banacle 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5ed9aa2704808715b44bd16ddd6c0a8c1a6d36cf4f2de385e75d2ca0b52e4a70
-  data.tar.gz: 0456565ccd292ebdee407e23fe69ea6ff152a4ac485d08c12c91951a6ee5bc16
+  metadata.gz: ac8dd15ec8a0ac5c80b7063b7aa35eb3234112814a895cd7978d74aca0b02523
+  data.tar.gz: 60225cc4f11757f0c5dc69cb2560bfbf6489c9c9ecb5b66a89a04ba9fcbe3dd2
 SHA512:
-  metadata.gz: 17728a74b44f940c19544a43262a7dd79a9ce0941045723aeffa9497d8b4fc6ddea34af861e2b0499c3135d233882cc3a9ed36d67300e28af266ee07d82d678c
-  data.tar.gz: 2019918492687104f2767c3c0d0b74d764a7e53c02e043d2c4fa8b79d86d61c5ccc606e9393ffbdcb626c48b8fbd8a8523b638d93e923e31c051462ac8b1d433
+  metadata.gz: 50e850965e6310789a4afb79631c16a89b29d1eba9bf20332317354f468a5ce86431047ad6804d19d85253208bb781744e49f00630b27c2a74b812e10fd10ebe
+  data.tar.gz: 3abe80594a93b4a4a1d9bdeadd28d82516d6df16f62e2bdaab10e30b320538ef137e05a56e51292fe90d1eb5878da46dc3908353fbc7fce0ef49f7de0d3c3dc7

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    banacle (0.1.2)
+    banacle (0.2.0)
       aws-sdk-ec2
       sinatra
       unicorn

data/example/Gemfile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+gem "banacle", path: "../"
+gem "pry"

data/example/Gemfile.lock

@@ -0,0 +1,53 @@
+PATH
+  remote: ..
+  specs:
+    banacle (0.1.2)
+      aws-sdk-ec2
+      sinatra
+      unicorn
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    aws-eventstream (1.0.1)
+    aws-partitions (1.127.0)
+    aws-sdk-core (3.44.1)
+      aws-eventstream (~> 1.0)
+      aws-partitions (~> 1.0)
+      aws-sigv4 (~> 1.0)
+      jmespath (~> 1.0)
+    aws-sdk-ec2 (1.65.0)
+      aws-sdk-core (~> 3, >= 3.39.0)
+      aws-sigv4 (~> 1.0)
+    aws-sigv4 (1.0.3)
+    coderay (1.1.2)
+    jmespath (1.4.0)
+    kgio (2.11.2)
+    method_source (0.9.2)
+    mustermann (1.0.3)
+    pry (0.12.2)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    rack (2.0.6)
+    rack-protection (2.0.5)
+      rack
+    raindrops (0.19.0)
+    sinatra (2.0.5)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.5)
+      tilt (~> 2.0)
+    tilt (2.0.9)
+    unicorn (5.4.1)
+      kgio (~> 2.6)
+      raindrops (~> 0.7)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  banacle!
+  pry
+
+BUNDLED WITH
+   1.16.2

data/example/config.ru

@@ -0,0 +1,62 @@
+require 'sinatra/base'
+require 'banacle/authenticator'
+require 'banacle/slash_command/handler'
+require 'banacle/interactive_message/handler'
+
+class App < Sinatra::Base
+  include Banacle
+
+  helpers do
+    def command_handler
+      @command_handler ||= SlashCommand::Handler.new.tap do |h|
+        h.set_authenticator!(CommandAuthenticator.new)
+        h
+      end
+    end
+
+    def message_handler
+      @message_handler ||= InteractiveMessage::Handler.new.tap do |h|
+        h.set_authenticator!(MessageAuthenticator.new)
+        h
+      end
+    end
+  end
+
+  post '/slack/command' do
+    content_type :json
+    command_handler.handle(request)
+  end
+
+  post '/slack/message' do
+    content_type :json
+    message_handler.handle(request)
+  end
+end
+
+class CommandAuthenticator < Banacle::Authenticator
+  def authenticate(request)
+    params = request.params
+
+    team_id = params["team_id"]
+    # user_id = params["user_id"]
+
+    if team_id != "T0XXXXXXX"
+      return false
+    end
+
+    true
+  end
+end
+
+class MessageAuthenticator < Banacle::Authenticator
+  attr_reader :request
+  def authenticate(request)
+    payload = JSON.parse(request.params["payload"])
+    # team_id = payload["team"]["id"]
+    # user_id = payload["user"]["id"]
+
+    true
+  end
+end
+
+run App

data/lib/banacle/authenticator.rb

@@ -1,17 +1,7 @@
 module Banacle
   class Authenticator
-    def self.authenticate(request)
-      new(request).authenticate
-    end
-
-    def initialize(request)
-      @request = request
-    end
-
-    attr_reader :request
-
     # override
-    def authenticate
+    def authenticate(request)
     end
   end
 end

data/lib/banacle/handler.rb

@@ -1,3 +1,4 @@
+require 'banacle/authenticator'
 require 'banacle/slack_validator'
 
 module Banacle
@@ -13,10 +14,6 @@ module Banacle
         return [401, {}, "invalid request"]
       end
 
-      if auth && !auth.authenticate(request)
-        return [402, {}, "unauthenticated"]
-      end
-
       handle_request
     end
 
@@ -24,18 +21,26 @@ module Banacle
     def handle_request
     end
 
-    private
+    def set_authenticator!(auth)
+      unless auth.is_a?(Banacle::Authenticator)
+        raise InvalidAuthenticatorError.new(auth.inspect)
+      end
 
-    def skip_validation?
-      request.params["skip_validation"] || ENV["BANACLE_SKIP_VALIDATION"]
+      @auth = auth
     end
 
-    def set_authenticator!
-      unless auth.is_a?(Banacle::Authentication)
-        raise InvalidAuthenticatorError.new(auth.inspect)
+    private
+
+    def authenticated?
+      if auth && !auth.authenticate(request)
+        return false
       end
 
-      @auth = auth
+      true
+    end
+
+    def skip_validation?
+      request.params["skip_validation"] || ENV["BANACLE_SKIP_VALIDATION"]
     end
   end
 end

data/lib/banacle/interactive_message/handler.rb

@@ -6,8 +6,12 @@ module Banacle
   module InteractiveMessage
     class Handler < Banacle::Handler
       def handle_request
-        command = InteractiveMessage::Parser.parse(JSON.parse(request_payload))
-        InteractiveMessage::Renderer.render(request.params, command)
+        unless authenticated?
+          return Renderer.render_unauthenticated
+        end
+
+        command = Parser.parse(JSON.parse(request_payload))
+        Renderer.render(request.params, command)
       end
 
       private

data/lib/banacle/interactive_message/renderer.rb

@@ -8,6 +8,18 @@ module Banacle
         new(params, command).render
       end
 
+      def self.render_unauthenticated
+        self.render_error("you are not authorized to perform this action")
+      end
+
+      def self.render_error(error)
+        Slack::Response.new(
+          response_type: "ephemeral",
+          replace_original: false,
+          text: "An error occurred: #{error}",
+        ).to_json
+      end
+
       def initialize(params, command)
         @params = params
         @command = command
@@ -16,7 +28,6 @@ module Banacle
       attr_reader :params, :command
 
       def render
-        payload = JSON.parse(params["payload"], symbolize_names: true)
         action = Slack::Action.new(payload[:actions].first)
 
         if action.approved?
@@ -30,54 +41,39 @@ module Banacle
         end
       end
 
-      protected
-
-      # override
-      def authenticated_user?
-        true
-      end
-
       private
 
       def render_approved_message(payload, command)
         unless valid_approver?
-          return render_error("you cannot approve the request by yourself")
+          return self.render_error("you cannot approve the request by yourself")
         end
 
-        if authenticated_user?
-          result = command.execute
+        result = command.execute
 
-          text = original_message_text
-          text += ":white_check_mark: *<@#{actioner_id}> approved this request*\n"
-          text += "Result:\n"
-          text += "```\n"
-          text += result
-          text += "```"
+        text = original_message_text
+        text += ":white_check_mark: *<@#{actioner_id}> approved this request*\n"
+        text += "Result:\n"
+        text += "```\n"
+        text += result
+        text += "```"
 
-          render_replacing_message(text)
-        else
-          render_error("you are not permitted to approve the request")
-        end
+        render_replacing_message(text)
       end
 
       def render_rejected_message(payload, command)
         unless valid_rejector?
-          return render_error("you cannot reject the request by yourself")
+          return self.render_error("you cannot reject the request by yourself")
         end
 
-        if authenticated_user?
-          text = original_message_text
-          text += ":no_entry_sign: *<@#{actioner_id}> rejected this request*"
+        text = original_message_text
+        text += ":no_entry_sign: *<@#{actioner_id}> rejected this request*"
 
-          render_replacing_message(text)
-        else
-          render_error("you are not permitted to reject the request")
-        end
+        render_replacing_message(text)
       end
 
       def render_cancelled_message(payload, command)
         unless valid_canceller?
-          return render_error("you cannot cancel the request by other than the requester")
+          return self.render_error("you cannot cancel the request by other than the requester")
         end
 
         text = original_message_text
@@ -94,14 +90,6 @@ module Banacle
         ).to_json
       end
 
-      def render_error(error)
-        Slack::Response.new(
-          response_type: "ephemeral",
-          replace_original: false,
-          text: "An error occurred: #{error}",
-        ).to_json
-      end
-
       def valid_approver?
         ENV['BANACLE_SKIP_VALIDATION'] || !self_actioned?
       end

data/lib/banacle/slash_command/handler.rb

@@ -7,13 +7,17 @@ module Banacle
   module SlashCommand
     class Handler < Banacle::Handler
       def handle_request
+        unless authenticated?
+          return Renderer.render_unauthenticated
+        end
+
         begin
-          command = SlashCommand::Parser.parse(request_text)
-        rescue SlashCommand::Error => e
-          return SlashCommand::Renderer.render_error(e)
+          command = Parser.parse(request_text)
+        rescue Error => e
+          return Renderer.render_error(e)
         end
 
-        SlashCommand::Renderer.render(request.params, command)
+        Renderer.render(request.params, command)
       end
 
       private

data/lib/banacle/slash_command/renderer.rb

@@ -6,27 +6,34 @@ module Banacle
   module SlashCommand
     class Renderer
       def self.render(params, command)
-        new.render(params, command)
+        new(params, command).render
       end
 
-      def self.render_error(error)
-        new.render_error(error)
-      end
-
-      def render(params, command)
-        render_approval_request(params, command)
+      def self.render_unauthenticated
+        render_error("you are not authorized to perform this command")
       end
 
-      def render_error(error)
+      def self.render_error(error)
         Slack::Response.new(
           response_type: "ephemeral",
           text: "An error occurred: #{error}",
         ).to_json
       end
 
-      def render_approval_request(params, command)
+      def initialize(params, command)
+        @params = params
+        @command = command
+      end
+
+      attr_reader :params, :command
+
+      def render
+        render_approval_request
+      end
+
+      def render_approval_request
         text = <<-EOS
-<@#{params["user_id"]}> wants to *#{command.action} NACL DENY entry* under the following conditions:
+<@#{user_id}> wants to *#{command.action} NACL DENY entry* under the following conditions:
 ```
 #{JSON.pretty_generate(command.to_h)}
 ```
@@ -51,6 +58,10 @@ module Banacle
           ],
         ).to_json
       end
+
+      def user_id
+        params["user_id"]
+      end
     end
   end
 end

data/lib/banacle/version.rb

@@ -1,3 +1,3 @@
 module Banacle
-  VERSION = "0.1.2"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: banacle
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Takuya Kosugiyama
@@ -145,6 +145,9 @@ files:
 - docs/demo1.png
 - docs/demo2.png
 - docs/nacl.png
+- example/Gemfile
+- example/Gemfile.lock
+- example/config.ru
 - lib/banacle.rb
 - lib/banacle/app.rb
 - lib/banacle/authenticator.rb