thecore_ui_rails_admin 3.0.5 → 3.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/config/initializers/thecore_ui_rails_admin_after_initialize.rb +2 -0
  3. data/config/initializers/{thecore_ui_rails_admin_concern.rb → thecore_ui_rails_admin_application_controller_concern.rb} +45 -48
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6827c2810fc2f7afb621c44eee97dcfb506148451544c1106313fae22c6ae09e
4
- data.tar.gz: 9b0077aa12e523f73750d09729aab4bd42ac98718127c5cbf3d074fb35fb9cfb
3
+ metadata.gz: c92dfa0ea94b25f9ddbe39304a0c10fdb716c6d4ef271353f4c84c293b1d2d6b
4
+ data.tar.gz: 0d159f770d6078ca44c6a87c479ac9a4f5e991827cf3c720f2241b4685c558ac
5
5
  SHA512:
6
- metadata.gz: 3d56845c9d9f607d9339aaf8b33251d734c76871ae18a68ae0f89997a8e4eddf8b0eb83d34351bcc63f853492a476bcf3bcf667ae5407b7ef05e58375301878f
7
- data.tar.gz: ef9636a36fecdbe119781d35629e3c29d0e9aa0db51cbe515ee4c1508e87e532502cf85865fc78dd280cc3223128e05e29bc2b0b21fe2e2689fc97dd51fe3a47
6
+ metadata.gz: 0b2f5b78a265e357b2d0f5a5a114e3880e9ec49fb8ee3ee89b83c43b49395722dfe022a7bfe600282624cc1bd209eef1a4330720729144da4a8f4728388d9d47
7
+ data.tar.gz: '095446452ed01a2ae2ade63d087ef86fa826fb9fcab71cd18f5cbe09ce4e0bdc2d8dcbd74817e4aa2509e2ecac8607f17c4d61f2b012c953db946e50308cb1c1'
data/config/initializers/thecore_ui_rails_admin_after_initialize.rb CHANGED
@@ -47,7 +47,9 @@ Rails.application.configure do
47
47
  end
48
48
  end
49
49
  end
50
+
50
51
  # include the extension
52
+ ApplicationController.send(:include, ThecoreUiRailsAdminActionControllerConcern)
51
53
  RailsAdmin::Config::Actions::Export.send(:include, ExportConcern)
52
54
  RailsAdmin::Config::Actions::BulkDelete.send(:include, BulkDeleteConcern)
53
55
  Role.send :include, ThecoreUiRailsAdminRoleConcern
data/config/initializers/{thecore_ui_rails_admin_concern.rb → thecore_ui_rails_admin_application_controller_concern.rb} RENAMED
@@ -1,12 +1,13 @@
1
1
  require 'active_support/concern'
2
2
 
3
- module ThecoreUiRailsAdminConcern
3
+ module ThecoreUiRailsAdminActionControllerConcern
4
4
  extend ActiveSupport::Concern
5
5
 
6
6
  included do
7
7
  # Prevent CSRF attacks by raising an exception.
8
8
  # For APIs, you may want to use :null_session instead.
9
9
  # layout 'thecore'
10
+ puts "Protecting from Forgery with exception and prepend"
10
11
  protect_from_forgery with: :exception, prepend: true
11
12
  rescue_from CanCan::AccessDenied do |exception|
12
13
  redirect_to main_app.root_url, alert: exception.message
@@ -25,13 +26,13 @@ module ThecoreUiRailsAdminConcern
25
26
  # Redirects on successful sign in
26
27
  def after_sign_in_path_for resource
27
28
  root_actions = RailsAdmin::Config::Actions.all(:root).select {|action| can? action.action_name, :all }.collect(&:action_name)
28
-
29
+
29
30
  # Default root action as landing page: the first to which I have authorization to read
30
31
  action = root_actions.first
31
32
  # Otherwise, if I set a Manual override for landing actions in config, I can test if I'm authorized to see it
32
33
  override_landing_page = Settings.ns(:main).after_sign_in_redirect_to_root_action
33
34
  action = override_landing_page.to_sym if !override_landing_page.blank? && root_actions.include?(override_landing_page.to_sym)
34
-
35
+
35
36
  # If I ask for a specific page, Let's try to go back there if I need to login or re-login
36
37
  # This takes precedence on automatic computed action
37
38
  stored_location = stored_location_for(resource)
@@ -99,54 +100,50 @@ module ThecoreUiRailsAdminConcern
99
100
  :password_confirmation,
100
101
  :current_password)
101
102
  }
102
- end
103
-
104
- # Auto-sign out locked users
105
- def reject_locked!
106
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB reject_locked"
107
- if !current_user.blank? && current_user.locked?
108
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is locked"
109
- sign_out current_user
110
- user_session = nil
111
- current_user = nil
112
- flash[:alert] = "Your account is locked."
113
- flash[:notice] = nil
114
- redirect_to root_url
115
- end
116
- # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is not locked = ok"
117
- end
118
-
119
-
120
- # Only permits admin users
121
- def require_admin!
122
- authenticate_user!
123
-
124
- if current_user && !current_user.admin?
125
- redirect_to inside_path
126
- end
127
- end
103
+ end
128
104
 
129
- # Its important that the location is NOT stored if:
130
- # - The request method is not GET (non idempotent)
131
- # - The request is handled by a Devise controller such as
132
- # Devise::SessionsController as that could cause an
133
- # infinite redirect loop.
134
- # - The request is an Ajax request as this can lead to very unexpected
135
- # behaviour.
136
- def storable_location?
137
- request.get? && is_navigational_format? && !devise_controller? && !request.xhr? && is_storable?
105
+ # Auto-sign out locked users
106
+ def reject_locked!
107
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB reject_locked"
108
+ if !current_user.blank? && current_user.locked?
109
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is locked"
110
+ sign_out current_user
111
+ user_session = nil
112
+ current_user = nil
113
+ flash[:alert] = "Your account is locked."
114
+ flash[:notice] = nil
115
+ redirect_to root_url
138
116
  end
117
+ # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is not locked = ok"
118
+ end
119
+
120
+
121
+ # Only permits admin users
122
+ def require_admin!
123
+ authenticate_user!
139
124
 
140
- def store_user_location!
141
- # :user is the scope we are authenticating
142
- store_location_for(:user, request.fullpath)
143
- end
144
-
145
- def is_storable?
146
- true
125
+ if current_user && !current_user.admin?
126
+ redirect_to inside_path
147
127
  end
148
128
  end
149
129
 
150
- # include the extension
151
- ActionController::Base.send(:include, ThecoreUiRailsAdminConcern)
152
-
130
+ # Its important that the location is NOT stored if:
131
+ # - The request method is not GET (non idempotent)
132
+ # - The request is handled by a Devise controller such as
133
+ # Devise::SessionsController as that could cause an
134
+ # infinite redirect loop.
135
+ # - The request is an Ajax request as this can lead to very unexpected
136
+ # behaviour.
137
+ def storable_location?
138
+ request.get? && is_navigational_format? && !devise_controller? && !request.xhr? && is_storable?
139
+ end
140
+
141
+ def store_user_location!
142
+ # :user is the scope we are authenticating
143
+ store_location_for(:user, request.fullpath)
144
+ end
145
+
146
+ def is_storable?
147
+ true
148
+ end
149
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thecore_ui_rails_admin
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.5
4
+ version: 3.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni
@@ -111,8 +111,8 @@ files:
111
111
  - config/initializers/thecore_ui_rails_admin_abilities.rb
112
112
  - config/initializers/thecore_ui_rails_admin_after_initialize.rb
113
113
  - config/initializers/thecore_ui_rails_admin_app_configs.rb
114
+ - config/initializers/thecore_ui_rails_admin_application_controller_concern.rb
114
115
  - config/initializers/thecore_ui_rails_admin_assets.rb
115
- - config/initializers/thecore_ui_rails_admin_concern.rb
116
116
  - config/initializers/thecore_ui_rails_admin_invisible_models_concern.rb
117
117
  - config/initializers/thecore_ui_rails_admin_role.rb
118
118
  - config/initializers/thecore_ui_rails_admin_settings_concern.rb