tb_core 1.4.7 → 1.4.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/admin/password_resets_controller.rb +1 -0
- data/app/controllers/concerns/tb_core/redirection.rb +1 -0
- data/app/controllers/concerns/tb_core/user_authentication.rb +5 -0
- data/app/helpers/forgot_password_mailer_helper.rb +1 -0
- data/app/models/concerns/tb_core/user_model.rb +7 -1
- data/app/models/spud_role.rb +2 -7
- data/app/views/layouts/admin/application.html.erb +1 -1
- data/lib/generators/spud/module_generator.rb +3 -3
- data/lib/generators/spud/setup_generator.rb +1 -1
- data/lib/tb_core/belongs_to_app.rb +1 -0
- data/lib/tb_core/version.rb +1 -1
- data/spec/controllers/admin/application_controller_spec.rb +2 -2
- data/spec/controllers/admin/password_reset_controller_spec.rb +2 -2
- data/spec/controllers/admin/settings_controller_spec.rb +1 -1
- data/spec/controllers/admin/setup_controller_spec.rb +1 -1
- data/spec/controllers/admin/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/admin/users_controller_spec.rb +3 -3
- data/spec/dummy/config/initializers/secret_token.rb +0 -1
- data/spec/factories/spud_admin_permission_factories.rb +1 -1
- data/spec/factories/spud_user_factories.rb +2 -2
- metadata +8 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cd6c66dcf54d5da5213a63e533eb04b5f64e726919654ece63a4565333c8a6d7
|
|
4
|
+
data.tar.gz: 224a045cc261e598c21677bcf28ee60dc82d0ea0f82392dcc9801eb86117aaf8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5dbc377a0b2723d633ff97989a57b41fd5e797247d442e14f7ad6c63ea5f3f402b82ea244d9eee072301dffbfcfb62896e5ffee978fb88c33858f4e8cb39558f
|
|
7
|
+
data.tar.gz: 4e85b15b625862b800ccb12e1490822d907ee696e6434cf7d08699ca5e0fac0412f032d2153b2d2137c66f87b7f6de10c11fc78c187496ae0bb123c0df691a2e
|
|
@@ -43,6 +43,7 @@ private
|
|
|
43
43
|
def load_user_using_perishable_token
|
|
44
44
|
@user = SpudUser.find_using_perishable_token(params[:id])
|
|
45
45
|
return if @user
|
|
46
|
+
|
|
46
47
|
flash[:notice] = "We're sorry, but we could not locate your account. " +
|
|
47
48
|
'If you are having issues try copying and pasting the URL ' +
|
|
48
49
|
'from your email into your browser or restarting the ' +
|
|
@@ -10,27 +10,32 @@ module TbCore
|
|
|
10
10
|
|
|
11
11
|
def current_user_session
|
|
12
12
|
return @current_user_session if defined?(@current_user_session)
|
|
13
|
+
|
|
13
14
|
@current_user_session = SpudUserSession.find
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def current_user
|
|
17
18
|
return @current_user if defined?(@current_user)
|
|
19
|
+
|
|
18
20
|
@current_user = current_user_session&.spud_user
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
def current_user_id
|
|
22
24
|
return 0 unless @current_user
|
|
25
|
+
|
|
23
26
|
@current_user.id
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
def require_user
|
|
27
30
|
raise UnauthorizedError.new unless current_user
|
|
31
|
+
|
|
28
32
|
true
|
|
29
33
|
end
|
|
30
34
|
|
|
31
35
|
def require_admin_user
|
|
32
36
|
raise UnauthorizedError.new unless current_user
|
|
33
37
|
raise AccessDeniedError.new unless current_user.admin_rights?
|
|
38
|
+
|
|
34
39
|
true
|
|
35
40
|
end
|
|
36
41
|
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module ForgotPasswordMailerHelper
|
|
2
2
|
def perishable_token_link_expiration_time_text(user)
|
|
3
3
|
return if user.class.perishable_token_valid_for.blank?
|
|
4
|
+
|
|
4
5
|
expiration_time = user.updated_at + user.class.perishable_token_valid_for
|
|
5
6
|
|
|
6
7
|
"This link will expire in #{distance_of_time_in_words(Time.current, expiration_time)}."
|
|
@@ -16,7 +16,7 @@ module TbCore
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
belongs_to :role,
|
|
19
|
-
class_name: SpudRole.to_s, foreign_key: :spud_role_id,
|
|
19
|
+
class_name: SpudRole.to_s, foreign_key: :spud_role_id, optional: true
|
|
20
20
|
has_many :spud_user_settings,
|
|
21
21
|
dependent: :destroy, foreign_key: :spud_user_id
|
|
22
22
|
|
|
@@ -69,6 +69,7 @@ module TbCore
|
|
|
69
69
|
|
|
70
70
|
def full_name
|
|
71
71
|
return login if first_name.blank? && last_name.blank?
|
|
72
|
+
|
|
72
73
|
[first_name, last_name].reject(&:blank?).join(' ')
|
|
73
74
|
end
|
|
74
75
|
|
|
@@ -79,12 +80,14 @@ module TbCore
|
|
|
79
80
|
# Returns true if user can view at least one dashboard app
|
|
80
81
|
def admin_rights?
|
|
81
82
|
return true if super_admin
|
|
83
|
+
|
|
82
84
|
TbCore.admin_applications.find { |app| can_view_app?(app) }.present?
|
|
83
85
|
end
|
|
84
86
|
|
|
85
87
|
# Returns true if the user can view a spud app based on it's key
|
|
86
88
|
def can_view_app?(admin_application)
|
|
87
89
|
return true if super_admin?
|
|
90
|
+
|
|
88
91
|
key = admin_application[:key]
|
|
89
92
|
permissions.find { |p| p.apps.include?(key) }.present?
|
|
90
93
|
end
|
|
@@ -95,6 +98,7 @@ module TbCore
|
|
|
95
98
|
# * if multiple tags are supplied, return true if ALL tags match
|
|
96
99
|
def permission?(*tags)
|
|
97
100
|
return true if super_admin?
|
|
101
|
+
|
|
98
102
|
my_tags = permissions.collect(&:tag)
|
|
99
103
|
tags.find { |tag| !my_tags.include?(tag) }.blank?
|
|
100
104
|
end
|
|
@@ -105,12 +109,14 @@ module TbCore
|
|
|
105
109
|
# * if multiple tags are supplied, return true if ANY tag matches
|
|
106
110
|
def any_permission?(*tags)
|
|
107
111
|
return true if super_admin?
|
|
112
|
+
|
|
108
113
|
permissions.find { |p| tags.include?(p.tag) }.present?
|
|
109
114
|
end
|
|
110
115
|
|
|
111
116
|
# Return a list of SpudPermission objects for the user's SpudRole
|
|
112
117
|
def permissions
|
|
113
118
|
return [] if role.blank?
|
|
119
|
+
|
|
114
120
|
role.permissions
|
|
115
121
|
end
|
|
116
122
|
|
data/app/models/spud_role.rb
CHANGED
|
@@ -14,14 +14,9 @@ class SpudRole < ActiveRecord::Base
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def permission_tags=(tags)
|
|
17
|
-
self.spud_role_permissions.
|
|
18
|
-
|
|
19
|
-
role_permission.destroy()
|
|
20
|
-
else
|
|
21
|
-
tags.delete(role_permission.permission.tag)
|
|
22
|
-
end
|
|
17
|
+
self.spud_role_permissions = tags.map do |tag|
|
|
18
|
+
SpudRolePermission.new(spud_permission_tag: tag)
|
|
23
19
|
end
|
|
24
|
-
self.spud_role_permissions += tags.collect{ |tag| SpudRolePermission.new(spud_permission_tag: tag) }
|
|
25
20
|
end
|
|
26
21
|
|
|
27
22
|
def permission_tags
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
<h3 class="modal-title"></h3>
|
|
50
50
|
</div>
|
|
51
51
|
<div class="modal-body">
|
|
52
|
-
<p
|
|
52
|
+
<p>...</p>
|
|
53
53
|
</div>
|
|
54
54
|
<div class="modal-footer modal-footer-default">
|
|
55
55
|
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
|
|
@@ -79,7 +79,7 @@ class Spud::ModuleGenerator < ::Rails::Generators::Base
|
|
|
79
79
|
resources :#{module_name_formatted}
|
|
80
80
|
end
|
|
81
81
|
resources :#{module_name_formatted}, :only => [:index, :show]
|
|
82
|
-
RUBY
|
|
82
|
+
RUBY
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
def create_specs
|
|
@@ -136,7 +136,7 @@ RUBY
|
|
|
136
136
|
inject_into_file "app/models/#{module_name.singularize.underscore}.rb", after: "ApplicationRecord\n" do <<-RUBY
|
|
137
137
|
scope :ordered, -> { order(#{sort_field}: :desc) }
|
|
138
138
|
scope :search, ->(term) { where('#{search_field} LIKE ?', "%\#{term}%") }
|
|
139
|
-
RUBY
|
|
139
|
+
RUBY
|
|
140
140
|
end
|
|
141
141
|
end
|
|
142
142
|
|
|
@@ -156,7 +156,7 @@ RUBY
|
|
|
156
156
|
|
|
157
157
|
validates #{string_attrs_as_symbols}, :length => {:maximum => 255}
|
|
158
158
|
|
|
159
|
-
|
|
159
|
+
RUBY
|
|
160
160
|
end
|
|
161
161
|
end
|
|
162
162
|
end
|
|
@@ -38,6 +38,7 @@ module TbCore
|
|
|
38
38
|
elsif !current_user.can_view_app?(@page_application)
|
|
39
39
|
raise AccessDeniedError.new(item: 'module', template: '/layouts/admin/error_page')
|
|
40
40
|
end
|
|
41
|
+
|
|
41
42
|
@page_thumbnail = @page_application[:thumbnail]
|
|
42
43
|
@page_name = determine_page_name(page_title || @page_application[:name], action_name)
|
|
43
44
|
end
|
data/lib/tb_core/version.rb
CHANGED
|
@@ -19,7 +19,7 @@ RSpec.describe Admin::ApplicationController, type: :controller do
|
|
|
19
19
|
it 'should respond successfully if the current user is a super admin' do
|
|
20
20
|
@user.update(super_admin: true)
|
|
21
21
|
get :index
|
|
22
|
-
expect(response).to
|
|
22
|
+
expect(response).to be_successful
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
it 'should respond successfully if the current user has admin permissions' do
|
|
@@ -28,7 +28,7 @@ RSpec.describe Admin::ApplicationController, type: :controller do
|
|
|
28
28
|
@user.role = @role
|
|
29
29
|
@user.save
|
|
30
30
|
get :index
|
|
31
|
-
expect(response).to
|
|
31
|
+
expect(response).to be_successful
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it 'should redirect to the login if the current user is not logged in' do
|
|
@@ -8,7 +8,7 @@ describe Admin::PasswordResetsController, type: :controller do
|
|
|
8
8
|
describe 'index' do
|
|
9
9
|
it 'should return success' do
|
|
10
10
|
get :index
|
|
11
|
-
expect(response).to
|
|
11
|
+
expect(response).to be_successful
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ describe Admin::PasswordResetsController, type: :controller do
|
|
|
17
17
|
it 'should render the edit form' do
|
|
18
18
|
allow(SpudUser).to receive(:find_using_perishable_token).and_return(user)
|
|
19
19
|
get :show, params: { id: 1 }
|
|
20
|
-
expect(response).to
|
|
20
|
+
expect(response).to be_successful
|
|
21
21
|
end
|
|
22
22
|
end
|
|
23
23
|
|
|
@@ -39,7 +39,7 @@ describe Admin::UsersController, type: :controller do
|
|
|
39
39
|
SpudUserSession.create(u)
|
|
40
40
|
get :index
|
|
41
41
|
|
|
42
|
-
expect(response).to
|
|
42
|
+
expect(response).to be_successful
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
it 'should not allow access to users without a role,
|
|
@@ -82,14 +82,14 @@ describe Admin::UsersController, type: :controller do
|
|
|
82
82
|
it 'should respond successfully' do
|
|
83
83
|
user = FactoryBot.create(:spud_user)
|
|
84
84
|
get :show, params: { id: user.id }
|
|
85
|
-
expect(response).to
|
|
85
|
+
expect(response).to be_successful
|
|
86
86
|
end
|
|
87
87
|
end
|
|
88
88
|
|
|
89
89
|
describe 'new' do
|
|
90
90
|
it 'should render the form' do
|
|
91
91
|
get :new, format: :html
|
|
92
|
-
expect(response).to
|
|
92
|
+
expect(response).to be_successful
|
|
93
93
|
end
|
|
94
94
|
end
|
|
95
95
|
|
|
@@ -4,5 +4,4 @@
|
|
|
4
4
|
# If you change this key, all old signed cookies will become invalid!
|
|
5
5
|
# Make sure the secret is at least 30 characters and all random,
|
|
6
6
|
# no regular words or you'll be exposed to dictionary attacks.
|
|
7
|
-
Dummy::Application.config.secret_token = 'f89bbe176924c011473e15af21c4e8b72c3fd12f887f26014c24ea32e1e3d2bf0250a671a30232047d5c5431e67c7361aca07b10d847405b99fce4543589e117'
|
|
8
7
|
Dummy::Application.config.secret_key_base = 'b43711419c807b9c9efe9365dd79f87ebe31e9f72e1aa6744c1ecac68aace664c0a3a4f791d92bd2fa324fce1d6d09701a54b88453f131b7c460eeb9c530bd72'
|
|
@@ -24,8 +24,8 @@ FactoryBot.define do
|
|
|
24
24
|
last_name { FactoryBot.generate(:last_name) }
|
|
25
25
|
login { FactoryBot.generate(:login) }
|
|
26
26
|
email { FactoryBot.generate(:email) }
|
|
27
|
-
password 'password'
|
|
28
|
-
password_confirmation 'password'
|
|
27
|
+
password { 'password' }
|
|
28
|
+
password_confirmation { 'password' }
|
|
29
29
|
single_access_token { FactoryBot.generate(:single_access_token) }
|
|
30
30
|
end
|
|
31
31
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tb_core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.
|
|
4
|
+
version: 1.4.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Greg Woods
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-07-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: authlogic
|
|
@@ -17,6 +17,9 @@ dependencies:
|
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: 3.4.3
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: '5.0'
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -24,6 +27,9 @@ dependencies:
|
|
|
24
27
|
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: 3.4.3
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '5.0'
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: bootstrap-sass
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|