sudo_rails 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 638291947f7e86c97efc387c94903a011517acb4782ce38e82203086ebd2435c
+  data.tar.gz: 48ccb8a2114553330cab7e3fbe31e6ff36edb8a9ff1e8a709b549354cf9e6501
+SHA512:
+  metadata.gz: a8ea7742c4449d1389c7f1c392f274ea371d14d6890dfcb3bb010c766e4d9d625a011314a41f1b1e04017c3ecb8f635582cef2e7907406f47a84533d5b27dc65
+  data.tar.gz: 6c76d8fdc1c1ddda5376bd4cc466719ef386e1fdd349ed8e1a1f5d5aae94115374c67b5c3d276bf520cede3fc5b14cd4b3a3fd763413b7d818d3815d478ffe5e

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright 2019 Marc Anguera Insa @markets
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,66 @@
+# Sudo Rails
+
+[![Gem](https://img.shields.io/gem/v/sudo_rails.svg?style=flat-square)](https://rubygems.org/gems/sudo_rails)
+[![Build Status](https://travis-ci.org/markets/sudo_rails.svg)](https://travis-ci.org/markets/sudo_rails)
+
+> Sudo mode for your Rails controllers
+
+Protect :lock: any Rails action with a customizable password confirmation strategy.
+
+```ruby
+class SecretController < ApplicationController
+  sudo
+end
+```
+
+*Inspired by Unix `sudo` command and [GitHub Sudo mode](https://help.github.com/en/articles/sudo-mode).*
+
+## Installation
+
+Add this line to your Gemfile and then execute `bundle install`:
+
+```ruby
+gem 'sudo_rails'
+```
+
+## Usage
+
+From now on, you have the `sudo` method available in your controllers, you can protect the whole controller or only some actions:
+
+```ruby
+class SettingsController < ApplicationController
+  sudo only: :sensible_settings
+end
+```
+
+### Configuration
+
+You can use the `setup` method to customize different things:
+
+```ruby
+# config/initializers/sudo_rails.rb
+SudoRails.setup do |config|
+  config.enabled = true
+  config.sudo_session_time = 20.minutes # default is 1 hour
+  config.layout = 'admin'
+  config.custom_logo = 'logos/medium_dark.png'
+  config.primary_color = '#1A7191'
+  config.reset_pass_link = '/users/password/new'
+  config.confirm_with = -> (context, password) {
+    user = context.current_user
+    user.valid_password?(password)
+  }
+end
+```
+
+## Development
+
+Any kind of feedback, bug report, idea or enhancement are really appreciated.
+
+To contribute, just fork the repo, hack on it and send a pull request. Don't forget to add tests for behaviour changes and run the test suite:
+
+    > bundle exec rspec
+
+## License
+
+Copyright (c) Marc Anguera. SudoRails is released under the [MIT](LICENSE) License.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/app/assets/stylesheets/sudo_rails/application.scss

@@ -0,0 +1,47 @@
+body {
+  text-align: center;
+  font-size: 22px;
+  font-family: Helvetica, Arial, sans-serif;
+  background-color: #f9f9f9;
+  transform: translateY(20%);
+}
+
+.sudo-header {
+  margin: 40px auto;
+
+  img {
+    max-width: 280px;
+  }
+}
+
+.sudo-form {
+  background-color: #fff;
+  border-radius: 5px;
+  border: 1px solid #d8dee2;
+  font-size: 14px;
+  padding: 20px;
+  margin: 10px auto;
+  width: 340px;
+
+  input {
+    display: block;
+    width: 100%;
+    font-size: 16px;
+    line-height: 30px;
+    padding: 4px;
+    border-radius: 5px;
+    border: 1px solid #d8dee2;
+  }
+
+  input[type="submit"] {
+    margin: 20px auto;
+    width: 60%;
+    padding: 4px;
+    background-color: #d8dee2;
+    border-radius: 25px;
+  }
+}
+
+.sudo-tip {
+  font-size: 14px;
+}

data/app/controllers/sudo_rails/application_controller.rb

@@ -0,0 +1,25 @@
+module SudoRails
+  class ApplicationController < ActionController::Base
+    before_action :sudo_enabled?
+
+    def confirm
+      if request.post? && confirm_sudo?
+        session[:sudo_rails_session] = Time.zone.now
+        redirect_to params[:target_path]
+      else
+        render 'sudo_rails/confirm_form', layout: SudoRails.get_layout
+      end
+    end
+
+    private
+
+    def sudo_enabled?
+      SudoRails.enabled || head(404, message: "SudoRails disabled")
+    end
+
+    def confirm_sudo?
+      block = SudoRails.confirm_with
+      block.call(self, params[:password])
+    end
+  end
+end

data/app/views/layouts/sudo_rails/application.html.erb

@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <%= csrf_meta_tags %>
+  <%= stylesheet_link_tag "sudo_rails/application", media: "all" %>
+  <%= render 'sudo_rails/inject_custom_styles' if SudoRails.primary_color %>
+</head>
+<body>
+  <%= yield %>
+</body>
+</html>

data/app/views/sudo_rails/_inject_custom_styles.html.erb

@@ -0,0 +1,8 @@
+<style type="text/css">
+  .sudo-form input[type="submit"] {
+    background-color: <%= SudoRails.primary_color %>;
+  }
+  .sudo-form a {
+    color: <%= SudoRails.primary_color %>;
+  }
+</style>

data/app/views/sudo_rails/confirm_form.html.erb

@@ -0,0 +1,24 @@
+<header class='sudo-header'>
+  <% if SudoRails.custom_logo %>
+    <%= image_tag SudoRails.custom_logo %>
+  <% end %>
+
+  <h3>Confirm password to continue</h3>
+</header>
+
+<div class='sudo-form'>
+  <%= form_tag '/sudo_rails/confirm' do |f| %>
+    <%= hidden_field_tag :target_path, params[:target_path] || request.url %>
+    <%= password_field_tag :password, nil, required: true, placeholder: 'Password' %>
+    <%= submit_tag 'Confirm password' %>
+  <% end %>
+
+  <% if SudoRails.reset_pass_link %>
+    <%= link_to 'Forgot your password?', SudoRails.reset_pass_link, target: '_blank' %>
+  <% end %>
+</div>
+
+<div class='sudo-tip'>
+  You are entering <b>sudo mode</b>.<br>
+  We won’t ask for your password again for <i><%= time_ago_in_words(SudoRails.sudo_session_time.ago) %></i>.
+</div>

data/lib/sudo_rails/controller_ext.rb

@@ -0,0 +1,20 @@
+module SudoRails
+  module ControllerExt
+    def sudo(options = {})
+      before_action(options) do
+        next unless SudoRails.enabled
+        next if SudoRails::ControllerExt.valid_sudo_session?(session[:sudo_rails_session])
+
+        render 'sudo_rails/confirm_form', layout: SudoRails.get_layout
+      end
+    end
+
+    private
+
+    def self.valid_sudo_session?(started_at)
+      return false unless started_at
+
+      Time.parse(started_at) + SudoRails.sudo_session_time > Time.zone.now
+    end
+  end
+end

data/lib/sudo_rails/engine.rb

@@ -0,0 +1,21 @@
+module SudoRails
+  class Engine < ::Rails::Engine
+    isolate_namespace SudoRails
+
+    initializer "sudo_rails.controller_ext" do
+      ActiveSupport.on_load(:action_controller) do
+        extend SudoRails::ControllerExt
+      end
+    end
+
+    initializer 'sudo_rails.routes' do |app|
+      app.routes.append do
+        match '/sudo_rails/confirm' => 'sudo_rails/application#confirm', via: [:get, :post]
+      end
+    end
+
+    config.assets.precompile << %w(
+      sudo_rails/application.css
+    )
+  end
+end

data/lib/sudo_rails/version.rb

@@ -0,0 +1,3 @@
+module SudoRails
+  VERSION = "0.1.0"
+end

data/lib/sudo_rails.rb

@@ -0,0 +1,34 @@
+require "sudo_rails/version"
+require "sudo_rails/controller_ext"
+require "sudo_rails/engine"
+
+module SudoRails
+  class << self
+    attr_accessor :enabled,
+                  :layout,
+                  :custom_logo,
+                  :primary_color,
+                  :confirm_with,
+                  :sudo_session_time,
+                  :reset_pass_link
+
+    def setup
+      yield(self) if block_given?
+    end
+
+    def get_layout
+      layout || 'sudo_rails/application'
+    end
+  end
+
+  self.enabled = true
+  self.sudo_session_time = 1.hour
+
+  if defined?(Devise)
+    self.confirm_with = -> (context, password) {
+      user = context.current_user
+      user.valid_password?(password)
+    }
+    self.reset_pass_link = "/users/password/new"
+  end
+end

metadata

@@ -0,0 +1,98 @@
+--- !ruby/object:Gem::Specification
+name: sudo_rails
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- markets
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-05-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+- !ruby/object:Gem::Dependency
+  name: sass-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Protect any Rails action with password confirmation.
+email:
+- srmarc.ai@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- Rakefile
+- app/assets/stylesheets/sudo_rails/application.scss
+- app/controllers/sudo_rails/application_controller.rb
+- app/views/layouts/sudo_rails/application.html.erb
+- app/views/sudo_rails/_inject_custom_styles.html.erb
+- app/views/sudo_rails/confirm_form.html.erb
+- lib/sudo_rails.rb
+- lib/sudo_rails/controller_ext.rb
+- lib/sudo_rails/engine.rb
+- lib/sudo_rails/version.rb
+homepage: https://github.com/markets/sudo_rails
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Sudo mode for Rails
+test_files: []