thecore_auth_commons 2.3.0 → 2.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/models/user.rb +10 -1
- data/db/migrate/20200518082821_create_permissions.rb +20 -21
- data/db/migrate/20210415154152_add_access_token_to_user.rb +5 -0
- data/db/seeds.rb +27 -0
- data/lib/tasks/thecore_auth_commons_tasks.rake +10 -0
- data/lib/thecore_auth_commons.rb +9 -0
- data/lib/thecore_auth_commons/engine.rb +5 -0
- metadata +7 -12
- data/db/migrate/20200306151541_add_first_admin_user.rb +0 -60
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 82192c45c694161639f30330e90570d71caa1e768cf294deb07fbd488291ebe5
|
|
4
|
+
data.tar.gz: 0b7719cc7d0ea1658a65904fbef7fadd940d57334db04f9794168ebdc9fde61f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6e1885d41fda299bc79545e5fc038cd99478360f80c5a7d558dd217bfcc1a5d9daa1cf05eec09725959d8661795861c3380def8eec5e6b1ffce6b5b0cb09df5e
|
|
7
|
+
data.tar.gz: 962787a67397861a5849b440f5df1a67adaa50e534de7ff58e5af50740b2b099b387bfa2e1f1d8fb3fd33aa94c67f6e56257fe2ab110763b131e882d24a47e95
|
data/app/models/user.rb
CHANGED
|
@@ -10,7 +10,15 @@ class User < ApplicationRecord
|
|
|
10
10
|
# devise :rememberable
|
|
11
11
|
# devise :trackable
|
|
12
12
|
# devise :validatable
|
|
13
|
-
# devise :timeoutable, timeout_in: 30.minutes
|
|
13
|
+
# devise :timeoutable, timeout_in: 30.minutes
|
|
14
|
+
|
|
15
|
+
before_validation on: :create do
|
|
16
|
+
# If the generated uuid is not already present, then create the user with the proposed uuid
|
|
17
|
+
# Otherwise, try to generate another one
|
|
18
|
+
begin
|
|
19
|
+
self.access_token = SecureRandom.uuid #urlsafe_base64(32)
|
|
20
|
+
end while ::User.exists?(access_token: self.access_token)
|
|
21
|
+
end
|
|
14
22
|
# REFERENCES
|
|
15
23
|
has_many :role_users, dependent: :destroy, inverse_of: :user
|
|
16
24
|
has_many :roles, through: :role_users, inverse_of: :users
|
|
@@ -19,6 +27,7 @@ class User < ApplicationRecord
|
|
|
19
27
|
validates :password, presence: true, on: :create
|
|
20
28
|
validates :password_confirmation, presence: true, on: :create
|
|
21
29
|
validate :check_password_and_confirmation_equal
|
|
30
|
+
validates :access_token, uniqueness: true
|
|
22
31
|
validates_each :admin do |record, attr, value|
|
|
23
32
|
# Don't want admin == false if the current user is the only admin
|
|
24
33
|
record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
|
|
@@ -1,32 +1,31 @@
|
|
|
1
1
|
class CreatePermissions < ActiveRecord::Migration[6.0]
|
|
2
2
|
def change
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
def create_and_fill table
|
|
10
|
-
create_table table do |t|
|
|
11
|
-
t.string :name
|
|
12
|
-
t.bigint :lock_version
|
|
3
|
+
# Predicates
|
|
4
|
+
create_table :predicates do |t|
|
|
5
|
+
t.string :name
|
|
6
|
+
t.bigint :lock_version
|
|
13
7
|
|
|
14
|
-
|
|
15
|
-
end
|
|
16
|
-
add_index table, :name, unique: true
|
|
17
|
-
model = table.to_s.classify.constantize
|
|
18
|
-
model.reset_column_information
|
|
19
|
-
model.upsert_all @values[table].map { |p| {name: p, created_at: Time.now, updated_at: Time.now} }, unique_by: [:name]
|
|
8
|
+
t.timestamps
|
|
20
9
|
end
|
|
21
|
-
|
|
22
|
-
# Predicates
|
|
23
|
-
create_and_fill :predicates
|
|
10
|
+
add_index :predicates, :name, unique: true
|
|
24
11
|
|
|
25
12
|
# Actions
|
|
26
|
-
|
|
13
|
+
create_table :actions do |t|
|
|
14
|
+
t.string :name
|
|
15
|
+
t.bigint :lock_version
|
|
16
|
+
|
|
17
|
+
t.timestamps
|
|
18
|
+
end
|
|
19
|
+
add_index :actions, :name, unique: true
|
|
27
20
|
|
|
28
21
|
# Targets
|
|
29
|
-
|
|
22
|
+
create_table :targets do |t|
|
|
23
|
+
t.string :name
|
|
24
|
+
t.bigint :lock_version
|
|
25
|
+
|
|
26
|
+
t.timestamps
|
|
27
|
+
end
|
|
28
|
+
add_index :targets, :name, unique: true
|
|
30
29
|
|
|
31
30
|
create_table :permissions do |t|
|
|
32
31
|
t.references :predicate, null: false, foreign_key: true
|
data/db/seeds.rb
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
puts "Loading ThecoreAuthCommons seeds"
|
|
2
|
+
email = ENV["ADMIN_EMAIL"].presence || "admin@example.com"
|
|
3
|
+
psswd = ENV["ADMIN_PASSWORD"].presence || "changeme"
|
|
4
|
+
|
|
5
|
+
unless User.where(admin: true).exists?
|
|
6
|
+
u = User.find_or_initialize_by(email: email)
|
|
7
|
+
u.username = "Administrator"
|
|
8
|
+
u.password = u.password_confirmation = psswd
|
|
9
|
+
u.admin = true
|
|
10
|
+
u.save(validate: false)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
@values = {
|
|
14
|
+
predicates: %i[can cannot],
|
|
15
|
+
actions: %i[manage create read update destroy],
|
|
16
|
+
targets: ApplicationRecord.subclasses.map {|d| d.to_s.underscore}.to_a.unshift(:all)
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
def fill table
|
|
20
|
+
model = table.to_s.classify.constantize
|
|
21
|
+
model.reset_column_information
|
|
22
|
+
model.upsert_all @values[table].map { |p| {name: p, created_at: Time.now, updated_at: Time.now} }, unique_by: [:name]
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
fill :predicates
|
|
26
|
+
fill :actions
|
|
27
|
+
fill :targets
|
|
@@ -2,3 +2,13 @@
|
|
|
2
2
|
# task :thecore_auth_commons do
|
|
3
3
|
# # Task goes here
|
|
4
4
|
# end
|
|
5
|
+
namespace :thecore do
|
|
6
|
+
namespace :db do
|
|
7
|
+
desc "Load seeds from thecore engines seed files, it also runs rails db:seed as last action"
|
|
8
|
+
task seed: :environment do
|
|
9
|
+
Thecore::Base.thecore_engines.each { |engine| engine.send :load_seed }
|
|
10
|
+
Rake::Task["db:seed"].reenable
|
|
11
|
+
Rake::Task["db:seed"].invoke
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
data/lib/thecore_auth_commons.rb
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
module ThecoreAuthCommons
|
|
2
2
|
class Engine < ::Rails::Engine
|
|
3
|
+
# https://stackoverflow.com/questions/12161376/rails-3-2-adding-seed-tasks-from-a-mountable-engine
|
|
4
|
+
|
|
3
5
|
initializer 'thecore_auth_commons.add_to_migrations' do |app|
|
|
6
|
+
# Adds the list of Thecore Engines, so to manage seeds loading, i.e.:
|
|
7
|
+
# Thecore::Base.thecore_engines.each { |engine| engine.load_seed }
|
|
8
|
+
Thecore::Base.thecore_engines << self.class
|
|
4
9
|
unless app.root.to_s.match root.to_s
|
|
5
10
|
# APPEND TO MAIN APP MIGRATIONS FROM THIS GEM
|
|
6
11
|
config.paths['db/migrate'].expanded.each do |expanded_path|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: thecore_auth_commons
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-05-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -16,20 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 6.0
|
|
20
|
-
- - ">="
|
|
21
|
-
- !ruby/object:Gem::Version
|
|
22
|
-
version: 6.0.2.1
|
|
19
|
+
version: '6.0'
|
|
23
20
|
type: :runtime
|
|
24
21
|
prerelease: false
|
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
26
23
|
requirements:
|
|
27
24
|
- - "~>"
|
|
28
25
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 6.0
|
|
30
|
-
- - ">="
|
|
31
|
-
- !ruby/object:Gem::Version
|
|
32
|
-
version: 6.0.2.1
|
|
26
|
+
version: '6.0'
|
|
33
27
|
- !ruby/object:Gem::Dependency
|
|
34
28
|
name: devise
|
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,13 +108,14 @@ files:
|
|
|
114
108
|
- config/routes.rb
|
|
115
109
|
- db/migrate/20200306143408_create_users.rb
|
|
116
110
|
- db/migrate/20200306151046_add_admin_field_to_user.rb
|
|
117
|
-
- db/migrate/20200306151541_add_first_admin_user.rb
|
|
118
111
|
- db/migrate/20200306152740_create_roles.rb
|
|
119
112
|
- db/migrate/20200306152816_create_role_users.rb
|
|
120
113
|
- db/migrate/20200306153125_add_lock_version_to_user.rb
|
|
121
114
|
- db/migrate/20200306153136_add_lock_version_to_role.rb
|
|
122
115
|
- db/migrate/20200516215346_add_locked_to_user.rb
|
|
123
116
|
- db/migrate/20200518082821_create_permissions.rb
|
|
117
|
+
- db/migrate/20210415154152_add_access_token_to_user.rb
|
|
118
|
+
- db/seeds.rb
|
|
124
119
|
- lib/abilities/thecore_auth_commons.rb
|
|
125
120
|
- lib/tasks/thecore_auth_commons_tasks.rake
|
|
126
121
|
- lib/thecore_auth_commons.rb
|
|
@@ -147,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
147
142
|
- !ruby/object:Gem::Version
|
|
148
143
|
version: '0'
|
|
149
144
|
requirements: []
|
|
150
|
-
rubygems_version: 3.0.3
|
|
145
|
+
rubygems_version: 3.0.3.1
|
|
151
146
|
signing_key:
|
|
152
147
|
specification_version: 4
|
|
153
148
|
summary: Common Auth methods and models to be used in thecore components.
|
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
class AddFirstAdminUser < ActiveRecord::Migration[6.0]
|
|
2
|
-
class User < ApplicationRecord
|
|
3
|
-
# Include default devise modules. Others available are:
|
|
4
|
-
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
|
5
|
-
devise :database_authenticatable, :trackable, :validatable
|
|
6
|
-
# TODO: If it works, these must be added to another gem one which deal
|
|
7
|
-
# more with sessions
|
|
8
|
-
# devise :database_authenticatable
|
|
9
|
-
# devise :rememberable
|
|
10
|
-
# devise :trackable
|
|
11
|
-
# devise :validatable
|
|
12
|
-
# devise :timeoutable, timeout_in: 30.minutes
|
|
13
|
-
# REFERENCES
|
|
14
|
-
has_many :role_users, dependent: :destroy, inverse_of: :user
|
|
15
|
-
has_many :roles, through: :role_users, inverse_of: :users
|
|
16
|
-
# VALIDATIONS
|
|
17
|
-
validates :email, uniqueness: { case_sensitive: false }, presence: true, format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i }
|
|
18
|
-
validates :password, presence: true, on: :create
|
|
19
|
-
validates :password_confirmation, presence: true, on: :create
|
|
20
|
-
validate :check_password_and_confirmation_equal
|
|
21
|
-
validates_each :admin do |record, attr, value|
|
|
22
|
-
# Don't want admin == false if the current user is the only admin
|
|
23
|
-
record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def display_name
|
|
27
|
-
email
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
def has_role? role
|
|
31
|
-
roles.include? role
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
protected
|
|
35
|
-
|
|
36
|
-
def check_password_and_confirmation_equal
|
|
37
|
-
errors.add(:password, I18n.t("validation.errors.password_and_confirm_must_be_the_same")) unless password == password_confirmation
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
def up
|
|
42
|
-
email = "admin@example.com"
|
|
43
|
-
User.reset_column_information
|
|
44
|
-
u=User.find_or_initialize_by(email: email)
|
|
45
|
-
psswd = SecureRandom.hex(5)
|
|
46
|
-
u.password = psswd
|
|
47
|
-
u.password_confirmation = psswd
|
|
48
|
-
u.admin = true
|
|
49
|
-
u.save!
|
|
50
|
-
puts "\nPlease find generated initial admin password in .passwords file."
|
|
51
|
-
File.open('.passwords', 'w') do |f|
|
|
52
|
-
f.write(psswd)
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
def down
|
|
57
|
-
email = "admin@example.com"
|
|
58
|
-
User.find_by(email: email).destroy
|
|
59
|
-
end
|
|
60
|
-
end
|