aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove broken codehellekin2020-10-061-6/+0
|
* Ensure SSO return host is correct in productionhellekin2020-10-061-1/+1
|
* [deploy] Restore ActionMailer since it breaks during deploy...hellekin2020-10-061-3/+3
|
* Add code for deploymenthellekin2020-10-062-5/+28
|
* Fix URLhellekin2020-10-061-1/+1
|
* [SECURITY] Update Ruby to v2.6.6 (take two)hellekin2020-10-062-2/+2
|
* [SECURITY] Update Ruby to v2.6.6hellekin2020-10-061-1/+1
| | | | | | | CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix) CVE-2020-10933: Heap exposure vulnerability in the socket library https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-6-6-released/
* First pass at something visiblehellekin2020-10-0623-14/+347
| | | | This is a first version of the application, to go beyond simple authentication.
* Extract Role check to a background jobhellekin2020-10-062-9/+57
| | | | | | | When using SSO, the Discourse sends a list of the user groups. We take the opportunity to update Agency information for the user. This is performed as a background job, as it involves networked requests to the Discourse, e.g., to verify group ownership...
* Add instance methodshellekin2020-10-061-0/+10
| | | | | | | The Agency class can `grant` and `revoke` roles for a given Agent and User. Since it is primarily used in context of both an Agent and User, we add convenience methods so that one can grant or revoke a role simply by passing the desired role to the instance.
* Add Talk API Keyshellekin2020-10-061-1/+1
| | | | | | Rails.application.credentials.talk_api_key is the key for user interaction Rails.application.credentials.talk_api_admin is the username to use for administration Rails.application.credentials.talk_api_admin_key is the admin API key
* Ensure only one Agent exists for a given grouphellekin2020-10-061-0/+1
|
* Use Discourse API gemhellekin2020-10-062-0/+12
| | | | | | We use the DiscourseApi::Client to interact with https://talk.incommon.cc discourse_api: https://meta.discourse.org/t/using-the-discourse-api-ruby-gem/17587
* Add Authentication logichellekin2020-10-058-1/+133
| | | | | | | | | | | The ApplicationController provides a `current_user` method (and helper) to access the authenticated user (if any). The WelcomeController provides minimal logic to authenticate against DiscourseSSO. Current state is that one can login and logout. Views need a lot of work.
* Add Agent and Agency modelshellekin2020-10-055-1/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since IN COMMON is about collective management of data we're using the concept of Agent to describe a group of users acting together. In ActivityPub terms, Agent will be the Actor when manipulating data, so that any individual User (or application) member of this Agent will be able to manipulate data on behalf of this Agent. Therefore a User has many Agencies, and an Agent as well: the Agency model allows not only to create a joint table between Agents and Users, but also to manage User roles within the related Agent. Roles are defined as: - observer: one who can read and review or flag data - editor: one who create or edit data - maintainer: one who can edit data and manage maps - leader: one who can manage roles A User may have zero or more roles in an Agent. A User without a Agency record for a specific Agent will only be able to 'observe' public data from this Agent. (Note that this is not currently specified, but matches existing reflection on Agents) https://doc.incommon.cc/#agents
* Configure Discourse SSOhellekin2020-10-057-1/+37
| | | | | | | | We're creating a minimal User model that will be filled from SSO. We also configure Inflections so we can use SSO instead of Sso which looks weird for a module named after an acronym. Use Discourse as SSO: https://meta.discourse.org/t/using-discourse-as-a-sso-provider/32974
* Use pry and bitfieldshellekin2020-10-052-0/+16
| | | | | | | | | | | | | Pry is a great console enhancement for development. You can navigate through code and object with `cd` and `ls`, or use `show-method foo` to see how it's written... Bitfields allow to store multiple flags in an efficient integer. It will be used to keep track of a User's roles within an Agent. Pry: https://pry.github.io/ Pry-Rails: https://github.com/rweng/pry-rails Bitfields: https://github.com/grosser/bitfields
* Add Discourse SSO codehellekin2020-10-055-1/+119
|
* Create database setuphellekin2020-10-052-0/+23
|
* rails new incommon-map -d postgresql -C -Thellekin2020-10-0575-0/+9208