Commit 9ad23ae1aad9e2e491df879ac500561e107b3edd
Committed by
Antonio Terceiro
Antonio Terceiro
1 parent
48441fef
Exists in
master
and in
29 other branches
Add remote_user plugin
Signed-off-by: Arthur Del Esposte <arthurmde@gmail.com> Signed-off-by: David Carlos <ddavidcarlos1392@gmail.com> Signed-off-by: Gustavo Jaruga <darksshades@gmail.com> Signed-off-by: Parley Martins <parley@outlook.com>
Showing
3 changed files
with
173 additions
and
0 deletions
Show diff stats
| ... | ... | @@ -0,0 +1,46 @@ |
| 1 | +README - Remote User (Remote User Plugin) | |
| 2 | +================================ | |
| 3 | + | |
| 4 | +Remote User is a plugin that allow an alternative authentication using the HTTP_REMOTE_USE | |
| 5 | + | |
| 6 | +It must be used with a reliable proxy witch is responsible to send for noosfero the HTTP_REMOTE_USER | |
| 7 | + | |
| 8 | +INSTALL | |
| 9 | +======= | |
| 10 | + | |
| 11 | +Enable Plugin | |
| 12 | +------------- | |
| 13 | + | |
| 14 | +Also, you need to enable Remote User Plugin on your Noosfero: | |
| 15 | + | |
| 16 | +cd <your_noosfero_dir> | |
| 17 | +./script/noosfero-plugins enable remote_user | |
| 18 | + | |
| 19 | +Active Plugin | |
| 20 | +------------- | |
| 21 | + | |
| 22 | +As a Noosfero administrator user, go to administrator panel: | |
| 23 | + | |
| 24 | +- Click on "Enable/disable plugins" option | |
| 25 | +- Click on "Remote User Plugin" check-box | |
| 26 | + | |
| 27 | +LICENSE | |
| 28 | +======= | |
| 29 | + | |
| 30 | +Copyright (c) The Author developers. | |
| 31 | + | |
| 32 | +See Noosfero license. | |
| 33 | + | |
| 34 | + | |
| 35 | +AUTHORS | |
| 36 | +======= | |
| 37 | + | |
| 38 | +Arthur de Moura Del Esposte (arthurmde at gmail.com) | |
| 39 | +David Carlos (ddavidcarlos1392 at gmail.com) | |
| 40 | +Gustavo Jaruga (darksshades@gmail.com) | |
| 41 | +Parley Martins (parley@outlook.com) | |
| 42 | + | |
| 43 | +ACKNOWLEDGMENTS | |
| 44 | +=============== | |
| 45 | + | |
| 46 | +The author have been supported by UnB and SPB. | ... | ... |
| ... | ... | @@ -0,0 +1,55 @@ |
| 1 | +class RemoteUserPlugin < Noosfero::Plugin | |
| 2 | + | |
| 3 | + def self.plugin_name | |
| 4 | + "Remote User Plugin" | |
| 5 | + end | |
| 6 | + | |
| 7 | + def self.plugin_description | |
| 8 | + _("A plugin that add remote user support.") | |
| 9 | + end | |
| 10 | + | |
| 11 | + def application_controller_filters | |
| 12 | + block = proc do | |
| 13 | + | |
| 14 | + begin | |
| 15 | + remote_user = request.headers["HTTP_REMOTE_USER"] | |
| 16 | + | |
| 17 | + if remote_user.nil? | |
| 18 | + if logged_in? | |
| 19 | + self.current_user.forget_me | |
| 20 | + reset_session | |
| 21 | + end | |
| 22 | + else | |
| 23 | + if !logged_in? | |
| 24 | + self.current_user = User.find_by_login(remote_user) | |
| 25 | + unless self.current_user | |
| 26 | + self.current_user = User.create!(:login => remote_user, :email => (remote_user + '@remote.user'), :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user)) | |
| 27 | + end | |
| 28 | + self.current_user.save! | |
| 29 | + else | |
| 30 | + if remote_user != self.current_user.login | |
| 31 | + self.current_user.forget_me | |
| 32 | + reset_session | |
| 33 | + | |
| 34 | + self.current_user = User.find_by_login(remote_user) | |
| 35 | + unless self.current_user | |
| 36 | + self.current_user = User.create!(:login => remote_user, :email => (remote_user + '@remote.user'), :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user)) | |
| 37 | + end | |
| 38 | + self.current_user.save! | |
| 39 | + end | |
| 40 | + end | |
| 41 | + end | |
| 42 | + rescue ActiveRecord::RecordInvalid => invalid | |
| 43 | + session[:notice] = _('Could not create the remote_user.') | |
| 44 | + render_404 | |
| 45 | + end | |
| 46 | + end | |
| 47 | + | |
| 48 | + [{ | |
| 49 | + :type => "before_filter", | |
| 50 | + :method_name => "remote_user_authentication", | |
| 51 | + :options => { }, | |
| 52 | + :block => block | |
| 53 | + }] | |
| 54 | + end | |
| 55 | +end | ... | ... |
plugins/remote_user/test/functional/remote_user_plugin_test.rb
0 → 100644
| ... | ... | @@ -0,0 +1,72 @@ |
| 1 | +require File.dirname(__FILE__) + '/../../../../test/test_helper' | |
| 2 | + | |
| 3 | +# Re-raise errors caught by the controller. | |
| 4 | +class AccountController; def rescue_action(e) raise e end; end | |
| 5 | + | |
| 6 | +class AccountControllerTest < ActionController::TestCase | |
| 7 | + def setup | |
| 8 | + @environment = Environment.default | |
| 9 | + @environment.enabled_plugins = ['RemoteUserPlugin'] | |
| 10 | + @environment.save | |
| 11 | + | |
| 12 | + @controller = AccountController.new | |
| 13 | + @request = ActionController::TestRequest.new | |
| 14 | + @response = ActionController::TestResponse.new | |
| 15 | + end | |
| 16 | + | |
| 17 | + should 'not authenticate user if there is no remote user' do | |
| 18 | + get :index | |
| 19 | + assert_nil session[:user] | |
| 20 | + end | |
| 21 | + | |
| 22 | + should 'authenticate user if its a valid remote user' do | |
| 23 | + user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test') | |
| 24 | + user.activate | |
| 25 | + @request.env["HTTP_REMOTE_USER"] = user.login | |
| 26 | + get :index | |
| 27 | + assert session[:user] | |
| 28 | + end | |
| 29 | + | |
| 30 | + should 'authenticate another user if the remote user doesnt belong to the current user' do | |
| 31 | + user1 = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test') | |
| 32 | + user1.activate | |
| 33 | + user2 = create_user('anotheruser', :email => 'anotheruser@example.com', :password => 'test', :password_confirmation => 'test') | |
| 34 | + user2.activate | |
| 35 | + | |
| 36 | + login_as user1.login | |
| 37 | + assert_equal user1.id, session[:user] | |
| 38 | + | |
| 39 | + @request.env["HTTP_REMOTE_USER"] = user2.login | |
| 40 | + get :index | |
| 41 | + | |
| 42 | + assert_equal user2.id, session[:user] | |
| 43 | + end | |
| 44 | + | |
| 45 | + should 'create a new user if the remote user does not exist' do | |
| 46 | + User.destroy_all | |
| 47 | + | |
| 48 | + assert_equal 0, User.count | |
| 49 | + | |
| 50 | + @request.env["HTTP_REMOTE_USER"] = "testuser" | |
| 51 | + get :index | |
| 52 | + | |
| 53 | + assert_equal 1, User.count | |
| 54 | + assert_equal "testuser", User.last.login | |
| 55 | + assert_equal User.last.id, session[:user] | |
| 56 | + end | |
| 57 | + | |
| 58 | + should 'create a new user even if there is a logged user but the remote user is different' do | |
| 59 | + user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test') | |
| 60 | + user.activate | |
| 61 | + | |
| 62 | + login_as user.login | |
| 63 | + | |
| 64 | + | |
| 65 | + @request.env["HTTP_REMOTE_USER"] = 'another_user' | |
| 66 | + get :index | |
| 67 | + | |
| 68 | + assert_equal 2, User.count | |
| 69 | + assert_equal "another_user", User.last.login | |
| 70 | + assert_equal User.last.id, session[:user] | |
| 71 | + end | |
| 72 | +end | ... | ... |