bsm_oa 0.3.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b5025b6ecca24e19622010e73f34aeb51ab6c41c
+  data.tar.gz: 509fddabc2da4dc37aac6fe107af71dd43dd9885
+SHA512:
+  metadata.gz: 2813cf35613dca6b1693216d3ca2f3f304eb28003e92f162d567657e7f6afc1033fa9dc8a33459b1e5bb377168e277ff91e6dfb779ed5e903866fc51e017df34
+  data.tar.gz: d497df0bc2375359c9cbcb49edda1034447350370c2bd626d0228d23232071cb20958de605b765776903f2159c6ed8a406ae4c701609722a9b2b6c0c4ade62e4

data/.gitignore

@@ -0,0 +1,2 @@
+pkg/
+*.sqlite

data/.travis.yml

@@ -0,0 +1,5 @@
+language: ruby
+rvm:
+  - 2.2.2
+  - 2.1.3
+  - 1.9.3

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,180 @@
+PATH
+  remote: .
+  specs:
+    bsm_oa (0.3.1)
+      bsm-models
+      doorkeeper (~> 3.0.0.rc)
+      has_scope (~> 0.6)
+      jbuilder (~> 2.2)
+      jquery-rails
+      railties (>= 4.1, < 5.0)
+      responders (~> 2.0)
+      simple_form (~> 3.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (4.2.2)
+      actionpack (= 4.2.2)
+      actionview (= 4.2.2)
+      activejob (= 4.2.2)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+    actionpack (4.2.2)
+      actionview (= 4.2.2)
+      activesupport (= 4.2.2)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.1)
+    actionview (4.2.2)
+      activesupport (= 4.2.2)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.1)
+    activejob (4.2.2)
+      activesupport (= 4.2.2)
+      globalid (>= 0.3.0)
+    activemodel (4.2.2)
+      activesupport (= 4.2.2)
+      builder (~> 3.1)
+    activerecord (4.2.2)
+      activemodel (= 4.2.2)
+      activesupport (= 4.2.2)
+      arel (~> 6.0)
+    activesupport (4.2.2)
+      i18n (~> 0.7)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    arel (6.0.0)
+    bsm-models (0.8.2)
+      abstract
+      activerecord (>= 4.1.0, < 5.0.0)
+      railties (>= 4.1.0, < 5.0.0)
+    builder (3.2.2)
+    combustion (0.5.3)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
+      thor (>= 0.14.6)
+    database_cleaner (1.4.1)
+    diff-lcs (1.2.5)
+    doorkeeper (3.0.0.rc1)
+      railties (>= 3.2)
+    erubis (2.7.0)
+    factory_girl (4.5.0)
+      activesupport (>= 3.0.0)
+    faker (1.4.3)
+      i18n (~> 0.5)
+    globalid (0.3.5)
+      activesupport (>= 4.1.0)
+    has_scope (0.6.0)
+      actionpack (>= 3.2, < 5)
+      activesupport (>= 3.2, < 5)
+    i18n (0.7.0)
+    jbuilder (2.3.0)
+      activesupport (>= 3.0.0, < 5)
+      multi_json (~> 1.2)
+    jquery-rails (4.0.4)
+      rails-dom-testing (~> 1.0)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
+    json (1.8.3)
+    json_spec (1.1.4)
+      multi_json (~> 1.0)
+      rspec (>= 2.0, < 4.0)
+    loofah (2.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.6.3)
+      mime-types (>= 1.16, < 3)
+    mime-types (2.6.1)
+    mini_portile (0.6.2)
+    minitest (5.7.0)
+    multi_json (1.11.1)
+    nokogiri (1.6.6.2)
+      mini_portile (~> 0.6.0)
+    rack (1.6.2)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (4.2.2)
+      actionmailer (= 4.2.2)
+      actionpack (= 4.2.2)
+      actionview (= 4.2.2)
+      activejob (= 4.2.2)
+      activemodel (= 4.2.2)
+      activerecord (= 4.2.2)
+      activesupport (= 4.2.2)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.2.2)
+      sprockets-rails
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.6)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6.0)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.2)
+      loofah (~> 2.0)
+    railties (4.2.2)
+      actionpack (= 4.2.2)
+      activesupport (= 4.2.2)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (10.4.2)
+    responders (2.1.0)
+      railties (>= 4.2.0, < 5)
+    rspec (3.3.0)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+    rspec-core (3.3.1)
+      rspec-support (~> 3.3.0)
+    rspec-expectations (3.3.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-mocks (3.3.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-rails (3.3.2)
+      actionpack (>= 3.0, < 4.3)
+      activesupport (>= 3.0, < 4.3)
+      railties (>= 3.0, < 4.3)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+      rspec-support (~> 3.3.0)
+    rspec-support (3.3.0)
+    shoulda-matchers (2.8.0)
+      activesupport (>= 3.0.0)
+    simple_form (3.1.0)
+      actionpack (~> 4.0)
+      activemodel (~> 4.0)
+    sprockets (3.2.0)
+      rack (~> 1.0)
+    sprockets-rails (2.3.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (>= 2.8, < 4.0)
+    sqlite3 (1.3.10)
+    thor (0.19.1)
+    thread_safe (0.3.5)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bsm_oa!
+  combustion (~> 0.5.3)
+  database_cleaner
+  factory_girl
+  faker
+  json_spec
+  rails (>= 4.1)
+  rspec-rails
+  shoulda-matchers
+  sqlite3

data/Rakefile

@@ -0,0 +1,21 @@
+require 'bundler/setup'
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run all specs"
+RSpec::Core::RakeTask.new(:spec) do |config|
+  config.verbose = false
+end
+
+desc "Show test app routes"
+task :routes do
+  require File.expand_path('../spec/spec_helper', __FILE__)
+  require 'action_dispatch/routing/inspector'
+
+  all_routes = Rails.application.routes.routes
+  inspector  = ActionDispatch::Routing::RoutesInspector.new(all_routes)
+  puts inspector.format(ActionDispatch::Routing::ConsoleFormatter.new, ENV['CONTROLLER'])
+end

data/app/controllers/bsm_oa/accounts_controller.rb

@@ -0,0 +1,12 @@
+module BsmOa
+  class AccountsController < Doorkeeper::ApplicationController
+    before_action :doorkeeper_authorize!
+    respond_to    :json
+
+    # GET /me.json
+    def show
+      @account = BsmOa.config.user_class.find doorkeeper_token.try(:resource_owner_id)
+      respond_with @account
+    end
+  end
+end

data/app/controllers/bsm_oa/applications_controller.rb

@@ -0,0 +1,35 @@
+module BsmOa
+  class ApplicationsController < Doorkeeper::ApplicationsController
+    respond_to :html, :json
+    before_filter :redirect_to_index_on_html, only: [:show]
+
+    def create
+      @application = Doorkeeper::Application.create(application_params)
+      location = oauth_application_path(@application) if @application.persisted?
+      respond_with @application, location: location
+    end
+
+    def update
+      @application.update(application_params)
+      respond_with @application, location: oauth_application_path(@application)
+    end
+
+    def destroy
+      respond_with @application, location: oauth_applications_path
+    end
+
+    protected
+
+      def application_params
+        params.require(:doorkeeper_application).permit(:name, :redirect_uri, :permissions, :permissions_string, :uid, :secret)
+      end
+
+      def redirect_to_index_on_html
+        return unless request.format.html?
+
+        flash.keep
+        redirect_to oauth_applications_path
+      end
+
+  end
+end

data/app/controllers/bsm_oa/authorizations_controller.rb

@@ -0,0 +1,80 @@
+ module BsmOa
+  class AuthorizationsController < Doorkeeper::ApplicationController
+    respond_to :html
+    respond_to :json, except: [:new, :edit]
+    respond_to :js, only: [:toggle]
+    before_filter :redirect_to_index_on_html, only: [:show]
+
+    def index
+      @authorizations = apply_scopes(resource_scope)
+      respond_with @authorizations
+    end
+
+    def show
+      @authorization = resource_scope.find params[:id]
+      respond_with @authorization
+    end
+
+    def new
+      @authorization = resource_scope.new
+      respond_with @authorization
+    end
+
+    def edit
+      @authorization = resource_scope.find params[:id]
+      respond_with @authorization
+    end
+
+    def create
+      @authorization = resource_scope.create permitted_params
+      respond_with @authorization
+    end
+
+    def update
+      @authorization = resource_scope.find params[:id]
+      @authorization.update(permitted_params)
+      respond_with @authorization, location: bsm_oa_authorization_path(@authorization)
+    end
+
+    def toggle
+      @authorization = resource_scope.find params[:id]
+      @authorization.toggle(params[:permission])
+      respond_with @authorization
+    end
+
+    def destroy
+      @authorization = resource_scope.find params[:id]
+      @authorization.destroy
+      respond_with @authorization, location: bsm_oa_authorization_path(@authorization)
+    end
+
+    protected
+
+    # @return [User]
+    def parent
+      @parent ||= BsmOa::Role.find params[:bsm_oa_role_id]
+    end
+
+    # @return [ActiveRecord::Relation]
+    def resource_scope
+      if params[:bsm_oa_role_id]
+        parent.authorizations.all
+      else
+        BsmOa::Authorization.all
+      end
+    end
+
+    def permitted_params
+      params.require(:authorization).permit :application_id, :permissions_string, :uid, :secret
+    end
+
+    def redirect_to_index_on_html
+      return unless request.format.html?
+
+      flash.keep
+      @authorization ||= resource_scope.find params[:id]
+      redirect_to bsm_oa_role_path(@authorization.role)
+    end
+
+  end
+end

data/app/controllers/bsm_oa/roles_controller.rb

@@ -0,0 +1,58 @@
+module BsmOa
+  class RolesController < Doorkeeper::ApplicationController
+    respond_to :html
+    respond_to :json, except: [:new, :edit]
+
+    has_scope :ordered, default: true, only: [:index]
+
+    def index
+      @roles = apply_scopes(resource_scope)
+      respond_with @roles
+    end
+
+    def show
+      @role = resource_scope.find params[:id]
+      respond_with @role
+    end
+
+    def new
+      @role = resource_scope.new
+      respond_with @role
+    end
+
+    def create
+      @role = resource_scope.create permitted_params
+      location = bsm_oa_role_url(@role) if @role.persisted?
+      respond_with @role, location: location
+    end
+
+    def edit
+      @role = resource_scope.find params[:id]
+      respond_with @role
+    end
+
+    def update
+      @role = resource_scope.find params[:id]
+      @role.update permitted_params
+      respond_with @role, location: bsm_oa_role_url(@role)
+    end
+
+    def destroy
+      @role = resource_scope.find params[:id]
+      @role.destroy
+      respond_with @role, location: bsm_oa_roles_url
+    end
+
+    protected
+
+    # @return [ActiveRecord::Relation]
+    def resource_scope
+      BsmOa::Role.all
+    end
+
+    def permitted_params
+      params.require(:role).permit :name, :description
+    end
+
+  end
+end

data/app/views/bsm_oa/accounts/show.json.jbuilder

@@ -0,0 +1,7 @@
+json.(@account, *BsmOa.config.user_attrs)
+
+json.authorizations @account.authorizations.includes(:application) do |auth|
+  json.uid auth.application.uid
+  json.permissions auth.permissions
+end if @account.respond_to?(:authorizations)
+

data/app/views/bsm_oa/applications/_application.html.erb

@@ -0,0 +1,15 @@
+<tr>
+  <td><%= application.name %></td>
+  <td><%= truncate(application.uid, length: 15) %></td>
+  <td><%= truncate(application.secret, length: 15) %></td>
+  <td><%= application.redirect_uri %></td>
+  <td>
+    <%= '&ndash;'.html_safe if application.permissions.empty? %>
+    <% application.permissions.each do |pm| %>
+      <span class="label label-info"><%= "#{pm}" %></span>
+    <% end %>
+  <td>
+    <%= link_to t('doorkeeper.applications.buttons.edit'), edit_oauth_application_path(application), class: 'btn btn-default btn-xs' %>
+    <%= link_to 'Delete', oauth_application_path(application), data: { confirm: 'Are you sure?' }, method: :delete, class: 'btn btn-default btn-xs'%>
+  </td>
+</tr>

data/app/views/bsm_oa/applications/_application.json.jbuilder

@@ -0,0 +1 @@
+json.(application, :id, :name, :uid, :secret, :redirect_uri, :scopes)

data/app/views/bsm_oa/applications/_inputs.html.erb

@@ -0,0 +1,11 @@
+<%= f.input :name, placeholder: "Enter name"%>
+
+<%= f.input :uid, placeholder: "Enter application UID"%>
+
+<%= f.input :secret, placeholder: "Enter application secret"%>
+
+<%= f.input :redirect_uri, placeholder: "Enter redirect url"%>
+
+<%= f.input :permissions_string, placeholder: "Enter comma separated permissions"%>
+
+<%= f.button :submit %>

data/app/views/bsm_oa/applications/create.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'application', application: @application

data/app/views/bsm_oa/applications/edit.html.erb

@@ -0,0 +1,10 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, oauth_applications_path, class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>Edit Application</h1>
+</div>
+
+<%= simple_form_for @application, url: oauth_application_url(@application) do |f| %>
+  <%= render 'inputs', f: f %>
+<% end %>

data/app/views/bsm_oa/applications/index.html.erb

@@ -0,0 +1,24 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to 'New Application', new_oauth_application_path, class: 'btn btn-lg btn-primary' %>
+  </div>
+  <h1>Applications</h1>
+</div>
+
+<table class="table table-hover">
+  <thead>
+    <tr>
+      <th><%= t('.name') %></th>
+      <th><%= t('.uid') %></th>
+      <th><%= t('.secret') %></th>
+      <th><%= t('.callback_url') %></th>
+      <th><%= t('.permissions') %></th>
+      <th></th>
+    </tr>
+  </thead>
+  <tbody>
+  <% @applications.each do |application| %>
+    <%= render 'application', application: application %>
+  <% end %>
+  </tbody>
+</table>

data/app/views/bsm_oa/applications/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @applications, :id, :name

data/app/views/bsm_oa/applications/new.html.erb

@@ -0,0 +1,10 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, oauth_applications_path, class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>New Application</h1>
+</div>
+
+<%= simple_form_for @application, url: oauth_applications_url do |f| %>
+  <%= render 'inputs', f: f %>
+<% end %>

data/app/views/bsm_oa/applications/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'application', application: @application

data/app/views/bsm_oa/applications/update.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'application', application: @application

data/app/views/bsm_oa/authorizations/_authorization.json.jbuilder

@@ -0,0 +1 @@
+json.(authorization, :id, :role_id, :application_id, :permissions)

data/app/views/bsm_oa/authorizations/_inputs.html.erb

@@ -0,0 +1,2 @@
+<%= f.association :application, as: :select, collection: Doorkeeper::Application.ordered, prompt: true %>
+<%= f.button :submit %>

data/app/views/bsm_oa/authorizations/edit.html.erb

@@ -0,0 +1,10 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, bsm_oa_role_path(@authorization.role), class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>Edit Authorization</h1>
+</div>
+
+<%= simple_form_for @authorization, url: bsm_oa_authorization_url do |f| %>
+  <%= render 'inputs', f: f %>
+<% end %>

data/app/views/bsm_oa/authorizations/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @authorizations, :role_id, :application_id, :permissions

data/app/views/bsm_oa/authorizations/new.html.erb

@@ -0,0 +1,11 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, bsm_oa_role_path(@parent), class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>New Authorization</h1>
+</div>
+
+<%= simple_form_for [@parent, @authorization], url: bsm_oa_role_bsm_oa_authorizations_url do |f| %>
+  <%= f.association :application, as: :select, collection: Doorkeeper::Application.ordered, prompt: true %>
+  <%= f.button :submit %>
+<% end %>

data/app/views/bsm_oa/authorizations/toggle.js.erb

@@ -0,0 +1,9 @@
+var elem     = $("bsm_oa_authorization_<%= @authorization.to_param %>_<%= params[:permission] %>"),
+    included = <%= @authorization.permissions.include?(params[:permission]) %>,
+    inClass  = "label-info",
+    exClass  = "label-default";
+
+elem
+  .removeClass(inClass)
+  .removeClass(exClass)
+  .addClass(included ? inClass : exClass);

data/app/views/bsm_oa/authorizations/toggle.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'authorization', authorization: @authorization

data/app/views/bsm_oa/roles/_authorization.html.erb

@@ -0,0 +1,17 @@
+<%- app = auth.application %>
+<tr>
+  <td><%= app.name %></td>
+  <td>
+    <%= '&ndash;'.html_safe if app.permissions.empty? %>
+    <% app.permissions.each do |permission| %>
+      <%- klass = auth.permissions.include?(permission) ? 'info' : 'default' %>
+      <%- path  = toggle_authorization_path auth, permission: permission, format: 'js' %>
+      <%- elem  = "bsm_oa_authorization_#{auth.to_param}_#{permission}" %>
+      <%= link_to permission, path, class: "label label-#{klass}", remote: true, method: :put, id: elem %>
+    <% end %>
+  </td>
+  <td>
+    <%= link_to 'Edit', edit_authorization_path(auth), class: 'btn btn-default btn-xs' %>
+    <%= link_to 'Delete', authorization_path(auth), data: { confirm: 'Are you sure?' }, method: :delete, class: 'btn btn-default btn-xs' %>
+  </td>
+</tr>

data/app/views/bsm_oa/roles/_inputs.html.erb

@@ -0,0 +1,5 @@
+<%= f.input :name, placeholder: "Enter name" %>
+<%= f.input :description, placeholder: "Enter description" %>
+
+<%= f.button :submit %>
+

data/app/views/bsm_oa/roles/_role.html.erb

@@ -0,0 +1,16 @@
+<tr>
+  <td><%= link_to role.name, role %></td>
+  <td>
+    <%= '&ndash;'.html_safe unless role.description %>
+    <%= role.description %></td>
+  <td>
+    <%= '&ndash;'.html_safe if role.authorizations.empty? %>
+    <% role.authorizations.includes(:application).each do |auth| %>
+      <span class="label label-info"><%= "#{auth.application.name}" %></span>
+    <% end %>
+  </td>
+  <td>
+    <%= link_to 'Edit', edit_role_url(role), class: 'btn btn-default btn-xs' if current_user.admin? %>
+    <%= link_to 'Delete', role_path(role), data: { confirm: 'Are you sure?' }, :method => :delete, class: 'btn btn-default btn-xs'  %>
+  </td>
+</tr>

data/app/views/bsm_oa/roles/_role.json.jbuilder

@@ -0,0 +1,2 @@
+json.(role, :id, :name)
+

data/app/views/bsm_oa/roles/create.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'role', role: @role

data/app/views/bsm_oa/roles/edit.html.erb

@@ -0,0 +1,10 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, bsm_oa_roles_path, class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>Edit Role</h1>
+</div>
+
+<%= simple_form_for @role, url: bsm_oa_role_url(@role) do |f| %>
+  <%= render 'inputs', f: f %>
+<% end %>

data/app/views/bsm_oa/roles/index.html.erb

@@ -0,0 +1,19 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to 'New Role', new_bsm_oa_role_path, class: 'btn btn-lg btn-primary' %>
+  </div>
+  <h1>Roles</h1>
+</div>
+
+<div class="table-responsive">
+  <table class="table table-hover">
+    <thead>
+      <tr><th>Name</th><th>Description</th><th>Authorizations</th><th>&nbsp;</th></tr>
+    </thead>
+    <tbody>
+      <% @roles.includes(:authorizations).each do |role| -%>
+        <%= render 'role', role: role %>
+      <% end -%>
+    </tbody>
+  </table>
+</div>

data/app/views/bsm_oa/roles/index.json.jbuilder

@@ -0,0 +1,2 @@
+json.array! @roles, :id, :name
+

data/app/views/bsm_oa/roles/new.html.erb

@@ -0,0 +1,10 @@
+<div class="page-header">
+  <div class="pull-right">
+    <%= link_to "&larr; Back".html_safe, bsm_oa_roles_path, class: 'btn btn-lg btn-default'%>
+  </div>
+  <h1>New Role</h1>
+</div>
+
+<%= simple_form_for @role, url: bsm_oa_roles_path do |f| %>
+  <%= render 'inputs', f: f %>
+<% end %>