switch_user 1.4.0 → 1.5.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +22 -0
- data/Gemfile +2 -0
- data/README.md +22 -20
- data/Rakefile +2 -0
- data/app/controllers/switch_user_controller.rb +25 -11
- data/app/helpers/switch_user_helper.rb +16 -19
- data/app/views/switch_user/_widget.html.erb +2 -2
- data/config/routes.rb +4 -2
- data/lib/generators/switch_user/install/install_generator.rb +3 -2
- data/lib/generators/switch_user/install/templates/switch_user.rb +8 -6
- data/lib/switch_user.rb +22 -21
- data/lib/switch_user/base_guard.rb +7 -5
- data/lib/switch_user/data_source.rb +8 -8
- data/lib/switch_user/lambda_guard.rb +2 -0
- data/lib/switch_user/provider.rb +16 -13
- data/lib/switch_user/provider/authlogic.rb +6 -6
- data/lib/switch_user/provider/base.rb +7 -8
- data/lib/switch_user/provider/clearance.rb +8 -6
- data/lib/switch_user/provider/devise.rb +5 -3
- data/lib/switch_user/provider/dummy.rb +8 -12
- data/lib/switch_user/provider/restful_authentication.rb +5 -3
- data/lib/switch_user/provider/session.rb +5 -3
- data/lib/switch_user/provider/sorcery.rb +8 -9
- data/lib/switch_user/rails.rb +7 -3
- data/lib/switch_user/rspec.rb +4 -4
- data/lib/switch_user/rspec/feature_helpers.rb +13 -14
- data/lib/switch_user/user_loader.rb +5 -2
- data/lib/switch_user/user_set.rb +14 -9
- data/lib/switch_user/version.rb +3 -1
- data/spec/controllers/switch_user_controller_spec.rb +24 -27
- data/spec/helpers/switch_user_helper_spec.rb +58 -55
- data/spec/integration/switch_user_spec.rb +105 -21
- data/spec/provider/authlogic_spec.rb +3 -1
- data/spec/provider/clearance_spec.rb +3 -1
- data/spec/provider/devise_spec.rb +19 -18
- data/spec/provider/dummy_spec.rb +4 -3
- data/spec/provider/restful_authentication_spec.rb +3 -1
- data/spec/provider/session_spec.rb +4 -2
- data/spec/provider/sorcery_spec.rb +3 -1
- data/spec/provider_spec.rb +3 -1
- data/spec/rspec/feature_helpers_spec.rb +38 -37
- data/spec/spec_helper.rb +4 -2
- data/spec/support/application.rb +35 -23
- data/spec/support/provider.rb +13 -11
- data/spec/switch_user/data_source_spec.rb +7 -5
- data/spec/switch_user/lambda_guard_spec.rb +6 -4
- data/spec/switch_user/user_loader_spec.rb +23 -23
- data/spec/switch_user/user_set_spec.rb +12 -10
- data/spec/switch_user_spec.rb +6 -4
- data/switch_user.gemspec +24 -23
- metadata +28 -28
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SwitchUser
|
2
4
|
class UserLoader
|
3
5
|
attr_reader :scope
|
@@ -8,7 +10,8 @@ module SwitchUser
|
|
8
10
|
|
9
11
|
if options[:scope_identifier]
|
10
12
|
options[:scope_identifier] =~ /^(.*)_([^_]+)$/
|
11
|
-
scope
|
13
|
+
scope = Regexp.last_match(1)
|
14
|
+
id = Regexp.last_match(2)
|
12
15
|
else
|
13
16
|
scope, id = args
|
14
17
|
end
|
@@ -30,7 +33,7 @@ module SwitchUser
|
|
30
33
|
if scope && SwitchUser.available_scopes.include?(scope.to_sym)
|
31
34
|
@scope = scope
|
32
35
|
else
|
33
|
-
raise InvalidScope
|
36
|
+
raise InvalidScope, "#{scope} is invalid and is not listed in SwitchUser#available_users"
|
34
37
|
end
|
35
38
|
end
|
36
39
|
|
data/lib/switch_user/user_set.rb
CHANGED
@@ -1,32 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SwitchUser
|
2
4
|
class UserSet
|
3
5
|
def self.init_from_config
|
4
6
|
SwitchUser.available_users.map do |scope, base_scope|
|
5
7
|
identifier = SwitchUser.available_users_identifiers[scope]
|
6
|
-
label
|
8
|
+
label = SwitchUser.available_users_names[scope]
|
7
9
|
new(scope, identifier, label, base_scope)
|
8
10
|
end
|
9
11
|
end
|
10
12
|
|
11
13
|
def self.users
|
12
|
-
init_from_config.flat_map
|
13
|
-
user_set.users.map {|user| Record.build(user, user_set) }
|
14
|
-
|
14
|
+
init_from_config.flat_map do |user_set|
|
15
|
+
user_set.users.map { |user| Record.build(user, user_set) }
|
16
|
+
end
|
15
17
|
end
|
16
18
|
|
17
19
|
attr_reader :scope, :user_class, :identifier, :label, :base_scope
|
20
|
+
|
18
21
|
def initialize(scope, identifier, label, base_scope)
|
19
|
-
@scope
|
22
|
+
@scope = scope
|
20
23
|
@user_class = normalize_class(scope)
|
21
24
|
@identifier = identifier
|
22
|
-
@label
|
25
|
+
@label = label
|
23
26
|
@base_scope = normalize_scope(base_scope)
|
24
27
|
end
|
25
28
|
|
26
29
|
def find_user(id)
|
27
|
-
Record.build(users.where(:
|
30
|
+
Record.build(users.where(id: id).first, self)
|
28
31
|
end
|
29
|
-
|
32
|
+
|
33
|
+
alias [] find_user
|
30
34
|
|
31
35
|
def users
|
32
36
|
base_scope
|
@@ -54,9 +58,10 @@ module SwitchUser
|
|
54
58
|
user_class.respond_to?(:scoped) ? user_class.scoped : user_class.all
|
55
59
|
end
|
56
60
|
end
|
61
|
+
|
57
62
|
class Record < Struct.new(:id, :label, :scope)
|
58
63
|
def self.build(user, set)
|
59
|
-
id
|
64
|
+
id = user.send(set.identifier)
|
60
65
|
label = user.send(set.label)
|
61
66
|
scope = set.scope
|
62
67
|
|
data/lib/switch_user/version.rb
CHANGED
@@ -1,40 +1,37 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'spec_helper'
|
2
4
|
require 'switch_user'
|
3
5
|
require 'switch_user_controller'
|
4
6
|
|
5
|
-
RSpec.describe SwitchUserController, :
|
7
|
+
RSpec.describe SwitchUserController, type: :controller do
|
6
8
|
before do
|
7
9
|
SwitchUser.provider = :dummy
|
8
10
|
end
|
9
11
|
|
10
|
-
let(:admin) { double(:admin,
|
11
|
-
let(:provider) { double(:provider,
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
describe "#set_current_user" do
|
16
|
-
it "redirects the user to the specified location" do
|
17
|
-
SwitchUser.redirect_path = lambda {|_,_| "/path"}
|
12
|
+
let(:admin) { double(:admin, admin?: true) }
|
13
|
+
let(:provider) { double(:provider, original_user: admin, current_user: nil) }
|
14
|
+
describe '#set_current_user' do
|
15
|
+
it 'redirects the user to the specified location' do
|
16
|
+
SwitchUser.redirect_path = ->(_, _) { '/path' }
|
18
17
|
allow(controller).to receive(:available?).and_return(true)
|
19
|
-
get :set_current_user, :scope_identifier
|
18
|
+
get :set_current_user, params: { scope_identifier: 'user_1' }
|
20
19
|
|
21
|
-
expect(response).to redirect_to(
|
20
|
+
expect(response).to redirect_to('/path')
|
22
21
|
end
|
23
22
|
|
24
|
-
it
|
25
|
-
SwitchUser.controller_guard =
|
26
|
-
expect {
|
27
|
-
get :set_current_user
|
28
|
-
}.to raise_error(ActionController::RoutingError)
|
23
|
+
it 'denies access according to the guard block' do
|
24
|
+
SwitchUser.controller_guard = ->(_, _, _) { false }
|
25
|
+
expect { get :set_current_user }.to raise_error(ActionController::RoutingError)
|
29
26
|
end
|
30
27
|
|
31
|
-
describe
|
28
|
+
describe 'requests with a privileged original_user' do
|
32
29
|
before do
|
33
|
-
SwitchUser.controller_guard = lambda
|
30
|
+
SwitchUser.controller_guard = lambda do |current_user, _, original_user|
|
34
31
|
current_user.try(:admin?) || original_user.try(:admin?)
|
35
|
-
|
32
|
+
end
|
36
33
|
end
|
37
|
-
it
|
34
|
+
it 'allows access using the original_user param' do
|
38
35
|
allow(controller).to receive(:provider).and_return(provider)
|
39
36
|
|
40
37
|
expect(provider).to receive(:logout_all)
|
@@ -46,26 +43,26 @@ RSpec.describe SwitchUserController, :type => :controller do
|
|
46
43
|
end
|
47
44
|
end
|
48
45
|
|
49
|
-
describe
|
46
|
+
describe '#remember_user' do
|
50
47
|
before do
|
51
48
|
allow(controller).to receive(:provider).and_return(provider)
|
52
49
|
SwitchUser.switch_back = true
|
53
50
|
end
|
54
|
-
it
|
51
|
+
it 'can remember the current user' do
|
55
52
|
expect(provider).to receive(:remember_current_user).with(true)
|
56
53
|
|
57
|
-
get :remember_user, :remember
|
54
|
+
get :remember_user, params: { remember: 'true' }
|
58
55
|
end
|
59
|
-
it
|
56
|
+
it 'can forget the current user' do
|
60
57
|
expect(provider).to receive(:remember_current_user).with(false)
|
61
58
|
|
62
|
-
get :remember_user, :remember
|
59
|
+
get :remember_user, params: { remember: 'false' }
|
63
60
|
end
|
64
|
-
it
|
61
|
+
it 'does nothing if switch_back is not enabled' do
|
65
62
|
SwitchUser.switch_back = false
|
66
63
|
expect(provider).not_to receive(:remember_current_user)
|
67
64
|
|
68
|
-
get :remember_user, :remember
|
65
|
+
get :remember_user, params: { remember: 'true' }
|
69
66
|
end
|
70
67
|
end
|
71
68
|
end
|
@@ -1,30 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'spec_helper'
|
2
4
|
require 'switch_user'
|
3
5
|
require 'switch_user_helper'
|
4
6
|
|
5
|
-
RSpec.describe SwitchUserHelper, :
|
7
|
+
RSpec.describe SwitchUserHelper, type: :helper do
|
6
8
|
before do
|
7
9
|
SwitchUser.provider = :dummy
|
8
10
|
end
|
9
11
|
|
10
|
-
let(:user) { double(:user, :
|
11
|
-
let(:admin) { double(:admin, :
|
12
|
-
let(:provider)
|
12
|
+
let(:user) { double(:user, id: 1) }
|
13
|
+
let(:admin) { double(:admin, id: 1) }
|
14
|
+
let(:provider) do
|
13
15
|
_provider = SwitchUser::Provider::Dummy.new(controller)
|
14
16
|
_provider
|
15
|
-
|
17
|
+
end
|
16
18
|
|
17
|
-
describe
|
19
|
+
describe '#switch_user_select' do
|
18
20
|
let(:guest_record) { SwitchUser::GuestRecord.new }
|
19
|
-
let(:user_record) { double(:user_record, :
|
20
|
-
let(:admin_record) { double(:admin_record, :
|
21
|
-
|
22
|
-
let(:guest_option_tags) { %Q^<optgroup label="Guest"><option value="">Guest</option></optgroup>^ }
|
23
|
-
let(:user_option_tags) { %Q^<optgroup label="User"><option value="user_1">user1</option></optgroup>^ }
|
24
|
-
let(:user_selected_option_tags) { %Q^<optgroup label="User"><option selected="selected" value="user_1">user1</option></optgroup>^ }
|
25
|
-
let(:admin_option_tags) { %Q^<optgroup label="Admin"><option value="admin_1">admin1</option></optgroup>^ }
|
26
|
-
let(:admin_selected_option_tags) { %Q^<optgroup label="Admin"><option selected="selected" value="admin_1">admin1</option></optgroup>^ }
|
21
|
+
let(:user_record) { double(:user_record, user: user, scope: :user, label: 'user1', scope_id: 'user_1') }
|
22
|
+
let(:admin_record) { double(:admin_record, user: admin, scope: :admin, label: 'admin1', scope_id: 'admin_1') }
|
27
23
|
|
24
|
+
let(:guest_option_tags) { '<optgroup label="Guest"><option value="">Guest</option></optgroup>' }
|
25
|
+
let(:user_option_tags) { '<optgroup label="User"><option value="user_1">user1</option></optgroup>' }
|
26
|
+
let(:user_selected_option_tags) do
|
27
|
+
'<optgroup label="User"><option selected="selected" value="user_1">user1</option></optgroup>'
|
28
|
+
end
|
29
|
+
let(:admin_option_tags) { '<optgroup label="Admin"><option value="admin_1">admin1</option></optgroup>' }
|
30
|
+
let(:admin_selected_option_tags) do
|
31
|
+
'<optgroup label="Admin"><option selected="selected" value="admin_1">admin1</option></optgroup>'
|
32
|
+
end
|
28
33
|
|
29
34
|
before do
|
30
35
|
allow(SwitchUser).to receive(:switch_back).and_return(false)
|
@@ -39,64 +44,64 @@ RSpec.describe SwitchUserHelper, :type => :helper do
|
|
39
44
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
|
40
45
|
end
|
41
46
|
|
42
|
-
it
|
47
|
+
it 'when unavailable' do
|
43
48
|
allow(helper).to receive(:available?).and_return(false)
|
44
49
|
|
45
50
|
expect(helper.switch_user_select).to eq(nil)
|
46
51
|
end
|
47
52
|
|
48
|
-
it
|
53
|
+
it 'when current_user is nil and all_users is []' do
|
49
54
|
allow(provider).to receive(:current_user).and_return(nil)
|
50
55
|
allow(SwitchUser).to receive(:all_users).and_return([])
|
51
56
|
|
52
57
|
expect(helper.switch_user_select).not_to match(%r{</option>})
|
53
58
|
end
|
54
59
|
|
55
|
-
it
|
60
|
+
it 'when current_user is nil and all_users is [guest_record]' do
|
56
61
|
allow(provider).to receive(:current_user).and_return(nil)
|
57
62
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record])
|
58
63
|
|
59
|
-
expect(helper.switch_user_select).to match(
|
64
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
60
65
|
end
|
61
66
|
|
62
|
-
it
|
67
|
+
it 'when current_user is nil and all_users is [guest_record, user_record]' do
|
63
68
|
allow(provider).to receive(:current_user).and_return(nil)
|
64
69
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
|
65
70
|
|
66
|
-
expect(helper.switch_user_select).to match(
|
67
|
-
expect(helper.switch_user_select).to match(
|
71
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
72
|
+
expect(helper.switch_user_select).to match(/#{user_option_tags}/)
|
68
73
|
end
|
69
74
|
|
70
|
-
it
|
75
|
+
it 'when current_user is user and all_users is []' do
|
71
76
|
allow(provider).to receive(:current_user).and_return(user)
|
72
77
|
allow(SwitchUser).to receive(:all_users).and_return([])
|
73
78
|
|
74
79
|
expect(helper.switch_user_select).not_to match(%r{</option>})
|
75
80
|
end
|
76
81
|
|
77
|
-
it
|
82
|
+
it 'when current_user is user and all_users is [guest_record, user_record]' do
|
78
83
|
allow(provider).to receive(:current_user).and_return(user)
|
79
84
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
|
80
85
|
|
81
|
-
expect(helper.switch_user_select).to match(
|
82
|
-
expect(helper.switch_user_select).to match(
|
86
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
87
|
+
expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
|
83
88
|
end
|
84
89
|
|
85
|
-
it
|
86
|
-
expect(helper.switch_user_select).to match(
|
87
|
-
expect(helper.switch_user_select).to match(
|
90
|
+
it 'when current_user is default allow and all_users is default allow' do
|
91
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
92
|
+
expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
|
88
93
|
end
|
89
94
|
|
90
|
-
it
|
95
|
+
it 'when current_user is user and all_users is [guest_record, user_record, admin_record]' do
|
91
96
|
allow(provider).to receive(:current_user).and_return(user)
|
92
97
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record, admin_record])
|
93
98
|
|
94
|
-
expect(helper.switch_user_select).to match(
|
95
|
-
expect(helper.switch_user_select).to match(
|
96
|
-
expect(helper.switch_user_select).to match(
|
99
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
100
|
+
expect(helper.switch_user_select).to match(/#{user_selected_option_tags}/)
|
101
|
+
expect(helper.switch_user_select).to match(/#{admin_option_tags}/)
|
97
102
|
end
|
98
103
|
|
99
|
-
it
|
104
|
+
it 'when current_user is admin and all_users is [guest_record, user_record, admin_record]' do
|
100
105
|
provider.instance_variable_set(:@user, admin)
|
101
106
|
allow(helper).to receive(:provider).and_return(provider)
|
102
107
|
|
@@ -104,12 +109,12 @@ RSpec.describe SwitchUserHelper, :type => :helper do
|
|
104
109
|
|
105
110
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record, admin_record])
|
106
111
|
|
107
|
-
expect(helper.switch_user_select).to match(
|
108
|
-
expect(helper.switch_user_select).to match(
|
109
|
-
expect(helper.switch_user_select).to match(
|
112
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
113
|
+
expect(helper.switch_user_select).to match(/#{user_option_tags}/)
|
114
|
+
expect(helper.switch_user_select).to match(/#{admin_selected_option_tags}/)
|
110
115
|
end
|
111
116
|
|
112
|
-
it
|
117
|
+
it 'when current_user is admin and all_users is [guest_record, user_record]' do
|
113
118
|
provider.instance_variable_set(:@user, admin)
|
114
119
|
allow(helper).to receive(:provider).and_return(provider)
|
115
120
|
|
@@ -117,57 +122,55 @@ RSpec.describe SwitchUserHelper, :type => :helper do
|
|
117
122
|
|
118
123
|
allow(SwitchUser).to receive(:all_users).and_return([guest_record, user_record])
|
119
124
|
|
120
|
-
expect(helper.switch_user_select).to match(
|
121
|
-
expect(helper.switch_user_select).to match(
|
122
|
-
expect(helper.switch_user_select).to_not match(
|
125
|
+
expect(helper.switch_user_select).to match(/#{guest_option_tags}/)
|
126
|
+
expect(helper.switch_user_select).to match(/#{user_option_tags}/)
|
127
|
+
expect(helper.switch_user_select).to_not match(/#{admin_option_tags}/)
|
123
128
|
end
|
124
129
|
end
|
125
130
|
|
126
|
-
describe
|
127
|
-
it
|
128
|
-
user = double(:user, :
|
131
|
+
describe '#user_tag_value' do
|
132
|
+
it 'for user' do
|
133
|
+
user = double(:user, id: 1)
|
129
134
|
|
130
135
|
expect(helper.send(:user_tag_value, user, :id, :user)).to eq('user_1')
|
131
136
|
end
|
132
137
|
end
|
133
138
|
|
134
|
-
describe
|
135
|
-
it
|
139
|
+
describe '#user_tag_label' do
|
140
|
+
it 'when name has call method' do
|
136
141
|
user = double(:user)
|
137
|
-
name = ->(
|
142
|
+
name = ->(_user) { 'user1' }
|
138
143
|
|
139
144
|
expect(helper.send(:user_tag_label, user, name)).to eq('user1')
|
140
145
|
end
|
141
146
|
|
142
|
-
it
|
143
|
-
user = double(:name, :
|
147
|
+
it 'when name not has call method' do
|
148
|
+
user = double(:name, name: 'user1')
|
144
149
|
name = :name
|
145
150
|
|
146
151
|
expect(helper.send(:user_tag_label, user, name)).to eq('user1')
|
147
152
|
end
|
148
153
|
end
|
149
154
|
|
150
|
-
describe
|
151
|
-
it
|
155
|
+
describe '#available?' do
|
156
|
+
it 'return true' do
|
152
157
|
allow_any_instance_of(SwitchUser.guard_class).to receive(:view_available?).and_return(true)
|
153
158
|
|
154
159
|
expect(helper.send(:available?)).to eq(true)
|
155
160
|
end
|
156
161
|
|
157
|
-
it
|
162
|
+
it 'return false' do
|
158
163
|
allow_any_instance_of(SwitchUser.guard_class).to receive(:view_available?).and_return(false)
|
159
164
|
|
160
165
|
expect(helper.send(:available?)).to eq(false)
|
161
166
|
end
|
162
167
|
end
|
163
168
|
|
164
|
-
describe
|
165
|
-
it
|
169
|
+
describe '#provider' do
|
170
|
+
it 'normal' do
|
166
171
|
allow(SwitchUser::Provider).to receive(:init).with(controller).and_return(provider)
|
167
172
|
|
168
173
|
expect(helper.send(:provider)).to eq(provider)
|
169
174
|
end
|
170
175
|
end
|
171
|
-
|
172
|
-
|
173
176
|
end
|
@@ -1,61 +1,145 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'spec_helper'
|
2
4
|
|
3
|
-
RSpec.describe
|
4
|
-
let(:user) { User.create!(:
|
5
|
-
let(:other_user) { User.create!(:
|
5
|
+
RSpec.describe 'Using SwitchUser', type: :request do
|
6
|
+
let(:user) { User.create!(email: 'foo@bar.com', admin: true) }
|
7
|
+
let(:other_user) { User.create!(email: 'other@bar.com', admin: false) }
|
6
8
|
|
7
9
|
before do
|
8
10
|
SwitchUser.reset_config
|
9
11
|
SwitchUser.provider = :session
|
10
|
-
SwitchUser.controller_guard =
|
11
|
-
SwitchUser.redirect_path =
|
12
|
+
SwitchUser.controller_guard = ->(_current_user, _request) { Rails.env.test? }
|
13
|
+
SwitchUser.redirect_path = ->(_, _) { '/dummy/open' }
|
12
14
|
end
|
13
15
|
|
14
|
-
it
|
16
|
+
it 'signs a user in using switch_user' do
|
15
17
|
# can't access protected url
|
16
|
-
get
|
18
|
+
get '/dummy/protected'
|
17
19
|
expect(response).to be_redirect
|
18
20
|
|
19
21
|
get "/switch_user?scope_identifier=user_#{other_user.id}"
|
20
22
|
expect(response).to be_redirect
|
21
23
|
|
22
24
|
# now that we are logged in via switch_user we can access
|
23
|
-
get
|
25
|
+
get '/dummy/protected'
|
24
26
|
expect(response).to be_success
|
25
27
|
end
|
26
28
|
|
27
|
-
context
|
29
|
+
context 'using switch_back' do
|
28
30
|
before do
|
29
31
|
SwitchUser.switch_back = true
|
30
|
-
SwitchUser.controller_guard = lambda
|
32
|
+
SwitchUser.controller_guard = lambda do |current_user, _request, original_user|
|
31
33
|
current_user && current_user.admin? || original_user && original_user.admin?
|
32
|
-
|
34
|
+
end
|
33
35
|
end
|
34
36
|
|
35
|
-
it
|
37
|
+
it 'can switch back to a different user through remember_user endpoint' do
|
36
38
|
# login
|
37
|
-
post
|
39
|
+
post '/login', params: { id: user.id }
|
38
40
|
follow_redirect!
|
39
41
|
|
40
42
|
# have SwitchUser remember us
|
41
|
-
get
|
42
|
-
expect(session[
|
43
|
+
get '/switch_user/remember_user', params: { remember: true }
|
44
|
+
expect(session['original_user_scope_identifier']).to be_present
|
43
45
|
|
44
46
|
# check that we can switch to another user
|
45
47
|
get "/switch_user?scope_identifier=user_#{other_user.id}"
|
46
|
-
expect(session[
|
48
|
+
expect(session['user_id']).to eq other_user.id
|
49
|
+
|
50
|
+
# logout
|
51
|
+
get '/logout'
|
52
|
+
expect(session['user_id']).to be_nil
|
53
|
+
|
54
|
+
# check that we can still switch to another user
|
55
|
+
get "/switch_user?scope_identifier=user_#{user.id}"
|
56
|
+
expect(session['user_id']).to eq user.id
|
57
|
+
|
58
|
+
# check that we can be un-remembered
|
59
|
+
get '/switch_user/remember_user', params: { remember: false }
|
60
|
+
expect(session['original_user']).to be_nil
|
61
|
+
end
|
62
|
+
|
63
|
+
it 'can switch back to a different user without hitting remember_user endpoint' do
|
64
|
+
# login
|
65
|
+
post '/login', params: { id: user.id }
|
66
|
+
follow_redirect!
|
67
|
+
|
68
|
+
# check that we can switch to another user
|
69
|
+
get "/switch_user?scope_identifier=user_#{other_user.id}", params: { remember: true }
|
70
|
+
expect(session['user_id']).to eq other_user.id
|
71
|
+
expect(session['original_user_scope_identifier']).to_not be_nil
|
47
72
|
|
48
73
|
# logout
|
49
|
-
get
|
50
|
-
expect(session[
|
74
|
+
get '/logout'
|
75
|
+
expect(session['user_id']).to be_nil
|
51
76
|
|
52
77
|
# check that we can still switch to another user
|
53
78
|
get "/switch_user?scope_identifier=user_#{user.id}"
|
54
|
-
expect(session[
|
79
|
+
expect(session['user_id']).to eq user.id
|
55
80
|
|
56
81
|
# check that we can be un-remembered
|
57
|
-
get
|
58
|
-
expect(session[
|
82
|
+
get '/switch_user/remember_user', params: { remember: false }
|
83
|
+
expect(session['original_user']).to be_nil
|
84
|
+
end
|
85
|
+
|
86
|
+
context 'when non-default identifier' do
|
87
|
+
before do
|
88
|
+
SwitchUser.available_users_identifiers = { user: :email }
|
89
|
+
end
|
90
|
+
|
91
|
+
after do
|
92
|
+
SwitchUser.available_users_identifiers = { user: :id }
|
93
|
+
end
|
94
|
+
|
95
|
+
it 'can switch back to a different user through remember_user endpoint' do
|
96
|
+
# login
|
97
|
+
post '/login', params: { id: user.id }
|
98
|
+
follow_redirect!
|
99
|
+
|
100
|
+
# have SwitchUser remember us
|
101
|
+
get '/switch_user/remember_user', params: { remember: true }
|
102
|
+
expect(session['original_user_scope_identifier']).to be_present
|
103
|
+
|
104
|
+
# check that we can switch to another user
|
105
|
+
get "/switch_user?scope_identifier=user_#{other_user.email}"
|
106
|
+
expect(session['user_id']).to eq other_user.id
|
107
|
+
|
108
|
+
# logout
|
109
|
+
get '/logout'
|
110
|
+
expect(session['user_id']).to be_nil
|
111
|
+
|
112
|
+
# check that we can still switch to another user
|
113
|
+
get "/switch_user?scope_identifier=user_#{user.email}"
|
114
|
+
expect(session['user_id']).to eq user.id
|
115
|
+
|
116
|
+
# check that we can be un-remembered
|
117
|
+
get '/switch_user/remember_user', params: { remember: false }
|
118
|
+
expect(session['original_user']).to be_nil
|
119
|
+
end
|
120
|
+
|
121
|
+
it 'can switch back to a different user without hitting remember_user endpoint' do
|
122
|
+
# login
|
123
|
+
post '/login', params: { id: user.id }
|
124
|
+
follow_redirect!
|
125
|
+
|
126
|
+
# check that we can switch to another user
|
127
|
+
get "/switch_user?scope_identifier=user_#{other_user.email}", params: { remember: true }
|
128
|
+
expect(session['user_id']).to eq other_user.id
|
129
|
+
expect(session['original_user_scope_identifier']).to_not be_nil
|
130
|
+
|
131
|
+
# logout
|
132
|
+
get '/logout'
|
133
|
+
expect(session['user_id']).to be_nil
|
134
|
+
|
135
|
+
# check that we can still switch to another user
|
136
|
+
get "/switch_user?scope_identifier=user_#{user.email}"
|
137
|
+
expect(session['user_id']).to eq user.id
|
138
|
+
|
139
|
+
# check that we can be un-remembered
|
140
|
+
get '/switch_user/remember_user', params: { remember: false }
|
141
|
+
expect(session['original_user']).to be_nil
|
142
|
+
end
|
59
143
|
end
|
60
144
|
end
|
61
145
|
end
|