shamu 0.0.19 → 0.0.20
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/shamu/attributes.rb +2 -0
- data/lib/shamu/attributes/equality.rb +4 -4
- data/lib/shamu/auditing/logging_auditing_service.rb +11 -0
- data/lib/shamu/entities/entity.rb +1 -0
- data/lib/shamu/features/features_service.rb +4 -0
- data/lib/shamu/rails/controller.rb +14 -11
- data/lib/shamu/security/policy.rb +8 -1
- data/lib/shamu/security/roles.rb +6 -1
- data/lib/shamu/security/roles_service.rb +4 -2
- data/lib/shamu/services/error.rb +3 -1
- data/lib/shamu/services/service.rb +0 -12
- data/lib/shamu/version.rb +1 -1
- data/spec/lib/shamu/attributes/equality_spec.rb +2 -2
- data/spec/lib/shamu/rails/controller_spec.rb +1 -1
- data/spec/lib/shamu/security/roles_spec.rb +5 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 984152520f292cc5454b58d1a2622cb4baa4b22c
|
|
4
|
+
data.tar.gz: 82fbc5924edd73df6e0111e9ad6a1f13226d1774
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1be5f5704edb9aee60b15c57379efb7c736179c54dc9fe4b4463ed1323ed31ccafe2a4311205a358071f5a34b14409897c73ad4760eda7970882091ae49395b5
|
|
7
|
+
data.tar.gz: 821a2d3666993ccf08ca3cbfb71292368ccf8153d719c1d9edfbbf514005c3769d94724a8d5e023be8859c70ed365db636127c5b0f7c004fca2da5750150c70b
|
data/Gemfile.lock
CHANGED
data/lib/shamu/attributes.rb
CHANGED
|
@@ -4,8 +4,8 @@ module Shamu
|
|
|
4
4
|
# Override equality methods to support shallow comparison of attribute
|
|
5
5
|
# values for equality.
|
|
6
6
|
#
|
|
7
|
-
# Add `
|
|
8
|
-
# shouldn't be included in
|
|
7
|
+
# Add `ignore_equality: true` to any {Attributes::DSL#attribute} that
|
|
8
|
+
# shouldn't be included in equality comparisons.
|
|
9
9
|
module Equality
|
|
10
10
|
|
|
11
11
|
# @param [Attributes] other object to compare with.
|
|
@@ -30,11 +30,11 @@ module Shamu
|
|
|
30
30
|
# attributes are all `eql?` to each other.
|
|
31
31
|
def attributes_eql?( other )
|
|
32
32
|
self.class.attributes.all? do |key, attr|
|
|
33
|
-
next true if attr[:
|
|
33
|
+
next true if attr[:ignore_equality]
|
|
34
34
|
send( key ).eql?( other.send( key ) )
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
|
-
end
|
|
40
|
+
end
|
|
@@ -4,6 +4,17 @@ module Shamu
|
|
|
4
4
|
# Writes audit logs to the {Shamu::Logger}.
|
|
5
5
|
class LoggingAuditingService < AuditingService
|
|
6
6
|
|
|
7
|
+
# ============================================================================
|
|
8
|
+
# @!group Dependencies
|
|
9
|
+
#
|
|
10
|
+
|
|
11
|
+
# @!attribute
|
|
12
|
+
# @return [Shamu::Logger]
|
|
13
|
+
attr_dependency :logger, Shamu::Logger
|
|
14
|
+
|
|
15
|
+
#
|
|
16
|
+
# @!endgroup Dependencies
|
|
17
|
+
|
|
7
18
|
# Records an auditable event in persistent storage.
|
|
8
19
|
# @param [Transaction] transaction
|
|
9
20
|
# @return [AuditRecord] the persisted record.
|
|
@@ -33,6 +33,10 @@ module Shamu
|
|
|
33
33
|
# Read-only access to Rack and host ENV toggle overrides.
|
|
34
34
|
attr_dependency :env_store, Shamu::Features::EnvStore
|
|
35
35
|
|
|
36
|
+
# @!attribute
|
|
37
|
+
# @return [Shamu::Logger]
|
|
38
|
+
attr_dependency :logger, Shamu::Logger
|
|
39
|
+
|
|
36
40
|
#
|
|
37
41
|
# @!endgroup Dependencies
|
|
38
42
|
|
|
@@ -21,12 +21,24 @@ module Shamu
|
|
|
21
21
|
helper_method :permit?
|
|
22
22
|
helper_method :current_user
|
|
23
23
|
end
|
|
24
|
+
|
|
25
|
+
# In `included` block so that it overrides Scorpion controller method.
|
|
26
|
+
|
|
27
|
+
def prepare_scorpion( scorpion )
|
|
28
|
+
super
|
|
29
|
+
|
|
30
|
+
scorpion.prepare do |s|
|
|
31
|
+
s.hunt_for Shamu::Security::Principal do
|
|
32
|
+
security_principal
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
24
36
|
end
|
|
25
37
|
|
|
26
38
|
private
|
|
27
39
|
|
|
28
40
|
# The currently logged in user. Must respond to #id when logged in.
|
|
29
|
-
def
|
|
41
|
+
def current_user_id
|
|
30
42
|
end
|
|
31
43
|
|
|
32
44
|
# @!visibility public
|
|
@@ -67,7 +79,7 @@ module Shamu
|
|
|
67
79
|
def security_principal
|
|
68
80
|
@security_principal ||= begin
|
|
69
81
|
Shamu::Security::Principal.new \
|
|
70
|
-
user_id:
|
|
82
|
+
user_id: current_user_id,
|
|
71
83
|
remote_ip: remote_ip,
|
|
72
84
|
elevated: session_elevated?
|
|
73
85
|
end
|
|
@@ -89,15 +101,6 @@ module Shamu
|
|
|
89
101
|
def session_elevated?
|
|
90
102
|
end
|
|
91
103
|
|
|
92
|
-
def prepare_scorpion( scorpion )
|
|
93
|
-
super
|
|
94
|
-
|
|
95
|
-
scorpion.prepare do |s|
|
|
96
|
-
s.hunt_for Shamu::Security::Principal do
|
|
97
|
-
security_principal
|
|
98
|
-
end
|
|
99
|
-
end
|
|
100
|
-
end
|
|
101
104
|
|
|
102
105
|
class_methods do
|
|
103
106
|
|
|
@@ -115,7 +115,14 @@ module Shamu
|
|
|
115
115
|
|
|
116
116
|
# Mapping of action names to aliases.
|
|
117
117
|
def aliases
|
|
118
|
-
@aliases ||=
|
|
118
|
+
@aliases ||= default_aliases
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
def default_aliases
|
|
122
|
+
{
|
|
123
|
+
view: [ :read, :list ],
|
|
124
|
+
change: [ :create, :update, :destroy ]
|
|
125
|
+
}
|
|
119
126
|
end
|
|
120
127
|
|
|
121
128
|
# @!visibility public
|
data/lib/shamu/security/roles.rb
CHANGED
|
@@ -38,12 +38,17 @@ module Shamu
|
|
|
38
38
|
|
|
39
39
|
private
|
|
40
40
|
|
|
41
|
-
def expand_roles_into( roles, expanded )
|
|
41
|
+
def expand_roles_into( roles, expanded ) # rubocop:disable Metrics/MethodLength
|
|
42
42
|
raise "No roles defined for #{ name }" unless self.roles.present?
|
|
43
43
|
|
|
44
44
|
roles.each do |name|
|
|
45
45
|
name = name.to_sym
|
|
46
46
|
|
|
47
|
+
if name == :all
|
|
48
|
+
expanded.merge( self.roles.keys )
|
|
49
|
+
next
|
|
50
|
+
end
|
|
51
|
+
|
|
47
52
|
next unless role = self.roles[ name ]
|
|
48
53
|
expanded << name
|
|
49
54
|
|
|
@@ -11,8 +11,10 @@ module Shamu
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
# @param [Principal] principal of the currently logged in user.
|
|
14
|
+
# @param [Boolean] reload to reload the roles from storage and bypass any
|
|
15
|
+
# caching.
|
|
14
16
|
# @return [Array<Symbol>] the roles granted to the principal.
|
|
15
|
-
def roles_for( principal )
|
|
17
|
+
def roles_for( principal, reload: false )
|
|
16
18
|
[]
|
|
17
19
|
end
|
|
18
20
|
|
|
@@ -27,4 +29,4 @@ module Shamu
|
|
|
27
29
|
end
|
|
28
30
|
end
|
|
29
31
|
end
|
|
30
|
-
end
|
|
32
|
+
end
|
data/lib/shamu/services/error.rb
CHANGED
|
@@ -23,11 +23,13 @@ module Shamu
|
|
|
23
23
|
|
|
24
24
|
class ServiceRequestFailedError < Error
|
|
25
25
|
attr_reader :result
|
|
26
|
+
attr_reader :full_messages
|
|
26
27
|
|
|
27
28
|
def initialize( result )
|
|
28
29
|
@result = result
|
|
30
|
+
@full_messages = result.errors.full_messages.join( ", " )
|
|
29
31
|
|
|
30
|
-
super translate( :service_request_failed, errors:
|
|
32
|
+
super translate( :service_request_failed, errors: @full_messages )
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
35
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
require "scorpion"
|
|
2
|
-
require "shamu/logger"
|
|
3
2
|
|
|
4
3
|
module Shamu
|
|
5
4
|
module Services
|
|
@@ -62,17 +61,6 @@ module Shamu
|
|
|
62
61
|
# Support dependency injection for related services.
|
|
63
62
|
include Scorpion::Object
|
|
64
63
|
|
|
65
|
-
# ============================================================================
|
|
66
|
-
# @!group Dependencies
|
|
67
|
-
#
|
|
68
|
-
|
|
69
|
-
# @!attribute
|
|
70
|
-
# @return [Shamu::Logger] the IO to dump logging info to.
|
|
71
|
-
attr_dependency :logger, Shamu::Logger
|
|
72
|
-
|
|
73
|
-
#
|
|
74
|
-
# @!endgroup Dependencies
|
|
75
|
-
|
|
76
64
|
initialize do
|
|
77
65
|
end
|
|
78
66
|
|
data/lib/shamu/version.rb
CHANGED
|
@@ -8,7 +8,7 @@ describe Shamu::Attributes::Equality do
|
|
|
8
8
|
include Shamu::Attributes::Equality
|
|
9
9
|
|
|
10
10
|
attribute :name
|
|
11
|
-
attribute :random,
|
|
11
|
+
attribute :random, ignore_equality: true
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -60,4 +60,4 @@ describe Shamu::Attributes::Equality do
|
|
|
60
60
|
|
|
61
61
|
expect( v1 ).to eq v2
|
|
62
62
|
end
|
|
63
|
-
end
|
|
63
|
+
end
|
|
@@ -43,7 +43,7 @@ describe Shamu::Rails::Controller, type: :controller do
|
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
it "gets security context from current_user" do
|
|
46
|
-
expect( controller ).to receive( :
|
|
46
|
+
expect( controller ).to receive( :current_user_id ).at_least( :once ).and_return( 945 )
|
|
47
47
|
|
|
48
48
|
expect( controller ).to receive( :show ) do
|
|
49
49
|
expect( scorpion.fetch( Shamu::Security::Principal ).user_id ).to eq 945
|
|
@@ -26,6 +26,10 @@ describe Shamu::Security::Roles do
|
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
+
it "returns all roles for :all" do
|
|
30
|
+
expect( klass.expand_roles( :all ) ).to eq [ :admin, :manager, :user ]
|
|
31
|
+
end
|
|
32
|
+
|
|
29
33
|
it "includes base roles" do
|
|
30
34
|
expect( klass.expand_roles( :user ) ).to include :user
|
|
31
35
|
end
|
|
@@ -43,4 +47,4 @@ describe Shamu::Security::Roles do
|
|
|
43
47
|
expect( klass.expand_roles( :admin ) ).to include :user
|
|
44
48
|
end
|
|
45
49
|
end
|
|
46
|
-
end
|
|
50
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shamu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Paul Alexander
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-06-
|
|
11
|
+
date: 2017-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activemodel
|