thecore_auth_commons 2.3.0 → 2.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/models/user.rb +10 -1
- data/db/migrate/20200518082821_create_permissions.rb +20 -21
- data/db/migrate/20210415154152_add_access_token_to_user.rb +5 -0
- data/db/seeds.rb +27 -0
- data/lib/tasks/thecore_auth_commons_tasks.rake +10 -0
- data/lib/thecore_auth_commons.rb +9 -0
- data/lib/thecore_auth_commons/engine.rb +5 -0
- metadata +7 -12
- data/db/migrate/20200306151541_add_first_admin_user.rb +0 -60
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 82192c45c694161639f30330e90570d71caa1e768cf294deb07fbd488291ebe5
|
4
|
+
data.tar.gz: 0b7719cc7d0ea1658a65904fbef7fadd940d57334db04f9794168ebdc9fde61f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6e1885d41fda299bc79545e5fc038cd99478360f80c5a7d558dd217bfcc1a5d9daa1cf05eec09725959d8661795861c3380def8eec5e6b1ffce6b5b0cb09df5e
|
7
|
+
data.tar.gz: 962787a67397861a5849b440f5df1a67adaa50e534de7ff58e5af50740b2b099b387bfa2e1f1d8fb3fd33aa94c67f6e56257fe2ab110763b131e882d24a47e95
|
data/app/models/user.rb
CHANGED
@@ -10,7 +10,15 @@ class User < ApplicationRecord
|
|
10
10
|
# devise :rememberable
|
11
11
|
# devise :trackable
|
12
12
|
# devise :validatable
|
13
|
-
# devise :timeoutable, timeout_in: 30.minutes
|
13
|
+
# devise :timeoutable, timeout_in: 30.minutes
|
14
|
+
|
15
|
+
before_validation on: :create do
|
16
|
+
# If the generated uuid is not already present, then create the user with the proposed uuid
|
17
|
+
# Otherwise, try to generate another one
|
18
|
+
begin
|
19
|
+
self.access_token = SecureRandom.uuid #urlsafe_base64(32)
|
20
|
+
end while ::User.exists?(access_token: self.access_token)
|
21
|
+
end
|
14
22
|
# REFERENCES
|
15
23
|
has_many :role_users, dependent: :destroy, inverse_of: :user
|
16
24
|
has_many :roles, through: :role_users, inverse_of: :users
|
@@ -19,6 +27,7 @@ class User < ApplicationRecord
|
|
19
27
|
validates :password, presence: true, on: :create
|
20
28
|
validates :password_confirmation, presence: true, on: :create
|
21
29
|
validate :check_password_and_confirmation_equal
|
30
|
+
validates :access_token, uniqueness: true
|
22
31
|
validates_each :admin do |record, attr, value|
|
23
32
|
# Don't want admin == false if the current user is the only admin
|
24
33
|
record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
|
@@ -1,32 +1,31 @@
|
|
1
1
|
class CreatePermissions < ActiveRecord::Migration[6.0]
|
2
2
|
def change
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
}
|
8
|
-
|
9
|
-
def create_and_fill table
|
10
|
-
create_table table do |t|
|
11
|
-
t.string :name
|
12
|
-
t.bigint :lock_version
|
3
|
+
# Predicates
|
4
|
+
create_table :predicates do |t|
|
5
|
+
t.string :name
|
6
|
+
t.bigint :lock_version
|
13
7
|
|
14
|
-
|
15
|
-
end
|
16
|
-
add_index table, :name, unique: true
|
17
|
-
model = table.to_s.classify.constantize
|
18
|
-
model.reset_column_information
|
19
|
-
model.upsert_all @values[table].map { |p| {name: p, created_at: Time.now, updated_at: Time.now} }, unique_by: [:name]
|
8
|
+
t.timestamps
|
20
9
|
end
|
21
|
-
|
22
|
-
# Predicates
|
23
|
-
create_and_fill :predicates
|
10
|
+
add_index :predicates, :name, unique: true
|
24
11
|
|
25
12
|
# Actions
|
26
|
-
|
13
|
+
create_table :actions do |t|
|
14
|
+
t.string :name
|
15
|
+
t.bigint :lock_version
|
16
|
+
|
17
|
+
t.timestamps
|
18
|
+
end
|
19
|
+
add_index :actions, :name, unique: true
|
27
20
|
|
28
21
|
# Targets
|
29
|
-
|
22
|
+
create_table :targets do |t|
|
23
|
+
t.string :name
|
24
|
+
t.bigint :lock_version
|
25
|
+
|
26
|
+
t.timestamps
|
27
|
+
end
|
28
|
+
add_index :targets, :name, unique: true
|
30
29
|
|
31
30
|
create_table :permissions do |t|
|
32
31
|
t.references :predicate, null: false, foreign_key: true
|
data/db/seeds.rb
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
puts "Loading ThecoreAuthCommons seeds"
|
2
|
+
email = ENV["ADMIN_EMAIL"].presence || "admin@example.com"
|
3
|
+
psswd = ENV["ADMIN_PASSWORD"].presence || "changeme"
|
4
|
+
|
5
|
+
unless User.where(admin: true).exists?
|
6
|
+
u = User.find_or_initialize_by(email: email)
|
7
|
+
u.username = "Administrator"
|
8
|
+
u.password = u.password_confirmation = psswd
|
9
|
+
u.admin = true
|
10
|
+
u.save(validate: false)
|
11
|
+
end
|
12
|
+
|
13
|
+
@values = {
|
14
|
+
predicates: %i[can cannot],
|
15
|
+
actions: %i[manage create read update destroy],
|
16
|
+
targets: ApplicationRecord.subclasses.map {|d| d.to_s.underscore}.to_a.unshift(:all)
|
17
|
+
}
|
18
|
+
|
19
|
+
def fill table
|
20
|
+
model = table.to_s.classify.constantize
|
21
|
+
model.reset_column_information
|
22
|
+
model.upsert_all @values[table].map { |p| {name: p, created_at: Time.now, updated_at: Time.now} }, unique_by: [:name]
|
23
|
+
end
|
24
|
+
|
25
|
+
fill :predicates
|
26
|
+
fill :actions
|
27
|
+
fill :targets
|
@@ -2,3 +2,13 @@
|
|
2
2
|
# task :thecore_auth_commons do
|
3
3
|
# # Task goes here
|
4
4
|
# end
|
5
|
+
namespace :thecore do
|
6
|
+
namespace :db do
|
7
|
+
desc "Load seeds from thecore engines seed files, it also runs rails db:seed as last action"
|
8
|
+
task seed: :environment do
|
9
|
+
Thecore::Base.thecore_engines.each { |engine| engine.send :load_seed }
|
10
|
+
Rake::Task["db:seed"].reenable
|
11
|
+
Rake::Task["db:seed"].invoke
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
data/lib/thecore_auth_commons.rb
CHANGED
@@ -1,6 +1,11 @@
|
|
1
1
|
module ThecoreAuthCommons
|
2
2
|
class Engine < ::Rails::Engine
|
3
|
+
# https://stackoverflow.com/questions/12161376/rails-3-2-adding-seed-tasks-from-a-mountable-engine
|
4
|
+
|
3
5
|
initializer 'thecore_auth_commons.add_to_migrations' do |app|
|
6
|
+
# Adds the list of Thecore Engines, so to manage seeds loading, i.e.:
|
7
|
+
# Thecore::Base.thecore_engines.each { |engine| engine.load_seed }
|
8
|
+
Thecore::Base.thecore_engines << self.class
|
4
9
|
unless app.root.to_s.match root.to_s
|
5
10
|
# APPEND TO MAIN APP MIGRATIONS FROM THIS GEM
|
6
11
|
config.paths['db/migrate'].expanded.each do |expanded_path|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: thecore_auth_commons
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.3.
|
4
|
+
version: 2.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Gabriele Tassoni
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-05-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -16,20 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 6.0
|
20
|
-
- - ">="
|
21
|
-
- !ruby/object:Gem::Version
|
22
|
-
version: 6.0.2.1
|
19
|
+
version: '6.0'
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
24
|
- - "~>"
|
28
25
|
- !ruby/object:Gem::Version
|
29
|
-
version: 6.0
|
30
|
-
- - ">="
|
31
|
-
- !ruby/object:Gem::Version
|
32
|
-
version: 6.0.2.1
|
26
|
+
version: '6.0'
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: devise
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,13 +108,14 @@ files:
|
|
114
108
|
- config/routes.rb
|
115
109
|
- db/migrate/20200306143408_create_users.rb
|
116
110
|
- db/migrate/20200306151046_add_admin_field_to_user.rb
|
117
|
-
- db/migrate/20200306151541_add_first_admin_user.rb
|
118
111
|
- db/migrate/20200306152740_create_roles.rb
|
119
112
|
- db/migrate/20200306152816_create_role_users.rb
|
120
113
|
- db/migrate/20200306153125_add_lock_version_to_user.rb
|
121
114
|
- db/migrate/20200306153136_add_lock_version_to_role.rb
|
122
115
|
- db/migrate/20200516215346_add_locked_to_user.rb
|
123
116
|
- db/migrate/20200518082821_create_permissions.rb
|
117
|
+
- db/migrate/20210415154152_add_access_token_to_user.rb
|
118
|
+
- db/seeds.rb
|
124
119
|
- lib/abilities/thecore_auth_commons.rb
|
125
120
|
- lib/tasks/thecore_auth_commons_tasks.rake
|
126
121
|
- lib/thecore_auth_commons.rb
|
@@ -147,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
147
142
|
- !ruby/object:Gem::Version
|
148
143
|
version: '0'
|
149
144
|
requirements: []
|
150
|
-
rubygems_version: 3.0.3
|
145
|
+
rubygems_version: 3.0.3.1
|
151
146
|
signing_key:
|
152
147
|
specification_version: 4
|
153
148
|
summary: Common Auth methods and models to be used in thecore components.
|
@@ -1,60 +0,0 @@
|
|
1
|
-
class AddFirstAdminUser < ActiveRecord::Migration[6.0]
|
2
|
-
class User < ApplicationRecord
|
3
|
-
# Include default devise modules. Others available are:
|
4
|
-
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
5
|
-
devise :database_authenticatable, :trackable, :validatable
|
6
|
-
# TODO: If it works, these must be added to another gem one which deal
|
7
|
-
# more with sessions
|
8
|
-
# devise :database_authenticatable
|
9
|
-
# devise :rememberable
|
10
|
-
# devise :trackable
|
11
|
-
# devise :validatable
|
12
|
-
# devise :timeoutable, timeout_in: 30.minutes
|
13
|
-
# REFERENCES
|
14
|
-
has_many :role_users, dependent: :destroy, inverse_of: :user
|
15
|
-
has_many :roles, through: :role_users, inverse_of: :users
|
16
|
-
# VALIDATIONS
|
17
|
-
validates :email, uniqueness: { case_sensitive: false }, presence: true, format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i }
|
18
|
-
validates :password, presence: true, on: :create
|
19
|
-
validates :password_confirmation, presence: true, on: :create
|
20
|
-
validate :check_password_and_confirmation_equal
|
21
|
-
validates_each :admin do |record, attr, value|
|
22
|
-
# Don't want admin == false if the current user is the only admin
|
23
|
-
record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
|
24
|
-
end
|
25
|
-
|
26
|
-
def display_name
|
27
|
-
email
|
28
|
-
end
|
29
|
-
|
30
|
-
def has_role? role
|
31
|
-
roles.include? role
|
32
|
-
end
|
33
|
-
|
34
|
-
protected
|
35
|
-
|
36
|
-
def check_password_and_confirmation_equal
|
37
|
-
errors.add(:password, I18n.t("validation.errors.password_and_confirm_must_be_the_same")) unless password == password_confirmation
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
def up
|
42
|
-
email = "admin@example.com"
|
43
|
-
User.reset_column_information
|
44
|
-
u=User.find_or_initialize_by(email: email)
|
45
|
-
psswd = SecureRandom.hex(5)
|
46
|
-
u.password = psswd
|
47
|
-
u.password_confirmation = psswd
|
48
|
-
u.admin = true
|
49
|
-
u.save!
|
50
|
-
puts "\nPlease find generated initial admin password in .passwords file."
|
51
|
-
File.open('.passwords', 'w') do |f|
|
52
|
-
f.write(psswd)
|
53
|
-
end
|
54
|
-
end
|
55
|
-
|
56
|
-
def down
|
57
|
-
email = "admin@example.com"
|
58
|
-
User.find_by(email: email).destroy
|
59
|
-
end
|
60
|
-
end
|