RubyGems - sudo_rails - Versions diffs - 0.7.0 → 0.9.0 - Mend

sudo_rails 0.7.0 → 0.9.0

Files changed (13) hide show

checksums.yaml +4 -4
data/LICENSE +1 -1
data/README.md +61 -6
data/Rakefile +0 -5
data/app/controllers/sudo_rails/application_controller.rb +1 -1
data/app/views/sudo_rails/confirm_form.html.erb +1 -1
data/lib/generators/sudo_rails/config_generator.rb +35 -0
data/lib/generators/sudo_rails/view_generator.rb +7 -0
data/lib/sudo_rails/controller_ext.rb +2 -0
data/lib/sudo_rails/engine.rb +2 -2
data/lib/sudo_rails/version.rb +1 -1
data/lib/sudo_rails.rb +29 -1
metadata +10 -8

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9b83893c9eec976687c8c2025317dc0e3b0b3174cc128868a0d4cdb079c83bfc
-  data.tar.gz: cf24b4e05521fc40d24e31e061c5fc71efb0b63af7eacfcff0164d35d60ac0e4
+  metadata.gz: ef841eee5e065e49eef95c49c95313b4ca06085ad72a9d8823a57601a8d77dab
+  data.tar.gz: a63794f0c1285c3a90ce9241032c906543f5865656525f2f578c5a0931f948b3
 SHA512:
-  metadata.gz: 650c2237a64d202041e45f50b3831362af5077d5f1b35e56482d7c93326482c1b022896cd39a215e199c8a52aaf638db7db0b6a90bf7d5bbbb3e37dddf8e32fb
-  data.tar.gz: 25f83106ff3762ff132b442f186f2f82966595a82ee7390fef99a9b3a415b87a6cf882adadf14fb6e283a2f35c2b786673f0ff50bd8230cba7e329cff1bd803c
+  metadata.gz: f9468293ceac9777f6b7f79fc115e3822e6ebb2bb20a8b166f8f78f3c3fe719e3014333644a8e516697357c03d5694a2b0427f35b9b1db5b8b235ce9b764f309
+  data.tar.gz: 9eaed5ed8dc3674198512128b94e22cb9b5f9f7079ca384af2daca03de8aad7f13576a6f535626c106db5e67fed9a59570be3d392842caf722674236915f93f6

data/LICENSE CHANGED Viewed

@@ -1,4 +1,4 @@
-Copyright 2019-2020 Marc Anguera Insa @markets
+Copyright 2019 Marc Anguera Insa @markets
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
 # Sudo Rails
 [![Gem](https://img.shields.io/gem/v/sudo_rails.svg?style=flat-square)](https://rubygems.org/gems/sudo_rails)
-[![Build Status](https://travis-ci.com/markets/sudo_rails.svg?branch=master)](https://travis-ci.com/markets/sudo_rails)
+[![Build Status](https://github.com/markets/sudo_rails/workflows/CI/badge.svg)](https://github.com/markets/sudo_rails/actions)
 [![Maintainability](https://api.codeclimate.com/v1/badges/322350adc7ab052beccb/maintainability)](https://codeclimate.com/github/markets/sudo_rails/maintainability)
 > Sudo mode for your Rails controllers
@@ -16,6 +16,8 @@ end
 *Inspired by [Unix `sudo` command](https://en.wikipedia.org/wiki/Sudo) and [GitHub Sudo mode](https://help.github.com/en/articles/sudo-mode).*
+![](support/images/cover.png)
 ## Installation
 Add this line to your Gemfile and then execute `bundle install`:
@@ -68,9 +70,23 @@ SudoRails.setup do |config|
   # Reset password link
   config.reset_pass_link = '/users/password/new'
+  # Subscribe to different events
+  config.callbacks = {
+    invalid_sudo_session: -> (context) {
+      user = context.current_user
+      AuthService.send_code(user)
+    },
+    invalid_confirmation: -> (context) {
+      user = context.current_user
+      Rails.logger.warn("[SUDO_RAILS] invalid password for #{user.email}")
+    }
+  }
 end
 ```
+Use the provided `sudo_rails:config` generator to create a default config file under your *initializers* folder.
 ### Sudo sessions
 Using the `sudo_session_duration` option you are able to configure the `sudo` session duration (30 minutes by default).
@@ -81,9 +97,11 @@ If you set it to `nil`, your `sudo` session won't expire automatically and you w
 Using the `custom_logo`, `primary_color` and `background_color` options, you can customize the confirmation page. In case you want full control of the styles, you can use your own layout (and consequently your own styles too) using the `layout` option.
-See some :camera: [examples here](support/images/).
+See some :camera: [examples here](support/images/examples/).
-**NOTE** If you are using your own layout, don't forget to render the flash messages in that layout. You can do something like [this](app/views/sudo_rails/_flash_alert.html.erb).
+> ℹ️ If you are using your own layout, don't forget to render the flash messages in that layout. You can do something [like this](app/views/sudo_rails/_flash_alert.html.erb).
+You can also override the view by calling the `sudo_rails:view` generator. This will create a copy of the view file at `app/views/sudo_rails/confirm_form.html.erb` which can be later modified as per your requirements.
 ### Confirmation strategy
@@ -91,6 +109,8 @@ You should define how to validate the password using the `confirm_strategy` opti
 By default, the gem ships with `Devise` and `Clearance` integration. Check it [here](lib/sudo_rails/integrations/).
+> ℹ️ In order to autoload `Devise` or `Clearance` strategy properly, you should place the `sudo_rails` gem after them in the Gemfile.
 Implementation examples:
 ```ruby
@@ -106,14 +126,49 @@ config.confirm_strategy = -> (context, password) {
   user.authenticate(password)
 }
-# Other custom implementations
+# Another example, using ENV vars
 config.confirm_strategy = -> (context, password) {
   user = context.current_user
   user.admin? && password == ENV['SUPER_SECRET_PASSWORD']
 }
+```
-config.confirm_strategy = -> (context, password) {
-  Auth.call(context.current_user.email, password)
+### Callbacks
+You can subscribe to different lifecycle events via the `callbacks` option. Each callback must be a `lambda`, which will receive 1 argument, the controller instance (`context`).
+You can subscribe to the following events:
+- `:invalid_sudo_session`: fired when the confirmation page is rendered, because there is no valid sudo session. Be careful! If the page is re-submitted or the password is invalid, the confirmation page will be rendered again and this event will be fired again too.
+- `:new_sudo_session`: fired when a new sudo session is started.
+- `:invalid_confirmation`: fired when an invalid password is submitted.
+This can be really useful for example for instrumentation or logging:
+```ruby
+config.callbacks = {
+  invalid_confirmation: -> (context) {
+    user = context.current_user
+    request = context.request
+    Rails.logger.warn("[SUDO_RAILS] Invalid verification: #{user.email} - #{request.remote_ip}")
+  }
+}
+```
+Or you can even implement custom workflows along with the `confirm_strategy` option. Like for example, using your 2FA system instead of the session password:
+```ruby
+config.callbacks = {
+  invalid_sudo_session: -> (context) {
+    user = context.current_user
+    AuthService.send_code(user)
+  }
+}
+config.confirm_strategy = -> (context, code) {
+  user = context.current_user
+  AuthService.validate_code(user, code)
 }
 ```

data/Rakefile CHANGED Viewed

@@ -1,6 +1 @@
 require "bundler/gem_tasks"
-require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec)
-task :default => :spec

data/app/controllers/sudo_rails/application_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module SudoRails
     def confirm
       if SudoRails.confirm?(self, params[:password])
-        session[:sudo_session] = Time.zone.now.to_s
+        extend_sudo_session!
       else
         flash[:alert] = I18n.t('sudo_rails.invalid_pass', locale: params[:locale])
       end

data/app/views/sudo_rails/confirm_form.html.erb CHANGED Viewed

@@ -7,7 +7,7 @@
 </div>
 <div class='sudo-form'>
-  <%= form_tag '/sudo_rails/confirm' do |f| %>
+  <%= form_tag sudo_rails_confirm_path do |f| %>
     <%= hidden_field_tag :locale, I18n.locale %>
     <%= hidden_field_tag :target_path, params[:target_path] || request.url %>
     <%= password_field_tag :password, nil, required: true, placeholder: t('sudo_rails.password') %>

data/lib/generators/sudo_rails/config_generator.rb ADDED Viewed

@@ -0,0 +1,35 @@
+class SudoRails::ConfigGenerator < Rails::Generators::Base
+  def create_config_file
+    create_file "config/initializers/sudo_rails.rb", <<~RUBY
+      SudoRails.setup do |config|
+        ### On/off engine
+        # config.enabled = true
+        ### Sudo mode sessions duration, default is 30 minutes
+        # config.sudo_session_duration = 10.minutes
+        ### Confirmation page styling
+        # config.custom_logo = '/images/logo_medium.png'
+        # config.primary_color = '#1a7191'
+        # config.background_color = '#1a1a1a'
+        # config.layout = 'admin'
+        ### Confirmation strategy implementation
+        # config.confirm_strategy = -> (context, password) {
+        #   user = context.current_user
+        #   user.valid_password?(password)
+        # }
+        ### Reset password link
+        # config.reset_pass_link = '/users/password/new'
+        ### Subscribe to different events
+        # config.callbacks = {
+        #   new_sudo_session: -> (context) { Rails.logger.warn("new sudo session created") },
+        #   invalid_sudo_session: -> (context) { Rails.logger.warn("invalid sudo session") },
+        #   invalid_confirmation: -> (context) { Rails.logger.warn("invalid password in sudo session") }
+        # }
+      end
+    RUBY
+  end
+end

data/lib/generators/sudo_rails/view_generator.rb ADDED Viewed

@@ -0,0 +1,7 @@
+class SudoRails::ViewGenerator < Rails::Generators::Base
+  source_root File.expand_path("../../../app/views/sudo_rails/", __dir__)
+  def copy_view_file
+    copy_file "confirm_form.html.erb", "app/views/sudo_rails/confirm_form.html.erb"
+  end
+end

data/lib/sudo_rails/controller_ext.rb CHANGED Viewed

@@ -8,6 +8,8 @@ module SudoRails
           next unless SudoRails.enabled
           next if SudoRails.valid_sudo_session?(session[:sudo_session])
+          SudoRails.run_callback(:invalid_sudo_session, self)
           render 'sudo_rails/confirm_form', layout: SudoRails.get_layout
         end
       end

data/lib/sudo_rails/engine.rb CHANGED Viewed

@@ -3,14 +3,14 @@ module SudoRails
     isolate_namespace SudoRails
     initializer "sudo_rails.controller_ext" do
-      ActiveSupport.on_load(:action_controller) do
+      ActiveSupport.on_load(:action_controller_base) do
         include SudoRails::ControllerExt
       end
     end
     initializer 'sudo_rails.routes' do |app|
       app.routes.append do
-        post '/sudo_rails/confirm' => 'sudo_rails/application#confirm'
+        post '/sudo_rails/confirm' => 'sudo_rails/application#confirm', as: :sudo_rails_confirm
       end
     end
   end

data/lib/sudo_rails/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SudoRails
-  VERSION = "0.7.0"
+  VERSION = "0.9.0"
 end

data/lib/sudo_rails.rb CHANGED Viewed

@@ -7,8 +7,15 @@ module SudoRails
   class << self
     include Styling
+    AVAILABLE_CALLBACKS = [
+      :invalid_sudo_session,
+      :new_sudo_session,
+      :invalid_confirmation
+    ]
     attr_accessor :enabled,
                   :confirm_strategy,
+                  :callbacks,
                   :sudo_session_duration,
                   :reset_pass_link,
                   :layout,
@@ -24,7 +31,15 @@ module SudoRails
       strategy = confirm_strategy
       raise(ArgumentError, 'Please, provide an strategy via SudoRails.confirm_strategy') unless strategy
-      strategy.call(context, password)
+      confirmed = strategy.call(context, password)
+      if confirmed
+        SudoRails.run_callback(:new_sudo_session, context)
+      else
+        SudoRails.run_callback(:invalid_confirmation, context)
+      end
+      confirmed
     end
     def valid_sudo_session?(started_at)
@@ -33,10 +48,23 @@ module SudoRails
       DateTime.parse(started_at) + sudo_session_duration > Time.zone.now
     end
+    def run_callback(type, context)
+      type = type.to_sym
+      if !AVAILABLE_CALLBACKS.include?(type)
+        raise(ArgumentError, "Please, provide a valid callback: #{AVAILABLE_CALLBACKS.to_sentence}")
+      end
+      callback = callbacks[type]
+      return unless callback
+      callback.call(context)
+    end
   end
   self.enabled = true
   self.sudo_session_duration = 30.minutes
+  self.callbacks = {}
 end
 require 'sudo_rails/integrations/devise'    if defined?(Devise)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sudo_rails
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.9.0
 platform: ruby
 authors:
 - markets
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-03-05 00:00:00.000000000 Z
+date: 2024-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
@@ -54,6 +54,8 @@ files:
 - app/views/sudo_rails/_stylesheet.html.erb
 - app/views/sudo_rails/confirm_form.html.erb
 - config/locales/en.yml
+- lib/generators/sudo_rails/config_generator.rb
+- lib/generators/sudo_rails/view_generator.rb
 - lib/sudo_rails.rb
 - lib/sudo_rails/controller_ext.rb
 - lib/sudo_rails/engine.rb
@@ -65,7 +67,7 @@ homepage: https://github.com/markets/sudo_rails
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -80,8 +82,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.4.10
+signing_key:
 specification_version: 4
 summary: Sudo mode for Rails
 test_files: []