thecore_ui_rails_admin 3.0.9 → 3.0.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bb00da1db8502b80a343d307bac474a1384f2bd2e48b171794931227fd89b907
-  data.tar.gz: 8e95d44ff179514d817333c8e1e4383ee6dad3a6914b25b5940c3e66284033ac
+  metadata.gz: 4bf27ee7eca3087e172ee00292bf64da89ec995b08f6d66bd4f40ff4a206b5a6
+  data.tar.gz: d54c5989b45da0031062d4e301d5e349e756d6edb0f2059b1abe767dc435ec46
 SHA512:
-  metadata.gz: e6d8ec9b9279dfeab789ded2e7c275ab04159385ff00872f818b1bd47d6330ef4adf71b5c520c9389da850ed074d9220d85b3bad1773ba49d1640f98dde95ca6
-  data.tar.gz: 3208deb20e1c0afb284b761098187fc9f3a7ce854f2b98d1c3dc23878486ebc6180d59c07ee7658f81f0802b63057d6ca920172694b910fa7a1228f67c224b02
+  metadata.gz: f148d09a4a1748828a8e16fcdd09f6d9a187a03cfb3923ca71d396e54365ae2bd75d8aa9ecc8c1cf6cd8522355af945ca9dd0dffee1ff4c91722b936786e5681
+  data.tar.gz: b3edfd4c67221520f5aff672dd9d5c3147eeef47c14e9dc48d944dce7de521c75774e9d530052a1c206d3ef7495714560cd737a87168f28bcf4e96a006091c1a

data/config/initializers/thecore_ui_rails_admin_after_initialize.rb

@@ -4,17 +4,15 @@ Rails.application.configure do
         RailsAdmin::Config.sidescroll = { num_frozen_columns: 2 }
 
         RailsAdmin::Config.main_app_name = Proc.new { |controller| [ ((ENV["APP_NAME"].presence || Settings.app_name.presence) rescue "Thecore"), "" ] }
-        # Link for background Job
-        # (config.navigation_static_links ||= {}).merge! "Background Monitor" => "#{ENV["BACKEND_URL"].presence || "http://localhost:3000"}/sidekiq"
 
-        ### Popular gems integration
-        ## == Devise ==
-        RailsAdmin::Config.authenticate_with { warden.authenticate! scope: :user }
+        # ### Popular gems integration
+        # # ## == Devise ==
+        # RailsAdmin::Config.authenticate_with { warden.authenticate! scope: :user }
         
-        RailsAdmin::Config.current_user_method(&:current_user)
+        # RailsAdmin::Config.current_user_method(&:current_user)
 
-        ## == Cancan ==
-        RailsAdmin::Config.authorize_with :cancancan
+        # # ## == Cancan ==
+        # RailsAdmin::Config.authorize_with :cancancan
 
         ## == PaperTrail ==
         # config.audit_with :paper_trail, 'User', 'PaperTrail::Version' # PaperTrail >= 3.0.0

data/config/initializers/thecore_ui_rails_admin_application_controller_concern.rb

@@ -2,13 +2,15 @@ require 'active_support/concern'
 
 module ThecoreUiRailsAdminActionControllerConcern
   extend ActiveSupport::Concern
-  
+
   included do
     # Prevent CSRF attacks by raising an exception.
     # For APIs, you may want to use :null_session instead.
     # layout 'thecore'
-    puts "Protecting from Forgery with exception and prepend #{ENV["SECRET_KEY_BASE"]}"
-    protect_from_forgery with: :exception, prepend: true,  except: :sign_in
+    puts "Protecting from Forgery with exception and prepend"
+    # protect_from_forgery with: :reset_session
+    skip_forgery_protection
+
     rescue_from CanCan::AccessDenied do |exception| 
       redirect_to main_app.root_url, alert: exception.message 
     end
@@ -17,7 +19,6 @@ module ThecoreUiRailsAdminActionControllerConcern
     before_action :store_user_location!, if: :storable_location?
     before_action :configure_permitted_parameters, if: :devise_controller?
     before_action :reject_locked!, if: :devise_controller?
-    before_action :debug_csrf
     
     helper_method :reject_locked!
     helper_method :require_admin!
@@ -106,9 +107,9 @@ module ThecoreUiRailsAdminActionControllerConcern
     
   # Auto-sign out locked users
   def reject_locked!
-    # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB reject_locked"
+    puts "reject_locked #{current_user}"
     if !current_user.blank? && current_user.locked?
-      # Rails.logger.info "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB is locked"
+      puts " - Cleaning session"
       sign_out current_user
       user_session = nil
       current_user = nil
@@ -122,6 +123,7 @@ module ThecoreUiRailsAdminActionControllerConcern
   
   # Only permits admin users
   def require_admin!
+    puts "require_admin! #{current_user}"
     authenticate_user!
     
     if current_user && !current_user.admin?
@@ -148,9 +150,4 @@ module ThecoreUiRailsAdminActionControllerConcern
   def is_storable?
     true
   end
-
-  def debug_csrf
-    puts "CSRF: #{params["authenticity_token"]}"
-    puts "Authenticity Token #{ENV["SECRET_KEY_BASE"]}"
-  end
 end

data/config/initializers/thecore_ui_rails_admin_user_concern.rb

@@ -21,12 +21,12 @@ module ThecoreUiRailsAdminUserConcern
             end
             field :admin do
                 visible do
-                    bindings[:view].current_user.admin? && bindings[:view].current_user.id != bindings[:object].id
+                    bindings[:view].current_user.admin? && bindings[:view].current_user.id != bindings[:object].id rescue false
                 end
             end
             field :locked do
                 visible do
-                    bindings[:view].current_user.admin? && bindings[:view].current_user.id != bindings[:object].id
+                    bindings[:view].current_user.admin? && bindings[:view].current_user.id != bindings[:object].id rescue false
                 end
             end
             field :roles#, :selectize

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: thecore_ui_rails_admin
 version: !ruby/object:Gem::Version
-  version: 3.0.9
+  version: 3.0.11
 platform: ruby
 authors:
 - Gabriele Tassoni