RubyGems - sudo_rails - Versions diffs - 0.1.0 → 0.2.0 - Mend

sudo_rails 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/README.md +54 -7
data/app/assets/stylesheets/sudo_rails/application.scss +6 -7
data/app/controllers/sudo_rails/application_controller.rb +1 -6
data/app/views/layouts/sudo_rails/application.html.erb +1 -1
data/app/views/sudo_rails/confirm_form.html.erb +5 -6
data/config/locales/en.yml +9 -0
data/lib/sudo_rails/controller_ext.rb +1 -1
data/lib/sudo_rails/integrations/clearance.rb +7 -0
data/lib/sudo_rails/integrations/devise.rb +8 -0
data/lib/sudo_rails/version.rb +1 -1
data/lib/sudo_rails.rb +17 -11
metadata +5 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 638291947f7e86c97efc387c94903a011517acb4782ce38e82203086ebd2435c
-  data.tar.gz: 48ccb8a2114553330cab7e3fbe31e6ff36edb8a9ff1e8a709b549354cf9e6501
+  metadata.gz: 4b5f63db43fde756597153993a5ec14de3a2391e048fc221fc8630ca440d1688
+  data.tar.gz: 5be8d33df45adc1f9314555cbb65090cac0a0f8cc25a5fe5c114a67b31b84256
 SHA512:
-  metadata.gz: a8ea7742c4449d1389c7f1c392f274ea371d14d6890dfcb3bb010c766e4d9d625a011314a41f1b1e04017c3ecb8f635582cef2e7907406f47a84533d5b27dc65
-  data.tar.gz: 6c76d8fdc1c1ddda5376bd4cc466719ef386e1fdd349ed8e1a1f5d5aae94115374c67b5c3d276bf520cede3fc5b14cd4b3a3fd763413b7d818d3815d478ffe5e
+  metadata.gz: 7a36cf5217082dc574ebebd6bca0d8ee98bd2576db780ca19fe94af6be9bf421d077687756ae0539a16dfefe9ac58388d7c03832c48a0abc0b0b34954180c1af
+  data.tar.gz: 14ab4140a84df2017818dd98cdc405d77d388becf5a65a8b633a61390ca37dc0f8029add4f1bf86de153e1869c7b8efa54619d0ba9f8012f9493ecb72130ec75

data/README.md CHANGED Viewed

@@ -5,7 +5,7 @@
 > Sudo mode for your Rails controllers
-Protect :lock: any Rails action with a customizable password confirmation strategy.
+:lock: Protect any Rails action with a customizable password confirmation strategy.
 ```ruby
 class SecretController < ApplicationController
@@ -13,7 +13,7 @@ class SecretController < ApplicationController
 end
 ```
-*Inspired by Unix `sudo` command and [GitHub Sudo mode](https://help.github.com/en/articles/sudo-mode).*
+*Inspired by [Unix `sudo` command](https://en.wikipedia.org/wiki/Sudo) and [GitHub Sudo mode](https://help.github.com/en/articles/sudo-mode).*
 ## Installation
@@ -35,24 +35,71 @@ end
 ### Configuration
-You can use the `setup` method to customize different things:
+You can use the `setup` method to configure and customize different things:
 ```ruby
 # config/initializers/sudo_rails.rb
 SudoRails.setup do |config|
+  # On/off engine
   config.enabled = true
-  config.sudo_session_time = 20.minutes # default is 1 hour
-  config.layout = 'admin'
+  # Sudo mode sessions duration, default is 1 hour
+  config.sudo_session_duration = 20.minutes
+  # Default confirmation page styles
   config.custom_logo = 'logos/medium_dark.png'
   config.primary_color = '#1A7191'
-  config.reset_pass_link = '/users/password/new'
-  config.confirm_with = -> (context, password) {
+  config.layout = 'admin'
+  # Confirmation strategy
+  config.confirm_strategy = -> (context, password) {
     user = context.current_user
     user.valid_password?(password)
   }
+  config.reset_pass_link = '/users/password/new'
 end
 ```
+### Styling
+Using the `custom_logo` and `primary_color` options, you can customize the confirmation page. In case you want full control of the styles, you can use your own layout (and consequently your own styles too) using the `layout` option.
+### Confirmation strategy
+You should define how to validate the password using the `confirm_strategy` option. It must be a `lambda`, which will receive 2 arguments: the controller instance (`context`) and the password from the user.
+By default, the gem ships with `Devise` and `Clearance` integration.
+Implementation examples:
+```ruby
+# Devise implementation
+config.confirm_strategy = -> (context, password) {
+  user = context.current_user
+  user.valid_password?(password)
+}
+# has_secure_password implementation
+config.confirm_strategy = -> (context, password) {
+  user = context.current_user
+  user.authenticate(password)
+}
+# Other custom implementation
+config.confirm_strategy = -> (context, password) {
+  user = context.current_user
+  user.admin? && password == ENV['SUPER_SECRET_PASSWORD']
+}
+config.confirm_strategy = -> (context, password) {
+  Auth.call(context.current_user.email, password)
+}
+```
+### I18n
+`sudo_rails` uses I18n by default. Take a look at our [locale file](config/locales/en.yml) to check all available messages.
 ## Development
 Any kind of feedback, bug report, idea or enhancement are really appreciated.

data/app/assets/stylesheets/sudo_rails/application.scss CHANGED Viewed

@@ -1,8 +1,7 @@
 body {
   text-align: center;
-  font-size: 22px;
   font-family: Helvetica, Arial, sans-serif;
-  background-color: #f9f9f9;
+  background-color: #ececec;
   transform: translateY(20%);
 }
@@ -17,31 +16,31 @@ body {
 .sudo-form {
   background-color: #fff;
   border-radius: 5px;
-  border: 1px solid #d8dee2;
-  font-size: 14px;
   padding: 20px;
   margin: 10px auto;
   width: 340px;
+  box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.1), 0 6px 20px 0 rgba(0, 0, 0, 0.1);
   input {
     display: block;
     width: 100%;
     font-size: 16px;
     line-height: 30px;
-    padding: 4px;
+    padding: 2px;
     border-radius: 5px;
-    border: 1px solid #d8dee2;
+    border: 1px solid #ececec;
   }
   input[type="submit"] {
     margin: 20px auto;
     width: 60%;
     padding: 4px;
-    background-color: #d8dee2;
+    background-color: #ececec;
     border-radius: 25px;
   }
 }
 .sudo-tip {
+  margin-top: 20px;
   font-size: 14px;
 }

data/app/controllers/sudo_rails/application_controller.rb CHANGED Viewed

@@ -3,7 +3,7 @@ module SudoRails
     before_action :sudo_enabled?
     def confirm
-      if request.post? && confirm_sudo?
+      if request.post? && SudoRails.confirm?(self, params[:password])
         session[:sudo_rails_session] = Time.zone.now
         redirect_to params[:target_path]
       else
@@ -16,10 +16,5 @@ module SudoRails
     def sudo_enabled?
       SudoRails.enabled || head(404, message: "SudoRails disabled")
     end
-    def confirm_sudo?
-      block = SudoRails.confirm_with
-      block.call(self, params[:password])
-    end
   end
 end

data/app/views/layouts/sudo_rails/application.html.erb CHANGED Viewed

@@ -3,7 +3,7 @@
 <head>
   <%= csrf_meta_tags %>
   <%= stylesheet_link_tag "sudo_rails/application", media: "all" %>
-  <%= render 'sudo_rails/inject_custom_styles' if SudoRails.primary_color %>
+  <%= render 'sudo_rails/inject_custom_styles' if SudoRails.custom_styles? %>
 </head>
 <body>
   <%= yield %>

data/app/views/sudo_rails/confirm_form.html.erb CHANGED Viewed

@@ -3,22 +3,21 @@
     <%= image_tag SudoRails.custom_logo %>
   <% end %>
-  <h3>Confirm password to continue</h3>
+  <h2><%= t('sudo_rails.page_header') %></h2>
 </header>
 <div class='sudo-form'>
   <%= form_tag '/sudo_rails/confirm' do |f| %>
     <%= hidden_field_tag :target_path, params[:target_path] || request.url %>
-    <%= password_field_tag :password, nil, required: true, placeholder: 'Password' %>
-    <%= submit_tag 'Confirm password' %>
+    <%= password_field_tag :password, nil, required: true, placeholder: t('sudo_rails.password') %>
+    <%= submit_tag t('sudo_rails.button') %>
   <% end %>
   <% if SudoRails.reset_pass_link %>
-    <%= link_to 'Forgot your password?', SudoRails.reset_pass_link, target: '_blank' %>
+    <%= link_to t('sudo_rails.forgot_pass'), SudoRails.reset_pass_link, target: '_blank' %>
   <% end %>
 </div>
 <div class='sudo-tip'>
-  You are entering <b>sudo mode</b>.<br>
-  We won’t ask for your password again for <i><%= time_ago_in_words(SudoRails.sudo_session_time.ago) %></i>.
+  <%= t('sudo_rails.tip', session_duration: time_ago_in_words(SudoRails.sudo_session_duration.ago)).html_safe %>
 </div>

data/config/locales/en.yml ADDED Viewed

@@ -0,0 +1,9 @@
+en:
+  sudo_rails:
+    page_header: Confirm password to continue
+    button: Confirm password
+    password: Password
+    forgot_pass: Forgot your password?
+    tip: |-
+      You are entering <b>sudo mode</b>.<br>
+      We won’t ask for your password again for <i>%{session_duration}</i>.

data/lib/sudo_rails/controller_ext.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module SudoRails
     def self.valid_sudo_session?(started_at)
       return false unless started_at
-      Time.parse(started_at) + SudoRails.sudo_session_time > Time.zone.now
+      Time.parse(started_at) + SudoRails.sudo_session_duration > Time.zone.now
     end
   end
 end

data/lib/sudo_rails/integrations/clearance.rb ADDED Viewed

@@ -0,0 +1,7 @@
+SudoRails.setup do |config|
+  config.confirm_strategy = -> (context, password) {
+    user = context.current_user
+    user.authenticated?(password)
+  }
+  config.reset_pass_link = "/passwords/new"
+end

data/lib/sudo_rails/integrations/devise.rb ADDED Viewed

@@ -0,0 +1,8 @@
+SudoRails.setup do |config|
+  config.confirm_strategy = -> (context, password) {
+    user = context.current_user
+    user.valid_password?(password)
+  }
+  config.reset_pass_link = "/users/password/new"
+end

data/lib/sudo_rails/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SudoRails
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/lib/sudo_rails.rb CHANGED Viewed

@@ -8,8 +8,8 @@ module SudoRails
                   :layout,
                   :custom_logo,
                   :primary_color,
-                  :confirm_with,
-                  :sudo_session_time,
+                  :confirm_strategy,
+                  :sudo_session_duration,
                   :reset_pass_link
     def setup
@@ -19,16 +19,22 @@ module SudoRails
     def get_layout
       layout || 'sudo_rails/application'
     end
+    def custom_styles?
+      primary_color.present?
+    end
+    def confirm?(context, password)
+      strategy = confirm_strategy
+      raise(ArgumentError, 'Please, provide an strategy via SudoRails.confirm_strategy') unless strategy
+      strategy.call(context, password)
+    end
   end
   self.enabled = true
-  self.sudo_session_time = 1.hour
-  if defined?(Devise)
-    self.confirm_with = -> (context, password) {
-      user = context.current_user
-      user.valid_password?(password)
-    }
-    self.reset_pass_link = "/users/password/new"
-  end
+  self.sudo_session_duration = 1.hour
 end
+require 'sudo_rails/integrations/devise'    if defined?(Devise)
+require 'sudo_rails/integrations/clearance' if defined?(Clearance)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sudo_rails
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - markets
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-05-01 00:00:00.000000000 Z
+date: 2019-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -67,9 +67,12 @@ files:
 - app/views/layouts/sudo_rails/application.html.erb
 - app/views/sudo_rails/_inject_custom_styles.html.erb
 - app/views/sudo_rails/confirm_form.html.erb
+- config/locales/en.yml
 - lib/sudo_rails.rb
 - lib/sudo_rails/controller_ext.rb
 - lib/sudo_rails/engine.rb
+- lib/sudo_rails/integrations/clearance.rb
+- lib/sudo_rails/integrations/devise.rb
 - lib/sudo_rails/version.rb
 homepage: https://github.com/markets/sudo_rails
 licenses: