thecore_auth_commons 0 → 2.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e94769e7d262d850b7c5531f9bebe433fe00dd934d9b593264605bd92c153d0d
-  data.tar.gz: e37f8a876f911fb9cf40723d5bda436125829de14fc85b91816e12dc56be2768
+  metadata.gz: 61ed8fcc4bce9d24788eba743ea4380956af397fe082b2b1f4a1e77bb032931c
+  data.tar.gz: 741d82ad26067fd57749b76cc935c162ad1706d7f3ca1eaead3a8994877ded7c
 SHA512:
-  metadata.gz: f28ae34cec6fbe45be080c1b1da3d2b346bafd5c4cc1bc2d33830351e94d0207d34e710768405ad97c36f3653c457d2d214fee32a451d93bd59054d97bd7fcf4
-  data.tar.gz: e6fea2a4ddcd36efaae3e0867ad2d673d9412e71df1fd1088ec1cb4161dcbc1d034d6b326baf43ac33e4f908d986d082e7bc934e124775a972ce65284046a2d8
+  metadata.gz: 235c4579bf07af34e3ebed23b28e2c1830047496de62ab04c4bcda0d68a7f65881305945ec72512e6d5f05385b988af1d02f773b9726d867d58bfe9f9909c287
+  data.tar.gz: ad249f078467efad19281d836a871b703ef345e93aa182bb3e507403ebfb6486cc8aac83da10182da19136393a71bfc4e58b3cde1696a68a4b338084f9615de5

data/app/models/ability.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+require 'abilities/thecore_auth_commons'
 
 class Ability
   include CanCan::Ability
@@ -40,10 +41,5 @@ class Ability
         self.merge const.new(user) if const.is_a? Class
       end
     end
-    # Overrides from the database defined permissions
-    ::Permission.joins(roles: :users).where(users: {id: user.id}).order(:id).each do |permission|
-      # E.g. can :manage, :all
-      self.send(permission.predicate.name.to_sym, permission.action.name.to_sym, (permission.target.name.classify.constantize rescue permission.target.name.to_sym))
-    end
   end
 end

data/app/models/role.rb

@@ -4,10 +4,8 @@ class Role < ApplicationRecord
     # REFERENCES
     has_many :role_users, dependent: :destroy, inverse_of: :role
     has_many :users, through: :role_users, inverse_of: :roles
-    has_many :permission_roles, dependent: :destroy, inverse_of: :role
-    has_many :permissions, through: :permission_roles, inverse_of: :roles
     
     def display_name
-        (I18n.t name.parameterize.underscore, default: name.titleize rescue nil)
+        I18n.t name.parameterize.underscore, default: name.titleize
     end
 end

data/app/models/user.rb

@@ -2,8 +2,6 @@ class User < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
   devise :database_authenticatable
-  devise :trackable
-  devise :validatable
   # TODO: If it works, these must be added to another gem one which deal 
   # more with sessions
   # devise :database_authenticatable
@@ -23,25 +21,17 @@ class User < ApplicationRecord
     # Don't want admin == false if the current user is the only admin
     record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
   end
-  validates_each :locked do |record, attr, value|
-    # Don't want locked == true if the current user is the only admin
-    record.errors.add(attr, I18n.t("validation.errors.cannot_lock_last_admin")) if record.locked_changed? && record.locked_was == false && User.where(locked: false).count == 1
-  end
-  
+
   def display_name
     email
   end
-  
+
   def has_role? role
-    roles.include? role.to_s
-  end
-  
-  def authenticate password
-    self&.valid_password?(password) ? self : nil
+    roles.include? role
   end
-  
+
   protected
-  
+
   def check_password_and_confirmation_equal
     errors.add(:password, I18n.t("validation.errors.password_and_confirm_must_be_the_same")) unless password == password_confirmation
   end

data/config/initializers/after_initialize_thecore_auth_commons.rb

@@ -1,6 +1,3 @@
-require 'thecore_auth_commons_actioncontroller_concerns'
-
-# App Config
 Rails.application.configure do
     config.after_initialize do
         # In development be sure to load all the namespaces

data/config/locales/devise.en.yml

@@ -0,0 +1,65 @@
+# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
+
+en:
+  devise:
+    confirmations:
+      confirmed: "Your email address has been successfully confirmed."
+      send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
+      send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
+    failure:
+      already_authenticated: "You are already signed in."
+      inactive: "Your account is not activated yet."
+      invalid: "Invalid %{authentication_keys} or password."
+      locked: "Your account is locked."
+      last_attempt: "You have one more attempt before your account is locked."
+      not_found_in_database: "Invalid %{authentication_keys} or password."
+      timeout: "Your session expired. Please sign in again to continue."
+      unauthenticated: "You need to sign in or sign up before continuing."
+      unconfirmed: "You have to confirm your email address before continuing."
+    mailer:
+      confirmation_instructions:
+        subject: "Confirmation instructions"
+      reset_password_instructions:
+        subject: "Reset password instructions"
+      unlock_instructions:
+        subject: "Unlock instructions"
+      email_changed:
+        subject: "Email Changed"
+      password_change:
+        subject: "Password Changed"
+    omniauth_callbacks:
+      failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
+      success: "Successfully authenticated from %{kind} account."
+    passwords:
+      no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
+      send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
+      send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
+      updated: "Your password has been changed successfully. You are now signed in."
+      updated_not_active: "Your password has been changed successfully."
+    registrations:
+      destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
+      signed_up: "Welcome! You have signed up successfully."
+      signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
+      signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
+      signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
+      update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
+      updated: "Your account has been updated successfully."
+      updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
+    sessions:
+      signed_in: "Signed in successfully."
+      signed_out: "Signed out successfully."
+      already_signed_out: "Signed out successfully."
+    unlocks:
+      send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
+      send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
+      unlocked: "Your account has been unlocked successfully. Please sign in to continue."
+  errors:
+    messages:
+      already_confirmed: "was already confirmed, please try signing in"
+      confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
+      expired: "has expired, please request a new one"
+      not_found: "not found"
+      not_locked: "was not locked"
+      not_saved:
+        one: "1 error prohibited this %{resource} from being saved:"
+        other: "%{count} errors prohibited this %{resource} from being saved:"

data/db/migrate/20200306143408_create_users.rb

@@ -14,12 +14,12 @@ class CreateUsers < ActiveRecord::Migration[6.0]
       ## Rememberable
       # t.datetime :remember_created_at
 
-      # Trackable
-      t.integer  :sign_in_count, default: 0, null: false
-      t.datetime :current_sign_in_at
-      t.datetime :last_sign_in_at
-      t.string   :current_sign_in_ip
-      t.string   :last_sign_in_ip
+      ## Trackable
+      # t.integer  :sign_in_count, default: 0, null: false
+      # t.datetime :current_sign_in_at
+      # t.datetime :last_sign_in_at
+      # t.string   :current_sign_in_ip
+      # t.string   :last_sign_in_ip
 
       ## Confirmable
       # t.string   :confirmation_token
@@ -34,7 +34,7 @@ class CreateUsers < ActiveRecord::Migration[6.0]
 
 
       # Uncomment below if timestamps were not included in your original model.
-      t.timestamps null: false
+      # t.timestamps null: false
     end
 
     add_index :users, :email,                unique: true

data/db/migrate/20200306151541_add_first_admin_user.rb

@@ -1,43 +1,4 @@
 class AddFirstAdminUser < ActiveRecord::Migration[6.0]
-  class User < ApplicationRecord
-    # Include default devise modules. Others available are:
-    # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
-    devise :database_authenticatable, :trackable, :validatable
-    # TODO: If it works, these must be added to another gem one which deal 
-    # more with sessions
-    # devise :database_authenticatable
-    # devise :rememberable
-    # devise :trackable
-    # devise :validatable
-    # devise :timeoutable, timeout_in: 30.minutes 
-    # REFERENCES
-    has_many :role_users, dependent: :destroy, inverse_of: :user
-    has_many :roles, through: :role_users, inverse_of: :users
-    # VALIDATIONS
-    validates :email, uniqueness: { case_sensitive: false }, presence: true, format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i }
-    validates :password, presence: true, on: :create
-    validates :password_confirmation, presence: true, on: :create
-    validate :check_password_and_confirmation_equal
-    validates_each :admin do |record, attr, value|
-      # Don't want admin == false if the current user is the only admin
-      record.errors.add(attr, I18n.t("validation.errors.cannot_unadmin_last_admin")) if record.admin_changed? && record.admin_was == true && User.where(admin: true).count == 1
-    end
-  
-    def display_name
-      email
-    end
-  
-    def has_role? role
-      roles.include? role
-    end
-  
-    protected
-  
-    def check_password_and_confirmation_equal
-      errors.add(:password, I18n.t("validation.errors.password_and_confirm_must_be_the_same")) unless password == password_confirmation
-    end
-  end
-
   def up
     email = "admin@example.com"
     User.reset_column_information

data/lib/thecore_auth_commons/version.rb

@@ -1,3 +1,3 @@
 module ThecoreAuthCommons
-  VERSION = "#{`git describe --tags $(git rev-list --tags --max-count=1)`}"
+  VERSION = '2.1.5'.freeze
 end

data/lib/thecore_auth_commons.rb

@@ -1,9 +1,7 @@
+require "thecore_auth_commons/engine"
+
 require 'devise'
 require 'cancancan'
-require 'kaminari'
-require 'abilities/thecore_auth_commons'
-
-require "thecore_auth_commons/engine"
 
 module ThecoreAuthCommons
   # Your code goes here...

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: thecore_auth_commons
 version: !ruby/object:Gem::Version
-  version: '0'
+  version: 2.1.5
 platform: ruby
 authors:
-- Gabriele Tassoni
+- ''
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-16 00:00:00.000000000 Z
+date: 2020-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -58,34 +58,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
-- !ruby/object:Gem::Dependency
-  name: kaminari
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '0'
 description: Provides common User and Role models to attach Authentication and Authorization
   via your preferred gem.
 email:
@@ -98,19 +84,12 @@ files:
 - README.md
 - Rakefile
 - app/models/ability.rb
-- app/models/action.rb
-- app/models/permission.rb
-- app/models/permission_role.rb
-- app/models/predicate.rb
 - app/models/role.rb
 - app/models/role_user.rb
-- app/models/target.rb
 - app/models/user.rb
 - config/initializers/after_initialize_thecore_auth_commons.rb
 - config/initializers/devise.rb
-- config/locales/en.activerecord.yml
-- config/locales/it.activerecord.yml
-- config/locales/it.permissions.yml
+- config/locales/devise.en.yml
 - config/routes.rb
 - db/migrate/20200306143408_create_users.rb
 - db/migrate/20200306151046_add_admin_field_to_user.rb
@@ -119,14 +98,11 @@ files:
 - db/migrate/20200306152816_create_role_users.rb
 - db/migrate/20200306153125_add_lock_version_to_user.rb
 - db/migrate/20200306153136_add_lock_version_to_role.rb
-- db/migrate/20200516215346_add_locked_to_user.rb
-- db/migrate/20200518082821_create_permissions.rb
 - lib/abilities/thecore_auth_commons.rb
 - lib/tasks/thecore_auth_commons_tasks.rake
 - lib/thecore_auth_commons.rb
 - lib/thecore_auth_commons/engine.rb
 - lib/thecore_auth_commons/version.rb
-- lib/thecore_auth_commons_actioncontroller_concerns.rb
 homepage: https://github.com/gabrieletassoni/thecore_auth_commons
 licenses:
 - MIT
@@ -147,7 +123,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Common Auth methods and models to be used in thecore components.

data/app/models/action.rb

@@ -1,3 +0,0 @@
-class Action < ApplicationRecord
-    has_many :permissions, dependent: :destroy, inverse_of: :action
-end

data/app/models/permission.rb

@@ -1,20 +0,0 @@
-class Permission < ApplicationRecord
-    # REFERENCES
-    has_many :permission_roles, dependent: :destroy, inverse_of: :permission
-    has_many :roles, through: :permission_roles, inverse_of: :permissions
-    belongs_to :predicate, inverse_of: :permissions
-    belongs_to :action, inverse_of: :permissions
-    belongs_to :target, inverse_of: :permissions
-
-    # VALIDATIONS
-    validates :predicate_id, presence: true, uniqueness: {scope: [:action_id, :target_id]}
-    validates :action_id, presence: true
-    validates :target_id, presence: true
-
-    def display_name
-        p = (I18n.t "permissions.predicates.#{predicate.name}", default: predicate.name.titleize rescue nil)
-        a = (I18n.t "permissions.actions.#{action.name}", default: action.name.titleize rescue nil)
-        m = (I18n.t "activerecord.models.#{target.name}", default: target.name.titleize rescue nil)
-        [ p, a, m ].join(" ")
-    end
-end

data/app/models/permission_role.rb

@@ -1,4 +0,0 @@
-class PermissionRole < ApplicationRecord
-  belongs_to :role, inverse_of: :permission_roles
-  belongs_to :permission, inverse_of: :permission_roles
-end

data/app/models/predicate.rb

@@ -1,3 +0,0 @@
-class Predicate < ApplicationRecord
-    has_many :permissions, dependent: :destroy, inverse_of: :predicate
-end

data/app/models/target.rb

@@ -1,3 +0,0 @@
-class Target < ApplicationRecord
-    has_many :permissions, dependent: :destroy, inverse_of: :target
-end

data/config/locales/en.activerecord.yml

@@ -1,11 +0,0 @@
-en:
-  activerecord:
-    models:
-      user:
-        one: User
-        other: Users
-    descriptions:
-      user: Section to manage users.
-      role: Section to manage Roles
-      permission: Section to manage Permissions
-    

data/config/locales/it.activerecord.yml

@@ -1,36 +0,0 @@
-it:
-  activerecord:
-    models:
-      user:
-        one: Utente
-        other: Utenti
-      role:
-        one: Ruolo
-        other: Ruoli
-      permission:
-        one: Permesso
-        other: Permessi
-    attributes:
-      user:
-        email: E-Mail
-        username: Nome Utente
-        code: Codice
-        roles: Ruoli
-        admin: Amministratore?
-        created_at: Data di Creazione
-        locked: Bloccato?
-        third_party: Ente Terzo?
-        password: Password
-        password_confirmation: Conferma Password
-      role:
-        users: Utenti
-        name: Nome
-        permissions: Permessi
-      permission:
-        predicate: Predicato
-        action: Azione
-        model: Modello
-    descriptions:
-      user: In questa sezione dell'applicazione potete cercare nella lista degli utenti in diversi modi usando i filtri o ordinare la lista secondo diversi campi.
-      role: In questa sezione si possono creare dei ruoli da usare nell'RBAC gestito dai file abilities, per definire le autorizzazioni CRUD e non solo.
-      permission: Il predicato definisce se è un permesso di poter fare o non fare, l'azione è il tipo definisce cosa si possa fare o non fare, mentre il modello definisce su chi.

data/config/locales/it.permissions.yml

@@ -1,10 +0,0 @@
-it:
-    permissions:
-        predicates:
-            can: Può
-            cannot: Non può
-        actions:
-            manage: Gestire
-            read: Leggere
-            update: Modificare
-            destroy: Eliminare

data/db/migrate/20200516215346_add_locked_to_user.rb

@@ -1,5 +0,0 @@
-class AddLockedToUser < ActiveRecord::Migration[6.0]
-  def change
-    add_column :users, :locked, :boolean, null: false, default: false
-  end
-end

data/db/migrate/20200518082821_create_permissions.rb

@@ -1,48 +0,0 @@
-class CreatePermissions < ActiveRecord::Migration[6.0]
-  def change
-    @values = {
-      predicates: %i[can cannot],
-      actions: %i[manage create read update destroy],
-      targets: ApplicationRecord.subclasses.map {|d| d.to_s.underscore}.to_a.unshift(:all)
-    }
-
-    def create_and_fill table
-      create_table table do |t|
-        t.string :name
-        t.bigint :lock_version
-
-        t.timestamps
-      end
-      add_index table, :name, unique: true
-      model = table.to_s.classify.constantize
-      model.reset_column_information
-      model.upsert_all @values[table].map { |p| {name: p, created_at: Time.now, updated_at: Time.now} }, unique_by: [:name]
-    end
-
-    # Predicates
-    create_and_fill :predicates
-    
-    # Actions
-    create_and_fill :actions
-    
-    # Targets
-    create_and_fill :targets
-
-    create_table :permissions do |t|
-      t.references :predicate, null: false, foreign_key: true
-      t.references :action, null: false, foreign_key: true
-      t.references :target, null: false, foreign_key: true
-      t.bigint :lock_version
-
-      t.timestamps
-    end
-    # Association table
-    create_table :permission_roles do |t|
-      t.references :role, null: false, foreign_key: true
-      t.references :permission, null: false, foreign_key: true
-      t.bigint :lock_version
-
-      t.timestamps
-    end
-  end
-end

data/lib/thecore_auth_commons_actioncontroller_concerns.rb

@@ -1,7 +0,0 @@
-module ThecoreAuthCommonsActioncontrollerConcerns
-    extend ActiveSupport::Concern
-    
-    included do
-        include HttpAcceptLanguage::AutoLocale
-    end
-end