tb_core 1.4.7 → 1.4.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/admin/password_resets_controller.rb +1 -0
- data/app/controllers/concerns/tb_core/redirection.rb +1 -0
- data/app/controllers/concerns/tb_core/user_authentication.rb +5 -0
- data/app/helpers/forgot_password_mailer_helper.rb +1 -0
- data/app/models/concerns/tb_core/user_model.rb +7 -1
- data/app/models/spud_role.rb +2 -7
- data/app/views/layouts/admin/application.html.erb +1 -1
- data/lib/generators/spud/module_generator.rb +3 -3
- data/lib/generators/spud/setup_generator.rb +1 -1
- data/lib/tb_core/belongs_to_app.rb +1 -0
- data/lib/tb_core/version.rb +1 -1
- data/spec/controllers/admin/application_controller_spec.rb +2 -2
- data/spec/controllers/admin/password_reset_controller_spec.rb +2 -2
- data/spec/controllers/admin/settings_controller_spec.rb +1 -1
- data/spec/controllers/admin/setup_controller_spec.rb +1 -1
- data/spec/controllers/admin/user_sessions_controller_spec.rb +1 -1
- data/spec/controllers/admin/users_controller_spec.rb +3 -3
- data/spec/dummy/config/initializers/secret_token.rb +0 -1
- data/spec/factories/spud_admin_permission_factories.rb +1 -1
- data/spec/factories/spud_user_factories.rb +2 -2
- metadata +8 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cd6c66dcf54d5da5213a63e533eb04b5f64e726919654ece63a4565333c8a6d7
|
|
4
|
+
data.tar.gz: 224a045cc261e598c21677bcf28ee60dc82d0ea0f82392dcc9801eb86117aaf8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5dbc377a0b2723d633ff97989a57b41fd5e797247d442e14f7ad6c63ea5f3f402b82ea244d9eee072301dffbfcfb62896e5ffee978fb88c33858f4e8cb39558f
|
|
7
|
+
data.tar.gz: 4e85b15b625862b800ccb12e1490822d907ee696e6434cf7d08699ca5e0fac0412f032d2153b2d2137c66f87b7f6de10c11fc78c187496ae0bb123c0df691a2e
|
|
@@ -43,6 +43,7 @@ private
|
|
|
43
43
|
def load_user_using_perishable_token
|
|
44
44
|
@user = SpudUser.find_using_perishable_token(params[:id])
|
|
45
45
|
return if @user
|
|
46
|
+
|
|
46
47
|
flash[:notice] = "We're sorry, but we could not locate your account. " +
|
|
47
48
|
'If you are having issues try copying and pasting the URL ' +
|
|
48
49
|
'from your email into your browser or restarting the ' +
|
|
@@ -10,27 +10,32 @@ module TbCore
|
|
|
10
10
|
|
|
11
11
|
def current_user_session
|
|
12
12
|
return @current_user_session if defined?(@current_user_session)
|
|
13
|
+
|
|
13
14
|
@current_user_session = SpudUserSession.find
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def current_user
|
|
17
18
|
return @current_user if defined?(@current_user)
|
|
19
|
+
|
|
18
20
|
@current_user = current_user_session&.spud_user
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
def current_user_id
|
|
22
24
|
return 0 unless @current_user
|
|
25
|
+
|
|
23
26
|
@current_user.id
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
def require_user
|
|
27
30
|
raise UnauthorizedError.new unless current_user
|
|
31
|
+
|
|
28
32
|
true
|
|
29
33
|
end
|
|
30
34
|
|
|
31
35
|
def require_admin_user
|
|
32
36
|
raise UnauthorizedError.new unless current_user
|
|
33
37
|
raise AccessDeniedError.new unless current_user.admin_rights?
|
|
38
|
+
|
|
34
39
|
true
|
|
35
40
|
end
|
|
36
41
|
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
module ForgotPasswordMailerHelper
|
|
2
2
|
def perishable_token_link_expiration_time_text(user)
|
|
3
3
|
return if user.class.perishable_token_valid_for.blank?
|
|
4
|
+
|
|
4
5
|
expiration_time = user.updated_at + user.class.perishable_token_valid_for
|
|
5
6
|
|
|
6
7
|
"This link will expire in #{distance_of_time_in_words(Time.current, expiration_time)}."
|
|
@@ -16,7 +16,7 @@ module TbCore
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
belongs_to :role,
|
|
19
|
-
class_name: SpudRole.to_s, foreign_key: :spud_role_id,
|
|
19
|
+
class_name: SpudRole.to_s, foreign_key: :spud_role_id, optional: true
|
|
20
20
|
has_many :spud_user_settings,
|
|
21
21
|
dependent: :destroy, foreign_key: :spud_user_id
|
|
22
22
|
|
|
@@ -69,6 +69,7 @@ module TbCore
|
|
|
69
69
|
|
|
70
70
|
def full_name
|
|
71
71
|
return login if first_name.blank? && last_name.blank?
|
|
72
|
+
|
|
72
73
|
[first_name, last_name].reject(&:blank?).join(' ')
|
|
73
74
|
end
|
|
74
75
|
|
|
@@ -79,12 +80,14 @@ module TbCore
|
|
|
79
80
|
# Returns true if user can view at least one dashboard app
|
|
80
81
|
def admin_rights?
|
|
81
82
|
return true if super_admin
|
|
83
|
+
|
|
82
84
|
TbCore.admin_applications.find { |app| can_view_app?(app) }.present?
|
|
83
85
|
end
|
|
84
86
|
|
|
85
87
|
# Returns true if the user can view a spud app based on it's key
|
|
86
88
|
def can_view_app?(admin_application)
|
|
87
89
|
return true if super_admin?
|
|
90
|
+
|
|
88
91
|
key = admin_application[:key]
|
|
89
92
|
permissions.find { |p| p.apps.include?(key) }.present?
|
|
90
93
|
end
|
|
@@ -95,6 +98,7 @@ module TbCore
|
|
|
95
98
|
# * if multiple tags are supplied, return true if ALL tags match
|
|
96
99
|
def permission?(*tags)
|
|
97
100
|
return true if super_admin?
|
|
101
|
+
|
|
98
102
|
my_tags = permissions.collect(&:tag)
|
|
99
103
|
tags.find { |tag| !my_tags.include?(tag) }.blank?
|
|
100
104
|
end
|
|
@@ -105,12 +109,14 @@ module TbCore
|
|
|
105
109
|
# * if multiple tags are supplied, return true if ANY tag matches
|
|
106
110
|
def any_permission?(*tags)
|
|
107
111
|
return true if super_admin?
|
|
112
|
+
|
|
108
113
|
permissions.find { |p| tags.include?(p.tag) }.present?
|
|
109
114
|
end
|
|
110
115
|
|
|
111
116
|
# Return a list of SpudPermission objects for the user's SpudRole
|
|
112
117
|
def permissions
|
|
113
118
|
return [] if role.blank?
|
|
119
|
+
|
|
114
120
|
role.permissions
|
|
115
121
|
end
|
|
116
122
|
|
data/app/models/spud_role.rb
CHANGED
|
@@ -14,14 +14,9 @@ class SpudRole < ActiveRecord::Base
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def permission_tags=(tags)
|
|
17
|
-
self.spud_role_permissions.
|
|
18
|
-
|
|
19
|
-
role_permission.destroy()
|
|
20
|
-
else
|
|
21
|
-
tags.delete(role_permission.permission.tag)
|
|
22
|
-
end
|
|
17
|
+
self.spud_role_permissions = tags.map do |tag|
|
|
18
|
+
SpudRolePermission.new(spud_permission_tag: tag)
|
|
23
19
|
end
|
|
24
|
-
self.spud_role_permissions += tags.collect{ |tag| SpudRolePermission.new(spud_permission_tag: tag) }
|
|
25
20
|
end
|
|
26
21
|
|
|
27
22
|
def permission_tags
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
<h3 class="modal-title"></h3>
|
|
50
50
|
</div>
|
|
51
51
|
<div class="modal-body">
|
|
52
|
-
<p
|
|
52
|
+
<p>...</p>
|
|
53
53
|
</div>
|
|
54
54
|
<div class="modal-footer modal-footer-default">
|
|
55
55
|
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
|
|
@@ -79,7 +79,7 @@ class Spud::ModuleGenerator < ::Rails::Generators::Base
|
|
|
79
79
|
resources :#{module_name_formatted}
|
|
80
80
|
end
|
|
81
81
|
resources :#{module_name_formatted}, :only => [:index, :show]
|
|
82
|
-
RUBY
|
|
82
|
+
RUBY
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
def create_specs
|
|
@@ -136,7 +136,7 @@ RUBY
|
|
|
136
136
|
inject_into_file "app/models/#{module_name.singularize.underscore}.rb", after: "ApplicationRecord\n" do <<-RUBY
|
|
137
137
|
scope :ordered, -> { order(#{sort_field}: :desc) }
|
|
138
138
|
scope :search, ->(term) { where('#{search_field} LIKE ?', "%\#{term}%") }
|
|
139
|
-
RUBY
|
|
139
|
+
RUBY
|
|
140
140
|
end
|
|
141
141
|
end
|
|
142
142
|
|
|
@@ -156,7 +156,7 @@ RUBY
|
|
|
156
156
|
|
|
157
157
|
validates #{string_attrs_as_symbols}, :length => {:maximum => 255}
|
|
158
158
|
|
|
159
|
-
|
|
159
|
+
RUBY
|
|
160
160
|
end
|
|
161
161
|
end
|
|
162
162
|
end
|
|
@@ -38,6 +38,7 @@ module TbCore
|
|
|
38
38
|
elsif !current_user.can_view_app?(@page_application)
|
|
39
39
|
raise AccessDeniedError.new(item: 'module', template: '/layouts/admin/error_page')
|
|
40
40
|
end
|
|
41
|
+
|
|
41
42
|
@page_thumbnail = @page_application[:thumbnail]
|
|
42
43
|
@page_name = determine_page_name(page_title || @page_application[:name], action_name)
|
|
43
44
|
end
|
data/lib/tb_core/version.rb
CHANGED
|
@@ -19,7 +19,7 @@ RSpec.describe Admin::ApplicationController, type: :controller do
|
|
|
19
19
|
it 'should respond successfully if the current user is a super admin' do
|
|
20
20
|
@user.update(super_admin: true)
|
|
21
21
|
get :index
|
|
22
|
-
expect(response).to
|
|
22
|
+
expect(response).to be_successful
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
it 'should respond successfully if the current user has admin permissions' do
|
|
@@ -28,7 +28,7 @@ RSpec.describe Admin::ApplicationController, type: :controller do
|
|
|
28
28
|
@user.role = @role
|
|
29
29
|
@user.save
|
|
30
30
|
get :index
|
|
31
|
-
expect(response).to
|
|
31
|
+
expect(response).to be_successful
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it 'should redirect to the login if the current user is not logged in' do
|
|
@@ -8,7 +8,7 @@ describe Admin::PasswordResetsController, type: :controller do
|
|
|
8
8
|
describe 'index' do
|
|
9
9
|
it 'should return success' do
|
|
10
10
|
get :index
|
|
11
|
-
expect(response).to
|
|
11
|
+
expect(response).to be_successful
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ describe Admin::PasswordResetsController, type: :controller do
|
|
|
17
17
|
it 'should render the edit form' do
|
|
18
18
|
allow(SpudUser).to receive(:find_using_perishable_token).and_return(user)
|
|
19
19
|
get :show, params: { id: 1 }
|
|
20
|
-
expect(response).to
|
|
20
|
+
expect(response).to be_successful
|
|
21
21
|
end
|
|
22
22
|
end
|
|
23
23
|
|
|
@@ -39,7 +39,7 @@ describe Admin::UsersController, type: :controller do
|
|
|
39
39
|
SpudUserSession.create(u)
|
|
40
40
|
get :index
|
|
41
41
|
|
|
42
|
-
expect(response).to
|
|
42
|
+
expect(response).to be_successful
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
it 'should not allow access to users without a role,
|
|
@@ -82,14 +82,14 @@ describe Admin::UsersController, type: :controller do
|
|
|
82
82
|
it 'should respond successfully' do
|
|
83
83
|
user = FactoryBot.create(:spud_user)
|
|
84
84
|
get :show, params: { id: user.id }
|
|
85
|
-
expect(response).to
|
|
85
|
+
expect(response).to be_successful
|
|
86
86
|
end
|
|
87
87
|
end
|
|
88
88
|
|
|
89
89
|
describe 'new' do
|
|
90
90
|
it 'should render the form' do
|
|
91
91
|
get :new, format: :html
|
|
92
|
-
expect(response).to
|
|
92
|
+
expect(response).to be_successful
|
|
93
93
|
end
|
|
94
94
|
end
|
|
95
95
|
|
|
@@ -4,5 +4,4 @@
|
|
|
4
4
|
# If you change this key, all old signed cookies will become invalid!
|
|
5
5
|
# Make sure the secret is at least 30 characters and all random,
|
|
6
6
|
# no regular words or you'll be exposed to dictionary attacks.
|
|
7
|
-
Dummy::Application.config.secret_token = 'f89bbe176924c011473e15af21c4e8b72c3fd12f887f26014c24ea32e1e3d2bf0250a671a30232047d5c5431e67c7361aca07b10d847405b99fce4543589e117'
|
|
8
7
|
Dummy::Application.config.secret_key_base = 'b43711419c807b9c9efe9365dd79f87ebe31e9f72e1aa6744c1ecac68aace664c0a3a4f791d92bd2fa324fce1d6d09701a54b88453f131b7c460eeb9c530bd72'
|
|
@@ -24,8 +24,8 @@ FactoryBot.define do
|
|
|
24
24
|
last_name { FactoryBot.generate(:last_name) }
|
|
25
25
|
login { FactoryBot.generate(:login) }
|
|
26
26
|
email { FactoryBot.generate(:email) }
|
|
27
|
-
password 'password'
|
|
28
|
-
password_confirmation 'password'
|
|
27
|
+
password { 'password' }
|
|
28
|
+
password_confirmation { 'password' }
|
|
29
29
|
single_access_token { FactoryBot.generate(:single_access_token) }
|
|
30
30
|
end
|
|
31
31
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tb_core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.
|
|
4
|
+
version: 1.4.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Greg Woods
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-07-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: authlogic
|
|
@@ -17,6 +17,9 @@ dependencies:
|
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: 3.4.3
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: '5.0'
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -24,6 +27,9 @@ dependencies:
|
|
|
24
27
|
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: 3.4.3
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '5.0'
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: bootstrap-sass
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|