From 558b4b3a974d1fb402481fdd94a4412de217647d Mon Sep 17 00:00:00 2001 From: Tim Kretschmer Date: Mon, 7 Oct 2024 18:18:00 +0200 Subject: [PATCH 1/6] Added http_auth support via config or ENV --- README.md | 24 ++++++++++++++++++- .../jobs/application_controller.rb | 8 +++++++ lib/mission_control/jobs.rb | 2 ++ 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a1ce03a1..42511b0a 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,29 @@ RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile ### Authentication and base controller class -By default, Mission Control's controllers will extend the host app's `ApplicationController`. If no authentication is enforced, `/jobs` will be available to everyone. You might want to implement some kind of authentication for this in your app. To make this easier, you can specify a different controller as the base class for Mission Control's controllers: +By default, Mission Control's controllers will extend the host app's `ApplicationController`. If no authentication is enforced, `/jobs` will be available to everyone. + +#### HTTP authentication + +You can set a simple HTTP authentication by either using + +```ruby +Rails.application.configure do + config.mission_control.jobs.http_auth_user = "captain" + config.mission_control.jobs.http_auth_password = "topsecret" +end +``` +or you can set it via ENV + +```shell +ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"]=captain +ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_password"]=topsecret +``` +If no value is provided (`nil`, `""` or `false`), authentication is skipped. + +#### Custom authentication + +You might want to implement your own authentication. To make this easier, you can specify a different controller as the base class for Mission Control's controllers: ```ruby Rails.application.configure do diff --git a/app/controllers/mission_control/jobs/application_controller.rb b/app/controllers/mission_control/jobs/application_controller.rb index 8b9963bb..6e3e353e 100644 --- a/app/controllers/mission_control/jobs/application_controller.rb +++ b/app/controllers/mission_control/jobs/application_controller.rb @@ -12,7 +12,15 @@ class MissionControl::Jobs::ApplicationController < MissionControl::Jobs.base_co include MissionControl::Jobs::ApplicationScoped, MissionControl::Jobs::NotFoundRedirections include MissionControl::Jobs::AdapterFeatures + before_action :http_auth + private + def http_auth + name = MissionControl::Jobs.http_auth_user.presence + password = MissionControl::Jobs.http_auth_password.presence + http_basic_authenticate_or_request_with(name:, password:) if name && password + end + def default_url_options { server_id: MissionControl::Jobs::Current.server } end diff --git a/lib/mission_control/jobs.rb b/lib/mission_control/jobs.rb index 366c2a5e..4e475900 100644 --- a/lib/mission_control/jobs.rb +++ b/lib/mission_control/jobs.rb @@ -15,6 +15,8 @@ module Jobs mattr_accessor :applications, default: MissionControl::Jobs::Applications.new mattr_accessor :base_controller_class, default: "::ApplicationController" mattr_accessor :delay_between_bulk_operation_batches, default: 0 + mattr_accessor :http_auth_user, default: ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"] + mattr_accessor :http_auth_password, default: ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"] mattr_accessor :logger, default: ActiveSupport::Logger.new(nil) mattr_accessor :internal_query_count_limit, default: 500_000 # Hard limit to keep unlimited count queries fast enough mattr_accessor :show_console_help, default: true From 6bf8b3032c0a8af8850cf190bfc18852443a9257 Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Tue, 26 Nov 2024 18:57:01 +0100 Subject: [PATCH 2/6] Tidy up attr accessors in Jobs and read HTTP auth credentials from app credentials --- lib/mission_control/jobs.rb | 16 +++++++++++----- lib/mission_control/jobs/engine.rb | 5 +++++ 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/lib/mission_control/jobs.rb b/lib/mission_control/jobs.rb index 4e475900..94e93c26 100644 --- a/lib/mission_control/jobs.rb +++ b/lib/mission_control/jobs.rb @@ -14,14 +14,20 @@ module Jobs mattr_accessor :adapters, default: Set.new mattr_accessor :applications, default: MissionControl::Jobs::Applications.new mattr_accessor :base_controller_class, default: "::ApplicationController" + + mattr_accessor :internal_query_count_limit, default: 500_000 # Hard limit to keep unlimited count queries fast enough mattr_accessor :delay_between_bulk_operation_batches, default: 0 - mattr_accessor :http_auth_user, default: ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"] - mattr_accessor :http_auth_password, default: ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"] + mattr_accessor :scheduled_job_delay_threshold, default: 1.minute + mattr_accessor :logger, default: ActiveSupport::Logger.new(nil) - mattr_accessor :internal_query_count_limit, default: 500_000 # Hard limit to keep unlimited count queries fast enough + mattr_accessor :show_console_help, default: true - mattr_accessor :scheduled_job_delay_threshold, default: 1.minute - mattr_accessor :importmap, default: Importmap::Map.new mattr_accessor :backtrace_cleaner + + mattr_accessor :importmap, default: Importmap::Map.new + + mattr_accessor :http_auth_user + mattr_accessor :http_auth_password + mattr_accessor :http_auth_enabled, default: true end end diff --git a/lib/mission_control/jobs/engine.rb b/lib/mission_control/jobs/engine.rb index b39fb6af..37345163 100644 --- a/lib/mission_control/jobs/engine.rb +++ b/lib/mission_control/jobs/engine.rb @@ -30,6 +30,11 @@ class Engine < ::Rails::Engine end end + initializer "mission_control-jobs.http_auth" do |app| + config.mission_control.jobs.http_auth_user = app.credentials.dig(:mission_control, :http_auth_user), + config.mission_control.jobs.http_auth_password = app.credentials.dig(:mission_control, :http_auth_password) + end + initializer "mission_control-jobs.active_job.extensions" do ActiveSupport.on_load :active_job do include ActiveJob::Querying From 4dbf868ad237b1bfe21f97c289b703bce6e8829b Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Tue, 26 Nov 2024 20:25:14 +0100 Subject: [PATCH 3/6] Default to closed by basic auth when not configured --- .../jobs/basic_authentication.rb | 33 +++++++++++++ .../jobs/application_controller.rb | 9 +--- lib/mission_control/jobs.rb | 6 +-- lib/mission_control/jobs/engine.rb | 6 +-- test/dummy/config/environments/test.rb | 2 + .../jobs/basic_authentication_test.rb | 47 +++++++++++++++++++ 6 files changed, 89 insertions(+), 14 deletions(-) create mode 100644 app/controllers/concerns/mission_control/jobs/basic_authentication.rb create mode 100644 test/mission_control/jobs/basic_authentication_test.rb diff --git a/app/controllers/concerns/mission_control/jobs/basic_authentication.rb b/app/controllers/concerns/mission_control/jobs/basic_authentication.rb new file mode 100644 index 00000000..33517a3a --- /dev/null +++ b/app/controllers/concerns/mission_control/jobs/basic_authentication.rb @@ -0,0 +1,33 @@ +module MissionControl::Jobs::BasicAuthentication + extend ActiveSupport::Concern + + included do + before_action :authenticate_by_http_basic + end + + private + def authenticate_by_http_basic + if http_basic_authentication_enabled? + if http_basic_authentication_configured? + http_basic_authenticate_or_request_with(**http_basic_authentication_credentials) + else + head :unauthorized + end + end + end + + def http_basic_authentication_enabled? + MissionControl::Jobs.http_basic_auth_enabled + end + + def http_basic_authentication_configured? + http_basic_authentication_credentials.values.all?(&:present?) + end + + def http_basic_authentication_credentials + { + name: MissionControl::Jobs.http_basic_auth_user, + password: MissionControl::Jobs.http_basic_auth_password + }.transform_values(&:presence) + end +end diff --git a/app/controllers/mission_control/jobs/application_controller.rb b/app/controllers/mission_control/jobs/application_controller.rb index 6e3e353e..d1c56c09 100644 --- a/app/controllers/mission_control/jobs/application_controller.rb +++ b/app/controllers/mission_control/jobs/application_controller.rb @@ -9,18 +9,11 @@ class MissionControl::Jobs::ApplicationController < MissionControl::Jobs.base_co helper MissionControl::Jobs::ApplicationHelper unless self < MissionControl::Jobs::ApplicationHelper helper Importmap::ImportmapTagsHelper unless self < Importmap::ImportmapTagsHelper + include MissionControl::Jobs::BasicAuthentication include MissionControl::Jobs::ApplicationScoped, MissionControl::Jobs::NotFoundRedirections include MissionControl::Jobs::AdapterFeatures - before_action :http_auth - private - def http_auth - name = MissionControl::Jobs.http_auth_user.presence - password = MissionControl::Jobs.http_auth_password.presence - http_basic_authenticate_or_request_with(name:, password:) if name && password - end - def default_url_options { server_id: MissionControl::Jobs::Current.server } end diff --git a/lib/mission_control/jobs.rb b/lib/mission_control/jobs.rb index 94e93c26..e70840dd 100644 --- a/lib/mission_control/jobs.rb +++ b/lib/mission_control/jobs.rb @@ -26,8 +26,8 @@ module Jobs mattr_accessor :importmap, default: Importmap::Map.new - mattr_accessor :http_auth_user - mattr_accessor :http_auth_password - mattr_accessor :http_auth_enabled, default: true + mattr_accessor :http_basic_auth_user + mattr_accessor :http_basic_auth_password + mattr_accessor :http_basic_auth_enabled, default: true end end diff --git a/lib/mission_control/jobs/engine.rb b/lib/mission_control/jobs/engine.rb index 37345163..1a1b6711 100644 --- a/lib/mission_control/jobs/engine.rb +++ b/lib/mission_control/jobs/engine.rb @@ -30,9 +30,9 @@ class Engine < ::Rails::Engine end end - initializer "mission_control-jobs.http_auth" do |app| - config.mission_control.jobs.http_auth_user = app.credentials.dig(:mission_control, :http_auth_user), - config.mission_control.jobs.http_auth_password = app.credentials.dig(:mission_control, :http_auth_password) + initializer "mission_control-jobs.http_basic_auth" do |app| + config.mission_control.jobs.http_basic_auth_user = app.credentials.dig(:mission_control, :http_basic_auth_user), + config.mission_control.jobs.http_basic_auth_password = app.credentials.dig(:mission_control, :http_basic_auth_password) end initializer "mission_control-jobs.active_job.extensions" do diff --git a/test/dummy/config/environments/test.rb b/test/dummy/config/environments/test.rb index 9249101f..30a6895d 100644 --- a/test/dummy/config/environments/test.rb +++ b/test/dummy/config/environments/test.rb @@ -51,6 +51,8 @@ config.solid_queue.connects_to = { database: { writing: :queue } } + config.mission_control.jobs.http_basic_auth_enabled = false + # Silence Solid Queue logging config.solid_queue.logger = ActiveSupport::Logger.new(nil) end diff --git a/test/mission_control/jobs/basic_authentication_test.rb b/test/mission_control/jobs/basic_authentication_test.rb new file mode 100644 index 00000000..77518872 --- /dev/null +++ b/test/mission_control/jobs/basic_authentication_test.rb @@ -0,0 +1,47 @@ +require "test_helper" + +class MissionControl::Jobs::BasicAuthenticationTest < ActionDispatch::IntegrationTest + test "unconfigured basic auth is closed" do + with_http_basic_auth do + get mission_control_jobs.application_queues_url(@application), headers: auth_headers("dev", "secret") + assert_response :unauthorized + end + end + + test "fail to authenticate without credentials" do + with_http_basic_auth(user: "dev", password: "secret") do + get mission_control_jobs.application_queues_url(@application) + assert_response :unauthorized + end + end + + test "fail to authenticate with wrong credentials" do + with_http_basic_auth(user: "dev", password: "secret") do + get mission_control_jobs.application_queues_url(@application), headers: auth_headers("dev", "wrong") + assert_response :unauthorized + end + end + + test "authenticate with correct credentials" do + with_http_basic_auth(user: "dev", password: "secret") do + get mission_control_jobs.application_queues_url(@application), headers: auth_headers("dev", "secret") + assert_response :ok + end + end + + private + def with_http_basic_auth(enabled: true, user: nil, password: nil) + previous_enabled, MissionControl::Jobs.http_basic_auth_enabled = MissionControl::Jobs.http_basic_auth_enabled, enabled + previous_user, MissionControl::Jobs.http_basic_auth_user = MissionControl::Jobs.http_basic_auth_user, user + previous_password, MissionControl::Jobs.http_basic_auth_password = MissionControl::Jobs.http_basic_auth_password, password + yield + ensure + MissionControl::Jobs.http_basic_auth_enabled = previous_enabled + MissionControl::Jobs.http_basic_auth_user = previous_user + MissionControl::Jobs.http_basic_auth_password = previous_password + end + + def auth_headers(user, password) + { Authorization: ActionController::HttpAuthentication::Basic.encode_credentials(user, password) } + end +end From 31445bb6e5235f2bf578cdf4dcaae89fe23534b5 Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Thu, 28 Nov 2024 14:16:52 +0100 Subject: [PATCH 4/6] Add generator to set up HTTP Basic authentication easily This asks for the username, generates and password and stores both in Rails credentials. --- README.md | 34 ++++++----- .../jobs/authentication_generator.rb | 59 +++++++++++++++++++ lib/mission_control/jobs.rb | 2 + lib/mission_control/jobs/engine.rb | 8 ++- lib/mission_control/jobs/tasks.rb | 8 +++ lib/tasks/mission_control/jobs_tasks.rake | 4 -- test/dummy/config/credentials/development.key | 1 + .../config/credentials/development.yml.enc | 1 + 8 files changed, 95 insertions(+), 22 deletions(-) create mode 100644 lib/generators/mission_control/jobs/authentication_generator.rb create mode 100644 lib/mission_control/jobs/tasks.rb delete mode 100644 lib/tasks/mission_control/jobs_tasks.rake create mode 100644 test/dummy/config/credentials/development.key create mode 100644 test/dummy/config/credentials/development.yml.enc diff --git a/README.md b/README.md index 42511b0a..6c44f001 100644 --- a/README.md +++ b/README.md @@ -56,31 +56,29 @@ RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile *Note: Legacy CSS bundlers `sass-rails` and `sassc-rails` may fail to compile some of the CSS vendored into this library from [Bulma](https://github.com/jgthms/bulma), which was created in [Dart SASS](https://sass-lang.com/dart-sass/). You will therefore need to upgrade to `dartsass-rails` or some library that relies on it, like `cssbundling-rails`.* -### Authentication and base controller class +### Authentication -By default, Mission Control's controllers will extend the host app's `ApplicationController`. If no authentication is enforced, `/jobs` will be available to everyone. - -#### HTTP authentication +Mission Control comes with **HTTP basic authentication enabled and closed** by default. Credentials are stored in [Rails's credentials](https://edgeguides.rubyonrails.org/security.html#custom-credentials) like this: +```yml +mission_control: + http_basic_auth_user: dev + http_basic_auth_password: secret +``` -You can set a simple HTTP authentication by either using +If no credentials are configured, Mission Control won't be accessible. To set these up, you can run the generator provided like this: -```ruby -Rails.application.configure do - config.mission_control.jobs.http_auth_user = "captain" - config.mission_control.jobs.http_auth_password = "topsecret" -end ``` -or you can set it via ENV +bin/rails mission_control:jobs:authentication:init +``` -```shell -ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_USER"]=captain -ENV["MISSION_CONTROL_JOBS_HTTP_AUTH_password"]=topsecret +To set them up for different environments you can use the `RAILS_ENV` environment variable, like this: +``` +RAILS_ENV=production bin/rails mission_control:jobs:authentication:init ``` -If no value is provided (`nil`, `""` or `false`), authentication is skipped. #### Custom authentication -You might want to implement your own authentication. To make this easier, you can specify a different controller as the base class for Mission Control's controllers: +You can provide your own authentication mechanism, for example, if you have a certain type of admin user in your app that can access Mission Control. To make this easier, you can specify a different controller as the base class for Mission Control's controllers. By default, Mission Control's controllers will extend the host app's `ApplicationController`, but you can change this easily: ```ruby Rails.application.configure do @@ -91,7 +89,11 @@ end Or, in your environment config or `application.rb`: ```ruby config.mission_control.jobs.base_controller_class = "AdminController" +``` +If you do this, you can disable the default HTTP Basic Authentication using the following option: +```ruby +config.mission_control.jobs.http_basic_auth_enabled = false ``` ### Other configuration settings diff --git a/lib/generators/mission_control/jobs/authentication_generator.rb b/lib/generators/mission_control/jobs/authentication_generator.rb new file mode 100644 index 00000000..c29eb72a --- /dev/null +++ b/lib/generators/mission_control/jobs/authentication_generator.rb @@ -0,0 +1,59 @@ +class MissionControl::Jobs::AuthenticationGenerator < Rails::Generators::Base + def init + if credentials_accessible? + if authentication_configured? + say "HTTP Basic Authentication is already configured for `#{Rails.env}`. You can edit it using `credentials:edit`" + else + say "Setting up credentials for HTTP Basic Authentication for `#{Rails.env}` environment." + say "" + + username = ask "Enter username: " + password = SecureRandom.base58(64) + + store_credentials(username, password) + say "Username and password stored in Rails encrypted credentials." + say "" + say "You can now access Mission Control – Jobs with: " + say "" + say " - Username: #{username}" + say " - password: #{password}" + say "" + say "You can also edit these in the future via `credentials:edit`" + end + else + say "Rails credentials haven't been configured or aren't accessible. Configure them following the instructions in `credentials:help`" + end + end + + private + def credentials_accessible? + credentials.read.present? + end + + def authentication_configured? + %i[ http_basic_auth_user http_basic_auth_password ].any? do |key| + credentials.dig(:mission_control, key).present? + end + end + + def store_credentials(username, password) + content = credentials.read + "\n" + http_authentication_entry(username, password) + "\n" + credentials.write(content) + end + + def credentials + @credentials ||= Rails.application.encrypted(config.content_path, key_path: config.key_path) + end + + def config + Rails.application.config.credentials + end + + def http_authentication_entry(username, password) + <<~ENTRY + mission_control: + http_basic_auth_user: #{username} + http_basic_auth_password: #{password} + ENTRY + end +end diff --git a/lib/mission_control/jobs.rb b/lib/mission_control/jobs.rb index e70840dd..1dc12583 100644 --- a/lib/mission_control/jobs.rb +++ b/lib/mission_control/jobs.rb @@ -7,6 +7,8 @@ loader.inflector = Zeitwerk::GemInflector.new(__FILE__) loader.push_dir(File.expand_path("..", __dir__)) loader.ignore("#{File.expand_path("..", __dir__)}/resque") +loader.ignore("#{File.expand_path("..", __dir__)}/mission_control/jobs/tasks.rb") +loader.ignore("#{File.expand_path("..", __dir__)}/generators") loader.setup module MissionControl diff --git a/lib/mission_control/jobs/engine.rb b/lib/mission_control/jobs/engine.rb index 1a1b6711..5b5dc293 100644 --- a/lib/mission_control/jobs/engine.rb +++ b/lib/mission_control/jobs/engine.rb @@ -7,6 +7,10 @@ module Jobs class Engine < ::Rails::Engine isolate_namespace MissionControl::Jobs + rake_tasks do + load "mission_control/jobs/tasks.rb" + end + initializer "mission_control-jobs.middleware" do |app| if app.config.api_only config.middleware.use ActionDispatch::Flash @@ -31,8 +35,8 @@ class Engine < ::Rails::Engine end initializer "mission_control-jobs.http_basic_auth" do |app| - config.mission_control.jobs.http_basic_auth_user = app.credentials.dig(:mission_control, :http_basic_auth_user), - config.mission_control.jobs.http_basic_auth_password = app.credentials.dig(:mission_control, :http_basic_auth_password) + MissionControl::Jobs.http_basic_auth_user = app.credentials.dig(:mission_control, :http_basic_auth_user) + MissionControl::Jobs.http_basic_auth_password = app.credentials.dig(:mission_control, :http_basic_auth_password) end initializer "mission_control-jobs.active_job.extensions" do diff --git a/lib/mission_control/jobs/tasks.rb b/lib/mission_control/jobs/tasks.rb new file mode 100644 index 00000000..b1fd03ee --- /dev/null +++ b/lib/mission_control/jobs/tasks.rb @@ -0,0 +1,8 @@ +namespace :mission_control do + namespace :jobs do + desc "Configure HTTP Basic Authentication" + task "authentication:init" do + Rails::Command.invoke :generate, [ "mission_control:jobs:authentication" ] + end + end +end diff --git a/lib/tasks/mission_control/jobs_tasks.rake b/lib/tasks/mission_control/jobs_tasks.rake deleted file mode 100644 index 782dc2b3..00000000 --- a/lib/tasks/mission_control/jobs_tasks.rake +++ /dev/null @@ -1,4 +0,0 @@ -# desc "Explaining what the task does" -# task :mission_control_jobs do -# # Task goes here -# end diff --git a/test/dummy/config/credentials/development.key b/test/dummy/config/credentials/development.key new file mode 100644 index 00000000..c0bed95e --- /dev/null +++ b/test/dummy/config/credentials/development.key @@ -0,0 +1 @@ +67f819f011ec672273c91cf789afb5d7 \ No newline at end of file diff --git a/test/dummy/config/credentials/development.yml.enc b/test/dummy/config/credentials/development.yml.enc new file mode 100644 index 00000000..6def87d1 --- /dev/null +++ b/test/dummy/config/credentials/development.yml.enc @@ -0,0 +1 @@ +3wr+OnlAdcQJl0WURd7JXv+pleXbJVWozLH4JfPU6dGc9A0VlQ/kQosdPqDF7Yf/WrLtodre258ALf0ZHE2bQYgH3Eq0cJQ7xN8WwfGjBjXiL6uWaOHcfgcPVNg4E3Ag+YN3EOH8aquSttX7Uqyfv3tPlYQBQ7fs8lXjx3APfl3P8Vk2Yz6bhQcBgXhtFqH+--f7tDKb8EHxaT9l+Z--WIHpj/e3mEcqupnMrf5fvw== \ No newline at end of file From d54b2a43afaea183d8b35135b734c88692234a61 Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Mon, 2 Dec 2024 17:46:27 +0100 Subject: [PATCH 5/6] Add post-install message about new default authentication --- mission_control-jobs.gemspec | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/mission_control-jobs.gemspec b/mission_control-jobs.gemspec index 154b3bcd..fc01761c 100644 --- a/mission_control-jobs.gemspec +++ b/mission_control-jobs.gemspec @@ -12,6 +12,13 @@ Gem::Specification.new do |spec| spec.metadata["homepage_uri"] = spec.homepage spec.metadata["source_code_uri"] = "https://github.com/rails/mission_control-jobs" + spec.post_install_message = <<~MESSAGE + Upgrading to Mission Control – Jobs 1.0.0? HTTP Basic authentication has been added by default, and it needs + to be configured or disabled before you can access the dashboard. + --> Check https://github.com/rails/mission_control-jobs?tab=readme-ov-file#authentication + for more details and instructions. + MESSAGE + spec.files = Dir.chdir(File.expand_path(__dir__)) do Dir["{app,config,db,lib}/**/*", "MIT-LICENSE", "Rakefile", "README.md"] end From 689e8ddc83d0c7ce6e44dc901d693d289a059731 Mon Sep 17 00:00:00 2001 From: Rosa Gutierrez Date: Mon, 2 Dec 2024 21:24:20 +0100 Subject: [PATCH 6/6] Convert authentication generator to Rails command Generators require the whole app to be booted, which involves having access to the DB, loading all controlers, etc. which we don't need for just generating the credentials, and might not work when trying to add production credentials because many apps aren't prepared to boot for production in another environment. --- README.md | 4 ++-- .../jobs/authentication.rb} | 10 ++++++++-- lib/mission_control/jobs/tasks.rb | 4 ++-- 3 files changed, 12 insertions(+), 6 deletions(-) rename lib/{generators/mission_control/jobs/authentication_generator.rb => mission_control/jobs/authentication.rb} (91%) diff --git a/README.md b/README.md index 6c44f001..49fcc5e8 100644 --- a/README.md +++ b/README.md @@ -68,12 +68,12 @@ mission_control: If no credentials are configured, Mission Control won't be accessible. To set these up, you can run the generator provided like this: ``` -bin/rails mission_control:jobs:authentication:init +bin/rails mission_control:jobs:authentication:configure ``` To set them up for different environments you can use the `RAILS_ENV` environment variable, like this: ``` -RAILS_ENV=production bin/rails mission_control:jobs:authentication:init +RAILS_ENV=production bin/rails mission_control:jobs:authentication:configure ``` #### Custom authentication diff --git a/lib/generators/mission_control/jobs/authentication_generator.rb b/lib/mission_control/jobs/authentication.rb similarity index 91% rename from lib/generators/mission_control/jobs/authentication_generator.rb rename to lib/mission_control/jobs/authentication.rb index c29eb72a..3398b6dc 100644 --- a/lib/generators/mission_control/jobs/authentication_generator.rb +++ b/lib/mission_control/jobs/authentication.rb @@ -1,5 +1,9 @@ -class MissionControl::Jobs::AuthenticationGenerator < Rails::Generators::Base - def init +class MissionControl::Jobs::Authentication < Rails::Command::Base + def self.configure + new.configure + end + + def configure if credentials_accessible? if authentication_configured? say "HTTP Basic Authentication is already configured for `#{Rails.env}`. You can edit it using `credentials:edit`" @@ -26,6 +30,8 @@ def init end private + attr_reader :environment + def credentials_accessible? credentials.read.present? end diff --git a/lib/mission_control/jobs/tasks.rb b/lib/mission_control/jobs/tasks.rb index b1fd03ee..fb8edeab 100644 --- a/lib/mission_control/jobs/tasks.rb +++ b/lib/mission_control/jobs/tasks.rb @@ -1,8 +1,8 @@ namespace :mission_control do namespace :jobs do desc "Configure HTTP Basic Authentication" - task "authentication:init" do - Rails::Command.invoke :generate, [ "mission_control:jobs:authentication" ] + task "authentication:configure" => :environment do + MissionControl::Jobs::Authentication.configure end end end