thecore_ui_rails_admin 3.0.5 → 3.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/config/initializers/thecore_ui_rails_admin_after_initialize.rb +2 -0
  3. data/config/initializers/{thecore_ui_rails_admin_concern.rb → thecore_ui_rails_admin_application_controller_concern.rb} +45 -48
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6827c2810fc2f7afb621c44eee97dcfb506148451544c1106313fae22c6ae09e
4
- data.tar.gz: 9b0077aa12e523f73750d09729aab4bd42ac98718127c5cbf3d074fb35fb9cfb
3
+ metadata.gz: c92dfa0ea94b25f9ddbe39304a0c10fdb716c6d4ef271353f4c84c293b1d2d6b
4
+ data.tar.gz: 0d159f770d6078ca44c6a87c479ac9a4f5e991827cf3c720f2241b4685c558ac
5
5
  SHA512:
6
- metadata.gz: 3d56845c9d9f607d9339aaf8b33251d734c76871ae18a68ae0f89997a8e4eddf8b0eb83d34351bcc63f853492a476bcf3bcf667ae5407b7ef05e58375301878f
7
- data.tar.gz: ef9636a36fecdbe119781d35629e3c29d0e9aa0db51cbe515ee4c1508e87e532502cf85865fc78dd280cc3223128e05e29bc2b0b21fe2e2689fc97dd51fe3a47
6
+ metadata.gz: 0b2f5b78a265e357b2d0f5a5a114e3880e9ec49fb8ee3ee89b83c43b49395722dfe022a7bfe600282624cc1bd209eef1a4330720729144da4a8f4728388d9d47
7
+ data.tar.gz: '095446452ed01a2ae2ade63d087ef86fa826fb9fcab71cd18f5cbe09ce4e0bdc2d8dcbd74817e4aa2509e2ecac8607f17c4d61f2b012c953db946e50308cb1c1'
data/config/initializers/thecore_ui_rails_admin_after_initialize.rb CHANGED
@@ -47,7 +47,9 @@ Rails.application.configure do
47
47
  end
48
48
  end
49
49
  end
50
+
50
51
  # include the extension
52
+ ApplicationController.send(:include, ThecoreUiRailsAdminActionControllerConcern)
51
53
  RailsAdmin::Config::Actions::Export.send(:include, ExportConcern)
52
54
  RailsAdmin::Config::Actions::BulkDelete.send(:include, BulkDeleteConcern)
53
55
  Role.send :include, ThecoreUiRailsAdminRoleConcern
data/config/initializers/{thecore_ui_rails_admin_concern.rb → thecore_ui_rails_admin_application_controller_concern.rb} RENAMED
@@ -1,12 +1,13 @@
1
1
  require 'active_support/concern'
2
2
 
3
- module ThecoreUiRailsAdminConcern
3
+ module ThecoreUiRailsAdminActionControllerConcern
4
4
  extend ActiveSupport::Concern
5
5
 
6
6
  included do
7
7
  # Prevent CSRF attacks by raising an exception.
8
8
  # For APIs, you may want to use :null_session instead.
9
9
  # layout 'thecore'
10
+ puts "Protecting from Forgery with exception and prepend"
10
11
  protect_from_forgery with: :exception, prepend: true
11
12
  rescue_from CanCan::AccessDenied do |exception|
12
13
  redirect_to main_app.root_url, alert: exception.message
@@ -25,13 +26,13 @@ module ThecoreUiRailsAdminConcern
25
26
  # Redirects on successful sign in
26
27
  def after_sign_in_path_for resource
27
28
  root_actions = RailsAdmin::Config::Actions.all(:root).select {|action| can? action.action_name, :all }.collect(&:action_name)
28
-
29
+
29
30
  # Default root action as landing page: the first to which I have authorization to read
30
31
  action = root_actions.first
31
32
  # Otherwise, if I set a Manual override for landing actions in config, I can test if I'm authorized to see it
32
33
  override_landing_page = Settings.ns(:main).after_sign_in_redirect_to_root_action
33
34
  action = override_landing_page.to_sym if !override_landing_page.blank? && root_actions.include?(override_landing_page.to_sym)
34
-
35
+
35
36
  # If I ask for a specific page, Let's try to go back there if I need to login or re-login
36
37
  # This takes precedence on automatic computed action
37
38
  stored_location = stored_location_for(resource)
@@ -99,54 +100,50 @@ module ThecoreUiRailsAdminConcern
99
100
  :password_confirmation,
100
101
  :current_password)
101
102
  }
102
- end
103
-
104
- # Auto-sign out locked users
105
- def reject_locked!
106
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB reject_locked"
107
- if !current_user.blank? && current_user.locked?
108
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is locked"
109
- sign_out current_user
110
- user_session = nil
111
- current_user = nil
112
- flash[:alert] = "Your account is locked."
113
- flash[:notice] = nil
114
- redirect_to root_url
115
- end
116
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is not locked = ok"
117
- end
118
-
119
-
120
- # Only permits admin users
121
- def require_admin!
122
- authenticate_user!
123
-
124
- if current_user && !current_user.admin?
125
- redirect_to inside_path
126
- end
127
- end
103
+ end
128
104
 
129
- # Its important that the location is NOT stored if:
130
- # - The request method is not GET (non idempotent)
131
- # - The request is handled by a Devise controller such as
132
- # Devise::SessionsController as that could cause an
133
- # infinite redirect loop.
134
- # - The request is an Ajax request as this can lead to very unexpected
135
- # behaviour.
136
- def storable_location?
137
- request.get? && is_navigational_format? && !devise_controller? && !request.xhr? && is_storable?
105
+ # Auto-sign out locked users
106
+ def reject_locked!
107
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB reject_locked"
108
+ if !current_user.blank? && current_user.locked?
109
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is locked"
110
+ sign_out current_user
111
+ user_session = nil
112
+ current_user = nil
113
+ flash[:alert] = "Your account is locked."
114
+ flash[:notice] = nil
115
+ redirect_to root_url
138
116
  end
117
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is not locked = ok"
118
+ end
119
+
120
+
121
+ # Only permits admin users
122
+ def require_admin!
123
+ authenticate_user!
139
124
 
140
- def store_user_location!
141
- # :user is the scope we are authenticating
142
- store_location_for(:user, request.fullpath)
143
- end
144
-
145
- def is_storable?
146
- true
125
+ if current_user && !current_user.admin?
126
+ redirect_to inside_path
147
127
  end
148
128
  end
149
129
 
150
- # include the extension
151
- ActionController::Base.send(:include, ThecoreUiRailsAdminConcern)
152
-
130
+ # Its important that the location is NOT stored if:
131
+ # - The request method is not GET (non idempotent)
132
+ # - The request is handled by a Devise controller such as
133
+ # Devise::SessionsController as that could cause an
134
+ # infinite redirect loop.
135
+ # - The request is an Ajax request as this can lead to very unexpected
136
+ # behaviour.
137
+ def storable_location?
138
+ request.get? && is_navigational_format? && !devise_controller? && !request.xhr? && is_storable?
139
+ end
140
+
141
+ def store_user_location!
142
+ # :user is the scope we are authenticating
143
+ store_location_for(:user, request.fullpath)
144
+ end
145
+
146
+ def is_storable?
147
+ true
148
+ end
149
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thecore_ui_rails_admin
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.5
4
+ version: 3.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni
@@ -111,8 +111,8 @@ files:
111
111
  - config/initializers/thecore_ui_rails_admin_abilities.rb
112
112
  - config/initializers/thecore_ui_rails_admin_after_initialize.rb
113
113
  - config/initializers/thecore_ui_rails_admin_app_configs.rb
114
+ - config/initializers/thecore_ui_rails_admin_application_controller_concern.rb
114
115
  - config/initializers/thecore_ui_rails_admin_assets.rb
115
- - config/initializers/thecore_ui_rails_admin_concern.rb
116
116
  - config/initializers/thecore_ui_rails_admin_invisible_models_concern.rb
117
117
  - config/initializers/thecore_ui_rails_admin_role.rb
118
118
  - config/initializers/thecore_ui_rails_admin_settings_concern.rb