeds.rb
|
|
179
178
|
- lib/generators/rsb/admin/theme/templates/theme.css.tt
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
class AddOtpFieldsToRSBAdminAdminUsers < ActiveRecord::Migration[8.0]
|
|
4
|
-
def change
|
|
5
|
-
add_column :rsb_admin_admin_users, :otp_secret, :string
|
|
6
|
-
add_column :rsb_admin_admin_users, :otp_required, :boolean, null: false, default: false
|
|
7
|
-
add_column :rsb_admin_admin_users, :otp_backup_codes, :text
|
|
8
|
-
end
|
|
9
|
-
end
|