wcc-auth 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/omniauth/strategies/watermark.rb +1 -0
- data/lib/wcc/auth/version.rb +1 -1
- metadata +36 -32
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 18b674d08200f15499cccd1b8d1fd99916d7c744
|
|
4
|
+
data.tar.gz: 18eda6bc05124affbc80279597935104589edb41
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cf2801c9dc386cffa8535ad5b91dac36362bd5e30126a36bee4259955a0ac289534156a55dd59b796333848107f831421f3cf2a6e4ebce3c18a3a9a0d2e507df
|
|
7
|
+
data.tar.gz: '09706c0b7f3a3a891f28b8005671436d4f5090c2fbc52890158e4f407f655e45f085193922063cd872824ccafd2941fde50bae9af8d49fc98cc565241d86d409'
|
data/README.md
CHANGED
|
@@ -8,6 +8,8 @@ any Ruby project. Currently, the only tested path is Rails with Devise.
|
|
|
8
8
|
|
|
9
9
|
## Installation
|
|
10
10
|
|
|
11
|
+
**NOTE: `v0.6.0` has been updated for use with Rails 5.1 and requires Ruby 2.2 or greater.**
|
|
12
|
+
|
|
11
13
|
Add this line to your application's Gemfile:
|
|
12
14
|
|
|
13
15
|
```ruby
|
|
@@ -107,6 +109,12 @@ class Ability < WCC::Auth::TieredAbility
|
|
|
107
109
|
end
|
|
108
110
|
```
|
|
109
111
|
|
|
112
|
+
## Notes
|
|
113
|
+
|
|
114
|
+
#### Sign out links
|
|
115
|
+
|
|
116
|
+
If your project is using `TurboLinks`, you'll need to disable it for the sign out link(s). Otherwise, it will cause your app to enter an infinite redirect loop.
|
|
117
|
+
|
|
110
118
|
## Contributing
|
|
111
119
|
|
|
112
120
|
1. Fork it
|
|
@@ -19,6 +19,7 @@ class OmniAuth::Strategies::Watermark < OmniAuth::Strategies::OAuth2
|
|
|
19
19
|
last_name: raw_info["last_name"],
|
|
20
20
|
access_level_id: raw_info["access_level_id"],
|
|
21
21
|
arena_id: raw_info["arena_id"],
|
|
22
|
+
rock_id: raw_info["rock_id"],
|
|
22
23
|
applications: raw_info["applications"]
|
|
23
24
|
}
|
|
24
25
|
end
|
data/lib/wcc/auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wcc-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Watermark Dev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cancancan
|
|
@@ -166,36 +166,40 @@ summary: '# WCC::Auth Provides the necessary tools for handling authentication
|
|
|
166
166
|
Watermark''s OAuth provider as well as authorizing the user has access to specific
|
|
167
167
|
features within the application. There are special hooks for Rails apps using Devise,
|
|
168
168
|
but the primitive structures could be used on any Ruby project. Currently, the only
|
|
169
|
-
tested path is Rails with Devise. ## Installation
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
an
|
|
177
|
-
|
|
178
|
-
= ''app-client-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
do |user| can :manage, :all
|
|
169
|
+
tested path is Rails with Devise. ## Installation **NOTE: `v0.6.0` has been updated
|
|
170
|
+
for use with Rails 5.1 and requires Ruby 2.2 or greater.** Add this line to your
|
|
171
|
+
application''s Gemfile: ```ruby gem ''wcc-auth'', ''~> 0.3.2'' ``` If you are
|
|
172
|
+
using a Rails app with Devise you can use a special require hook that will setup
|
|
173
|
+
all the Devise specific configuration for you. ```ruby gem ''wcc-auth'', ''~> 0.3.2'',
|
|
174
|
+
require: ''wcc/auth/devise'' ``` ## Configuration There are a few steps to setup
|
|
175
|
+
your app. These instructions are specific to a Rails app. #### Add the configuration
|
|
176
|
+
block to an initializer In order to configure the gem you must run the `WCC::Auth.setup`
|
|
177
|
+
block. See below for an example: ```ruby WCC::Auth.setup do |config| config.app_name
|
|
178
|
+
= "app-name" config.environment = Rails.env config.app_id = ''app-client-id-from-oauth-provider''
|
|
179
|
+
config.app_secret = ''app-client-secret-from-oauth-provider'' end ``` #### Setup
|
|
180
|
+
your controllers ```ruby # Add this include to your ApplicationController class
|
|
181
|
+
ApplicationController < ActionController::Base include WCC::Auth::ControllerHelpers
|
|
182
|
+
end ``` #### Setup your user model ```ruby class User < ActiveRecord::Base include
|
|
183
|
+
WCC::Auth::Providers::ActiveRecord devise :omniauthable # ... end ``` #### Setup
|
|
184
|
+
authorization (optional) If you would like to use the `TieredAbility` class included
|
|
185
|
+
with `WCC::Auth` just create an Ability class that extends the `WCC::Auth::TieredAbility`
|
|
186
|
+
class. The authenticated user will include an info variables called `access_level_id`.
|
|
187
|
+
This corresponds to a `WCC::Auth::AccessLevel`. The access levels are broken down
|
|
188
|
+
into 5 tiers with the following rules: * **No access** -- This is the default level
|
|
189
|
+
* **Basic** -- This is provides read-only access * **Contribute** -- Read-write
|
|
190
|
+
for only data the user owns * **Manage** -- Read-write for other''s data * **App
|
|
191
|
+
Admin** -- Can change app configuration * **System Admin** -- Has full access to
|
|
192
|
+
all features always Each tier inherits all priveleges of the lower tiers. The rules
|
|
193
|
+
here are guidelines for the app to follow. It is ultimately up to the client application
|
|
194
|
+
to decide what each of these tiers means for it. Do your best to adhere to these
|
|
195
|
+
rules. Here is an example Ability class using the DSL provided by `WCC::Auth`. ```ruby
|
|
196
|
+
class Ability < WCC::Auth::TieredAbility at_level(:contribute) do |user| can :read,
|
|
197
|
+
Person can :manage, Task, created_by_id: user.id can :manage, Comment, created_by_id:
|
|
198
|
+
user.id cannot :destroy, Task end at_level(:appadmin) do |user| can :manage, :all
|
|
199
|
+
cannot :create, TaskGroup end at_level(:sysadmin) do |user| can :manage, :all
|
|
200
|
+
end end ``` ## Notes #### Sign out links If your project is using `TurboLinks`,
|
|
201
|
+
you''ll need to disable it for the sign out link(s). Otherwise, it will cause your
|
|
202
|
+
app to enter an infinite redirect loop. ## Contributing 1. Fork it 2. Create your
|
|
199
203
|
feature branch (`git checkout -b my-new-feature`) 3. Commit your changes (`git commit
|
|
200
204
|
-am ''Add some feature''`) 4. Push to the branch (`git push origin my-new-feature`)
|
|
201
205
|
5. Create new Pull Request'
|