shamu 0.0.19 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/shamu/attributes.rb +2 -0
- data/lib/shamu/attributes/equality.rb +4 -4
- data/lib/shamu/auditing/logging_auditing_service.rb +11 -0
- data/lib/shamu/entities/entity.rb +1 -0
- data/lib/shamu/features/features_service.rb +4 -0
- data/lib/shamu/rails/controller.rb +14 -11
- data/lib/shamu/security/policy.rb +8 -1
- data/lib/shamu/security/roles.rb +6 -1
- data/lib/shamu/security/roles_service.rb +4 -2
- data/lib/shamu/services/error.rb +3 -1
- data/lib/shamu/services/service.rb +0 -12
- data/lib/shamu/version.rb +1 -1
- data/spec/lib/shamu/attributes/equality_spec.rb +2 -2
- data/spec/lib/shamu/rails/controller_spec.rb +1 -1
- data/spec/lib/shamu/security/roles_spec.rb +5 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 984152520f292cc5454b58d1a2622cb4baa4b22c
|
|
4
|
+
data.tar.gz: 82fbc5924edd73df6e0111e9ad6a1f13226d1774
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1be5f5704edb9aee60b15c57379efb7c736179c54dc9fe4b4463ed1323ed31ccafe2a4311205a358071f5a34b14409897c73ad4760eda7970882091ae49395b5
|
|
7
|
+
data.tar.gz: 821a2d3666993ccf08ca3cbfb71292368ccf8153d719c1d9edfbbf514005c3769d94724a8d5e023be8859c70ed365db636127c5b0f7c004fca2da5750150c70b
|
data/Gemfile.lock
CHANGED
data/lib/shamu/attributes.rb
CHANGED
|
@@ -4,8 +4,8 @@ module Shamu
|
|
|
4
4
|
# Override equality methods to support shallow comparison of attribute
|
|
5
5
|
# values for equality.
|
|
6
6
|
#
|
|
7
|
-
# Add `
|
|
8
|
-
# shouldn't be included in
|
|
7
|
+
# Add `ignore_equality: true` to any {Attributes::DSL#attribute} that
|
|
8
|
+
# shouldn't be included in equality comparisons.
|
|
9
9
|
module Equality
|
|
10
10
|
|
|
11
11
|
# @param [Attributes] other object to compare with.
|
|
@@ -30,11 +30,11 @@ module Shamu
|
|
|
30
30
|
# attributes are all `eql?` to each other.
|
|
31
31
|
def attributes_eql?( other )
|
|
32
32
|
self.class.attributes.all? do |key, attr|
|
|
33
|
-
next true if attr[:
|
|
33
|
+
next true if attr[:ignore_equality]
|
|
34
34
|
send( key ).eql?( other.send( key ) )
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
|
-
end
|
|
40
|
+
end
|
|
@@ -4,6 +4,17 @@ module Shamu
|
|
|
4
4
|
# Writes audit logs to the {Shamu::Logger}.
|
|
5
5
|
class LoggingAuditingService < AuditingService
|
|
6
6
|
|
|
7
|
+
# ============================================================================
|
|
8
|
+
# @!group Dependencies
|
|
9
|
+
#
|
|
10
|
+
|
|
11
|
+
# @!attribute
|
|
12
|
+
# @return [Shamu::Logger]
|
|
13
|
+
attr_dependency :logger, Shamu::Logger
|
|
14
|
+
|
|
15
|
+
#
|
|
16
|
+
# @!endgroup Dependencies
|
|
17
|
+
|
|
7
18
|
# Records an auditable event in persistent storage.
|
|
8
19
|
# @param [Transaction] transaction
|
|
9
20
|
# @return [AuditRecord] the persisted record.
|
|
@@ -33,6 +33,10 @@ module Shamu
|
|
|
33
33
|
# Read-only access to Rack and host ENV toggle overrides.
|
|
34
34
|
attr_dependency :env_store, Shamu::Features::EnvStore
|
|
35
35
|
|
|
36
|
+
# @!attribute
|
|
37
|
+
# @return [Shamu::Logger]
|
|
38
|
+
attr_dependency :logger, Shamu::Logger
|
|
39
|
+
|
|
36
40
|
#
|
|
37
41
|
# @!endgroup Dependencies
|
|
38
42
|
|
|
@@ -21,12 +21,24 @@ module Shamu
|
|
|
21
21
|
helper_method :permit?
|
|
22
22
|
helper_method :current_user
|
|
23
23
|
end
|
|
24
|
+
|
|
25
|
+
# In `included` block so that it overrides Scorpion controller method.
|
|
26
|
+
|
|
27
|
+
def prepare_scorpion( scorpion )
|
|
28
|
+
super
|
|
29
|
+
|
|
30
|
+
scorpion.prepare do |s|
|
|
31
|
+
s.hunt_for Shamu::Security::Principal do
|
|
32
|
+
security_principal
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
24
36
|
end
|
|
25
37
|
|
|
26
38
|
private
|
|
27
39
|
|
|
28
40
|
# The currently logged in user. Must respond to #id when logged in.
|
|
29
|
-
def
|
|
41
|
+
def current_user_id
|
|
30
42
|
end
|
|
31
43
|
|
|
32
44
|
# @!visibility public
|
|
@@ -67,7 +79,7 @@ module Shamu
|
|
|
67
79
|
def security_principal
|
|
68
80
|
@security_principal ||= begin
|
|
69
81
|
Shamu::Security::Principal.new \
|
|
70
|
-
user_id:
|
|
82
|
+
user_id: current_user_id,
|
|
71
83
|
remote_ip: remote_ip,
|
|
72
84
|
elevated: session_elevated?
|
|
73
85
|
end
|
|
@@ -89,15 +101,6 @@ module Shamu
|
|
|
89
101
|
def session_elevated?
|
|
90
102
|
end
|
|
91
103
|
|
|
92
|
-
def prepare_scorpion( scorpion )
|
|
93
|
-
super
|
|
94
|
-
|
|
95
|
-
scorpion.prepare do |s|
|
|
96
|
-
s.hunt_for Shamu::Security::Principal do
|
|
97
|
-
security_principal
|
|
98
|
-
end
|
|
99
|
-
end
|
|
100
|
-
end
|
|
101
104
|
|
|
102
105
|
class_methods do
|
|
103
106
|
|
|
@@ -115,7 +115,14 @@ module Shamu
|
|
|
115
115
|
|
|
116
116
|
# Mapping of action names to aliases.
|
|
117
117
|
def aliases
|
|
118
|
-
@aliases ||=
|
|
118
|
+
@aliases ||= default_aliases
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
def default_aliases
|
|
122
|
+
{
|
|
123
|
+
view: [ :read, :list ],
|
|
124
|
+
change: [ :create, :update, :destroy ]
|
|
125
|
+
}
|
|
119
126
|
end
|
|
120
127
|
|
|
121
128
|
# @!visibility public
|
data/lib/shamu/security/roles.rb
CHANGED
|
@@ -38,12 +38,17 @@ module Shamu
|
|
|
38
38
|
|
|
39
39
|
private
|
|
40
40
|
|
|
41
|
-
def expand_roles_into( roles, expanded )
|
|
41
|
+
def expand_roles_into( roles, expanded ) # rubocop:disable Metrics/MethodLength
|
|
42
42
|
raise "No roles defined for #{ name }" unless self.roles.present?
|
|
43
43
|
|
|
44
44
|
roles.each do |name|
|
|
45
45
|
name = name.to_sym
|
|
46
46
|
|
|
47
|
+
if name == :all
|
|
48
|
+
expanded.merge( self.roles.keys )
|
|
49
|
+
next
|
|
50
|
+
end
|
|
51
|
+
|
|
47
52
|
next unless role = self.roles[ name ]
|
|
48
53
|
expanded << name
|
|
49
54
|
|
|
@@ -11,8 +11,10 @@ module Shamu
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
# @param [Principal] principal of the currently logged in user.
|
|
14
|
+
# @param [Boolean] reload to reload the roles from storage and bypass any
|
|
15
|
+
# caching.
|
|
14
16
|
# @return [Array<Symbol>] the roles granted to the principal.
|
|
15
|
-
def roles_for( principal )
|
|
17
|
+
def roles_for( principal, reload: false )
|
|
16
18
|
[]
|
|
17
19
|
end
|
|
18
20
|
|
|
@@ -27,4 +29,4 @@ module Shamu
|
|
|
27
29
|
end
|
|
28
30
|
end
|
|
29
31
|
end
|
|
30
|
-
end
|
|
32
|
+
end
|
data/lib/shamu/services/error.rb
CHANGED
|
@@ -23,11 +23,13 @@ module Shamu
|
|
|
23
23
|
|
|
24
24
|
class ServiceRequestFailedError < Error
|
|
25
25
|
attr_reader :result
|
|
26
|
+
attr_reader :full_messages
|
|
26
27
|
|
|
27
28
|
def initialize( result )
|
|
28
29
|
@result = result
|
|
30
|
+
@full_messages = result.errors.full_messages.join( ", " )
|
|
29
31
|
|
|
30
|
-
super translate( :service_request_failed, errors:
|
|
32
|
+
super translate( :service_request_failed, errors: @full_messages )
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
35
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
require "scorpion"
|
|
2
|
-
require "shamu/logger"
|
|
3
2
|
|
|
4
3
|
module Shamu
|
|
5
4
|
module Services
|
|
@@ -62,17 +61,6 @@ module Shamu
|
|
|
62
61
|
# Support dependency injection for related services.
|
|
63
62
|
include Scorpion::Object
|
|
64
63
|
|
|
65
|
-
# ============================================================================
|
|
66
|
-
# @!group Dependencies
|
|
67
|
-
#
|
|
68
|
-
|
|
69
|
-
# @!attribute
|
|
70
|
-
# @return [Shamu::Logger] the IO to dump logging info to.
|
|
71
|
-
attr_dependency :logger, Shamu::Logger
|
|
72
|
-
|
|
73
|
-
#
|
|
74
|
-
# @!endgroup Dependencies
|
|
75
|
-
|
|
76
64
|
initialize do
|
|
77
65
|
end
|
|
78
66
|
|
data/lib/shamu/version.rb
CHANGED
|
@@ -8,7 +8,7 @@ describe Shamu::Attributes::Equality do
|
|
|
8
8
|
include Shamu::Attributes::Equality
|
|
9
9
|
|
|
10
10
|
attribute :name
|
|
11
|
-
attribute :random,
|
|
11
|
+
attribute :random, ignore_equality: true
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -60,4 +60,4 @@ describe Shamu::Attributes::Equality do
|
|
|
60
60
|
|
|
61
61
|
expect( v1 ).to eq v2
|
|
62
62
|
end
|
|
63
|
-
end
|
|
63
|
+
end
|
|
@@ -43,7 +43,7 @@ describe Shamu::Rails::Controller, type: :controller do
|
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
it "gets security context from current_user" do
|
|
46
|
-
expect( controller ).to receive( :
|
|
46
|
+
expect( controller ).to receive( :current_user_id ).at_least( :once ).and_return( 945 )
|
|
47
47
|
|
|
48
48
|
expect( controller ).to receive( :show ) do
|
|
49
49
|
expect( scorpion.fetch( Shamu::Security::Principal ).user_id ).to eq 945
|
|
@@ -26,6 +26,10 @@ describe Shamu::Security::Roles do
|
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
+
it "returns all roles for :all" do
|
|
30
|
+
expect( klass.expand_roles( :all ) ).to eq [ :admin, :manager, :user ]
|
|
31
|
+
end
|
|
32
|
+
|
|
29
33
|
it "includes base roles" do
|
|
30
34
|
expect( klass.expand_roles( :user ) ).to include :user
|
|
31
35
|
end
|
|
@@ -43,4 +47,4 @@ describe Shamu::Security::Roles do
|
|
|
43
47
|
expect( klass.expand_roles( :admin ) ).to include :user
|
|
44
48
|
end
|
|
45
49
|
end
|
|
46
|
-
end
|
|
50
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shamu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Paul Alexander
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-06-
|
|
11
|
+
date: 2017-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activemodel
|