beyond_canvas 0.14.0.pre → 0.16.0.pre

data/app/javascript/beyond_canvas/initializers/inputs.js

@@ -1,4 +1,4 @@
-(function($) {
+(function ($) {
   const onDOMReady = function () {
     $('input[type="file"]').each(function () {
       var $input = $(this),
@@ -9,10 +9,7 @@
         var fileName = '';
 
         if (this.files && this.files.length > 1)
-          fileName = (this.getAttribute('data-multiple-caption') || '').replace(
-            '{count}',
-            this.files.length
-          );
+          fileName = (this.getAttribute('data-multiple-caption') || '').replace('{count}', this.files.length);
         else if (e.target.value) fileName = e.target.value.split('\\').pop();
 
         if (fileName)
@@ -33,7 +30,5 @@
     });
   };
 
-  $(document)
-    .ready(onDOMReady)
-    .on('ready page:load turbolinks:load', onDOMReady);
+  $(document).on('ready page:load turbolinks:load', onDOMReady);
 })(jQuery);

data/app/views/beyond_canvas/authentications/new.html.erb

@@ -0,0 +1,18 @@
+<div class='card card--padding'>
+
+  <%= form_for(resource, as: resource_name) do |f| %>
+
+    <h2 class='card__headline'>Install <%= BeyondCanvas.configuration.site_title %> in your shop</h2>
+
+    <%= f.hidden_field :code,             value: params[:code] || resource.code %>
+    <%= f.hidden_field :signature,        value: params[:signature] || resource.signature %>
+    <%= f.hidden_field :return_url,       value: params[:return_url] || resource.return_url %>
+    <%= f.hidden_field :api_url,          value: params[:api_url] || resource.api_url %>
+    <%= f.hidden_field :access_token_url, value: params[:access_token_url] || resource.access_token_url %>
+
+    <div class='form__actions--spaced'>
+      <%= f.button 'Save', type: :submit, class: 'button__solid--primary' %>
+    </div>
+
+  <% end %>
+</div>

data/config/locales/en.yml

@@ -0,0 +1,4 @@
+en:
+  beyond_canvas:
+    authentications:
+      failure: Shop could not be saved

data/config/routes.rb

@@ -2,4 +2,10 @@
 
 BeyondCanvas::Engine.routes.draw do
   put '/locale', to: 'system#update_locale', as: :update_locale
+
+  def create_default_routes(resource_name)
+    resources resource_name, controller: 'authentications', except: :destroy
+  end
+
+  create_default_routes(BeyondCanvas.auth_model.pluralize.to_sym) unless BeyondCanvas.use_rails_app_controller
 end

data/lib/beyond_canvas.rb

@@ -12,10 +12,30 @@ require 'http/accept'
 require 'premailer/rails'
 
 require 'beyond_api'
+require 'attr_encrypted'
+require 'blind_index'
 
 module BeyondCanvas # :nodoc:
-  autoload :AssetRegistration, 'beyond_canvas/asset_registration'
-  autoload :Configuration,     'beyond_canvas/configuration'
+  autoload :AssetRegistration,  'beyond_canvas/asset_registration'
+  autoload :Configuration,      'beyond_canvas/configuration'
+
+  module Models # :nodoc:
+    autoload :Authentication,   'beyond_canvas/models/authentication'
+    autoload :Shop,             'beyond_canvas/models/shop'
+    autoload :Utils,            'beyond_canvas/models/utils'
+  end
+
+  autoload :ParameterSanitizer, 'beyond_canvas/parameter_sanitizer'
+
+  mattr_accessor :use_rails_app_controller
+  @@use_rails_app_controller = false # rubocop:disable Style/ClassVars
+
+  mattr_accessor :auth_model
+  @@auth_model = 'shop' # rubocop:disable Style/ClassVars
+
+  def self.use_rails_app_controller=(value)
+    @use_rails_app_controller = value
+  end
 
   class << self
     def configuration

data/lib/beyond_canvas/configuration.rb

@@ -2,7 +2,7 @@
 
 module BeyondCanvas
   class Configuration # :nodoc:
-    attr_accessor :site_title, :site_logo, :favicon, :skip_webpacker
+    attr_accessor :site_title, :site_logo, :favicon, :skip_webpacker, :encryption_key, :blind_index_key, :namespace
 
     include AssetRegistration
 
@@ -11,6 +11,9 @@ module BeyondCanvas
       @site_logo = nil
       @favicon = nil
       @skip_webpacker = false
+      @encryption_key = nil
+      @blind_index_key = nil
+      @namespace = '/'
     end
 
     def setup!

data/lib/beyond_canvas/engine.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'beyond_canvas/rails/routes'
+
 module BeyondCanvas
   class Engine < ::Rails::Engine # :nodoc:
     isolate_namespace BeyondCanvas
@@ -15,7 +17,9 @@ module BeyondCanvas
 
     config.before_initialize do
       ActiveSupport.on_load :action_controller do
+        include ::BeyondCanvas::Authentication
         include ::BeyondCanvas::LocaleManagement
+        include ::BeyondCanvas::ResourceManagement
         include ::BeyondCanvas::RequestValidation
         include ::BeyondCanvas::StatusCodes
 

data/lib/beyond_canvas/models/authentication.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  module Models
+    module Authentication # :nodoc:
+      extend ActiveSupport::Concern
+
+      included do
+        attr_accessor :code, :signature, :access_token_url
+
+        ##############################################################################
+        # Encrypted attribute configuration
+        ##############################################################################
+
+        attr_encrypted :beyond_api_url,       key: [BeyondCanvas.configuration.encryption_key].pack('H*')
+        attr_encrypted :beyond_access_token,  key: [BeyondCanvas.configuration.encryption_key].pack('H*')
+        attr_encrypted :beyond_refresh_token, key: [BeyondCanvas.configuration.encryption_key].pack('H*')
+
+        blind_index    :beyond_api_url,       key: [BeyondCanvas.configuration.blind_index_key].pack('H*')
+
+        ##############################################################################
+        # Validations
+        ##############################################################################
+
+        # Callback url params
+
+        validates :code,
+                  presence: true,
+                  on: :create
+        validates :signature,
+                  presence: true,
+                  on: :create
+        validates :access_token_url,
+                  presence: true,
+                  on: :create
+
+        # Database fields
+
+        validates :beyond_api_url,
+                  presence: true
+        validates :beyond_access_token,
+                  presence: true,
+                  unless: -> { encrypted_beyond_access_token_was.blank? }
+        validates :beyond_refresh_token,
+                  presence: true,
+                  unless: -> { encrypted_beyond_refresh_token_was.blank? }
+
+        ##############################################################################
+        # Instance methods
+        ##############################################################################
+
+        #
+        # Get and save access_token and refresh_token using the authentication code
+        # NOTE: This method is used during the shop creation, as it is the only point
+        # we know about the authentication code
+        #
+        def authenticate
+          session = BeyondApi::Session.new(api_url: beyond_api_url)
+          session.token.create(code)
+          update(beyond_access_token: session.access_token,
+                 beyond_refresh_token: session.refresh_token)
+        end
+      end
+    end
+  end
+end

data/lib/beyond_canvas/models/shop.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  module Models
+    module Shop # :nodoc:
+      extend ActiveSupport::Concern
+      include BeyondCanvas::Models::Authentication
+      include BeyondCanvas::Models::Utils
+
+      included do
+        attr_accessor :api_url, :return_url
+
+        ##############################################################################
+        # Validations
+        ##############################################################################
+
+        # Callback url params
+
+        validates :api_url,
+                  presence: true,
+                  on: :create
+        validates :return_url,
+                  presence: true,
+                  on: :create
+      end
+    end
+  end
+end

data/lib/beyond_canvas/models/utils.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  module Models
+    module Utils # :nodoc:
+      extend ActiveSupport::Concern
+
+      included do
+        ##############################################################################
+        # Instance methods
+        ##############################################################################
+
+        #
+        # Generates a new access_token and refresh_token
+        #
+        def refresh_token
+          beyond_session = BeyondApi::Session.new(api_url: beyond_api_url, refresh_token: beyond_refresh_token)
+          beyond_session.token.refresh
+
+          update(beyond_access_token: beyond_session.access_token,
+                 beyond_refresh_token: beyond_session.refresh_token)
+        end
+
+        #
+        # Generates a new access_token and refresh_token if they have expired
+        #
+        def refresh_token_if_needed
+          token_timestamp = JWT.decode(beyond_access_token, nil, false).first['exp']
+          current_timestamp = DateTime.now.to_i
+          return unless token_timestamp - current_timestamp <= 3600
+
+          refresh_token
+        end
+
+        #
+        # Returns a BeyondApi::Session object with api_url, access_token and refresh_token attributes
+        #
+        def to_session
+          BeyondApi::Session.new(api_url: beyond_api_url,
+                                 access_token: beyond_access_token,
+                                 refresh_token: beyond_refresh_token)
+        end
+
+        ##############################################################################
+        # Class methods
+        ##############################################################################
+
+        def self.find_session(id)
+          shop = find(id)
+          shop.to_session
+        end
+      end
+    end
+  end
+end

data/lib/beyond_canvas/parameter_sanitizer.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  class ParameterSanitizer # :nodoc:
+    DEFAULT_PERMITTED_ATTRIBUTES = %i[code signature return_url api_url access_token_url].freeze
+
+    def initialize(resource_name, params)
+      @params         = params
+      @resource_name  = resource_name
+      @permitted      = DEFAULT_PERMITTED_ATTRIBUTES
+    end
+
+    def sanitize
+      permit_keys(default_params)
+    end
+
+    def permit(*keys)
+      @permitted.concat(keys)
+    end
+
+    private
+
+    def default_params
+      if hashable_resource_params?
+        @params.fetch(@resource_name)
+      else
+        empty_params
+      end
+    end
+
+    def hashable_resource_params?
+      @params[@resource_name].respond_to?(:permit)
+    end
+
+    def empty_params
+      ActionController::Parameters.new({})
+    end
+
+    def permit_keys(parameters)
+      parameters.permit(*@permitted)
+    end
+  end
+end

data/lib/beyond_canvas/rails/routes.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module ActionDispatch
+  module Routing
+    class Mapper # :nodoc:
+      def beyond_canvas_for(*resources)
+        mount BeyondCanvas::Engine => BeyondCanvas.configuration.namespace
+
+        resource_name, options = resources
+        BeyondCanvas.auth_model = resource_name.to_s.singularize
+        BeyondCanvas.use_rails_app_controller = options.present? && options[:controller].present?
+
+        set_routes(resource_name, options[:controller]) if BeyondCanvas.use_rails_app_controller
+      end
+
+      def set_routes(resource_name, controller)
+        resources resource_name, controller: controller
+      end
+    end
+  end
+end

data/lib/beyond_canvas/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module BeyondCanvas
-  VERSION = '0.14.0.pre'
+  VERSION = '0.16.0.pre'
 end

data/lib/generators/beyond_canvas/auth_model/auth_model_generator.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require 'rails/generators/active_record'
+
+module BeyondCanvas
+  module Generators
+    class AuthModelGenerator < ActiveRecord::Generators::Base # :nodoc:
+      desc 'Generates a model with the given name and provides a method to authenticate in Beyond Backend'
+
+      argument :attributes, type: :array, default: [], banner: 'field:type field:type'
+
+      source_root File.expand_path('templates', __dir__)
+
+      def copy_beyond_canvas_migration
+        migration_path = File.join('db', 'migrate')
+        migration_template 'migration.erb',
+                           "#{migration_path}/beyond_canvas_create_#{table_name}.rb",
+                           migration_version: migration_version
+      end
+
+      def generate_model
+        template 'model.erb', File.join('app', 'models', "#{file_path}.rb")
+      end
+
+      private
+
+      def rails5_and_up?
+        Rails::VERSION::MAJOR >= 5
+      end
+
+      def migration_version
+        "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]" if rails5_and_up?
+      end
+
+      def migration_data
+        <<RUBY
+      t.string :encrypted_beyond_api_url,       null: false
+      t.string :encrypted_beyond_api_url_iv,    null: false
+      t.string :beyond_api_url_bidx,            null: false
+
+      t.text :encrypted_beyond_access_token,    null: true
+      t.text :encrypted_beyond_access_token_iv, null: true
+
+      t.text :encrypted_beyond_refresh_token,    null: true
+      t.text :encrypted_beyond_refresh_token_iv, null: true
+RUBY
+      end
+    end
+  end
+end

data/lib/generators/beyond_canvas/auth_model/templates/migration.erb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class BeyondCanvasCreate<%= table_name.camelize %> < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :<%= table_name %><%= primary_key_type %> do |t|
+<%= migration_data -%>
+
+<% attributes.each do |attribute| -%>
+    t.<%= attribute.type %> :<%= attribute.name %>
+<% end -%>
+
+      t.timestamps null: false
+    end
+
+    add_index :<%= table_name %>, :encrypted_beyond_api_url_iv,       unique: true
+    add_index :<%= table_name %>, :beyond_api_url_bidx,               unique: true
+    add_index :<%= table_name %>, :encrypted_beyond_access_token_iv,  unique: true
+    add_index :<%= table_name %>, :encrypted_beyond_refresh_token_iv, unique: true
+  end
+end

data/lib/generators/beyond_canvas/auth_model/templates/model.erb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class <%= file_path.classify %> < ApplicationRecord
+  include BeyondCanvas::Models::Shop
+end

data/lib/generators/beyond_canvas/controller/controller_generator.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'rails/generators/active_record'
+
+module BeyondCanvas
+  module Generators
+    class ControllerGenerator < Rails::Generators::Base # :nodoc:
+      desc 'Creates an inherited Beyond Canvas controller in the app/controllers folder'
+
+      argument :scope, required: true, desc: 'The scope to create the controller, e.g. shops, users'
+
+      source_root File.expand_path('templates', __dir__)
+
+      def create_controller
+        template 'controller.erb',
+                 "app/controllers/#{scope}_controller.rb"
+      end
+    end
+  end
+end