card-mod-account 0.15.6 → 0.17.0

data/set/right/password.rb

@@ -2,11 +2,19 @@ include_set Abstract::AccountField
 
 assign_type :phrase
 
+PASSWORD_REGEX = {
+  lower: /[a-z]/,
+  upper: /[A-Z]/,
+  special_char: /[!"#$%&'()*+,-.\/:;<=>?@\[\]\\^_`{|}~]/,
+  number: /\d+/,
+  letter: /[a-zA-Z]/
+}.freeze
+
 def history?
   false
 end
 
-def ok_to_read
+def ok_to_read?
   own_account? || super
 end
 
@@ -15,14 +23,27 @@ event :encrypt_password, :store, on: :save, changed: :content do
   self.content = Auth.encrypt content, salt
 
   # errors.add :password, 'need a valid salt'
-  # turns out we have a lot of existing account without a salt.
+  # turns out we have a lot of existing accounts without a salt.
   # not sure when that broke??
 end
 
-event :validate_password, :validate, on: :save do
-  return if content.length > 3
+event :validate_password_length, :validate, on: :save do
+  min_pw_length = Cardio.config.account_password_length
+  return if content.length >= min_pw_length
+
+  errors.add :password, t(:account_password_length, num_char: min_pw_length)
+end
+
+event :validate_password_chars, :validate, on: :save do
+  pw_requirements = check_password_regex(
+    Cardio.config.account_password_requirements,
+    PASSWORD_REGEX,
+    content
+  )
+  return unless pw_requirements
 
-  errors.add :password, t(:account_password_length)
+  error_message = consolidated_password_error_message(pw_requirements)
+  errors.add :password, t(:account_password_requirements, char_type: error_message)
 end
 
 event :validate_password_present, :prepare_to_validate, on: :update do
@@ -33,14 +54,37 @@ view :raw do
   t :account_encrypted
 end
 
+private
+
+def check_password_regex char_types, regex_hash, password
+  pw_requirements = []
+
+  char_types.each do |char_type|
+    if regex_hash.key?(char_type) && password !~ regex_hash[char_type]
+      pw_requirements << :"account_password_requirement_#{char_type}"
+    end
+  end
+  pw_requirements unless pw_requirements.empty?
+end
+
+private
+
+def consolidated_password_error_message err_messages
+  error_message = err_messages.map { |message| t(message) }
+  if error_message.length > 2
+    "#{error_message[0...-1].join(', ')}, and #{error_message[-1]}"
+  else
+    error_message.join(" and ")
+  end
+end
+
 format :html do
   view :core, wrap: :em do
     render_raw
   end
 
-  view :input do
-    card.content = ""
-    password_field :content, class: "d0-card-content", autocomplete: autocomplete?
+  def input_type
+    :password
   end
 
   def autocomplete?

data/set/right/status.rb

@@ -13,7 +13,7 @@ def option_names
   %w[unapproved unverified active blocked] # system
 end
 
-def ok_to_update
+def ok_to_update?
   if own_account? && !Auth.always_ok?
     deny_because you_cant(t(:account_deny_not_change_own_account))
   else

data/set/self/anonymous.rb

@@ -0,0 +1,13 @@
+include_set Abstract::AccountHolder
+
+def account
+  nil
+end
+
+def account?
+  false
+end
+
+def admin?
+  false
+end

data/set/self/role.rb

@@ -1,18 +1,14 @@
 class << self
   CACHE_KEY = "ROLEHASH".freeze
 
-  def load_rolehash
-    ::Card.cache.fetch(CACHE_KEY) do
-      generate_rolehash
-    end
+  def role_hash
+    @role_hash ||= load_rolehash
   end
 
-  def generate_rolehash
-    Auth.as_bot do
-      Card.search(left: { type_id: Card::RoleID }, right_id: Card::MembersID)
-          .each_with_object({}) do |member_card, hash|
-        hash[member_card.left_id] = ::Set.new member_card.item_ids
-      end
+  def role_ids user_id
+    role_hash.each_with_object([]) do |(role_id, member_ids), all_role_ids|
+      next unless member_ids.include? user_id
+      all_role_ids << role_id
     end
   end
 
@@ -25,14 +21,20 @@ class << self
     @role_hash = nil
   end
 
-  def role_hash
-    @role_hash ||= load_rolehash
+  private
+
+  def load_rolehash
+    ::Card.cache.fetch(CACHE_KEY) do
+      generate_rolehash
+    end
   end
 
-  def role_ids user_id
-    role_hash.each_with_object([]) do |(role_id, member_ids), all_role_ids|
-      next unless member_ids.include? user_id
-      all_role_ids << role_id
+  def generate_rolehash
+    Auth.as_bot do
+      Card.search(left: { type_id: Card::RoleID }, right_id: Card::MembersID)
+          .each_with_object({}) do |member_card, hash|
+        hash[member_card.left_id] = ::Set.new member_card.item_ids
+      end
     end
   end
 end

data/set/self/signin.rb

@@ -34,7 +34,7 @@ def email_from_field
   @email_from_field ||= field_content(:email)
 end
 
-def ok_to_read
+def ok_to_read?
   true
 end
 

data/set/self/wagn_bot.rb

@@ -0,0 +1,5 @@
+include_set Abstract::AccountHolder
+
+def admin?
+  true
+end

data/set/type/role.rb

@@ -9,6 +9,20 @@ format :html do
     role_checkbox
   end
 
+  view :configs do
+    configs_by_cat = card.all_admin_configs_grouped_by(:roles, :category)[card.codename]
+    configs_by_cat.map do |(cat, configs)|
+      if cat == "cardtypes"
+        nested_list_section cat.capitalize,
+                            card.config_codenames_grouped_by_title(configs)
+      elsif cat == "views"
+        next
+      else
+        list_section cat.capitalize, configs.map { |c| c.codename.to_sym }, :closed_bar
+      end
+    end
+  end
+
   def role_checkbox
     name = card.disabled? ? "add_item" : "drop_item"
     subformat(Auth.current.field(:disabled_roles)).card_form :update do

data/set/type/signup/views.rb

@@ -45,7 +45,7 @@ format :html do
   end
 
   def account_lines
-    if card.account
+    if card.account?
       verification_lines
     else
       [t(:account_missing_account)]

data/set/type/signup.rb

@@ -1,4 +1,4 @@
-include_set Abstract::Accountable
+include_set Abstract::AccountHolder
 
 basket[:non_createable_types] << :signup
 
@@ -37,6 +37,8 @@ event :act_as_current_for_integrate_stage, :integrate, on: :create do
   Auth.current_id = id
 end
 
+private
+
 def request_verification
   acct = field :account
   acct.field :status, content: "unverified"

data/set/type/user.rb

@@ -1,11 +1,13 @@
-include_set Abstract::Accountable
+include_set Abstract::AccountHolder
+
+basket[:roles_for_first_user] = %i[help_desk shark administrator]
 
 attr_accessor :email
 
 format :html do
   delegate :needs_setup?, to: Card::Auth
 
-  view :setup, unknown: true, perms: :needs_setup? do
+  view :setup, unknown: true, perms: :needs_setup?, cache: :never do
     with_nest_mode :edit do
       voo.title = "Your deck is ready to go!" # LOCALIZE
       voo.show! :help
@@ -36,37 +38,37 @@ format :html do
 
   def setup_hidden_fields
     hidden_tags(
-      setup: true,
-      success: { redirect: true, mark: path(mark: "") },
-      "card[type_id]" => Card.default_accounted_type_id
+      card: {
+        type_id: Card.default_accounted_type_id,
+        trigger: %w[check_setup]
+      },
+      success: { redirect: true, mark: path(mark: "") }
     )
   end
 end
 
-# FIXME. use trigger
-def setup?
-  Card::Env.params[:setup]
-end
-
-event :setup_as_bot, before: :check_permissions, on: :create, when: :setup? do
+event :check_setup, before: :check_permissions, on: :create, trigger: :required do
   abort :failure unless Auth.needs_setup?
   Auth.as_bot
+  @setup_approved = true
   # we need bot authority to set the initial administrator roles
   # this is granted and inspected here as a separate event for
   # flexibility and security when configuring initial setups
 end
 
-event :setup_first_user, :prepare_to_store, on: :create, when: :setup? do
+event :setup_first_user, :finalize, on: :create, when: :setup? do
   subcard %i[signup_alert_email to].cardname, content: name
-  roles_for_first_user.each do |role|
-    subcard [role, :members], content: name
+  basket[:roles_for_first_user].map(&:cardname).each do |role|
+    subcard [role, :members].cardname, content: name
   end
 end
 
-def roles_for_first_user
-  %i[help_desk shark administrator].map(&:cardname)
-end
-
 event :signin_after_setup, :integrate, on: :create, when: :setup? do
   Auth.signin id
 end
+
+private
+
+def setup?
+  @setup_approved == true
+end

data/set/type_plus_right/cardtype/account.rb

@@ -0,0 +1,5 @@
+# needed because of the present of Set cards like Signup+account, which
+# are not true account cards.
+def own_account?
+  false
+end

data/set/type_plus_right/role/members.rb

@@ -1,3 +1,5 @@
+include_set Abstract::IdList
+
 assign_type :list
 
 event :update_role_cache, :finalize do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: card-mod-account
 version: !ruby/object:Gem::Version
-  version: 0.15.6
+  version: 0.17.0
 platform: ruby
 authors:
 - Ethan McCutchen
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-02 00:00:00.000000000 Z
+date: 2024-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: card
@@ -18,84 +18,84 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.105.6
+        version: 1.107.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.105.6
+        version: 1.107.0
 - !ruby/object:Gem::Dependency
   name: card-mod-email
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
 - !ruby/object:Gem::Dependency
   name: card-mod-permissions
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
 - !ruby/object:Gem::Dependency
   name: card-mod-list
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
 - !ruby/object:Gem::Dependency
   name: card-mod-integrate
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
 - !ruby/object:Gem::Dependency
   name: card-mod-edit
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.15.6
+        version: 0.17.0
 description: ''
 email:
 - info@decko.org
@@ -103,15 +103,23 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE
 - README.md
+- assets/script/toggle_visibility.js.coffee
 - assets/style/account.scss
+- config/admin.yml
 - config/locales/de.yml
 - config/locales/en.yml
+- data/files/mod_account_script_asset_output/file.js
 - data/real.yml
-- db/migrate_core_cards/20220815112551_move_roles.rb
+- data/transform/20220815112551_move_roles.rb
+- data/transform/20240510141851_member_ids.rb
+- lib/card/mod/account.rb
 - set/abstract/account_field.rb
-- set/abstract/accountable.rb
+- set/abstract/account_holder.rb
 - set/all/account.rb
+- set/all/password_input.haml
+- set/all/password_input.rb
 - set/right/account.rb
 - set/right/account/events.rb
 - set/right/account/views.rb
@@ -120,15 +128,18 @@ files:
 - set/right/roles.rb
 - set/right/salt.rb
 - set/right/status.rb
+- set/self/anonymous.rb
 - set/self/role.rb
 - set/self/signin.rb
 - set/self/signin/core.haml
+- set/self/wagn_bot.rb
 - set/type/role.rb
 - set/type/signup.rb
 - set/type/signup/core.haml
 - set/type/signup/views.rb
 - set/type/user.rb
 - set/type/user/setup_help.haml
+- set/type_plus_right/cardtype/account.rb
 - set/type_plus_right/role/members.rb
 - set/type_plus_right/user/email.rb
 homepage: https://decko.org
@@ -150,14 +161,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.33
+rubygems_version: 3.5.10
 signing_key:
 specification_version: 4
 summary: Email-based account handling for decko cards

data/set/abstract/accountable.rb

@@ -1,54 +0,0 @@
-def account
-  fetch :account, new: {}
-end
-
-def default_account_status
-  "active"
-end
-
-def current_account?
-  id && Auth.current_id == id
-end
-
-format :html do
-  def default_board_tab
-    card.current_account? ? :account_tab : super
-  end
-
-  view :account_tab do
-    board_pill_sections "Account" do
-      [["Settings", account_details_items],
-       ["Content", account_content_items]]
-    end
-  end
-
-  def show_account_tab?
-    card.account.real?
-  end
-
-  def account_formgroups
-    Auth.as_bot do
-      subformat(card.account)._render :content_formgroups, structure: true
-    end
-  end
-
-  def account_details_items
-    [
-      ["Email and Password", :account,
-       { path: { slot: { hide: %i[help_link board_link] } } }],
-      ["Roles", :roles,
-       { path:  { view: :content } }],
-      ["Notifications", :follow],
-      # FIXME: this should be added in api_key mod!
-      ["API", :account,
-       { path: { view: :api_key,
-                 items: { view: :content },
-                 slot: { hide: %i[help_link board_link] } } }]
-    ]
-  end
-
-  def account_content_items
-    [["Created", :created],
-     ["Edited", :edited]]
-  end
-end