wcc-auth 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/omniauth/strategies/watermark.rb +1 -0
- data/lib/wcc/auth/version.rb +1 -1
- metadata +36 -32
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 18b674d08200f15499cccd1b8d1fd99916d7c744
|
|
4
|
+
data.tar.gz: 18eda6bc05124affbc80279597935104589edb41
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cf2801c9dc386cffa8535ad5b91dac36362bd5e30126a36bee4259955a0ac289534156a55dd59b796333848107f831421f3cf2a6e4ebce3c18a3a9a0d2e507df
|
|
7
|
+
data.tar.gz: '09706c0b7f3a3a891f28b8005671436d4f5090c2fbc52890158e4f407f655e45f085193922063cd872824ccafd2941fde50bae9af8d49fc98cc565241d86d409'
|
data/README.md
CHANGED
|
@@ -8,6 +8,8 @@ any Ruby project. Currently, the only tested path is Rails with Devise.
|
|
|
8
8
|
|
|
9
9
|
## Installation
|
|
10
10
|
|
|
11
|
+
**NOTE: `v0.6.0` has been updated for use with Rails 5.1 and requires Ruby 2.2 or greater.**
|
|
12
|
+
|
|
11
13
|
Add this line to your application's Gemfile:
|
|
12
14
|
|
|
13
15
|
```ruby
|
|
@@ -107,6 +109,12 @@ class Ability < WCC::Auth::TieredAbility
|
|
|
107
109
|
end
|
|
108
110
|
```
|
|
109
111
|
|
|
112
|
+
## Notes
|
|
113
|
+
|
|
114
|
+
#### Sign out links
|
|
115
|
+
|
|
116
|
+
If your project is using `TurboLinks`, you'll need to disable it for the sign out link(s). Otherwise, it will cause your app to enter an infinite redirect loop.
|
|
117
|
+
|
|
110
118
|
## Contributing
|
|
111
119
|
|
|
112
120
|
1. Fork it
|
|
@@ -19,6 +19,7 @@ class OmniAuth::Strategies::Watermark < OmniAuth::Strategies::OAuth2
|
|
|
19
19
|
last_name: raw_info["last_name"],
|
|
20
20
|
access_level_id: raw_info["access_level_id"],
|
|
21
21
|
arena_id: raw_info["arena_id"],
|
|
22
|
+
rock_id: raw_info["rock_id"],
|
|
22
23
|
applications: raw_info["applications"]
|
|
23
24
|
}
|
|
24
25
|
end
|
data/lib/wcc/auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wcc-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Watermark Dev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cancancan
|
|
@@ -166,36 +166,40 @@ summary: '# WCC::Auth Provides the necessary tools for handling authentication
|
|
|
166
166
|
Watermark''s OAuth provider as well as authorizing the user has access to specific
|
|
167
167
|
features within the application. There are special hooks for Rails apps using Devise,
|
|
168
168
|
but the primitive structures could be used on any Ruby project. Currently, the only
|
|
169
|
-
tested path is Rails with Devise. ## Installation
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
an
|
|
177
|
-
|
|
178
|
-
= ''app-client-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
do |user| can :manage, :all
|
|
169
|
+
tested path is Rails with Devise. ## Installation **NOTE: `v0.6.0` has been updated
|
|
170
|
+
for use with Rails 5.1 and requires Ruby 2.2 or greater.** Add this line to your
|
|
171
|
+
application''s Gemfile: ```ruby gem ''wcc-auth'', ''~> 0.3.2'' ``` If you are
|
|
172
|
+
using a Rails app with Devise you can use a special require hook that will setup
|
|
173
|
+
all the Devise specific configuration for you. ```ruby gem ''wcc-auth'', ''~> 0.3.2'',
|
|
174
|
+
require: ''wcc/auth/devise'' ``` ## Configuration There are a few steps to setup
|
|
175
|
+
your app. These instructions are specific to a Rails app. #### Add the configuration
|
|
176
|
+
block to an initializer In order to configure the gem you must run the `WCC::Auth.setup`
|
|
177
|
+
block. See below for an example: ```ruby WCC::Auth.setup do |config| config.app_name
|
|
178
|
+
= "app-name" config.environment = Rails.env config.app_id = ''app-client-id-from-oauth-provider''
|
|
179
|
+
config.app_secret = ''app-client-secret-from-oauth-provider'' end ``` #### Setup
|
|
180
|
+
your controllers ```ruby # Add this include to your ApplicationController class
|
|
181
|
+
ApplicationController < ActionController::Base include WCC::Auth::ControllerHelpers
|
|
182
|
+
end ``` #### Setup your user model ```ruby class User < ActiveRecord::Base include
|
|
183
|
+
WCC::Auth::Providers::ActiveRecord devise :omniauthable # ... end ``` #### Setup
|
|
184
|
+
authorization (optional) If you would like to use the `TieredAbility` class included
|
|
185
|
+
with `WCC::Auth` just create an Ability class that extends the `WCC::Auth::TieredAbility`
|
|
186
|
+
class. The authenticated user will include an info variables called `access_level_id`.
|
|
187
|
+
This corresponds to a `WCC::Auth::AccessLevel`. The access levels are broken down
|
|
188
|
+
into 5 tiers with the following rules: * **No access** -- This is the default level
|
|
189
|
+
* **Basic** -- This is provides read-only access * **Contribute** -- Read-write
|
|
190
|
+
for only data the user owns * **Manage** -- Read-write for other''s data * **App
|
|
191
|
+
Admin** -- Can change app configuration * **System Admin** -- Has full access to
|
|
192
|
+
all features always Each tier inherits all priveleges of the lower tiers. The rules
|
|
193
|
+
here are guidelines for the app to follow. It is ultimately up to the client application
|
|
194
|
+
to decide what each of these tiers means for it. Do your best to adhere to these
|
|
195
|
+
rules. Here is an example Ability class using the DSL provided by `WCC::Auth`. ```ruby
|
|
196
|
+
class Ability < WCC::Auth::TieredAbility at_level(:contribute) do |user| can :read,
|
|
197
|
+
Person can :manage, Task, created_by_id: user.id can :manage, Comment, created_by_id:
|
|
198
|
+
user.id cannot :destroy, Task end at_level(:appadmin) do |user| can :manage, :all
|
|
199
|
+
cannot :create, TaskGroup end at_level(:sysadmin) do |user| can :manage, :all
|
|
200
|
+
end end ``` ## Notes #### Sign out links If your project is using `TurboLinks`,
|
|
201
|
+
you''ll need to disable it for the sign out link(s). Otherwise, it will cause your
|
|
202
|
+
app to enter an infinite redirect loop. ## Contributing 1. Fork it 2. Create your
|
|
199
203
|
feature branch (`git checkout -b my-new-feature`) 3. Commit your changes (`git commit
|
|
200
204
|
-am ''Add some feature''`) 4. Push to the branch (`git push origin my-new-feature`)
|
|
201
205
|
5. Create new Pull Request'
|