anoubis 1.0.0

data/app/controllers/anoubis/sso/server/login_controller.rb

@@ -0,0 +1,342 @@
+class Anubis::Sso::Server::LoginController < Anubis::Sso::Server::ApplicationController
+  include ActionController::Cookies
+
+  def authenticate?
+    false
+  end
+
+  def system
+    data = nil
+    if params.key? :sso_system
+      begin
+        data = JSON.parse self.redis.get(self.redis_prefix + 'system:' + params[:sso_system].to_s), { symbolize_names: true }
+      rescue
+        data = nil
+      end
+    end
+
+    data
+  end
+
+  def index
+    params[:prompt] = 'yes' unless params.key? :prompt
+
+    result = {
+      result: 0,
+      message: I18n.t('core.success')
+    }
+    code = 200
+
+    if self.system
+      session = nil
+      session = cookies[:session] if cookies.key? :session
+
+      unless session
+        redirect_to self.get_login_url
+        return
+      end
+
+      begin
+        ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + session), { symbolize_names: true }
+      rescue
+        ses_data = nil
+      end
+
+      if ses_data
+        ses_data = nil if ses_data[:ttl] < Time.now
+
+        if ses_data
+          ses_data[:time] = Time.now
+
+          user = self.user_model.load_cache self.redis, ses_data[:uuid]
+
+          if user
+            ses_data[:ttl] = Time.now + user[:timeout]
+            self.redis.set(self.redis_prefix + 'session:' + session, ses_data.to_json, ex: user[:timeout])
+          else
+            ses_data = nil
+          end
+        else
+          self.redis.del self.redis_prefix + 'session:' + session
+        end
+      end
+
+      unless ses_data
+        redirect_to self.get_login_url
+        return
+      end
+
+      unless ses_data.key? :ttl
+        redirect_to self.get_login_url
+        return
+      end
+
+      if ses_data[:ttl] < Time.now
+        redirect_to self.get_login_url
+        return
+      end
+
+      url = self.system[:host]
+
+      if params[:prompt] != 'none'
+        url += self.system[:callback]
+      else
+        url += self.system[:silent]
+      end
+
+      url += '?'
+
+      if params.key? :sso_path
+        url += params[:sso_path] + '&'
+      end
+      url += 'sso_session=' + cookies[:session] + '&locale=' + self.locale
+
+      redirect_to url
+      return
+    else
+      result[:result] = -1
+      result[:message] = I18n.t('core.errors.incorrect_system')
+      code = 400
+    end
+
+    respond_to do |format|
+      format.json { render json: result, status: code }
+    end
+  end
+
+  def create
+    result = {
+      result: 0,
+      message: I18n.t('core.success')
+    }
+    code = 200
+
+    if self.system
+      if params.has_key?(:login) && params.has_key?(:password)
+        user = self.user_model.where(login: params[:login].downcase, status: 1).first
+
+        if user && user.authenticate(params[:password])
+          if !user.auth_key
+            user.save_cache
+            cookies[:session] = {
+              value: SecureRandom.hex(32),
+              domain: self.domain_url
+            }
+            self.user_model.where(uuid: user.uuid).update_all(visited_at: Time.now)
+            self.redis.set(self.redis_prefix + 'session:' + cookies[:session], { uuid: user.uuid, login: Time.now, time: Time.now, ttl: Time.now + user.timeout, update: Time.now + 5.minutes }.to_json, ex: user.timeout)
+            result[:url] = self.system[:host] + '?'
+            if params.key? :sso_path
+              result[:url] += params[:sso_path] + '&'
+            end
+            result[:session] = cookies[:session]
+            result[:url] += 'sso_session=' + cookies[:session] + '&locale=' + self.locale
+          else
+            result[:result] = -4
+            result[:message] = I18n.t('login.errors.cant_login')
+          end
+        else
+          result[:result] = -3
+          result[:message] = I18n.t('login.errors.cant_login')
+        end
+      else
+        result[:result] = -2
+        result[:message] = I18n.t('core.errors.incorrect_parameters')
+      end
+    else
+      result[:result] = -1
+      result[:message] = I18n.t('core.errors.incorrect_system')
+    end
+
+    respond_to do |format|
+      format.json { render json: result, status: code }
+    end
+  end
+
+  def update
+    result = {
+      result: 0,
+      message: I18n.t('core.success')
+    }
+
+    if self.system
+      begin
+        ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
+      rescue
+        ses_data = nil
+      end
+
+      if ses_data
+        if ses_data[:ttl] > Time.now
+          if params.key? :secret_key
+            if self.system[:secret_key] == params[:secret_key]
+              user_data = self.get_user_data_by_uuid ses_data[:uuid]
+
+              if user_data
+                ses_data[:time] = Time.now
+                ses_data[:ttl] = Time.now + user_data.timeout
+                if ses_data[:update] < Time.now
+                  ses_data[:update] = Time.now + 5.minutes
+                  self.user_model.where(uuid: ses_data[:uuid]).update_all(visited_at: Time.now)
+                end
+                self.redis.set self.redis_prefix + 'session:' + params[:session], ses_data.to_json, ex: user_data.timeout
+              else
+                result[:result] = -5
+                result[:message] = I18n.t('core.errors.incorrect_parameters')
+              end
+            else
+              result[:result] = -4
+              result[:message] = I18n.t('core.errors.incorrect_parameters')
+            end
+          else
+            result[:result] = -3
+            result[:message] = I18n.t('core.errors.incorrect_parameters')
+          end
+        else
+          self.redis.del self.redis_prefix + 'session:' + params[:session]
+          result[:result] = -6
+          result[:message] = I18n.t('core.errors.incorrect_parameters')
+        end
+      else
+        result[:result] = -2
+        result[:message] = I18n.t('core.errors.incorrect_parameters')
+      end
+    else
+      result[:result] = -1
+      result[:message] = I18n.t('core.errors.incorrect_system')
+    end
+
+    respond_to do |format|
+      format.json { render json: result }
+    end
+  end
+
+  def destroy
+    result = {
+      result: 0,
+      message: I18n.t('core.success')
+    }
+
+    begin
+      ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
+    rescue
+      ses_data = nil
+    end
+
+    if ses_data
+      self.redis.del self.redis_prefix + 'session:' + params[:session]
+    else
+      result[:result] = -1
+      result[:message] = I18n.t('core.errors.incorrect_parameters')
+    end
+
+    respond_to do |format|
+      format.json { render json: result }
+    end
+  end
+
+  ##
+  # REST action returns current user UUID from SSO server. This action also make prolongation of session life.
+  #
+  # <b>API request:</b>
+  #   GET /api/<version>/login/:session
+  #
+  # <b>Parameters:</b>
+  # - <b>sso_system</b> (String) --- system UUID <i>(required value)</i>
+  # - <b>sso_secret</b> (String) --- system secret key <i>(required value)</i>
+  # - <b>locale</b> (String) --- the output language locale <i>(optional value)</i>
+  #
+  # <b>Request example:</b>
+  #   curl --header "Content-Type: application/json" --header 'Authorization: Bearer <session-token>' http://<server>:<port>/api/<api-version>/login/<session>?sso_system=<sso_system>&sso_secret=<sso_secret_key>
+  #
+  # <b>Results:</b>
+  #
+  # Resulting data returns in JSON format.
+  #
+  # <b>Examples:</b>
+  #
+  # <b>Success:</b> HTTP response code 200
+  #   {
+  #     "result": 0,
+  #     "message": "Successful",
+  #     "uuid": "9adc7c0a-45ca-4436-b706-1807de6192e0"
+  #   }
+  def show
+    result = {
+      result: 0,
+      message: I18n.t('core.success')
+    }
+
+    if self.system
+      begin
+        ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
+      rescue
+        ses_data = nil
+      end
+
+      if ses_data
+        if ses_data[:ttl] > Time.now
+          if params.key? :secret_key
+            if self.system[:secret_key] == params[:secret_key]
+              user_data = self.get_user_data_by_uuid ses_data[:uuid]
+
+              if user_data
+                self.format_user_output(user_data, result)
+                result[:login_time] = ses_data[:login]
+                ses_data[:time] = Time.now
+                ses_data[:ttl] = Time.now + user_data.timeout
+                if ses_data[:update] < Time.now
+                  ses_data[:update] = Time.now + 5.minutes
+                  self.user_model.where(uuid: ses_data[:uuid]).update_all(visited_at: Time.now)
+                end
+                self.redis.set self.redis_prefix + 'session:' + params[:session], ses_data.to_json, ex: user_data.timeout
+              else
+                result[:result] = -5
+                result[:message] = I18n.t('core.errors.incorrect_parameters')
+              end
+            else
+              result[:result] = -4
+              result[:message] = I18n.t('core.errors.incorrect_parameters')
+            end
+          else
+            result[:result] = -3
+            result[:message] = I18n.t('core.errors.incorrect_parameters')
+          end
+        else
+          self.redis.del self.redis_prefix + 'session:' + params[:session]
+          result[:result] = -6
+          result[:message] = I18n.t('core.errors.incorrect_parameters')
+        end
+      else
+        result[:result] = -2
+        result[:message] = I18n.t('core.errors.incorrect_parameters')
+      end
+    else
+      result[:result] = -1
+      result[:message] = I18n.t('core.errors.incorrect_system')
+    end
+
+    respond_to do |format|
+      format.json { render json: result }
+    end
+  end
+
+  def get_login_url
+    prompt = true
+    if params.key? :prompt
+      prompt = false if params[:prompt] == 'none'
+    end
+
+    if prompt
+      url = self.front_url + 'login?'
+      if params.key? :sso_path
+        url += 'sso_path=' + params[:sso_path] + '&'
+      end
+      url += 'sso_system=' + params[:sso_system] + '&locale=' + self.locale
+    else
+      url = self.system[:host] + self.system[:silent] + '?error=need-login'
+    end
+
+
+    return url
+  end
+end

data/app/controllers/anoubis/sso/server/user_controller.rb

@@ -0,0 +1,142 @@
+class Anubis::Sso::Server::UserController < Anubis::Sso::Server::ApplicationController
+  def authenticate?
+    false
+  end
+
+  def show
+    result = {
+      result: 0,
+      message: I18n.t('anubis.core.success')
+    }
+    code = 200
+
+    self.get_user_data result
+
+    respond_to do |format|
+      format.json { render json: result, status: code }
+    end
+  end
+
+  def show_current
+    self.get_user_from_session
+    self.show
+  end
+
+  def update
+    result = {
+      result: 0,
+      message: I18n.t('anubis.core.success')
+    }
+    code = 200
+
+    user_data = self.get_user_data result
+
+    if user_data
+      user_data.name = params[:name] if params.key? :name
+      user_data.surname = params[:surname] if params.key? :surname
+      user_data.timezone = params[:timezone] if params.key? :timezone
+      user_data.locale = params[:locale] if params.key? :locale
+      if params.key? :timeout
+        user_data.timeout = params[:timeout] if params[:timeout].to_s.to_i > 60 && params[:timeout].to_s.to_i <= 36000
+      end
+
+      if user_data.save
+        result[:uuid] = user_data.uuid
+        result[:name] = user_data.name
+        result[:surname] = user_data.surname
+        result[:login] = user_data.login
+        result[:locale] = user_data.locale
+        result[:timezone] = user_data.timezone
+        result[:timeout] = user_data.timeout
+      else
+        result[:uuid] = user_data.uuid_was
+        result[:name] = user_data.name_was
+        result[:surname] = user_data.surname_was
+        result[:login] = user_data.login_was
+        result[:locale] = user_data.locale_was
+        result[:timezone] = user_data.timezone_was
+        result[:timeout] = user_data.timeout_was
+        result[:errors] = user_data.errors.full_messages
+        result[:result] = -7
+        result[:message] = I18n.t('anubis.core.errors.error_changing_data')
+      end
+    end
+
+    respond_to do |format|
+      format.json { render json: result, status: code }
+    end
+  end
+
+  def update_current
+    self.get_user_from_session
+    self.update
+  end
+
+  def get_user_from_session
+    session = self.get_current_session
+    if session.key? :ttl
+      if session[:ttl] > Time.now
+        params[:uuid] = session[:uuid]
+      end
+    end
+  end
+
+  def get_current_session
+    begin
+      ses_data = JSON.parse self.redis.get(self.redis_prefix + 'session:' + params[:session]), { symbolize_names: true }
+    rescue
+      ses_data = { ttl: Time.now - 1.day }
+    end
+
+    ses_data
+  end
+
+  def get_user_data(result)
+    user_data = nil
+
+    if params.has_key? :session
+      ses_data = self.get_current_session
+
+      if ses_data[:ttl] > Time.now
+        user_data = self.user_model.where(uuid: params[:uuid]).first
+
+        if user_data
+          begin
+            adm_data = self.get_user_data_by_uuid ses_data[:uuid]
+          rescue
+            adm_data = nil
+          end
+
+          if adm_data
+            if adm_data.role == 'user_role'
+              if adm_data.id != user_data.id
+                user_data = nil
+              end
+            end
+
+            if user_data
+              self.format_user_output user_data, result
+            else
+              result[:result] = -6
+              result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
+            end
+          else
+            result[:result] = -5
+            result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
+          end
+        else
+          result[:result] = -4
+          result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
+        end
+      else
+        result[:result] = -3
+        result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
+      end
+    else
+      result[:result] = -2
+      result[:message] = I18n.t('anubis.core.errors.incorrect_parameters')
+    end
+
+    user_data
+  end
+end

data/app/controllers/anoubis/tenant/application_controller.rb

@@ -0,0 +1,54 @@
+class Anubis::Tenant::ApplicationController < Anubis::Core::ApplicationController
+  ##
+  # Get current user model
+  # @return [ActiveRecord] defined user model. It is used for get current user data. May be redefined when user model is changed
+  def get_user_model
+    Anubis::Tenant::User
+  end
+
+  ##
+  # Get current user model filed json exception
+  # @return [Array] defined user exception for to_json function
+  def get_user_model_except
+    [:uuid_bin]
+  end
+
+  ##
+  # Check menu access for current user of current controller
+  # @return [Boolean] if true, then user have access for this controller.
+  def menu_access(controller, exit = true)
+    menu_access_status = redis.get self.redis_prefix + self.current_user.uuid+'_'+controller
+
+    if !menu_access_status
+      access = Anubis::Tenant::GroupMenu.accesses[:read].to_s+','+Anubis::Tenant::GroupMenu.accesses[:write].to_s
+      query = <<-SQL
+          SELECT `t`.* FROM
+            (SELECT `menus`.`id`, `menus`.`mode`, `menus`.`action`, `menus`.`menu_id`,
+              MAX(`group_menus`.`access`) AS `access`, `user_groups`.`user_id`
+            FROM `menus`, `group_menus`, `groups`, `user_groups`
+            WHERE `menus`.`mode` = '#{controller}' AND `menus`.`id` = `group_menus`.`menu_id` AND
+              `menus`.`status` = 0 AND `group_menus`.`group_id` = `groups`.`id` AND `groups`.`id` = `user_groups`.`group_id` AND 
+              `user_groups`.`user_id` = #{self.current_user.id}
+            GROUP BY `menus`.`id`) AS `t`
+            WHERE `t`.`access` IN (#{access})
+            ORDER BY `t`.`menu_id`
+      SQL
+      menu = Anubis::Tenant::GroupMenu.find_by_sql(query).first
+      if (!menu)
+        redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, 'not'
+        self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
+        return false
+      end
+
+      menu_access_status = menu.access
+      redis.set self.redis_prefix + self.current_user.uuid+'_'+controller, menu_access_status
+    else
+      if menu_access_status == 'not'
+        self.error_exit({ error: I18n.t('errors.access_not_allowed') }) if exit
+        return false
+      end
+    end
+    self.writer = true if menu_access_status == 'write'
+    return true
+  end
+end

data/app/controllers/anoubis/tenant/data/actions.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module presents all default actions for for {DataController}.
+      module Actions
+        include Anubis::Core::Data::Actions
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/callbacks.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module presents all callbacks called in actions.
+      module Callbacks
+        include Anubis::Core::Data::Callbacks
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/convert.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Data conversion moule between database and human representation
+      module Convert
+        include Anubis::Core::Data::Convert
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/defaults.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module sets default parameters for {DataController}.
+      module Defaults
+        include Anubis::Core::Data::Defaults
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/get.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module gets system data for {DataController}
+      module Get
+        include Anubis::Core::Data::Get
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/load.rb

@@ -0,0 +1,52 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module loads data from external sources for {DataController}
+      module Load
+        include Anubis::Core::Data::Load
+
+        ##
+        # Loads current menu data. Procedure loads menu data from MySQL database or from Redis cache and places it in
+        # self.etc.menu {Anubis::Etc#menu}
+        def load_menu_data
+          menu_json = self.redis.get(self.redis_prefix + 'menu_' + params[:controller])
+          menu_locale_json = self.redis.get(self.redis_prefix + 'menu_'+params[:controller]+'_'+self.locale)
+          if !menu_json || !menu_locale_json
+            menu = Anubis::Tenant::MenuLocale.eager_load(menu: :menu).where(locale: Anubis::Tenant::MenuLocale.locales[self.locale.to_sym]).where(['menus.mode = ? AND menus.status = 0', params[:controller]]).first
+            if menu
+              menu_json = {
+                mode: menu.menu.mode,
+                menu_id: menu.menu_id,
+                parent_menu_id: menu.menu.menu_id,
+                action: menu.menu.action,
+                tab: menu.menu.tab,
+                position: menu.menu.position,
+                state: menu.menu.state
+              }
+              if menu.menu.menu
+                menu_json[:parent_mode] = menu.menu.menu.mode
+              end
+              menu_json = menu_json.to_json
+              self.redis.set(self.redis_prefix + 'menu_'+params[:controller], menu_json)
+              menu_locale_json = {
+                title: menu.title,
+                page_title: menu.page_title,
+                short_title: menu.short_title
+              }.to_json
+              self.redis.set(self.redis_prefix + 'menu_'+params[:controller]+'_'+self.locale, menu_locale_json)
+            end
+          end
+          if menu_json && menu_locale_json
+            self.etc.menu = Anubis::Etc::Menu.new JSON.parse(menu_json, {:symbolize_names => true}).merge(JSON.parse(menu_locale_json, {:symbolize_names => true}))
+            if self.writer
+              self.etc.menu.access = 'write'
+            else
+              self.etc.menu.access = 'read'
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/set.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module sets system data for {DataController}
+      module Set
+        include Anubis::Core::Data::Set
+      end
+    end
+  end
+end

data/app/controllers/anoubis/tenant/data/setup.rb

@@ -0,0 +1,11 @@
+module Anubis
+  module Tenant
+    module Data
+      ##
+      # Module setups system parameters for {DataController}
+      module Setup
+        include Anubis::Core::Data::Setup
+      end
+    end
+  end
+end