whimsy-asf 0.0.20 → 0.0.21

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/asf.version +1 -1
  2. data/lib/whimsy/asf/rack.rb +44 -11
  3. metadata +2 -2
data/asf.version CHANGED
@@ -1 +1 @@
1
- 0.0.20
1
+ 0.0.21
@@ -16,8 +16,43 @@ module ASF
16
16
  'gstein' => 'gs'
17
17
  }
18
18
 
19
+ # decode HTTP authorization, when present
20
+ def self.decode(env, user)
21
+ class << env; attr_accessor :user, :password; end
22
+
23
+ if env['HTTP_AUTHORIZATION']
24
+ require 'base64'
25
+ env.user, env.password = Base64.decode64(env['HTTP_AUTHORIZATION'][
26
+ /^Basic ([A-Za-z0-9+\/=]+)$/,1]).split(':',2)
27
+ else
28
+ env.user = user
29
+ end
30
+ end
31
+
19
32
  # Simply 'use' the following class in config.ru to limit access
20
- # to the application to ASF members and officers and the EA.
33
+ # to the application to ASF committers
34
+ class Committers < Rack::Auth::Basic
35
+ def initialize(app)
36
+ super(app, "ASF Members and Officers", &proc {})
37
+ end
38
+
39
+ def call(env)
40
+ authorized = ( ENV['RACK_ENV'] == 'test' )
41
+
42
+ user = env['REMOTE_USER'] ||= ENV['USER'] || Etc.getpwuid.name
43
+ authorized ||= ASF::Person.new(user)
44
+
45
+ if authorized
46
+ ASF::Auth.decode(env, user)
47
+ @app.call(env)
48
+ else
49
+ unauthorized
50
+ end
51
+ end
52
+ end
53
+
54
+ # Simply 'use' the following class in config.ru to limit access
55
+ # to the application to ASF members and officers and the accounting group.
21
56
  class MembersAndOfficers < Rack::Auth::Basic
22
57
  def initialize(app)
23
58
  super(app, "ASF Members and Officers", &proc {})
@@ -32,18 +67,16 @@ module ASF
32
67
  authorized ||= DIRECTORS[user]
33
68
  authorized ||= person.asf_member?
34
69
  authorized ||= ASF.pmc_chairs.include? person
35
- authorized ||= (user == 'ea')
36
70
 
37
- if authorized
38
- class << env; attr_accessor :user, :password; end
39
- if env['HTTP_AUTHORIZATION']
40
- require 'base64'
41
- env.user, env.password = Base64.decode64(env['HTTP_AUTHORIZATION'][
42
- /^Basic ([A-Za-z0-9+\/=]+)$/,1]).split(':',2)
43
- else
44
- env.user = user
45
- end
71
+ if not authorized
72
+ accounting = ASF::Authorization.new('pit').
73
+ find {|group, list| group=='accounting'}
74
+ authorized = (accounting and accounting.last.include? user)
75
+ authorized = false # to be removed once board concurs
76
+ end
46
77
 
78
+ if authorized
79
+ ASF::Auth.decode(env, user)
47
80
  @app.call(env)
48
81
  else
49
82
  unauthorized
metadata CHANGED
@@ -2,14 +2,14 @@
2
2
  name: whimsy-asf
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.0.20
5
+ version: 0.0.21
6
6
  platform: ruby
7
7
  authors:
8
8
  - Sam Ruby
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-04-07 00:00:00.000000000 Z
12
+ date: 2015-04-20 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  version_requirements: !ruby/object:Gem::Requirement