wcc-auth 0.3.3 → 0.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/wcc/auth/config.rb +27 -13
- data/lib/wcc/auth/version.rb +1 -1
- data/spec/spec_helper.rb +0 -1
- data/spec/wcc/auth/access_level_spec.rb +4 -4
- data/wcc-auth.gemspec +1 -1
- metadata +40 -41
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f10f1aef9cdf3ee3030f9773876053391acf537a
|
|
4
|
+
data.tar.gz: d1aa25a309e9648a8832f2a2042675de54a9976f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 83803f397bcb1f3d2714941f0a8e2ce085e7ca8f2eb699e0c64f801b63f05bbafcd56a42b77840fc2a74c1879215efb6c53f98849b403f418e28d5d3ef2cbce2
|
|
7
|
+
data.tar.gz: b0c2f79d95e663256c6387d1711efd6a0d85a6076abe57b5e5dd09e4490ebf93d84c581edfbec4318b9ad28164db1a4af70a400359345f62cb1108c620d6c880
|
data/lib/wcc/auth/config.rb
CHANGED
|
@@ -33,6 +33,12 @@ WCC::Auth::Config = Struct.new(:environment,
|
|
|
33
33
|
self[:app_domain_suffix] || default_app_domain_suffix
|
|
34
34
|
end
|
|
35
35
|
|
|
36
|
+
def url_for(app_name)
|
|
37
|
+
return ENV["#{app_name.to_s.upcase}_URL"] if ENV["#{app_name.to_s.upcase}_URL"]
|
|
38
|
+
|
|
39
|
+
"#{app_url_protocol_for(environment)}://#{app_name}#{app_domain_suffix_for(environment)}"
|
|
40
|
+
end
|
|
41
|
+
|
|
36
42
|
def nucleus_url
|
|
37
43
|
return ENV['NUCLEUS_URL'] if ENV['NUCLEUS_URL']
|
|
38
44
|
|
|
@@ -46,13 +52,18 @@ WCC::Auth::Config = Struct.new(:environment,
|
|
|
46
52
|
end
|
|
47
53
|
end
|
|
48
54
|
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
55
|
+
def app_domain_suffix_for(environment)
|
|
56
|
+
case environment.to_sym
|
|
57
|
+
when :production
|
|
58
|
+
".watermark.org"
|
|
59
|
+
when :staging
|
|
60
|
+
".staging.watermark.org"
|
|
61
|
+
when :development
|
|
62
|
+
".dev"
|
|
63
|
+
end
|
|
53
64
|
end
|
|
54
65
|
|
|
55
|
-
def
|
|
66
|
+
def app_url_protocol_for(environment)
|
|
56
67
|
case environment.to_sym
|
|
57
68
|
when :production
|
|
58
69
|
"https"
|
|
@@ -61,15 +72,18 @@ WCC::Auth::Config = Struct.new(:environment,
|
|
|
61
72
|
end
|
|
62
73
|
end
|
|
63
74
|
|
|
75
|
+
private
|
|
76
|
+
|
|
77
|
+
def default_app_url
|
|
78
|
+
"#{app_url_protocol}://#{app_name}#{app_domain_suffix}"
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def default_app_url_protocol
|
|
82
|
+
app_url_protocol_for(environment)
|
|
83
|
+
end
|
|
84
|
+
|
|
64
85
|
def default_app_domain_suffix
|
|
65
|
-
|
|
66
|
-
when :production
|
|
67
|
-
".watermark.org"
|
|
68
|
-
when :staging
|
|
69
|
-
".staging.watermark.org"
|
|
70
|
-
when :development
|
|
71
|
-
".dev"
|
|
72
|
-
end
|
|
86
|
+
app_domain_suffix_for(environment)
|
|
73
87
|
end
|
|
74
88
|
|
|
75
89
|
def default_authorize_site
|
data/lib/wcc/auth/version.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
|
@@ -33,7 +33,7 @@ describe WCC::Auth::AccessLevel do
|
|
|
33
33
|
it "returns array of records as listed in db argument" do
|
|
34
34
|
levels = subject.all(test_db)
|
|
35
35
|
expect(levels.count).to eq(2)
|
|
36
|
-
expect(levels.all? { |level| level.kind_of?(klass) }).to
|
|
36
|
+
expect(levels.all? { |level| level.kind_of?(klass) }).to be_truthy
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
it "returns objects in level order" do
|
|
@@ -55,9 +55,9 @@ describe WCC::Auth::AccessLevel do
|
|
|
55
55
|
b = klass.new
|
|
56
56
|
a.level = 1
|
|
57
57
|
b.level = 2
|
|
58
|
-
expect(a < b).to
|
|
59
|
-
expect(b == a).to
|
|
60
|
-
expect(b < a).to
|
|
58
|
+
expect(a < b).to be_truthy
|
|
59
|
+
expect(b == a).to be_falsey
|
|
60
|
+
expect(b < a).to be_falsey
|
|
61
61
|
end
|
|
62
62
|
end
|
|
63
63
|
|
data/wcc-auth.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wcc-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Travis Petticrew
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-11-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cancancan
|
|
@@ -98,16 +98,16 @@ dependencies:
|
|
|
98
98
|
name: rspec
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
100
100
|
requirements:
|
|
101
|
-
- - "
|
|
101
|
+
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: '
|
|
103
|
+
version: '3.3'
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
|
-
- - "
|
|
108
|
+
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: '
|
|
110
|
+
version: '3.3'
|
|
111
111
|
description: Authentication / Authorization library for Watermark apps
|
|
112
112
|
email:
|
|
113
113
|
- tpetticrew@watermark.org
|
|
@@ -161,44 +161,43 @@ rubyforge_project:
|
|
|
161
161
|
rubygems_version: 2.4.2
|
|
162
162
|
signing_key:
|
|
163
163
|
specification_version: 4
|
|
164
|
-
summary:
|
|
165
|
-
Watermark's OAuth provider as well as authorizing the user has access to specific
|
|
164
|
+
summary: '# WCC::Auth Provides the necessary tools for handling authentication through
|
|
165
|
+
Watermark''s OAuth provider as well as authorizing the user has access to specific
|
|
166
166
|
features within the application. There are special hooks for Rails apps using Devise,
|
|
167
167
|
but the primitive structures could be used on any Ruby project. Currently, the only
|
|
168
|
-
tested path is Rails with Devise. ## Installation Add this line to your application's
|
|
169
|
-
Gemfile: ```ruby gem 'wcc-auth', '~> 0.3.2' ``` If you are using a Rails app
|
|
170
|
-
Devise you can use a special require hook that will setup all the Devise specific
|
|
171
|
-
configuration for you. ```ruby gem 'wcc-auth', '~> 0.3.2', require: 'wcc/auth/devise'
|
|
168
|
+
tested path is Rails with Devise. ## Installation Add this line to your application''s
|
|
169
|
+
Gemfile: ```ruby gem ''wcc-auth'', ''~> 0.3.2'' ``` If you are using a Rails app
|
|
170
|
+
with Devise you can use a special require hook that will setup all the Devise specific
|
|
171
|
+
configuration for you. ```ruby gem ''wcc-auth'', ''~> 0.3.2'', require: ''wcc/auth/devise''
|
|
172
172
|
``` ## Configuration There are a few steps to setup your app. These instructions
|
|
173
|
-
are specific to a Rails app. #### Add the configuration block to an initializer
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
for
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
can :manage, :all
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
Create new Pull Request"
|
|
173
|
+
are specific to a Rails app. #### Add the configuration block to an initializer In
|
|
174
|
+
order to configure the gem you must run the `WCC::Auth.setup` block. See below for
|
|
175
|
+
an example: ```ruby WCC::Auth.setup do |config| config.app_name = "app-name" config.environment
|
|
176
|
+
= Rails.env config.app_id = ''app-client-id-from-oauth-provider'' config.app_secret
|
|
177
|
+
= ''app-client-secret-from-oauth-provider'' end ``` #### Setup your controllers ```ruby
|
|
178
|
+
# Add this include to your ApplicationController class ApplicationController < ActionController::Base
|
|
179
|
+
include WCC::Auth::ControllerHelpers end ``` #### Setup your user model ```ruby
|
|
180
|
+
class User < ActiveRecord::Base include WCC::Auth::Providers::ActiveRecord devise
|
|
181
|
+
:omniauthable # ... end ``` #### Setup authorization (optional) If you would
|
|
182
|
+
like to use the `TieredAbility` class included with `WCC::Auth` just create an Ability
|
|
183
|
+
class that extends the `WCC::Auth::TieredAbility` class. The authenticated user
|
|
184
|
+
will include an info variables called `access_level_id`. This corresponds to a `WCC::Auth::AccessLevel`. The
|
|
185
|
+
access levels are broken down into 5 tiers with the following rules: * **No access**
|
|
186
|
+
-- This is the default level * **Basic** -- This is provides read-only access *
|
|
187
|
+
**Contribute** -- Read-write for only data the user owns * **Manage** -- Read-write
|
|
188
|
+
for other''s data * **App Admin** -- Can change app configuration * **System Admin**
|
|
189
|
+
-- Has full access to all features always Each tier inherits all priveleges of
|
|
190
|
+
the lower tiers. The rules here are guidelines for the app to follow. It is ultimately
|
|
191
|
+
up to the client application to decide what each of these tiers means for it. Do
|
|
192
|
+
your best to adhere to these rules. Here is an example Ability class using the
|
|
193
|
+
DSL provided by `WCC::Auth`. ```ruby class Ability < WCC::Auth::TieredAbility at_level(:contribute)
|
|
194
|
+
do |user| can :read, Person can :manage, Task, created_by_id: user.id can :manage,
|
|
195
|
+
Comment, created_by_id: user.id cannot :destroy, Task end at_level(:appadmin)
|
|
196
|
+
do |user| can :manage, :all cannot :create, TaskGroup end at_level(:sysadmin)
|
|
197
|
+
do |user| can :manage, :all end end ``` ## Contributing 1. Fork it 2. Create your
|
|
198
|
+
feature branch (`git checkout -b my-new-feature`) 3. Commit your changes (`git commit
|
|
199
|
+
-am ''Add some feature''`) 4. Push to the branch (`git push origin my-new-feature`)
|
|
200
|
+
5. Create new Pull Request'
|
|
202
201
|
test_files:
|
|
203
202
|
- spec/spec_helper.rb
|
|
204
203
|
- spec/wcc/auth/access_level_spec.rb
|